1 /* 2 * Linux NET3: Internet Group Management Protocol [IGMP] 3 * 4 * This code implements the IGMP protocol as defined in RFC1112. There has 5 * been a further revision of this protocol since which is now supported. 6 * 7 * If you have trouble with this module be careful what gcc you have used, 8 * the older version didn't come out right using gcc 2.5.8, the newer one 9 * seems to fall out with gcc 2.6.2. 10 * 11 * Authors: 12 * Alan Cox <alan@lxorguk.ukuu.org.uk> 13 * 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License 16 * as published by the Free Software Foundation; either version 17 * 2 of the License, or (at your option) any later version. 18 * 19 * Fixes: 20 * 21 * Alan Cox : Added lots of __inline__ to optimise 22 * the memory usage of all the tiny little 23 * functions. 24 * Alan Cox : Dumped the header building experiment. 25 * Alan Cox : Minor tweaks ready for multicast routing 26 * and extended IGMP protocol. 27 * Alan Cox : Removed a load of inline directives. Gcc 2.5.8 28 * writes utterly bogus code otherwise (sigh) 29 * fixed IGMP loopback to behave in the manner 30 * desired by mrouted, fixed the fact it has been 31 * broken since 1.3.6 and cleaned up a few minor 32 * points. 33 * 34 * Chih-Jen Chang : Tried to revise IGMP to Version 2 35 * Tsu-Sheng Tsao E-mail: chihjenc@scf.usc.edu and tsusheng@scf.usc.edu 36 * The enhancements are mainly based on Steve Deering's 37 * ipmulti-3.5 source code. 38 * Chih-Jen Chang : Added the igmp_get_mrouter_info and 39 * Tsu-Sheng Tsao igmp_set_mrouter_info to keep track of 40 * the mrouted version on that device. 41 * Chih-Jen Chang : Added the max_resp_time parameter to 42 * Tsu-Sheng Tsao igmp_heard_query(). Using this parameter 43 * to identify the multicast router version 44 * and do what the IGMP version 2 specified. 45 * Chih-Jen Chang : Added a timer to revert to IGMP V2 router 46 * Tsu-Sheng Tsao if the specified time expired. 47 * Alan Cox : Stop IGMP from 0.0.0.0 being accepted. 48 * Alan Cox : Use GFP_ATOMIC in the right places. 49 * Christian Daudt : igmp timer wasn't set for local group 50 * memberships but was being deleted, 51 * which caused a "del_timer() called 52 * from %p with timer not initialized\n" 53 * message (960131). 54 * Christian Daudt : removed del_timer from 55 * igmp_timer_expire function (960205). 56 * Christian Daudt : igmp_heard_report now only calls 57 * igmp_timer_expire if tm->running is 58 * true (960216). 59 * Malcolm Beattie : ttl comparison wrong in igmp_rcv made 60 * igmp_heard_query never trigger. Expiry 61 * miscalculation fixed in igmp_heard_query 62 * and random() made to return unsigned to 63 * prevent negative expiry times. 64 * Alexey Kuznetsov: Wrong group leaving behaviour, backport 65 * fix from pending 2.1.x patches. 66 * Alan Cox: Forget to enable FDDI support earlier. 67 * Alexey Kuznetsov: Fixed leaving groups on device down. 68 * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. 69 * David L Stevens: IGMPv3 support, with help from 70 * Vinay Kulkarni 71 */ 72 73 #include <linux/module.h> 74 #include <linux/slab.h> 75 #include <linux/uaccess.h> 76 #include <linux/types.h> 77 #include <linux/kernel.h> 78 #include <linux/jiffies.h> 79 #include <linux/string.h> 80 #include <linux/socket.h> 81 #include <linux/sockios.h> 82 #include <linux/in.h> 83 #include <linux/inet.h> 84 #include <linux/netdevice.h> 85 #include <linux/skbuff.h> 86 #include <linux/inetdevice.h> 87 #include <linux/igmp.h> 88 #include <linux/if_arp.h> 89 #include <linux/rtnetlink.h> 90 #include <linux/times.h> 91 #include <linux/pkt_sched.h> 92 #include <linux/byteorder/generic.h> 93 94 #include <net/net_namespace.h> 95 #include <net/arp.h> 96 #include <net/ip.h> 97 #include <net/protocol.h> 98 #include <net/route.h> 99 #include <net/sock.h> 100 #include <net/checksum.h> 101 #include <net/inet_common.h> 102 #include <linux/netfilter_ipv4.h> 103 #ifdef CONFIG_IP_MROUTE 104 #include <linux/mroute.h> 105 #endif 106 #ifdef CONFIG_PROC_FS 107 #include <linux/proc_fs.h> 108 #include <linux/seq_file.h> 109 #endif 110 111 #ifdef CONFIG_IP_MULTICAST 112 /* Parameter names and values are taken from igmp-v2-06 draft */ 113 114 #define IGMP_V1_ROUTER_PRESENT_TIMEOUT (400*HZ) 115 #define IGMP_V2_ROUTER_PRESENT_TIMEOUT (400*HZ) 116 #define IGMP_V2_UNSOLICITED_REPORT_INTERVAL (10*HZ) 117 #define IGMP_V3_UNSOLICITED_REPORT_INTERVAL (1*HZ) 118 #define IGMP_QUERY_RESPONSE_INTERVAL (10*HZ) 119 #define IGMP_QUERY_ROBUSTNESS_VARIABLE 2 120 121 122 #define IGMP_INITIAL_REPORT_DELAY (1) 123 124 /* IGMP_INITIAL_REPORT_DELAY is not from IGMP specs! 125 * IGMP specs require to report membership immediately after 126 * joining a group, but we delay the first report by a 127 * small interval. It seems more natural and still does not 128 * contradict to specs provided this delay is small enough. 129 */ 130 131 #define IGMP_V1_SEEN(in_dev) \ 132 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 1 || \ 133 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 1 || \ 134 ((in_dev)->mr_v1_seen && \ 135 time_before(jiffies, (in_dev)->mr_v1_seen))) 136 #define IGMP_V2_SEEN(in_dev) \ 137 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 2 || \ 138 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 2 || \ 139 ((in_dev)->mr_v2_seen && \ 140 time_before(jiffies, (in_dev)->mr_v2_seen))) 141 142 static int unsolicited_report_interval(struct in_device *in_dev) 143 { 144 int interval_ms, interval_jiffies; 145 146 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) 147 interval_ms = IN_DEV_CONF_GET( 148 in_dev, 149 IGMPV2_UNSOLICITED_REPORT_INTERVAL); 150 else /* v3 */ 151 interval_ms = IN_DEV_CONF_GET( 152 in_dev, 153 IGMPV3_UNSOLICITED_REPORT_INTERVAL); 154 155 interval_jiffies = msecs_to_jiffies(interval_ms); 156 157 /* _timer functions can't handle a delay of 0 jiffies so ensure 158 * we always return a positive value. 159 */ 160 if (interval_jiffies <= 0) 161 interval_jiffies = 1; 162 return interval_jiffies; 163 } 164 165 static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im); 166 static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im); 167 static void igmpv3_clear_delrec(struct in_device *in_dev); 168 static int sf_setstate(struct ip_mc_list *pmc); 169 static void sf_markstate(struct ip_mc_list *pmc); 170 #endif 171 static void ip_mc_clear_src(struct ip_mc_list *pmc); 172 static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 173 int sfcount, __be32 *psfsrc, int delta); 174 175 static void ip_ma_put(struct ip_mc_list *im) 176 { 177 if (refcount_dec_and_test(&im->refcnt)) { 178 in_dev_put(im->interface); 179 kfree_rcu(im, rcu); 180 } 181 } 182 183 #define for_each_pmc_rcu(in_dev, pmc) \ 184 for (pmc = rcu_dereference(in_dev->mc_list); \ 185 pmc != NULL; \ 186 pmc = rcu_dereference(pmc->next_rcu)) 187 188 #define for_each_pmc_rtnl(in_dev, pmc) \ 189 for (pmc = rtnl_dereference(in_dev->mc_list); \ 190 pmc != NULL; \ 191 pmc = rtnl_dereference(pmc->next_rcu)) 192 193 #ifdef CONFIG_IP_MULTICAST 194 195 /* 196 * Timer management 197 */ 198 199 static void igmp_stop_timer(struct ip_mc_list *im) 200 { 201 spin_lock_bh(&im->lock); 202 if (del_timer(&im->timer)) 203 refcount_dec(&im->refcnt); 204 im->tm_running = 0; 205 im->reporter = 0; 206 im->unsolicit_count = 0; 207 spin_unlock_bh(&im->lock); 208 } 209 210 /* It must be called with locked im->lock */ 211 static void igmp_start_timer(struct ip_mc_list *im, int max_delay) 212 { 213 int tv = prandom_u32() % max_delay; 214 215 im->tm_running = 1; 216 if (!mod_timer(&im->timer, jiffies+tv+2)) 217 refcount_inc(&im->refcnt); 218 } 219 220 static void igmp_gq_start_timer(struct in_device *in_dev) 221 { 222 int tv = prandom_u32() % in_dev->mr_maxdelay; 223 unsigned long exp = jiffies + tv + 2; 224 225 if (in_dev->mr_gq_running && 226 time_after_eq(exp, (in_dev->mr_gq_timer).expires)) 227 return; 228 229 in_dev->mr_gq_running = 1; 230 if (!mod_timer(&in_dev->mr_gq_timer, exp)) 231 in_dev_hold(in_dev); 232 } 233 234 static void igmp_ifc_start_timer(struct in_device *in_dev, int delay) 235 { 236 int tv = prandom_u32() % delay; 237 238 if (!mod_timer(&in_dev->mr_ifc_timer, jiffies+tv+2)) 239 in_dev_hold(in_dev); 240 } 241 242 static void igmp_mod_timer(struct ip_mc_list *im, int max_delay) 243 { 244 spin_lock_bh(&im->lock); 245 im->unsolicit_count = 0; 246 if (del_timer(&im->timer)) { 247 if ((long)(im->timer.expires-jiffies) < max_delay) { 248 add_timer(&im->timer); 249 im->tm_running = 1; 250 spin_unlock_bh(&im->lock); 251 return; 252 } 253 refcount_dec(&im->refcnt); 254 } 255 igmp_start_timer(im, max_delay); 256 spin_unlock_bh(&im->lock); 257 } 258 259 260 /* 261 * Send an IGMP report. 262 */ 263 264 #define IGMP_SIZE (sizeof(struct igmphdr)+sizeof(struct iphdr)+4) 265 266 267 static int is_in(struct ip_mc_list *pmc, struct ip_sf_list *psf, int type, 268 int gdeleted, int sdeleted) 269 { 270 switch (type) { 271 case IGMPV3_MODE_IS_INCLUDE: 272 case IGMPV3_MODE_IS_EXCLUDE: 273 if (gdeleted || sdeleted) 274 return 0; 275 if (!(pmc->gsquery && !psf->sf_gsresp)) { 276 if (pmc->sfmode == MCAST_INCLUDE) 277 return 1; 278 /* don't include if this source is excluded 279 * in all filters 280 */ 281 if (psf->sf_count[MCAST_INCLUDE]) 282 return type == IGMPV3_MODE_IS_INCLUDE; 283 return pmc->sfcount[MCAST_EXCLUDE] == 284 psf->sf_count[MCAST_EXCLUDE]; 285 } 286 return 0; 287 case IGMPV3_CHANGE_TO_INCLUDE: 288 if (gdeleted || sdeleted) 289 return 0; 290 return psf->sf_count[MCAST_INCLUDE] != 0; 291 case IGMPV3_CHANGE_TO_EXCLUDE: 292 if (gdeleted || sdeleted) 293 return 0; 294 if (pmc->sfcount[MCAST_EXCLUDE] == 0 || 295 psf->sf_count[MCAST_INCLUDE]) 296 return 0; 297 return pmc->sfcount[MCAST_EXCLUDE] == 298 psf->sf_count[MCAST_EXCLUDE]; 299 case IGMPV3_ALLOW_NEW_SOURCES: 300 if (gdeleted || !psf->sf_crcount) 301 return 0; 302 return (pmc->sfmode == MCAST_INCLUDE) ^ sdeleted; 303 case IGMPV3_BLOCK_OLD_SOURCES: 304 if (pmc->sfmode == MCAST_INCLUDE) 305 return gdeleted || (psf->sf_crcount && sdeleted); 306 return psf->sf_crcount && !gdeleted && !sdeleted; 307 } 308 return 0; 309 } 310 311 static int 312 igmp_scount(struct ip_mc_list *pmc, int type, int gdeleted, int sdeleted) 313 { 314 struct ip_sf_list *psf; 315 int scount = 0; 316 317 for (psf = pmc->sources; psf; psf = psf->sf_next) { 318 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) 319 continue; 320 scount++; 321 } 322 return scount; 323 } 324 325 /* source address selection per RFC 3376 section 4.2.13 */ 326 static __be32 igmpv3_get_srcaddr(struct net_device *dev, 327 const struct flowi4 *fl4) 328 { 329 struct in_device *in_dev = __in_dev_get_rcu(dev); 330 331 if (!in_dev) 332 return htonl(INADDR_ANY); 333 334 for_ifa(in_dev) { 335 if (fl4->saddr == ifa->ifa_local) 336 return fl4->saddr; 337 } endfor_ifa(in_dev); 338 339 return htonl(INADDR_ANY); 340 } 341 342 static struct sk_buff *igmpv3_newpack(struct net_device *dev, unsigned int mtu) 343 { 344 struct sk_buff *skb; 345 struct rtable *rt; 346 struct iphdr *pip; 347 struct igmpv3_report *pig; 348 struct net *net = dev_net(dev); 349 struct flowi4 fl4; 350 int hlen = LL_RESERVED_SPACE(dev); 351 int tlen = dev->needed_tailroom; 352 unsigned int size = mtu; 353 354 while (1) { 355 skb = alloc_skb(size + hlen + tlen, 356 GFP_ATOMIC | __GFP_NOWARN); 357 if (skb) 358 break; 359 size >>= 1; 360 if (size < 256) 361 return NULL; 362 } 363 skb->priority = TC_PRIO_CONTROL; 364 365 rt = ip_route_output_ports(net, &fl4, NULL, IGMPV3_ALL_MCR, 0, 366 0, 0, 367 IPPROTO_IGMP, 0, dev->ifindex); 368 if (IS_ERR(rt)) { 369 kfree_skb(skb); 370 return NULL; 371 } 372 373 skb_dst_set(skb, &rt->dst); 374 skb->dev = dev; 375 376 skb_reserve(skb, hlen); 377 skb_tailroom_reserve(skb, mtu, tlen); 378 379 skb_reset_network_header(skb); 380 pip = ip_hdr(skb); 381 skb_put(skb, sizeof(struct iphdr) + 4); 382 383 pip->version = 4; 384 pip->ihl = (sizeof(struct iphdr)+4)>>2; 385 pip->tos = 0xc0; 386 pip->frag_off = htons(IP_DF); 387 pip->ttl = 1; 388 pip->daddr = fl4.daddr; 389 390 rcu_read_lock(); 391 pip->saddr = igmpv3_get_srcaddr(dev, &fl4); 392 rcu_read_unlock(); 393 394 pip->protocol = IPPROTO_IGMP; 395 pip->tot_len = 0; /* filled in later */ 396 ip_select_ident(net, skb, NULL); 397 ((u8 *)&pip[1])[0] = IPOPT_RA; 398 ((u8 *)&pip[1])[1] = 4; 399 ((u8 *)&pip[1])[2] = 0; 400 ((u8 *)&pip[1])[3] = 0; 401 402 skb->transport_header = skb->network_header + sizeof(struct iphdr) + 4; 403 skb_put(skb, sizeof(*pig)); 404 pig = igmpv3_report_hdr(skb); 405 pig->type = IGMPV3_HOST_MEMBERSHIP_REPORT; 406 pig->resv1 = 0; 407 pig->csum = 0; 408 pig->resv2 = 0; 409 pig->ngrec = 0; 410 return skb; 411 } 412 413 static int igmpv3_sendpack(struct sk_buff *skb) 414 { 415 struct igmphdr *pig = igmp_hdr(skb); 416 const int igmplen = skb_tail_pointer(skb) - skb_transport_header(skb); 417 418 pig->csum = ip_compute_csum(igmp_hdr(skb), igmplen); 419 420 return ip_local_out(dev_net(skb_dst(skb)->dev), skb->sk, skb); 421 } 422 423 static int grec_size(struct ip_mc_list *pmc, int type, int gdel, int sdel) 424 { 425 return sizeof(struct igmpv3_grec) + 4*igmp_scount(pmc, type, gdel, sdel); 426 } 427 428 static struct sk_buff *add_grhead(struct sk_buff *skb, struct ip_mc_list *pmc, 429 int type, struct igmpv3_grec **ppgr, unsigned int mtu) 430 { 431 struct net_device *dev = pmc->interface->dev; 432 struct igmpv3_report *pih; 433 struct igmpv3_grec *pgr; 434 435 if (!skb) { 436 skb = igmpv3_newpack(dev, mtu); 437 if (!skb) 438 return NULL; 439 } 440 pgr = skb_put(skb, sizeof(struct igmpv3_grec)); 441 pgr->grec_type = type; 442 pgr->grec_auxwords = 0; 443 pgr->grec_nsrcs = 0; 444 pgr->grec_mca = pmc->multiaddr; 445 pih = igmpv3_report_hdr(skb); 446 pih->ngrec = htons(ntohs(pih->ngrec)+1); 447 *ppgr = pgr; 448 return skb; 449 } 450 451 #define AVAILABLE(skb) ((skb) ? skb_availroom(skb) : 0) 452 453 static struct sk_buff *add_grec(struct sk_buff *skb, struct ip_mc_list *pmc, 454 int type, int gdeleted, int sdeleted) 455 { 456 struct net_device *dev = pmc->interface->dev; 457 struct net *net = dev_net(dev); 458 struct igmpv3_report *pih; 459 struct igmpv3_grec *pgr = NULL; 460 struct ip_sf_list *psf, *psf_next, *psf_prev, **psf_list; 461 int scount, stotal, first, isquery, truncate; 462 unsigned int mtu; 463 464 if (pmc->multiaddr == IGMP_ALL_HOSTS) 465 return skb; 466 if (ipv4_is_local_multicast(pmc->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 467 return skb; 468 469 mtu = READ_ONCE(dev->mtu); 470 if (mtu < IPV4_MIN_MTU) 471 return skb; 472 473 isquery = type == IGMPV3_MODE_IS_INCLUDE || 474 type == IGMPV3_MODE_IS_EXCLUDE; 475 truncate = type == IGMPV3_MODE_IS_EXCLUDE || 476 type == IGMPV3_CHANGE_TO_EXCLUDE; 477 478 stotal = scount = 0; 479 480 psf_list = sdeleted ? &pmc->tomb : &pmc->sources; 481 482 if (!*psf_list) 483 goto empty_source; 484 485 pih = skb ? igmpv3_report_hdr(skb) : NULL; 486 487 /* EX and TO_EX get a fresh packet, if needed */ 488 if (truncate) { 489 if (pih && pih->ngrec && 490 AVAILABLE(skb) < grec_size(pmc, type, gdeleted, sdeleted)) { 491 if (skb) 492 igmpv3_sendpack(skb); 493 skb = igmpv3_newpack(dev, mtu); 494 } 495 } 496 first = 1; 497 psf_prev = NULL; 498 for (psf = *psf_list; psf; psf = psf_next) { 499 __be32 *psrc; 500 501 psf_next = psf->sf_next; 502 503 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) { 504 psf_prev = psf; 505 continue; 506 } 507 508 /* Based on RFC3376 5.1. Should not send source-list change 509 * records when there is a filter mode change. 510 */ 511 if (((gdeleted && pmc->sfmode == MCAST_EXCLUDE) || 512 (!gdeleted && pmc->crcount)) && 513 (type == IGMPV3_ALLOW_NEW_SOURCES || 514 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) 515 goto decrease_sf_crcount; 516 517 /* clear marks on query responses */ 518 if (isquery) 519 psf->sf_gsresp = 0; 520 521 if (AVAILABLE(skb) < sizeof(__be32) + 522 first*sizeof(struct igmpv3_grec)) { 523 if (truncate && !first) 524 break; /* truncate these */ 525 if (pgr) 526 pgr->grec_nsrcs = htons(scount); 527 if (skb) 528 igmpv3_sendpack(skb); 529 skb = igmpv3_newpack(dev, mtu); 530 first = 1; 531 scount = 0; 532 } 533 if (first) { 534 skb = add_grhead(skb, pmc, type, &pgr, mtu); 535 first = 0; 536 } 537 if (!skb) 538 return NULL; 539 psrc = skb_put(skb, sizeof(__be32)); 540 *psrc = psf->sf_inaddr; 541 scount++; stotal++; 542 if ((type == IGMPV3_ALLOW_NEW_SOURCES || 543 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) { 544 decrease_sf_crcount: 545 psf->sf_crcount--; 546 if ((sdeleted || gdeleted) && psf->sf_crcount == 0) { 547 if (psf_prev) 548 psf_prev->sf_next = psf->sf_next; 549 else 550 *psf_list = psf->sf_next; 551 kfree(psf); 552 continue; 553 } 554 } 555 psf_prev = psf; 556 } 557 558 empty_source: 559 if (!stotal) { 560 if (type == IGMPV3_ALLOW_NEW_SOURCES || 561 type == IGMPV3_BLOCK_OLD_SOURCES) 562 return skb; 563 if (pmc->crcount || isquery) { 564 /* make sure we have room for group header */ 565 if (skb && AVAILABLE(skb) < sizeof(struct igmpv3_grec)) { 566 igmpv3_sendpack(skb); 567 skb = NULL; /* add_grhead will get a new one */ 568 } 569 skb = add_grhead(skb, pmc, type, &pgr, mtu); 570 } 571 } 572 if (pgr) 573 pgr->grec_nsrcs = htons(scount); 574 575 if (isquery) 576 pmc->gsquery = 0; /* clear query state on report */ 577 return skb; 578 } 579 580 static int igmpv3_send_report(struct in_device *in_dev, struct ip_mc_list *pmc) 581 { 582 struct sk_buff *skb = NULL; 583 struct net *net = dev_net(in_dev->dev); 584 int type; 585 586 if (!pmc) { 587 rcu_read_lock(); 588 for_each_pmc_rcu(in_dev, pmc) { 589 if (pmc->multiaddr == IGMP_ALL_HOSTS) 590 continue; 591 if (ipv4_is_local_multicast(pmc->multiaddr) && 592 !net->ipv4.sysctl_igmp_llm_reports) 593 continue; 594 spin_lock_bh(&pmc->lock); 595 if (pmc->sfcount[MCAST_EXCLUDE]) 596 type = IGMPV3_MODE_IS_EXCLUDE; 597 else 598 type = IGMPV3_MODE_IS_INCLUDE; 599 skb = add_grec(skb, pmc, type, 0, 0); 600 spin_unlock_bh(&pmc->lock); 601 } 602 rcu_read_unlock(); 603 } else { 604 spin_lock_bh(&pmc->lock); 605 if (pmc->sfcount[MCAST_EXCLUDE]) 606 type = IGMPV3_MODE_IS_EXCLUDE; 607 else 608 type = IGMPV3_MODE_IS_INCLUDE; 609 skb = add_grec(skb, pmc, type, 0, 0); 610 spin_unlock_bh(&pmc->lock); 611 } 612 if (!skb) 613 return 0; 614 return igmpv3_sendpack(skb); 615 } 616 617 /* 618 * remove zero-count source records from a source filter list 619 */ 620 static void igmpv3_clear_zeros(struct ip_sf_list **ppsf) 621 { 622 struct ip_sf_list *psf_prev, *psf_next, *psf; 623 624 psf_prev = NULL; 625 for (psf = *ppsf; psf; psf = psf_next) { 626 psf_next = psf->sf_next; 627 if (psf->sf_crcount == 0) { 628 if (psf_prev) 629 psf_prev->sf_next = psf->sf_next; 630 else 631 *ppsf = psf->sf_next; 632 kfree(psf); 633 } else 634 psf_prev = psf; 635 } 636 } 637 638 static void igmpv3_send_cr(struct in_device *in_dev) 639 { 640 struct ip_mc_list *pmc, *pmc_prev, *pmc_next; 641 struct sk_buff *skb = NULL; 642 int type, dtype; 643 644 rcu_read_lock(); 645 spin_lock_bh(&in_dev->mc_tomb_lock); 646 647 /* deleted MCA's */ 648 pmc_prev = NULL; 649 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc_next) { 650 pmc_next = pmc->next; 651 if (pmc->sfmode == MCAST_INCLUDE) { 652 type = IGMPV3_BLOCK_OLD_SOURCES; 653 dtype = IGMPV3_BLOCK_OLD_SOURCES; 654 skb = add_grec(skb, pmc, type, 1, 0); 655 skb = add_grec(skb, pmc, dtype, 1, 1); 656 } 657 if (pmc->crcount) { 658 if (pmc->sfmode == MCAST_EXCLUDE) { 659 type = IGMPV3_CHANGE_TO_INCLUDE; 660 skb = add_grec(skb, pmc, type, 1, 0); 661 } 662 pmc->crcount--; 663 if (pmc->crcount == 0) { 664 igmpv3_clear_zeros(&pmc->tomb); 665 igmpv3_clear_zeros(&pmc->sources); 666 } 667 } 668 if (pmc->crcount == 0 && !pmc->tomb && !pmc->sources) { 669 if (pmc_prev) 670 pmc_prev->next = pmc_next; 671 else 672 in_dev->mc_tomb = pmc_next; 673 in_dev_put(pmc->interface); 674 kfree(pmc); 675 } else 676 pmc_prev = pmc; 677 } 678 spin_unlock_bh(&in_dev->mc_tomb_lock); 679 680 /* change recs */ 681 for_each_pmc_rcu(in_dev, pmc) { 682 spin_lock_bh(&pmc->lock); 683 if (pmc->sfcount[MCAST_EXCLUDE]) { 684 type = IGMPV3_BLOCK_OLD_SOURCES; 685 dtype = IGMPV3_ALLOW_NEW_SOURCES; 686 } else { 687 type = IGMPV3_ALLOW_NEW_SOURCES; 688 dtype = IGMPV3_BLOCK_OLD_SOURCES; 689 } 690 skb = add_grec(skb, pmc, type, 0, 0); 691 skb = add_grec(skb, pmc, dtype, 0, 1); /* deleted sources */ 692 693 /* filter mode changes */ 694 if (pmc->crcount) { 695 if (pmc->sfmode == MCAST_EXCLUDE) 696 type = IGMPV3_CHANGE_TO_EXCLUDE; 697 else 698 type = IGMPV3_CHANGE_TO_INCLUDE; 699 skb = add_grec(skb, pmc, type, 0, 0); 700 pmc->crcount--; 701 } 702 spin_unlock_bh(&pmc->lock); 703 } 704 rcu_read_unlock(); 705 706 if (!skb) 707 return; 708 (void) igmpv3_sendpack(skb); 709 } 710 711 static int igmp_send_report(struct in_device *in_dev, struct ip_mc_list *pmc, 712 int type) 713 { 714 struct sk_buff *skb; 715 struct iphdr *iph; 716 struct igmphdr *ih; 717 struct rtable *rt; 718 struct net_device *dev = in_dev->dev; 719 struct net *net = dev_net(dev); 720 __be32 group = pmc ? pmc->multiaddr : 0; 721 struct flowi4 fl4; 722 __be32 dst; 723 int hlen, tlen; 724 725 if (type == IGMPV3_HOST_MEMBERSHIP_REPORT) 726 return igmpv3_send_report(in_dev, pmc); 727 728 if (ipv4_is_local_multicast(group) && !net->ipv4.sysctl_igmp_llm_reports) 729 return 0; 730 731 if (type == IGMP_HOST_LEAVE_MESSAGE) 732 dst = IGMP_ALL_ROUTER; 733 else 734 dst = group; 735 736 rt = ip_route_output_ports(net, &fl4, NULL, dst, 0, 737 0, 0, 738 IPPROTO_IGMP, 0, dev->ifindex); 739 if (IS_ERR(rt)) 740 return -1; 741 742 hlen = LL_RESERVED_SPACE(dev); 743 tlen = dev->needed_tailroom; 744 skb = alloc_skb(IGMP_SIZE + hlen + tlen, GFP_ATOMIC); 745 if (!skb) { 746 ip_rt_put(rt); 747 return -1; 748 } 749 skb->priority = TC_PRIO_CONTROL; 750 751 skb_dst_set(skb, &rt->dst); 752 753 skb_reserve(skb, hlen); 754 755 skb_reset_network_header(skb); 756 iph = ip_hdr(skb); 757 skb_put(skb, sizeof(struct iphdr) + 4); 758 759 iph->version = 4; 760 iph->ihl = (sizeof(struct iphdr)+4)>>2; 761 iph->tos = 0xc0; 762 iph->frag_off = htons(IP_DF); 763 iph->ttl = 1; 764 iph->daddr = dst; 765 iph->saddr = fl4.saddr; 766 iph->protocol = IPPROTO_IGMP; 767 ip_select_ident(net, skb, NULL); 768 ((u8 *)&iph[1])[0] = IPOPT_RA; 769 ((u8 *)&iph[1])[1] = 4; 770 ((u8 *)&iph[1])[2] = 0; 771 ((u8 *)&iph[1])[3] = 0; 772 773 ih = skb_put(skb, sizeof(struct igmphdr)); 774 ih->type = type; 775 ih->code = 0; 776 ih->csum = 0; 777 ih->group = group; 778 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr)); 779 780 return ip_local_out(net, skb->sk, skb); 781 } 782 783 static void igmp_gq_timer_expire(struct timer_list *t) 784 { 785 struct in_device *in_dev = from_timer(in_dev, t, mr_gq_timer); 786 787 in_dev->mr_gq_running = 0; 788 igmpv3_send_report(in_dev, NULL); 789 in_dev_put(in_dev); 790 } 791 792 static void igmp_ifc_timer_expire(struct timer_list *t) 793 { 794 struct in_device *in_dev = from_timer(in_dev, t, mr_ifc_timer); 795 796 igmpv3_send_cr(in_dev); 797 if (in_dev->mr_ifc_count) { 798 in_dev->mr_ifc_count--; 799 igmp_ifc_start_timer(in_dev, 800 unsolicited_report_interval(in_dev)); 801 } 802 in_dev_put(in_dev); 803 } 804 805 static void igmp_ifc_event(struct in_device *in_dev) 806 { 807 struct net *net = dev_net(in_dev->dev); 808 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) 809 return; 810 in_dev->mr_ifc_count = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 811 igmp_ifc_start_timer(in_dev, 1); 812 } 813 814 815 static void igmp_timer_expire(struct timer_list *t) 816 { 817 struct ip_mc_list *im = from_timer(im, t, timer); 818 struct in_device *in_dev = im->interface; 819 820 spin_lock(&im->lock); 821 im->tm_running = 0; 822 823 if (im->unsolicit_count && --im->unsolicit_count) 824 igmp_start_timer(im, unsolicited_report_interval(in_dev)); 825 826 im->reporter = 1; 827 spin_unlock(&im->lock); 828 829 if (IGMP_V1_SEEN(in_dev)) 830 igmp_send_report(in_dev, im, IGMP_HOST_MEMBERSHIP_REPORT); 831 else if (IGMP_V2_SEEN(in_dev)) 832 igmp_send_report(in_dev, im, IGMPV2_HOST_MEMBERSHIP_REPORT); 833 else 834 igmp_send_report(in_dev, im, IGMPV3_HOST_MEMBERSHIP_REPORT); 835 836 ip_ma_put(im); 837 } 838 839 /* mark EXCLUDE-mode sources */ 840 static int igmp_xmarksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs) 841 { 842 struct ip_sf_list *psf; 843 int i, scount; 844 845 scount = 0; 846 for (psf = pmc->sources; psf; psf = psf->sf_next) { 847 if (scount == nsrcs) 848 break; 849 for (i = 0; i < nsrcs; i++) { 850 /* skip inactive filters */ 851 if (psf->sf_count[MCAST_INCLUDE] || 852 pmc->sfcount[MCAST_EXCLUDE] != 853 psf->sf_count[MCAST_EXCLUDE]) 854 break; 855 if (srcs[i] == psf->sf_inaddr) { 856 scount++; 857 break; 858 } 859 } 860 } 861 pmc->gsquery = 0; 862 if (scount == nsrcs) /* all sources excluded */ 863 return 0; 864 return 1; 865 } 866 867 static int igmp_marksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs) 868 { 869 struct ip_sf_list *psf; 870 int i, scount; 871 872 if (pmc->sfmode == MCAST_EXCLUDE) 873 return igmp_xmarksources(pmc, nsrcs, srcs); 874 875 /* mark INCLUDE-mode sources */ 876 scount = 0; 877 for (psf = pmc->sources; psf; psf = psf->sf_next) { 878 if (scount == nsrcs) 879 break; 880 for (i = 0; i < nsrcs; i++) 881 if (srcs[i] == psf->sf_inaddr) { 882 psf->sf_gsresp = 1; 883 scount++; 884 break; 885 } 886 } 887 if (!scount) { 888 pmc->gsquery = 0; 889 return 0; 890 } 891 pmc->gsquery = 1; 892 return 1; 893 } 894 895 /* return true if packet was dropped */ 896 static bool igmp_heard_report(struct in_device *in_dev, __be32 group) 897 { 898 struct ip_mc_list *im; 899 struct net *net = dev_net(in_dev->dev); 900 901 /* Timers are only set for non-local groups */ 902 903 if (group == IGMP_ALL_HOSTS) 904 return false; 905 if (ipv4_is_local_multicast(group) && !net->ipv4.sysctl_igmp_llm_reports) 906 return false; 907 908 rcu_read_lock(); 909 for_each_pmc_rcu(in_dev, im) { 910 if (im->multiaddr == group) { 911 igmp_stop_timer(im); 912 break; 913 } 914 } 915 rcu_read_unlock(); 916 return false; 917 } 918 919 /* return true if packet was dropped */ 920 static bool igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb, 921 int len) 922 { 923 struct igmphdr *ih = igmp_hdr(skb); 924 struct igmpv3_query *ih3 = igmpv3_query_hdr(skb); 925 struct ip_mc_list *im; 926 __be32 group = ih->group; 927 int max_delay; 928 int mark = 0; 929 struct net *net = dev_net(in_dev->dev); 930 931 932 if (len == 8) { 933 if (ih->code == 0) { 934 /* Alas, old v1 router presents here. */ 935 936 max_delay = IGMP_QUERY_RESPONSE_INTERVAL; 937 in_dev->mr_v1_seen = jiffies + 938 IGMP_V1_ROUTER_PRESENT_TIMEOUT; 939 group = 0; 940 } else { 941 /* v2 router present */ 942 max_delay = ih->code*(HZ/IGMP_TIMER_SCALE); 943 in_dev->mr_v2_seen = jiffies + 944 IGMP_V2_ROUTER_PRESENT_TIMEOUT; 945 } 946 /* cancel the interface change timer */ 947 in_dev->mr_ifc_count = 0; 948 if (del_timer(&in_dev->mr_ifc_timer)) 949 __in_dev_put(in_dev); 950 /* clear deleted report items */ 951 igmpv3_clear_delrec(in_dev); 952 } else if (len < 12) { 953 return true; /* ignore bogus packet; freed by caller */ 954 } else if (IGMP_V1_SEEN(in_dev)) { 955 /* This is a v3 query with v1 queriers present */ 956 max_delay = IGMP_QUERY_RESPONSE_INTERVAL; 957 group = 0; 958 } else if (IGMP_V2_SEEN(in_dev)) { 959 /* this is a v3 query with v2 queriers present; 960 * Interpretation of the max_delay code is problematic here. 961 * A real v2 host would use ih_code directly, while v3 has a 962 * different encoding. We use the v3 encoding as more likely 963 * to be intended in a v3 query. 964 */ 965 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE); 966 if (!max_delay) 967 max_delay = 1; /* can't mod w/ 0 */ 968 } else { /* v3 */ 969 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) 970 return true; 971 972 ih3 = igmpv3_query_hdr(skb); 973 if (ih3->nsrcs) { 974 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query) 975 + ntohs(ih3->nsrcs)*sizeof(__be32))) 976 return true; 977 ih3 = igmpv3_query_hdr(skb); 978 } 979 980 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE); 981 if (!max_delay) 982 max_delay = 1; /* can't mod w/ 0 */ 983 in_dev->mr_maxdelay = max_delay; 984 if (ih3->qrv) 985 in_dev->mr_qrv = ih3->qrv; 986 if (!group) { /* general query */ 987 if (ih3->nsrcs) 988 return true; /* no sources allowed */ 989 igmp_gq_start_timer(in_dev); 990 return false; 991 } 992 /* mark sources to include, if group & source-specific */ 993 mark = ih3->nsrcs != 0; 994 } 995 996 /* 997 * - Start the timers in all of our membership records 998 * that the query applies to for the interface on 999 * which the query arrived excl. those that belong 1000 * to a "local" group (224.0.0.X) 1001 * - For timers already running check if they need to 1002 * be reset. 1003 * - Use the igmp->igmp_code field as the maximum 1004 * delay possible 1005 */ 1006 rcu_read_lock(); 1007 for_each_pmc_rcu(in_dev, im) { 1008 int changed; 1009 1010 if (group && group != im->multiaddr) 1011 continue; 1012 if (im->multiaddr == IGMP_ALL_HOSTS) 1013 continue; 1014 if (ipv4_is_local_multicast(im->multiaddr) && 1015 !net->ipv4.sysctl_igmp_llm_reports) 1016 continue; 1017 spin_lock_bh(&im->lock); 1018 if (im->tm_running) 1019 im->gsquery = im->gsquery && mark; 1020 else 1021 im->gsquery = mark; 1022 changed = !im->gsquery || 1023 igmp_marksources(im, ntohs(ih3->nsrcs), ih3->srcs); 1024 spin_unlock_bh(&im->lock); 1025 if (changed) 1026 igmp_mod_timer(im, max_delay); 1027 } 1028 rcu_read_unlock(); 1029 return false; 1030 } 1031 1032 /* called in rcu_read_lock() section */ 1033 int igmp_rcv(struct sk_buff *skb) 1034 { 1035 /* This basically follows the spec line by line -- see RFC1112 */ 1036 struct igmphdr *ih; 1037 struct net_device *dev = skb->dev; 1038 struct in_device *in_dev; 1039 int len = skb->len; 1040 bool dropped = true; 1041 1042 if (netif_is_l3_master(dev)) { 1043 dev = dev_get_by_index_rcu(dev_net(dev), IPCB(skb)->iif); 1044 if (!dev) 1045 goto drop; 1046 } 1047 1048 in_dev = __in_dev_get_rcu(dev); 1049 if (!in_dev) 1050 goto drop; 1051 1052 if (!pskb_may_pull(skb, sizeof(struct igmphdr))) 1053 goto drop; 1054 1055 if (skb_checksum_simple_validate(skb)) 1056 goto drop; 1057 1058 ih = igmp_hdr(skb); 1059 switch (ih->type) { 1060 case IGMP_HOST_MEMBERSHIP_QUERY: 1061 dropped = igmp_heard_query(in_dev, skb, len); 1062 break; 1063 case IGMP_HOST_MEMBERSHIP_REPORT: 1064 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1065 /* Is it our report looped back? */ 1066 if (rt_is_output_route(skb_rtable(skb))) 1067 break; 1068 /* don't rely on MC router hearing unicast reports */ 1069 if (skb->pkt_type == PACKET_MULTICAST || 1070 skb->pkt_type == PACKET_BROADCAST) 1071 dropped = igmp_heard_report(in_dev, ih->group); 1072 break; 1073 case IGMP_PIM: 1074 #ifdef CONFIG_IP_PIMSM_V1 1075 return pim_rcv_v1(skb); 1076 #endif 1077 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1078 case IGMP_DVMRP: 1079 case IGMP_TRACE: 1080 case IGMP_HOST_LEAVE_MESSAGE: 1081 case IGMP_MTRACE: 1082 case IGMP_MTRACE_RESP: 1083 break; 1084 default: 1085 break; 1086 } 1087 1088 drop: 1089 if (dropped) 1090 kfree_skb(skb); 1091 else 1092 consume_skb(skb); 1093 return 0; 1094 } 1095 1096 #endif 1097 1098 1099 /* 1100 * Add a filter to a device 1101 */ 1102 1103 static void ip_mc_filter_add(struct in_device *in_dev, __be32 addr) 1104 { 1105 char buf[MAX_ADDR_LEN]; 1106 struct net_device *dev = in_dev->dev; 1107 1108 /* Checking for IFF_MULTICAST here is WRONG-WRONG-WRONG. 1109 We will get multicast token leakage, when IFF_MULTICAST 1110 is changed. This check should be done in ndo_set_rx_mode 1111 routine. Something sort of: 1112 if (dev->mc_list && dev->flags&IFF_MULTICAST) { do it; } 1113 --ANK 1114 */ 1115 if (arp_mc_map(addr, buf, dev, 0) == 0) 1116 dev_mc_add(dev, buf); 1117 } 1118 1119 /* 1120 * Remove a filter from a device 1121 */ 1122 1123 static void ip_mc_filter_del(struct in_device *in_dev, __be32 addr) 1124 { 1125 char buf[MAX_ADDR_LEN]; 1126 struct net_device *dev = in_dev->dev; 1127 1128 if (arp_mc_map(addr, buf, dev, 0) == 0) 1129 dev_mc_del(dev, buf); 1130 } 1131 1132 #ifdef CONFIG_IP_MULTICAST 1133 /* 1134 * deleted ip_mc_list manipulation 1135 */ 1136 static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im) 1137 { 1138 struct ip_mc_list *pmc; 1139 struct net *net = dev_net(in_dev->dev); 1140 1141 /* this is an "ip_mc_list" for convenience; only the fields below 1142 * are actually used. In particular, the refcnt and users are not 1143 * used for management of the delete list. Using the same structure 1144 * for deleted items allows change reports to use common code with 1145 * non-deleted or query-response MCA's. 1146 */ 1147 pmc = kzalloc(sizeof(*pmc), GFP_KERNEL); 1148 if (!pmc) 1149 return; 1150 spin_lock_init(&pmc->lock); 1151 spin_lock_bh(&im->lock); 1152 pmc->interface = im->interface; 1153 in_dev_hold(in_dev); 1154 pmc->multiaddr = im->multiaddr; 1155 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1156 pmc->sfmode = im->sfmode; 1157 if (pmc->sfmode == MCAST_INCLUDE) { 1158 struct ip_sf_list *psf; 1159 1160 pmc->tomb = im->tomb; 1161 pmc->sources = im->sources; 1162 im->tomb = im->sources = NULL; 1163 for (psf = pmc->sources; psf; psf = psf->sf_next) 1164 psf->sf_crcount = pmc->crcount; 1165 } 1166 spin_unlock_bh(&im->lock); 1167 1168 spin_lock_bh(&in_dev->mc_tomb_lock); 1169 pmc->next = in_dev->mc_tomb; 1170 in_dev->mc_tomb = pmc; 1171 spin_unlock_bh(&in_dev->mc_tomb_lock); 1172 } 1173 1174 /* 1175 * restore ip_mc_list deleted records 1176 */ 1177 static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im) 1178 { 1179 struct ip_mc_list *pmc, *pmc_prev; 1180 struct ip_sf_list *psf; 1181 struct net *net = dev_net(in_dev->dev); 1182 __be32 multiaddr = im->multiaddr; 1183 1184 spin_lock_bh(&in_dev->mc_tomb_lock); 1185 pmc_prev = NULL; 1186 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc->next) { 1187 if (pmc->multiaddr == multiaddr) 1188 break; 1189 pmc_prev = pmc; 1190 } 1191 if (pmc) { 1192 if (pmc_prev) 1193 pmc_prev->next = pmc->next; 1194 else 1195 in_dev->mc_tomb = pmc->next; 1196 } 1197 spin_unlock_bh(&in_dev->mc_tomb_lock); 1198 1199 spin_lock_bh(&im->lock); 1200 if (pmc) { 1201 im->interface = pmc->interface; 1202 if (im->sfmode == MCAST_INCLUDE) { 1203 im->tomb = pmc->tomb; 1204 im->sources = pmc->sources; 1205 for (psf = im->sources; psf; psf = psf->sf_next) 1206 psf->sf_crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1207 } else { 1208 im->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1209 } 1210 in_dev_put(pmc->interface); 1211 kfree(pmc); 1212 } 1213 spin_unlock_bh(&im->lock); 1214 } 1215 1216 /* 1217 * flush ip_mc_list deleted records 1218 */ 1219 static void igmpv3_clear_delrec(struct in_device *in_dev) 1220 { 1221 struct ip_mc_list *pmc, *nextpmc; 1222 1223 spin_lock_bh(&in_dev->mc_tomb_lock); 1224 pmc = in_dev->mc_tomb; 1225 in_dev->mc_tomb = NULL; 1226 spin_unlock_bh(&in_dev->mc_tomb_lock); 1227 1228 for (; pmc; pmc = nextpmc) { 1229 nextpmc = pmc->next; 1230 ip_mc_clear_src(pmc); 1231 in_dev_put(pmc->interface); 1232 kfree(pmc); 1233 } 1234 /* clear dead sources, too */ 1235 rcu_read_lock(); 1236 for_each_pmc_rcu(in_dev, pmc) { 1237 struct ip_sf_list *psf, *psf_next; 1238 1239 spin_lock_bh(&pmc->lock); 1240 psf = pmc->tomb; 1241 pmc->tomb = NULL; 1242 spin_unlock_bh(&pmc->lock); 1243 for (; psf; psf = psf_next) { 1244 psf_next = psf->sf_next; 1245 kfree(psf); 1246 } 1247 } 1248 rcu_read_unlock(); 1249 } 1250 #endif 1251 1252 static void igmp_group_dropped(struct ip_mc_list *im) 1253 { 1254 struct in_device *in_dev = im->interface; 1255 #ifdef CONFIG_IP_MULTICAST 1256 struct net *net = dev_net(in_dev->dev); 1257 int reporter; 1258 #endif 1259 1260 if (im->loaded) { 1261 im->loaded = 0; 1262 ip_mc_filter_del(in_dev, im->multiaddr); 1263 } 1264 1265 #ifdef CONFIG_IP_MULTICAST 1266 if (im->multiaddr == IGMP_ALL_HOSTS) 1267 return; 1268 if (ipv4_is_local_multicast(im->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 1269 return; 1270 1271 reporter = im->reporter; 1272 igmp_stop_timer(im); 1273 1274 if (!in_dev->dead) { 1275 if (IGMP_V1_SEEN(in_dev)) 1276 return; 1277 if (IGMP_V2_SEEN(in_dev)) { 1278 if (reporter) 1279 igmp_send_report(in_dev, im, IGMP_HOST_LEAVE_MESSAGE); 1280 return; 1281 } 1282 /* IGMPv3 */ 1283 igmpv3_add_delrec(in_dev, im); 1284 1285 igmp_ifc_event(in_dev); 1286 } 1287 #endif 1288 } 1289 1290 static void igmp_group_added(struct ip_mc_list *im) 1291 { 1292 struct in_device *in_dev = im->interface; 1293 #ifdef CONFIG_IP_MULTICAST 1294 struct net *net = dev_net(in_dev->dev); 1295 #endif 1296 1297 if (im->loaded == 0) { 1298 im->loaded = 1; 1299 ip_mc_filter_add(in_dev, im->multiaddr); 1300 } 1301 1302 #ifdef CONFIG_IP_MULTICAST 1303 if (im->multiaddr == IGMP_ALL_HOSTS) 1304 return; 1305 if (ipv4_is_local_multicast(im->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 1306 return; 1307 1308 if (in_dev->dead) 1309 return; 1310 1311 im->unsolicit_count = net->ipv4.sysctl_igmp_qrv; 1312 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) { 1313 spin_lock_bh(&im->lock); 1314 igmp_start_timer(im, IGMP_INITIAL_REPORT_DELAY); 1315 spin_unlock_bh(&im->lock); 1316 return; 1317 } 1318 /* else, v3 */ 1319 1320 /* Based on RFC3376 5.1, for newly added INCLUDE SSM, we should 1321 * not send filter-mode change record as the mode should be from 1322 * IN() to IN(A). 1323 */ 1324 if (im->sfmode == MCAST_EXCLUDE) 1325 im->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1326 1327 igmp_ifc_event(in_dev); 1328 #endif 1329 } 1330 1331 1332 /* 1333 * Multicast list managers 1334 */ 1335 1336 static u32 ip_mc_hash(const struct ip_mc_list *im) 1337 { 1338 return hash_32((__force u32)im->multiaddr, MC_HASH_SZ_LOG); 1339 } 1340 1341 static void ip_mc_hash_add(struct in_device *in_dev, 1342 struct ip_mc_list *im) 1343 { 1344 struct ip_mc_list __rcu **mc_hash; 1345 u32 hash; 1346 1347 mc_hash = rtnl_dereference(in_dev->mc_hash); 1348 if (mc_hash) { 1349 hash = ip_mc_hash(im); 1350 im->next_hash = mc_hash[hash]; 1351 rcu_assign_pointer(mc_hash[hash], im); 1352 return; 1353 } 1354 1355 /* do not use a hash table for small number of items */ 1356 if (in_dev->mc_count < 4) 1357 return; 1358 1359 mc_hash = kzalloc(sizeof(struct ip_mc_list *) << MC_HASH_SZ_LOG, 1360 GFP_KERNEL); 1361 if (!mc_hash) 1362 return; 1363 1364 for_each_pmc_rtnl(in_dev, im) { 1365 hash = ip_mc_hash(im); 1366 im->next_hash = mc_hash[hash]; 1367 RCU_INIT_POINTER(mc_hash[hash], im); 1368 } 1369 1370 rcu_assign_pointer(in_dev->mc_hash, mc_hash); 1371 } 1372 1373 static void ip_mc_hash_remove(struct in_device *in_dev, 1374 struct ip_mc_list *im) 1375 { 1376 struct ip_mc_list __rcu **mc_hash = rtnl_dereference(in_dev->mc_hash); 1377 struct ip_mc_list *aux; 1378 1379 if (!mc_hash) 1380 return; 1381 mc_hash += ip_mc_hash(im); 1382 while ((aux = rtnl_dereference(*mc_hash)) != im) 1383 mc_hash = &aux->next_hash; 1384 *mc_hash = im->next_hash; 1385 } 1386 1387 1388 /* 1389 * A socket has joined a multicast group on device dev. 1390 */ 1391 static void __ip_mc_inc_group(struct in_device *in_dev, __be32 addr, 1392 unsigned int mode) 1393 { 1394 struct ip_mc_list *im; 1395 1396 ASSERT_RTNL(); 1397 1398 for_each_pmc_rtnl(in_dev, im) { 1399 if (im->multiaddr == addr) { 1400 im->users++; 1401 ip_mc_add_src(in_dev, &addr, mode, 0, NULL, 0); 1402 goto out; 1403 } 1404 } 1405 1406 im = kzalloc(sizeof(*im), GFP_KERNEL); 1407 if (!im) 1408 goto out; 1409 1410 im->users = 1; 1411 im->interface = in_dev; 1412 in_dev_hold(in_dev); 1413 im->multiaddr = addr; 1414 /* initial mode is (EX, empty) */ 1415 im->sfmode = mode; 1416 im->sfcount[mode] = 1; 1417 refcount_set(&im->refcnt, 1); 1418 spin_lock_init(&im->lock); 1419 #ifdef CONFIG_IP_MULTICAST 1420 timer_setup(&im->timer, igmp_timer_expire, 0); 1421 #endif 1422 1423 im->next_rcu = in_dev->mc_list; 1424 in_dev->mc_count++; 1425 rcu_assign_pointer(in_dev->mc_list, im); 1426 1427 ip_mc_hash_add(in_dev, im); 1428 1429 #ifdef CONFIG_IP_MULTICAST 1430 igmpv3_del_delrec(in_dev, im); 1431 #endif 1432 igmp_group_added(im); 1433 if (!in_dev->dead) 1434 ip_rt_multicast_event(in_dev); 1435 out: 1436 return; 1437 } 1438 1439 void ip_mc_inc_group(struct in_device *in_dev, __be32 addr) 1440 { 1441 __ip_mc_inc_group(in_dev, addr, MCAST_EXCLUDE); 1442 } 1443 EXPORT_SYMBOL(ip_mc_inc_group); 1444 1445 static int ip_mc_check_iphdr(struct sk_buff *skb) 1446 { 1447 const struct iphdr *iph; 1448 unsigned int len; 1449 unsigned int offset = skb_network_offset(skb) + sizeof(*iph); 1450 1451 if (!pskb_may_pull(skb, offset)) 1452 return -EINVAL; 1453 1454 iph = ip_hdr(skb); 1455 1456 if (iph->version != 4 || ip_hdrlen(skb) < sizeof(*iph)) 1457 return -EINVAL; 1458 1459 offset += ip_hdrlen(skb) - sizeof(*iph); 1460 1461 if (!pskb_may_pull(skb, offset)) 1462 return -EINVAL; 1463 1464 iph = ip_hdr(skb); 1465 1466 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl))) 1467 return -EINVAL; 1468 1469 len = skb_network_offset(skb) + ntohs(iph->tot_len); 1470 if (skb->len < len || len < offset) 1471 return -EINVAL; 1472 1473 skb_set_transport_header(skb, offset); 1474 1475 return 0; 1476 } 1477 1478 static int ip_mc_check_igmp_reportv3(struct sk_buff *skb) 1479 { 1480 unsigned int len = skb_transport_offset(skb); 1481 1482 len += sizeof(struct igmpv3_report); 1483 1484 return pskb_may_pull(skb, len) ? 0 : -EINVAL; 1485 } 1486 1487 static int ip_mc_check_igmp_query(struct sk_buff *skb) 1488 { 1489 unsigned int len = skb_transport_offset(skb); 1490 1491 len += sizeof(struct igmphdr); 1492 if (skb->len < len) 1493 return -EINVAL; 1494 1495 /* IGMPv{1,2}? */ 1496 if (skb->len != len) { 1497 /* or IGMPv3? */ 1498 len += sizeof(struct igmpv3_query) - sizeof(struct igmphdr); 1499 if (skb->len < len || !pskb_may_pull(skb, len)) 1500 return -EINVAL; 1501 } 1502 1503 /* RFC2236+RFC3376 (IGMPv2+IGMPv3) require the multicast link layer 1504 * all-systems destination addresses (224.0.0.1) for general queries 1505 */ 1506 if (!igmp_hdr(skb)->group && 1507 ip_hdr(skb)->daddr != htonl(INADDR_ALLHOSTS_GROUP)) 1508 return -EINVAL; 1509 1510 return 0; 1511 } 1512 1513 static int ip_mc_check_igmp_msg(struct sk_buff *skb) 1514 { 1515 switch (igmp_hdr(skb)->type) { 1516 case IGMP_HOST_LEAVE_MESSAGE: 1517 case IGMP_HOST_MEMBERSHIP_REPORT: 1518 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1519 /* fall through */ 1520 return 0; 1521 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1522 return ip_mc_check_igmp_reportv3(skb); 1523 case IGMP_HOST_MEMBERSHIP_QUERY: 1524 return ip_mc_check_igmp_query(skb); 1525 default: 1526 return -ENOMSG; 1527 } 1528 } 1529 1530 static inline __sum16 ip_mc_validate_checksum(struct sk_buff *skb) 1531 { 1532 return skb_checksum_simple_validate(skb); 1533 } 1534 1535 static int __ip_mc_check_igmp(struct sk_buff *skb, struct sk_buff **skb_trimmed) 1536 1537 { 1538 struct sk_buff *skb_chk; 1539 unsigned int transport_len; 1540 unsigned int len = skb_transport_offset(skb) + sizeof(struct igmphdr); 1541 int ret = -EINVAL; 1542 1543 transport_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb); 1544 1545 skb_chk = skb_checksum_trimmed(skb, transport_len, 1546 ip_mc_validate_checksum); 1547 if (!skb_chk) 1548 goto err; 1549 1550 if (!pskb_may_pull(skb_chk, len)) 1551 goto err; 1552 1553 ret = ip_mc_check_igmp_msg(skb_chk); 1554 if (ret) 1555 goto err; 1556 1557 if (skb_trimmed) 1558 *skb_trimmed = skb_chk; 1559 /* free now unneeded clone */ 1560 else if (skb_chk != skb) 1561 kfree_skb(skb_chk); 1562 1563 ret = 0; 1564 1565 err: 1566 if (ret && skb_chk && skb_chk != skb) 1567 kfree_skb(skb_chk); 1568 1569 return ret; 1570 } 1571 1572 /** 1573 * ip_mc_check_igmp - checks whether this is a sane IGMP packet 1574 * @skb: the skb to validate 1575 * @skb_trimmed: to store an skb pointer trimmed to IPv4 packet tail (optional) 1576 * 1577 * Checks whether an IPv4 packet is a valid IGMP packet. If so sets 1578 * skb transport header accordingly and returns zero. 1579 * 1580 * -EINVAL: A broken packet was detected, i.e. it violates some internet 1581 * standard 1582 * -ENOMSG: IP header validation succeeded but it is not an IGMP packet. 1583 * -ENOMEM: A memory allocation failure happened. 1584 * 1585 * Optionally, an skb pointer might be provided via skb_trimmed (or set it 1586 * to NULL): After parsing an IGMP packet successfully it will point to 1587 * an skb which has its tail aligned to the IP packet end. This might 1588 * either be the originally provided skb or a trimmed, cloned version if 1589 * the skb frame had data beyond the IP packet. A cloned skb allows us 1590 * to leave the original skb and its full frame unchanged (which might be 1591 * desirable for layer 2 frame jugglers). 1592 * 1593 * Caller needs to set the skb network header and free any returned skb if it 1594 * differs from the provided skb. 1595 */ 1596 int ip_mc_check_igmp(struct sk_buff *skb, struct sk_buff **skb_trimmed) 1597 { 1598 int ret = ip_mc_check_iphdr(skb); 1599 1600 if (ret < 0) 1601 return ret; 1602 1603 if (ip_hdr(skb)->protocol != IPPROTO_IGMP) 1604 return -ENOMSG; 1605 1606 return __ip_mc_check_igmp(skb, skb_trimmed); 1607 } 1608 EXPORT_SYMBOL(ip_mc_check_igmp); 1609 1610 /* 1611 * Resend IGMP JOIN report; used by netdev notifier. 1612 */ 1613 static void ip_mc_rejoin_groups(struct in_device *in_dev) 1614 { 1615 #ifdef CONFIG_IP_MULTICAST 1616 struct ip_mc_list *im; 1617 int type; 1618 struct net *net = dev_net(in_dev->dev); 1619 1620 ASSERT_RTNL(); 1621 1622 for_each_pmc_rtnl(in_dev, im) { 1623 if (im->multiaddr == IGMP_ALL_HOSTS) 1624 continue; 1625 if (ipv4_is_local_multicast(im->multiaddr) && 1626 !net->ipv4.sysctl_igmp_llm_reports) 1627 continue; 1628 1629 /* a failover is happening and switches 1630 * must be notified immediately 1631 */ 1632 if (IGMP_V1_SEEN(in_dev)) 1633 type = IGMP_HOST_MEMBERSHIP_REPORT; 1634 else if (IGMP_V2_SEEN(in_dev)) 1635 type = IGMPV2_HOST_MEMBERSHIP_REPORT; 1636 else 1637 type = IGMPV3_HOST_MEMBERSHIP_REPORT; 1638 igmp_send_report(in_dev, im, type); 1639 } 1640 #endif 1641 } 1642 1643 /* 1644 * A socket has left a multicast group on device dev 1645 */ 1646 1647 void ip_mc_dec_group(struct in_device *in_dev, __be32 addr) 1648 { 1649 struct ip_mc_list *i; 1650 struct ip_mc_list __rcu **ip; 1651 1652 ASSERT_RTNL(); 1653 1654 for (ip = &in_dev->mc_list; 1655 (i = rtnl_dereference(*ip)) != NULL; 1656 ip = &i->next_rcu) { 1657 if (i->multiaddr == addr) { 1658 if (--i->users == 0) { 1659 ip_mc_hash_remove(in_dev, i); 1660 *ip = i->next_rcu; 1661 in_dev->mc_count--; 1662 igmp_group_dropped(i); 1663 ip_mc_clear_src(i); 1664 1665 if (!in_dev->dead) 1666 ip_rt_multicast_event(in_dev); 1667 1668 ip_ma_put(i); 1669 return; 1670 } 1671 break; 1672 } 1673 } 1674 } 1675 EXPORT_SYMBOL(ip_mc_dec_group); 1676 1677 /* Device changing type */ 1678 1679 void ip_mc_unmap(struct in_device *in_dev) 1680 { 1681 struct ip_mc_list *pmc; 1682 1683 ASSERT_RTNL(); 1684 1685 for_each_pmc_rtnl(in_dev, pmc) 1686 igmp_group_dropped(pmc); 1687 } 1688 1689 void ip_mc_remap(struct in_device *in_dev) 1690 { 1691 struct ip_mc_list *pmc; 1692 1693 ASSERT_RTNL(); 1694 1695 for_each_pmc_rtnl(in_dev, pmc) { 1696 #ifdef CONFIG_IP_MULTICAST 1697 igmpv3_del_delrec(in_dev, pmc); 1698 #endif 1699 igmp_group_added(pmc); 1700 } 1701 } 1702 1703 /* Device going down */ 1704 1705 void ip_mc_down(struct in_device *in_dev) 1706 { 1707 struct ip_mc_list *pmc; 1708 1709 ASSERT_RTNL(); 1710 1711 for_each_pmc_rtnl(in_dev, pmc) 1712 igmp_group_dropped(pmc); 1713 1714 #ifdef CONFIG_IP_MULTICAST 1715 in_dev->mr_ifc_count = 0; 1716 if (del_timer(&in_dev->mr_ifc_timer)) 1717 __in_dev_put(in_dev); 1718 in_dev->mr_gq_running = 0; 1719 if (del_timer(&in_dev->mr_gq_timer)) 1720 __in_dev_put(in_dev); 1721 #endif 1722 1723 ip_mc_dec_group(in_dev, IGMP_ALL_HOSTS); 1724 } 1725 1726 void ip_mc_init_dev(struct in_device *in_dev) 1727 { 1728 #ifdef CONFIG_IP_MULTICAST 1729 struct net *net = dev_net(in_dev->dev); 1730 #endif 1731 ASSERT_RTNL(); 1732 1733 #ifdef CONFIG_IP_MULTICAST 1734 timer_setup(&in_dev->mr_gq_timer, igmp_gq_timer_expire, 0); 1735 timer_setup(&in_dev->mr_ifc_timer, igmp_ifc_timer_expire, 0); 1736 in_dev->mr_qrv = net->ipv4.sysctl_igmp_qrv; 1737 #endif 1738 1739 spin_lock_init(&in_dev->mc_tomb_lock); 1740 } 1741 1742 /* Device going up */ 1743 1744 void ip_mc_up(struct in_device *in_dev) 1745 { 1746 struct ip_mc_list *pmc; 1747 #ifdef CONFIG_IP_MULTICAST 1748 struct net *net = dev_net(in_dev->dev); 1749 #endif 1750 1751 ASSERT_RTNL(); 1752 1753 #ifdef CONFIG_IP_MULTICAST 1754 in_dev->mr_qrv = net->ipv4.sysctl_igmp_qrv; 1755 #endif 1756 ip_mc_inc_group(in_dev, IGMP_ALL_HOSTS); 1757 1758 for_each_pmc_rtnl(in_dev, pmc) { 1759 #ifdef CONFIG_IP_MULTICAST 1760 igmpv3_del_delrec(in_dev, pmc); 1761 #endif 1762 igmp_group_added(pmc); 1763 } 1764 } 1765 1766 /* 1767 * Device is about to be destroyed: clean up. 1768 */ 1769 1770 void ip_mc_destroy_dev(struct in_device *in_dev) 1771 { 1772 struct ip_mc_list *i; 1773 1774 ASSERT_RTNL(); 1775 1776 /* Deactivate timers */ 1777 ip_mc_down(in_dev); 1778 #ifdef CONFIG_IP_MULTICAST 1779 igmpv3_clear_delrec(in_dev); 1780 #endif 1781 1782 while ((i = rtnl_dereference(in_dev->mc_list)) != NULL) { 1783 in_dev->mc_list = i->next_rcu; 1784 in_dev->mc_count--; 1785 ip_ma_put(i); 1786 } 1787 } 1788 1789 /* RTNL is locked */ 1790 static struct in_device *ip_mc_find_dev(struct net *net, struct ip_mreqn *imr) 1791 { 1792 struct net_device *dev = NULL; 1793 struct in_device *idev = NULL; 1794 1795 if (imr->imr_ifindex) { 1796 idev = inetdev_by_index(net, imr->imr_ifindex); 1797 return idev; 1798 } 1799 if (imr->imr_address.s_addr) { 1800 dev = __ip_dev_find(net, imr->imr_address.s_addr, false); 1801 if (!dev) 1802 return NULL; 1803 } 1804 1805 if (!dev) { 1806 struct rtable *rt = ip_route_output(net, 1807 imr->imr_multiaddr.s_addr, 1808 0, 0, 0); 1809 if (!IS_ERR(rt)) { 1810 dev = rt->dst.dev; 1811 ip_rt_put(rt); 1812 } 1813 } 1814 if (dev) { 1815 imr->imr_ifindex = dev->ifindex; 1816 idev = __in_dev_get_rtnl(dev); 1817 } 1818 return idev; 1819 } 1820 1821 /* 1822 * Join a socket to a group 1823 */ 1824 1825 static int ip_mc_del1_src(struct ip_mc_list *pmc, int sfmode, 1826 __be32 *psfsrc) 1827 { 1828 struct ip_sf_list *psf, *psf_prev; 1829 int rv = 0; 1830 1831 psf_prev = NULL; 1832 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1833 if (psf->sf_inaddr == *psfsrc) 1834 break; 1835 psf_prev = psf; 1836 } 1837 if (!psf || psf->sf_count[sfmode] == 0) { 1838 /* source filter not found, or count wrong => bug */ 1839 return -ESRCH; 1840 } 1841 psf->sf_count[sfmode]--; 1842 if (psf->sf_count[sfmode] == 0) { 1843 ip_rt_multicast_event(pmc->interface); 1844 } 1845 if (!psf->sf_count[MCAST_INCLUDE] && !psf->sf_count[MCAST_EXCLUDE]) { 1846 #ifdef CONFIG_IP_MULTICAST 1847 struct in_device *in_dev = pmc->interface; 1848 struct net *net = dev_net(in_dev->dev); 1849 #endif 1850 1851 /* no more filters for this source */ 1852 if (psf_prev) 1853 psf_prev->sf_next = psf->sf_next; 1854 else 1855 pmc->sources = psf->sf_next; 1856 #ifdef CONFIG_IP_MULTICAST 1857 if (psf->sf_oldin && 1858 !IGMP_V1_SEEN(in_dev) && !IGMP_V2_SEEN(in_dev)) { 1859 psf->sf_crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1860 psf->sf_next = pmc->tomb; 1861 pmc->tomb = psf; 1862 rv = 1; 1863 } else 1864 #endif 1865 kfree(psf); 1866 } 1867 return rv; 1868 } 1869 1870 #ifndef CONFIG_IP_MULTICAST 1871 #define igmp_ifc_event(x) do { } while (0) 1872 #endif 1873 1874 static int ip_mc_del_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 1875 int sfcount, __be32 *psfsrc, int delta) 1876 { 1877 struct ip_mc_list *pmc; 1878 int changerec = 0; 1879 int i, err; 1880 1881 if (!in_dev) 1882 return -ENODEV; 1883 rcu_read_lock(); 1884 for_each_pmc_rcu(in_dev, pmc) { 1885 if (*pmca == pmc->multiaddr) 1886 break; 1887 } 1888 if (!pmc) { 1889 /* MCA not found?? bug */ 1890 rcu_read_unlock(); 1891 return -ESRCH; 1892 } 1893 spin_lock_bh(&pmc->lock); 1894 rcu_read_unlock(); 1895 #ifdef CONFIG_IP_MULTICAST 1896 sf_markstate(pmc); 1897 #endif 1898 if (!delta) { 1899 err = -EINVAL; 1900 if (!pmc->sfcount[sfmode]) 1901 goto out_unlock; 1902 pmc->sfcount[sfmode]--; 1903 } 1904 err = 0; 1905 for (i = 0; i < sfcount; i++) { 1906 int rv = ip_mc_del1_src(pmc, sfmode, &psfsrc[i]); 1907 1908 changerec |= rv > 0; 1909 if (!err && rv < 0) 1910 err = rv; 1911 } 1912 if (pmc->sfmode == MCAST_EXCLUDE && 1913 pmc->sfcount[MCAST_EXCLUDE] == 0 && 1914 pmc->sfcount[MCAST_INCLUDE]) { 1915 #ifdef CONFIG_IP_MULTICAST 1916 struct ip_sf_list *psf; 1917 struct net *net = dev_net(in_dev->dev); 1918 #endif 1919 1920 /* filter mode change */ 1921 pmc->sfmode = MCAST_INCLUDE; 1922 #ifdef CONFIG_IP_MULTICAST 1923 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1924 in_dev->mr_ifc_count = pmc->crcount; 1925 for (psf = pmc->sources; psf; psf = psf->sf_next) 1926 psf->sf_crcount = 0; 1927 igmp_ifc_event(pmc->interface); 1928 } else if (sf_setstate(pmc) || changerec) { 1929 igmp_ifc_event(pmc->interface); 1930 #endif 1931 } 1932 out_unlock: 1933 spin_unlock_bh(&pmc->lock); 1934 return err; 1935 } 1936 1937 /* 1938 * Add multicast single-source filter to the interface list 1939 */ 1940 static int ip_mc_add1_src(struct ip_mc_list *pmc, int sfmode, 1941 __be32 *psfsrc) 1942 { 1943 struct ip_sf_list *psf, *psf_prev; 1944 1945 psf_prev = NULL; 1946 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1947 if (psf->sf_inaddr == *psfsrc) 1948 break; 1949 psf_prev = psf; 1950 } 1951 if (!psf) { 1952 psf = kzalloc(sizeof(*psf), GFP_ATOMIC); 1953 if (!psf) 1954 return -ENOBUFS; 1955 psf->sf_inaddr = *psfsrc; 1956 if (psf_prev) { 1957 psf_prev->sf_next = psf; 1958 } else 1959 pmc->sources = psf; 1960 } 1961 psf->sf_count[sfmode]++; 1962 if (psf->sf_count[sfmode] == 1) { 1963 ip_rt_multicast_event(pmc->interface); 1964 } 1965 return 0; 1966 } 1967 1968 #ifdef CONFIG_IP_MULTICAST 1969 static void sf_markstate(struct ip_mc_list *pmc) 1970 { 1971 struct ip_sf_list *psf; 1972 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE]; 1973 1974 for (psf = pmc->sources; psf; psf = psf->sf_next) 1975 if (pmc->sfcount[MCAST_EXCLUDE]) { 1976 psf->sf_oldin = mca_xcount == 1977 psf->sf_count[MCAST_EXCLUDE] && 1978 !psf->sf_count[MCAST_INCLUDE]; 1979 } else 1980 psf->sf_oldin = psf->sf_count[MCAST_INCLUDE] != 0; 1981 } 1982 1983 static int sf_setstate(struct ip_mc_list *pmc) 1984 { 1985 struct ip_sf_list *psf, *dpsf; 1986 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE]; 1987 int qrv = pmc->interface->mr_qrv; 1988 int new_in, rv; 1989 1990 rv = 0; 1991 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1992 if (pmc->sfcount[MCAST_EXCLUDE]) { 1993 new_in = mca_xcount == psf->sf_count[MCAST_EXCLUDE] && 1994 !psf->sf_count[MCAST_INCLUDE]; 1995 } else 1996 new_in = psf->sf_count[MCAST_INCLUDE] != 0; 1997 if (new_in) { 1998 if (!psf->sf_oldin) { 1999 struct ip_sf_list *prev = NULL; 2000 2001 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next) { 2002 if (dpsf->sf_inaddr == psf->sf_inaddr) 2003 break; 2004 prev = dpsf; 2005 } 2006 if (dpsf) { 2007 if (prev) 2008 prev->sf_next = dpsf->sf_next; 2009 else 2010 pmc->tomb = dpsf->sf_next; 2011 kfree(dpsf); 2012 } 2013 psf->sf_crcount = qrv; 2014 rv++; 2015 } 2016 } else if (psf->sf_oldin) { 2017 2018 psf->sf_crcount = 0; 2019 /* 2020 * add or update "delete" records if an active filter 2021 * is now inactive 2022 */ 2023 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next) 2024 if (dpsf->sf_inaddr == psf->sf_inaddr) 2025 break; 2026 if (!dpsf) { 2027 dpsf = kmalloc(sizeof(*dpsf), GFP_ATOMIC); 2028 if (!dpsf) 2029 continue; 2030 *dpsf = *psf; 2031 /* pmc->lock held by callers */ 2032 dpsf->sf_next = pmc->tomb; 2033 pmc->tomb = dpsf; 2034 } 2035 dpsf->sf_crcount = qrv; 2036 rv++; 2037 } 2038 } 2039 return rv; 2040 } 2041 #endif 2042 2043 /* 2044 * Add multicast source filter list to the interface list 2045 */ 2046 static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 2047 int sfcount, __be32 *psfsrc, int delta) 2048 { 2049 struct ip_mc_list *pmc; 2050 int isexclude; 2051 int i, err; 2052 2053 if (!in_dev) 2054 return -ENODEV; 2055 rcu_read_lock(); 2056 for_each_pmc_rcu(in_dev, pmc) { 2057 if (*pmca == pmc->multiaddr) 2058 break; 2059 } 2060 if (!pmc) { 2061 /* MCA not found?? bug */ 2062 rcu_read_unlock(); 2063 return -ESRCH; 2064 } 2065 spin_lock_bh(&pmc->lock); 2066 rcu_read_unlock(); 2067 2068 #ifdef CONFIG_IP_MULTICAST 2069 sf_markstate(pmc); 2070 #endif 2071 isexclude = pmc->sfmode == MCAST_EXCLUDE; 2072 if (!delta) 2073 pmc->sfcount[sfmode]++; 2074 err = 0; 2075 for (i = 0; i < sfcount; i++) { 2076 err = ip_mc_add1_src(pmc, sfmode, &psfsrc[i]); 2077 if (err) 2078 break; 2079 } 2080 if (err) { 2081 int j; 2082 2083 if (!delta) 2084 pmc->sfcount[sfmode]--; 2085 for (j = 0; j < i; j++) 2086 (void) ip_mc_del1_src(pmc, sfmode, &psfsrc[j]); 2087 } else if (isexclude != (pmc->sfcount[MCAST_EXCLUDE] != 0)) { 2088 #ifdef CONFIG_IP_MULTICAST 2089 struct ip_sf_list *psf; 2090 struct net *net = dev_net(pmc->interface->dev); 2091 in_dev = pmc->interface; 2092 #endif 2093 2094 /* filter mode change */ 2095 if (pmc->sfcount[MCAST_EXCLUDE]) 2096 pmc->sfmode = MCAST_EXCLUDE; 2097 else if (pmc->sfcount[MCAST_INCLUDE]) 2098 pmc->sfmode = MCAST_INCLUDE; 2099 #ifdef CONFIG_IP_MULTICAST 2100 /* else no filters; keep old mode for reports */ 2101 2102 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 2103 in_dev->mr_ifc_count = pmc->crcount; 2104 for (psf = pmc->sources; psf; psf = psf->sf_next) 2105 psf->sf_crcount = 0; 2106 igmp_ifc_event(in_dev); 2107 } else if (sf_setstate(pmc)) { 2108 igmp_ifc_event(in_dev); 2109 #endif 2110 } 2111 spin_unlock_bh(&pmc->lock); 2112 return err; 2113 } 2114 2115 static void ip_mc_clear_src(struct ip_mc_list *pmc) 2116 { 2117 struct ip_sf_list *psf, *nextpsf, *tomb, *sources; 2118 2119 spin_lock_bh(&pmc->lock); 2120 tomb = pmc->tomb; 2121 pmc->tomb = NULL; 2122 sources = pmc->sources; 2123 pmc->sources = NULL; 2124 pmc->sfmode = MCAST_EXCLUDE; 2125 pmc->sfcount[MCAST_INCLUDE] = 0; 2126 pmc->sfcount[MCAST_EXCLUDE] = 1; 2127 spin_unlock_bh(&pmc->lock); 2128 2129 for (psf = tomb; psf; psf = nextpsf) { 2130 nextpsf = psf->sf_next; 2131 kfree(psf); 2132 } 2133 for (psf = sources; psf; psf = nextpsf) { 2134 nextpsf = psf->sf_next; 2135 kfree(psf); 2136 } 2137 } 2138 2139 /* Join a multicast group 2140 */ 2141 static int __ip_mc_join_group(struct sock *sk, struct ip_mreqn *imr, 2142 unsigned int mode) 2143 { 2144 __be32 addr = imr->imr_multiaddr.s_addr; 2145 struct ip_mc_socklist *iml, *i; 2146 struct in_device *in_dev; 2147 struct inet_sock *inet = inet_sk(sk); 2148 struct net *net = sock_net(sk); 2149 int ifindex; 2150 int count = 0; 2151 int err; 2152 2153 ASSERT_RTNL(); 2154 2155 if (!ipv4_is_multicast(addr)) 2156 return -EINVAL; 2157 2158 in_dev = ip_mc_find_dev(net, imr); 2159 2160 if (!in_dev) { 2161 err = -ENODEV; 2162 goto done; 2163 } 2164 2165 err = -EADDRINUSE; 2166 ifindex = imr->imr_ifindex; 2167 for_each_pmc_rtnl(inet, i) { 2168 if (i->multi.imr_multiaddr.s_addr == addr && 2169 i->multi.imr_ifindex == ifindex) 2170 goto done; 2171 count++; 2172 } 2173 err = -ENOBUFS; 2174 if (count >= net->ipv4.sysctl_igmp_max_memberships) 2175 goto done; 2176 iml = sock_kmalloc(sk, sizeof(*iml), GFP_KERNEL); 2177 if (!iml) 2178 goto done; 2179 2180 memcpy(&iml->multi, imr, sizeof(*imr)); 2181 iml->next_rcu = inet->mc_list; 2182 iml->sflist = NULL; 2183 iml->sfmode = mode; 2184 rcu_assign_pointer(inet->mc_list, iml); 2185 __ip_mc_inc_group(in_dev, addr, mode); 2186 err = 0; 2187 done: 2188 return err; 2189 } 2190 2191 /* Join ASM (Any-Source Multicast) group 2192 */ 2193 int ip_mc_join_group(struct sock *sk, struct ip_mreqn *imr) 2194 { 2195 return __ip_mc_join_group(sk, imr, MCAST_EXCLUDE); 2196 } 2197 EXPORT_SYMBOL(ip_mc_join_group); 2198 2199 /* Join SSM (Source-Specific Multicast) group 2200 */ 2201 int ip_mc_join_group_ssm(struct sock *sk, struct ip_mreqn *imr, 2202 unsigned int mode) 2203 { 2204 return __ip_mc_join_group(sk, imr, mode); 2205 } 2206 2207 static int ip_mc_leave_src(struct sock *sk, struct ip_mc_socklist *iml, 2208 struct in_device *in_dev) 2209 { 2210 struct ip_sf_socklist *psf = rtnl_dereference(iml->sflist); 2211 int err; 2212 2213 if (!psf) { 2214 /* any-source empty exclude case */ 2215 return ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr, 2216 iml->sfmode, 0, NULL, 0); 2217 } 2218 err = ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr, 2219 iml->sfmode, psf->sl_count, psf->sl_addr, 0); 2220 RCU_INIT_POINTER(iml->sflist, NULL); 2221 /* decrease mem now to avoid the memleak warning */ 2222 atomic_sub(IP_SFLSIZE(psf->sl_max), &sk->sk_omem_alloc); 2223 kfree_rcu(psf, rcu); 2224 return err; 2225 } 2226 2227 int ip_mc_leave_group(struct sock *sk, struct ip_mreqn *imr) 2228 { 2229 struct inet_sock *inet = inet_sk(sk); 2230 struct ip_mc_socklist *iml; 2231 struct ip_mc_socklist __rcu **imlp; 2232 struct in_device *in_dev; 2233 struct net *net = sock_net(sk); 2234 __be32 group = imr->imr_multiaddr.s_addr; 2235 u32 ifindex; 2236 int ret = -EADDRNOTAVAIL; 2237 2238 ASSERT_RTNL(); 2239 2240 in_dev = ip_mc_find_dev(net, imr); 2241 if (!imr->imr_ifindex && !imr->imr_address.s_addr && !in_dev) { 2242 ret = -ENODEV; 2243 goto out; 2244 } 2245 ifindex = imr->imr_ifindex; 2246 for (imlp = &inet->mc_list; 2247 (iml = rtnl_dereference(*imlp)) != NULL; 2248 imlp = &iml->next_rcu) { 2249 if (iml->multi.imr_multiaddr.s_addr != group) 2250 continue; 2251 if (ifindex) { 2252 if (iml->multi.imr_ifindex != ifindex) 2253 continue; 2254 } else if (imr->imr_address.s_addr && imr->imr_address.s_addr != 2255 iml->multi.imr_address.s_addr) 2256 continue; 2257 2258 (void) ip_mc_leave_src(sk, iml, in_dev); 2259 2260 *imlp = iml->next_rcu; 2261 2262 if (in_dev) 2263 ip_mc_dec_group(in_dev, group); 2264 2265 /* decrease mem now to avoid the memleak warning */ 2266 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc); 2267 kfree_rcu(iml, rcu); 2268 return 0; 2269 } 2270 out: 2271 return ret; 2272 } 2273 EXPORT_SYMBOL(ip_mc_leave_group); 2274 2275 int ip_mc_source(int add, int omode, struct sock *sk, struct 2276 ip_mreq_source *mreqs, int ifindex) 2277 { 2278 int err; 2279 struct ip_mreqn imr; 2280 __be32 addr = mreqs->imr_multiaddr; 2281 struct ip_mc_socklist *pmc; 2282 struct in_device *in_dev = NULL; 2283 struct inet_sock *inet = inet_sk(sk); 2284 struct ip_sf_socklist *psl; 2285 struct net *net = sock_net(sk); 2286 int leavegroup = 0; 2287 int i, j, rv; 2288 2289 if (!ipv4_is_multicast(addr)) 2290 return -EINVAL; 2291 2292 ASSERT_RTNL(); 2293 2294 imr.imr_multiaddr.s_addr = mreqs->imr_multiaddr; 2295 imr.imr_address.s_addr = mreqs->imr_interface; 2296 imr.imr_ifindex = ifindex; 2297 in_dev = ip_mc_find_dev(net, &imr); 2298 2299 if (!in_dev) { 2300 err = -ENODEV; 2301 goto done; 2302 } 2303 err = -EADDRNOTAVAIL; 2304 2305 for_each_pmc_rtnl(inet, pmc) { 2306 if ((pmc->multi.imr_multiaddr.s_addr == 2307 imr.imr_multiaddr.s_addr) && 2308 (pmc->multi.imr_ifindex == imr.imr_ifindex)) 2309 break; 2310 } 2311 if (!pmc) { /* must have a prior join */ 2312 err = -EINVAL; 2313 goto done; 2314 } 2315 /* if a source filter was set, must be the same mode as before */ 2316 if (pmc->sflist) { 2317 if (pmc->sfmode != omode) { 2318 err = -EINVAL; 2319 goto done; 2320 } 2321 } else if (pmc->sfmode != omode) { 2322 /* allow mode switches for empty-set filters */ 2323 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 0, NULL, 0); 2324 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, pmc->sfmode, 0, 2325 NULL, 0); 2326 pmc->sfmode = omode; 2327 } 2328 2329 psl = rtnl_dereference(pmc->sflist); 2330 if (!add) { 2331 if (!psl) 2332 goto done; /* err = -EADDRNOTAVAIL */ 2333 rv = !0; 2334 for (i = 0; i < psl->sl_count; i++) { 2335 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr, 2336 sizeof(__be32)); 2337 if (rv == 0) 2338 break; 2339 } 2340 if (rv) /* source not found */ 2341 goto done; /* err = -EADDRNOTAVAIL */ 2342 2343 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 2344 if (psl->sl_count == 1 && omode == MCAST_INCLUDE) { 2345 leavegroup = 1; 2346 goto done; 2347 } 2348 2349 /* update the interface filter */ 2350 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, omode, 1, 2351 &mreqs->imr_sourceaddr, 1); 2352 2353 for (j = i+1; j < psl->sl_count; j++) 2354 psl->sl_addr[j-1] = psl->sl_addr[j]; 2355 psl->sl_count--; 2356 err = 0; 2357 goto done; 2358 } 2359 /* else, add a new source to the filter */ 2360 2361 if (psl && psl->sl_count >= net->ipv4.sysctl_igmp_max_msf) { 2362 err = -ENOBUFS; 2363 goto done; 2364 } 2365 if (!psl || psl->sl_count == psl->sl_max) { 2366 struct ip_sf_socklist *newpsl; 2367 int count = IP_SFBLOCK; 2368 2369 if (psl) 2370 count += psl->sl_max; 2371 newpsl = sock_kmalloc(sk, IP_SFLSIZE(count), GFP_KERNEL); 2372 if (!newpsl) { 2373 err = -ENOBUFS; 2374 goto done; 2375 } 2376 newpsl->sl_max = count; 2377 newpsl->sl_count = count - IP_SFBLOCK; 2378 if (psl) { 2379 for (i = 0; i < psl->sl_count; i++) 2380 newpsl->sl_addr[i] = psl->sl_addr[i]; 2381 /* decrease mem now to avoid the memleak warning */ 2382 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc); 2383 kfree_rcu(psl, rcu); 2384 } 2385 rcu_assign_pointer(pmc->sflist, newpsl); 2386 psl = newpsl; 2387 } 2388 rv = 1; /* > 0 for insert logic below if sl_count is 0 */ 2389 for (i = 0; i < psl->sl_count; i++) { 2390 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr, 2391 sizeof(__be32)); 2392 if (rv == 0) 2393 break; 2394 } 2395 if (rv == 0) /* address already there is an error */ 2396 goto done; 2397 for (j = psl->sl_count-1; j >= i; j--) 2398 psl->sl_addr[j+1] = psl->sl_addr[j]; 2399 psl->sl_addr[i] = mreqs->imr_sourceaddr; 2400 psl->sl_count++; 2401 err = 0; 2402 /* update the interface list */ 2403 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 1, 2404 &mreqs->imr_sourceaddr, 1); 2405 done: 2406 if (leavegroup) 2407 err = ip_mc_leave_group(sk, &imr); 2408 return err; 2409 } 2410 2411 int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex) 2412 { 2413 int err = 0; 2414 struct ip_mreqn imr; 2415 __be32 addr = msf->imsf_multiaddr; 2416 struct ip_mc_socklist *pmc; 2417 struct in_device *in_dev; 2418 struct inet_sock *inet = inet_sk(sk); 2419 struct ip_sf_socklist *newpsl, *psl; 2420 struct net *net = sock_net(sk); 2421 int leavegroup = 0; 2422 2423 if (!ipv4_is_multicast(addr)) 2424 return -EINVAL; 2425 if (msf->imsf_fmode != MCAST_INCLUDE && 2426 msf->imsf_fmode != MCAST_EXCLUDE) 2427 return -EINVAL; 2428 2429 ASSERT_RTNL(); 2430 2431 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; 2432 imr.imr_address.s_addr = msf->imsf_interface; 2433 imr.imr_ifindex = ifindex; 2434 in_dev = ip_mc_find_dev(net, &imr); 2435 2436 if (!in_dev) { 2437 err = -ENODEV; 2438 goto done; 2439 } 2440 2441 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 2442 if (msf->imsf_fmode == MCAST_INCLUDE && msf->imsf_numsrc == 0) { 2443 leavegroup = 1; 2444 goto done; 2445 } 2446 2447 for_each_pmc_rtnl(inet, pmc) { 2448 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr && 2449 pmc->multi.imr_ifindex == imr.imr_ifindex) 2450 break; 2451 } 2452 if (!pmc) { /* must have a prior join */ 2453 err = -EINVAL; 2454 goto done; 2455 } 2456 if (msf->imsf_numsrc) { 2457 newpsl = sock_kmalloc(sk, IP_SFLSIZE(msf->imsf_numsrc), 2458 GFP_KERNEL); 2459 if (!newpsl) { 2460 err = -ENOBUFS; 2461 goto done; 2462 } 2463 newpsl->sl_max = newpsl->sl_count = msf->imsf_numsrc; 2464 memcpy(newpsl->sl_addr, msf->imsf_slist, 2465 msf->imsf_numsrc * sizeof(msf->imsf_slist[0])); 2466 err = ip_mc_add_src(in_dev, &msf->imsf_multiaddr, 2467 msf->imsf_fmode, newpsl->sl_count, newpsl->sl_addr, 0); 2468 if (err) { 2469 sock_kfree_s(sk, newpsl, IP_SFLSIZE(newpsl->sl_max)); 2470 goto done; 2471 } 2472 } else { 2473 newpsl = NULL; 2474 (void) ip_mc_add_src(in_dev, &msf->imsf_multiaddr, 2475 msf->imsf_fmode, 0, NULL, 0); 2476 } 2477 psl = rtnl_dereference(pmc->sflist); 2478 if (psl) { 2479 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode, 2480 psl->sl_count, psl->sl_addr, 0); 2481 /* decrease mem now to avoid the memleak warning */ 2482 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc); 2483 kfree_rcu(psl, rcu); 2484 } else 2485 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode, 2486 0, NULL, 0); 2487 rcu_assign_pointer(pmc->sflist, newpsl); 2488 pmc->sfmode = msf->imsf_fmode; 2489 err = 0; 2490 done: 2491 if (leavegroup) 2492 err = ip_mc_leave_group(sk, &imr); 2493 return err; 2494 } 2495 2496 int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf, 2497 struct ip_msfilter __user *optval, int __user *optlen) 2498 { 2499 int err, len, count, copycount; 2500 struct ip_mreqn imr; 2501 __be32 addr = msf->imsf_multiaddr; 2502 struct ip_mc_socklist *pmc; 2503 struct in_device *in_dev; 2504 struct inet_sock *inet = inet_sk(sk); 2505 struct ip_sf_socklist *psl; 2506 struct net *net = sock_net(sk); 2507 2508 ASSERT_RTNL(); 2509 2510 if (!ipv4_is_multicast(addr)) 2511 return -EINVAL; 2512 2513 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; 2514 imr.imr_address.s_addr = msf->imsf_interface; 2515 imr.imr_ifindex = 0; 2516 in_dev = ip_mc_find_dev(net, &imr); 2517 2518 if (!in_dev) { 2519 err = -ENODEV; 2520 goto done; 2521 } 2522 err = -EADDRNOTAVAIL; 2523 2524 for_each_pmc_rtnl(inet, pmc) { 2525 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr && 2526 pmc->multi.imr_ifindex == imr.imr_ifindex) 2527 break; 2528 } 2529 if (!pmc) /* must have a prior join */ 2530 goto done; 2531 msf->imsf_fmode = pmc->sfmode; 2532 psl = rtnl_dereference(pmc->sflist); 2533 if (!psl) { 2534 len = 0; 2535 count = 0; 2536 } else { 2537 count = psl->sl_count; 2538 } 2539 copycount = count < msf->imsf_numsrc ? count : msf->imsf_numsrc; 2540 len = copycount * sizeof(psl->sl_addr[0]); 2541 msf->imsf_numsrc = count; 2542 if (put_user(IP_MSFILTER_SIZE(copycount), optlen) || 2543 copy_to_user(optval, msf, IP_MSFILTER_SIZE(0))) { 2544 return -EFAULT; 2545 } 2546 if (len && 2547 copy_to_user(&optval->imsf_slist[0], psl->sl_addr, len)) 2548 return -EFAULT; 2549 return 0; 2550 done: 2551 return err; 2552 } 2553 2554 int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf, 2555 struct group_filter __user *optval, int __user *optlen) 2556 { 2557 int err, i, count, copycount; 2558 struct sockaddr_in *psin; 2559 __be32 addr; 2560 struct ip_mc_socklist *pmc; 2561 struct inet_sock *inet = inet_sk(sk); 2562 struct ip_sf_socklist *psl; 2563 2564 ASSERT_RTNL(); 2565 2566 psin = (struct sockaddr_in *)&gsf->gf_group; 2567 if (psin->sin_family != AF_INET) 2568 return -EINVAL; 2569 addr = psin->sin_addr.s_addr; 2570 if (!ipv4_is_multicast(addr)) 2571 return -EINVAL; 2572 2573 err = -EADDRNOTAVAIL; 2574 2575 for_each_pmc_rtnl(inet, pmc) { 2576 if (pmc->multi.imr_multiaddr.s_addr == addr && 2577 pmc->multi.imr_ifindex == gsf->gf_interface) 2578 break; 2579 } 2580 if (!pmc) /* must have a prior join */ 2581 goto done; 2582 gsf->gf_fmode = pmc->sfmode; 2583 psl = rtnl_dereference(pmc->sflist); 2584 count = psl ? psl->sl_count : 0; 2585 copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc; 2586 gsf->gf_numsrc = count; 2587 if (put_user(GROUP_FILTER_SIZE(copycount), optlen) || 2588 copy_to_user(optval, gsf, GROUP_FILTER_SIZE(0))) { 2589 return -EFAULT; 2590 } 2591 for (i = 0; i < copycount; i++) { 2592 struct sockaddr_storage ss; 2593 2594 psin = (struct sockaddr_in *)&ss; 2595 memset(&ss, 0, sizeof(ss)); 2596 psin->sin_family = AF_INET; 2597 psin->sin_addr.s_addr = psl->sl_addr[i]; 2598 if (copy_to_user(&optval->gf_slist[i], &ss, sizeof(ss))) 2599 return -EFAULT; 2600 } 2601 return 0; 2602 done: 2603 return err; 2604 } 2605 2606 /* 2607 * check if a multicast source filter allows delivery for a given <src,dst,intf> 2608 */ 2609 int ip_mc_sf_allow(struct sock *sk, __be32 loc_addr, __be32 rmt_addr, 2610 int dif, int sdif) 2611 { 2612 struct inet_sock *inet = inet_sk(sk); 2613 struct ip_mc_socklist *pmc; 2614 struct ip_sf_socklist *psl; 2615 int i; 2616 int ret; 2617 2618 ret = 1; 2619 if (!ipv4_is_multicast(loc_addr)) 2620 goto out; 2621 2622 rcu_read_lock(); 2623 for_each_pmc_rcu(inet, pmc) { 2624 if (pmc->multi.imr_multiaddr.s_addr == loc_addr && 2625 (pmc->multi.imr_ifindex == dif || 2626 (sdif && pmc->multi.imr_ifindex == sdif))) 2627 break; 2628 } 2629 ret = inet->mc_all; 2630 if (!pmc) 2631 goto unlock; 2632 psl = rcu_dereference(pmc->sflist); 2633 ret = (pmc->sfmode == MCAST_EXCLUDE); 2634 if (!psl) 2635 goto unlock; 2636 2637 for (i = 0; i < psl->sl_count; i++) { 2638 if (psl->sl_addr[i] == rmt_addr) 2639 break; 2640 } 2641 ret = 0; 2642 if (pmc->sfmode == MCAST_INCLUDE && i >= psl->sl_count) 2643 goto unlock; 2644 if (pmc->sfmode == MCAST_EXCLUDE && i < psl->sl_count) 2645 goto unlock; 2646 ret = 1; 2647 unlock: 2648 rcu_read_unlock(); 2649 out: 2650 return ret; 2651 } 2652 2653 /* 2654 * A socket is closing. 2655 */ 2656 2657 void ip_mc_drop_socket(struct sock *sk) 2658 { 2659 struct inet_sock *inet = inet_sk(sk); 2660 struct ip_mc_socklist *iml; 2661 struct net *net = sock_net(sk); 2662 2663 if (!inet->mc_list) 2664 return; 2665 2666 rtnl_lock(); 2667 while ((iml = rtnl_dereference(inet->mc_list)) != NULL) { 2668 struct in_device *in_dev; 2669 2670 inet->mc_list = iml->next_rcu; 2671 in_dev = inetdev_by_index(net, iml->multi.imr_ifindex); 2672 (void) ip_mc_leave_src(sk, iml, in_dev); 2673 if (in_dev) 2674 ip_mc_dec_group(in_dev, iml->multi.imr_multiaddr.s_addr); 2675 /* decrease mem now to avoid the memleak warning */ 2676 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc); 2677 kfree_rcu(iml, rcu); 2678 } 2679 rtnl_unlock(); 2680 } 2681 2682 /* called with rcu_read_lock() */ 2683 int ip_check_mc_rcu(struct in_device *in_dev, __be32 mc_addr, __be32 src_addr, u8 proto) 2684 { 2685 struct ip_mc_list *im; 2686 struct ip_mc_list __rcu **mc_hash; 2687 struct ip_sf_list *psf; 2688 int rv = 0; 2689 2690 mc_hash = rcu_dereference(in_dev->mc_hash); 2691 if (mc_hash) { 2692 u32 hash = hash_32((__force u32)mc_addr, MC_HASH_SZ_LOG); 2693 2694 for (im = rcu_dereference(mc_hash[hash]); 2695 im != NULL; 2696 im = rcu_dereference(im->next_hash)) { 2697 if (im->multiaddr == mc_addr) 2698 break; 2699 } 2700 } else { 2701 for_each_pmc_rcu(in_dev, im) { 2702 if (im->multiaddr == mc_addr) 2703 break; 2704 } 2705 } 2706 if (im && proto == IPPROTO_IGMP) { 2707 rv = 1; 2708 } else if (im) { 2709 if (src_addr) { 2710 for (psf = im->sources; psf; psf = psf->sf_next) { 2711 if (psf->sf_inaddr == src_addr) 2712 break; 2713 } 2714 if (psf) 2715 rv = psf->sf_count[MCAST_INCLUDE] || 2716 psf->sf_count[MCAST_EXCLUDE] != 2717 im->sfcount[MCAST_EXCLUDE]; 2718 else 2719 rv = im->sfcount[MCAST_EXCLUDE] != 0; 2720 } else 2721 rv = 1; /* unspecified source; tentatively allow */ 2722 } 2723 return rv; 2724 } 2725 2726 #if defined(CONFIG_PROC_FS) 2727 struct igmp_mc_iter_state { 2728 struct seq_net_private p; 2729 struct net_device *dev; 2730 struct in_device *in_dev; 2731 }; 2732 2733 #define igmp_mc_seq_private(seq) ((struct igmp_mc_iter_state *)(seq)->private) 2734 2735 static inline struct ip_mc_list *igmp_mc_get_first(struct seq_file *seq) 2736 { 2737 struct net *net = seq_file_net(seq); 2738 struct ip_mc_list *im = NULL; 2739 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2740 2741 state->in_dev = NULL; 2742 for_each_netdev_rcu(net, state->dev) { 2743 struct in_device *in_dev; 2744 2745 in_dev = __in_dev_get_rcu(state->dev); 2746 if (!in_dev) 2747 continue; 2748 im = rcu_dereference(in_dev->mc_list); 2749 if (im) { 2750 state->in_dev = in_dev; 2751 break; 2752 } 2753 } 2754 return im; 2755 } 2756 2757 static struct ip_mc_list *igmp_mc_get_next(struct seq_file *seq, struct ip_mc_list *im) 2758 { 2759 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2760 2761 im = rcu_dereference(im->next_rcu); 2762 while (!im) { 2763 state->dev = next_net_device_rcu(state->dev); 2764 if (!state->dev) { 2765 state->in_dev = NULL; 2766 break; 2767 } 2768 state->in_dev = __in_dev_get_rcu(state->dev); 2769 if (!state->in_dev) 2770 continue; 2771 im = rcu_dereference(state->in_dev->mc_list); 2772 } 2773 return im; 2774 } 2775 2776 static struct ip_mc_list *igmp_mc_get_idx(struct seq_file *seq, loff_t pos) 2777 { 2778 struct ip_mc_list *im = igmp_mc_get_first(seq); 2779 if (im) 2780 while (pos && (im = igmp_mc_get_next(seq, im)) != NULL) 2781 --pos; 2782 return pos ? NULL : im; 2783 } 2784 2785 static void *igmp_mc_seq_start(struct seq_file *seq, loff_t *pos) 2786 __acquires(rcu) 2787 { 2788 rcu_read_lock(); 2789 return *pos ? igmp_mc_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2790 } 2791 2792 static void *igmp_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2793 { 2794 struct ip_mc_list *im; 2795 if (v == SEQ_START_TOKEN) 2796 im = igmp_mc_get_first(seq); 2797 else 2798 im = igmp_mc_get_next(seq, v); 2799 ++*pos; 2800 return im; 2801 } 2802 2803 static void igmp_mc_seq_stop(struct seq_file *seq, void *v) 2804 __releases(rcu) 2805 { 2806 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2807 2808 state->in_dev = NULL; 2809 state->dev = NULL; 2810 rcu_read_unlock(); 2811 } 2812 2813 static int igmp_mc_seq_show(struct seq_file *seq, void *v) 2814 { 2815 if (v == SEQ_START_TOKEN) 2816 seq_puts(seq, 2817 "Idx\tDevice : Count Querier\tGroup Users Timer\tReporter\n"); 2818 else { 2819 struct ip_mc_list *im = (struct ip_mc_list *)v; 2820 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2821 char *querier; 2822 long delta; 2823 2824 #ifdef CONFIG_IP_MULTICAST 2825 querier = IGMP_V1_SEEN(state->in_dev) ? "V1" : 2826 IGMP_V2_SEEN(state->in_dev) ? "V2" : 2827 "V3"; 2828 #else 2829 querier = "NONE"; 2830 #endif 2831 2832 if (rcu_access_pointer(state->in_dev->mc_list) == im) { 2833 seq_printf(seq, "%d\t%-10s: %5d %7s\n", 2834 state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); 2835 } 2836 2837 delta = im->timer.expires - jiffies; 2838 seq_printf(seq, 2839 "\t\t\t\t%08X %5d %d:%08lX\t\t%d\n", 2840 im->multiaddr, im->users, 2841 im->tm_running, 2842 im->tm_running ? jiffies_delta_to_clock_t(delta) : 0, 2843 im->reporter); 2844 } 2845 return 0; 2846 } 2847 2848 static const struct seq_operations igmp_mc_seq_ops = { 2849 .start = igmp_mc_seq_start, 2850 .next = igmp_mc_seq_next, 2851 .stop = igmp_mc_seq_stop, 2852 .show = igmp_mc_seq_show, 2853 }; 2854 2855 struct igmp_mcf_iter_state { 2856 struct seq_net_private p; 2857 struct net_device *dev; 2858 struct in_device *idev; 2859 struct ip_mc_list *im; 2860 }; 2861 2862 #define igmp_mcf_seq_private(seq) ((struct igmp_mcf_iter_state *)(seq)->private) 2863 2864 static inline struct ip_sf_list *igmp_mcf_get_first(struct seq_file *seq) 2865 { 2866 struct net *net = seq_file_net(seq); 2867 struct ip_sf_list *psf = NULL; 2868 struct ip_mc_list *im = NULL; 2869 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2870 2871 state->idev = NULL; 2872 state->im = NULL; 2873 for_each_netdev_rcu(net, state->dev) { 2874 struct in_device *idev; 2875 idev = __in_dev_get_rcu(state->dev); 2876 if (unlikely(!idev)) 2877 continue; 2878 im = rcu_dereference(idev->mc_list); 2879 if (likely(im)) { 2880 spin_lock_bh(&im->lock); 2881 psf = im->sources; 2882 if (likely(psf)) { 2883 state->im = im; 2884 state->idev = idev; 2885 break; 2886 } 2887 spin_unlock_bh(&im->lock); 2888 } 2889 } 2890 return psf; 2891 } 2892 2893 static struct ip_sf_list *igmp_mcf_get_next(struct seq_file *seq, struct ip_sf_list *psf) 2894 { 2895 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2896 2897 psf = psf->sf_next; 2898 while (!psf) { 2899 spin_unlock_bh(&state->im->lock); 2900 state->im = state->im->next; 2901 while (!state->im) { 2902 state->dev = next_net_device_rcu(state->dev); 2903 if (!state->dev) { 2904 state->idev = NULL; 2905 goto out; 2906 } 2907 state->idev = __in_dev_get_rcu(state->dev); 2908 if (!state->idev) 2909 continue; 2910 state->im = rcu_dereference(state->idev->mc_list); 2911 } 2912 if (!state->im) 2913 break; 2914 spin_lock_bh(&state->im->lock); 2915 psf = state->im->sources; 2916 } 2917 out: 2918 return psf; 2919 } 2920 2921 static struct ip_sf_list *igmp_mcf_get_idx(struct seq_file *seq, loff_t pos) 2922 { 2923 struct ip_sf_list *psf = igmp_mcf_get_first(seq); 2924 if (psf) 2925 while (pos && (psf = igmp_mcf_get_next(seq, psf)) != NULL) 2926 --pos; 2927 return pos ? NULL : psf; 2928 } 2929 2930 static void *igmp_mcf_seq_start(struct seq_file *seq, loff_t *pos) 2931 __acquires(rcu) 2932 { 2933 rcu_read_lock(); 2934 return *pos ? igmp_mcf_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2935 } 2936 2937 static void *igmp_mcf_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2938 { 2939 struct ip_sf_list *psf; 2940 if (v == SEQ_START_TOKEN) 2941 psf = igmp_mcf_get_first(seq); 2942 else 2943 psf = igmp_mcf_get_next(seq, v); 2944 ++*pos; 2945 return psf; 2946 } 2947 2948 static void igmp_mcf_seq_stop(struct seq_file *seq, void *v) 2949 __releases(rcu) 2950 { 2951 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2952 if (likely(state->im)) { 2953 spin_unlock_bh(&state->im->lock); 2954 state->im = NULL; 2955 } 2956 state->idev = NULL; 2957 state->dev = NULL; 2958 rcu_read_unlock(); 2959 } 2960 2961 static int igmp_mcf_seq_show(struct seq_file *seq, void *v) 2962 { 2963 struct ip_sf_list *psf = (struct ip_sf_list *)v; 2964 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2965 2966 if (v == SEQ_START_TOKEN) { 2967 seq_puts(seq, "Idx Device MCA SRC INC EXC\n"); 2968 } else { 2969 seq_printf(seq, 2970 "%3d %6.6s 0x%08x " 2971 "0x%08x %6lu %6lu\n", 2972 state->dev->ifindex, state->dev->name, 2973 ntohl(state->im->multiaddr), 2974 ntohl(psf->sf_inaddr), 2975 psf->sf_count[MCAST_INCLUDE], 2976 psf->sf_count[MCAST_EXCLUDE]); 2977 } 2978 return 0; 2979 } 2980 2981 static const struct seq_operations igmp_mcf_seq_ops = { 2982 .start = igmp_mcf_seq_start, 2983 .next = igmp_mcf_seq_next, 2984 .stop = igmp_mcf_seq_stop, 2985 .show = igmp_mcf_seq_show, 2986 }; 2987 2988 static int __net_init igmp_net_init(struct net *net) 2989 { 2990 struct proc_dir_entry *pde; 2991 int err; 2992 2993 pde = proc_create_net("igmp", 0444, net->proc_net, &igmp_mc_seq_ops, 2994 sizeof(struct igmp_mc_iter_state)); 2995 if (!pde) 2996 goto out_igmp; 2997 pde = proc_create_net("mcfilter", 0444, net->proc_net, 2998 &igmp_mcf_seq_ops, sizeof(struct igmp_mcf_iter_state)); 2999 if (!pde) 3000 goto out_mcfilter; 3001 err = inet_ctl_sock_create(&net->ipv4.mc_autojoin_sk, AF_INET, 3002 SOCK_DGRAM, 0, net); 3003 if (err < 0) { 3004 pr_err("Failed to initialize the IGMP autojoin socket (err %d)\n", 3005 err); 3006 goto out_sock; 3007 } 3008 3009 return 0; 3010 3011 out_sock: 3012 remove_proc_entry("mcfilter", net->proc_net); 3013 out_mcfilter: 3014 remove_proc_entry("igmp", net->proc_net); 3015 out_igmp: 3016 return -ENOMEM; 3017 } 3018 3019 static void __net_exit igmp_net_exit(struct net *net) 3020 { 3021 remove_proc_entry("mcfilter", net->proc_net); 3022 remove_proc_entry("igmp", net->proc_net); 3023 inet_ctl_sock_destroy(net->ipv4.mc_autojoin_sk); 3024 } 3025 3026 static struct pernet_operations igmp_net_ops = { 3027 .init = igmp_net_init, 3028 .exit = igmp_net_exit, 3029 }; 3030 #endif 3031 3032 static int igmp_netdev_event(struct notifier_block *this, 3033 unsigned long event, void *ptr) 3034 { 3035 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 3036 struct in_device *in_dev; 3037 3038 switch (event) { 3039 case NETDEV_RESEND_IGMP: 3040 in_dev = __in_dev_get_rtnl(dev); 3041 if (in_dev) 3042 ip_mc_rejoin_groups(in_dev); 3043 break; 3044 default: 3045 break; 3046 } 3047 return NOTIFY_DONE; 3048 } 3049 3050 static struct notifier_block igmp_notifier = { 3051 .notifier_call = igmp_netdev_event, 3052 }; 3053 3054 int __init igmp_mc_init(void) 3055 { 3056 #if defined(CONFIG_PROC_FS) 3057 int err; 3058 3059 err = register_pernet_subsys(&igmp_net_ops); 3060 if (err) 3061 return err; 3062 err = register_netdevice_notifier(&igmp_notifier); 3063 if (err) 3064 goto reg_notif_fail; 3065 return 0; 3066 3067 reg_notif_fail: 3068 unregister_pernet_subsys(&igmp_net_ops); 3069 return err; 3070 #else 3071 return register_netdevice_notifier(&igmp_notifier); 3072 #endif 3073 } 3074