1 /* 2 * Linux NET3: Internet Group Management Protocol [IGMP] 3 * 4 * This code implements the IGMP protocol as defined in RFC1112. There has 5 * been a further revision of this protocol since which is now supported. 6 * 7 * If you have trouble with this module be careful what gcc you have used, 8 * the older version didn't come out right using gcc 2.5.8, the newer one 9 * seems to fall out with gcc 2.6.2. 10 * 11 * Authors: 12 * Alan Cox <alan@lxorguk.ukuu.org.uk> 13 * 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License 16 * as published by the Free Software Foundation; either version 17 * 2 of the License, or (at your option) any later version. 18 * 19 * Fixes: 20 * 21 * Alan Cox : Added lots of __inline__ to optimise 22 * the memory usage of all the tiny little 23 * functions. 24 * Alan Cox : Dumped the header building experiment. 25 * Alan Cox : Minor tweaks ready for multicast routing 26 * and extended IGMP protocol. 27 * Alan Cox : Removed a load of inline directives. Gcc 2.5.8 28 * writes utterly bogus code otherwise (sigh) 29 * fixed IGMP loopback to behave in the manner 30 * desired by mrouted, fixed the fact it has been 31 * broken since 1.3.6 and cleaned up a few minor 32 * points. 33 * 34 * Chih-Jen Chang : Tried to revise IGMP to Version 2 35 * Tsu-Sheng Tsao E-mail: chihjenc@scf.usc.edu and tsusheng@scf.usc.edu 36 * The enhancements are mainly based on Steve Deering's 37 * ipmulti-3.5 source code. 38 * Chih-Jen Chang : Added the igmp_get_mrouter_info and 39 * Tsu-Sheng Tsao igmp_set_mrouter_info to keep track of 40 * the mrouted version on that device. 41 * Chih-Jen Chang : Added the max_resp_time parameter to 42 * Tsu-Sheng Tsao igmp_heard_query(). Using this parameter 43 * to identify the multicast router version 44 * and do what the IGMP version 2 specified. 45 * Chih-Jen Chang : Added a timer to revert to IGMP V2 router 46 * Tsu-Sheng Tsao if the specified time expired. 47 * Alan Cox : Stop IGMP from 0.0.0.0 being accepted. 48 * Alan Cox : Use GFP_ATOMIC in the right places. 49 * Christian Daudt : igmp timer wasn't set for local group 50 * memberships but was being deleted, 51 * which caused a "del_timer() called 52 * from %p with timer not initialized\n" 53 * message (960131). 54 * Christian Daudt : removed del_timer from 55 * igmp_timer_expire function (960205). 56 * Christian Daudt : igmp_heard_report now only calls 57 * igmp_timer_expire if tm->running is 58 * true (960216). 59 * Malcolm Beattie : ttl comparison wrong in igmp_rcv made 60 * igmp_heard_query never trigger. Expiry 61 * miscalculation fixed in igmp_heard_query 62 * and random() made to return unsigned to 63 * prevent negative expiry times. 64 * Alexey Kuznetsov: Wrong group leaving behaviour, backport 65 * fix from pending 2.1.x patches. 66 * Alan Cox: Forget to enable FDDI support earlier. 67 * Alexey Kuznetsov: Fixed leaving groups on device down. 68 * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. 69 * David L Stevens: IGMPv3 support, with help from 70 * Vinay Kulkarni 71 */ 72 73 #include <linux/module.h> 74 #include <linux/slab.h> 75 #include <linux/uaccess.h> 76 #include <linux/types.h> 77 #include <linux/kernel.h> 78 #include <linux/jiffies.h> 79 #include <linux/string.h> 80 #include <linux/socket.h> 81 #include <linux/sockios.h> 82 #include <linux/in.h> 83 #include <linux/inet.h> 84 #include <linux/netdevice.h> 85 #include <linux/skbuff.h> 86 #include <linux/inetdevice.h> 87 #include <linux/igmp.h> 88 #include <linux/if_arp.h> 89 #include <linux/rtnetlink.h> 90 #include <linux/times.h> 91 #include <linux/pkt_sched.h> 92 93 #include <net/net_namespace.h> 94 #include <net/arp.h> 95 #include <net/ip.h> 96 #include <net/protocol.h> 97 #include <net/route.h> 98 #include <net/sock.h> 99 #include <net/checksum.h> 100 #include <net/inet_common.h> 101 #include <linux/netfilter_ipv4.h> 102 #ifdef CONFIG_IP_MROUTE 103 #include <linux/mroute.h> 104 #endif 105 #ifdef CONFIG_PROC_FS 106 #include <linux/proc_fs.h> 107 #include <linux/seq_file.h> 108 #endif 109 110 #ifdef CONFIG_IP_MULTICAST 111 /* Parameter names and values are taken from igmp-v2-06 draft */ 112 113 #define IGMP_V1_ROUTER_PRESENT_TIMEOUT (400*HZ) 114 #define IGMP_V2_ROUTER_PRESENT_TIMEOUT (400*HZ) 115 #define IGMP_V2_UNSOLICITED_REPORT_INTERVAL (10*HZ) 116 #define IGMP_V3_UNSOLICITED_REPORT_INTERVAL (1*HZ) 117 #define IGMP_QUERY_RESPONSE_INTERVAL (10*HZ) 118 #define IGMP_QUERY_ROBUSTNESS_VARIABLE 2 119 120 121 #define IGMP_INITIAL_REPORT_DELAY (1) 122 123 /* IGMP_INITIAL_REPORT_DELAY is not from IGMP specs! 124 * IGMP specs require to report membership immediately after 125 * joining a group, but we delay the first report by a 126 * small interval. It seems more natural and still does not 127 * contradict to specs provided this delay is small enough. 128 */ 129 130 #define IGMP_V1_SEEN(in_dev) \ 131 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 1 || \ 132 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 1 || \ 133 ((in_dev)->mr_v1_seen && \ 134 time_before(jiffies, (in_dev)->mr_v1_seen))) 135 #define IGMP_V2_SEEN(in_dev) \ 136 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 2 || \ 137 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 2 || \ 138 ((in_dev)->mr_v2_seen && \ 139 time_before(jiffies, (in_dev)->mr_v2_seen))) 140 141 static int unsolicited_report_interval(struct in_device *in_dev) 142 { 143 int interval_ms, interval_jiffies; 144 145 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) 146 interval_ms = IN_DEV_CONF_GET( 147 in_dev, 148 IGMPV2_UNSOLICITED_REPORT_INTERVAL); 149 else /* v3 */ 150 interval_ms = IN_DEV_CONF_GET( 151 in_dev, 152 IGMPV3_UNSOLICITED_REPORT_INTERVAL); 153 154 interval_jiffies = msecs_to_jiffies(interval_ms); 155 156 /* _timer functions can't handle a delay of 0 jiffies so ensure 157 * we always return a positive value. 158 */ 159 if (interval_jiffies <= 0) 160 interval_jiffies = 1; 161 return interval_jiffies; 162 } 163 164 static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im); 165 static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im); 166 static void igmpv3_clear_delrec(struct in_device *in_dev); 167 static int sf_setstate(struct ip_mc_list *pmc); 168 static void sf_markstate(struct ip_mc_list *pmc); 169 #endif 170 static void ip_mc_clear_src(struct ip_mc_list *pmc); 171 static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 172 int sfcount, __be32 *psfsrc, int delta); 173 174 static void ip_ma_put(struct ip_mc_list *im) 175 { 176 if (refcount_dec_and_test(&im->refcnt)) { 177 in_dev_put(im->interface); 178 kfree_rcu(im, rcu); 179 } 180 } 181 182 #define for_each_pmc_rcu(in_dev, pmc) \ 183 for (pmc = rcu_dereference(in_dev->mc_list); \ 184 pmc != NULL; \ 185 pmc = rcu_dereference(pmc->next_rcu)) 186 187 #define for_each_pmc_rtnl(in_dev, pmc) \ 188 for (pmc = rtnl_dereference(in_dev->mc_list); \ 189 pmc != NULL; \ 190 pmc = rtnl_dereference(pmc->next_rcu)) 191 192 #ifdef CONFIG_IP_MULTICAST 193 194 /* 195 * Timer management 196 */ 197 198 static void igmp_stop_timer(struct ip_mc_list *im) 199 { 200 spin_lock_bh(&im->lock); 201 if (del_timer(&im->timer)) 202 refcount_dec(&im->refcnt); 203 im->tm_running = 0; 204 im->reporter = 0; 205 im->unsolicit_count = 0; 206 spin_unlock_bh(&im->lock); 207 } 208 209 /* It must be called with locked im->lock */ 210 static void igmp_start_timer(struct ip_mc_list *im, int max_delay) 211 { 212 int tv = prandom_u32() % max_delay; 213 214 im->tm_running = 1; 215 if (!mod_timer(&im->timer, jiffies+tv+2)) 216 refcount_inc(&im->refcnt); 217 } 218 219 static void igmp_gq_start_timer(struct in_device *in_dev) 220 { 221 int tv = prandom_u32() % in_dev->mr_maxdelay; 222 unsigned long exp = jiffies + tv + 2; 223 224 if (in_dev->mr_gq_running && 225 time_after_eq(exp, (in_dev->mr_gq_timer).expires)) 226 return; 227 228 in_dev->mr_gq_running = 1; 229 if (!mod_timer(&in_dev->mr_gq_timer, exp)) 230 in_dev_hold(in_dev); 231 } 232 233 static void igmp_ifc_start_timer(struct in_device *in_dev, int delay) 234 { 235 int tv = prandom_u32() % delay; 236 237 if (!mod_timer(&in_dev->mr_ifc_timer, jiffies+tv+2)) 238 in_dev_hold(in_dev); 239 } 240 241 static void igmp_mod_timer(struct ip_mc_list *im, int max_delay) 242 { 243 spin_lock_bh(&im->lock); 244 im->unsolicit_count = 0; 245 if (del_timer(&im->timer)) { 246 if ((long)(im->timer.expires-jiffies) < max_delay) { 247 add_timer(&im->timer); 248 im->tm_running = 1; 249 spin_unlock_bh(&im->lock); 250 return; 251 } 252 refcount_dec(&im->refcnt); 253 } 254 igmp_start_timer(im, max_delay); 255 spin_unlock_bh(&im->lock); 256 } 257 258 259 /* 260 * Send an IGMP report. 261 */ 262 263 #define IGMP_SIZE (sizeof(struct igmphdr)+sizeof(struct iphdr)+4) 264 265 266 static int is_in(struct ip_mc_list *pmc, struct ip_sf_list *psf, int type, 267 int gdeleted, int sdeleted) 268 { 269 switch (type) { 270 case IGMPV3_MODE_IS_INCLUDE: 271 case IGMPV3_MODE_IS_EXCLUDE: 272 if (gdeleted || sdeleted) 273 return 0; 274 if (!(pmc->gsquery && !psf->sf_gsresp)) { 275 if (pmc->sfmode == MCAST_INCLUDE) 276 return 1; 277 /* don't include if this source is excluded 278 * in all filters 279 */ 280 if (psf->sf_count[MCAST_INCLUDE]) 281 return type == IGMPV3_MODE_IS_INCLUDE; 282 return pmc->sfcount[MCAST_EXCLUDE] == 283 psf->sf_count[MCAST_EXCLUDE]; 284 } 285 return 0; 286 case IGMPV3_CHANGE_TO_INCLUDE: 287 if (gdeleted || sdeleted) 288 return 0; 289 return psf->sf_count[MCAST_INCLUDE] != 0; 290 case IGMPV3_CHANGE_TO_EXCLUDE: 291 if (gdeleted || sdeleted) 292 return 0; 293 if (pmc->sfcount[MCAST_EXCLUDE] == 0 || 294 psf->sf_count[MCAST_INCLUDE]) 295 return 0; 296 return pmc->sfcount[MCAST_EXCLUDE] == 297 psf->sf_count[MCAST_EXCLUDE]; 298 case IGMPV3_ALLOW_NEW_SOURCES: 299 if (gdeleted || !psf->sf_crcount) 300 return 0; 301 return (pmc->sfmode == MCAST_INCLUDE) ^ sdeleted; 302 case IGMPV3_BLOCK_OLD_SOURCES: 303 if (pmc->sfmode == MCAST_INCLUDE) 304 return gdeleted || (psf->sf_crcount && sdeleted); 305 return psf->sf_crcount && !gdeleted && !sdeleted; 306 } 307 return 0; 308 } 309 310 static int 311 igmp_scount(struct ip_mc_list *pmc, int type, int gdeleted, int sdeleted) 312 { 313 struct ip_sf_list *psf; 314 int scount = 0; 315 316 for (psf = pmc->sources; psf; psf = psf->sf_next) { 317 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) 318 continue; 319 scount++; 320 } 321 return scount; 322 } 323 324 static struct sk_buff *igmpv3_newpack(struct net_device *dev, unsigned int mtu) 325 { 326 struct sk_buff *skb; 327 struct rtable *rt; 328 struct iphdr *pip; 329 struct igmpv3_report *pig; 330 struct net *net = dev_net(dev); 331 struct flowi4 fl4; 332 int hlen = LL_RESERVED_SPACE(dev); 333 int tlen = dev->needed_tailroom; 334 unsigned int size = mtu; 335 336 while (1) { 337 skb = alloc_skb(size + hlen + tlen, 338 GFP_ATOMIC | __GFP_NOWARN); 339 if (skb) 340 break; 341 size >>= 1; 342 if (size < 256) 343 return NULL; 344 } 345 skb->priority = TC_PRIO_CONTROL; 346 347 rt = ip_route_output_ports(net, &fl4, NULL, IGMPV3_ALL_MCR, 0, 348 0, 0, 349 IPPROTO_IGMP, 0, dev->ifindex); 350 if (IS_ERR(rt)) { 351 kfree_skb(skb); 352 return NULL; 353 } 354 355 skb_dst_set(skb, &rt->dst); 356 skb->dev = dev; 357 358 skb_reserve(skb, hlen); 359 skb_tailroom_reserve(skb, mtu, tlen); 360 361 skb_reset_network_header(skb); 362 pip = ip_hdr(skb); 363 skb_put(skb, sizeof(struct iphdr) + 4); 364 365 pip->version = 4; 366 pip->ihl = (sizeof(struct iphdr)+4)>>2; 367 pip->tos = 0xc0; 368 pip->frag_off = htons(IP_DF); 369 pip->ttl = 1; 370 pip->daddr = fl4.daddr; 371 pip->saddr = fl4.saddr; 372 pip->protocol = IPPROTO_IGMP; 373 pip->tot_len = 0; /* filled in later */ 374 ip_select_ident(net, skb, NULL); 375 ((u8 *)&pip[1])[0] = IPOPT_RA; 376 ((u8 *)&pip[1])[1] = 4; 377 ((u8 *)&pip[1])[2] = 0; 378 ((u8 *)&pip[1])[3] = 0; 379 380 skb->transport_header = skb->network_header + sizeof(struct iphdr) + 4; 381 skb_put(skb, sizeof(*pig)); 382 pig = igmpv3_report_hdr(skb); 383 pig->type = IGMPV3_HOST_MEMBERSHIP_REPORT; 384 pig->resv1 = 0; 385 pig->csum = 0; 386 pig->resv2 = 0; 387 pig->ngrec = 0; 388 return skb; 389 } 390 391 static int igmpv3_sendpack(struct sk_buff *skb) 392 { 393 struct igmphdr *pig = igmp_hdr(skb); 394 const int igmplen = skb_tail_pointer(skb) - skb_transport_header(skb); 395 396 pig->csum = ip_compute_csum(igmp_hdr(skb), igmplen); 397 398 return ip_local_out(dev_net(skb_dst(skb)->dev), skb->sk, skb); 399 } 400 401 static int grec_size(struct ip_mc_list *pmc, int type, int gdel, int sdel) 402 { 403 return sizeof(struct igmpv3_grec) + 4*igmp_scount(pmc, type, gdel, sdel); 404 } 405 406 static struct sk_buff *add_grhead(struct sk_buff *skb, struct ip_mc_list *pmc, 407 int type, struct igmpv3_grec **ppgr) 408 { 409 struct net_device *dev = pmc->interface->dev; 410 struct igmpv3_report *pih; 411 struct igmpv3_grec *pgr; 412 413 if (!skb) 414 skb = igmpv3_newpack(dev, dev->mtu); 415 if (!skb) 416 return NULL; 417 pgr = skb_put(skb, sizeof(struct igmpv3_grec)); 418 pgr->grec_type = type; 419 pgr->grec_auxwords = 0; 420 pgr->grec_nsrcs = 0; 421 pgr->grec_mca = pmc->multiaddr; 422 pih = igmpv3_report_hdr(skb); 423 pih->ngrec = htons(ntohs(pih->ngrec)+1); 424 *ppgr = pgr; 425 return skb; 426 } 427 428 #define AVAILABLE(skb) ((skb) ? skb_availroom(skb) : 0) 429 430 static struct sk_buff *add_grec(struct sk_buff *skb, struct ip_mc_list *pmc, 431 int type, int gdeleted, int sdeleted) 432 { 433 struct net_device *dev = pmc->interface->dev; 434 struct net *net = dev_net(dev); 435 struct igmpv3_report *pih; 436 struct igmpv3_grec *pgr = NULL; 437 struct ip_sf_list *psf, *psf_next, *psf_prev, **psf_list; 438 int scount, stotal, first, isquery, truncate; 439 440 if (pmc->multiaddr == IGMP_ALL_HOSTS) 441 return skb; 442 if (ipv4_is_local_multicast(pmc->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 443 return skb; 444 445 isquery = type == IGMPV3_MODE_IS_INCLUDE || 446 type == IGMPV3_MODE_IS_EXCLUDE; 447 truncate = type == IGMPV3_MODE_IS_EXCLUDE || 448 type == IGMPV3_CHANGE_TO_EXCLUDE; 449 450 stotal = scount = 0; 451 452 psf_list = sdeleted ? &pmc->tomb : &pmc->sources; 453 454 if (!*psf_list) 455 goto empty_source; 456 457 pih = skb ? igmpv3_report_hdr(skb) : NULL; 458 459 /* EX and TO_EX get a fresh packet, if needed */ 460 if (truncate) { 461 if (pih && pih->ngrec && 462 AVAILABLE(skb) < grec_size(pmc, type, gdeleted, sdeleted)) { 463 if (skb) 464 igmpv3_sendpack(skb); 465 skb = igmpv3_newpack(dev, dev->mtu); 466 } 467 } 468 first = 1; 469 psf_prev = NULL; 470 for (psf = *psf_list; psf; psf = psf_next) { 471 __be32 *psrc; 472 473 psf_next = psf->sf_next; 474 475 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) { 476 psf_prev = psf; 477 continue; 478 } 479 480 /* Based on RFC3376 5.1. Should not send source-list change 481 * records when there is a filter mode change. 482 */ 483 if (((gdeleted && pmc->sfmode == MCAST_EXCLUDE) || 484 (!gdeleted && pmc->crcount)) && 485 (type == IGMPV3_ALLOW_NEW_SOURCES || 486 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) 487 goto decrease_sf_crcount; 488 489 /* clear marks on query responses */ 490 if (isquery) 491 psf->sf_gsresp = 0; 492 493 if (AVAILABLE(skb) < sizeof(__be32) + 494 first*sizeof(struct igmpv3_grec)) { 495 if (truncate && !first) 496 break; /* truncate these */ 497 if (pgr) 498 pgr->grec_nsrcs = htons(scount); 499 if (skb) 500 igmpv3_sendpack(skb); 501 skb = igmpv3_newpack(dev, dev->mtu); 502 first = 1; 503 scount = 0; 504 } 505 if (first) { 506 skb = add_grhead(skb, pmc, type, &pgr); 507 first = 0; 508 } 509 if (!skb) 510 return NULL; 511 psrc = skb_put(skb, sizeof(__be32)); 512 *psrc = psf->sf_inaddr; 513 scount++; stotal++; 514 if ((type == IGMPV3_ALLOW_NEW_SOURCES || 515 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) { 516 decrease_sf_crcount: 517 psf->sf_crcount--; 518 if ((sdeleted || gdeleted) && psf->sf_crcount == 0) { 519 if (psf_prev) 520 psf_prev->sf_next = psf->sf_next; 521 else 522 *psf_list = psf->sf_next; 523 kfree(psf); 524 continue; 525 } 526 } 527 psf_prev = psf; 528 } 529 530 empty_source: 531 if (!stotal) { 532 if (type == IGMPV3_ALLOW_NEW_SOURCES || 533 type == IGMPV3_BLOCK_OLD_SOURCES) 534 return skb; 535 if (pmc->crcount || isquery) { 536 /* make sure we have room for group header */ 537 if (skb && AVAILABLE(skb) < sizeof(struct igmpv3_grec)) { 538 igmpv3_sendpack(skb); 539 skb = NULL; /* add_grhead will get a new one */ 540 } 541 skb = add_grhead(skb, pmc, type, &pgr); 542 } 543 } 544 if (pgr) 545 pgr->grec_nsrcs = htons(scount); 546 547 if (isquery) 548 pmc->gsquery = 0; /* clear query state on report */ 549 return skb; 550 } 551 552 static int igmpv3_send_report(struct in_device *in_dev, struct ip_mc_list *pmc) 553 { 554 struct sk_buff *skb = NULL; 555 struct net *net = dev_net(in_dev->dev); 556 int type; 557 558 if (!pmc) { 559 rcu_read_lock(); 560 for_each_pmc_rcu(in_dev, pmc) { 561 if (pmc->multiaddr == IGMP_ALL_HOSTS) 562 continue; 563 if (ipv4_is_local_multicast(pmc->multiaddr) && 564 !net->ipv4.sysctl_igmp_llm_reports) 565 continue; 566 spin_lock_bh(&pmc->lock); 567 if (pmc->sfcount[MCAST_EXCLUDE]) 568 type = IGMPV3_MODE_IS_EXCLUDE; 569 else 570 type = IGMPV3_MODE_IS_INCLUDE; 571 skb = add_grec(skb, pmc, type, 0, 0); 572 spin_unlock_bh(&pmc->lock); 573 } 574 rcu_read_unlock(); 575 } else { 576 spin_lock_bh(&pmc->lock); 577 if (pmc->sfcount[MCAST_EXCLUDE]) 578 type = IGMPV3_MODE_IS_EXCLUDE; 579 else 580 type = IGMPV3_MODE_IS_INCLUDE; 581 skb = add_grec(skb, pmc, type, 0, 0); 582 spin_unlock_bh(&pmc->lock); 583 } 584 if (!skb) 585 return 0; 586 return igmpv3_sendpack(skb); 587 } 588 589 /* 590 * remove zero-count source records from a source filter list 591 */ 592 static void igmpv3_clear_zeros(struct ip_sf_list **ppsf) 593 { 594 struct ip_sf_list *psf_prev, *psf_next, *psf; 595 596 psf_prev = NULL; 597 for (psf = *ppsf; psf; psf = psf_next) { 598 psf_next = psf->sf_next; 599 if (psf->sf_crcount == 0) { 600 if (psf_prev) 601 psf_prev->sf_next = psf->sf_next; 602 else 603 *ppsf = psf->sf_next; 604 kfree(psf); 605 } else 606 psf_prev = psf; 607 } 608 } 609 610 static void igmpv3_send_cr(struct in_device *in_dev) 611 { 612 struct ip_mc_list *pmc, *pmc_prev, *pmc_next; 613 struct sk_buff *skb = NULL; 614 int type, dtype; 615 616 rcu_read_lock(); 617 spin_lock_bh(&in_dev->mc_tomb_lock); 618 619 /* deleted MCA's */ 620 pmc_prev = NULL; 621 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc_next) { 622 pmc_next = pmc->next; 623 if (pmc->sfmode == MCAST_INCLUDE) { 624 type = IGMPV3_BLOCK_OLD_SOURCES; 625 dtype = IGMPV3_BLOCK_OLD_SOURCES; 626 skb = add_grec(skb, pmc, type, 1, 0); 627 skb = add_grec(skb, pmc, dtype, 1, 1); 628 } 629 if (pmc->crcount) { 630 if (pmc->sfmode == MCAST_EXCLUDE) { 631 type = IGMPV3_CHANGE_TO_INCLUDE; 632 skb = add_grec(skb, pmc, type, 1, 0); 633 } 634 pmc->crcount--; 635 if (pmc->crcount == 0) { 636 igmpv3_clear_zeros(&pmc->tomb); 637 igmpv3_clear_zeros(&pmc->sources); 638 } 639 } 640 if (pmc->crcount == 0 && !pmc->tomb && !pmc->sources) { 641 if (pmc_prev) 642 pmc_prev->next = pmc_next; 643 else 644 in_dev->mc_tomb = pmc_next; 645 in_dev_put(pmc->interface); 646 kfree(pmc); 647 } else 648 pmc_prev = pmc; 649 } 650 spin_unlock_bh(&in_dev->mc_tomb_lock); 651 652 /* change recs */ 653 for_each_pmc_rcu(in_dev, pmc) { 654 spin_lock_bh(&pmc->lock); 655 if (pmc->sfcount[MCAST_EXCLUDE]) { 656 type = IGMPV3_BLOCK_OLD_SOURCES; 657 dtype = IGMPV3_ALLOW_NEW_SOURCES; 658 } else { 659 type = IGMPV3_ALLOW_NEW_SOURCES; 660 dtype = IGMPV3_BLOCK_OLD_SOURCES; 661 } 662 skb = add_grec(skb, pmc, type, 0, 0); 663 skb = add_grec(skb, pmc, dtype, 0, 1); /* deleted sources */ 664 665 /* filter mode changes */ 666 if (pmc->crcount) { 667 if (pmc->sfmode == MCAST_EXCLUDE) 668 type = IGMPV3_CHANGE_TO_EXCLUDE; 669 else 670 type = IGMPV3_CHANGE_TO_INCLUDE; 671 skb = add_grec(skb, pmc, type, 0, 0); 672 pmc->crcount--; 673 } 674 spin_unlock_bh(&pmc->lock); 675 } 676 rcu_read_unlock(); 677 678 if (!skb) 679 return; 680 (void) igmpv3_sendpack(skb); 681 } 682 683 static int igmp_send_report(struct in_device *in_dev, struct ip_mc_list *pmc, 684 int type) 685 { 686 struct sk_buff *skb; 687 struct iphdr *iph; 688 struct igmphdr *ih; 689 struct rtable *rt; 690 struct net_device *dev = in_dev->dev; 691 struct net *net = dev_net(dev); 692 __be32 group = pmc ? pmc->multiaddr : 0; 693 struct flowi4 fl4; 694 __be32 dst; 695 int hlen, tlen; 696 697 if (type == IGMPV3_HOST_MEMBERSHIP_REPORT) 698 return igmpv3_send_report(in_dev, pmc); 699 700 if (ipv4_is_local_multicast(group) && !net->ipv4.sysctl_igmp_llm_reports) 701 return 0; 702 703 if (type == IGMP_HOST_LEAVE_MESSAGE) 704 dst = IGMP_ALL_ROUTER; 705 else 706 dst = group; 707 708 rt = ip_route_output_ports(net, &fl4, NULL, dst, 0, 709 0, 0, 710 IPPROTO_IGMP, 0, dev->ifindex); 711 if (IS_ERR(rt)) 712 return -1; 713 714 hlen = LL_RESERVED_SPACE(dev); 715 tlen = dev->needed_tailroom; 716 skb = alloc_skb(IGMP_SIZE + hlen + tlen, GFP_ATOMIC); 717 if (!skb) { 718 ip_rt_put(rt); 719 return -1; 720 } 721 skb->priority = TC_PRIO_CONTROL; 722 723 skb_dst_set(skb, &rt->dst); 724 725 skb_reserve(skb, hlen); 726 727 skb_reset_network_header(skb); 728 iph = ip_hdr(skb); 729 skb_put(skb, sizeof(struct iphdr) + 4); 730 731 iph->version = 4; 732 iph->ihl = (sizeof(struct iphdr)+4)>>2; 733 iph->tos = 0xc0; 734 iph->frag_off = htons(IP_DF); 735 iph->ttl = 1; 736 iph->daddr = dst; 737 iph->saddr = fl4.saddr; 738 iph->protocol = IPPROTO_IGMP; 739 ip_select_ident(net, skb, NULL); 740 ((u8 *)&iph[1])[0] = IPOPT_RA; 741 ((u8 *)&iph[1])[1] = 4; 742 ((u8 *)&iph[1])[2] = 0; 743 ((u8 *)&iph[1])[3] = 0; 744 745 ih = skb_put(skb, sizeof(struct igmphdr)); 746 ih->type = type; 747 ih->code = 0; 748 ih->csum = 0; 749 ih->group = group; 750 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr)); 751 752 return ip_local_out(net, skb->sk, skb); 753 } 754 755 static void igmp_gq_timer_expire(struct timer_list *t) 756 { 757 struct in_device *in_dev = from_timer(in_dev, t, mr_gq_timer); 758 759 in_dev->mr_gq_running = 0; 760 igmpv3_send_report(in_dev, NULL); 761 in_dev_put(in_dev); 762 } 763 764 static void igmp_ifc_timer_expire(struct timer_list *t) 765 { 766 struct in_device *in_dev = from_timer(in_dev, t, mr_ifc_timer); 767 768 igmpv3_send_cr(in_dev); 769 if (in_dev->mr_ifc_count) { 770 in_dev->mr_ifc_count--; 771 igmp_ifc_start_timer(in_dev, 772 unsolicited_report_interval(in_dev)); 773 } 774 in_dev_put(in_dev); 775 } 776 777 static void igmp_ifc_event(struct in_device *in_dev) 778 { 779 struct net *net = dev_net(in_dev->dev); 780 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) 781 return; 782 in_dev->mr_ifc_count = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 783 igmp_ifc_start_timer(in_dev, 1); 784 } 785 786 787 static void igmp_timer_expire(struct timer_list *t) 788 { 789 struct ip_mc_list *im = from_timer(im, t, timer); 790 struct in_device *in_dev = im->interface; 791 792 spin_lock(&im->lock); 793 im->tm_running = 0; 794 795 if (im->unsolicit_count) { 796 im->unsolicit_count--; 797 igmp_start_timer(im, unsolicited_report_interval(in_dev)); 798 } 799 im->reporter = 1; 800 spin_unlock(&im->lock); 801 802 if (IGMP_V1_SEEN(in_dev)) 803 igmp_send_report(in_dev, im, IGMP_HOST_MEMBERSHIP_REPORT); 804 else if (IGMP_V2_SEEN(in_dev)) 805 igmp_send_report(in_dev, im, IGMPV2_HOST_MEMBERSHIP_REPORT); 806 else 807 igmp_send_report(in_dev, im, IGMPV3_HOST_MEMBERSHIP_REPORT); 808 809 ip_ma_put(im); 810 } 811 812 /* mark EXCLUDE-mode sources */ 813 static int igmp_xmarksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs) 814 { 815 struct ip_sf_list *psf; 816 int i, scount; 817 818 scount = 0; 819 for (psf = pmc->sources; psf; psf = psf->sf_next) { 820 if (scount == nsrcs) 821 break; 822 for (i = 0; i < nsrcs; i++) { 823 /* skip inactive filters */ 824 if (psf->sf_count[MCAST_INCLUDE] || 825 pmc->sfcount[MCAST_EXCLUDE] != 826 psf->sf_count[MCAST_EXCLUDE]) 827 break; 828 if (srcs[i] == psf->sf_inaddr) { 829 scount++; 830 break; 831 } 832 } 833 } 834 pmc->gsquery = 0; 835 if (scount == nsrcs) /* all sources excluded */ 836 return 0; 837 return 1; 838 } 839 840 static int igmp_marksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs) 841 { 842 struct ip_sf_list *psf; 843 int i, scount; 844 845 if (pmc->sfmode == MCAST_EXCLUDE) 846 return igmp_xmarksources(pmc, nsrcs, srcs); 847 848 /* mark INCLUDE-mode sources */ 849 scount = 0; 850 for (psf = pmc->sources; psf; psf = psf->sf_next) { 851 if (scount == nsrcs) 852 break; 853 for (i = 0; i < nsrcs; i++) 854 if (srcs[i] == psf->sf_inaddr) { 855 psf->sf_gsresp = 1; 856 scount++; 857 break; 858 } 859 } 860 if (!scount) { 861 pmc->gsquery = 0; 862 return 0; 863 } 864 pmc->gsquery = 1; 865 return 1; 866 } 867 868 /* return true if packet was dropped */ 869 static bool igmp_heard_report(struct in_device *in_dev, __be32 group) 870 { 871 struct ip_mc_list *im; 872 struct net *net = dev_net(in_dev->dev); 873 874 /* Timers are only set for non-local groups */ 875 876 if (group == IGMP_ALL_HOSTS) 877 return false; 878 if (ipv4_is_local_multicast(group) && !net->ipv4.sysctl_igmp_llm_reports) 879 return false; 880 881 rcu_read_lock(); 882 for_each_pmc_rcu(in_dev, im) { 883 if (im->multiaddr == group) { 884 igmp_stop_timer(im); 885 break; 886 } 887 } 888 rcu_read_unlock(); 889 return false; 890 } 891 892 /* return true if packet was dropped */ 893 static bool igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb, 894 int len) 895 { 896 struct igmphdr *ih = igmp_hdr(skb); 897 struct igmpv3_query *ih3 = igmpv3_query_hdr(skb); 898 struct ip_mc_list *im; 899 __be32 group = ih->group; 900 int max_delay; 901 int mark = 0; 902 struct net *net = dev_net(in_dev->dev); 903 904 905 if (len == 8) { 906 if (ih->code == 0) { 907 /* Alas, old v1 router presents here. */ 908 909 max_delay = IGMP_QUERY_RESPONSE_INTERVAL; 910 in_dev->mr_v1_seen = jiffies + 911 IGMP_V1_ROUTER_PRESENT_TIMEOUT; 912 group = 0; 913 } else { 914 /* v2 router present */ 915 max_delay = ih->code*(HZ/IGMP_TIMER_SCALE); 916 in_dev->mr_v2_seen = jiffies + 917 IGMP_V2_ROUTER_PRESENT_TIMEOUT; 918 } 919 /* cancel the interface change timer */ 920 in_dev->mr_ifc_count = 0; 921 if (del_timer(&in_dev->mr_ifc_timer)) 922 __in_dev_put(in_dev); 923 /* clear deleted report items */ 924 igmpv3_clear_delrec(in_dev); 925 } else if (len < 12) { 926 return true; /* ignore bogus packet; freed by caller */ 927 } else if (IGMP_V1_SEEN(in_dev)) { 928 /* This is a v3 query with v1 queriers present */ 929 max_delay = IGMP_QUERY_RESPONSE_INTERVAL; 930 group = 0; 931 } else if (IGMP_V2_SEEN(in_dev)) { 932 /* this is a v3 query with v2 queriers present; 933 * Interpretation of the max_delay code is problematic here. 934 * A real v2 host would use ih_code directly, while v3 has a 935 * different encoding. We use the v3 encoding as more likely 936 * to be intended in a v3 query. 937 */ 938 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE); 939 if (!max_delay) 940 max_delay = 1; /* can't mod w/ 0 */ 941 } else { /* v3 */ 942 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) 943 return true; 944 945 ih3 = igmpv3_query_hdr(skb); 946 if (ih3->nsrcs) { 947 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query) 948 + ntohs(ih3->nsrcs)*sizeof(__be32))) 949 return true; 950 ih3 = igmpv3_query_hdr(skb); 951 } 952 953 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE); 954 if (!max_delay) 955 max_delay = 1; /* can't mod w/ 0 */ 956 in_dev->mr_maxdelay = max_delay; 957 if (ih3->qrv) 958 in_dev->mr_qrv = ih3->qrv; 959 if (!group) { /* general query */ 960 if (ih3->nsrcs) 961 return true; /* no sources allowed */ 962 igmp_gq_start_timer(in_dev); 963 return false; 964 } 965 /* mark sources to include, if group & source-specific */ 966 mark = ih3->nsrcs != 0; 967 } 968 969 /* 970 * - Start the timers in all of our membership records 971 * that the query applies to for the interface on 972 * which the query arrived excl. those that belong 973 * to a "local" group (224.0.0.X) 974 * - For timers already running check if they need to 975 * be reset. 976 * - Use the igmp->igmp_code field as the maximum 977 * delay possible 978 */ 979 rcu_read_lock(); 980 for_each_pmc_rcu(in_dev, im) { 981 int changed; 982 983 if (group && group != im->multiaddr) 984 continue; 985 if (im->multiaddr == IGMP_ALL_HOSTS) 986 continue; 987 if (ipv4_is_local_multicast(im->multiaddr) && 988 !net->ipv4.sysctl_igmp_llm_reports) 989 continue; 990 spin_lock_bh(&im->lock); 991 if (im->tm_running) 992 im->gsquery = im->gsquery && mark; 993 else 994 im->gsquery = mark; 995 changed = !im->gsquery || 996 igmp_marksources(im, ntohs(ih3->nsrcs), ih3->srcs); 997 spin_unlock_bh(&im->lock); 998 if (changed) 999 igmp_mod_timer(im, max_delay); 1000 } 1001 rcu_read_unlock(); 1002 return false; 1003 } 1004 1005 /* called in rcu_read_lock() section */ 1006 int igmp_rcv(struct sk_buff *skb) 1007 { 1008 /* This basically follows the spec line by line -- see RFC1112 */ 1009 struct igmphdr *ih; 1010 struct net_device *dev = skb->dev; 1011 struct in_device *in_dev; 1012 int len = skb->len; 1013 bool dropped = true; 1014 1015 if (netif_is_l3_master(dev)) { 1016 dev = dev_get_by_index_rcu(dev_net(dev), IPCB(skb)->iif); 1017 if (!dev) 1018 goto drop; 1019 } 1020 1021 in_dev = __in_dev_get_rcu(dev); 1022 if (!in_dev) 1023 goto drop; 1024 1025 if (!pskb_may_pull(skb, sizeof(struct igmphdr))) 1026 goto drop; 1027 1028 if (skb_checksum_simple_validate(skb)) 1029 goto drop; 1030 1031 ih = igmp_hdr(skb); 1032 switch (ih->type) { 1033 case IGMP_HOST_MEMBERSHIP_QUERY: 1034 dropped = igmp_heard_query(in_dev, skb, len); 1035 break; 1036 case IGMP_HOST_MEMBERSHIP_REPORT: 1037 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1038 /* Is it our report looped back? */ 1039 if (rt_is_output_route(skb_rtable(skb))) 1040 break; 1041 /* don't rely on MC router hearing unicast reports */ 1042 if (skb->pkt_type == PACKET_MULTICAST || 1043 skb->pkt_type == PACKET_BROADCAST) 1044 dropped = igmp_heard_report(in_dev, ih->group); 1045 break; 1046 case IGMP_PIM: 1047 #ifdef CONFIG_IP_PIMSM_V1 1048 return pim_rcv_v1(skb); 1049 #endif 1050 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1051 case IGMP_DVMRP: 1052 case IGMP_TRACE: 1053 case IGMP_HOST_LEAVE_MESSAGE: 1054 case IGMP_MTRACE: 1055 case IGMP_MTRACE_RESP: 1056 break; 1057 default: 1058 break; 1059 } 1060 1061 drop: 1062 if (dropped) 1063 kfree_skb(skb); 1064 else 1065 consume_skb(skb); 1066 return 0; 1067 } 1068 1069 #endif 1070 1071 1072 /* 1073 * Add a filter to a device 1074 */ 1075 1076 static void ip_mc_filter_add(struct in_device *in_dev, __be32 addr) 1077 { 1078 char buf[MAX_ADDR_LEN]; 1079 struct net_device *dev = in_dev->dev; 1080 1081 /* Checking for IFF_MULTICAST here is WRONG-WRONG-WRONG. 1082 We will get multicast token leakage, when IFF_MULTICAST 1083 is changed. This check should be done in ndo_set_rx_mode 1084 routine. Something sort of: 1085 if (dev->mc_list && dev->flags&IFF_MULTICAST) { do it; } 1086 --ANK 1087 */ 1088 if (arp_mc_map(addr, buf, dev, 0) == 0) 1089 dev_mc_add(dev, buf); 1090 } 1091 1092 /* 1093 * Remove a filter from a device 1094 */ 1095 1096 static void ip_mc_filter_del(struct in_device *in_dev, __be32 addr) 1097 { 1098 char buf[MAX_ADDR_LEN]; 1099 struct net_device *dev = in_dev->dev; 1100 1101 if (arp_mc_map(addr, buf, dev, 0) == 0) 1102 dev_mc_del(dev, buf); 1103 } 1104 1105 #ifdef CONFIG_IP_MULTICAST 1106 /* 1107 * deleted ip_mc_list manipulation 1108 */ 1109 static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im) 1110 { 1111 struct ip_mc_list *pmc; 1112 struct net *net = dev_net(in_dev->dev); 1113 1114 /* this is an "ip_mc_list" for convenience; only the fields below 1115 * are actually used. In particular, the refcnt and users are not 1116 * used for management of the delete list. Using the same structure 1117 * for deleted items allows change reports to use common code with 1118 * non-deleted or query-response MCA's. 1119 */ 1120 pmc = kzalloc(sizeof(*pmc), GFP_KERNEL); 1121 if (!pmc) 1122 return; 1123 spin_lock_init(&pmc->lock); 1124 spin_lock_bh(&im->lock); 1125 pmc->interface = im->interface; 1126 in_dev_hold(in_dev); 1127 pmc->multiaddr = im->multiaddr; 1128 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1129 pmc->sfmode = im->sfmode; 1130 if (pmc->sfmode == MCAST_INCLUDE) { 1131 struct ip_sf_list *psf; 1132 1133 pmc->tomb = im->tomb; 1134 pmc->sources = im->sources; 1135 im->tomb = im->sources = NULL; 1136 for (psf = pmc->sources; psf; psf = psf->sf_next) 1137 psf->sf_crcount = pmc->crcount; 1138 } 1139 spin_unlock_bh(&im->lock); 1140 1141 spin_lock_bh(&in_dev->mc_tomb_lock); 1142 pmc->next = in_dev->mc_tomb; 1143 in_dev->mc_tomb = pmc; 1144 spin_unlock_bh(&in_dev->mc_tomb_lock); 1145 } 1146 1147 /* 1148 * restore ip_mc_list deleted records 1149 */ 1150 static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im) 1151 { 1152 struct ip_mc_list *pmc, *pmc_prev; 1153 struct ip_sf_list *psf; 1154 struct net *net = dev_net(in_dev->dev); 1155 __be32 multiaddr = im->multiaddr; 1156 1157 spin_lock_bh(&in_dev->mc_tomb_lock); 1158 pmc_prev = NULL; 1159 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc->next) { 1160 if (pmc->multiaddr == multiaddr) 1161 break; 1162 pmc_prev = pmc; 1163 } 1164 if (pmc) { 1165 if (pmc_prev) 1166 pmc_prev->next = pmc->next; 1167 else 1168 in_dev->mc_tomb = pmc->next; 1169 } 1170 spin_unlock_bh(&in_dev->mc_tomb_lock); 1171 1172 spin_lock_bh(&im->lock); 1173 if (pmc) { 1174 im->interface = pmc->interface; 1175 im->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1176 im->sfmode = pmc->sfmode; 1177 if (pmc->sfmode == MCAST_INCLUDE) { 1178 im->tomb = pmc->tomb; 1179 im->sources = pmc->sources; 1180 for (psf = im->sources; psf; psf = psf->sf_next) 1181 psf->sf_crcount = im->crcount; 1182 } 1183 in_dev_put(pmc->interface); 1184 kfree(pmc); 1185 } 1186 spin_unlock_bh(&im->lock); 1187 } 1188 1189 /* 1190 * flush ip_mc_list deleted records 1191 */ 1192 static void igmpv3_clear_delrec(struct in_device *in_dev) 1193 { 1194 struct ip_mc_list *pmc, *nextpmc; 1195 1196 spin_lock_bh(&in_dev->mc_tomb_lock); 1197 pmc = in_dev->mc_tomb; 1198 in_dev->mc_tomb = NULL; 1199 spin_unlock_bh(&in_dev->mc_tomb_lock); 1200 1201 for (; pmc; pmc = nextpmc) { 1202 nextpmc = pmc->next; 1203 ip_mc_clear_src(pmc); 1204 in_dev_put(pmc->interface); 1205 kfree(pmc); 1206 } 1207 /* clear dead sources, too */ 1208 rcu_read_lock(); 1209 for_each_pmc_rcu(in_dev, pmc) { 1210 struct ip_sf_list *psf, *psf_next; 1211 1212 spin_lock_bh(&pmc->lock); 1213 psf = pmc->tomb; 1214 pmc->tomb = NULL; 1215 spin_unlock_bh(&pmc->lock); 1216 for (; psf; psf = psf_next) { 1217 psf_next = psf->sf_next; 1218 kfree(psf); 1219 } 1220 } 1221 rcu_read_unlock(); 1222 } 1223 #endif 1224 1225 static void igmp_group_dropped(struct ip_mc_list *im) 1226 { 1227 struct in_device *in_dev = im->interface; 1228 #ifdef CONFIG_IP_MULTICAST 1229 struct net *net = dev_net(in_dev->dev); 1230 int reporter; 1231 #endif 1232 1233 if (im->loaded) { 1234 im->loaded = 0; 1235 ip_mc_filter_del(in_dev, im->multiaddr); 1236 } 1237 1238 #ifdef CONFIG_IP_MULTICAST 1239 if (im->multiaddr == IGMP_ALL_HOSTS) 1240 return; 1241 if (ipv4_is_local_multicast(im->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 1242 return; 1243 1244 reporter = im->reporter; 1245 igmp_stop_timer(im); 1246 1247 if (!in_dev->dead) { 1248 if (IGMP_V1_SEEN(in_dev)) 1249 return; 1250 if (IGMP_V2_SEEN(in_dev)) { 1251 if (reporter) 1252 igmp_send_report(in_dev, im, IGMP_HOST_LEAVE_MESSAGE); 1253 return; 1254 } 1255 /* IGMPv3 */ 1256 igmpv3_add_delrec(in_dev, im); 1257 1258 igmp_ifc_event(in_dev); 1259 } 1260 #endif 1261 } 1262 1263 static void igmp_group_added(struct ip_mc_list *im) 1264 { 1265 struct in_device *in_dev = im->interface; 1266 #ifdef CONFIG_IP_MULTICAST 1267 struct net *net = dev_net(in_dev->dev); 1268 #endif 1269 1270 if (im->loaded == 0) { 1271 im->loaded = 1; 1272 ip_mc_filter_add(in_dev, im->multiaddr); 1273 } 1274 1275 #ifdef CONFIG_IP_MULTICAST 1276 if (im->multiaddr == IGMP_ALL_HOSTS) 1277 return; 1278 if (ipv4_is_local_multicast(im->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 1279 return; 1280 1281 if (in_dev->dead) 1282 return; 1283 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) { 1284 spin_lock_bh(&im->lock); 1285 igmp_start_timer(im, IGMP_INITIAL_REPORT_DELAY); 1286 spin_unlock_bh(&im->lock); 1287 return; 1288 } 1289 /* else, v3 */ 1290 1291 im->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1292 igmp_ifc_event(in_dev); 1293 #endif 1294 } 1295 1296 1297 /* 1298 * Multicast list managers 1299 */ 1300 1301 static u32 ip_mc_hash(const struct ip_mc_list *im) 1302 { 1303 return hash_32((__force u32)im->multiaddr, MC_HASH_SZ_LOG); 1304 } 1305 1306 static void ip_mc_hash_add(struct in_device *in_dev, 1307 struct ip_mc_list *im) 1308 { 1309 struct ip_mc_list __rcu **mc_hash; 1310 u32 hash; 1311 1312 mc_hash = rtnl_dereference(in_dev->mc_hash); 1313 if (mc_hash) { 1314 hash = ip_mc_hash(im); 1315 im->next_hash = mc_hash[hash]; 1316 rcu_assign_pointer(mc_hash[hash], im); 1317 return; 1318 } 1319 1320 /* do not use a hash table for small number of items */ 1321 if (in_dev->mc_count < 4) 1322 return; 1323 1324 mc_hash = kzalloc(sizeof(struct ip_mc_list *) << MC_HASH_SZ_LOG, 1325 GFP_KERNEL); 1326 if (!mc_hash) 1327 return; 1328 1329 for_each_pmc_rtnl(in_dev, im) { 1330 hash = ip_mc_hash(im); 1331 im->next_hash = mc_hash[hash]; 1332 RCU_INIT_POINTER(mc_hash[hash], im); 1333 } 1334 1335 rcu_assign_pointer(in_dev->mc_hash, mc_hash); 1336 } 1337 1338 static void ip_mc_hash_remove(struct in_device *in_dev, 1339 struct ip_mc_list *im) 1340 { 1341 struct ip_mc_list __rcu **mc_hash = rtnl_dereference(in_dev->mc_hash); 1342 struct ip_mc_list *aux; 1343 1344 if (!mc_hash) 1345 return; 1346 mc_hash += ip_mc_hash(im); 1347 while ((aux = rtnl_dereference(*mc_hash)) != im) 1348 mc_hash = &aux->next_hash; 1349 *mc_hash = im->next_hash; 1350 } 1351 1352 1353 /* 1354 * A socket has joined a multicast group on device dev. 1355 */ 1356 1357 void ip_mc_inc_group(struct in_device *in_dev, __be32 addr) 1358 { 1359 struct ip_mc_list *im; 1360 #ifdef CONFIG_IP_MULTICAST 1361 struct net *net = dev_net(in_dev->dev); 1362 #endif 1363 1364 ASSERT_RTNL(); 1365 1366 for_each_pmc_rtnl(in_dev, im) { 1367 if (im->multiaddr == addr) { 1368 im->users++; 1369 ip_mc_add_src(in_dev, &addr, MCAST_EXCLUDE, 0, NULL, 0); 1370 goto out; 1371 } 1372 } 1373 1374 im = kzalloc(sizeof(*im), GFP_KERNEL); 1375 if (!im) 1376 goto out; 1377 1378 im->users = 1; 1379 im->interface = in_dev; 1380 in_dev_hold(in_dev); 1381 im->multiaddr = addr; 1382 /* initial mode is (EX, empty) */ 1383 im->sfmode = MCAST_EXCLUDE; 1384 im->sfcount[MCAST_EXCLUDE] = 1; 1385 refcount_set(&im->refcnt, 1); 1386 spin_lock_init(&im->lock); 1387 #ifdef CONFIG_IP_MULTICAST 1388 timer_setup(&im->timer, igmp_timer_expire, 0); 1389 im->unsolicit_count = net->ipv4.sysctl_igmp_qrv; 1390 #endif 1391 1392 im->next_rcu = in_dev->mc_list; 1393 in_dev->mc_count++; 1394 rcu_assign_pointer(in_dev->mc_list, im); 1395 1396 ip_mc_hash_add(in_dev, im); 1397 1398 #ifdef CONFIG_IP_MULTICAST 1399 igmpv3_del_delrec(in_dev, im); 1400 #endif 1401 igmp_group_added(im); 1402 if (!in_dev->dead) 1403 ip_rt_multicast_event(in_dev); 1404 out: 1405 return; 1406 } 1407 EXPORT_SYMBOL(ip_mc_inc_group); 1408 1409 static int ip_mc_check_iphdr(struct sk_buff *skb) 1410 { 1411 const struct iphdr *iph; 1412 unsigned int len; 1413 unsigned int offset = skb_network_offset(skb) + sizeof(*iph); 1414 1415 if (!pskb_may_pull(skb, offset)) 1416 return -EINVAL; 1417 1418 iph = ip_hdr(skb); 1419 1420 if (iph->version != 4 || ip_hdrlen(skb) < sizeof(*iph)) 1421 return -EINVAL; 1422 1423 offset += ip_hdrlen(skb) - sizeof(*iph); 1424 1425 if (!pskb_may_pull(skb, offset)) 1426 return -EINVAL; 1427 1428 iph = ip_hdr(skb); 1429 1430 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl))) 1431 return -EINVAL; 1432 1433 len = skb_network_offset(skb) + ntohs(iph->tot_len); 1434 if (skb->len < len || len < offset) 1435 return -EINVAL; 1436 1437 skb_set_transport_header(skb, offset); 1438 1439 return 0; 1440 } 1441 1442 static int ip_mc_check_igmp_reportv3(struct sk_buff *skb) 1443 { 1444 unsigned int len = skb_transport_offset(skb); 1445 1446 len += sizeof(struct igmpv3_report); 1447 1448 return pskb_may_pull(skb, len) ? 0 : -EINVAL; 1449 } 1450 1451 static int ip_mc_check_igmp_query(struct sk_buff *skb) 1452 { 1453 unsigned int len = skb_transport_offset(skb); 1454 1455 len += sizeof(struct igmphdr); 1456 if (skb->len < len) 1457 return -EINVAL; 1458 1459 /* IGMPv{1,2}? */ 1460 if (skb->len != len) { 1461 /* or IGMPv3? */ 1462 len += sizeof(struct igmpv3_query) - sizeof(struct igmphdr); 1463 if (skb->len < len || !pskb_may_pull(skb, len)) 1464 return -EINVAL; 1465 } 1466 1467 /* RFC2236+RFC3376 (IGMPv2+IGMPv3) require the multicast link layer 1468 * all-systems destination addresses (224.0.0.1) for general queries 1469 */ 1470 if (!igmp_hdr(skb)->group && 1471 ip_hdr(skb)->daddr != htonl(INADDR_ALLHOSTS_GROUP)) 1472 return -EINVAL; 1473 1474 return 0; 1475 } 1476 1477 static int ip_mc_check_igmp_msg(struct sk_buff *skb) 1478 { 1479 switch (igmp_hdr(skb)->type) { 1480 case IGMP_HOST_LEAVE_MESSAGE: 1481 case IGMP_HOST_MEMBERSHIP_REPORT: 1482 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1483 /* fall through */ 1484 return 0; 1485 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1486 return ip_mc_check_igmp_reportv3(skb); 1487 case IGMP_HOST_MEMBERSHIP_QUERY: 1488 return ip_mc_check_igmp_query(skb); 1489 default: 1490 return -ENOMSG; 1491 } 1492 } 1493 1494 static inline __sum16 ip_mc_validate_checksum(struct sk_buff *skb) 1495 { 1496 return skb_checksum_simple_validate(skb); 1497 } 1498 1499 static int __ip_mc_check_igmp(struct sk_buff *skb, struct sk_buff **skb_trimmed) 1500 1501 { 1502 struct sk_buff *skb_chk; 1503 unsigned int transport_len; 1504 unsigned int len = skb_transport_offset(skb) + sizeof(struct igmphdr); 1505 int ret = -EINVAL; 1506 1507 transport_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb); 1508 1509 skb_chk = skb_checksum_trimmed(skb, transport_len, 1510 ip_mc_validate_checksum); 1511 if (!skb_chk) 1512 goto err; 1513 1514 if (!pskb_may_pull(skb_chk, len)) 1515 goto err; 1516 1517 ret = ip_mc_check_igmp_msg(skb_chk); 1518 if (ret) 1519 goto err; 1520 1521 if (skb_trimmed) 1522 *skb_trimmed = skb_chk; 1523 /* free now unneeded clone */ 1524 else if (skb_chk != skb) 1525 kfree_skb(skb_chk); 1526 1527 ret = 0; 1528 1529 err: 1530 if (ret && skb_chk && skb_chk != skb) 1531 kfree_skb(skb_chk); 1532 1533 return ret; 1534 } 1535 1536 /** 1537 * ip_mc_check_igmp - checks whether this is a sane IGMP packet 1538 * @skb: the skb to validate 1539 * @skb_trimmed: to store an skb pointer trimmed to IPv4 packet tail (optional) 1540 * 1541 * Checks whether an IPv4 packet is a valid IGMP packet. If so sets 1542 * skb transport header accordingly and returns zero. 1543 * 1544 * -EINVAL: A broken packet was detected, i.e. it violates some internet 1545 * standard 1546 * -ENOMSG: IP header validation succeeded but it is not an IGMP packet. 1547 * -ENOMEM: A memory allocation failure happened. 1548 * 1549 * Optionally, an skb pointer might be provided via skb_trimmed (or set it 1550 * to NULL): After parsing an IGMP packet successfully it will point to 1551 * an skb which has its tail aligned to the IP packet end. This might 1552 * either be the originally provided skb or a trimmed, cloned version if 1553 * the skb frame had data beyond the IP packet. A cloned skb allows us 1554 * to leave the original skb and its full frame unchanged (which might be 1555 * desirable for layer 2 frame jugglers). 1556 * 1557 * Caller needs to set the skb network header and free any returned skb if it 1558 * differs from the provided skb. 1559 */ 1560 int ip_mc_check_igmp(struct sk_buff *skb, struct sk_buff **skb_trimmed) 1561 { 1562 int ret = ip_mc_check_iphdr(skb); 1563 1564 if (ret < 0) 1565 return ret; 1566 1567 if (ip_hdr(skb)->protocol != IPPROTO_IGMP) 1568 return -ENOMSG; 1569 1570 return __ip_mc_check_igmp(skb, skb_trimmed); 1571 } 1572 EXPORT_SYMBOL(ip_mc_check_igmp); 1573 1574 /* 1575 * Resend IGMP JOIN report; used by netdev notifier. 1576 */ 1577 static void ip_mc_rejoin_groups(struct in_device *in_dev) 1578 { 1579 #ifdef CONFIG_IP_MULTICAST 1580 struct ip_mc_list *im; 1581 int type; 1582 struct net *net = dev_net(in_dev->dev); 1583 1584 ASSERT_RTNL(); 1585 1586 for_each_pmc_rtnl(in_dev, im) { 1587 if (im->multiaddr == IGMP_ALL_HOSTS) 1588 continue; 1589 if (ipv4_is_local_multicast(im->multiaddr) && 1590 !net->ipv4.sysctl_igmp_llm_reports) 1591 continue; 1592 1593 /* a failover is happening and switches 1594 * must be notified immediately 1595 */ 1596 if (IGMP_V1_SEEN(in_dev)) 1597 type = IGMP_HOST_MEMBERSHIP_REPORT; 1598 else if (IGMP_V2_SEEN(in_dev)) 1599 type = IGMPV2_HOST_MEMBERSHIP_REPORT; 1600 else 1601 type = IGMPV3_HOST_MEMBERSHIP_REPORT; 1602 igmp_send_report(in_dev, im, type); 1603 } 1604 #endif 1605 } 1606 1607 /* 1608 * A socket has left a multicast group on device dev 1609 */ 1610 1611 void ip_mc_dec_group(struct in_device *in_dev, __be32 addr) 1612 { 1613 struct ip_mc_list *i; 1614 struct ip_mc_list __rcu **ip; 1615 1616 ASSERT_RTNL(); 1617 1618 for (ip = &in_dev->mc_list; 1619 (i = rtnl_dereference(*ip)) != NULL; 1620 ip = &i->next_rcu) { 1621 if (i->multiaddr == addr) { 1622 if (--i->users == 0) { 1623 ip_mc_hash_remove(in_dev, i); 1624 *ip = i->next_rcu; 1625 in_dev->mc_count--; 1626 igmp_group_dropped(i); 1627 ip_mc_clear_src(i); 1628 1629 if (!in_dev->dead) 1630 ip_rt_multicast_event(in_dev); 1631 1632 ip_ma_put(i); 1633 return; 1634 } 1635 break; 1636 } 1637 } 1638 } 1639 EXPORT_SYMBOL(ip_mc_dec_group); 1640 1641 /* Device changing type */ 1642 1643 void ip_mc_unmap(struct in_device *in_dev) 1644 { 1645 struct ip_mc_list *pmc; 1646 1647 ASSERT_RTNL(); 1648 1649 for_each_pmc_rtnl(in_dev, pmc) 1650 igmp_group_dropped(pmc); 1651 } 1652 1653 void ip_mc_remap(struct in_device *in_dev) 1654 { 1655 struct ip_mc_list *pmc; 1656 1657 ASSERT_RTNL(); 1658 1659 for_each_pmc_rtnl(in_dev, pmc) { 1660 #ifdef CONFIG_IP_MULTICAST 1661 igmpv3_del_delrec(in_dev, pmc); 1662 #endif 1663 igmp_group_added(pmc); 1664 } 1665 } 1666 1667 /* Device going down */ 1668 1669 void ip_mc_down(struct in_device *in_dev) 1670 { 1671 struct ip_mc_list *pmc; 1672 1673 ASSERT_RTNL(); 1674 1675 for_each_pmc_rtnl(in_dev, pmc) 1676 igmp_group_dropped(pmc); 1677 1678 #ifdef CONFIG_IP_MULTICAST 1679 in_dev->mr_ifc_count = 0; 1680 if (del_timer(&in_dev->mr_ifc_timer)) 1681 __in_dev_put(in_dev); 1682 in_dev->mr_gq_running = 0; 1683 if (del_timer(&in_dev->mr_gq_timer)) 1684 __in_dev_put(in_dev); 1685 #endif 1686 1687 ip_mc_dec_group(in_dev, IGMP_ALL_HOSTS); 1688 } 1689 1690 void ip_mc_init_dev(struct in_device *in_dev) 1691 { 1692 #ifdef CONFIG_IP_MULTICAST 1693 struct net *net = dev_net(in_dev->dev); 1694 #endif 1695 ASSERT_RTNL(); 1696 1697 #ifdef CONFIG_IP_MULTICAST 1698 timer_setup(&in_dev->mr_gq_timer, igmp_gq_timer_expire, 0); 1699 timer_setup(&in_dev->mr_ifc_timer, igmp_ifc_timer_expire, 0); 1700 in_dev->mr_qrv = net->ipv4.sysctl_igmp_qrv; 1701 #endif 1702 1703 spin_lock_init(&in_dev->mc_tomb_lock); 1704 } 1705 1706 /* Device going up */ 1707 1708 void ip_mc_up(struct in_device *in_dev) 1709 { 1710 struct ip_mc_list *pmc; 1711 #ifdef CONFIG_IP_MULTICAST 1712 struct net *net = dev_net(in_dev->dev); 1713 #endif 1714 1715 ASSERT_RTNL(); 1716 1717 #ifdef CONFIG_IP_MULTICAST 1718 in_dev->mr_qrv = net->ipv4.sysctl_igmp_qrv; 1719 #endif 1720 ip_mc_inc_group(in_dev, IGMP_ALL_HOSTS); 1721 1722 for_each_pmc_rtnl(in_dev, pmc) { 1723 #ifdef CONFIG_IP_MULTICAST 1724 igmpv3_del_delrec(in_dev, pmc); 1725 #endif 1726 igmp_group_added(pmc); 1727 } 1728 } 1729 1730 /* 1731 * Device is about to be destroyed: clean up. 1732 */ 1733 1734 void ip_mc_destroy_dev(struct in_device *in_dev) 1735 { 1736 struct ip_mc_list *i; 1737 1738 ASSERT_RTNL(); 1739 1740 /* Deactivate timers */ 1741 ip_mc_down(in_dev); 1742 #ifdef CONFIG_IP_MULTICAST 1743 igmpv3_clear_delrec(in_dev); 1744 #endif 1745 1746 while ((i = rtnl_dereference(in_dev->mc_list)) != NULL) { 1747 in_dev->mc_list = i->next_rcu; 1748 in_dev->mc_count--; 1749 ip_ma_put(i); 1750 } 1751 } 1752 1753 /* RTNL is locked */ 1754 static struct in_device *ip_mc_find_dev(struct net *net, struct ip_mreqn *imr) 1755 { 1756 struct net_device *dev = NULL; 1757 struct in_device *idev = NULL; 1758 1759 if (imr->imr_ifindex) { 1760 idev = inetdev_by_index(net, imr->imr_ifindex); 1761 return idev; 1762 } 1763 if (imr->imr_address.s_addr) { 1764 dev = __ip_dev_find(net, imr->imr_address.s_addr, false); 1765 if (!dev) 1766 return NULL; 1767 } 1768 1769 if (!dev) { 1770 struct rtable *rt = ip_route_output(net, 1771 imr->imr_multiaddr.s_addr, 1772 0, 0, 0); 1773 if (!IS_ERR(rt)) { 1774 dev = rt->dst.dev; 1775 ip_rt_put(rt); 1776 } 1777 } 1778 if (dev) { 1779 imr->imr_ifindex = dev->ifindex; 1780 idev = __in_dev_get_rtnl(dev); 1781 } 1782 return idev; 1783 } 1784 1785 /* 1786 * Join a socket to a group 1787 */ 1788 1789 static int ip_mc_del1_src(struct ip_mc_list *pmc, int sfmode, 1790 __be32 *psfsrc) 1791 { 1792 struct ip_sf_list *psf, *psf_prev; 1793 int rv = 0; 1794 1795 psf_prev = NULL; 1796 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1797 if (psf->sf_inaddr == *psfsrc) 1798 break; 1799 psf_prev = psf; 1800 } 1801 if (!psf || psf->sf_count[sfmode] == 0) { 1802 /* source filter not found, or count wrong => bug */ 1803 return -ESRCH; 1804 } 1805 psf->sf_count[sfmode]--; 1806 if (psf->sf_count[sfmode] == 0) { 1807 ip_rt_multicast_event(pmc->interface); 1808 } 1809 if (!psf->sf_count[MCAST_INCLUDE] && !psf->sf_count[MCAST_EXCLUDE]) { 1810 #ifdef CONFIG_IP_MULTICAST 1811 struct in_device *in_dev = pmc->interface; 1812 struct net *net = dev_net(in_dev->dev); 1813 #endif 1814 1815 /* no more filters for this source */ 1816 if (psf_prev) 1817 psf_prev->sf_next = psf->sf_next; 1818 else 1819 pmc->sources = psf->sf_next; 1820 #ifdef CONFIG_IP_MULTICAST 1821 if (psf->sf_oldin && 1822 !IGMP_V1_SEEN(in_dev) && !IGMP_V2_SEEN(in_dev)) { 1823 psf->sf_crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1824 psf->sf_next = pmc->tomb; 1825 pmc->tomb = psf; 1826 rv = 1; 1827 } else 1828 #endif 1829 kfree(psf); 1830 } 1831 return rv; 1832 } 1833 1834 #ifndef CONFIG_IP_MULTICAST 1835 #define igmp_ifc_event(x) do { } while (0) 1836 #endif 1837 1838 static int ip_mc_del_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 1839 int sfcount, __be32 *psfsrc, int delta) 1840 { 1841 struct ip_mc_list *pmc; 1842 int changerec = 0; 1843 int i, err; 1844 1845 if (!in_dev) 1846 return -ENODEV; 1847 rcu_read_lock(); 1848 for_each_pmc_rcu(in_dev, pmc) { 1849 if (*pmca == pmc->multiaddr) 1850 break; 1851 } 1852 if (!pmc) { 1853 /* MCA not found?? bug */ 1854 rcu_read_unlock(); 1855 return -ESRCH; 1856 } 1857 spin_lock_bh(&pmc->lock); 1858 rcu_read_unlock(); 1859 #ifdef CONFIG_IP_MULTICAST 1860 sf_markstate(pmc); 1861 #endif 1862 if (!delta) { 1863 err = -EINVAL; 1864 if (!pmc->sfcount[sfmode]) 1865 goto out_unlock; 1866 pmc->sfcount[sfmode]--; 1867 } 1868 err = 0; 1869 for (i = 0; i < sfcount; i++) { 1870 int rv = ip_mc_del1_src(pmc, sfmode, &psfsrc[i]); 1871 1872 changerec |= rv > 0; 1873 if (!err && rv < 0) 1874 err = rv; 1875 } 1876 if (pmc->sfmode == MCAST_EXCLUDE && 1877 pmc->sfcount[MCAST_EXCLUDE] == 0 && 1878 pmc->sfcount[MCAST_INCLUDE]) { 1879 #ifdef CONFIG_IP_MULTICAST 1880 struct ip_sf_list *psf; 1881 struct net *net = dev_net(in_dev->dev); 1882 #endif 1883 1884 /* filter mode change */ 1885 pmc->sfmode = MCAST_INCLUDE; 1886 #ifdef CONFIG_IP_MULTICAST 1887 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1888 in_dev->mr_ifc_count = pmc->crcount; 1889 for (psf = pmc->sources; psf; psf = psf->sf_next) 1890 psf->sf_crcount = 0; 1891 igmp_ifc_event(pmc->interface); 1892 } else if (sf_setstate(pmc) || changerec) { 1893 igmp_ifc_event(pmc->interface); 1894 #endif 1895 } 1896 out_unlock: 1897 spin_unlock_bh(&pmc->lock); 1898 return err; 1899 } 1900 1901 /* 1902 * Add multicast single-source filter to the interface list 1903 */ 1904 static int ip_mc_add1_src(struct ip_mc_list *pmc, int sfmode, 1905 __be32 *psfsrc) 1906 { 1907 struct ip_sf_list *psf, *psf_prev; 1908 1909 psf_prev = NULL; 1910 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1911 if (psf->sf_inaddr == *psfsrc) 1912 break; 1913 psf_prev = psf; 1914 } 1915 if (!psf) { 1916 psf = kzalloc(sizeof(*psf), GFP_ATOMIC); 1917 if (!psf) 1918 return -ENOBUFS; 1919 psf->sf_inaddr = *psfsrc; 1920 if (psf_prev) { 1921 psf_prev->sf_next = psf; 1922 } else 1923 pmc->sources = psf; 1924 } 1925 psf->sf_count[sfmode]++; 1926 if (psf->sf_count[sfmode] == 1) { 1927 ip_rt_multicast_event(pmc->interface); 1928 } 1929 return 0; 1930 } 1931 1932 #ifdef CONFIG_IP_MULTICAST 1933 static void sf_markstate(struct ip_mc_list *pmc) 1934 { 1935 struct ip_sf_list *psf; 1936 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE]; 1937 1938 for (psf = pmc->sources; psf; psf = psf->sf_next) 1939 if (pmc->sfcount[MCAST_EXCLUDE]) { 1940 psf->sf_oldin = mca_xcount == 1941 psf->sf_count[MCAST_EXCLUDE] && 1942 !psf->sf_count[MCAST_INCLUDE]; 1943 } else 1944 psf->sf_oldin = psf->sf_count[MCAST_INCLUDE] != 0; 1945 } 1946 1947 static int sf_setstate(struct ip_mc_list *pmc) 1948 { 1949 struct ip_sf_list *psf, *dpsf; 1950 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE]; 1951 int qrv = pmc->interface->mr_qrv; 1952 int new_in, rv; 1953 1954 rv = 0; 1955 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1956 if (pmc->sfcount[MCAST_EXCLUDE]) { 1957 new_in = mca_xcount == psf->sf_count[MCAST_EXCLUDE] && 1958 !psf->sf_count[MCAST_INCLUDE]; 1959 } else 1960 new_in = psf->sf_count[MCAST_INCLUDE] != 0; 1961 if (new_in) { 1962 if (!psf->sf_oldin) { 1963 struct ip_sf_list *prev = NULL; 1964 1965 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next) { 1966 if (dpsf->sf_inaddr == psf->sf_inaddr) 1967 break; 1968 prev = dpsf; 1969 } 1970 if (dpsf) { 1971 if (prev) 1972 prev->sf_next = dpsf->sf_next; 1973 else 1974 pmc->tomb = dpsf->sf_next; 1975 kfree(dpsf); 1976 } 1977 psf->sf_crcount = qrv; 1978 rv++; 1979 } 1980 } else if (psf->sf_oldin) { 1981 1982 psf->sf_crcount = 0; 1983 /* 1984 * add or update "delete" records if an active filter 1985 * is now inactive 1986 */ 1987 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next) 1988 if (dpsf->sf_inaddr == psf->sf_inaddr) 1989 break; 1990 if (!dpsf) { 1991 dpsf = kmalloc(sizeof(*dpsf), GFP_ATOMIC); 1992 if (!dpsf) 1993 continue; 1994 *dpsf = *psf; 1995 /* pmc->lock held by callers */ 1996 dpsf->sf_next = pmc->tomb; 1997 pmc->tomb = dpsf; 1998 } 1999 dpsf->sf_crcount = qrv; 2000 rv++; 2001 } 2002 } 2003 return rv; 2004 } 2005 #endif 2006 2007 /* 2008 * Add multicast source filter list to the interface list 2009 */ 2010 static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 2011 int sfcount, __be32 *psfsrc, int delta) 2012 { 2013 struct ip_mc_list *pmc; 2014 int isexclude; 2015 int i, err; 2016 2017 if (!in_dev) 2018 return -ENODEV; 2019 rcu_read_lock(); 2020 for_each_pmc_rcu(in_dev, pmc) { 2021 if (*pmca == pmc->multiaddr) 2022 break; 2023 } 2024 if (!pmc) { 2025 /* MCA not found?? bug */ 2026 rcu_read_unlock(); 2027 return -ESRCH; 2028 } 2029 spin_lock_bh(&pmc->lock); 2030 rcu_read_unlock(); 2031 2032 #ifdef CONFIG_IP_MULTICAST 2033 sf_markstate(pmc); 2034 #endif 2035 isexclude = pmc->sfmode == MCAST_EXCLUDE; 2036 if (!delta) 2037 pmc->sfcount[sfmode]++; 2038 err = 0; 2039 for (i = 0; i < sfcount; i++) { 2040 err = ip_mc_add1_src(pmc, sfmode, &psfsrc[i]); 2041 if (err) 2042 break; 2043 } 2044 if (err) { 2045 int j; 2046 2047 if (!delta) 2048 pmc->sfcount[sfmode]--; 2049 for (j = 0; j < i; j++) 2050 (void) ip_mc_del1_src(pmc, sfmode, &psfsrc[j]); 2051 } else if (isexclude != (pmc->sfcount[MCAST_EXCLUDE] != 0)) { 2052 #ifdef CONFIG_IP_MULTICAST 2053 struct ip_sf_list *psf; 2054 struct net *net = dev_net(pmc->interface->dev); 2055 in_dev = pmc->interface; 2056 #endif 2057 2058 /* filter mode change */ 2059 if (pmc->sfcount[MCAST_EXCLUDE]) 2060 pmc->sfmode = MCAST_EXCLUDE; 2061 else if (pmc->sfcount[MCAST_INCLUDE]) 2062 pmc->sfmode = MCAST_INCLUDE; 2063 #ifdef CONFIG_IP_MULTICAST 2064 /* else no filters; keep old mode for reports */ 2065 2066 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 2067 in_dev->mr_ifc_count = pmc->crcount; 2068 for (psf = pmc->sources; psf; psf = psf->sf_next) 2069 psf->sf_crcount = 0; 2070 igmp_ifc_event(in_dev); 2071 } else if (sf_setstate(pmc)) { 2072 igmp_ifc_event(in_dev); 2073 #endif 2074 } 2075 spin_unlock_bh(&pmc->lock); 2076 return err; 2077 } 2078 2079 static void ip_mc_clear_src(struct ip_mc_list *pmc) 2080 { 2081 struct ip_sf_list *psf, *nextpsf, *tomb, *sources; 2082 2083 spin_lock_bh(&pmc->lock); 2084 tomb = pmc->tomb; 2085 pmc->tomb = NULL; 2086 sources = pmc->sources; 2087 pmc->sources = NULL; 2088 pmc->sfmode = MCAST_EXCLUDE; 2089 pmc->sfcount[MCAST_INCLUDE] = 0; 2090 pmc->sfcount[MCAST_EXCLUDE] = 1; 2091 spin_unlock_bh(&pmc->lock); 2092 2093 for (psf = tomb; psf; psf = nextpsf) { 2094 nextpsf = psf->sf_next; 2095 kfree(psf); 2096 } 2097 for (psf = sources; psf; psf = nextpsf) { 2098 nextpsf = psf->sf_next; 2099 kfree(psf); 2100 } 2101 } 2102 2103 /* Join a multicast group 2104 */ 2105 2106 int ip_mc_join_group(struct sock *sk, struct ip_mreqn *imr) 2107 { 2108 __be32 addr = imr->imr_multiaddr.s_addr; 2109 struct ip_mc_socklist *iml, *i; 2110 struct in_device *in_dev; 2111 struct inet_sock *inet = inet_sk(sk); 2112 struct net *net = sock_net(sk); 2113 int ifindex; 2114 int count = 0; 2115 int err; 2116 2117 ASSERT_RTNL(); 2118 2119 if (!ipv4_is_multicast(addr)) 2120 return -EINVAL; 2121 2122 in_dev = ip_mc_find_dev(net, imr); 2123 2124 if (!in_dev) { 2125 err = -ENODEV; 2126 goto done; 2127 } 2128 2129 err = -EADDRINUSE; 2130 ifindex = imr->imr_ifindex; 2131 for_each_pmc_rtnl(inet, i) { 2132 if (i->multi.imr_multiaddr.s_addr == addr && 2133 i->multi.imr_ifindex == ifindex) 2134 goto done; 2135 count++; 2136 } 2137 err = -ENOBUFS; 2138 if (count >= net->ipv4.sysctl_igmp_max_memberships) 2139 goto done; 2140 iml = sock_kmalloc(sk, sizeof(*iml), GFP_KERNEL); 2141 if (!iml) 2142 goto done; 2143 2144 memcpy(&iml->multi, imr, sizeof(*imr)); 2145 iml->next_rcu = inet->mc_list; 2146 iml->sflist = NULL; 2147 iml->sfmode = MCAST_EXCLUDE; 2148 rcu_assign_pointer(inet->mc_list, iml); 2149 ip_mc_inc_group(in_dev, addr); 2150 err = 0; 2151 done: 2152 return err; 2153 } 2154 EXPORT_SYMBOL(ip_mc_join_group); 2155 2156 static int ip_mc_leave_src(struct sock *sk, struct ip_mc_socklist *iml, 2157 struct in_device *in_dev) 2158 { 2159 struct ip_sf_socklist *psf = rtnl_dereference(iml->sflist); 2160 int err; 2161 2162 if (!psf) { 2163 /* any-source empty exclude case */ 2164 return ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr, 2165 iml->sfmode, 0, NULL, 0); 2166 } 2167 err = ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr, 2168 iml->sfmode, psf->sl_count, psf->sl_addr, 0); 2169 RCU_INIT_POINTER(iml->sflist, NULL); 2170 /* decrease mem now to avoid the memleak warning */ 2171 atomic_sub(IP_SFLSIZE(psf->sl_max), &sk->sk_omem_alloc); 2172 kfree_rcu(psf, rcu); 2173 return err; 2174 } 2175 2176 int ip_mc_leave_group(struct sock *sk, struct ip_mreqn *imr) 2177 { 2178 struct inet_sock *inet = inet_sk(sk); 2179 struct ip_mc_socklist *iml; 2180 struct ip_mc_socklist __rcu **imlp; 2181 struct in_device *in_dev; 2182 struct net *net = sock_net(sk); 2183 __be32 group = imr->imr_multiaddr.s_addr; 2184 u32 ifindex; 2185 int ret = -EADDRNOTAVAIL; 2186 2187 ASSERT_RTNL(); 2188 2189 in_dev = ip_mc_find_dev(net, imr); 2190 if (!imr->imr_ifindex && !imr->imr_address.s_addr && !in_dev) { 2191 ret = -ENODEV; 2192 goto out; 2193 } 2194 ifindex = imr->imr_ifindex; 2195 for (imlp = &inet->mc_list; 2196 (iml = rtnl_dereference(*imlp)) != NULL; 2197 imlp = &iml->next_rcu) { 2198 if (iml->multi.imr_multiaddr.s_addr != group) 2199 continue; 2200 if (ifindex) { 2201 if (iml->multi.imr_ifindex != ifindex) 2202 continue; 2203 } else if (imr->imr_address.s_addr && imr->imr_address.s_addr != 2204 iml->multi.imr_address.s_addr) 2205 continue; 2206 2207 (void) ip_mc_leave_src(sk, iml, in_dev); 2208 2209 *imlp = iml->next_rcu; 2210 2211 if (in_dev) 2212 ip_mc_dec_group(in_dev, group); 2213 2214 /* decrease mem now to avoid the memleak warning */ 2215 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc); 2216 kfree_rcu(iml, rcu); 2217 return 0; 2218 } 2219 out: 2220 return ret; 2221 } 2222 EXPORT_SYMBOL(ip_mc_leave_group); 2223 2224 int ip_mc_source(int add, int omode, struct sock *sk, struct 2225 ip_mreq_source *mreqs, int ifindex) 2226 { 2227 int err; 2228 struct ip_mreqn imr; 2229 __be32 addr = mreqs->imr_multiaddr; 2230 struct ip_mc_socklist *pmc; 2231 struct in_device *in_dev = NULL; 2232 struct inet_sock *inet = inet_sk(sk); 2233 struct ip_sf_socklist *psl; 2234 struct net *net = sock_net(sk); 2235 int leavegroup = 0; 2236 int i, j, rv; 2237 2238 if (!ipv4_is_multicast(addr)) 2239 return -EINVAL; 2240 2241 ASSERT_RTNL(); 2242 2243 imr.imr_multiaddr.s_addr = mreqs->imr_multiaddr; 2244 imr.imr_address.s_addr = mreqs->imr_interface; 2245 imr.imr_ifindex = ifindex; 2246 in_dev = ip_mc_find_dev(net, &imr); 2247 2248 if (!in_dev) { 2249 err = -ENODEV; 2250 goto done; 2251 } 2252 err = -EADDRNOTAVAIL; 2253 2254 for_each_pmc_rtnl(inet, pmc) { 2255 if ((pmc->multi.imr_multiaddr.s_addr == 2256 imr.imr_multiaddr.s_addr) && 2257 (pmc->multi.imr_ifindex == imr.imr_ifindex)) 2258 break; 2259 } 2260 if (!pmc) { /* must have a prior join */ 2261 err = -EINVAL; 2262 goto done; 2263 } 2264 /* if a source filter was set, must be the same mode as before */ 2265 if (pmc->sflist) { 2266 if (pmc->sfmode != omode) { 2267 err = -EINVAL; 2268 goto done; 2269 } 2270 } else if (pmc->sfmode != omode) { 2271 /* allow mode switches for empty-set filters */ 2272 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 0, NULL, 0); 2273 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, pmc->sfmode, 0, 2274 NULL, 0); 2275 pmc->sfmode = omode; 2276 } 2277 2278 psl = rtnl_dereference(pmc->sflist); 2279 if (!add) { 2280 if (!psl) 2281 goto done; /* err = -EADDRNOTAVAIL */ 2282 rv = !0; 2283 for (i = 0; i < psl->sl_count; i++) { 2284 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr, 2285 sizeof(__be32)); 2286 if (rv == 0) 2287 break; 2288 } 2289 if (rv) /* source not found */ 2290 goto done; /* err = -EADDRNOTAVAIL */ 2291 2292 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 2293 if (psl->sl_count == 1 && omode == MCAST_INCLUDE) { 2294 leavegroup = 1; 2295 goto done; 2296 } 2297 2298 /* update the interface filter */ 2299 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, omode, 1, 2300 &mreqs->imr_sourceaddr, 1); 2301 2302 for (j = i+1; j < psl->sl_count; j++) 2303 psl->sl_addr[j-1] = psl->sl_addr[j]; 2304 psl->sl_count--; 2305 err = 0; 2306 goto done; 2307 } 2308 /* else, add a new source to the filter */ 2309 2310 if (psl && psl->sl_count >= net->ipv4.sysctl_igmp_max_msf) { 2311 err = -ENOBUFS; 2312 goto done; 2313 } 2314 if (!psl || psl->sl_count == psl->sl_max) { 2315 struct ip_sf_socklist *newpsl; 2316 int count = IP_SFBLOCK; 2317 2318 if (psl) 2319 count += psl->sl_max; 2320 newpsl = sock_kmalloc(sk, IP_SFLSIZE(count), GFP_KERNEL); 2321 if (!newpsl) { 2322 err = -ENOBUFS; 2323 goto done; 2324 } 2325 newpsl->sl_max = count; 2326 newpsl->sl_count = count - IP_SFBLOCK; 2327 if (psl) { 2328 for (i = 0; i < psl->sl_count; i++) 2329 newpsl->sl_addr[i] = psl->sl_addr[i]; 2330 /* decrease mem now to avoid the memleak warning */ 2331 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc); 2332 kfree_rcu(psl, rcu); 2333 } 2334 rcu_assign_pointer(pmc->sflist, newpsl); 2335 psl = newpsl; 2336 } 2337 rv = 1; /* > 0 for insert logic below if sl_count is 0 */ 2338 for (i = 0; i < psl->sl_count; i++) { 2339 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr, 2340 sizeof(__be32)); 2341 if (rv == 0) 2342 break; 2343 } 2344 if (rv == 0) /* address already there is an error */ 2345 goto done; 2346 for (j = psl->sl_count-1; j >= i; j--) 2347 psl->sl_addr[j+1] = psl->sl_addr[j]; 2348 psl->sl_addr[i] = mreqs->imr_sourceaddr; 2349 psl->sl_count++; 2350 err = 0; 2351 /* update the interface list */ 2352 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 1, 2353 &mreqs->imr_sourceaddr, 1); 2354 done: 2355 if (leavegroup) 2356 err = ip_mc_leave_group(sk, &imr); 2357 return err; 2358 } 2359 2360 int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex) 2361 { 2362 int err = 0; 2363 struct ip_mreqn imr; 2364 __be32 addr = msf->imsf_multiaddr; 2365 struct ip_mc_socklist *pmc; 2366 struct in_device *in_dev; 2367 struct inet_sock *inet = inet_sk(sk); 2368 struct ip_sf_socklist *newpsl, *psl; 2369 struct net *net = sock_net(sk); 2370 int leavegroup = 0; 2371 2372 if (!ipv4_is_multicast(addr)) 2373 return -EINVAL; 2374 if (msf->imsf_fmode != MCAST_INCLUDE && 2375 msf->imsf_fmode != MCAST_EXCLUDE) 2376 return -EINVAL; 2377 2378 ASSERT_RTNL(); 2379 2380 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; 2381 imr.imr_address.s_addr = msf->imsf_interface; 2382 imr.imr_ifindex = ifindex; 2383 in_dev = ip_mc_find_dev(net, &imr); 2384 2385 if (!in_dev) { 2386 err = -ENODEV; 2387 goto done; 2388 } 2389 2390 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 2391 if (msf->imsf_fmode == MCAST_INCLUDE && msf->imsf_numsrc == 0) { 2392 leavegroup = 1; 2393 goto done; 2394 } 2395 2396 for_each_pmc_rtnl(inet, pmc) { 2397 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr && 2398 pmc->multi.imr_ifindex == imr.imr_ifindex) 2399 break; 2400 } 2401 if (!pmc) { /* must have a prior join */ 2402 err = -EINVAL; 2403 goto done; 2404 } 2405 if (msf->imsf_numsrc) { 2406 newpsl = sock_kmalloc(sk, IP_SFLSIZE(msf->imsf_numsrc), 2407 GFP_KERNEL); 2408 if (!newpsl) { 2409 err = -ENOBUFS; 2410 goto done; 2411 } 2412 newpsl->sl_max = newpsl->sl_count = msf->imsf_numsrc; 2413 memcpy(newpsl->sl_addr, msf->imsf_slist, 2414 msf->imsf_numsrc * sizeof(msf->imsf_slist[0])); 2415 err = ip_mc_add_src(in_dev, &msf->imsf_multiaddr, 2416 msf->imsf_fmode, newpsl->sl_count, newpsl->sl_addr, 0); 2417 if (err) { 2418 sock_kfree_s(sk, newpsl, IP_SFLSIZE(newpsl->sl_max)); 2419 goto done; 2420 } 2421 } else { 2422 newpsl = NULL; 2423 (void) ip_mc_add_src(in_dev, &msf->imsf_multiaddr, 2424 msf->imsf_fmode, 0, NULL, 0); 2425 } 2426 psl = rtnl_dereference(pmc->sflist); 2427 if (psl) { 2428 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode, 2429 psl->sl_count, psl->sl_addr, 0); 2430 /* decrease mem now to avoid the memleak warning */ 2431 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc); 2432 kfree_rcu(psl, rcu); 2433 } else 2434 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode, 2435 0, NULL, 0); 2436 rcu_assign_pointer(pmc->sflist, newpsl); 2437 pmc->sfmode = msf->imsf_fmode; 2438 err = 0; 2439 done: 2440 if (leavegroup) 2441 err = ip_mc_leave_group(sk, &imr); 2442 return err; 2443 } 2444 2445 int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf, 2446 struct ip_msfilter __user *optval, int __user *optlen) 2447 { 2448 int err, len, count, copycount; 2449 struct ip_mreqn imr; 2450 __be32 addr = msf->imsf_multiaddr; 2451 struct ip_mc_socklist *pmc; 2452 struct in_device *in_dev; 2453 struct inet_sock *inet = inet_sk(sk); 2454 struct ip_sf_socklist *psl; 2455 struct net *net = sock_net(sk); 2456 2457 ASSERT_RTNL(); 2458 2459 if (!ipv4_is_multicast(addr)) 2460 return -EINVAL; 2461 2462 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; 2463 imr.imr_address.s_addr = msf->imsf_interface; 2464 imr.imr_ifindex = 0; 2465 in_dev = ip_mc_find_dev(net, &imr); 2466 2467 if (!in_dev) { 2468 err = -ENODEV; 2469 goto done; 2470 } 2471 err = -EADDRNOTAVAIL; 2472 2473 for_each_pmc_rtnl(inet, pmc) { 2474 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr && 2475 pmc->multi.imr_ifindex == imr.imr_ifindex) 2476 break; 2477 } 2478 if (!pmc) /* must have a prior join */ 2479 goto done; 2480 msf->imsf_fmode = pmc->sfmode; 2481 psl = rtnl_dereference(pmc->sflist); 2482 if (!psl) { 2483 len = 0; 2484 count = 0; 2485 } else { 2486 count = psl->sl_count; 2487 } 2488 copycount = count < msf->imsf_numsrc ? count : msf->imsf_numsrc; 2489 len = copycount * sizeof(psl->sl_addr[0]); 2490 msf->imsf_numsrc = count; 2491 if (put_user(IP_MSFILTER_SIZE(copycount), optlen) || 2492 copy_to_user(optval, msf, IP_MSFILTER_SIZE(0))) { 2493 return -EFAULT; 2494 } 2495 if (len && 2496 copy_to_user(&optval->imsf_slist[0], psl->sl_addr, len)) 2497 return -EFAULT; 2498 return 0; 2499 done: 2500 return err; 2501 } 2502 2503 int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf, 2504 struct group_filter __user *optval, int __user *optlen) 2505 { 2506 int err, i, count, copycount; 2507 struct sockaddr_in *psin; 2508 __be32 addr; 2509 struct ip_mc_socklist *pmc; 2510 struct inet_sock *inet = inet_sk(sk); 2511 struct ip_sf_socklist *psl; 2512 2513 ASSERT_RTNL(); 2514 2515 psin = (struct sockaddr_in *)&gsf->gf_group; 2516 if (psin->sin_family != AF_INET) 2517 return -EINVAL; 2518 addr = psin->sin_addr.s_addr; 2519 if (!ipv4_is_multicast(addr)) 2520 return -EINVAL; 2521 2522 err = -EADDRNOTAVAIL; 2523 2524 for_each_pmc_rtnl(inet, pmc) { 2525 if (pmc->multi.imr_multiaddr.s_addr == addr && 2526 pmc->multi.imr_ifindex == gsf->gf_interface) 2527 break; 2528 } 2529 if (!pmc) /* must have a prior join */ 2530 goto done; 2531 gsf->gf_fmode = pmc->sfmode; 2532 psl = rtnl_dereference(pmc->sflist); 2533 count = psl ? psl->sl_count : 0; 2534 copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc; 2535 gsf->gf_numsrc = count; 2536 if (put_user(GROUP_FILTER_SIZE(copycount), optlen) || 2537 copy_to_user(optval, gsf, GROUP_FILTER_SIZE(0))) { 2538 return -EFAULT; 2539 } 2540 for (i = 0; i < copycount; i++) { 2541 struct sockaddr_storage ss; 2542 2543 psin = (struct sockaddr_in *)&ss; 2544 memset(&ss, 0, sizeof(ss)); 2545 psin->sin_family = AF_INET; 2546 psin->sin_addr.s_addr = psl->sl_addr[i]; 2547 if (copy_to_user(&optval->gf_slist[i], &ss, sizeof(ss))) 2548 return -EFAULT; 2549 } 2550 return 0; 2551 done: 2552 return err; 2553 } 2554 2555 /* 2556 * check if a multicast source filter allows delivery for a given <src,dst,intf> 2557 */ 2558 int ip_mc_sf_allow(struct sock *sk, __be32 loc_addr, __be32 rmt_addr, 2559 int dif, int sdif) 2560 { 2561 struct inet_sock *inet = inet_sk(sk); 2562 struct ip_mc_socklist *pmc; 2563 struct ip_sf_socklist *psl; 2564 int i; 2565 int ret; 2566 2567 ret = 1; 2568 if (!ipv4_is_multicast(loc_addr)) 2569 goto out; 2570 2571 rcu_read_lock(); 2572 for_each_pmc_rcu(inet, pmc) { 2573 if (pmc->multi.imr_multiaddr.s_addr == loc_addr && 2574 (pmc->multi.imr_ifindex == dif || 2575 (sdif && pmc->multi.imr_ifindex == sdif))) 2576 break; 2577 } 2578 ret = inet->mc_all; 2579 if (!pmc) 2580 goto unlock; 2581 psl = rcu_dereference(pmc->sflist); 2582 ret = (pmc->sfmode == MCAST_EXCLUDE); 2583 if (!psl) 2584 goto unlock; 2585 2586 for (i = 0; i < psl->sl_count; i++) { 2587 if (psl->sl_addr[i] == rmt_addr) 2588 break; 2589 } 2590 ret = 0; 2591 if (pmc->sfmode == MCAST_INCLUDE && i >= psl->sl_count) 2592 goto unlock; 2593 if (pmc->sfmode == MCAST_EXCLUDE && i < psl->sl_count) 2594 goto unlock; 2595 ret = 1; 2596 unlock: 2597 rcu_read_unlock(); 2598 out: 2599 return ret; 2600 } 2601 2602 /* 2603 * A socket is closing. 2604 */ 2605 2606 void ip_mc_drop_socket(struct sock *sk) 2607 { 2608 struct inet_sock *inet = inet_sk(sk); 2609 struct ip_mc_socklist *iml; 2610 struct net *net = sock_net(sk); 2611 2612 if (!inet->mc_list) 2613 return; 2614 2615 rtnl_lock(); 2616 while ((iml = rtnl_dereference(inet->mc_list)) != NULL) { 2617 struct in_device *in_dev; 2618 2619 inet->mc_list = iml->next_rcu; 2620 in_dev = inetdev_by_index(net, iml->multi.imr_ifindex); 2621 (void) ip_mc_leave_src(sk, iml, in_dev); 2622 if (in_dev) 2623 ip_mc_dec_group(in_dev, iml->multi.imr_multiaddr.s_addr); 2624 /* decrease mem now to avoid the memleak warning */ 2625 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc); 2626 kfree_rcu(iml, rcu); 2627 } 2628 rtnl_unlock(); 2629 } 2630 2631 /* called with rcu_read_lock() */ 2632 int ip_check_mc_rcu(struct in_device *in_dev, __be32 mc_addr, __be32 src_addr, u8 proto) 2633 { 2634 struct ip_mc_list *im; 2635 struct ip_mc_list __rcu **mc_hash; 2636 struct ip_sf_list *psf; 2637 int rv = 0; 2638 2639 mc_hash = rcu_dereference(in_dev->mc_hash); 2640 if (mc_hash) { 2641 u32 hash = hash_32((__force u32)mc_addr, MC_HASH_SZ_LOG); 2642 2643 for (im = rcu_dereference(mc_hash[hash]); 2644 im != NULL; 2645 im = rcu_dereference(im->next_hash)) { 2646 if (im->multiaddr == mc_addr) 2647 break; 2648 } 2649 } else { 2650 for_each_pmc_rcu(in_dev, im) { 2651 if (im->multiaddr == mc_addr) 2652 break; 2653 } 2654 } 2655 if (im && proto == IPPROTO_IGMP) { 2656 rv = 1; 2657 } else if (im) { 2658 if (src_addr) { 2659 for (psf = im->sources; psf; psf = psf->sf_next) { 2660 if (psf->sf_inaddr == src_addr) 2661 break; 2662 } 2663 if (psf) 2664 rv = psf->sf_count[MCAST_INCLUDE] || 2665 psf->sf_count[MCAST_EXCLUDE] != 2666 im->sfcount[MCAST_EXCLUDE]; 2667 else 2668 rv = im->sfcount[MCAST_EXCLUDE] != 0; 2669 } else 2670 rv = 1; /* unspecified source; tentatively allow */ 2671 } 2672 return rv; 2673 } 2674 2675 #if defined(CONFIG_PROC_FS) 2676 struct igmp_mc_iter_state { 2677 struct seq_net_private p; 2678 struct net_device *dev; 2679 struct in_device *in_dev; 2680 }; 2681 2682 #define igmp_mc_seq_private(seq) ((struct igmp_mc_iter_state *)(seq)->private) 2683 2684 static inline struct ip_mc_list *igmp_mc_get_first(struct seq_file *seq) 2685 { 2686 struct net *net = seq_file_net(seq); 2687 struct ip_mc_list *im = NULL; 2688 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2689 2690 state->in_dev = NULL; 2691 for_each_netdev_rcu(net, state->dev) { 2692 struct in_device *in_dev; 2693 2694 in_dev = __in_dev_get_rcu(state->dev); 2695 if (!in_dev) 2696 continue; 2697 im = rcu_dereference(in_dev->mc_list); 2698 if (im) { 2699 state->in_dev = in_dev; 2700 break; 2701 } 2702 } 2703 return im; 2704 } 2705 2706 static struct ip_mc_list *igmp_mc_get_next(struct seq_file *seq, struct ip_mc_list *im) 2707 { 2708 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2709 2710 im = rcu_dereference(im->next_rcu); 2711 while (!im) { 2712 state->dev = next_net_device_rcu(state->dev); 2713 if (!state->dev) { 2714 state->in_dev = NULL; 2715 break; 2716 } 2717 state->in_dev = __in_dev_get_rcu(state->dev); 2718 if (!state->in_dev) 2719 continue; 2720 im = rcu_dereference(state->in_dev->mc_list); 2721 } 2722 return im; 2723 } 2724 2725 static struct ip_mc_list *igmp_mc_get_idx(struct seq_file *seq, loff_t pos) 2726 { 2727 struct ip_mc_list *im = igmp_mc_get_first(seq); 2728 if (im) 2729 while (pos && (im = igmp_mc_get_next(seq, im)) != NULL) 2730 --pos; 2731 return pos ? NULL : im; 2732 } 2733 2734 static void *igmp_mc_seq_start(struct seq_file *seq, loff_t *pos) 2735 __acquires(rcu) 2736 { 2737 rcu_read_lock(); 2738 return *pos ? igmp_mc_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2739 } 2740 2741 static void *igmp_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2742 { 2743 struct ip_mc_list *im; 2744 if (v == SEQ_START_TOKEN) 2745 im = igmp_mc_get_first(seq); 2746 else 2747 im = igmp_mc_get_next(seq, v); 2748 ++*pos; 2749 return im; 2750 } 2751 2752 static void igmp_mc_seq_stop(struct seq_file *seq, void *v) 2753 __releases(rcu) 2754 { 2755 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2756 2757 state->in_dev = NULL; 2758 state->dev = NULL; 2759 rcu_read_unlock(); 2760 } 2761 2762 static int igmp_mc_seq_show(struct seq_file *seq, void *v) 2763 { 2764 if (v == SEQ_START_TOKEN) 2765 seq_puts(seq, 2766 "Idx\tDevice : Count Querier\tGroup Users Timer\tReporter\n"); 2767 else { 2768 struct ip_mc_list *im = (struct ip_mc_list *)v; 2769 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2770 char *querier; 2771 long delta; 2772 2773 #ifdef CONFIG_IP_MULTICAST 2774 querier = IGMP_V1_SEEN(state->in_dev) ? "V1" : 2775 IGMP_V2_SEEN(state->in_dev) ? "V2" : 2776 "V3"; 2777 #else 2778 querier = "NONE"; 2779 #endif 2780 2781 if (rcu_access_pointer(state->in_dev->mc_list) == im) { 2782 seq_printf(seq, "%d\t%-10s: %5d %7s\n", 2783 state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); 2784 } 2785 2786 delta = im->timer.expires - jiffies; 2787 seq_printf(seq, 2788 "\t\t\t\t%08X %5d %d:%08lX\t\t%d\n", 2789 im->multiaddr, im->users, 2790 im->tm_running, 2791 im->tm_running ? jiffies_delta_to_clock_t(delta) : 0, 2792 im->reporter); 2793 } 2794 return 0; 2795 } 2796 2797 static const struct seq_operations igmp_mc_seq_ops = { 2798 .start = igmp_mc_seq_start, 2799 .next = igmp_mc_seq_next, 2800 .stop = igmp_mc_seq_stop, 2801 .show = igmp_mc_seq_show, 2802 }; 2803 2804 static int igmp_mc_seq_open(struct inode *inode, struct file *file) 2805 { 2806 return seq_open_net(inode, file, &igmp_mc_seq_ops, 2807 sizeof(struct igmp_mc_iter_state)); 2808 } 2809 2810 static const struct file_operations igmp_mc_seq_fops = { 2811 .owner = THIS_MODULE, 2812 .open = igmp_mc_seq_open, 2813 .read = seq_read, 2814 .llseek = seq_lseek, 2815 .release = seq_release_net, 2816 }; 2817 2818 struct igmp_mcf_iter_state { 2819 struct seq_net_private p; 2820 struct net_device *dev; 2821 struct in_device *idev; 2822 struct ip_mc_list *im; 2823 }; 2824 2825 #define igmp_mcf_seq_private(seq) ((struct igmp_mcf_iter_state *)(seq)->private) 2826 2827 static inline struct ip_sf_list *igmp_mcf_get_first(struct seq_file *seq) 2828 { 2829 struct net *net = seq_file_net(seq); 2830 struct ip_sf_list *psf = NULL; 2831 struct ip_mc_list *im = NULL; 2832 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2833 2834 state->idev = NULL; 2835 state->im = NULL; 2836 for_each_netdev_rcu(net, state->dev) { 2837 struct in_device *idev; 2838 idev = __in_dev_get_rcu(state->dev); 2839 if (unlikely(!idev)) 2840 continue; 2841 im = rcu_dereference(idev->mc_list); 2842 if (likely(im)) { 2843 spin_lock_bh(&im->lock); 2844 psf = im->sources; 2845 if (likely(psf)) { 2846 state->im = im; 2847 state->idev = idev; 2848 break; 2849 } 2850 spin_unlock_bh(&im->lock); 2851 } 2852 } 2853 return psf; 2854 } 2855 2856 static struct ip_sf_list *igmp_mcf_get_next(struct seq_file *seq, struct ip_sf_list *psf) 2857 { 2858 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2859 2860 psf = psf->sf_next; 2861 while (!psf) { 2862 spin_unlock_bh(&state->im->lock); 2863 state->im = state->im->next; 2864 while (!state->im) { 2865 state->dev = next_net_device_rcu(state->dev); 2866 if (!state->dev) { 2867 state->idev = NULL; 2868 goto out; 2869 } 2870 state->idev = __in_dev_get_rcu(state->dev); 2871 if (!state->idev) 2872 continue; 2873 state->im = rcu_dereference(state->idev->mc_list); 2874 } 2875 if (!state->im) 2876 break; 2877 spin_lock_bh(&state->im->lock); 2878 psf = state->im->sources; 2879 } 2880 out: 2881 return psf; 2882 } 2883 2884 static struct ip_sf_list *igmp_mcf_get_idx(struct seq_file *seq, loff_t pos) 2885 { 2886 struct ip_sf_list *psf = igmp_mcf_get_first(seq); 2887 if (psf) 2888 while (pos && (psf = igmp_mcf_get_next(seq, psf)) != NULL) 2889 --pos; 2890 return pos ? NULL : psf; 2891 } 2892 2893 static void *igmp_mcf_seq_start(struct seq_file *seq, loff_t *pos) 2894 __acquires(rcu) 2895 { 2896 rcu_read_lock(); 2897 return *pos ? igmp_mcf_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2898 } 2899 2900 static void *igmp_mcf_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2901 { 2902 struct ip_sf_list *psf; 2903 if (v == SEQ_START_TOKEN) 2904 psf = igmp_mcf_get_first(seq); 2905 else 2906 psf = igmp_mcf_get_next(seq, v); 2907 ++*pos; 2908 return psf; 2909 } 2910 2911 static void igmp_mcf_seq_stop(struct seq_file *seq, void *v) 2912 __releases(rcu) 2913 { 2914 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2915 if (likely(state->im)) { 2916 spin_unlock_bh(&state->im->lock); 2917 state->im = NULL; 2918 } 2919 state->idev = NULL; 2920 state->dev = NULL; 2921 rcu_read_unlock(); 2922 } 2923 2924 static int igmp_mcf_seq_show(struct seq_file *seq, void *v) 2925 { 2926 struct ip_sf_list *psf = (struct ip_sf_list *)v; 2927 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2928 2929 if (v == SEQ_START_TOKEN) { 2930 seq_puts(seq, "Idx Device MCA SRC INC EXC\n"); 2931 } else { 2932 seq_printf(seq, 2933 "%3d %6.6s 0x%08x " 2934 "0x%08x %6lu %6lu\n", 2935 state->dev->ifindex, state->dev->name, 2936 ntohl(state->im->multiaddr), 2937 ntohl(psf->sf_inaddr), 2938 psf->sf_count[MCAST_INCLUDE], 2939 psf->sf_count[MCAST_EXCLUDE]); 2940 } 2941 return 0; 2942 } 2943 2944 static const struct seq_operations igmp_mcf_seq_ops = { 2945 .start = igmp_mcf_seq_start, 2946 .next = igmp_mcf_seq_next, 2947 .stop = igmp_mcf_seq_stop, 2948 .show = igmp_mcf_seq_show, 2949 }; 2950 2951 static int igmp_mcf_seq_open(struct inode *inode, struct file *file) 2952 { 2953 return seq_open_net(inode, file, &igmp_mcf_seq_ops, 2954 sizeof(struct igmp_mcf_iter_state)); 2955 } 2956 2957 static const struct file_operations igmp_mcf_seq_fops = { 2958 .owner = THIS_MODULE, 2959 .open = igmp_mcf_seq_open, 2960 .read = seq_read, 2961 .llseek = seq_lseek, 2962 .release = seq_release_net, 2963 }; 2964 2965 static int __net_init igmp_net_init(struct net *net) 2966 { 2967 struct proc_dir_entry *pde; 2968 int err; 2969 2970 pde = proc_create("igmp", S_IRUGO, net->proc_net, &igmp_mc_seq_fops); 2971 if (!pde) 2972 goto out_igmp; 2973 pde = proc_create("mcfilter", S_IRUGO, net->proc_net, 2974 &igmp_mcf_seq_fops); 2975 if (!pde) 2976 goto out_mcfilter; 2977 err = inet_ctl_sock_create(&net->ipv4.mc_autojoin_sk, AF_INET, 2978 SOCK_DGRAM, 0, net); 2979 if (err < 0) { 2980 pr_err("Failed to initialize the IGMP autojoin socket (err %d)\n", 2981 err); 2982 goto out_sock; 2983 } 2984 2985 return 0; 2986 2987 out_sock: 2988 remove_proc_entry("mcfilter", net->proc_net); 2989 out_mcfilter: 2990 remove_proc_entry("igmp", net->proc_net); 2991 out_igmp: 2992 return -ENOMEM; 2993 } 2994 2995 static void __net_exit igmp_net_exit(struct net *net) 2996 { 2997 remove_proc_entry("mcfilter", net->proc_net); 2998 remove_proc_entry("igmp", net->proc_net); 2999 inet_ctl_sock_destroy(net->ipv4.mc_autojoin_sk); 3000 } 3001 3002 static struct pernet_operations igmp_net_ops = { 3003 .init = igmp_net_init, 3004 .exit = igmp_net_exit, 3005 }; 3006 #endif 3007 3008 static int igmp_netdev_event(struct notifier_block *this, 3009 unsigned long event, void *ptr) 3010 { 3011 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 3012 struct in_device *in_dev; 3013 3014 switch (event) { 3015 case NETDEV_RESEND_IGMP: 3016 in_dev = __in_dev_get_rtnl(dev); 3017 if (in_dev) 3018 ip_mc_rejoin_groups(in_dev); 3019 break; 3020 default: 3021 break; 3022 } 3023 return NOTIFY_DONE; 3024 } 3025 3026 static struct notifier_block igmp_notifier = { 3027 .notifier_call = igmp_netdev_event, 3028 }; 3029 3030 int __init igmp_mc_init(void) 3031 { 3032 #if defined(CONFIG_PROC_FS) 3033 int err; 3034 3035 err = register_pernet_subsys(&igmp_net_ops); 3036 if (err) 3037 return err; 3038 err = register_netdevice_notifier(&igmp_notifier); 3039 if (err) 3040 goto reg_notif_fail; 3041 return 0; 3042 3043 reg_notif_fail: 3044 unregister_pernet_subsys(&igmp_net_ops); 3045 return err; 3046 #else 3047 return register_netdevice_notifier(&igmp_notifier); 3048 #endif 3049 } 3050