]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - net/bridge/br_multicast.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
netfilter: Pass struct net into the netfilter hooks
[mirror_ubuntu-bionic-kernel.git] / net / bridge / br_multicast.c
1 /*
2 * Bridge multicast support.
3 *
4 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au>
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 2 of the License, or (at your option)
9 * any later version.
10 *
11 */
12
13 #include <linux/err.h>
14 #include <linux/export.h>
15 #include <linux/if_ether.h>
16 #include <linux/igmp.h>
17 #include <linux/jhash.h>
18 #include <linux/kernel.h>
19 #include <linux/log2.h>
20 #include <linux/netdevice.h>
21 #include <linux/netfilter_bridge.h>
22 #include <linux/random.h>
23 #include <linux/rculist.h>
24 #include <linux/skbuff.h>
25 #include <linux/slab.h>
26 #include <linux/timer.h>
27 #include <linux/inetdevice.h>
28 #include <net/ip.h>
29 #if IS_ENABLED(CONFIG_IPV6)
30 #include <net/ipv6.h>
31 #include <net/mld.h>
32 #include <net/ip6_checksum.h>
33 #include <net/addrconf.h>
34 #endif
35
36 #include "br_private.h"
37
38 static void br_multicast_start_querier(struct net_bridge *br,
39 struct bridge_mcast_own_query *query);
40 static void br_multicast_add_router(struct net_bridge *br,
41 struct net_bridge_port *port);
42 static void br_ip4_multicast_leave_group(struct net_bridge *br,
43 struct net_bridge_port *port,
44 __be32 group,
45 __u16 vid);
46 #if IS_ENABLED(CONFIG_IPV6)
47 static void br_ip6_multicast_leave_group(struct net_bridge *br,
48 struct net_bridge_port *port,
49 const struct in6_addr *group,
50 __u16 vid);
51 #endif
52 unsigned int br_mdb_rehash_seq;
53
54 static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b)
55 {
56 if (a->proto != b->proto)
57 return 0;
58 if (a->vid != b->vid)
59 return 0;
60 switch (a->proto) {
61 case htons(ETH_P_IP):
62 return a->u.ip4 == b->u.ip4;
63 #if IS_ENABLED(CONFIG_IPV6)
64 case htons(ETH_P_IPV6):
65 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6);
66 #endif
67 }
68 return 0;
69 }
70
71 static inline int __br_ip4_hash(struct net_bridge_mdb_htable *mdb, __be32 ip,
72 __u16 vid)
73 {
74 return jhash_2words((__force u32)ip, vid, mdb->secret) & (mdb->max - 1);
75 }
76
77 #if IS_ENABLED(CONFIG_IPV6)
78 static inline int __br_ip6_hash(struct net_bridge_mdb_htable *mdb,
79 const struct in6_addr *ip,
80 __u16 vid)
81 {
82 return jhash_2words(ipv6_addr_hash(ip), vid,
83 mdb->secret) & (mdb->max - 1);
84 }
85 #endif
86
87 static inline int br_ip_hash(struct net_bridge_mdb_htable *mdb,
88 struct br_ip *ip)
89 {
90 switch (ip->proto) {
91 case htons(ETH_P_IP):
92 return __br_ip4_hash(mdb, ip->u.ip4, ip->vid);
93 #if IS_ENABLED(CONFIG_IPV6)
94 case htons(ETH_P_IPV6):
95 return __br_ip6_hash(mdb, &ip->u.ip6, ip->vid);
96 #endif
97 }
98 return 0;
99 }
100
101 static struct net_bridge_mdb_entry *__br_mdb_ip_get(
102 struct net_bridge_mdb_htable *mdb, struct br_ip *dst, int hash)
103 {
104 struct net_bridge_mdb_entry *mp;
105
106 hlist_for_each_entry_rcu(mp, &mdb->mhash[hash], hlist[mdb->ver]) {
107 if (br_ip_equal(&mp->addr, dst))
108 return mp;
109 }
110
111 return NULL;
112 }
113
114 struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge_mdb_htable *mdb,
115 struct br_ip *dst)
116 {
117 if (!mdb)
118 return NULL;
119
120 return __br_mdb_ip_get(mdb, dst, br_ip_hash(mdb, dst));
121 }
122
123 static struct net_bridge_mdb_entry *br_mdb_ip4_get(
124 struct net_bridge_mdb_htable *mdb, __be32 dst, __u16 vid)
125 {
126 struct br_ip br_dst;
127
128 br_dst.u.ip4 = dst;
129 br_dst.proto = htons(ETH_P_IP);
130 br_dst.vid = vid;
131
132 return br_mdb_ip_get(mdb, &br_dst);
133 }
134
135 #if IS_ENABLED(CONFIG_IPV6)
136 static struct net_bridge_mdb_entry *br_mdb_ip6_get(
137 struct net_bridge_mdb_htable *mdb, const struct in6_addr *dst,
138 __u16 vid)
139 {
140 struct br_ip br_dst;
141
142 br_dst.u.ip6 = *dst;
143 br_dst.proto = htons(ETH_P_IPV6);
144 br_dst.vid = vid;
145
146 return br_mdb_ip_get(mdb, &br_dst);
147 }
148 #endif
149
150 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br,
151 struct sk_buff *skb, u16 vid)
152 {
153 struct net_bridge_mdb_htable *mdb = rcu_dereference(br->mdb);
154 struct br_ip ip;
155
156 if (br->multicast_disabled)
157 return NULL;
158
159 if (BR_INPUT_SKB_CB(skb)->igmp)
160 return NULL;
161
162 ip.proto = skb->protocol;
163 ip.vid = vid;
164
165 switch (skb->protocol) {
166 case htons(ETH_P_IP):
167 ip.u.ip4 = ip_hdr(skb)->daddr;
168 break;
169 #if IS_ENABLED(CONFIG_IPV6)
170 case htons(ETH_P_IPV6):
171 ip.u.ip6 = ipv6_hdr(skb)->daddr;
172 break;
173 #endif
174 default:
175 return NULL;
176 }
177
178 return br_mdb_ip_get(mdb, &ip);
179 }
180
181 static void br_mdb_free(struct rcu_head *head)
182 {
183 struct net_bridge_mdb_htable *mdb =
184 container_of(head, struct net_bridge_mdb_htable, rcu);
185 struct net_bridge_mdb_htable *old = mdb->old;
186
187 mdb->old = NULL;
188 kfree(old->mhash);
189 kfree(old);
190 }
191
192 static int br_mdb_copy(struct net_bridge_mdb_htable *new,
193 struct net_bridge_mdb_htable *old,
194 int elasticity)
195 {
196 struct net_bridge_mdb_entry *mp;
197 int maxlen;
198 int len;
199 int i;
200
201 for (i = 0; i < old->max; i++)
202 hlist_for_each_entry(mp, &old->mhash[i], hlist[old->ver])
203 hlist_add_head(&mp->hlist[new->ver],
204 &new->mhash[br_ip_hash(new, &mp->addr)]);
205
206 if (!elasticity)
207 return 0;
208
209 maxlen = 0;
210 for (i = 0; i < new->max; i++) {
211 len = 0;
212 hlist_for_each_entry(mp, &new->mhash[i], hlist[new->ver])
213 len++;
214 if (len > maxlen)
215 maxlen = len;
216 }
217
218 return maxlen > elasticity ? -EINVAL : 0;
219 }
220
221 void br_multicast_free_pg(struct rcu_head *head)
222 {
223 struct net_bridge_port_group *p =
224 container_of(head, struct net_bridge_port_group, rcu);
225
226 kfree(p);
227 }
228
229 static void br_multicast_free_group(struct rcu_head *head)
230 {
231 struct net_bridge_mdb_entry *mp =
232 container_of(head, struct net_bridge_mdb_entry, rcu);
233
234 kfree(mp);
235 }
236
237 static void br_multicast_group_expired(unsigned long data)
238 {
239 struct net_bridge_mdb_entry *mp = (void *)data;
240 struct net_bridge *br = mp->br;
241 struct net_bridge_mdb_htable *mdb;
242
243 spin_lock(&br->multicast_lock);
244 if (!netif_running(br->dev) || timer_pending(&mp->timer))
245 goto out;
246
247 mp->mglist = false;
248
249 if (mp->ports)
250 goto out;
251
252 mdb = mlock_dereference(br->mdb, br);
253
254 hlist_del_rcu(&mp->hlist[mdb->ver]);
255 mdb->size--;
256
257 call_rcu_bh(&mp->rcu, br_multicast_free_group);
258
259 out:
260 spin_unlock(&br->multicast_lock);
261 }
262
263 static void br_multicast_del_pg(struct net_bridge *br,
264 struct net_bridge_port_group *pg)
265 {
266 struct net_bridge_mdb_htable *mdb;
267 struct net_bridge_mdb_entry *mp;
268 struct net_bridge_port_group *p;
269 struct net_bridge_port_group __rcu **pp;
270
271 mdb = mlock_dereference(br->mdb, br);
272
273 mp = br_mdb_ip_get(mdb, &pg->addr);
274 if (WARN_ON(!mp))
275 return;
276
277 for (pp = &mp->ports;
278 (p = mlock_dereference(*pp, br)) != NULL;
279 pp = &p->next) {
280 if (p != pg)
281 continue;
282
283 rcu_assign_pointer(*pp, p->next);
284 hlist_del_init(&p->mglist);
285 del_timer(&p->timer);
286 br_mdb_notify(br->dev, p->port, &pg->addr, RTM_DELMDB,
287 p->state);
288 call_rcu_bh(&p->rcu, br_multicast_free_pg);
289
290 if (!mp->ports && !mp->mglist &&
291 netif_running(br->dev))
292 mod_timer(&mp->timer, jiffies);
293
294 return;
295 }
296
297 WARN_ON(1);
298 }
299
300 static void br_multicast_port_group_expired(unsigned long data)
301 {
302 struct net_bridge_port_group *pg = (void *)data;
303 struct net_bridge *br = pg->port->br;
304
305 spin_lock(&br->multicast_lock);
306 if (!netif_running(br->dev) || timer_pending(&pg->timer) ||
307 hlist_unhashed(&pg->mglist) || pg->state & MDB_PERMANENT)
308 goto out;
309
310 br_multicast_del_pg(br, pg);
311
312 out:
313 spin_unlock(&br->multicast_lock);
314 }
315
316 static int br_mdb_rehash(struct net_bridge_mdb_htable __rcu **mdbp, int max,
317 int elasticity)
318 {
319 struct net_bridge_mdb_htable *old = rcu_dereference_protected(*mdbp, 1);
320 struct net_bridge_mdb_htable *mdb;
321 int err;
322
323 mdb = kmalloc(sizeof(*mdb), GFP_ATOMIC);
324 if (!mdb)
325 return -ENOMEM;
326
327 mdb->max = max;
328 mdb->old = old;
329
330 mdb->mhash = kzalloc(max * sizeof(*mdb->mhash), GFP_ATOMIC);
331 if (!mdb->mhash) {
332 kfree(mdb);
333 return -ENOMEM;
334 }
335
336 mdb->size = old ? old->size : 0;
337 mdb->ver = old ? old->ver ^ 1 : 0;
338
339 if (!old || elasticity)
340 get_random_bytes(&mdb->secret, sizeof(mdb->secret));
341 else
342 mdb->secret = old->secret;
343
344 if (!old)
345 goto out;
346
347 err = br_mdb_copy(mdb, old, elasticity);
348 if (err) {
349 kfree(mdb->mhash);
350 kfree(mdb);
351 return err;
352 }
353
354 br_mdb_rehash_seq++;
355 call_rcu_bh(&mdb->rcu, br_mdb_free);
356
357 out:
358 rcu_assign_pointer(*mdbp, mdb);
359
360 return 0;
361 }
362
363 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br,
364 __be32 group)
365 {
366 struct sk_buff *skb;
367 struct igmphdr *ih;
368 struct ethhdr *eth;
369 struct iphdr *iph;
370
371 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) +
372 sizeof(*ih) + 4);
373 if (!skb)
374 goto out;
375
376 skb->protocol = htons(ETH_P_IP);
377
378 skb_reset_mac_header(skb);
379 eth = eth_hdr(skb);
380
381 ether_addr_copy(eth->h_source, br->dev->dev_addr);
382 eth->h_dest[0] = 1;
383 eth->h_dest[1] = 0;
384 eth->h_dest[2] = 0x5e;
385 eth->h_dest[3] = 0;
386 eth->h_dest[4] = 0;
387 eth->h_dest[5] = 1;
388 eth->h_proto = htons(ETH_P_IP);
389 skb_put(skb, sizeof(*eth));
390
391 skb_set_network_header(skb, skb->len);
392 iph = ip_hdr(skb);
393
394 iph->version = 4;
395 iph->ihl = 6;
396 iph->tos = 0xc0;
397 iph->tot_len = htons(sizeof(*iph) + sizeof(*ih) + 4);
398 iph->id = 0;
399 iph->frag_off = htons(IP_DF);
400 iph->ttl = 1;
401 iph->protocol = IPPROTO_IGMP;
402 iph->saddr = br->multicast_query_use_ifaddr ?
403 inet_select_addr(br->dev, 0, RT_SCOPE_LINK) : 0;
404 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP);
405 ((u8 *)&iph[1])[0] = IPOPT_RA;
406 ((u8 *)&iph[1])[1] = 4;
407 ((u8 *)&iph[1])[2] = 0;
408 ((u8 *)&iph[1])[3] = 0;
409 ip_send_check(iph);
410 skb_put(skb, 24);
411
412 skb_set_transport_header(skb, skb->len);
413 ih = igmp_hdr(skb);
414 ih->type = IGMP_HOST_MEMBERSHIP_QUERY;
415 ih->code = (group ? br->multicast_last_member_interval :
416 br->multicast_query_response_interval) /
417 (HZ / IGMP_TIMER_SCALE);
418 ih->group = group;
419 ih->csum = 0;
420 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr));
421 skb_put(skb, sizeof(*ih));
422
423 __skb_pull(skb, sizeof(*eth));
424
425 out:
426 return skb;
427 }
428
429 #if IS_ENABLED(CONFIG_IPV6)
430 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br,
431 const struct in6_addr *group)
432 {
433 struct sk_buff *skb;
434 struct ipv6hdr *ip6h;
435 struct mld_msg *mldq;
436 struct ethhdr *eth;
437 u8 *hopopt;
438 unsigned long interval;
439
440 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) +
441 8 + sizeof(*mldq));
442 if (!skb)
443 goto out;
444
445 skb->protocol = htons(ETH_P_IPV6);
446
447 /* Ethernet header */
448 skb_reset_mac_header(skb);
449 eth = eth_hdr(skb);
450
451 ether_addr_copy(eth->h_source, br->dev->dev_addr);
452 eth->h_proto = htons(ETH_P_IPV6);
453 skb_put(skb, sizeof(*eth));
454
455 /* IPv6 header + HbH option */
456 skb_set_network_header(skb, skb->len);
457 ip6h = ipv6_hdr(skb);
458
459 *(__force __be32 *)ip6h = htonl(0x60000000);
460 ip6h->payload_len = htons(8 + sizeof(*mldq));
461 ip6h->nexthdr = IPPROTO_HOPOPTS;
462 ip6h->hop_limit = 1;
463 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1));
464 if (ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0,
465 &ip6h->saddr)) {
466 kfree_skb(skb);
467 return NULL;
468 }
469 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest);
470
471 hopopt = (u8 *)(ip6h + 1);
472 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */
473 hopopt[1] = 0; /* length of HbH */
474 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */
475 hopopt[3] = 2; /* Length of RA Option */
476 hopopt[4] = 0; /* Type = 0x0000 (MLD) */
477 hopopt[5] = 0;
478 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */
479 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */
480
481 skb_put(skb, sizeof(*ip6h) + 8);
482
483 /* ICMPv6 */
484 skb_set_transport_header(skb, skb->len);
485 mldq = (struct mld_msg *) icmp6_hdr(skb);
486
487 interval = ipv6_addr_any(group) ?
488 br->multicast_query_response_interval :
489 br->multicast_last_member_interval;
490
491 mldq->mld_type = ICMPV6_MGM_QUERY;
492 mldq->mld_code = 0;
493 mldq->mld_cksum = 0;
494 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval));
495 mldq->mld_reserved = 0;
496 mldq->mld_mca = *group;
497
498 /* checksum */
499 mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr,
500 sizeof(*mldq), IPPROTO_ICMPV6,
501 csum_partial(mldq,
502 sizeof(*mldq), 0));
503 skb_put(skb, sizeof(*mldq));
504
505 __skb_pull(skb, sizeof(*eth));
506
507 out:
508 return skb;
509 }
510 #endif
511
512 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br,
513 struct br_ip *addr)
514 {
515 switch (addr->proto) {
516 case htons(ETH_P_IP):
517 return br_ip4_multicast_alloc_query(br, addr->u.ip4);
518 #if IS_ENABLED(CONFIG_IPV6)
519 case htons(ETH_P_IPV6):
520 return br_ip6_multicast_alloc_query(br, &addr->u.ip6);
521 #endif
522 }
523 return NULL;
524 }
525
526 static struct net_bridge_mdb_entry *br_multicast_get_group(
527 struct net_bridge *br, struct net_bridge_port *port,
528 struct br_ip *group, int hash)
529 {
530 struct net_bridge_mdb_htable *mdb;
531 struct net_bridge_mdb_entry *mp;
532 unsigned int count = 0;
533 unsigned int max;
534 int elasticity;
535 int err;
536
537 mdb = rcu_dereference_protected(br->mdb, 1);
538 hlist_for_each_entry(mp, &mdb->mhash[hash], hlist[mdb->ver]) {
539 count++;
540 if (unlikely(br_ip_equal(group, &mp->addr)))
541 return mp;
542 }
543
544 elasticity = 0;
545 max = mdb->max;
546
547 if (unlikely(count > br->hash_elasticity && count)) {
548 if (net_ratelimit())
549 br_info(br, "Multicast hash table "
550 "chain limit reached: %s\n",
551 port ? port->dev->name : br->dev->name);
552
553 elasticity = br->hash_elasticity;
554 }
555
556 if (mdb->size >= max) {
557 max *= 2;
558 if (unlikely(max > br->hash_max)) {
559 br_warn(br, "Multicast hash table maximum of %d "
560 "reached, disabling snooping: %s\n",
561 br->hash_max,
562 port ? port->dev->name : br->dev->name);
563 err = -E2BIG;
564 disable:
565 br->multicast_disabled = 1;
566 goto err;
567 }
568 }
569
570 if (max > mdb->max || elasticity) {
571 if (mdb->old) {
572 if (net_ratelimit())
573 br_info(br, "Multicast hash table "
574 "on fire: %s\n",
575 port ? port->dev->name : br->dev->name);
576 err = -EEXIST;
577 goto err;
578 }
579
580 err = br_mdb_rehash(&br->mdb, max, elasticity);
581 if (err) {
582 br_warn(br, "Cannot rehash multicast "
583 "hash table, disabling snooping: %s, %d, %d\n",
584 port ? port->dev->name : br->dev->name,
585 mdb->size, err);
586 goto disable;
587 }
588
589 err = -EAGAIN;
590 goto err;
591 }
592
593 return NULL;
594
595 err:
596 mp = ERR_PTR(err);
597 return mp;
598 }
599
600 struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br,
601 struct net_bridge_port *port, struct br_ip *group)
602 {
603 struct net_bridge_mdb_htable *mdb;
604 struct net_bridge_mdb_entry *mp;
605 int hash;
606 int err;
607
608 mdb = rcu_dereference_protected(br->mdb, 1);
609 if (!mdb) {
610 err = br_mdb_rehash(&br->mdb, BR_HASH_SIZE, 0);
611 if (err)
612 return ERR_PTR(err);
613 goto rehash;
614 }
615
616 hash = br_ip_hash(mdb, group);
617 mp = br_multicast_get_group(br, port, group, hash);
618 switch (PTR_ERR(mp)) {
619 case 0:
620 break;
621
622 case -EAGAIN:
623 rehash:
624 mdb = rcu_dereference_protected(br->mdb, 1);
625 hash = br_ip_hash(mdb, group);
626 break;
627
628 default:
629 goto out;
630 }
631
632 mp = kzalloc(sizeof(*mp), GFP_ATOMIC);
633 if (unlikely(!mp))
634 return ERR_PTR(-ENOMEM);
635
636 mp->br = br;
637 mp->addr = *group;
638 setup_timer(&mp->timer, br_multicast_group_expired,
639 (unsigned long)mp);
640
641 hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]);
642 mdb->size++;
643
644 out:
645 return mp;
646 }
647
648 struct net_bridge_port_group *br_multicast_new_port_group(
649 struct net_bridge_port *port,
650 struct br_ip *group,
651 struct net_bridge_port_group __rcu *next,
652 unsigned char state)
653 {
654 struct net_bridge_port_group *p;
655
656 p = kzalloc(sizeof(*p), GFP_ATOMIC);
657 if (unlikely(!p))
658 return NULL;
659
660 p->addr = *group;
661 p->port = port;
662 p->state = state;
663 rcu_assign_pointer(p->next, next);
664 hlist_add_head(&p->mglist, &port->mglist);
665 setup_timer(&p->timer, br_multicast_port_group_expired,
666 (unsigned long)p);
667 return p;
668 }
669
670 static int br_multicast_add_group(struct net_bridge *br,
671 struct net_bridge_port *port,
672 struct br_ip *group)
673 {
674 struct net_bridge_mdb_entry *mp;
675 struct net_bridge_port_group *p;
676 struct net_bridge_port_group __rcu **pp;
677 unsigned long now = jiffies;
678 int err;
679
680 spin_lock(&br->multicast_lock);
681 if (!netif_running(br->dev) ||
682 (port && port->state == BR_STATE_DISABLED))
683 goto out;
684
685 mp = br_multicast_new_group(br, port, group);
686 err = PTR_ERR(mp);
687 if (IS_ERR(mp))
688 goto err;
689
690 if (!port) {
691 mp->mglist = true;
692 mod_timer(&mp->timer, now + br->multicast_membership_interval);
693 goto out;
694 }
695
696 for (pp = &mp->ports;
697 (p = mlock_dereference(*pp, br)) != NULL;
698 pp = &p->next) {
699 if (p->port == port)
700 goto found;
701 if ((unsigned long)p->port < (unsigned long)port)
702 break;
703 }
704
705 p = br_multicast_new_port_group(port, group, *pp, MDB_TEMPORARY);
706 if (unlikely(!p))
707 goto err;
708 rcu_assign_pointer(*pp, p);
709 br_mdb_notify(br->dev, port, group, RTM_NEWMDB, MDB_TEMPORARY);
710
711 found:
712 mod_timer(&p->timer, now + br->multicast_membership_interval);
713 out:
714 err = 0;
715
716 err:
717 spin_unlock(&br->multicast_lock);
718 return err;
719 }
720
721 static int br_ip4_multicast_add_group(struct net_bridge *br,
722 struct net_bridge_port *port,
723 __be32 group,
724 __u16 vid)
725 {
726 struct br_ip br_group;
727
728 if (ipv4_is_local_multicast(group))
729 return 0;
730
731 br_group.u.ip4 = group;
732 br_group.proto = htons(ETH_P_IP);
733 br_group.vid = vid;
734
735 return br_multicast_add_group(br, port, &br_group);
736 }
737
738 #if IS_ENABLED(CONFIG_IPV6)
739 static int br_ip6_multicast_add_group(struct net_bridge *br,
740 struct net_bridge_port *port,
741 const struct in6_addr *group,
742 __u16 vid)
743 {
744 struct br_ip br_group;
745
746 if (ipv6_addr_is_ll_all_nodes(group))
747 return 0;
748
749 br_group.u.ip6 = *group;
750 br_group.proto = htons(ETH_P_IPV6);
751 br_group.vid = vid;
752
753 return br_multicast_add_group(br, port, &br_group);
754 }
755 #endif
756
757 static void br_multicast_router_expired(unsigned long data)
758 {
759 struct net_bridge_port *port = (void *)data;
760 struct net_bridge *br = port->br;
761
762 spin_lock(&br->multicast_lock);
763 if (port->multicast_router != 1 ||
764 timer_pending(&port->multicast_router_timer) ||
765 hlist_unhashed(&port->rlist))
766 goto out;
767
768 hlist_del_init_rcu(&port->rlist);
769 br_rtr_notify(br->dev, port, RTM_DELMDB);
770
771 out:
772 spin_unlock(&br->multicast_lock);
773 }
774
775 static void br_multicast_local_router_expired(unsigned long data)
776 {
777 }
778
779 static void br_multicast_querier_expired(struct net_bridge *br,
780 struct bridge_mcast_own_query *query)
781 {
782 spin_lock(&br->multicast_lock);
783 if (!netif_running(br->dev) || br->multicast_disabled)
784 goto out;
785
786 br_multicast_start_querier(br, query);
787
788 out:
789 spin_unlock(&br->multicast_lock);
790 }
791
792 static void br_ip4_multicast_querier_expired(unsigned long data)
793 {
794 struct net_bridge *br = (void *)data;
795
796 br_multicast_querier_expired(br, &br->ip4_own_query);
797 }
798
799 #if IS_ENABLED(CONFIG_IPV6)
800 static void br_ip6_multicast_querier_expired(unsigned long data)
801 {
802 struct net_bridge *br = (void *)data;
803
804 br_multicast_querier_expired(br, &br->ip6_own_query);
805 }
806 #endif
807
808 static void br_multicast_select_own_querier(struct net_bridge *br,
809 struct br_ip *ip,
810 struct sk_buff *skb)
811 {
812 if (ip->proto == htons(ETH_P_IP))
813 br->ip4_querier.addr.u.ip4 = ip_hdr(skb)->saddr;
814 #if IS_ENABLED(CONFIG_IPV6)
815 else
816 br->ip6_querier.addr.u.ip6 = ipv6_hdr(skb)->saddr;
817 #endif
818 }
819
820 static void __br_multicast_send_query(struct net_bridge *br,
821 struct net_bridge_port *port,
822 struct br_ip *ip)
823 {
824 struct sk_buff *skb;
825
826 skb = br_multicast_alloc_query(br, ip);
827 if (!skb)
828 return;
829
830 if (port) {
831 skb->dev = port->dev;
832 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT,
833 dev_net(port->dev), NULL, skb, NULL, skb->dev,
834 br_dev_queue_push_xmit);
835 } else {
836 br_multicast_select_own_querier(br, ip, skb);
837 netif_rx(skb);
838 }
839 }
840
841 static void br_multicast_send_query(struct net_bridge *br,
842 struct net_bridge_port *port,
843 struct bridge_mcast_own_query *own_query)
844 {
845 unsigned long time;
846 struct br_ip br_group;
847 struct bridge_mcast_other_query *other_query = NULL;
848
849 if (!netif_running(br->dev) || br->multicast_disabled ||
850 !br->multicast_querier)
851 return;
852
853 memset(&br_group.u, 0, sizeof(br_group.u));
854
855 if (port ? (own_query == &port->ip4_own_query) :
856 (own_query == &br->ip4_own_query)) {
857 other_query = &br->ip4_other_query;
858 br_group.proto = htons(ETH_P_IP);
859 #if IS_ENABLED(CONFIG_IPV6)
860 } else {
861 other_query = &br->ip6_other_query;
862 br_group.proto = htons(ETH_P_IPV6);
863 #endif
864 }
865
866 if (!other_query || timer_pending(&other_query->timer))
867 return;
868
869 __br_multicast_send_query(br, port, &br_group);
870
871 time = jiffies;
872 time += own_query->startup_sent < br->multicast_startup_query_count ?
873 br->multicast_startup_query_interval :
874 br->multicast_query_interval;
875 mod_timer(&own_query->timer, time);
876 }
877
878 static void
879 br_multicast_port_query_expired(struct net_bridge_port *port,
880 struct bridge_mcast_own_query *query)
881 {
882 struct net_bridge *br = port->br;
883
884 spin_lock(&br->multicast_lock);
885 if (port->state == BR_STATE_DISABLED ||
886 port->state == BR_STATE_BLOCKING)
887 goto out;
888
889 if (query->startup_sent < br->multicast_startup_query_count)
890 query->startup_sent++;
891
892 br_multicast_send_query(port->br, port, query);
893
894 out:
895 spin_unlock(&br->multicast_lock);
896 }
897
898 static void br_ip4_multicast_port_query_expired(unsigned long data)
899 {
900 struct net_bridge_port *port = (void *)data;
901
902 br_multicast_port_query_expired(port, &port->ip4_own_query);
903 }
904
905 #if IS_ENABLED(CONFIG_IPV6)
906 static void br_ip6_multicast_port_query_expired(unsigned long data)
907 {
908 struct net_bridge_port *port = (void *)data;
909
910 br_multicast_port_query_expired(port, &port->ip6_own_query);
911 }
912 #endif
913
914 void br_multicast_add_port(struct net_bridge_port *port)
915 {
916 port->multicast_router = 1;
917
918 setup_timer(&port->multicast_router_timer, br_multicast_router_expired,
919 (unsigned long)port);
920 setup_timer(&port->ip4_own_query.timer,
921 br_ip4_multicast_port_query_expired, (unsigned long)port);
922 #if IS_ENABLED(CONFIG_IPV6)
923 setup_timer(&port->ip6_own_query.timer,
924 br_ip6_multicast_port_query_expired, (unsigned long)port);
925 #endif
926 }
927
928 void br_multicast_del_port(struct net_bridge_port *port)
929 {
930 struct net_bridge *br = port->br;
931 struct net_bridge_port_group *pg;
932 struct hlist_node *n;
933
934 /* Take care of the remaining groups, only perm ones should be left */
935 spin_lock_bh(&br->multicast_lock);
936 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist)
937 br_multicast_del_pg(br, pg);
938 spin_unlock_bh(&br->multicast_lock);
939 del_timer_sync(&port->multicast_router_timer);
940 }
941
942 static void br_multicast_enable(struct bridge_mcast_own_query *query)
943 {
944 query->startup_sent = 0;
945
946 if (try_to_del_timer_sync(&query->timer) >= 0 ||
947 del_timer(&query->timer))
948 mod_timer(&query->timer, jiffies);
949 }
950
951 void br_multicast_enable_port(struct net_bridge_port *port)
952 {
953 struct net_bridge *br = port->br;
954
955 spin_lock(&br->multicast_lock);
956 if (br->multicast_disabled || !netif_running(br->dev))
957 goto out;
958
959 br_multicast_enable(&port->ip4_own_query);
960 #if IS_ENABLED(CONFIG_IPV6)
961 br_multicast_enable(&port->ip6_own_query);
962 #endif
963 if (port->multicast_router == 2 && hlist_unhashed(&port->rlist))
964 br_multicast_add_router(br, port);
965
966 out:
967 spin_unlock(&br->multicast_lock);
968 }
969
970 void br_multicast_disable_port(struct net_bridge_port *port)
971 {
972 struct net_bridge *br = port->br;
973 struct net_bridge_port_group *pg;
974 struct hlist_node *n;
975
976 spin_lock(&br->multicast_lock);
977 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist)
978 if (pg->state == MDB_TEMPORARY)
979 br_multicast_del_pg(br, pg);
980
981 if (!hlist_unhashed(&port->rlist)) {
982 hlist_del_init_rcu(&port->rlist);
983 br_rtr_notify(br->dev, port, RTM_DELMDB);
984 }
985 del_timer(&port->multicast_router_timer);
986 del_timer(&port->ip4_own_query.timer);
987 #if IS_ENABLED(CONFIG_IPV6)
988 del_timer(&port->ip6_own_query.timer);
989 #endif
990 spin_unlock(&br->multicast_lock);
991 }
992
993 static int br_ip4_multicast_igmp3_report(struct net_bridge *br,
994 struct net_bridge_port *port,
995 struct sk_buff *skb,
996 u16 vid)
997 {
998 struct igmpv3_report *ih;
999 struct igmpv3_grec *grec;
1000 int i;
1001 int len;
1002 int num;
1003 int type;
1004 int err = 0;
1005 __be32 group;
1006
1007 ih = igmpv3_report_hdr(skb);
1008 num = ntohs(ih->ngrec);
1009 len = sizeof(*ih);
1010
1011 for (i = 0; i < num; i++) {
1012 len += sizeof(*grec);
1013 if (!pskb_may_pull(skb, len))
1014 return -EINVAL;
1015
1016 grec = (void *)(skb->data + len - sizeof(*grec));
1017 group = grec->grec_mca;
1018 type = grec->grec_type;
1019
1020 len += ntohs(grec->grec_nsrcs) * 4;
1021 if (!pskb_may_pull(skb, len))
1022 return -EINVAL;
1023
1024 /* We treat this as an IGMPv2 report for now. */
1025 switch (type) {
1026 case IGMPV3_MODE_IS_INCLUDE:
1027 case IGMPV3_MODE_IS_EXCLUDE:
1028 case IGMPV3_CHANGE_TO_INCLUDE:
1029 case IGMPV3_CHANGE_TO_EXCLUDE:
1030 case IGMPV3_ALLOW_NEW_SOURCES:
1031 case IGMPV3_BLOCK_OLD_SOURCES:
1032 break;
1033
1034 default:
1035 continue;
1036 }
1037
1038 if ((type == IGMPV3_CHANGE_TO_INCLUDE ||
1039 type == IGMPV3_MODE_IS_INCLUDE) &&
1040 ntohs(grec->grec_nsrcs) == 0) {
1041 br_ip4_multicast_leave_group(br, port, group, vid);
1042 } else {
1043 err = br_ip4_multicast_add_group(br, port, group, vid);
1044 if (err)
1045 break;
1046 }
1047 }
1048
1049 return err;
1050 }
1051
1052 #if IS_ENABLED(CONFIG_IPV6)
1053 static int br_ip6_multicast_mld2_report(struct net_bridge *br,
1054 struct net_bridge_port *port,
1055 struct sk_buff *skb,
1056 u16 vid)
1057 {
1058 struct icmp6hdr *icmp6h;
1059 struct mld2_grec *grec;
1060 int i;
1061 int len;
1062 int num;
1063 int err = 0;
1064
1065 if (!pskb_may_pull(skb, sizeof(*icmp6h)))
1066 return -EINVAL;
1067
1068 icmp6h = icmp6_hdr(skb);
1069 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]);
1070 len = sizeof(*icmp6h);
1071
1072 for (i = 0; i < num; i++) {
1073 __be16 *nsrcs, _nsrcs;
1074
1075 nsrcs = skb_header_pointer(skb,
1076 len + offsetof(struct mld2_grec,
1077 grec_nsrcs),
1078 sizeof(_nsrcs), &_nsrcs);
1079 if (!nsrcs)
1080 return -EINVAL;
1081
1082 if (!pskb_may_pull(skb,
1083 len + sizeof(*grec) +
1084 sizeof(struct in6_addr) * ntohs(*nsrcs)))
1085 return -EINVAL;
1086
1087 grec = (struct mld2_grec *)(skb->data + len);
1088 len += sizeof(*grec) +
1089 sizeof(struct in6_addr) * ntohs(*nsrcs);
1090
1091 /* We treat these as MLDv1 reports for now. */
1092 switch (grec->grec_type) {
1093 case MLD2_MODE_IS_INCLUDE:
1094 case MLD2_MODE_IS_EXCLUDE:
1095 case MLD2_CHANGE_TO_INCLUDE:
1096 case MLD2_CHANGE_TO_EXCLUDE:
1097 case MLD2_ALLOW_NEW_SOURCES:
1098 case MLD2_BLOCK_OLD_SOURCES:
1099 break;
1100
1101 default:
1102 continue;
1103 }
1104
1105 if ((grec->grec_type == MLD2_CHANGE_TO_INCLUDE ||
1106 grec->grec_type == MLD2_MODE_IS_INCLUDE) &&
1107 ntohs(*nsrcs) == 0) {
1108 br_ip6_multicast_leave_group(br, port, &grec->grec_mca,
1109 vid);
1110 } else {
1111 err = br_ip6_multicast_add_group(br, port,
1112 &grec->grec_mca, vid);
1113 if (!err)
1114 break;
1115 }
1116 }
1117
1118 return err;
1119 }
1120 #endif
1121
1122 static bool br_ip4_multicast_select_querier(struct net_bridge *br,
1123 struct net_bridge_port *port,
1124 __be32 saddr)
1125 {
1126 if (!timer_pending(&br->ip4_own_query.timer) &&
1127 !timer_pending(&br->ip4_other_query.timer))
1128 goto update;
1129
1130 if (!br->ip4_querier.addr.u.ip4)
1131 goto update;
1132
1133 if (ntohl(saddr) <= ntohl(br->ip4_querier.addr.u.ip4))
1134 goto update;
1135
1136 return false;
1137
1138 update:
1139 br->ip4_querier.addr.u.ip4 = saddr;
1140
1141 /* update protected by general multicast_lock by caller */
1142 rcu_assign_pointer(br->ip4_querier.port, port);
1143
1144 return true;
1145 }
1146
1147 #if IS_ENABLED(CONFIG_IPV6)
1148 static bool br_ip6_multicast_select_querier(struct net_bridge *br,
1149 struct net_bridge_port *port,
1150 struct in6_addr *saddr)
1151 {
1152 if (!timer_pending(&br->ip6_own_query.timer) &&
1153 !timer_pending(&br->ip6_other_query.timer))
1154 goto update;
1155
1156 if (ipv6_addr_cmp(saddr, &br->ip6_querier.addr.u.ip6) <= 0)
1157 goto update;
1158
1159 return false;
1160
1161 update:
1162 br->ip6_querier.addr.u.ip6 = *saddr;
1163
1164 /* update protected by general multicast_lock by caller */
1165 rcu_assign_pointer(br->ip6_querier.port, port);
1166
1167 return true;
1168 }
1169 #endif
1170
1171 static bool br_multicast_select_querier(struct net_bridge *br,
1172 struct net_bridge_port *port,
1173 struct br_ip *saddr)
1174 {
1175 switch (saddr->proto) {
1176 case htons(ETH_P_IP):
1177 return br_ip4_multicast_select_querier(br, port, saddr->u.ip4);
1178 #if IS_ENABLED(CONFIG_IPV6)
1179 case htons(ETH_P_IPV6):
1180 return br_ip6_multicast_select_querier(br, port, &saddr->u.ip6);
1181 #endif
1182 }
1183
1184 return false;
1185 }
1186
1187 static void
1188 br_multicast_update_query_timer(struct net_bridge *br,
1189 struct bridge_mcast_other_query *query,
1190 unsigned long max_delay)
1191 {
1192 if (!timer_pending(&query->timer))
1193 query->delay_time = jiffies + max_delay;
1194
1195 mod_timer(&query->timer, jiffies + br->multicast_querier_interval);
1196 }
1197
1198 /*
1199 * Add port to router_list
1200 * list is maintained ordered by pointer value
1201 * and locked by br->multicast_lock and RCU
1202 */
1203 static void br_multicast_add_router(struct net_bridge *br,
1204 struct net_bridge_port *port)
1205 {
1206 struct net_bridge_port *p;
1207 struct hlist_node *slot = NULL;
1208
1209 if (!hlist_unhashed(&port->rlist))
1210 return;
1211
1212 hlist_for_each_entry(p, &br->router_list, rlist) {
1213 if ((unsigned long) port >= (unsigned long) p)
1214 break;
1215 slot = &p->rlist;
1216 }
1217
1218 if (slot)
1219 hlist_add_behind_rcu(&port->rlist, slot);
1220 else
1221 hlist_add_head_rcu(&port->rlist, &br->router_list);
1222 br_rtr_notify(br->dev, port, RTM_NEWMDB);
1223 }
1224
1225 static void br_multicast_mark_router(struct net_bridge *br,
1226 struct net_bridge_port *port)
1227 {
1228 unsigned long now = jiffies;
1229
1230 if (!port) {
1231 if (br->multicast_router == 1)
1232 mod_timer(&br->multicast_router_timer,
1233 now + br->multicast_querier_interval);
1234 return;
1235 }
1236
1237 if (port->multicast_router != 1)
1238 return;
1239
1240 br_multicast_add_router(br, port);
1241
1242 mod_timer(&port->multicast_router_timer,
1243 now + br->multicast_querier_interval);
1244 }
1245
1246 static void br_multicast_query_received(struct net_bridge *br,
1247 struct net_bridge_port *port,
1248 struct bridge_mcast_other_query *query,
1249 struct br_ip *saddr,
1250 unsigned long max_delay)
1251 {
1252 if (!br_multicast_select_querier(br, port, saddr))
1253 return;
1254
1255 br_multicast_update_query_timer(br, query, max_delay);
1256 br_multicast_mark_router(br, port);
1257 }
1258
1259 static int br_ip4_multicast_query(struct net_bridge *br,
1260 struct net_bridge_port *port,
1261 struct sk_buff *skb,
1262 u16 vid)
1263 {
1264 const struct iphdr *iph = ip_hdr(skb);
1265 struct igmphdr *ih = igmp_hdr(skb);
1266 struct net_bridge_mdb_entry *mp;
1267 struct igmpv3_query *ih3;
1268 struct net_bridge_port_group *p;
1269 struct net_bridge_port_group __rcu **pp;
1270 struct br_ip saddr;
1271 unsigned long max_delay;
1272 unsigned long now = jiffies;
1273 __be32 group;
1274 int err = 0;
1275
1276 spin_lock(&br->multicast_lock);
1277 if (!netif_running(br->dev) ||
1278 (port && port->state == BR_STATE_DISABLED))
1279 goto out;
1280
1281 group = ih->group;
1282
1283 if (skb->len == sizeof(*ih)) {
1284 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE);
1285
1286 if (!max_delay) {
1287 max_delay = 10 * HZ;
1288 group = 0;
1289 }
1290 } else if (skb->len >= sizeof(*ih3)) {
1291 ih3 = igmpv3_query_hdr(skb);
1292 if (ih3->nsrcs)
1293 goto out;
1294
1295 max_delay = ih3->code ?
1296 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1;
1297 } else {
1298 goto out;
1299 }
1300
1301 if (!group) {
1302 saddr.proto = htons(ETH_P_IP);
1303 saddr.u.ip4 = iph->saddr;
1304
1305 br_multicast_query_received(br, port, &br->ip4_other_query,
1306 &saddr, max_delay);
1307 goto out;
1308 }
1309
1310 mp = br_mdb_ip4_get(mlock_dereference(br->mdb, br), group, vid);
1311 if (!mp)
1312 goto out;
1313
1314 max_delay *= br->multicast_last_member_count;
1315
1316 if (mp->mglist &&
1317 (timer_pending(&mp->timer) ?
1318 time_after(mp->timer.expires, now + max_delay) :
1319 try_to_del_timer_sync(&mp->timer) >= 0))
1320 mod_timer(&mp->timer, now + max_delay);
1321
1322 for (pp = &mp->ports;
1323 (p = mlock_dereference(*pp, br)) != NULL;
1324 pp = &p->next) {
1325 if (timer_pending(&p->timer) ?
1326 time_after(p->timer.expires, now + max_delay) :
1327 try_to_del_timer_sync(&p->timer) >= 0)
1328 mod_timer(&p->timer, now + max_delay);
1329 }
1330
1331 out:
1332 spin_unlock(&br->multicast_lock);
1333 return err;
1334 }
1335
1336 #if IS_ENABLED(CONFIG_IPV6)
1337 static int br_ip6_multicast_query(struct net_bridge *br,
1338 struct net_bridge_port *port,
1339 struct sk_buff *skb,
1340 u16 vid)
1341 {
1342 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
1343 struct mld_msg *mld;
1344 struct net_bridge_mdb_entry *mp;
1345 struct mld2_query *mld2q;
1346 struct net_bridge_port_group *p;
1347 struct net_bridge_port_group __rcu **pp;
1348 struct br_ip saddr;
1349 unsigned long max_delay;
1350 unsigned long now = jiffies;
1351 const struct in6_addr *group = NULL;
1352 bool is_general_query;
1353 int err = 0;
1354
1355 spin_lock(&br->multicast_lock);
1356 if (!netif_running(br->dev) ||
1357 (port && port->state == BR_STATE_DISABLED))
1358 goto out;
1359
1360 if (skb->len == sizeof(*mld)) {
1361 if (!pskb_may_pull(skb, sizeof(*mld))) {
1362 err = -EINVAL;
1363 goto out;
1364 }
1365 mld = (struct mld_msg *) icmp6_hdr(skb);
1366 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay));
1367 if (max_delay)
1368 group = &mld->mld_mca;
1369 } else {
1370 if (!pskb_may_pull(skb, sizeof(*mld2q))) {
1371 err = -EINVAL;
1372 goto out;
1373 }
1374 mld2q = (struct mld2_query *)icmp6_hdr(skb);
1375 if (!mld2q->mld2q_nsrcs)
1376 group = &mld2q->mld2q_mca;
1377
1378 max_delay = max(msecs_to_jiffies(mldv2_mrc(mld2q)), 1UL);
1379 }
1380
1381 is_general_query = group && ipv6_addr_any(group);
1382
1383 if (is_general_query) {
1384 saddr.proto = htons(ETH_P_IPV6);
1385 saddr.u.ip6 = ip6h->saddr;
1386
1387 br_multicast_query_received(br, port, &br->ip6_other_query,
1388 &saddr, max_delay);
1389 goto out;
1390 } else if (!group) {
1391 goto out;
1392 }
1393
1394 mp = br_mdb_ip6_get(mlock_dereference(br->mdb, br), group, vid);
1395 if (!mp)
1396 goto out;
1397
1398 max_delay *= br->multicast_last_member_count;
1399 if (mp->mglist &&
1400 (timer_pending(&mp->timer) ?
1401 time_after(mp->timer.expires, now + max_delay) :
1402 try_to_del_timer_sync(&mp->timer) >= 0))
1403 mod_timer(&mp->timer, now + max_delay);
1404
1405 for (pp = &mp->ports;
1406 (p = mlock_dereference(*pp, br)) != NULL;
1407 pp = &p->next) {
1408 if (timer_pending(&p->timer) ?
1409 time_after(p->timer.expires, now + max_delay) :
1410 try_to_del_timer_sync(&p->timer) >= 0)
1411 mod_timer(&p->timer, now + max_delay);
1412 }
1413
1414 out:
1415 spin_unlock(&br->multicast_lock);
1416 return err;
1417 }
1418 #endif
1419
1420 static void
1421 br_multicast_leave_group(struct net_bridge *br,
1422 struct net_bridge_port *port,
1423 struct br_ip *group,
1424 struct bridge_mcast_other_query *other_query,
1425 struct bridge_mcast_own_query *own_query)
1426 {
1427 struct net_bridge_mdb_htable *mdb;
1428 struct net_bridge_mdb_entry *mp;
1429 struct net_bridge_port_group *p;
1430 unsigned long now;
1431 unsigned long time;
1432
1433 spin_lock(&br->multicast_lock);
1434 if (!netif_running(br->dev) ||
1435 (port && port->state == BR_STATE_DISABLED))
1436 goto out;
1437
1438 mdb = mlock_dereference(br->mdb, br);
1439 mp = br_mdb_ip_get(mdb, group);
1440 if (!mp)
1441 goto out;
1442
1443 if (port && (port->flags & BR_MULTICAST_FAST_LEAVE)) {
1444 struct net_bridge_port_group __rcu **pp;
1445
1446 for (pp = &mp->ports;
1447 (p = mlock_dereference(*pp, br)) != NULL;
1448 pp = &p->next) {
1449 if (p->port != port)
1450 continue;
1451
1452 rcu_assign_pointer(*pp, p->next);
1453 hlist_del_init(&p->mglist);
1454 del_timer(&p->timer);
1455 call_rcu_bh(&p->rcu, br_multicast_free_pg);
1456 br_mdb_notify(br->dev, port, group, RTM_DELMDB,
1457 p->state);
1458
1459 if (!mp->ports && !mp->mglist &&
1460 netif_running(br->dev))
1461 mod_timer(&mp->timer, jiffies);
1462 }
1463 goto out;
1464 }
1465
1466 if (timer_pending(&other_query->timer))
1467 goto out;
1468
1469 if (br->multicast_querier) {
1470 __br_multicast_send_query(br, port, &mp->addr);
1471
1472 time = jiffies + br->multicast_last_member_count *
1473 br->multicast_last_member_interval;
1474
1475 mod_timer(&own_query->timer, time);
1476
1477 for (p = mlock_dereference(mp->ports, br);
1478 p != NULL;
1479 p = mlock_dereference(p->next, br)) {
1480 if (p->port != port)
1481 continue;
1482
1483 if (!hlist_unhashed(&p->mglist) &&
1484 (timer_pending(&p->timer) ?
1485 time_after(p->timer.expires, time) :
1486 try_to_del_timer_sync(&p->timer) >= 0)) {
1487 mod_timer(&p->timer, time);
1488 }
1489
1490 break;
1491 }
1492 }
1493
1494 now = jiffies;
1495 time = now + br->multicast_last_member_count *
1496 br->multicast_last_member_interval;
1497
1498 if (!port) {
1499 if (mp->mglist &&
1500 (timer_pending(&mp->timer) ?
1501 time_after(mp->timer.expires, time) :
1502 try_to_del_timer_sync(&mp->timer) >= 0)) {
1503 mod_timer(&mp->timer, time);
1504 }
1505
1506 goto out;
1507 }
1508
1509 for (p = mlock_dereference(mp->ports, br);
1510 p != NULL;
1511 p = mlock_dereference(p->next, br)) {
1512 if (p->port != port)
1513 continue;
1514
1515 if (!hlist_unhashed(&p->mglist) &&
1516 (timer_pending(&p->timer) ?
1517 time_after(p->timer.expires, time) :
1518 try_to_del_timer_sync(&p->timer) >= 0)) {
1519 mod_timer(&p->timer, time);
1520 }
1521
1522 break;
1523 }
1524 out:
1525 spin_unlock(&br->multicast_lock);
1526 }
1527
1528 static void br_ip4_multicast_leave_group(struct net_bridge *br,
1529 struct net_bridge_port *port,
1530 __be32 group,
1531 __u16 vid)
1532 {
1533 struct br_ip br_group;
1534 struct bridge_mcast_own_query *own_query;
1535
1536 if (ipv4_is_local_multicast(group))
1537 return;
1538
1539 own_query = port ? &port->ip4_own_query : &br->ip4_own_query;
1540
1541 br_group.u.ip4 = group;
1542 br_group.proto = htons(ETH_P_IP);
1543 br_group.vid = vid;
1544
1545 br_multicast_leave_group(br, port, &br_group, &br->ip4_other_query,
1546 own_query);
1547 }
1548
1549 #if IS_ENABLED(CONFIG_IPV6)
1550 static void br_ip6_multicast_leave_group(struct net_bridge *br,
1551 struct net_bridge_port *port,
1552 const struct in6_addr *group,
1553 __u16 vid)
1554 {
1555 struct br_ip br_group;
1556 struct bridge_mcast_own_query *own_query;
1557
1558 if (ipv6_addr_is_ll_all_nodes(group))
1559 return;
1560
1561 own_query = port ? &port->ip6_own_query : &br->ip6_own_query;
1562
1563 br_group.u.ip6 = *group;
1564 br_group.proto = htons(ETH_P_IPV6);
1565 br_group.vid = vid;
1566
1567 br_multicast_leave_group(br, port, &br_group, &br->ip6_other_query,
1568 own_query);
1569 }
1570 #endif
1571
1572 static int br_multicast_ipv4_rcv(struct net_bridge *br,
1573 struct net_bridge_port *port,
1574 struct sk_buff *skb,
1575 u16 vid)
1576 {
1577 struct sk_buff *skb_trimmed = NULL;
1578 struct igmphdr *ih;
1579 int err;
1580
1581 err = ip_mc_check_igmp(skb, &skb_trimmed);
1582
1583 if (err == -ENOMSG) {
1584 if (!ipv4_is_local_multicast(ip_hdr(skb)->daddr))
1585 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1586 return 0;
1587 } else if (err < 0) {
1588 return err;
1589 }
1590
1591 BR_INPUT_SKB_CB(skb)->igmp = 1;
1592 ih = igmp_hdr(skb);
1593
1594 switch (ih->type) {
1595 case IGMP_HOST_MEMBERSHIP_REPORT:
1596 case IGMPV2_HOST_MEMBERSHIP_REPORT:
1597 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1598 err = br_ip4_multicast_add_group(br, port, ih->group, vid);
1599 break;
1600 case IGMPV3_HOST_MEMBERSHIP_REPORT:
1601 err = br_ip4_multicast_igmp3_report(br, port, skb_trimmed, vid);
1602 break;
1603 case IGMP_HOST_MEMBERSHIP_QUERY:
1604 err = br_ip4_multicast_query(br, port, skb_trimmed, vid);
1605 break;
1606 case IGMP_HOST_LEAVE_MESSAGE:
1607 br_ip4_multicast_leave_group(br, port, ih->group, vid);
1608 break;
1609 }
1610
1611 if (skb_trimmed && skb_trimmed != skb)
1612 kfree_skb(skb_trimmed);
1613
1614 return err;
1615 }
1616
1617 #if IS_ENABLED(CONFIG_IPV6)
1618 static int br_multicast_ipv6_rcv(struct net_bridge *br,
1619 struct net_bridge_port *port,
1620 struct sk_buff *skb,
1621 u16 vid)
1622 {
1623 struct sk_buff *skb_trimmed = NULL;
1624 struct mld_msg *mld;
1625 int err;
1626
1627 err = ipv6_mc_check_mld(skb, &skb_trimmed);
1628
1629 if (err == -ENOMSG) {
1630 if (!ipv6_addr_is_ll_all_nodes(&ipv6_hdr(skb)->daddr))
1631 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1632 return 0;
1633 } else if (err < 0) {
1634 return err;
1635 }
1636
1637 BR_INPUT_SKB_CB(skb)->igmp = 1;
1638 mld = (struct mld_msg *)skb_transport_header(skb);
1639
1640 switch (mld->mld_type) {
1641 case ICMPV6_MGM_REPORT:
1642 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1643 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid);
1644 break;
1645 case ICMPV6_MLD2_REPORT:
1646 err = br_ip6_multicast_mld2_report(br, port, skb_trimmed, vid);
1647 break;
1648 case ICMPV6_MGM_QUERY:
1649 err = br_ip6_multicast_query(br, port, skb_trimmed, vid);
1650 break;
1651 case ICMPV6_MGM_REDUCTION:
1652 br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid);
1653 break;
1654 }
1655
1656 if (skb_trimmed && skb_trimmed != skb)
1657 kfree_skb(skb_trimmed);
1658
1659 return err;
1660 }
1661 #endif
1662
1663 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port,
1664 struct sk_buff *skb, u16 vid)
1665 {
1666 BR_INPUT_SKB_CB(skb)->igmp = 0;
1667 BR_INPUT_SKB_CB(skb)->mrouters_only = 0;
1668
1669 if (br->multicast_disabled)
1670 return 0;
1671
1672 switch (skb->protocol) {
1673 case htons(ETH_P_IP):
1674 return br_multicast_ipv4_rcv(br, port, skb, vid);
1675 #if IS_ENABLED(CONFIG_IPV6)
1676 case htons(ETH_P_IPV6):
1677 return br_multicast_ipv6_rcv(br, port, skb, vid);
1678 #endif
1679 }
1680
1681 return 0;
1682 }
1683
1684 static void br_multicast_query_expired(struct net_bridge *br,
1685 struct bridge_mcast_own_query *query,
1686 struct bridge_mcast_querier *querier)
1687 {
1688 spin_lock(&br->multicast_lock);
1689 if (query->startup_sent < br->multicast_startup_query_count)
1690 query->startup_sent++;
1691
1692 RCU_INIT_POINTER(querier->port, NULL);
1693 br_multicast_send_query(br, NULL, query);
1694 spin_unlock(&br->multicast_lock);
1695 }
1696
1697 static void br_ip4_multicast_query_expired(unsigned long data)
1698 {
1699 struct net_bridge *br = (void *)data;
1700
1701 br_multicast_query_expired(br, &br->ip4_own_query, &br->ip4_querier);
1702 }
1703
1704 #if IS_ENABLED(CONFIG_IPV6)
1705 static void br_ip6_multicast_query_expired(unsigned long data)
1706 {
1707 struct net_bridge *br = (void *)data;
1708
1709 br_multicast_query_expired(br, &br->ip6_own_query, &br->ip6_querier);
1710 }
1711 #endif
1712
1713 void br_multicast_init(struct net_bridge *br)
1714 {
1715 br->hash_elasticity = 4;
1716 br->hash_max = 512;
1717
1718 br->multicast_router = 1;
1719 br->multicast_querier = 0;
1720 br->multicast_query_use_ifaddr = 0;
1721 br->multicast_last_member_count = 2;
1722 br->multicast_startup_query_count = 2;
1723
1724 br->multicast_last_member_interval = HZ;
1725 br->multicast_query_response_interval = 10 * HZ;
1726 br->multicast_startup_query_interval = 125 * HZ / 4;
1727 br->multicast_query_interval = 125 * HZ;
1728 br->multicast_querier_interval = 255 * HZ;
1729 br->multicast_membership_interval = 260 * HZ;
1730
1731 br->ip4_other_query.delay_time = 0;
1732 br->ip4_querier.port = NULL;
1733 #if IS_ENABLED(CONFIG_IPV6)
1734 br->ip6_other_query.delay_time = 0;
1735 br->ip6_querier.port = NULL;
1736 #endif
1737
1738 spin_lock_init(&br->multicast_lock);
1739 setup_timer(&br->multicast_router_timer,
1740 br_multicast_local_router_expired, 0);
1741 setup_timer(&br->ip4_other_query.timer,
1742 br_ip4_multicast_querier_expired, (unsigned long)br);
1743 setup_timer(&br->ip4_own_query.timer, br_ip4_multicast_query_expired,
1744 (unsigned long)br);
1745 #if IS_ENABLED(CONFIG_IPV6)
1746 setup_timer(&br->ip6_other_query.timer,
1747 br_ip6_multicast_querier_expired, (unsigned long)br);
1748 setup_timer(&br->ip6_own_query.timer, br_ip6_multicast_query_expired,
1749 (unsigned long)br);
1750 #endif
1751 }
1752
1753 static void __br_multicast_open(struct net_bridge *br,
1754 struct bridge_mcast_own_query *query)
1755 {
1756 query->startup_sent = 0;
1757
1758 if (br->multicast_disabled)
1759 return;
1760
1761 mod_timer(&query->timer, jiffies);
1762 }
1763
1764 void br_multicast_open(struct net_bridge *br)
1765 {
1766 __br_multicast_open(br, &br->ip4_own_query);
1767 #if IS_ENABLED(CONFIG_IPV6)
1768 __br_multicast_open(br, &br->ip6_own_query);
1769 #endif
1770 }
1771
1772 void br_multicast_stop(struct net_bridge *br)
1773 {
1774 del_timer_sync(&br->multicast_router_timer);
1775 del_timer_sync(&br->ip4_other_query.timer);
1776 del_timer_sync(&br->ip4_own_query.timer);
1777 #if IS_ENABLED(CONFIG_IPV6)
1778 del_timer_sync(&br->ip6_other_query.timer);
1779 del_timer_sync(&br->ip6_own_query.timer);
1780 #endif
1781 }
1782
1783 void br_multicast_dev_del(struct net_bridge *br)
1784 {
1785 struct net_bridge_mdb_htable *mdb;
1786 struct net_bridge_mdb_entry *mp;
1787 struct hlist_node *n;
1788 u32 ver;
1789 int i;
1790
1791 spin_lock_bh(&br->multicast_lock);
1792 mdb = mlock_dereference(br->mdb, br);
1793 if (!mdb)
1794 goto out;
1795
1796 br->mdb = NULL;
1797
1798 ver = mdb->ver;
1799 for (i = 0; i < mdb->max; i++) {
1800 hlist_for_each_entry_safe(mp, n, &mdb->mhash[i],
1801 hlist[ver]) {
1802 del_timer(&mp->timer);
1803 call_rcu_bh(&mp->rcu, br_multicast_free_group);
1804 }
1805 }
1806
1807 if (mdb->old) {
1808 spin_unlock_bh(&br->multicast_lock);
1809 rcu_barrier_bh();
1810 spin_lock_bh(&br->multicast_lock);
1811 WARN_ON(mdb->old);
1812 }
1813
1814 mdb->old = mdb;
1815 call_rcu_bh(&mdb->rcu, br_mdb_free);
1816
1817 out:
1818 spin_unlock_bh(&br->multicast_lock);
1819 }
1820
1821 int br_multicast_set_router(struct net_bridge *br, unsigned long val)
1822 {
1823 int err = -EINVAL;
1824
1825 spin_lock_bh(&br->multicast_lock);
1826
1827 switch (val) {
1828 case 0:
1829 case 2:
1830 del_timer(&br->multicast_router_timer);
1831 /* fall through */
1832 case 1:
1833 br->multicast_router = val;
1834 err = 0;
1835 break;
1836 }
1837
1838 spin_unlock_bh(&br->multicast_lock);
1839
1840 return err;
1841 }
1842
1843 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val)
1844 {
1845 struct net_bridge *br = p->br;
1846 int err = -EINVAL;
1847
1848 spin_lock(&br->multicast_lock);
1849
1850 switch (val) {
1851 case 0:
1852 case 1:
1853 case 2:
1854 p->multicast_router = val;
1855 err = 0;
1856
1857 if (val < 2 && !hlist_unhashed(&p->rlist)) {
1858 hlist_del_init_rcu(&p->rlist);
1859 br_rtr_notify(br->dev, p, RTM_DELMDB);
1860 }
1861
1862 if (val == 1)
1863 break;
1864
1865 del_timer(&p->multicast_router_timer);
1866
1867 if (val == 0)
1868 break;
1869
1870 br_multicast_add_router(br, p);
1871 break;
1872 }
1873
1874 spin_unlock(&br->multicast_lock);
1875
1876 return err;
1877 }
1878
1879 static void br_multicast_start_querier(struct net_bridge *br,
1880 struct bridge_mcast_own_query *query)
1881 {
1882 struct net_bridge_port *port;
1883
1884 __br_multicast_open(br, query);
1885
1886 list_for_each_entry(port, &br->port_list, list) {
1887 if (port->state == BR_STATE_DISABLED ||
1888 port->state == BR_STATE_BLOCKING)
1889 continue;
1890
1891 if (query == &br->ip4_own_query)
1892 br_multicast_enable(&port->ip4_own_query);
1893 #if IS_ENABLED(CONFIG_IPV6)
1894 else
1895 br_multicast_enable(&port->ip6_own_query);
1896 #endif
1897 }
1898 }
1899
1900 int br_multicast_toggle(struct net_bridge *br, unsigned long val)
1901 {
1902 int err = 0;
1903 struct net_bridge_mdb_htable *mdb;
1904
1905 spin_lock_bh(&br->multicast_lock);
1906 if (br->multicast_disabled == !val)
1907 goto unlock;
1908
1909 br->multicast_disabled = !val;
1910 if (br->multicast_disabled)
1911 goto unlock;
1912
1913 if (!netif_running(br->dev))
1914 goto unlock;
1915
1916 mdb = mlock_dereference(br->mdb, br);
1917 if (mdb) {
1918 if (mdb->old) {
1919 err = -EEXIST;
1920 rollback:
1921 br->multicast_disabled = !!val;
1922 goto unlock;
1923 }
1924
1925 err = br_mdb_rehash(&br->mdb, mdb->max,
1926 br->hash_elasticity);
1927 if (err)
1928 goto rollback;
1929 }
1930
1931 br_multicast_start_querier(br, &br->ip4_own_query);
1932 #if IS_ENABLED(CONFIG_IPV6)
1933 br_multicast_start_querier(br, &br->ip6_own_query);
1934 #endif
1935
1936 unlock:
1937 spin_unlock_bh(&br->multicast_lock);
1938
1939 return err;
1940 }
1941
1942 int br_multicast_set_querier(struct net_bridge *br, unsigned long val)
1943 {
1944 unsigned long max_delay;
1945
1946 val = !!val;
1947
1948 spin_lock_bh(&br->multicast_lock);
1949 if (br->multicast_querier == val)
1950 goto unlock;
1951
1952 br->multicast_querier = val;
1953 if (!val)
1954 goto unlock;
1955
1956 max_delay = br->multicast_query_response_interval;
1957
1958 if (!timer_pending(&br->ip4_other_query.timer))
1959 br->ip4_other_query.delay_time = jiffies + max_delay;
1960
1961 br_multicast_start_querier(br, &br->ip4_own_query);
1962
1963 #if IS_ENABLED(CONFIG_IPV6)
1964 if (!timer_pending(&br->ip6_other_query.timer))
1965 br->ip6_other_query.delay_time = jiffies + max_delay;
1966
1967 br_multicast_start_querier(br, &br->ip6_own_query);
1968 #endif
1969
1970 unlock:
1971 spin_unlock_bh(&br->multicast_lock);
1972
1973 return 0;
1974 }
1975
1976 int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val)
1977 {
1978 int err = -EINVAL;
1979 u32 old;
1980 struct net_bridge_mdb_htable *mdb;
1981
1982 spin_lock_bh(&br->multicast_lock);
1983 if (!is_power_of_2(val))
1984 goto unlock;
1985
1986 mdb = mlock_dereference(br->mdb, br);
1987 if (mdb && val < mdb->size)
1988 goto unlock;
1989
1990 err = 0;
1991
1992 old = br->hash_max;
1993 br->hash_max = val;
1994
1995 if (mdb) {
1996 if (mdb->old) {
1997 err = -EEXIST;
1998 rollback:
1999 br->hash_max = old;
2000 goto unlock;
2001 }
2002
2003 err = br_mdb_rehash(&br->mdb, br->hash_max,
2004 br->hash_elasticity);
2005 if (err)
2006 goto rollback;
2007 }
2008
2009 unlock:
2010 spin_unlock_bh(&br->multicast_lock);
2011
2012 return err;
2013 }
2014
2015 /**
2016 * br_multicast_list_adjacent - Returns snooped multicast addresses
2017 * @dev: The bridge port adjacent to which to retrieve addresses
2018 * @br_ip_list: The list to store found, snooped multicast IP addresses in
2019 *
2020 * Creates a list of IP addresses (struct br_ip_list) sensed by the multicast
2021 * snooping feature on all bridge ports of dev's bridge device, excluding
2022 * the addresses from dev itself.
2023 *
2024 * Returns the number of items added to br_ip_list.
2025 *
2026 * Notes:
2027 * - br_ip_list needs to be initialized by caller
2028 * - br_ip_list might contain duplicates in the end
2029 * (needs to be taken care of by caller)
2030 * - br_ip_list needs to be freed by caller
2031 */
2032 int br_multicast_list_adjacent(struct net_device *dev,
2033 struct list_head *br_ip_list)
2034 {
2035 struct net_bridge *br;
2036 struct net_bridge_port *port;
2037 struct net_bridge_port_group *group;
2038 struct br_ip_list *entry;
2039 int count = 0;
2040
2041 rcu_read_lock();
2042 if (!br_ip_list || !br_port_exists(dev))
2043 goto unlock;
2044
2045 port = br_port_get_rcu(dev);
2046 if (!port || !port->br)
2047 goto unlock;
2048
2049 br = port->br;
2050
2051 list_for_each_entry_rcu(port, &br->port_list, list) {
2052 if (!port->dev || port->dev == dev)
2053 continue;
2054
2055 hlist_for_each_entry_rcu(group, &port->mglist, mglist) {
2056 entry = kmalloc(sizeof(*entry), GFP_ATOMIC);
2057 if (!entry)
2058 goto unlock;
2059
2060 entry->addr = group->addr;
2061 list_add(&entry->list, br_ip_list);
2062 count++;
2063 }
2064 }
2065
2066 unlock:
2067 rcu_read_unlock();
2068 return count;
2069 }
2070 EXPORT_SYMBOL_GPL(br_multicast_list_adjacent);
2071
2072 /**
2073 * br_multicast_has_querier_anywhere - Checks for a querier on a bridge
2074 * @dev: The bridge port providing the bridge on which to check for a querier
2075 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6
2076 *
2077 * Checks whether the given interface has a bridge on top and if so returns
2078 * true if a valid querier exists anywhere on the bridged link layer.
2079 * Otherwise returns false.
2080 */
2081 bool br_multicast_has_querier_anywhere(struct net_device *dev, int proto)
2082 {
2083 struct net_bridge *br;
2084 struct net_bridge_port *port;
2085 struct ethhdr eth;
2086 bool ret = false;
2087
2088 rcu_read_lock();
2089 if (!br_port_exists(dev))
2090 goto unlock;
2091
2092 port = br_port_get_rcu(dev);
2093 if (!port || !port->br)
2094 goto unlock;
2095
2096 br = port->br;
2097
2098 memset(&eth, 0, sizeof(eth));
2099 eth.h_proto = htons(proto);
2100
2101 ret = br_multicast_querier_exists(br, &eth);
2102
2103 unlock:
2104 rcu_read_unlock();
2105 return ret;
2106 }
2107 EXPORT_SYMBOL_GPL(br_multicast_has_querier_anywhere);
2108
2109 /**
2110 * br_multicast_has_querier_adjacent - Checks for a querier behind a bridge port
2111 * @dev: The bridge port adjacent to which to check for a querier
2112 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6
2113 *
2114 * Checks whether the given interface has a bridge on top and if so returns
2115 * true if a selected querier is behind one of the other ports of this
2116 * bridge. Otherwise returns false.
2117 */
2118 bool br_multicast_has_querier_adjacent(struct net_device *dev, int proto)
2119 {
2120 struct net_bridge *br;
2121 struct net_bridge_port *port;
2122 bool ret = false;
2123
2124 rcu_read_lock();
2125 if (!br_port_exists(dev))
2126 goto unlock;
2127
2128 port = br_port_get_rcu(dev);
2129 if (!port || !port->br)
2130 goto unlock;
2131
2132 br = port->br;
2133
2134 switch (proto) {
2135 case ETH_P_IP:
2136 if (!timer_pending(&br->ip4_other_query.timer) ||
2137 rcu_dereference(br->ip4_querier.port) == port)
2138 goto unlock;
2139 break;
2140 #if IS_ENABLED(CONFIG_IPV6)
2141 case ETH_P_IPV6:
2142 if (!timer_pending(&br->ip6_other_query.timer) ||
2143 rcu_dereference(br->ip6_querier.port) == port)
2144 goto unlock;
2145 break;
2146 #endif
2147 default:
2148 goto unlock;
2149 }
2150
2151 ret = true;
2152 unlock:
2153 rcu_read_unlock();
2154 return ret;
2155 }
2156 EXPORT_SYMBOL_GPL(br_multicast_has_querier_adjacent);
ubuntu-bionic-kernel mirror