1 /* 2 * Bridge multicast support. 3 * 4 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 * 11 */ 12 13 #include <linux/err.h> 14 #include <linux/if_ether.h> 15 #include <linux/igmp.h> 16 #include <linux/jhash.h> 17 #include <linux/kernel.h> 18 #include <linux/log2.h> 19 #include <linux/netdevice.h> 20 #include <linux/netfilter_bridge.h> 21 #include <linux/random.h> 22 #include <linux/rculist.h> 23 #include <linux/skbuff.h> 24 #include <linux/slab.h> 25 #include <linux/timer.h> 26 #include <net/ip.h> 27 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 28 #include <net/ipv6.h> 29 #include <net/mld.h> 30 #include <net/addrconf.h> 31 #include <net/ip6_checksum.h> 32 #endif 33 34 #include "br_private.h" 35 36 #define mlock_dereference(X, br) \ 37 rcu_dereference_protected(X, lockdep_is_held(&br->multicast_lock)) 38 39 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 40 static inline int ipv6_is_transient_multicast(const struct in6_addr *addr) 41 { 42 if (ipv6_addr_is_multicast(addr) && IPV6_ADDR_MC_FLAG_TRANSIENT(addr)) 43 return 1; 44 return 0; 45 } 46 #endif 47 48 static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b) 49 { 50 if (a->proto != b->proto) 51 return 0; 52 switch (a->proto) { 53 case htons(ETH_P_IP): 54 return a->u.ip4 == b->u.ip4; 55 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 56 case htons(ETH_P_IPV6): 57 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6); 58 #endif 59 } 60 return 0; 61 } 62 63 static inline int __br_ip4_hash(struct net_bridge_mdb_htable *mdb, __be32 ip) 64 { 65 return jhash_1word(mdb->secret, (__force u32)ip) & (mdb->max - 1); 66 } 67 68 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 69 static inline int __br_ip6_hash(struct net_bridge_mdb_htable *mdb, 70 const struct in6_addr *ip) 71 { 72 return jhash2((__force u32 *)ip->s6_addr32, 4, mdb->secret) & (mdb->max - 1); 73 } 74 #endif 75 76 static inline int br_ip_hash(struct net_bridge_mdb_htable *mdb, 77 struct br_ip *ip) 78 { 79 switch (ip->proto) { 80 case htons(ETH_P_IP): 81 return __br_ip4_hash(mdb, ip->u.ip4); 82 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 83 case htons(ETH_P_IPV6): 84 return __br_ip6_hash(mdb, &ip->u.ip6); 85 #endif 86 } 87 return 0; 88 } 89 90 static struct net_bridge_mdb_entry *__br_mdb_ip_get( 91 struct net_bridge_mdb_htable *mdb, struct br_ip *dst, int hash) 92 { 93 struct net_bridge_mdb_entry *mp; 94 struct hlist_node *p; 95 96 hlist_for_each_entry_rcu(mp, p, &mdb->mhash[hash], hlist[mdb->ver]) { 97 if (br_ip_equal(&mp->addr, dst)) 98 return mp; 99 } 100 101 return NULL; 102 } 103 104 static struct net_bridge_mdb_entry *br_mdb_ip_get( 105 struct net_bridge_mdb_htable *mdb, struct br_ip *dst) 106 { 107 if (!mdb) 108 return NULL; 109 110 return __br_mdb_ip_get(mdb, dst, br_ip_hash(mdb, dst)); 111 } 112 113 static struct net_bridge_mdb_entry *br_mdb_ip4_get( 114 struct net_bridge_mdb_htable *mdb, __be32 dst) 115 { 116 struct br_ip br_dst; 117 118 br_dst.u.ip4 = dst; 119 br_dst.proto = htons(ETH_P_IP); 120 121 return br_mdb_ip_get(mdb, &br_dst); 122 } 123 124 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 125 static struct net_bridge_mdb_entry *br_mdb_ip6_get( 126 struct net_bridge_mdb_htable *mdb, const struct in6_addr *dst) 127 { 128 struct br_ip br_dst; 129 130 ipv6_addr_copy(&br_dst.u.ip6, dst); 131 br_dst.proto = htons(ETH_P_IPV6); 132 133 return br_mdb_ip_get(mdb, &br_dst); 134 } 135 #endif 136 137 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br, 138 struct sk_buff *skb) 139 { 140 struct net_bridge_mdb_htable *mdb = rcu_dereference(br->mdb); 141 struct br_ip ip; 142 143 if (br->multicast_disabled) 144 return NULL; 145 146 if (BR_INPUT_SKB_CB(skb)->igmp) 147 return NULL; 148 149 ip.proto = skb->protocol; 150 151 switch (skb->protocol) { 152 case htons(ETH_P_IP): 153 ip.u.ip4 = ip_hdr(skb)->daddr; 154 break; 155 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 156 case htons(ETH_P_IPV6): 157 ipv6_addr_copy(&ip.u.ip6, &ipv6_hdr(skb)->daddr); 158 break; 159 #endif 160 default: 161 return NULL; 162 } 163 164 return br_mdb_ip_get(mdb, &ip); 165 } 166 167 static void br_mdb_free(struct rcu_head *head) 168 { 169 struct net_bridge_mdb_htable *mdb = 170 container_of(head, struct net_bridge_mdb_htable, rcu); 171 struct net_bridge_mdb_htable *old = mdb->old; 172 173 mdb->old = NULL; 174 kfree(old->mhash); 175 kfree(old); 176 } 177 178 static int br_mdb_copy(struct net_bridge_mdb_htable *new, 179 struct net_bridge_mdb_htable *old, 180 int elasticity) 181 { 182 struct net_bridge_mdb_entry *mp; 183 struct hlist_node *p; 184 int maxlen; 185 int len; 186 int i; 187 188 for (i = 0; i < old->max; i++) 189 hlist_for_each_entry(mp, p, &old->mhash[i], hlist[old->ver]) 190 hlist_add_head(&mp->hlist[new->ver], 191 &new->mhash[br_ip_hash(new, &mp->addr)]); 192 193 if (!elasticity) 194 return 0; 195 196 maxlen = 0; 197 for (i = 0; i < new->max; i++) { 198 len = 0; 199 hlist_for_each_entry(mp, p, &new->mhash[i], hlist[new->ver]) 200 len++; 201 if (len > maxlen) 202 maxlen = len; 203 } 204 205 return maxlen > elasticity ? -EINVAL : 0; 206 } 207 208 static void br_multicast_free_pg(struct rcu_head *head) 209 { 210 struct net_bridge_port_group *p = 211 container_of(head, struct net_bridge_port_group, rcu); 212 213 kfree(p); 214 } 215 216 static void br_multicast_free_group(struct rcu_head *head) 217 { 218 struct net_bridge_mdb_entry *mp = 219 container_of(head, struct net_bridge_mdb_entry, rcu); 220 221 kfree(mp); 222 } 223 224 static void br_multicast_group_expired(unsigned long data) 225 { 226 struct net_bridge_mdb_entry *mp = (void *)data; 227 struct net_bridge *br = mp->br; 228 struct net_bridge_mdb_htable *mdb; 229 230 spin_lock(&br->multicast_lock); 231 if (!netif_running(br->dev) || timer_pending(&mp->timer)) 232 goto out; 233 234 mp->mglist = false; 235 236 if (mp->ports) 237 goto out; 238 239 mdb = mlock_dereference(br->mdb, br); 240 241 hlist_del_rcu(&mp->hlist[mdb->ver]); 242 mdb->size--; 243 244 del_timer(&mp->query_timer); 245 call_rcu_bh(&mp->rcu, br_multicast_free_group); 246 247 out: 248 spin_unlock(&br->multicast_lock); 249 } 250 251 static void br_multicast_del_pg(struct net_bridge *br, 252 struct net_bridge_port_group *pg) 253 { 254 struct net_bridge_mdb_htable *mdb; 255 struct net_bridge_mdb_entry *mp; 256 struct net_bridge_port_group *p; 257 struct net_bridge_port_group __rcu **pp; 258 259 mdb = mlock_dereference(br->mdb, br); 260 261 mp = br_mdb_ip_get(mdb, &pg->addr); 262 if (WARN_ON(!mp)) 263 return; 264 265 for (pp = &mp->ports; 266 (p = mlock_dereference(*pp, br)) != NULL; 267 pp = &p->next) { 268 if (p != pg) 269 continue; 270 271 rcu_assign_pointer(*pp, p->next); 272 hlist_del_init(&p->mglist); 273 del_timer(&p->timer); 274 del_timer(&p->query_timer); 275 call_rcu_bh(&p->rcu, br_multicast_free_pg); 276 277 if (!mp->ports && !mp->mglist && 278 netif_running(br->dev)) 279 mod_timer(&mp->timer, jiffies); 280 281 return; 282 } 283 284 WARN_ON(1); 285 } 286 287 static void br_multicast_port_group_expired(unsigned long data) 288 { 289 struct net_bridge_port_group *pg = (void *)data; 290 struct net_bridge *br = pg->port->br; 291 292 spin_lock(&br->multicast_lock); 293 if (!netif_running(br->dev) || timer_pending(&pg->timer) || 294 hlist_unhashed(&pg->mglist)) 295 goto out; 296 297 br_multicast_del_pg(br, pg); 298 299 out: 300 spin_unlock(&br->multicast_lock); 301 } 302 303 static int br_mdb_rehash(struct net_bridge_mdb_htable __rcu **mdbp, int max, 304 int elasticity) 305 { 306 struct net_bridge_mdb_htable *old = rcu_dereference_protected(*mdbp, 1); 307 struct net_bridge_mdb_htable *mdb; 308 int err; 309 310 mdb = kmalloc(sizeof(*mdb), GFP_ATOMIC); 311 if (!mdb) 312 return -ENOMEM; 313 314 mdb->max = max; 315 mdb->old = old; 316 317 mdb->mhash = kzalloc(max * sizeof(*mdb->mhash), GFP_ATOMIC); 318 if (!mdb->mhash) { 319 kfree(mdb); 320 return -ENOMEM; 321 } 322 323 mdb->size = old ? old->size : 0; 324 mdb->ver = old ? old->ver ^ 1 : 0; 325 326 if (!old || elasticity) 327 get_random_bytes(&mdb->secret, sizeof(mdb->secret)); 328 else 329 mdb->secret = old->secret; 330 331 if (!old) 332 goto out; 333 334 err = br_mdb_copy(mdb, old, elasticity); 335 if (err) { 336 kfree(mdb->mhash); 337 kfree(mdb); 338 return err; 339 } 340 341 call_rcu_bh(&mdb->rcu, br_mdb_free); 342 343 out: 344 rcu_assign_pointer(*mdbp, mdb); 345 346 return 0; 347 } 348 349 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br, 350 __be32 group) 351 { 352 struct sk_buff *skb; 353 struct igmphdr *ih; 354 struct ethhdr *eth; 355 struct iphdr *iph; 356 357 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) + 358 sizeof(*ih) + 4); 359 if (!skb) 360 goto out; 361 362 skb->protocol = htons(ETH_P_IP); 363 364 skb_reset_mac_header(skb); 365 eth = eth_hdr(skb); 366 367 memcpy(eth->h_source, br->dev->dev_addr, 6); 368 eth->h_dest[0] = 1; 369 eth->h_dest[1] = 0; 370 eth->h_dest[2] = 0x5e; 371 eth->h_dest[3] = 0; 372 eth->h_dest[4] = 0; 373 eth->h_dest[5] = 1; 374 eth->h_proto = htons(ETH_P_IP); 375 skb_put(skb, sizeof(*eth)); 376 377 skb_set_network_header(skb, skb->len); 378 iph = ip_hdr(skb); 379 380 iph->version = 4; 381 iph->ihl = 6; 382 iph->tos = 0xc0; 383 iph->tot_len = htons(sizeof(*iph) + sizeof(*ih) + 4); 384 iph->id = 0; 385 iph->frag_off = htons(IP_DF); 386 iph->ttl = 1; 387 iph->protocol = IPPROTO_IGMP; 388 iph->saddr = 0; 389 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP); 390 ((u8 *)&iph[1])[0] = IPOPT_RA; 391 ((u8 *)&iph[1])[1] = 4; 392 ((u8 *)&iph[1])[2] = 0; 393 ((u8 *)&iph[1])[3] = 0; 394 ip_send_check(iph); 395 skb_put(skb, 24); 396 397 skb_set_transport_header(skb, skb->len); 398 ih = igmp_hdr(skb); 399 ih->type = IGMP_HOST_MEMBERSHIP_QUERY; 400 ih->code = (group ? br->multicast_last_member_interval : 401 br->multicast_query_response_interval) / 402 (HZ / IGMP_TIMER_SCALE); 403 ih->group = group; 404 ih->csum = 0; 405 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr)); 406 skb_put(skb, sizeof(*ih)); 407 408 __skb_pull(skb, sizeof(*eth)); 409 410 out: 411 return skb; 412 } 413 414 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 415 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br, 416 const struct in6_addr *group) 417 { 418 struct sk_buff *skb; 419 struct ipv6hdr *ip6h; 420 struct mld_msg *mldq; 421 struct ethhdr *eth; 422 u8 *hopopt; 423 unsigned long interval; 424 425 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) + 426 8 + sizeof(*mldq)); 427 if (!skb) 428 goto out; 429 430 skb->protocol = htons(ETH_P_IPV6); 431 432 /* Ethernet header */ 433 skb_reset_mac_header(skb); 434 eth = eth_hdr(skb); 435 436 memcpy(eth->h_source, br->dev->dev_addr, 6); 437 eth->h_proto = htons(ETH_P_IPV6); 438 skb_put(skb, sizeof(*eth)); 439 440 /* IPv6 header + HbH option */ 441 skb_set_network_header(skb, skb->len); 442 ip6h = ipv6_hdr(skb); 443 444 *(__force __be32 *)ip6h = htonl(0x60000000); 445 ip6h->payload_len = htons(8 + sizeof(*mldq)); 446 ip6h->nexthdr = IPPROTO_HOPOPTS; 447 ip6h->hop_limit = 1; 448 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1)); 449 ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0, 450 &ip6h->saddr); 451 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); 452 453 hopopt = (u8 *)(ip6h + 1); 454 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */ 455 hopopt[1] = 0; /* length of HbH */ 456 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */ 457 hopopt[3] = 2; /* Length of RA Option */ 458 hopopt[4] = 0; /* Type = 0x0000 (MLD) */ 459 hopopt[5] = 0; 460 hopopt[6] = IPV6_TLV_PAD0; /* Pad0 */ 461 hopopt[7] = IPV6_TLV_PAD0; /* Pad0 */ 462 463 skb_put(skb, sizeof(*ip6h) + 8); 464 465 /* ICMPv6 */ 466 skb_set_transport_header(skb, skb->len); 467 mldq = (struct mld_msg *) icmp6_hdr(skb); 468 469 interval = ipv6_addr_any(group) ? br->multicast_last_member_interval : 470 br->multicast_query_response_interval; 471 472 mldq->mld_type = ICMPV6_MGM_QUERY; 473 mldq->mld_code = 0; 474 mldq->mld_cksum = 0; 475 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval)); 476 mldq->mld_reserved = 0; 477 ipv6_addr_copy(&mldq->mld_mca, group); 478 479 /* checksum */ 480 mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, 481 sizeof(*mldq), IPPROTO_ICMPV6, 482 csum_partial(mldq, 483 sizeof(*mldq), 0)); 484 skb_put(skb, sizeof(*mldq)); 485 486 __skb_pull(skb, sizeof(*eth)); 487 488 out: 489 return skb; 490 } 491 #endif 492 493 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br, 494 struct br_ip *addr) 495 { 496 switch (addr->proto) { 497 case htons(ETH_P_IP): 498 return br_ip4_multicast_alloc_query(br, addr->u.ip4); 499 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 500 case htons(ETH_P_IPV6): 501 return br_ip6_multicast_alloc_query(br, &addr->u.ip6); 502 #endif 503 } 504 return NULL; 505 } 506 507 static void br_multicast_send_group_query(struct net_bridge_mdb_entry *mp) 508 { 509 struct net_bridge *br = mp->br; 510 struct sk_buff *skb; 511 512 skb = br_multicast_alloc_query(br, &mp->addr); 513 if (!skb) 514 goto timer; 515 516 netif_rx(skb); 517 518 timer: 519 if (++mp->queries_sent < br->multicast_last_member_count) 520 mod_timer(&mp->query_timer, 521 jiffies + br->multicast_last_member_interval); 522 } 523 524 static void br_multicast_group_query_expired(unsigned long data) 525 { 526 struct net_bridge_mdb_entry *mp = (void *)data; 527 struct net_bridge *br = mp->br; 528 529 spin_lock(&br->multicast_lock); 530 if (!netif_running(br->dev) || !mp->mglist || 531 mp->queries_sent >= br->multicast_last_member_count) 532 goto out; 533 534 br_multicast_send_group_query(mp); 535 536 out: 537 spin_unlock(&br->multicast_lock); 538 } 539 540 static void br_multicast_send_port_group_query(struct net_bridge_port_group *pg) 541 { 542 struct net_bridge_port *port = pg->port; 543 struct net_bridge *br = port->br; 544 struct sk_buff *skb; 545 546 skb = br_multicast_alloc_query(br, &pg->addr); 547 if (!skb) 548 goto timer; 549 550 br_deliver(port, skb); 551 552 timer: 553 if (++pg->queries_sent < br->multicast_last_member_count) 554 mod_timer(&pg->query_timer, 555 jiffies + br->multicast_last_member_interval); 556 } 557 558 static void br_multicast_port_group_query_expired(unsigned long data) 559 { 560 struct net_bridge_port_group *pg = (void *)data; 561 struct net_bridge_port *port = pg->port; 562 struct net_bridge *br = port->br; 563 564 spin_lock(&br->multicast_lock); 565 if (!netif_running(br->dev) || hlist_unhashed(&pg->mglist) || 566 pg->queries_sent >= br->multicast_last_member_count) 567 goto out; 568 569 br_multicast_send_port_group_query(pg); 570 571 out: 572 spin_unlock(&br->multicast_lock); 573 } 574 575 static struct net_bridge_mdb_entry *br_multicast_get_group( 576 struct net_bridge *br, struct net_bridge_port *port, 577 struct br_ip *group, int hash) 578 { 579 struct net_bridge_mdb_htable *mdb; 580 struct net_bridge_mdb_entry *mp; 581 struct hlist_node *p; 582 unsigned count = 0; 583 unsigned max; 584 int elasticity; 585 int err; 586 587 mdb = rcu_dereference_protected(br->mdb, 1); 588 hlist_for_each_entry(mp, p, &mdb->mhash[hash], hlist[mdb->ver]) { 589 count++; 590 if (unlikely(br_ip_equal(group, &mp->addr))) 591 return mp; 592 } 593 594 elasticity = 0; 595 max = mdb->max; 596 597 if (unlikely(count > br->hash_elasticity && count)) { 598 if (net_ratelimit()) 599 br_info(br, "Multicast hash table " 600 "chain limit reached: %s\n", 601 port ? port->dev->name : br->dev->name); 602 603 elasticity = br->hash_elasticity; 604 } 605 606 if (mdb->size >= max) { 607 max *= 2; 608 if (unlikely(max >= br->hash_max)) { 609 br_warn(br, "Multicast hash table maximum " 610 "reached, disabling snooping: %s, %d\n", 611 port ? port->dev->name : br->dev->name, max); 612 err = -E2BIG; 613 disable: 614 br->multicast_disabled = 1; 615 goto err; 616 } 617 } 618 619 if (max > mdb->max || elasticity) { 620 if (mdb->old) { 621 if (net_ratelimit()) 622 br_info(br, "Multicast hash table " 623 "on fire: %s\n", 624 port ? port->dev->name : br->dev->name); 625 err = -EEXIST; 626 goto err; 627 } 628 629 err = br_mdb_rehash(&br->mdb, max, elasticity); 630 if (err) { 631 br_warn(br, "Cannot rehash multicast " 632 "hash table, disabling snooping: %s, %d, %d\n", 633 port ? port->dev->name : br->dev->name, 634 mdb->size, err); 635 goto disable; 636 } 637 638 err = -EAGAIN; 639 goto err; 640 } 641 642 return NULL; 643 644 err: 645 mp = ERR_PTR(err); 646 return mp; 647 } 648 649 static struct net_bridge_mdb_entry *br_multicast_new_group( 650 struct net_bridge *br, struct net_bridge_port *port, 651 struct br_ip *group) 652 { 653 struct net_bridge_mdb_htable *mdb; 654 struct net_bridge_mdb_entry *mp; 655 int hash; 656 int err; 657 658 mdb = rcu_dereference_protected(br->mdb, 1); 659 if (!mdb) { 660 err = br_mdb_rehash(&br->mdb, BR_HASH_SIZE, 0); 661 if (err) 662 return ERR_PTR(err); 663 goto rehash; 664 } 665 666 hash = br_ip_hash(mdb, group); 667 mp = br_multicast_get_group(br, port, group, hash); 668 switch (PTR_ERR(mp)) { 669 case 0: 670 break; 671 672 case -EAGAIN: 673 rehash: 674 mdb = rcu_dereference_protected(br->mdb, 1); 675 hash = br_ip_hash(mdb, group); 676 break; 677 678 default: 679 goto out; 680 } 681 682 mp = kzalloc(sizeof(*mp), GFP_ATOMIC); 683 if (unlikely(!mp)) 684 return ERR_PTR(-ENOMEM); 685 686 mp->br = br; 687 mp->addr = *group; 688 setup_timer(&mp->timer, br_multicast_group_expired, 689 (unsigned long)mp); 690 setup_timer(&mp->query_timer, br_multicast_group_query_expired, 691 (unsigned long)mp); 692 693 hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]); 694 mdb->size++; 695 696 out: 697 return mp; 698 } 699 700 static int br_multicast_add_group(struct net_bridge *br, 701 struct net_bridge_port *port, 702 struct br_ip *group) 703 { 704 struct net_bridge_mdb_entry *mp; 705 struct net_bridge_port_group *p; 706 struct net_bridge_port_group __rcu **pp; 707 unsigned long now = jiffies; 708 int err; 709 710 spin_lock(&br->multicast_lock); 711 if (!netif_running(br->dev) || 712 (port && port->state == BR_STATE_DISABLED)) 713 goto out; 714 715 mp = br_multicast_new_group(br, port, group); 716 err = PTR_ERR(mp); 717 if (IS_ERR(mp)) 718 goto err; 719 720 if (!port) { 721 mp->mglist = true; 722 mod_timer(&mp->timer, now + br->multicast_membership_interval); 723 goto out; 724 } 725 726 for (pp = &mp->ports; 727 (p = mlock_dereference(*pp, br)) != NULL; 728 pp = &p->next) { 729 if (p->port == port) 730 goto found; 731 if ((unsigned long)p->port < (unsigned long)port) 732 break; 733 } 734 735 p = kzalloc(sizeof(*p), GFP_ATOMIC); 736 err = -ENOMEM; 737 if (unlikely(!p)) 738 goto err; 739 740 p->addr = *group; 741 p->port = port; 742 p->next = *pp; 743 hlist_add_head(&p->mglist, &port->mglist); 744 setup_timer(&p->timer, br_multicast_port_group_expired, 745 (unsigned long)p); 746 setup_timer(&p->query_timer, br_multicast_port_group_query_expired, 747 (unsigned long)p); 748 749 rcu_assign_pointer(*pp, p); 750 751 found: 752 mod_timer(&p->timer, now + br->multicast_membership_interval); 753 out: 754 err = 0; 755 756 err: 757 spin_unlock(&br->multicast_lock); 758 return err; 759 } 760 761 static int br_ip4_multicast_add_group(struct net_bridge *br, 762 struct net_bridge_port *port, 763 __be32 group) 764 { 765 struct br_ip br_group; 766 767 if (ipv4_is_local_multicast(group)) 768 return 0; 769 770 br_group.u.ip4 = group; 771 br_group.proto = htons(ETH_P_IP); 772 773 return br_multicast_add_group(br, port, &br_group); 774 } 775 776 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 777 static int br_ip6_multicast_add_group(struct net_bridge *br, 778 struct net_bridge_port *port, 779 const struct in6_addr *group) 780 { 781 struct br_ip br_group; 782 783 if (!ipv6_is_transient_multicast(group)) 784 return 0; 785 786 ipv6_addr_copy(&br_group.u.ip6, group); 787 br_group.proto = htons(ETH_P_IPV6); 788 789 return br_multicast_add_group(br, port, &br_group); 790 } 791 #endif 792 793 static void br_multicast_router_expired(unsigned long data) 794 { 795 struct net_bridge_port *port = (void *)data; 796 struct net_bridge *br = port->br; 797 798 spin_lock(&br->multicast_lock); 799 if (port->multicast_router != 1 || 800 timer_pending(&port->multicast_router_timer) || 801 hlist_unhashed(&port->rlist)) 802 goto out; 803 804 hlist_del_init_rcu(&port->rlist); 805 806 out: 807 spin_unlock(&br->multicast_lock); 808 } 809 810 static void br_multicast_local_router_expired(unsigned long data) 811 { 812 } 813 814 static void __br_multicast_send_query(struct net_bridge *br, 815 struct net_bridge_port *port, 816 struct br_ip *ip) 817 { 818 struct sk_buff *skb; 819 820 skb = br_multicast_alloc_query(br, ip); 821 if (!skb) 822 return; 823 824 if (port) { 825 __skb_push(skb, sizeof(struct ethhdr)); 826 skb->dev = port->dev; 827 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, 828 dev_queue_xmit); 829 } else 830 netif_rx(skb); 831 } 832 833 static void br_multicast_send_query(struct net_bridge *br, 834 struct net_bridge_port *port, u32 sent) 835 { 836 unsigned long time; 837 struct br_ip br_group; 838 839 if (!netif_running(br->dev) || br->multicast_disabled || 840 timer_pending(&br->multicast_querier_timer)) 841 return; 842 843 memset(&br_group.u, 0, sizeof(br_group.u)); 844 845 br_group.proto = htons(ETH_P_IP); 846 __br_multicast_send_query(br, port, &br_group); 847 848 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 849 br_group.proto = htons(ETH_P_IPV6); 850 __br_multicast_send_query(br, port, &br_group); 851 #endif 852 853 time = jiffies; 854 time += sent < br->multicast_startup_query_count ? 855 br->multicast_startup_query_interval : 856 br->multicast_query_interval; 857 mod_timer(port ? &port->multicast_query_timer : 858 &br->multicast_query_timer, time); 859 } 860 861 static void br_multicast_port_query_expired(unsigned long data) 862 { 863 struct net_bridge_port *port = (void *)data; 864 struct net_bridge *br = port->br; 865 866 spin_lock(&br->multicast_lock); 867 if (port->state == BR_STATE_DISABLED || 868 port->state == BR_STATE_BLOCKING) 869 goto out; 870 871 if (port->multicast_startup_queries_sent < 872 br->multicast_startup_query_count) 873 port->multicast_startup_queries_sent++; 874 875 br_multicast_send_query(port->br, port, 876 port->multicast_startup_queries_sent); 877 878 out: 879 spin_unlock(&br->multicast_lock); 880 } 881 882 void br_multicast_add_port(struct net_bridge_port *port) 883 { 884 port->multicast_router = 1; 885 886 setup_timer(&port->multicast_router_timer, br_multicast_router_expired, 887 (unsigned long)port); 888 setup_timer(&port->multicast_query_timer, 889 br_multicast_port_query_expired, (unsigned long)port); 890 } 891 892 void br_multicast_del_port(struct net_bridge_port *port) 893 { 894 del_timer_sync(&port->multicast_router_timer); 895 } 896 897 static void __br_multicast_enable_port(struct net_bridge_port *port) 898 { 899 port->multicast_startup_queries_sent = 0; 900 901 if (try_to_del_timer_sync(&port->multicast_query_timer) >= 0 || 902 del_timer(&port->multicast_query_timer)) 903 mod_timer(&port->multicast_query_timer, jiffies); 904 } 905 906 void br_multicast_enable_port(struct net_bridge_port *port) 907 { 908 struct net_bridge *br = port->br; 909 910 spin_lock(&br->multicast_lock); 911 if (br->multicast_disabled || !netif_running(br->dev)) 912 goto out; 913 914 __br_multicast_enable_port(port); 915 916 out: 917 spin_unlock(&br->multicast_lock); 918 } 919 920 void br_multicast_disable_port(struct net_bridge_port *port) 921 { 922 struct net_bridge *br = port->br; 923 struct net_bridge_port_group *pg; 924 struct hlist_node *p, *n; 925 926 spin_lock(&br->multicast_lock); 927 hlist_for_each_entry_safe(pg, p, n, &port->mglist, mglist) 928 br_multicast_del_pg(br, pg); 929 930 if (!hlist_unhashed(&port->rlist)) 931 hlist_del_init_rcu(&port->rlist); 932 del_timer(&port->multicast_router_timer); 933 del_timer(&port->multicast_query_timer); 934 spin_unlock(&br->multicast_lock); 935 } 936 937 static int br_ip4_multicast_igmp3_report(struct net_bridge *br, 938 struct net_bridge_port *port, 939 struct sk_buff *skb) 940 { 941 struct igmpv3_report *ih; 942 struct igmpv3_grec *grec; 943 int i; 944 int len; 945 int num; 946 int type; 947 int err = 0; 948 __be32 group; 949 950 if (!pskb_may_pull(skb, sizeof(*ih))) 951 return -EINVAL; 952 953 ih = igmpv3_report_hdr(skb); 954 num = ntohs(ih->ngrec); 955 len = sizeof(*ih); 956 957 for (i = 0; i < num; i++) { 958 len += sizeof(*grec); 959 if (!pskb_may_pull(skb, len)) 960 return -EINVAL; 961 962 grec = (void *)(skb->data + len - sizeof(*grec)); 963 group = grec->grec_mca; 964 type = grec->grec_type; 965 966 len += ntohs(grec->grec_nsrcs) * 4; 967 if (!pskb_may_pull(skb, len)) 968 return -EINVAL; 969 970 /* We treat this as an IGMPv2 report for now. */ 971 switch (type) { 972 case IGMPV3_MODE_IS_INCLUDE: 973 case IGMPV3_MODE_IS_EXCLUDE: 974 case IGMPV3_CHANGE_TO_INCLUDE: 975 case IGMPV3_CHANGE_TO_EXCLUDE: 976 case IGMPV3_ALLOW_NEW_SOURCES: 977 case IGMPV3_BLOCK_OLD_SOURCES: 978 break; 979 980 default: 981 continue; 982 } 983 984 err = br_ip4_multicast_add_group(br, port, group); 985 if (err) 986 break; 987 } 988 989 return err; 990 } 991 992 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 993 static int br_ip6_multicast_mld2_report(struct net_bridge *br, 994 struct net_bridge_port *port, 995 struct sk_buff *skb) 996 { 997 struct icmp6hdr *icmp6h; 998 struct mld2_grec *grec; 999 int i; 1000 int len; 1001 int num; 1002 int err = 0; 1003 1004 if (!pskb_may_pull(skb, sizeof(*icmp6h))) 1005 return -EINVAL; 1006 1007 icmp6h = icmp6_hdr(skb); 1008 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]); 1009 len = sizeof(*icmp6h); 1010 1011 for (i = 0; i < num; i++) { 1012 __be16 *nsrcs, _nsrcs; 1013 1014 nsrcs = skb_header_pointer(skb, 1015 len + offsetof(struct mld2_grec, 1016 grec_nsrcs), 1017 sizeof(_nsrcs), &_nsrcs); 1018 if (!nsrcs) 1019 return -EINVAL; 1020 1021 if (!pskb_may_pull(skb, 1022 len + sizeof(*grec) + 1023 sizeof(struct in6_addr) * ntohs(*nsrcs))) 1024 return -EINVAL; 1025 1026 grec = (struct mld2_grec *)(skb->data + len); 1027 len += sizeof(*grec) + 1028 sizeof(struct in6_addr) * ntohs(*nsrcs); 1029 1030 /* We treat these as MLDv1 reports for now. */ 1031 switch (grec->grec_type) { 1032 case MLD2_MODE_IS_INCLUDE: 1033 case MLD2_MODE_IS_EXCLUDE: 1034 case MLD2_CHANGE_TO_INCLUDE: 1035 case MLD2_CHANGE_TO_EXCLUDE: 1036 case MLD2_ALLOW_NEW_SOURCES: 1037 case MLD2_BLOCK_OLD_SOURCES: 1038 break; 1039 1040 default: 1041 continue; 1042 } 1043 1044 err = br_ip6_multicast_add_group(br, port, &grec->grec_mca); 1045 if (!err) 1046 break; 1047 } 1048 1049 return err; 1050 } 1051 #endif 1052 1053 /* 1054 * Add port to rotuer_list 1055 * list is maintained ordered by pointer value 1056 * and locked by br->multicast_lock and RCU 1057 */ 1058 static void br_multicast_add_router(struct net_bridge *br, 1059 struct net_bridge_port *port) 1060 { 1061 struct net_bridge_port *p; 1062 struct hlist_node *n, *slot = NULL; 1063 1064 hlist_for_each_entry(p, n, &br->router_list, rlist) { 1065 if ((unsigned long) port >= (unsigned long) p) 1066 break; 1067 slot = n; 1068 } 1069 1070 if (slot) 1071 hlist_add_after_rcu(slot, &port->rlist); 1072 else 1073 hlist_add_head_rcu(&port->rlist, &br->router_list); 1074 } 1075 1076 static void br_multicast_mark_router(struct net_bridge *br, 1077 struct net_bridge_port *port) 1078 { 1079 unsigned long now = jiffies; 1080 1081 if (!port) { 1082 if (br->multicast_router == 1) 1083 mod_timer(&br->multicast_router_timer, 1084 now + br->multicast_querier_interval); 1085 return; 1086 } 1087 1088 if (port->multicast_router != 1) 1089 return; 1090 1091 if (!hlist_unhashed(&port->rlist)) 1092 goto timer; 1093 1094 br_multicast_add_router(br, port); 1095 1096 timer: 1097 mod_timer(&port->multicast_router_timer, 1098 now + br->multicast_querier_interval); 1099 } 1100 1101 static void br_multicast_query_received(struct net_bridge *br, 1102 struct net_bridge_port *port, 1103 int saddr) 1104 { 1105 if (saddr) 1106 mod_timer(&br->multicast_querier_timer, 1107 jiffies + br->multicast_querier_interval); 1108 else if (timer_pending(&br->multicast_querier_timer)) 1109 return; 1110 1111 br_multicast_mark_router(br, port); 1112 } 1113 1114 static int br_ip4_multicast_query(struct net_bridge *br, 1115 struct net_bridge_port *port, 1116 struct sk_buff *skb) 1117 { 1118 const struct iphdr *iph = ip_hdr(skb); 1119 struct igmphdr *ih = igmp_hdr(skb); 1120 struct net_bridge_mdb_entry *mp; 1121 struct igmpv3_query *ih3; 1122 struct net_bridge_port_group *p; 1123 struct net_bridge_port_group __rcu **pp; 1124 unsigned long max_delay; 1125 unsigned long now = jiffies; 1126 __be32 group; 1127 int err = 0; 1128 1129 spin_lock(&br->multicast_lock); 1130 if (!netif_running(br->dev) || 1131 (port && port->state == BR_STATE_DISABLED)) 1132 goto out; 1133 1134 br_multicast_query_received(br, port, !!iph->saddr); 1135 1136 group = ih->group; 1137 1138 if (skb->len == sizeof(*ih)) { 1139 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE); 1140 1141 if (!max_delay) { 1142 max_delay = 10 * HZ; 1143 group = 0; 1144 } 1145 } else { 1146 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) { 1147 err = -EINVAL; 1148 goto out; 1149 } 1150 1151 ih3 = igmpv3_query_hdr(skb); 1152 if (ih3->nsrcs) 1153 goto out; 1154 1155 max_delay = ih3->code ? 1156 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1; 1157 } 1158 1159 if (!group) 1160 goto out; 1161 1162 mp = br_mdb_ip4_get(mlock_dereference(br->mdb, br), group); 1163 if (!mp) 1164 goto out; 1165 1166 max_delay *= br->multicast_last_member_count; 1167 1168 if (mp->mglist && 1169 (timer_pending(&mp->timer) ? 1170 time_after(mp->timer.expires, now + max_delay) : 1171 try_to_del_timer_sync(&mp->timer) >= 0)) 1172 mod_timer(&mp->timer, now + max_delay); 1173 1174 for (pp = &mp->ports; 1175 (p = mlock_dereference(*pp, br)) != NULL; 1176 pp = &p->next) { 1177 if (timer_pending(&p->timer) ? 1178 time_after(p->timer.expires, now + max_delay) : 1179 try_to_del_timer_sync(&p->timer) >= 0) 1180 mod_timer(&p->timer, now + max_delay); 1181 } 1182 1183 out: 1184 spin_unlock(&br->multicast_lock); 1185 return err; 1186 } 1187 1188 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 1189 static int br_ip6_multicast_query(struct net_bridge *br, 1190 struct net_bridge_port *port, 1191 struct sk_buff *skb) 1192 { 1193 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 1194 struct mld_msg *mld = (struct mld_msg *) icmp6_hdr(skb); 1195 struct net_bridge_mdb_entry *mp; 1196 struct mld2_query *mld2q; 1197 struct net_bridge_port_group *p; 1198 struct net_bridge_port_group __rcu **pp; 1199 unsigned long max_delay; 1200 unsigned long now = jiffies; 1201 const struct in6_addr *group = NULL; 1202 int err = 0; 1203 1204 spin_lock(&br->multicast_lock); 1205 if (!netif_running(br->dev) || 1206 (port && port->state == BR_STATE_DISABLED)) 1207 goto out; 1208 1209 br_multicast_query_received(br, port, !ipv6_addr_any(&ip6h->saddr)); 1210 1211 if (skb->len == sizeof(*mld)) { 1212 if (!pskb_may_pull(skb, sizeof(*mld))) { 1213 err = -EINVAL; 1214 goto out; 1215 } 1216 mld = (struct mld_msg *) icmp6_hdr(skb); 1217 max_delay = msecs_to_jiffies(htons(mld->mld_maxdelay)); 1218 if (max_delay) 1219 group = &mld->mld_mca; 1220 } else if (skb->len >= sizeof(*mld2q)) { 1221 if (!pskb_may_pull(skb, sizeof(*mld2q))) { 1222 err = -EINVAL; 1223 goto out; 1224 } 1225 mld2q = (struct mld2_query *)icmp6_hdr(skb); 1226 if (!mld2q->mld2q_nsrcs) 1227 group = &mld2q->mld2q_mca; 1228 max_delay = mld2q->mld2q_mrc ? MLDV2_MRC(mld2q->mld2q_mrc) : 1; 1229 } 1230 1231 if (!group) 1232 goto out; 1233 1234 mp = br_mdb_ip6_get(mlock_dereference(br->mdb, br), group); 1235 if (!mp) 1236 goto out; 1237 1238 max_delay *= br->multicast_last_member_count; 1239 if (mp->mglist && 1240 (timer_pending(&mp->timer) ? 1241 time_after(mp->timer.expires, now + max_delay) : 1242 try_to_del_timer_sync(&mp->timer) >= 0)) 1243 mod_timer(&mp->timer, now + max_delay); 1244 1245 for (pp = &mp->ports; 1246 (p = mlock_dereference(*pp, br)) != NULL; 1247 pp = &p->next) { 1248 if (timer_pending(&p->timer) ? 1249 time_after(p->timer.expires, now + max_delay) : 1250 try_to_del_timer_sync(&p->timer) >= 0) 1251 mod_timer(&p->timer, now + max_delay); 1252 } 1253 1254 out: 1255 spin_unlock(&br->multicast_lock); 1256 return err; 1257 } 1258 #endif 1259 1260 static void br_multicast_leave_group(struct net_bridge *br, 1261 struct net_bridge_port *port, 1262 struct br_ip *group) 1263 { 1264 struct net_bridge_mdb_htable *mdb; 1265 struct net_bridge_mdb_entry *mp; 1266 struct net_bridge_port_group *p; 1267 unsigned long now; 1268 unsigned long time; 1269 1270 spin_lock(&br->multicast_lock); 1271 if (!netif_running(br->dev) || 1272 (port && port->state == BR_STATE_DISABLED) || 1273 timer_pending(&br->multicast_querier_timer)) 1274 goto out; 1275 1276 mdb = mlock_dereference(br->mdb, br); 1277 mp = br_mdb_ip_get(mdb, group); 1278 if (!mp) 1279 goto out; 1280 1281 now = jiffies; 1282 time = now + br->multicast_last_member_count * 1283 br->multicast_last_member_interval; 1284 1285 if (!port) { 1286 if (mp->mglist && 1287 (timer_pending(&mp->timer) ? 1288 time_after(mp->timer.expires, time) : 1289 try_to_del_timer_sync(&mp->timer) >= 0)) { 1290 mod_timer(&mp->timer, time); 1291 1292 mp->queries_sent = 0; 1293 mod_timer(&mp->query_timer, now); 1294 } 1295 1296 goto out; 1297 } 1298 1299 for (p = mlock_dereference(mp->ports, br); 1300 p != NULL; 1301 p = mlock_dereference(p->next, br)) { 1302 if (p->port != port) 1303 continue; 1304 1305 if (!hlist_unhashed(&p->mglist) && 1306 (timer_pending(&p->timer) ? 1307 time_after(p->timer.expires, time) : 1308 try_to_del_timer_sync(&p->timer) >= 0)) { 1309 mod_timer(&p->timer, time); 1310 1311 p->queries_sent = 0; 1312 mod_timer(&p->query_timer, now); 1313 } 1314 1315 break; 1316 } 1317 1318 out: 1319 spin_unlock(&br->multicast_lock); 1320 } 1321 1322 static void br_ip4_multicast_leave_group(struct net_bridge *br, 1323 struct net_bridge_port *port, 1324 __be32 group) 1325 { 1326 struct br_ip br_group; 1327 1328 if (ipv4_is_local_multicast(group)) 1329 return; 1330 1331 br_group.u.ip4 = group; 1332 br_group.proto = htons(ETH_P_IP); 1333 1334 br_multicast_leave_group(br, port, &br_group); 1335 } 1336 1337 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 1338 static void br_ip6_multicast_leave_group(struct net_bridge *br, 1339 struct net_bridge_port *port, 1340 const struct in6_addr *group) 1341 { 1342 struct br_ip br_group; 1343 1344 if (!ipv6_is_transient_multicast(group)) 1345 return; 1346 1347 ipv6_addr_copy(&br_group.u.ip6, group); 1348 br_group.proto = htons(ETH_P_IPV6); 1349 1350 br_multicast_leave_group(br, port, &br_group); 1351 } 1352 #endif 1353 1354 static int br_multicast_ipv4_rcv(struct net_bridge *br, 1355 struct net_bridge_port *port, 1356 struct sk_buff *skb) 1357 { 1358 struct sk_buff *skb2 = skb; 1359 const struct iphdr *iph; 1360 struct igmphdr *ih; 1361 unsigned len; 1362 unsigned offset; 1363 int err; 1364 1365 /* We treat OOM as packet loss for now. */ 1366 if (!pskb_may_pull(skb, sizeof(*iph))) 1367 return -EINVAL; 1368 1369 iph = ip_hdr(skb); 1370 1371 if (iph->ihl < 5 || iph->version != 4) 1372 return -EINVAL; 1373 1374 if (!pskb_may_pull(skb, ip_hdrlen(skb))) 1375 return -EINVAL; 1376 1377 iph = ip_hdr(skb); 1378 1379 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl))) 1380 return -EINVAL; 1381 1382 if (iph->protocol != IPPROTO_IGMP) { 1383 if ((iph->daddr & IGMP_LOCAL_GROUP_MASK) != IGMP_LOCAL_GROUP) 1384 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1385 return 0; 1386 } 1387 1388 len = ntohs(iph->tot_len); 1389 if (skb->len < len || len < ip_hdrlen(skb)) 1390 return -EINVAL; 1391 1392 if (skb->len > len) { 1393 skb2 = skb_clone(skb, GFP_ATOMIC); 1394 if (!skb2) 1395 return -ENOMEM; 1396 1397 err = pskb_trim_rcsum(skb2, len); 1398 if (err) 1399 goto err_out; 1400 } 1401 1402 len -= ip_hdrlen(skb2); 1403 offset = skb_network_offset(skb2) + ip_hdrlen(skb2); 1404 __skb_pull(skb2, offset); 1405 skb_reset_transport_header(skb2); 1406 1407 err = -EINVAL; 1408 if (!pskb_may_pull(skb2, sizeof(*ih))) 1409 goto out; 1410 1411 switch (skb2->ip_summed) { 1412 case CHECKSUM_COMPLETE: 1413 if (!csum_fold(skb2->csum)) 1414 break; 1415 /* fall through */ 1416 case CHECKSUM_NONE: 1417 skb2->csum = 0; 1418 if (skb_checksum_complete(skb2)) 1419 goto out; 1420 } 1421 1422 err = 0; 1423 1424 BR_INPUT_SKB_CB(skb)->igmp = 1; 1425 ih = igmp_hdr(skb2); 1426 1427 switch (ih->type) { 1428 case IGMP_HOST_MEMBERSHIP_REPORT: 1429 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1430 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1431 err = br_ip4_multicast_add_group(br, port, ih->group); 1432 break; 1433 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1434 err = br_ip4_multicast_igmp3_report(br, port, skb2); 1435 break; 1436 case IGMP_HOST_MEMBERSHIP_QUERY: 1437 err = br_ip4_multicast_query(br, port, skb2); 1438 break; 1439 case IGMP_HOST_LEAVE_MESSAGE: 1440 br_ip4_multicast_leave_group(br, port, ih->group); 1441 break; 1442 } 1443 1444 out: 1445 __skb_push(skb2, offset); 1446 err_out: 1447 if (skb2 != skb) 1448 kfree_skb(skb2); 1449 return err; 1450 } 1451 1452 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 1453 static int br_multicast_ipv6_rcv(struct net_bridge *br, 1454 struct net_bridge_port *port, 1455 struct sk_buff *skb) 1456 { 1457 struct sk_buff *skb2; 1458 const struct ipv6hdr *ip6h; 1459 u8 icmp6_type; 1460 u8 nexthdr; 1461 unsigned len; 1462 int offset; 1463 int err; 1464 1465 if (!pskb_may_pull(skb, sizeof(*ip6h))) 1466 return -EINVAL; 1467 1468 ip6h = ipv6_hdr(skb); 1469 1470 /* 1471 * We're interested in MLD messages only. 1472 * - Version is 6 1473 * - MLD has always Router Alert hop-by-hop option 1474 * - But we do not support jumbrograms. 1475 */ 1476 if (ip6h->version != 6 || 1477 ip6h->nexthdr != IPPROTO_HOPOPTS || 1478 ip6h->payload_len == 0) 1479 return 0; 1480 1481 len = ntohs(ip6h->payload_len) + sizeof(*ip6h); 1482 if (skb->len < len) 1483 return -EINVAL; 1484 1485 nexthdr = ip6h->nexthdr; 1486 offset = ipv6_skip_exthdr(skb, sizeof(*ip6h), &nexthdr); 1487 1488 if (offset < 0 || nexthdr != IPPROTO_ICMPV6) 1489 return 0; 1490 1491 /* Okay, we found ICMPv6 header */ 1492 skb2 = skb_clone(skb, GFP_ATOMIC); 1493 if (!skb2) 1494 return -ENOMEM; 1495 1496 err = -EINVAL; 1497 if (!pskb_may_pull(skb2, offset + sizeof(struct icmp6hdr))) 1498 goto out; 1499 1500 len -= offset - skb_network_offset(skb2); 1501 1502 __skb_pull(skb2, offset); 1503 skb_reset_transport_header(skb2); 1504 1505 icmp6_type = icmp6_hdr(skb2)->icmp6_type; 1506 1507 switch (icmp6_type) { 1508 case ICMPV6_MGM_QUERY: 1509 case ICMPV6_MGM_REPORT: 1510 case ICMPV6_MGM_REDUCTION: 1511 case ICMPV6_MLD2_REPORT: 1512 break; 1513 default: 1514 err = 0; 1515 goto out; 1516 } 1517 1518 /* Okay, we found MLD message. Check further. */ 1519 if (skb2->len > len) { 1520 err = pskb_trim_rcsum(skb2, len); 1521 if (err) 1522 goto out; 1523 err = -EINVAL; 1524 } 1525 1526 ip6h = ipv6_hdr(skb2); 1527 1528 switch (skb2->ip_summed) { 1529 case CHECKSUM_COMPLETE: 1530 if (!csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, skb2->len, 1531 IPPROTO_ICMPV6, skb2->csum)) 1532 break; 1533 /*FALLTHROUGH*/ 1534 case CHECKSUM_NONE: 1535 skb2->csum = ~csum_unfold(csum_ipv6_magic(&ip6h->saddr, 1536 &ip6h->daddr, 1537 skb2->len, 1538 IPPROTO_ICMPV6, 0)); 1539 if (__skb_checksum_complete(skb2)) 1540 goto out; 1541 } 1542 1543 err = 0; 1544 1545 BR_INPUT_SKB_CB(skb)->igmp = 1; 1546 1547 switch (icmp6_type) { 1548 case ICMPV6_MGM_REPORT: 1549 { 1550 struct mld_msg *mld; 1551 if (!pskb_may_pull(skb2, sizeof(*mld))) { 1552 err = -EINVAL; 1553 goto out; 1554 } 1555 mld = (struct mld_msg *)skb_transport_header(skb2); 1556 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 1557 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca); 1558 break; 1559 } 1560 case ICMPV6_MLD2_REPORT: 1561 err = br_ip6_multicast_mld2_report(br, port, skb2); 1562 break; 1563 case ICMPV6_MGM_QUERY: 1564 err = br_ip6_multicast_query(br, port, skb2); 1565 break; 1566 case ICMPV6_MGM_REDUCTION: 1567 { 1568 struct mld_msg *mld; 1569 if (!pskb_may_pull(skb2, sizeof(*mld))) { 1570 err = -EINVAL; 1571 goto out; 1572 } 1573 mld = (struct mld_msg *)skb_transport_header(skb2); 1574 br_ip6_multicast_leave_group(br, port, &mld->mld_mca); 1575 } 1576 } 1577 1578 out: 1579 kfree_skb(skb2); 1580 return err; 1581 } 1582 #endif 1583 1584 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port, 1585 struct sk_buff *skb) 1586 { 1587 BR_INPUT_SKB_CB(skb)->igmp = 0; 1588 BR_INPUT_SKB_CB(skb)->mrouters_only = 0; 1589 1590 if (br->multicast_disabled) 1591 return 0; 1592 1593 switch (skb->protocol) { 1594 case htons(ETH_P_IP): 1595 return br_multicast_ipv4_rcv(br, port, skb); 1596 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) 1597 case htons(ETH_P_IPV6): 1598 return br_multicast_ipv6_rcv(br, port, skb); 1599 #endif 1600 } 1601 1602 return 0; 1603 } 1604 1605 static void br_multicast_query_expired(unsigned long data) 1606 { 1607 struct net_bridge *br = (void *)data; 1608 1609 spin_lock(&br->multicast_lock); 1610 if (br->multicast_startup_queries_sent < 1611 br->multicast_startup_query_count) 1612 br->multicast_startup_queries_sent++; 1613 1614 br_multicast_send_query(br, NULL, br->multicast_startup_queries_sent); 1615 1616 spin_unlock(&br->multicast_lock); 1617 } 1618 1619 void br_multicast_init(struct net_bridge *br) 1620 { 1621 br->hash_elasticity = 4; 1622 br->hash_max = 512; 1623 1624 br->multicast_router = 1; 1625 br->multicast_last_member_count = 2; 1626 br->multicast_startup_query_count = 2; 1627 1628 br->multicast_last_member_interval = HZ; 1629 br->multicast_query_response_interval = 10 * HZ; 1630 br->multicast_startup_query_interval = 125 * HZ / 4; 1631 br->multicast_query_interval = 125 * HZ; 1632 br->multicast_querier_interval = 255 * HZ; 1633 br->multicast_membership_interval = 260 * HZ; 1634 1635 spin_lock_init(&br->multicast_lock); 1636 setup_timer(&br->multicast_router_timer, 1637 br_multicast_local_router_expired, 0); 1638 setup_timer(&br->multicast_querier_timer, 1639 br_multicast_local_router_expired, 0); 1640 setup_timer(&br->multicast_query_timer, br_multicast_query_expired, 1641 (unsigned long)br); 1642 } 1643 1644 void br_multicast_open(struct net_bridge *br) 1645 { 1646 br->multicast_startup_queries_sent = 0; 1647 1648 if (br->multicast_disabled) 1649 return; 1650 1651 mod_timer(&br->multicast_query_timer, jiffies); 1652 } 1653 1654 void br_multicast_stop(struct net_bridge *br) 1655 { 1656 struct net_bridge_mdb_htable *mdb; 1657 struct net_bridge_mdb_entry *mp; 1658 struct hlist_node *p, *n; 1659 u32 ver; 1660 int i; 1661 1662 del_timer_sync(&br->multicast_router_timer); 1663 del_timer_sync(&br->multicast_querier_timer); 1664 del_timer_sync(&br->multicast_query_timer); 1665 1666 spin_lock_bh(&br->multicast_lock); 1667 mdb = mlock_dereference(br->mdb, br); 1668 if (!mdb) 1669 goto out; 1670 1671 br->mdb = NULL; 1672 1673 ver = mdb->ver; 1674 for (i = 0; i < mdb->max; i++) { 1675 hlist_for_each_entry_safe(mp, p, n, &mdb->mhash[i], 1676 hlist[ver]) { 1677 del_timer(&mp->timer); 1678 del_timer(&mp->query_timer); 1679 call_rcu_bh(&mp->rcu, br_multicast_free_group); 1680 } 1681 } 1682 1683 if (mdb->old) { 1684 spin_unlock_bh(&br->multicast_lock); 1685 rcu_barrier_bh(); 1686 spin_lock_bh(&br->multicast_lock); 1687 WARN_ON(mdb->old); 1688 } 1689 1690 mdb->old = mdb; 1691 call_rcu_bh(&mdb->rcu, br_mdb_free); 1692 1693 out: 1694 spin_unlock_bh(&br->multicast_lock); 1695 } 1696 1697 int br_multicast_set_router(struct net_bridge *br, unsigned long val) 1698 { 1699 int err = -ENOENT; 1700 1701 spin_lock_bh(&br->multicast_lock); 1702 if (!netif_running(br->dev)) 1703 goto unlock; 1704 1705 switch (val) { 1706 case 0: 1707 case 2: 1708 del_timer(&br->multicast_router_timer); 1709 /* fall through */ 1710 case 1: 1711 br->multicast_router = val; 1712 err = 0; 1713 break; 1714 1715 default: 1716 err = -EINVAL; 1717 break; 1718 } 1719 1720 unlock: 1721 spin_unlock_bh(&br->multicast_lock); 1722 1723 return err; 1724 } 1725 1726 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val) 1727 { 1728 struct net_bridge *br = p->br; 1729 int err = -ENOENT; 1730 1731 spin_lock(&br->multicast_lock); 1732 if (!netif_running(br->dev) || p->state == BR_STATE_DISABLED) 1733 goto unlock; 1734 1735 switch (val) { 1736 case 0: 1737 case 1: 1738 case 2: 1739 p->multicast_router = val; 1740 err = 0; 1741 1742 if (val < 2 && !hlist_unhashed(&p->rlist)) 1743 hlist_del_init_rcu(&p->rlist); 1744 1745 if (val == 1) 1746 break; 1747 1748 del_timer(&p->multicast_router_timer); 1749 1750 if (val == 0) 1751 break; 1752 1753 br_multicast_add_router(br, p); 1754 break; 1755 1756 default: 1757 err = -EINVAL; 1758 break; 1759 } 1760 1761 unlock: 1762 spin_unlock(&br->multicast_lock); 1763 1764 return err; 1765 } 1766 1767 int br_multicast_toggle(struct net_bridge *br, unsigned long val) 1768 { 1769 struct net_bridge_port *port; 1770 int err = 0; 1771 struct net_bridge_mdb_htable *mdb; 1772 1773 spin_lock(&br->multicast_lock); 1774 if (br->multicast_disabled == !val) 1775 goto unlock; 1776 1777 br->multicast_disabled = !val; 1778 if (br->multicast_disabled) 1779 goto unlock; 1780 1781 if (!netif_running(br->dev)) 1782 goto unlock; 1783 1784 mdb = mlock_dereference(br->mdb, br); 1785 if (mdb) { 1786 if (mdb->old) { 1787 err = -EEXIST; 1788 rollback: 1789 br->multicast_disabled = !!val; 1790 goto unlock; 1791 } 1792 1793 err = br_mdb_rehash(&br->mdb, mdb->max, 1794 br->hash_elasticity); 1795 if (err) 1796 goto rollback; 1797 } 1798 1799 br_multicast_open(br); 1800 list_for_each_entry(port, &br->port_list, list) { 1801 if (port->state == BR_STATE_DISABLED || 1802 port->state == BR_STATE_BLOCKING) 1803 continue; 1804 1805 __br_multicast_enable_port(port); 1806 } 1807 1808 unlock: 1809 spin_unlock(&br->multicast_lock); 1810 1811 return err; 1812 } 1813 1814 int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val) 1815 { 1816 int err = -ENOENT; 1817 u32 old; 1818 struct net_bridge_mdb_htable *mdb; 1819 1820 spin_lock(&br->multicast_lock); 1821 if (!netif_running(br->dev)) 1822 goto unlock; 1823 1824 err = -EINVAL; 1825 if (!is_power_of_2(val)) 1826 goto unlock; 1827 1828 mdb = mlock_dereference(br->mdb, br); 1829 if (mdb && val < mdb->size) 1830 goto unlock; 1831 1832 err = 0; 1833 1834 old = br->hash_max; 1835 br->hash_max = val; 1836 1837 if (mdb) { 1838 if (mdb->old) { 1839 err = -EEXIST; 1840 rollback: 1841 br->hash_max = old; 1842 goto unlock; 1843 } 1844 1845 err = br_mdb_rehash(&br->mdb, br->hash_max, 1846 br->hash_elasticity); 1847 if (err) 1848 goto rollback; 1849 } 1850 1851 unlock: 1852 spin_unlock(&br->multicast_lock); 1853 1854 return err; 1855 } 1856