1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Bridge multicast support. 4 * 5 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au> 6 */ 7 8 #include <linux/err.h> 9 #include <linux/export.h> 10 #include <linux/if_ether.h> 11 #include <linux/igmp.h> 12 #include <linux/in.h> 13 #include <linux/jhash.h> 14 #include <linux/kernel.h> 15 #include <linux/log2.h> 16 #include <linux/netdevice.h> 17 #include <linux/netfilter_bridge.h> 18 #include <linux/random.h> 19 #include <linux/rculist.h> 20 #include <linux/skbuff.h> 21 #include <linux/slab.h> 22 #include <linux/timer.h> 23 #include <linux/inetdevice.h> 24 #include <linux/mroute.h> 25 #include <net/ip.h> 26 #include <net/switchdev.h> 27 #if IS_ENABLED(CONFIG_IPV6) 28 #include <linux/icmpv6.h> 29 #include <net/ipv6.h> 30 #include <net/mld.h> 31 #include <net/ip6_checksum.h> 32 #include <net/addrconf.h> 33 #endif 34 35 #include "br_private.h" 36 #include "br_private_mcast_eht.h" 37 38 static const struct rhashtable_params br_mdb_rht_params = { 39 .head_offset = offsetof(struct net_bridge_mdb_entry, rhnode), 40 .key_offset = offsetof(struct net_bridge_mdb_entry, addr), 41 .key_len = sizeof(struct br_ip), 42 .automatic_shrinking = true, 43 }; 44 45 static const struct rhashtable_params br_sg_port_rht_params = { 46 .head_offset = offsetof(struct net_bridge_port_group, rhnode), 47 .key_offset = offsetof(struct net_bridge_port_group, key), 48 .key_len = sizeof(struct net_bridge_port_group_sg_key), 49 .automatic_shrinking = true, 50 }; 51 52 static void br_multicast_start_querier(struct net_bridge *br, 53 struct bridge_mcast_own_query *query); 54 static void br_ip4_multicast_add_router(struct net_bridge *br, 55 struct net_bridge_port *port); 56 static void br_ip4_multicast_leave_group(struct net_bridge *br, 57 struct net_bridge_port *port, 58 __be32 group, 59 __u16 vid, 60 const unsigned char *src); 61 static void br_multicast_port_group_rexmit(struct timer_list *t); 62 63 static void 64 br_multicast_rport_del_notify(struct net_bridge_port *p, bool deleted); 65 static void br_ip6_multicast_add_router(struct net_bridge *br, 66 struct net_bridge_port *port); 67 #if IS_ENABLED(CONFIG_IPV6) 68 static void br_ip6_multicast_leave_group(struct net_bridge *br, 69 struct net_bridge_port *port, 70 const struct in6_addr *group, 71 __u16 vid, const unsigned char *src); 72 #endif 73 static struct net_bridge_port_group * 74 __br_multicast_add_group(struct net_bridge *br, 75 struct net_bridge_port *port, 76 struct br_ip *group, 77 const unsigned char *src, 78 u8 filter_mode, 79 bool igmpv2_mldv1, 80 bool blocked); 81 static void br_multicast_find_del_pg(struct net_bridge *br, 82 struct net_bridge_port_group *pg); 83 84 static struct net_bridge_port_group * 85 br_sg_port_find(struct net_bridge *br, 86 struct net_bridge_port_group_sg_key *sg_p) 87 { 88 lockdep_assert_held_once(&br->multicast_lock); 89 90 return rhashtable_lookup_fast(&br->sg_port_tbl, sg_p, 91 br_sg_port_rht_params); 92 } 93 94 static struct net_bridge_mdb_entry *br_mdb_ip_get_rcu(struct net_bridge *br, 95 struct br_ip *dst) 96 { 97 return rhashtable_lookup(&br->mdb_hash_tbl, dst, br_mdb_rht_params); 98 } 99 100 struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge *br, 101 struct br_ip *dst) 102 { 103 struct net_bridge_mdb_entry *ent; 104 105 lockdep_assert_held_once(&br->multicast_lock); 106 107 rcu_read_lock(); 108 ent = rhashtable_lookup(&br->mdb_hash_tbl, dst, br_mdb_rht_params); 109 rcu_read_unlock(); 110 111 return ent; 112 } 113 114 static struct net_bridge_mdb_entry *br_mdb_ip4_get(struct net_bridge *br, 115 __be32 dst, __u16 vid) 116 { 117 struct br_ip br_dst; 118 119 memset(&br_dst, 0, sizeof(br_dst)); 120 br_dst.dst.ip4 = dst; 121 br_dst.proto = htons(ETH_P_IP); 122 br_dst.vid = vid; 123 124 return br_mdb_ip_get(br, &br_dst); 125 } 126 127 #if IS_ENABLED(CONFIG_IPV6) 128 static struct net_bridge_mdb_entry *br_mdb_ip6_get(struct net_bridge *br, 129 const struct in6_addr *dst, 130 __u16 vid) 131 { 132 struct br_ip br_dst; 133 134 memset(&br_dst, 0, sizeof(br_dst)); 135 br_dst.dst.ip6 = *dst; 136 br_dst.proto = htons(ETH_P_IPV6); 137 br_dst.vid = vid; 138 139 return br_mdb_ip_get(br, &br_dst); 140 } 141 #endif 142 143 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br, 144 struct sk_buff *skb, u16 vid) 145 { 146 struct br_ip ip; 147 148 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) 149 return NULL; 150 151 if (BR_INPUT_SKB_CB(skb)->igmp) 152 return NULL; 153 154 memset(&ip, 0, sizeof(ip)); 155 ip.proto = skb->protocol; 156 ip.vid = vid; 157 158 switch (skb->protocol) { 159 case htons(ETH_P_IP): 160 ip.dst.ip4 = ip_hdr(skb)->daddr; 161 if (br->multicast_igmp_version == 3) { 162 struct net_bridge_mdb_entry *mdb; 163 164 ip.src.ip4 = ip_hdr(skb)->saddr; 165 mdb = br_mdb_ip_get_rcu(br, &ip); 166 if (mdb) 167 return mdb; 168 ip.src.ip4 = 0; 169 } 170 break; 171 #if IS_ENABLED(CONFIG_IPV6) 172 case htons(ETH_P_IPV6): 173 ip.dst.ip6 = ipv6_hdr(skb)->daddr; 174 if (br->multicast_mld_version == 2) { 175 struct net_bridge_mdb_entry *mdb; 176 177 ip.src.ip6 = ipv6_hdr(skb)->saddr; 178 mdb = br_mdb_ip_get_rcu(br, &ip); 179 if (mdb) 180 return mdb; 181 memset(&ip.src.ip6, 0, sizeof(ip.src.ip6)); 182 } 183 break; 184 #endif 185 default: 186 ip.proto = 0; 187 ether_addr_copy(ip.dst.mac_addr, eth_hdr(skb)->h_dest); 188 } 189 190 return br_mdb_ip_get_rcu(br, &ip); 191 } 192 193 static bool br_port_group_equal(struct net_bridge_port_group *p, 194 struct net_bridge_port *port, 195 const unsigned char *src) 196 { 197 if (p->key.port != port) 198 return false; 199 200 if (!(port->flags & BR_MULTICAST_TO_UNICAST)) 201 return true; 202 203 return ether_addr_equal(src, p->eth_addr); 204 } 205 206 static void __fwd_add_star_excl(struct net_bridge_port_group *pg, 207 struct br_ip *sg_ip) 208 { 209 struct net_bridge_port_group_sg_key sg_key; 210 struct net_bridge *br = pg->key.port->br; 211 struct net_bridge_port_group *src_pg; 212 213 memset(&sg_key, 0, sizeof(sg_key)); 214 sg_key.port = pg->key.port; 215 sg_key.addr = *sg_ip; 216 if (br_sg_port_find(br, &sg_key)) 217 return; 218 219 src_pg = __br_multicast_add_group(br, pg->key.port, sg_ip, pg->eth_addr, 220 MCAST_INCLUDE, false, false); 221 if (IS_ERR_OR_NULL(src_pg) || 222 src_pg->rt_protocol != RTPROT_KERNEL) 223 return; 224 225 src_pg->flags |= MDB_PG_FLAGS_STAR_EXCL; 226 } 227 228 static void __fwd_del_star_excl(struct net_bridge_port_group *pg, 229 struct br_ip *sg_ip) 230 { 231 struct net_bridge_port_group_sg_key sg_key; 232 struct net_bridge *br = pg->key.port->br; 233 struct net_bridge_port_group *src_pg; 234 235 memset(&sg_key, 0, sizeof(sg_key)); 236 sg_key.port = pg->key.port; 237 sg_key.addr = *sg_ip; 238 src_pg = br_sg_port_find(br, &sg_key); 239 if (!src_pg || !(src_pg->flags & MDB_PG_FLAGS_STAR_EXCL) || 240 src_pg->rt_protocol != RTPROT_KERNEL) 241 return; 242 243 br_multicast_find_del_pg(br, src_pg); 244 } 245 246 /* When a port group transitions to (or is added as) EXCLUDE we need to add it 247 * to all other ports' S,G entries which are not blocked by the current group 248 * for proper replication, the assumption is that any S,G blocked entries 249 * are already added so the S,G,port lookup should skip them. 250 * When a port group transitions from EXCLUDE -> INCLUDE mode or is being 251 * deleted we need to remove it from all ports' S,G entries where it was 252 * automatically installed before (i.e. where it's MDB_PG_FLAGS_STAR_EXCL). 253 */ 254 void br_multicast_star_g_handle_mode(struct net_bridge_port_group *pg, 255 u8 filter_mode) 256 { 257 struct net_bridge *br = pg->key.port->br; 258 struct net_bridge_port_group *pg_lst; 259 struct net_bridge_mdb_entry *mp; 260 struct br_ip sg_ip; 261 262 if (WARN_ON(!br_multicast_is_star_g(&pg->key.addr))) 263 return; 264 265 mp = br_mdb_ip_get(br, &pg->key.addr); 266 if (!mp) 267 return; 268 269 memset(&sg_ip, 0, sizeof(sg_ip)); 270 sg_ip = pg->key.addr; 271 for (pg_lst = mlock_dereference(mp->ports, br); 272 pg_lst; 273 pg_lst = mlock_dereference(pg_lst->next, br)) { 274 struct net_bridge_group_src *src_ent; 275 276 if (pg_lst == pg) 277 continue; 278 hlist_for_each_entry(src_ent, &pg_lst->src_list, node) { 279 if (!(src_ent->flags & BR_SGRP_F_INSTALLED)) 280 continue; 281 sg_ip.src = src_ent->addr.src; 282 switch (filter_mode) { 283 case MCAST_INCLUDE: 284 __fwd_del_star_excl(pg, &sg_ip); 285 break; 286 case MCAST_EXCLUDE: 287 __fwd_add_star_excl(pg, &sg_ip); 288 break; 289 } 290 } 291 } 292 } 293 294 /* called when adding a new S,G with host_joined == false by default */ 295 static void br_multicast_sg_host_state(struct net_bridge_mdb_entry *star_mp, 296 struct net_bridge_port_group *sg) 297 { 298 struct net_bridge_mdb_entry *sg_mp; 299 300 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr))) 301 return; 302 if (!star_mp->host_joined) 303 return; 304 305 sg_mp = br_mdb_ip_get(star_mp->br, &sg->key.addr); 306 if (!sg_mp) 307 return; 308 sg_mp->host_joined = true; 309 } 310 311 /* set the host_joined state of all of *,G's S,G entries */ 312 static void br_multicast_star_g_host_state(struct net_bridge_mdb_entry *star_mp) 313 { 314 struct net_bridge *br = star_mp->br; 315 struct net_bridge_mdb_entry *sg_mp; 316 struct net_bridge_port_group *pg; 317 struct br_ip sg_ip; 318 319 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr))) 320 return; 321 322 memset(&sg_ip, 0, sizeof(sg_ip)); 323 sg_ip = star_mp->addr; 324 for (pg = mlock_dereference(star_mp->ports, br); 325 pg; 326 pg = mlock_dereference(pg->next, br)) { 327 struct net_bridge_group_src *src_ent; 328 329 hlist_for_each_entry(src_ent, &pg->src_list, node) { 330 if (!(src_ent->flags & BR_SGRP_F_INSTALLED)) 331 continue; 332 sg_ip.src = src_ent->addr.src; 333 sg_mp = br_mdb_ip_get(br, &sg_ip); 334 if (!sg_mp) 335 continue; 336 sg_mp->host_joined = star_mp->host_joined; 337 } 338 } 339 } 340 341 static void br_multicast_sg_del_exclude_ports(struct net_bridge_mdb_entry *sgmp) 342 { 343 struct net_bridge_port_group __rcu **pp; 344 struct net_bridge_port_group *p; 345 346 /* *,G exclude ports are only added to S,G entries */ 347 if (WARN_ON(br_multicast_is_star_g(&sgmp->addr))) 348 return; 349 350 /* we need the STAR_EXCLUDE ports if there are non-STAR_EXCLUDE ports 351 * we should ignore perm entries since they're managed by user-space 352 */ 353 for (pp = &sgmp->ports; 354 (p = mlock_dereference(*pp, sgmp->br)) != NULL; 355 pp = &p->next) 356 if (!(p->flags & (MDB_PG_FLAGS_STAR_EXCL | 357 MDB_PG_FLAGS_PERMANENT))) 358 return; 359 360 /* currently the host can only have joined the *,G which means 361 * we treat it as EXCLUDE {}, so for an S,G it's considered a 362 * STAR_EXCLUDE entry and we can safely leave it 363 */ 364 sgmp->host_joined = false; 365 366 for (pp = &sgmp->ports; 367 (p = mlock_dereference(*pp, sgmp->br)) != NULL;) { 368 if (!(p->flags & MDB_PG_FLAGS_PERMANENT)) 369 br_multicast_del_pg(sgmp, p, pp); 370 else 371 pp = &p->next; 372 } 373 } 374 375 void br_multicast_sg_add_exclude_ports(struct net_bridge_mdb_entry *star_mp, 376 struct net_bridge_port_group *sg) 377 { 378 struct net_bridge_port_group_sg_key sg_key; 379 struct net_bridge *br = star_mp->br; 380 struct net_bridge_port_group *pg; 381 382 if (WARN_ON(br_multicast_is_star_g(&sg->key.addr))) 383 return; 384 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr))) 385 return; 386 387 br_multicast_sg_host_state(star_mp, sg); 388 memset(&sg_key, 0, sizeof(sg_key)); 389 sg_key.addr = sg->key.addr; 390 /* we need to add all exclude ports to the S,G */ 391 for (pg = mlock_dereference(star_mp->ports, br); 392 pg; 393 pg = mlock_dereference(pg->next, br)) { 394 struct net_bridge_port_group *src_pg; 395 396 if (pg == sg || pg->filter_mode == MCAST_INCLUDE) 397 continue; 398 399 sg_key.port = pg->key.port; 400 if (br_sg_port_find(br, &sg_key)) 401 continue; 402 403 src_pg = __br_multicast_add_group(br, pg->key.port, 404 &sg->key.addr, 405 sg->eth_addr, 406 MCAST_INCLUDE, false, false); 407 if (IS_ERR_OR_NULL(src_pg) || 408 src_pg->rt_protocol != RTPROT_KERNEL) 409 continue; 410 src_pg->flags |= MDB_PG_FLAGS_STAR_EXCL; 411 } 412 } 413 414 static void br_multicast_fwd_src_add(struct net_bridge_group_src *src) 415 { 416 struct net_bridge_mdb_entry *star_mp; 417 struct net_bridge_port_group *sg; 418 struct br_ip sg_ip; 419 420 if (src->flags & BR_SGRP_F_INSTALLED) 421 return; 422 423 memset(&sg_ip, 0, sizeof(sg_ip)); 424 sg_ip = src->pg->key.addr; 425 sg_ip.src = src->addr.src; 426 sg = __br_multicast_add_group(src->br, src->pg->key.port, &sg_ip, 427 src->pg->eth_addr, MCAST_INCLUDE, false, 428 !timer_pending(&src->timer)); 429 if (IS_ERR_OR_NULL(sg)) 430 return; 431 src->flags |= BR_SGRP_F_INSTALLED; 432 sg->flags &= ~MDB_PG_FLAGS_STAR_EXCL; 433 434 /* if it was added by user-space as perm we can skip next steps */ 435 if (sg->rt_protocol != RTPROT_KERNEL && 436 (sg->flags & MDB_PG_FLAGS_PERMANENT)) 437 return; 438 439 /* the kernel is now responsible for removing this S,G */ 440 del_timer(&sg->timer); 441 star_mp = br_mdb_ip_get(src->br, &src->pg->key.addr); 442 if (!star_mp) 443 return; 444 445 br_multicast_sg_add_exclude_ports(star_mp, sg); 446 } 447 448 static void br_multicast_fwd_src_remove(struct net_bridge_group_src *src, 449 bool fastleave) 450 { 451 struct net_bridge_port_group *p, *pg = src->pg; 452 struct net_bridge_port_group __rcu **pp; 453 struct net_bridge_mdb_entry *mp; 454 struct br_ip sg_ip; 455 456 memset(&sg_ip, 0, sizeof(sg_ip)); 457 sg_ip = pg->key.addr; 458 sg_ip.src = src->addr.src; 459 460 mp = br_mdb_ip_get(src->br, &sg_ip); 461 if (!mp) 462 return; 463 464 for (pp = &mp->ports; 465 (p = mlock_dereference(*pp, src->br)) != NULL; 466 pp = &p->next) { 467 if (!br_port_group_equal(p, pg->key.port, pg->eth_addr)) 468 continue; 469 470 if (p->rt_protocol != RTPROT_KERNEL && 471 (p->flags & MDB_PG_FLAGS_PERMANENT)) 472 break; 473 474 if (fastleave) 475 p->flags |= MDB_PG_FLAGS_FAST_LEAVE; 476 br_multicast_del_pg(mp, p, pp); 477 break; 478 } 479 src->flags &= ~BR_SGRP_F_INSTALLED; 480 } 481 482 /* install S,G and based on src's timer enable or disable forwarding */ 483 static void br_multicast_fwd_src_handle(struct net_bridge_group_src *src) 484 { 485 struct net_bridge_port_group_sg_key sg_key; 486 struct net_bridge_port_group *sg; 487 u8 old_flags; 488 489 br_multicast_fwd_src_add(src); 490 491 memset(&sg_key, 0, sizeof(sg_key)); 492 sg_key.addr = src->pg->key.addr; 493 sg_key.addr.src = src->addr.src; 494 sg_key.port = src->pg->key.port; 495 496 sg = br_sg_port_find(src->br, &sg_key); 497 if (!sg || (sg->flags & MDB_PG_FLAGS_PERMANENT)) 498 return; 499 500 old_flags = sg->flags; 501 if (timer_pending(&src->timer)) 502 sg->flags &= ~MDB_PG_FLAGS_BLOCKED; 503 else 504 sg->flags |= MDB_PG_FLAGS_BLOCKED; 505 506 if (old_flags != sg->flags) { 507 struct net_bridge_mdb_entry *sg_mp; 508 509 sg_mp = br_mdb_ip_get(src->br, &sg_key.addr); 510 if (!sg_mp) 511 return; 512 br_mdb_notify(src->br->dev, sg_mp, sg, RTM_NEWMDB); 513 } 514 } 515 516 static void br_multicast_destroy_mdb_entry(struct net_bridge_mcast_gc *gc) 517 { 518 struct net_bridge_mdb_entry *mp; 519 520 mp = container_of(gc, struct net_bridge_mdb_entry, mcast_gc); 521 WARN_ON(!hlist_unhashed(&mp->mdb_node)); 522 WARN_ON(mp->ports); 523 524 del_timer_sync(&mp->timer); 525 kfree_rcu(mp, rcu); 526 } 527 528 static void br_multicast_del_mdb_entry(struct net_bridge_mdb_entry *mp) 529 { 530 struct net_bridge *br = mp->br; 531 532 rhashtable_remove_fast(&br->mdb_hash_tbl, &mp->rhnode, 533 br_mdb_rht_params); 534 hlist_del_init_rcu(&mp->mdb_node); 535 hlist_add_head(&mp->mcast_gc.gc_node, &br->mcast_gc_list); 536 queue_work(system_long_wq, &br->mcast_gc_work); 537 } 538 539 static void br_multicast_group_expired(struct timer_list *t) 540 { 541 struct net_bridge_mdb_entry *mp = from_timer(mp, t, timer); 542 struct net_bridge *br = mp->br; 543 544 spin_lock(&br->multicast_lock); 545 if (hlist_unhashed(&mp->mdb_node) || !netif_running(br->dev) || 546 timer_pending(&mp->timer)) 547 goto out; 548 549 br_multicast_host_leave(mp, true); 550 551 if (mp->ports) 552 goto out; 553 br_multicast_del_mdb_entry(mp); 554 out: 555 spin_unlock(&br->multicast_lock); 556 } 557 558 static void br_multicast_destroy_group_src(struct net_bridge_mcast_gc *gc) 559 { 560 struct net_bridge_group_src *src; 561 562 src = container_of(gc, struct net_bridge_group_src, mcast_gc); 563 WARN_ON(!hlist_unhashed(&src->node)); 564 565 del_timer_sync(&src->timer); 566 kfree_rcu(src, rcu); 567 } 568 569 void br_multicast_del_group_src(struct net_bridge_group_src *src, 570 bool fastleave) 571 { 572 struct net_bridge *br = src->pg->key.port->br; 573 574 br_multicast_fwd_src_remove(src, fastleave); 575 hlist_del_init_rcu(&src->node); 576 src->pg->src_ents--; 577 hlist_add_head(&src->mcast_gc.gc_node, &br->mcast_gc_list); 578 queue_work(system_long_wq, &br->mcast_gc_work); 579 } 580 581 static void br_multicast_destroy_port_group(struct net_bridge_mcast_gc *gc) 582 { 583 struct net_bridge_port_group *pg; 584 585 pg = container_of(gc, struct net_bridge_port_group, mcast_gc); 586 WARN_ON(!hlist_unhashed(&pg->mglist)); 587 WARN_ON(!hlist_empty(&pg->src_list)); 588 589 del_timer_sync(&pg->rexmit_timer); 590 del_timer_sync(&pg->timer); 591 kfree_rcu(pg, rcu); 592 } 593 594 void br_multicast_del_pg(struct net_bridge_mdb_entry *mp, 595 struct net_bridge_port_group *pg, 596 struct net_bridge_port_group __rcu **pp) 597 { 598 struct net_bridge *br = pg->key.port->br; 599 struct net_bridge_group_src *ent; 600 struct hlist_node *tmp; 601 602 rcu_assign_pointer(*pp, pg->next); 603 hlist_del_init(&pg->mglist); 604 br_multicast_eht_clean_sets(pg); 605 hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node) 606 br_multicast_del_group_src(ent, false); 607 br_mdb_notify(br->dev, mp, pg, RTM_DELMDB); 608 if (!br_multicast_is_star_g(&mp->addr)) { 609 rhashtable_remove_fast(&br->sg_port_tbl, &pg->rhnode, 610 br_sg_port_rht_params); 611 br_multicast_sg_del_exclude_ports(mp); 612 } else { 613 br_multicast_star_g_handle_mode(pg, MCAST_INCLUDE); 614 } 615 hlist_add_head(&pg->mcast_gc.gc_node, &br->mcast_gc_list); 616 queue_work(system_long_wq, &br->mcast_gc_work); 617 618 if (!mp->ports && !mp->host_joined && netif_running(br->dev)) 619 mod_timer(&mp->timer, jiffies); 620 } 621 622 static void br_multicast_find_del_pg(struct net_bridge *br, 623 struct net_bridge_port_group *pg) 624 { 625 struct net_bridge_port_group __rcu **pp; 626 struct net_bridge_mdb_entry *mp; 627 struct net_bridge_port_group *p; 628 629 mp = br_mdb_ip_get(br, &pg->key.addr); 630 if (WARN_ON(!mp)) 631 return; 632 633 for (pp = &mp->ports; 634 (p = mlock_dereference(*pp, br)) != NULL; 635 pp = &p->next) { 636 if (p != pg) 637 continue; 638 639 br_multicast_del_pg(mp, pg, pp); 640 return; 641 } 642 643 WARN_ON(1); 644 } 645 646 static void br_multicast_port_group_expired(struct timer_list *t) 647 { 648 struct net_bridge_port_group *pg = from_timer(pg, t, timer); 649 struct net_bridge_group_src *src_ent; 650 struct net_bridge *br = pg->key.port->br; 651 struct hlist_node *tmp; 652 bool changed; 653 654 spin_lock(&br->multicast_lock); 655 if (!netif_running(br->dev) || timer_pending(&pg->timer) || 656 hlist_unhashed(&pg->mglist) || pg->flags & MDB_PG_FLAGS_PERMANENT) 657 goto out; 658 659 changed = !!(pg->filter_mode == MCAST_EXCLUDE); 660 pg->filter_mode = MCAST_INCLUDE; 661 hlist_for_each_entry_safe(src_ent, tmp, &pg->src_list, node) { 662 if (!timer_pending(&src_ent->timer)) { 663 br_multicast_del_group_src(src_ent, false); 664 changed = true; 665 } 666 } 667 668 if (hlist_empty(&pg->src_list)) { 669 br_multicast_find_del_pg(br, pg); 670 } else if (changed) { 671 struct net_bridge_mdb_entry *mp = br_mdb_ip_get(br, &pg->key.addr); 672 673 if (changed && br_multicast_is_star_g(&pg->key.addr)) 674 br_multicast_star_g_handle_mode(pg, MCAST_INCLUDE); 675 676 if (WARN_ON(!mp)) 677 goto out; 678 br_mdb_notify(br->dev, mp, pg, RTM_NEWMDB); 679 } 680 out: 681 spin_unlock(&br->multicast_lock); 682 } 683 684 static void br_multicast_gc(struct hlist_head *head) 685 { 686 struct net_bridge_mcast_gc *gcent; 687 struct hlist_node *tmp; 688 689 hlist_for_each_entry_safe(gcent, tmp, head, gc_node) { 690 hlist_del_init(&gcent->gc_node); 691 gcent->destroy(gcent); 692 } 693 } 694 695 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br, 696 struct net_bridge_port_group *pg, 697 __be32 ip_dst, __be32 group, 698 bool with_srcs, bool over_lmqt, 699 u8 sflag, u8 *igmp_type, 700 bool *need_rexmit) 701 { 702 struct net_bridge_port *p = pg ? pg->key.port : NULL; 703 struct net_bridge_group_src *ent; 704 size_t pkt_size, igmp_hdr_size; 705 unsigned long now = jiffies; 706 struct igmpv3_query *ihv3; 707 void *csum_start = NULL; 708 __sum16 *csum = NULL; 709 struct sk_buff *skb; 710 struct igmphdr *ih; 711 struct ethhdr *eth; 712 unsigned long lmqt; 713 struct iphdr *iph; 714 u16 lmqt_srcs = 0; 715 716 igmp_hdr_size = sizeof(*ih); 717 if (br->multicast_igmp_version == 3) { 718 igmp_hdr_size = sizeof(*ihv3); 719 if (pg && with_srcs) { 720 lmqt = now + (br->multicast_last_member_interval * 721 br->multicast_last_member_count); 722 hlist_for_each_entry(ent, &pg->src_list, node) { 723 if (over_lmqt == time_after(ent->timer.expires, 724 lmqt) && 725 ent->src_query_rexmit_cnt > 0) 726 lmqt_srcs++; 727 } 728 729 if (!lmqt_srcs) 730 return NULL; 731 igmp_hdr_size += lmqt_srcs * sizeof(__be32); 732 } 733 } 734 735 pkt_size = sizeof(*eth) + sizeof(*iph) + 4 + igmp_hdr_size; 736 if ((p && pkt_size > p->dev->mtu) || 737 pkt_size > br->dev->mtu) 738 return NULL; 739 740 skb = netdev_alloc_skb_ip_align(br->dev, pkt_size); 741 if (!skb) 742 goto out; 743 744 skb->protocol = htons(ETH_P_IP); 745 746 skb_reset_mac_header(skb); 747 eth = eth_hdr(skb); 748 749 ether_addr_copy(eth->h_source, br->dev->dev_addr); 750 ip_eth_mc_map(ip_dst, eth->h_dest); 751 eth->h_proto = htons(ETH_P_IP); 752 skb_put(skb, sizeof(*eth)); 753 754 skb_set_network_header(skb, skb->len); 755 iph = ip_hdr(skb); 756 iph->tot_len = htons(pkt_size - sizeof(*eth)); 757 758 iph->version = 4; 759 iph->ihl = 6; 760 iph->tos = 0xc0; 761 iph->id = 0; 762 iph->frag_off = htons(IP_DF); 763 iph->ttl = 1; 764 iph->protocol = IPPROTO_IGMP; 765 iph->saddr = br_opt_get(br, BROPT_MULTICAST_QUERY_USE_IFADDR) ? 766 inet_select_addr(br->dev, 0, RT_SCOPE_LINK) : 0; 767 iph->daddr = ip_dst; 768 ((u8 *)&iph[1])[0] = IPOPT_RA; 769 ((u8 *)&iph[1])[1] = 4; 770 ((u8 *)&iph[1])[2] = 0; 771 ((u8 *)&iph[1])[3] = 0; 772 ip_send_check(iph); 773 skb_put(skb, 24); 774 775 skb_set_transport_header(skb, skb->len); 776 *igmp_type = IGMP_HOST_MEMBERSHIP_QUERY; 777 778 switch (br->multicast_igmp_version) { 779 case 2: 780 ih = igmp_hdr(skb); 781 ih->type = IGMP_HOST_MEMBERSHIP_QUERY; 782 ih->code = (group ? br->multicast_last_member_interval : 783 br->multicast_query_response_interval) / 784 (HZ / IGMP_TIMER_SCALE); 785 ih->group = group; 786 ih->csum = 0; 787 csum = &ih->csum; 788 csum_start = (void *)ih; 789 break; 790 case 3: 791 ihv3 = igmpv3_query_hdr(skb); 792 ihv3->type = IGMP_HOST_MEMBERSHIP_QUERY; 793 ihv3->code = (group ? br->multicast_last_member_interval : 794 br->multicast_query_response_interval) / 795 (HZ / IGMP_TIMER_SCALE); 796 ihv3->group = group; 797 ihv3->qqic = br->multicast_query_interval / HZ; 798 ihv3->nsrcs = htons(lmqt_srcs); 799 ihv3->resv = 0; 800 ihv3->suppress = sflag; 801 ihv3->qrv = 2; 802 ihv3->csum = 0; 803 csum = &ihv3->csum; 804 csum_start = (void *)ihv3; 805 if (!pg || !with_srcs) 806 break; 807 808 lmqt_srcs = 0; 809 hlist_for_each_entry(ent, &pg->src_list, node) { 810 if (over_lmqt == time_after(ent->timer.expires, 811 lmqt) && 812 ent->src_query_rexmit_cnt > 0) { 813 ihv3->srcs[lmqt_srcs++] = ent->addr.src.ip4; 814 ent->src_query_rexmit_cnt--; 815 if (need_rexmit && ent->src_query_rexmit_cnt) 816 *need_rexmit = true; 817 } 818 } 819 if (WARN_ON(lmqt_srcs != ntohs(ihv3->nsrcs))) { 820 kfree_skb(skb); 821 return NULL; 822 } 823 break; 824 } 825 826 if (WARN_ON(!csum || !csum_start)) { 827 kfree_skb(skb); 828 return NULL; 829 } 830 831 *csum = ip_compute_csum(csum_start, igmp_hdr_size); 832 skb_put(skb, igmp_hdr_size); 833 __skb_pull(skb, sizeof(*eth)); 834 835 out: 836 return skb; 837 } 838 839 #if IS_ENABLED(CONFIG_IPV6) 840 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br, 841 struct net_bridge_port_group *pg, 842 const struct in6_addr *ip6_dst, 843 const struct in6_addr *group, 844 bool with_srcs, bool over_llqt, 845 u8 sflag, u8 *igmp_type, 846 bool *need_rexmit) 847 { 848 struct net_bridge_port *p = pg ? pg->key.port : NULL; 849 struct net_bridge_group_src *ent; 850 size_t pkt_size, mld_hdr_size; 851 unsigned long now = jiffies; 852 struct mld2_query *mld2q; 853 void *csum_start = NULL; 854 unsigned long interval; 855 __sum16 *csum = NULL; 856 struct ipv6hdr *ip6h; 857 struct mld_msg *mldq; 858 struct sk_buff *skb; 859 unsigned long llqt; 860 struct ethhdr *eth; 861 u16 llqt_srcs = 0; 862 u8 *hopopt; 863 864 mld_hdr_size = sizeof(*mldq); 865 if (br->multicast_mld_version == 2) { 866 mld_hdr_size = sizeof(*mld2q); 867 if (pg && with_srcs) { 868 llqt = now + (br->multicast_last_member_interval * 869 br->multicast_last_member_count); 870 hlist_for_each_entry(ent, &pg->src_list, node) { 871 if (over_llqt == time_after(ent->timer.expires, 872 llqt) && 873 ent->src_query_rexmit_cnt > 0) 874 llqt_srcs++; 875 } 876 877 if (!llqt_srcs) 878 return NULL; 879 mld_hdr_size += llqt_srcs * sizeof(struct in6_addr); 880 } 881 } 882 883 pkt_size = sizeof(*eth) + sizeof(*ip6h) + 8 + mld_hdr_size; 884 if ((p && pkt_size > p->dev->mtu) || 885 pkt_size > br->dev->mtu) 886 return NULL; 887 888 skb = netdev_alloc_skb_ip_align(br->dev, pkt_size); 889 if (!skb) 890 goto out; 891 892 skb->protocol = htons(ETH_P_IPV6); 893 894 /* Ethernet header */ 895 skb_reset_mac_header(skb); 896 eth = eth_hdr(skb); 897 898 ether_addr_copy(eth->h_source, br->dev->dev_addr); 899 eth->h_proto = htons(ETH_P_IPV6); 900 skb_put(skb, sizeof(*eth)); 901 902 /* IPv6 header + HbH option */ 903 skb_set_network_header(skb, skb->len); 904 ip6h = ipv6_hdr(skb); 905 906 *(__force __be32 *)ip6h = htonl(0x60000000); 907 ip6h->payload_len = htons(8 + mld_hdr_size); 908 ip6h->nexthdr = IPPROTO_HOPOPTS; 909 ip6h->hop_limit = 1; 910 ip6h->daddr = *ip6_dst; 911 if (ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0, 912 &ip6h->saddr)) { 913 kfree_skb(skb); 914 br_opt_toggle(br, BROPT_HAS_IPV6_ADDR, false); 915 return NULL; 916 } 917 918 br_opt_toggle(br, BROPT_HAS_IPV6_ADDR, true); 919 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest); 920 921 hopopt = (u8 *)(ip6h + 1); 922 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */ 923 hopopt[1] = 0; /* length of HbH */ 924 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */ 925 hopopt[3] = 2; /* Length of RA Option */ 926 hopopt[4] = 0; /* Type = 0x0000 (MLD) */ 927 hopopt[5] = 0; 928 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */ 929 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */ 930 931 skb_put(skb, sizeof(*ip6h) + 8); 932 933 /* ICMPv6 */ 934 skb_set_transport_header(skb, skb->len); 935 interval = ipv6_addr_any(group) ? 936 br->multicast_query_response_interval : 937 br->multicast_last_member_interval; 938 *igmp_type = ICMPV6_MGM_QUERY; 939 switch (br->multicast_mld_version) { 940 case 1: 941 mldq = (struct mld_msg *)icmp6_hdr(skb); 942 mldq->mld_type = ICMPV6_MGM_QUERY; 943 mldq->mld_code = 0; 944 mldq->mld_cksum = 0; 945 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval)); 946 mldq->mld_reserved = 0; 947 mldq->mld_mca = *group; 948 csum = &mldq->mld_cksum; 949 csum_start = (void *)mldq; 950 break; 951 case 2: 952 mld2q = (struct mld2_query *)icmp6_hdr(skb); 953 mld2q->mld2q_mrc = htons((u16)jiffies_to_msecs(interval)); 954 mld2q->mld2q_type = ICMPV6_MGM_QUERY; 955 mld2q->mld2q_code = 0; 956 mld2q->mld2q_cksum = 0; 957 mld2q->mld2q_resv1 = 0; 958 mld2q->mld2q_resv2 = 0; 959 mld2q->mld2q_suppress = sflag; 960 mld2q->mld2q_qrv = 2; 961 mld2q->mld2q_nsrcs = htons(llqt_srcs); 962 mld2q->mld2q_qqic = br->multicast_query_interval / HZ; 963 mld2q->mld2q_mca = *group; 964 csum = &mld2q->mld2q_cksum; 965 csum_start = (void *)mld2q; 966 if (!pg || !with_srcs) 967 break; 968 969 llqt_srcs = 0; 970 hlist_for_each_entry(ent, &pg->src_list, node) { 971 if (over_llqt == time_after(ent->timer.expires, 972 llqt) && 973 ent->src_query_rexmit_cnt > 0) { 974 mld2q->mld2q_srcs[llqt_srcs++] = ent->addr.src.ip6; 975 ent->src_query_rexmit_cnt--; 976 if (need_rexmit && ent->src_query_rexmit_cnt) 977 *need_rexmit = true; 978 } 979 } 980 if (WARN_ON(llqt_srcs != ntohs(mld2q->mld2q_nsrcs))) { 981 kfree_skb(skb); 982 return NULL; 983 } 984 break; 985 } 986 987 if (WARN_ON(!csum || !csum_start)) { 988 kfree_skb(skb); 989 return NULL; 990 } 991 992 *csum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, mld_hdr_size, 993 IPPROTO_ICMPV6, 994 csum_partial(csum_start, mld_hdr_size, 0)); 995 skb_put(skb, mld_hdr_size); 996 __skb_pull(skb, sizeof(*eth)); 997 998 out: 999 return skb; 1000 } 1001 #endif 1002 1003 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br, 1004 struct net_bridge_port_group *pg, 1005 struct br_ip *ip_dst, 1006 struct br_ip *group, 1007 bool with_srcs, bool over_lmqt, 1008 u8 sflag, u8 *igmp_type, 1009 bool *need_rexmit) 1010 { 1011 __be32 ip4_dst; 1012 1013 switch (group->proto) { 1014 case htons(ETH_P_IP): 1015 ip4_dst = ip_dst ? ip_dst->dst.ip4 : htonl(INADDR_ALLHOSTS_GROUP); 1016 return br_ip4_multicast_alloc_query(br, pg, 1017 ip4_dst, group->dst.ip4, 1018 with_srcs, over_lmqt, 1019 sflag, igmp_type, 1020 need_rexmit); 1021 #if IS_ENABLED(CONFIG_IPV6) 1022 case htons(ETH_P_IPV6): { 1023 struct in6_addr ip6_dst; 1024 1025 if (ip_dst) 1026 ip6_dst = ip_dst->dst.ip6; 1027 else 1028 ipv6_addr_set(&ip6_dst, htonl(0xff020000), 0, 0, 1029 htonl(1)); 1030 1031 return br_ip6_multicast_alloc_query(br, pg, 1032 &ip6_dst, &group->dst.ip6, 1033 with_srcs, over_lmqt, 1034 sflag, igmp_type, 1035 need_rexmit); 1036 } 1037 #endif 1038 } 1039 return NULL; 1040 } 1041 1042 struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br, 1043 struct br_ip *group) 1044 { 1045 struct net_bridge_mdb_entry *mp; 1046 int err; 1047 1048 mp = br_mdb_ip_get(br, group); 1049 if (mp) 1050 return mp; 1051 1052 if (atomic_read(&br->mdb_hash_tbl.nelems) >= br->hash_max) { 1053 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, false); 1054 return ERR_PTR(-E2BIG); 1055 } 1056 1057 mp = kzalloc(sizeof(*mp), GFP_ATOMIC); 1058 if (unlikely(!mp)) 1059 return ERR_PTR(-ENOMEM); 1060 1061 mp->br = br; 1062 mp->addr = *group; 1063 mp->mcast_gc.destroy = br_multicast_destroy_mdb_entry; 1064 timer_setup(&mp->timer, br_multicast_group_expired, 0); 1065 err = rhashtable_lookup_insert_fast(&br->mdb_hash_tbl, &mp->rhnode, 1066 br_mdb_rht_params); 1067 if (err) { 1068 kfree(mp); 1069 mp = ERR_PTR(err); 1070 } else { 1071 hlist_add_head_rcu(&mp->mdb_node, &br->mdb_list); 1072 } 1073 1074 return mp; 1075 } 1076 1077 static void br_multicast_group_src_expired(struct timer_list *t) 1078 { 1079 struct net_bridge_group_src *src = from_timer(src, t, timer); 1080 struct net_bridge_port_group *pg; 1081 struct net_bridge *br = src->br; 1082 1083 spin_lock(&br->multicast_lock); 1084 if (hlist_unhashed(&src->node) || !netif_running(br->dev) || 1085 timer_pending(&src->timer)) 1086 goto out; 1087 1088 pg = src->pg; 1089 if (pg->filter_mode == MCAST_INCLUDE) { 1090 br_multicast_del_group_src(src, false); 1091 if (!hlist_empty(&pg->src_list)) 1092 goto out; 1093 br_multicast_find_del_pg(br, pg); 1094 } else { 1095 br_multicast_fwd_src_handle(src); 1096 } 1097 1098 out: 1099 spin_unlock(&br->multicast_lock); 1100 } 1101 1102 struct net_bridge_group_src * 1103 br_multicast_find_group_src(struct net_bridge_port_group *pg, struct br_ip *ip) 1104 { 1105 struct net_bridge_group_src *ent; 1106 1107 switch (ip->proto) { 1108 case htons(ETH_P_IP): 1109 hlist_for_each_entry(ent, &pg->src_list, node) 1110 if (ip->src.ip4 == ent->addr.src.ip4) 1111 return ent; 1112 break; 1113 #if IS_ENABLED(CONFIG_IPV6) 1114 case htons(ETH_P_IPV6): 1115 hlist_for_each_entry(ent, &pg->src_list, node) 1116 if (!ipv6_addr_cmp(&ent->addr.src.ip6, &ip->src.ip6)) 1117 return ent; 1118 break; 1119 #endif 1120 } 1121 1122 return NULL; 1123 } 1124 1125 static struct net_bridge_group_src * 1126 br_multicast_new_group_src(struct net_bridge_port_group *pg, struct br_ip *src_ip) 1127 { 1128 struct net_bridge_group_src *grp_src; 1129 1130 if (unlikely(pg->src_ents >= PG_SRC_ENT_LIMIT)) 1131 return NULL; 1132 1133 switch (src_ip->proto) { 1134 case htons(ETH_P_IP): 1135 if (ipv4_is_zeronet(src_ip->src.ip4) || 1136 ipv4_is_multicast(src_ip->src.ip4)) 1137 return NULL; 1138 break; 1139 #if IS_ENABLED(CONFIG_IPV6) 1140 case htons(ETH_P_IPV6): 1141 if (ipv6_addr_any(&src_ip->src.ip6) || 1142 ipv6_addr_is_multicast(&src_ip->src.ip6)) 1143 return NULL; 1144 break; 1145 #endif 1146 } 1147 1148 grp_src = kzalloc(sizeof(*grp_src), GFP_ATOMIC); 1149 if (unlikely(!grp_src)) 1150 return NULL; 1151 1152 grp_src->pg = pg; 1153 grp_src->br = pg->key.port->br; 1154 grp_src->addr = *src_ip; 1155 grp_src->mcast_gc.destroy = br_multicast_destroy_group_src; 1156 timer_setup(&grp_src->timer, br_multicast_group_src_expired, 0); 1157 1158 hlist_add_head_rcu(&grp_src->node, &pg->src_list); 1159 pg->src_ents++; 1160 1161 return grp_src; 1162 } 1163 1164 struct net_bridge_port_group *br_multicast_new_port_group( 1165 struct net_bridge_port *port, 1166 struct br_ip *group, 1167 struct net_bridge_port_group __rcu *next, 1168 unsigned char flags, 1169 const unsigned char *src, 1170 u8 filter_mode, 1171 u8 rt_protocol) 1172 { 1173 struct net_bridge_port_group *p; 1174 1175 p = kzalloc(sizeof(*p), GFP_ATOMIC); 1176 if (unlikely(!p)) 1177 return NULL; 1178 1179 p->key.addr = *group; 1180 p->key.port = port; 1181 p->flags = flags; 1182 p->filter_mode = filter_mode; 1183 p->rt_protocol = rt_protocol; 1184 p->eht_host_tree = RB_ROOT; 1185 p->eht_set_tree = RB_ROOT; 1186 p->mcast_gc.destroy = br_multicast_destroy_port_group; 1187 INIT_HLIST_HEAD(&p->src_list); 1188 1189 if (!br_multicast_is_star_g(group) && 1190 rhashtable_lookup_insert_fast(&port->br->sg_port_tbl, &p->rhnode, 1191 br_sg_port_rht_params)) { 1192 kfree(p); 1193 return NULL; 1194 } 1195 1196 rcu_assign_pointer(p->next, next); 1197 timer_setup(&p->timer, br_multicast_port_group_expired, 0); 1198 timer_setup(&p->rexmit_timer, br_multicast_port_group_rexmit, 0); 1199 hlist_add_head(&p->mglist, &port->mglist); 1200 1201 if (src) 1202 memcpy(p->eth_addr, src, ETH_ALEN); 1203 else 1204 eth_broadcast_addr(p->eth_addr); 1205 1206 return p; 1207 } 1208 1209 void br_multicast_host_join(struct net_bridge_mdb_entry *mp, bool notify) 1210 { 1211 if (!mp->host_joined) { 1212 mp->host_joined = true; 1213 if (br_multicast_is_star_g(&mp->addr)) 1214 br_multicast_star_g_host_state(mp); 1215 if (notify) 1216 br_mdb_notify(mp->br->dev, mp, NULL, RTM_NEWMDB); 1217 } 1218 1219 if (br_group_is_l2(&mp->addr)) 1220 return; 1221 1222 mod_timer(&mp->timer, jiffies + mp->br->multicast_membership_interval); 1223 } 1224 1225 void br_multicast_host_leave(struct net_bridge_mdb_entry *mp, bool notify) 1226 { 1227 if (!mp->host_joined) 1228 return; 1229 1230 mp->host_joined = false; 1231 if (br_multicast_is_star_g(&mp->addr)) 1232 br_multicast_star_g_host_state(mp); 1233 if (notify) 1234 br_mdb_notify(mp->br->dev, mp, NULL, RTM_DELMDB); 1235 } 1236 1237 static struct net_bridge_port_group * 1238 __br_multicast_add_group(struct net_bridge *br, 1239 struct net_bridge_port *port, 1240 struct br_ip *group, 1241 const unsigned char *src, 1242 u8 filter_mode, 1243 bool igmpv2_mldv1, 1244 bool blocked) 1245 { 1246 struct net_bridge_port_group __rcu **pp; 1247 struct net_bridge_port_group *p = NULL; 1248 struct net_bridge_mdb_entry *mp; 1249 unsigned long now = jiffies; 1250 1251 if (!netif_running(br->dev) || 1252 (port && port->state == BR_STATE_DISABLED)) 1253 goto out; 1254 1255 mp = br_multicast_new_group(br, group); 1256 if (IS_ERR(mp)) 1257 return ERR_CAST(mp); 1258 1259 if (!port) { 1260 br_multicast_host_join(mp, true); 1261 goto out; 1262 } 1263 1264 for (pp = &mp->ports; 1265 (p = mlock_dereference(*pp, br)) != NULL; 1266 pp = &p->next) { 1267 if (br_port_group_equal(p, port, src)) 1268 goto found; 1269 if ((unsigned long)p->key.port < (unsigned long)port) 1270 break; 1271 } 1272 1273 p = br_multicast_new_port_group(port, group, *pp, 0, src, 1274 filter_mode, RTPROT_KERNEL); 1275 if (unlikely(!p)) { 1276 p = ERR_PTR(-ENOMEM); 1277 goto out; 1278 } 1279 rcu_assign_pointer(*pp, p); 1280 if (blocked) 1281 p->flags |= MDB_PG_FLAGS_BLOCKED; 1282 br_mdb_notify(br->dev, mp, p, RTM_NEWMDB); 1283 1284 found: 1285 if (igmpv2_mldv1) 1286 mod_timer(&p->timer, now + br->multicast_membership_interval); 1287 1288 out: 1289 return p; 1290 } 1291 1292 static int br_multicast_add_group(struct net_bridge *br, 1293 struct net_bridge_port *port, 1294 struct br_ip *group, 1295 const unsigned char *src, 1296 u8 filter_mode, 1297 bool igmpv2_mldv1) 1298 { 1299 struct net_bridge_port_group *pg; 1300 int err; 1301 1302 spin_lock(&br->multicast_lock); 1303 pg = __br_multicast_add_group(br, port, group, src, filter_mode, 1304 igmpv2_mldv1, false); 1305 /* NULL is considered valid for host joined groups */ 1306 err = PTR_ERR_OR_ZERO(pg); 1307 spin_unlock(&br->multicast_lock); 1308 1309 return err; 1310 } 1311 1312 static int br_ip4_multicast_add_group(struct net_bridge *br, 1313 struct net_bridge_port *port, 1314 __be32 group, 1315 __u16 vid, 1316 const unsigned char *src, 1317 bool igmpv2) 1318 { 1319 struct br_ip br_group; 1320 u8 filter_mode; 1321 1322 if (ipv4_is_local_multicast(group)) 1323 return 0; 1324 1325 memset(&br_group, 0, sizeof(br_group)); 1326 br_group.dst.ip4 = group; 1327 br_group.proto = htons(ETH_P_IP); 1328 br_group.vid = vid; 1329 filter_mode = igmpv2 ? MCAST_EXCLUDE : MCAST_INCLUDE; 1330 1331 return br_multicast_add_group(br, port, &br_group, src, filter_mode, 1332 igmpv2); 1333 } 1334 1335 #if IS_ENABLED(CONFIG_IPV6) 1336 static int br_ip6_multicast_add_group(struct net_bridge *br, 1337 struct net_bridge_port *port, 1338 const struct in6_addr *group, 1339 __u16 vid, 1340 const unsigned char *src, 1341 bool mldv1) 1342 { 1343 struct br_ip br_group; 1344 u8 filter_mode; 1345 1346 if (ipv6_addr_is_ll_all_nodes(group)) 1347 return 0; 1348 1349 memset(&br_group, 0, sizeof(br_group)); 1350 br_group.dst.ip6 = *group; 1351 br_group.proto = htons(ETH_P_IPV6); 1352 br_group.vid = vid; 1353 filter_mode = mldv1 ? MCAST_EXCLUDE : MCAST_INCLUDE; 1354 1355 return br_multicast_add_group(br, port, &br_group, src, filter_mode, 1356 mldv1); 1357 } 1358 #endif 1359 1360 static bool br_multicast_rport_del(struct hlist_node *rlist) 1361 { 1362 if (hlist_unhashed(rlist)) 1363 return false; 1364 1365 hlist_del_init_rcu(rlist); 1366 return true; 1367 } 1368 1369 static bool br_ip4_multicast_rport_del(struct net_bridge_port *p) 1370 { 1371 return br_multicast_rport_del(&p->ip4_rlist); 1372 } 1373 1374 static bool br_ip6_multicast_rport_del(struct net_bridge_port *p) 1375 { 1376 #if IS_ENABLED(CONFIG_IPV6) 1377 return br_multicast_rport_del(&p->ip6_rlist); 1378 #else 1379 return false; 1380 #endif 1381 } 1382 1383 static void br_multicast_router_expired(struct net_bridge_port *port, 1384 struct timer_list *t, 1385 struct hlist_node *rlist) 1386 { 1387 struct net_bridge *br = port->br; 1388 bool del; 1389 1390 spin_lock(&br->multicast_lock); 1391 if (port->multicast_router == MDB_RTR_TYPE_DISABLED || 1392 port->multicast_router == MDB_RTR_TYPE_PERM || 1393 timer_pending(t)) 1394 goto out; 1395 1396 del = br_multicast_rport_del(rlist); 1397 br_multicast_rport_del_notify(port, del); 1398 out: 1399 spin_unlock(&br->multicast_lock); 1400 } 1401 1402 static void br_ip4_multicast_router_expired(struct timer_list *t) 1403 { 1404 struct net_bridge_port *port = from_timer(port, t, ip4_mc_router_timer); 1405 1406 br_multicast_router_expired(port, t, &port->ip4_rlist); 1407 } 1408 1409 #if IS_ENABLED(CONFIG_IPV6) 1410 static void br_ip6_multicast_router_expired(struct timer_list *t) 1411 { 1412 struct net_bridge_port *port = from_timer(port, t, ip6_mc_router_timer); 1413 1414 br_multicast_router_expired(port, t, &port->ip6_rlist); 1415 } 1416 #endif 1417 1418 static void br_mc_router_state_change(struct net_bridge *p, 1419 bool is_mc_router) 1420 { 1421 struct switchdev_attr attr = { 1422 .orig_dev = p->dev, 1423 .id = SWITCHDEV_ATTR_ID_BRIDGE_MROUTER, 1424 .flags = SWITCHDEV_F_DEFER, 1425 .u.mrouter = is_mc_router, 1426 }; 1427 1428 switchdev_port_attr_set(p->dev, &attr, NULL); 1429 } 1430 1431 static void br_multicast_local_router_expired(struct net_bridge *br, 1432 struct timer_list *timer) 1433 { 1434 spin_lock(&br->multicast_lock); 1435 if (br->multicast_router == MDB_RTR_TYPE_DISABLED || 1436 br->multicast_router == MDB_RTR_TYPE_PERM || 1437 br_ip4_multicast_is_router(br) || 1438 br_ip6_multicast_is_router(br)) 1439 goto out; 1440 1441 br_mc_router_state_change(br, false); 1442 out: 1443 spin_unlock(&br->multicast_lock); 1444 } 1445 1446 static void br_ip4_multicast_local_router_expired(struct timer_list *t) 1447 { 1448 struct net_bridge *br = from_timer(br, t, ip4_mc_router_timer); 1449 1450 br_multicast_local_router_expired(br, t); 1451 } 1452 1453 #if IS_ENABLED(CONFIG_IPV6) 1454 static void br_ip6_multicast_local_router_expired(struct timer_list *t) 1455 { 1456 struct net_bridge *br = from_timer(br, t, ip6_mc_router_timer); 1457 1458 br_multicast_local_router_expired(br, t); 1459 } 1460 #endif 1461 1462 static void br_multicast_querier_expired(struct net_bridge *br, 1463 struct bridge_mcast_own_query *query) 1464 { 1465 spin_lock(&br->multicast_lock); 1466 if (!netif_running(br->dev) || !br_opt_get(br, BROPT_MULTICAST_ENABLED)) 1467 goto out; 1468 1469 br_multicast_start_querier(br, query); 1470 1471 out: 1472 spin_unlock(&br->multicast_lock); 1473 } 1474 1475 static void br_ip4_multicast_querier_expired(struct timer_list *t) 1476 { 1477 struct net_bridge *br = from_timer(br, t, ip4_other_query.timer); 1478 1479 br_multicast_querier_expired(br, &br->ip4_own_query); 1480 } 1481 1482 #if IS_ENABLED(CONFIG_IPV6) 1483 static void br_ip6_multicast_querier_expired(struct timer_list *t) 1484 { 1485 struct net_bridge *br = from_timer(br, t, ip6_other_query.timer); 1486 1487 br_multicast_querier_expired(br, &br->ip6_own_query); 1488 } 1489 #endif 1490 1491 static void br_multicast_select_own_querier(struct net_bridge *br, 1492 struct br_ip *ip, 1493 struct sk_buff *skb) 1494 { 1495 if (ip->proto == htons(ETH_P_IP)) 1496 br->ip4_querier.addr.src.ip4 = ip_hdr(skb)->saddr; 1497 #if IS_ENABLED(CONFIG_IPV6) 1498 else 1499 br->ip6_querier.addr.src.ip6 = ipv6_hdr(skb)->saddr; 1500 #endif 1501 } 1502 1503 static void __br_multicast_send_query(struct net_bridge *br, 1504 struct net_bridge_port *port, 1505 struct net_bridge_port_group *pg, 1506 struct br_ip *ip_dst, 1507 struct br_ip *group, 1508 bool with_srcs, 1509 u8 sflag, 1510 bool *need_rexmit) 1511 { 1512 bool over_lmqt = !!sflag; 1513 struct sk_buff *skb; 1514 u8 igmp_type; 1515 1516 again_under_lmqt: 1517 skb = br_multicast_alloc_query(br, pg, ip_dst, group, with_srcs, 1518 over_lmqt, sflag, &igmp_type, 1519 need_rexmit); 1520 if (!skb) 1521 return; 1522 1523 if (port) { 1524 skb->dev = port->dev; 1525 br_multicast_count(br, port, skb, igmp_type, 1526 BR_MCAST_DIR_TX); 1527 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, 1528 dev_net(port->dev), NULL, skb, NULL, skb->dev, 1529 br_dev_queue_push_xmit); 1530 1531 if (over_lmqt && with_srcs && sflag) { 1532 over_lmqt = false; 1533 goto again_under_lmqt; 1534 } 1535 } else { 1536 br_multicast_select_own_querier(br, group, skb); 1537 br_multicast_count(br, port, skb, igmp_type, 1538 BR_MCAST_DIR_RX); 1539 netif_rx(skb); 1540 } 1541 } 1542 1543 static void br_multicast_send_query(struct net_bridge *br, 1544 struct net_bridge_port *port, 1545 struct bridge_mcast_own_query *own_query) 1546 { 1547 struct bridge_mcast_other_query *other_query = NULL; 1548 struct br_ip br_group; 1549 unsigned long time; 1550 1551 if (!netif_running(br->dev) || 1552 !br_opt_get(br, BROPT_MULTICAST_ENABLED) || 1553 !br_opt_get(br, BROPT_MULTICAST_QUERIER)) 1554 return; 1555 1556 memset(&br_group.dst, 0, sizeof(br_group.dst)); 1557 1558 if (port ? (own_query == &port->ip4_own_query) : 1559 (own_query == &br->ip4_own_query)) { 1560 other_query = &br->ip4_other_query; 1561 br_group.proto = htons(ETH_P_IP); 1562 #if IS_ENABLED(CONFIG_IPV6) 1563 } else { 1564 other_query = &br->ip6_other_query; 1565 br_group.proto = htons(ETH_P_IPV6); 1566 #endif 1567 } 1568 1569 if (!other_query || timer_pending(&other_query->timer)) 1570 return; 1571 1572 __br_multicast_send_query(br, port, NULL, NULL, &br_group, false, 0, 1573 NULL); 1574 1575 time = jiffies; 1576 time += own_query->startup_sent < br->multicast_startup_query_count ? 1577 br->multicast_startup_query_interval : 1578 br->multicast_query_interval; 1579 mod_timer(&own_query->timer, time); 1580 } 1581 1582 static void 1583 br_multicast_port_query_expired(struct net_bridge_port *port, 1584 struct bridge_mcast_own_query *query) 1585 { 1586 struct net_bridge *br = port->br; 1587 1588 spin_lock(&br->multicast_lock); 1589 if (port->state == BR_STATE_DISABLED || 1590 port->state == BR_STATE_BLOCKING) 1591 goto out; 1592 1593 if (query->startup_sent < br->multicast_startup_query_count) 1594 query->startup_sent++; 1595 1596 br_multicast_send_query(port->br, port, query); 1597 1598 out: 1599 spin_unlock(&br->multicast_lock); 1600 } 1601 1602 static void br_ip4_multicast_port_query_expired(struct timer_list *t) 1603 { 1604 struct net_bridge_port *port = from_timer(port, t, ip4_own_query.timer); 1605 1606 br_multicast_port_query_expired(port, &port->ip4_own_query); 1607 } 1608 1609 #if IS_ENABLED(CONFIG_IPV6) 1610 static void br_ip6_multicast_port_query_expired(struct timer_list *t) 1611 { 1612 struct net_bridge_port *port = from_timer(port, t, ip6_own_query.timer); 1613 1614 br_multicast_port_query_expired(port, &port->ip6_own_query); 1615 } 1616 #endif 1617 1618 static void br_multicast_port_group_rexmit(struct timer_list *t) 1619 { 1620 struct net_bridge_port_group *pg = from_timer(pg, t, rexmit_timer); 1621 struct bridge_mcast_other_query *other_query = NULL; 1622 struct net_bridge *br = pg->key.port->br; 1623 bool need_rexmit = false; 1624 1625 spin_lock(&br->multicast_lock); 1626 if (!netif_running(br->dev) || hlist_unhashed(&pg->mglist) || 1627 !br_opt_get(br, BROPT_MULTICAST_ENABLED) || 1628 !br_opt_get(br, BROPT_MULTICAST_QUERIER)) 1629 goto out; 1630 1631 if (pg->key.addr.proto == htons(ETH_P_IP)) 1632 other_query = &br->ip4_other_query; 1633 #if IS_ENABLED(CONFIG_IPV6) 1634 else 1635 other_query = &br->ip6_other_query; 1636 #endif 1637 1638 if (!other_query || timer_pending(&other_query->timer)) 1639 goto out; 1640 1641 if (pg->grp_query_rexmit_cnt) { 1642 pg->grp_query_rexmit_cnt--; 1643 __br_multicast_send_query(br, pg->key.port, pg, &pg->key.addr, 1644 &pg->key.addr, false, 1, NULL); 1645 } 1646 __br_multicast_send_query(br, pg->key.port, pg, &pg->key.addr, 1647 &pg->key.addr, true, 0, &need_rexmit); 1648 1649 if (pg->grp_query_rexmit_cnt || need_rexmit) 1650 mod_timer(&pg->rexmit_timer, jiffies + 1651 br->multicast_last_member_interval); 1652 out: 1653 spin_unlock(&br->multicast_lock); 1654 } 1655 1656 static int br_mc_disabled_update(struct net_device *dev, bool value, 1657 struct netlink_ext_ack *extack) 1658 { 1659 struct switchdev_attr attr = { 1660 .orig_dev = dev, 1661 .id = SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED, 1662 .flags = SWITCHDEV_F_DEFER, 1663 .u.mc_disabled = !value, 1664 }; 1665 1666 return switchdev_port_attr_set(dev, &attr, extack); 1667 } 1668 1669 int br_multicast_add_port(struct net_bridge_port *port) 1670 { 1671 int err; 1672 1673 port->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 1674 port->multicast_eht_hosts_limit = BR_MCAST_DEFAULT_EHT_HOSTS_LIMIT; 1675 1676 timer_setup(&port->ip4_mc_router_timer, 1677 br_ip4_multicast_router_expired, 0); 1678 timer_setup(&port->ip4_own_query.timer, 1679 br_ip4_multicast_port_query_expired, 0); 1680 #if IS_ENABLED(CONFIG_IPV6) 1681 timer_setup(&port->ip6_mc_router_timer, 1682 br_ip6_multicast_router_expired, 0); 1683 timer_setup(&port->ip6_own_query.timer, 1684 br_ip6_multicast_port_query_expired, 0); 1685 #endif 1686 err = br_mc_disabled_update(port->dev, 1687 br_opt_get(port->br, 1688 BROPT_MULTICAST_ENABLED), 1689 NULL); 1690 if (err && err != -EOPNOTSUPP) 1691 return err; 1692 1693 port->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats); 1694 if (!port->mcast_stats) 1695 return -ENOMEM; 1696 1697 return 0; 1698 } 1699 1700 void br_multicast_del_port(struct net_bridge_port *port) 1701 { 1702 struct net_bridge *br = port->br; 1703 struct net_bridge_port_group *pg; 1704 HLIST_HEAD(deleted_head); 1705 struct hlist_node *n; 1706 1707 /* Take care of the remaining groups, only perm ones should be left */ 1708 spin_lock_bh(&br->multicast_lock); 1709 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist) 1710 br_multicast_find_del_pg(br, pg); 1711 hlist_move_list(&br->mcast_gc_list, &deleted_head); 1712 spin_unlock_bh(&br->multicast_lock); 1713 br_multicast_gc(&deleted_head); 1714 del_timer_sync(&port->ip4_mc_router_timer); 1715 #if IS_ENABLED(CONFIG_IPV6) 1716 del_timer_sync(&port->ip6_mc_router_timer); 1717 #endif 1718 free_percpu(port->mcast_stats); 1719 } 1720 1721 static void br_multicast_enable(struct bridge_mcast_own_query *query) 1722 { 1723 query->startup_sent = 0; 1724 1725 if (try_to_del_timer_sync(&query->timer) >= 0 || 1726 del_timer(&query->timer)) 1727 mod_timer(&query->timer, jiffies); 1728 } 1729 1730 static void __br_multicast_enable_port(struct net_bridge_port *port) 1731 { 1732 struct net_bridge *br = port->br; 1733 1734 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED) || !netif_running(br->dev)) 1735 return; 1736 1737 br_multicast_enable(&port->ip4_own_query); 1738 #if IS_ENABLED(CONFIG_IPV6) 1739 br_multicast_enable(&port->ip6_own_query); 1740 #endif 1741 if (port->multicast_router == MDB_RTR_TYPE_PERM) { 1742 br_ip4_multicast_add_router(br, port); 1743 br_ip6_multicast_add_router(br, port); 1744 } 1745 } 1746 1747 void br_multicast_enable_port(struct net_bridge_port *port) 1748 { 1749 struct net_bridge *br = port->br; 1750 1751 spin_lock(&br->multicast_lock); 1752 __br_multicast_enable_port(port); 1753 spin_unlock(&br->multicast_lock); 1754 } 1755 1756 void br_multicast_disable_port(struct net_bridge_port *port) 1757 { 1758 struct net_bridge *br = port->br; 1759 struct net_bridge_port_group *pg; 1760 struct hlist_node *n; 1761 bool del = false; 1762 1763 spin_lock(&br->multicast_lock); 1764 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist) 1765 if (!(pg->flags & MDB_PG_FLAGS_PERMANENT)) 1766 br_multicast_find_del_pg(br, pg); 1767 1768 del |= br_ip4_multicast_rport_del(port); 1769 del_timer(&port->ip4_mc_router_timer); 1770 del_timer(&port->ip4_own_query.timer); 1771 del |= br_ip6_multicast_rport_del(port); 1772 #if IS_ENABLED(CONFIG_IPV6) 1773 del_timer(&port->ip6_mc_router_timer); 1774 del_timer(&port->ip6_own_query.timer); 1775 #endif 1776 br_multicast_rport_del_notify(port, del); 1777 spin_unlock(&br->multicast_lock); 1778 } 1779 1780 static int __grp_src_delete_marked(struct net_bridge_port_group *pg) 1781 { 1782 struct net_bridge_group_src *ent; 1783 struct hlist_node *tmp; 1784 int deleted = 0; 1785 1786 hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node) 1787 if (ent->flags & BR_SGRP_F_DELETE) { 1788 br_multicast_del_group_src(ent, false); 1789 deleted++; 1790 } 1791 1792 return deleted; 1793 } 1794 1795 static void __grp_src_mod_timer(struct net_bridge_group_src *src, 1796 unsigned long expires) 1797 { 1798 mod_timer(&src->timer, expires); 1799 br_multicast_fwd_src_handle(src); 1800 } 1801 1802 static void __grp_src_query_marked_and_rexmit(struct net_bridge_port_group *pg) 1803 { 1804 struct bridge_mcast_other_query *other_query = NULL; 1805 struct net_bridge *br = pg->key.port->br; 1806 u32 lmqc = br->multicast_last_member_count; 1807 unsigned long lmqt, lmi, now = jiffies; 1808 struct net_bridge_group_src *ent; 1809 1810 if (!netif_running(br->dev) || 1811 !br_opt_get(br, BROPT_MULTICAST_ENABLED)) 1812 return; 1813 1814 if (pg->key.addr.proto == htons(ETH_P_IP)) 1815 other_query = &br->ip4_other_query; 1816 #if IS_ENABLED(CONFIG_IPV6) 1817 else 1818 other_query = &br->ip6_other_query; 1819 #endif 1820 1821 lmqt = now + br_multicast_lmqt(br); 1822 hlist_for_each_entry(ent, &pg->src_list, node) { 1823 if (ent->flags & BR_SGRP_F_SEND) { 1824 ent->flags &= ~BR_SGRP_F_SEND; 1825 if (ent->timer.expires > lmqt) { 1826 if (br_opt_get(br, BROPT_MULTICAST_QUERIER) && 1827 other_query && 1828 !timer_pending(&other_query->timer)) 1829 ent->src_query_rexmit_cnt = lmqc; 1830 __grp_src_mod_timer(ent, lmqt); 1831 } 1832 } 1833 } 1834 1835 if (!br_opt_get(br, BROPT_MULTICAST_QUERIER) || 1836 !other_query || timer_pending(&other_query->timer)) 1837 return; 1838 1839 __br_multicast_send_query(br, pg->key.port, pg, &pg->key.addr, 1840 &pg->key.addr, true, 1, NULL); 1841 1842 lmi = now + br->multicast_last_member_interval; 1843 if (!timer_pending(&pg->rexmit_timer) || 1844 time_after(pg->rexmit_timer.expires, lmi)) 1845 mod_timer(&pg->rexmit_timer, lmi); 1846 } 1847 1848 static void __grp_send_query_and_rexmit(struct net_bridge_port_group *pg) 1849 { 1850 struct bridge_mcast_other_query *other_query = NULL; 1851 struct net_bridge *br = pg->key.port->br; 1852 unsigned long now = jiffies, lmi; 1853 1854 if (!netif_running(br->dev) || 1855 !br_opt_get(br, BROPT_MULTICAST_ENABLED)) 1856 return; 1857 1858 if (pg->key.addr.proto == htons(ETH_P_IP)) 1859 other_query = &br->ip4_other_query; 1860 #if IS_ENABLED(CONFIG_IPV6) 1861 else 1862 other_query = &br->ip6_other_query; 1863 #endif 1864 1865 if (br_opt_get(br, BROPT_MULTICAST_QUERIER) && 1866 other_query && !timer_pending(&other_query->timer)) { 1867 lmi = now + br->multicast_last_member_interval; 1868 pg->grp_query_rexmit_cnt = br->multicast_last_member_count - 1; 1869 __br_multicast_send_query(br, pg->key.port, pg, &pg->key.addr, 1870 &pg->key.addr, false, 0, NULL); 1871 if (!timer_pending(&pg->rexmit_timer) || 1872 time_after(pg->rexmit_timer.expires, lmi)) 1873 mod_timer(&pg->rexmit_timer, lmi); 1874 } 1875 1876 if (pg->filter_mode == MCAST_EXCLUDE && 1877 (!timer_pending(&pg->timer) || 1878 time_after(pg->timer.expires, now + br_multicast_lmqt(br)))) 1879 mod_timer(&pg->timer, now + br_multicast_lmqt(br)); 1880 } 1881 1882 /* State Msg type New state Actions 1883 * INCLUDE (A) IS_IN (B) INCLUDE (A+B) (B)=GMI 1884 * INCLUDE (A) ALLOW (B) INCLUDE (A+B) (B)=GMI 1885 * EXCLUDE (X,Y) ALLOW (A) EXCLUDE (X+A,Y-A) (A)=GMI 1886 */ 1887 static bool br_multicast_isinc_allow(struct net_bridge_port_group *pg, void *h_addr, 1888 void *srcs, u32 nsrcs, size_t addr_size, 1889 int grec_type) 1890 { 1891 struct net_bridge *br = pg->key.port->br; 1892 struct net_bridge_group_src *ent; 1893 unsigned long now = jiffies; 1894 bool changed = false; 1895 struct br_ip src_ip; 1896 u32 src_idx; 1897 1898 memset(&src_ip, 0, sizeof(src_ip)); 1899 src_ip.proto = pg->key.addr.proto; 1900 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 1901 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 1902 ent = br_multicast_find_group_src(pg, &src_ip); 1903 if (!ent) { 1904 ent = br_multicast_new_group_src(pg, &src_ip); 1905 if (ent) 1906 changed = true; 1907 } 1908 1909 if (ent) 1910 __grp_src_mod_timer(ent, now + br_multicast_gmi(br)); 1911 } 1912 1913 if (br_multicast_eht_handle(pg, h_addr, srcs, nsrcs, addr_size, grec_type)) 1914 changed = true; 1915 1916 return changed; 1917 } 1918 1919 /* State Msg type New state Actions 1920 * INCLUDE (A) IS_EX (B) EXCLUDE (A*B,B-A) (B-A)=0 1921 * Delete (A-B) 1922 * Group Timer=GMI 1923 */ 1924 static void __grp_src_isexc_incl(struct net_bridge_port_group *pg, void *h_addr, 1925 void *srcs, u32 nsrcs, size_t addr_size, 1926 int grec_type) 1927 { 1928 struct net_bridge_group_src *ent; 1929 struct br_ip src_ip; 1930 u32 src_idx; 1931 1932 hlist_for_each_entry(ent, &pg->src_list, node) 1933 ent->flags |= BR_SGRP_F_DELETE; 1934 1935 memset(&src_ip, 0, sizeof(src_ip)); 1936 src_ip.proto = pg->key.addr.proto; 1937 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 1938 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 1939 ent = br_multicast_find_group_src(pg, &src_ip); 1940 if (ent) 1941 ent->flags &= ~BR_SGRP_F_DELETE; 1942 else 1943 ent = br_multicast_new_group_src(pg, &src_ip); 1944 if (ent) 1945 br_multicast_fwd_src_handle(ent); 1946 } 1947 1948 br_multicast_eht_handle(pg, h_addr, srcs, nsrcs, addr_size, grec_type); 1949 1950 __grp_src_delete_marked(pg); 1951 } 1952 1953 /* State Msg type New state Actions 1954 * EXCLUDE (X,Y) IS_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=GMI 1955 * Delete (X-A) 1956 * Delete (Y-A) 1957 * Group Timer=GMI 1958 */ 1959 static bool __grp_src_isexc_excl(struct net_bridge_port_group *pg, void *h_addr, 1960 void *srcs, u32 nsrcs, size_t addr_size, 1961 int grec_type) 1962 { 1963 struct net_bridge *br = pg->key.port->br; 1964 struct net_bridge_group_src *ent; 1965 unsigned long now = jiffies; 1966 bool changed = false; 1967 struct br_ip src_ip; 1968 u32 src_idx; 1969 1970 hlist_for_each_entry(ent, &pg->src_list, node) 1971 ent->flags |= BR_SGRP_F_DELETE; 1972 1973 memset(&src_ip, 0, sizeof(src_ip)); 1974 src_ip.proto = pg->key.addr.proto; 1975 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 1976 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 1977 ent = br_multicast_find_group_src(pg, &src_ip); 1978 if (ent) { 1979 ent->flags &= ~BR_SGRP_F_DELETE; 1980 } else { 1981 ent = br_multicast_new_group_src(pg, &src_ip); 1982 if (ent) { 1983 __grp_src_mod_timer(ent, 1984 now + br_multicast_gmi(br)); 1985 changed = true; 1986 } 1987 } 1988 } 1989 1990 if (br_multicast_eht_handle(pg, h_addr, srcs, nsrcs, addr_size, grec_type)) 1991 changed = true; 1992 1993 if (__grp_src_delete_marked(pg)) 1994 changed = true; 1995 1996 return changed; 1997 } 1998 1999 static bool br_multicast_isexc(struct net_bridge_port_group *pg, void *h_addr, 2000 void *srcs, u32 nsrcs, size_t addr_size, 2001 int grec_type) 2002 { 2003 struct net_bridge *br = pg->key.port->br; 2004 bool changed = false; 2005 2006 switch (pg->filter_mode) { 2007 case MCAST_INCLUDE: 2008 __grp_src_isexc_incl(pg, h_addr, srcs, nsrcs, addr_size, 2009 grec_type); 2010 br_multicast_star_g_handle_mode(pg, MCAST_EXCLUDE); 2011 changed = true; 2012 break; 2013 case MCAST_EXCLUDE: 2014 changed = __grp_src_isexc_excl(pg, h_addr, srcs, nsrcs, addr_size, 2015 grec_type); 2016 break; 2017 } 2018 2019 pg->filter_mode = MCAST_EXCLUDE; 2020 mod_timer(&pg->timer, jiffies + br_multicast_gmi(br)); 2021 2022 return changed; 2023 } 2024 2025 /* State Msg type New state Actions 2026 * INCLUDE (A) TO_IN (B) INCLUDE (A+B) (B)=GMI 2027 * Send Q(G,A-B) 2028 */ 2029 static bool __grp_src_toin_incl(struct net_bridge_port_group *pg, void *h_addr, 2030 void *srcs, u32 nsrcs, size_t addr_size, 2031 int grec_type) 2032 { 2033 struct net_bridge *br = pg->key.port->br; 2034 u32 src_idx, to_send = pg->src_ents; 2035 struct net_bridge_group_src *ent; 2036 unsigned long now = jiffies; 2037 bool changed = false; 2038 struct br_ip src_ip; 2039 2040 hlist_for_each_entry(ent, &pg->src_list, node) 2041 ent->flags |= BR_SGRP_F_SEND; 2042 2043 memset(&src_ip, 0, sizeof(src_ip)); 2044 src_ip.proto = pg->key.addr.proto; 2045 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2046 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2047 ent = br_multicast_find_group_src(pg, &src_ip); 2048 if (ent) { 2049 ent->flags &= ~BR_SGRP_F_SEND; 2050 to_send--; 2051 } else { 2052 ent = br_multicast_new_group_src(pg, &src_ip); 2053 if (ent) 2054 changed = true; 2055 } 2056 if (ent) 2057 __grp_src_mod_timer(ent, now + br_multicast_gmi(br)); 2058 } 2059 2060 if (br_multicast_eht_handle(pg, h_addr, srcs, nsrcs, addr_size, grec_type)) 2061 changed = true; 2062 2063 if (to_send) 2064 __grp_src_query_marked_and_rexmit(pg); 2065 2066 return changed; 2067 } 2068 2069 /* State Msg type New state Actions 2070 * EXCLUDE (X,Y) TO_IN (A) EXCLUDE (X+A,Y-A) (A)=GMI 2071 * Send Q(G,X-A) 2072 * Send Q(G) 2073 */ 2074 static bool __grp_src_toin_excl(struct net_bridge_port_group *pg, void *h_addr, 2075 void *srcs, u32 nsrcs, size_t addr_size, 2076 int grec_type) 2077 { 2078 struct net_bridge *br = pg->key.port->br; 2079 u32 src_idx, to_send = pg->src_ents; 2080 struct net_bridge_group_src *ent; 2081 unsigned long now = jiffies; 2082 bool changed = false; 2083 struct br_ip src_ip; 2084 2085 hlist_for_each_entry(ent, &pg->src_list, node) 2086 if (timer_pending(&ent->timer)) 2087 ent->flags |= BR_SGRP_F_SEND; 2088 2089 memset(&src_ip, 0, sizeof(src_ip)); 2090 src_ip.proto = pg->key.addr.proto; 2091 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2092 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2093 ent = br_multicast_find_group_src(pg, &src_ip); 2094 if (ent) { 2095 if (timer_pending(&ent->timer)) { 2096 ent->flags &= ~BR_SGRP_F_SEND; 2097 to_send--; 2098 } 2099 } else { 2100 ent = br_multicast_new_group_src(pg, &src_ip); 2101 if (ent) 2102 changed = true; 2103 } 2104 if (ent) 2105 __grp_src_mod_timer(ent, now + br_multicast_gmi(br)); 2106 } 2107 2108 if (br_multicast_eht_handle(pg, h_addr, srcs, nsrcs, addr_size, grec_type)) 2109 changed = true; 2110 2111 if (to_send) 2112 __grp_src_query_marked_and_rexmit(pg); 2113 2114 __grp_send_query_and_rexmit(pg); 2115 2116 return changed; 2117 } 2118 2119 static bool br_multicast_toin(struct net_bridge_port_group *pg, void *h_addr, 2120 void *srcs, u32 nsrcs, size_t addr_size, 2121 int grec_type) 2122 { 2123 bool changed = false; 2124 2125 switch (pg->filter_mode) { 2126 case MCAST_INCLUDE: 2127 changed = __grp_src_toin_incl(pg, h_addr, srcs, nsrcs, addr_size, 2128 grec_type); 2129 break; 2130 case MCAST_EXCLUDE: 2131 changed = __grp_src_toin_excl(pg, h_addr, srcs, nsrcs, addr_size, 2132 grec_type); 2133 break; 2134 } 2135 2136 if (br_multicast_eht_should_del_pg(pg)) { 2137 pg->flags |= MDB_PG_FLAGS_FAST_LEAVE; 2138 br_multicast_find_del_pg(pg->key.port->br, pg); 2139 /* a notification has already been sent and we shouldn't 2140 * access pg after the delete so we have to return false 2141 */ 2142 changed = false; 2143 } 2144 2145 return changed; 2146 } 2147 2148 /* State Msg type New state Actions 2149 * INCLUDE (A) TO_EX (B) EXCLUDE (A*B,B-A) (B-A)=0 2150 * Delete (A-B) 2151 * Send Q(G,A*B) 2152 * Group Timer=GMI 2153 */ 2154 static void __grp_src_toex_incl(struct net_bridge_port_group *pg, void *h_addr, 2155 void *srcs, u32 nsrcs, size_t addr_size, 2156 int grec_type) 2157 { 2158 struct net_bridge_group_src *ent; 2159 u32 src_idx, to_send = 0; 2160 struct br_ip src_ip; 2161 2162 hlist_for_each_entry(ent, &pg->src_list, node) 2163 ent->flags = (ent->flags & ~BR_SGRP_F_SEND) | BR_SGRP_F_DELETE; 2164 2165 memset(&src_ip, 0, sizeof(src_ip)); 2166 src_ip.proto = pg->key.addr.proto; 2167 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2168 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2169 ent = br_multicast_find_group_src(pg, &src_ip); 2170 if (ent) { 2171 ent->flags = (ent->flags & ~BR_SGRP_F_DELETE) | 2172 BR_SGRP_F_SEND; 2173 to_send++; 2174 } else { 2175 ent = br_multicast_new_group_src(pg, &src_ip); 2176 } 2177 if (ent) 2178 br_multicast_fwd_src_handle(ent); 2179 } 2180 2181 br_multicast_eht_handle(pg, h_addr, srcs, nsrcs, addr_size, grec_type); 2182 2183 __grp_src_delete_marked(pg); 2184 if (to_send) 2185 __grp_src_query_marked_and_rexmit(pg); 2186 } 2187 2188 /* State Msg type New state Actions 2189 * EXCLUDE (X,Y) TO_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=Group Timer 2190 * Delete (X-A) 2191 * Delete (Y-A) 2192 * Send Q(G,A-Y) 2193 * Group Timer=GMI 2194 */ 2195 static bool __grp_src_toex_excl(struct net_bridge_port_group *pg, void *h_addr, 2196 void *srcs, u32 nsrcs, size_t addr_size, 2197 int grec_type) 2198 { 2199 struct net_bridge_group_src *ent; 2200 u32 src_idx, to_send = 0; 2201 bool changed = false; 2202 struct br_ip src_ip; 2203 2204 hlist_for_each_entry(ent, &pg->src_list, node) 2205 ent->flags = (ent->flags & ~BR_SGRP_F_SEND) | BR_SGRP_F_DELETE; 2206 2207 memset(&src_ip, 0, sizeof(src_ip)); 2208 src_ip.proto = pg->key.addr.proto; 2209 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2210 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2211 ent = br_multicast_find_group_src(pg, &src_ip); 2212 if (ent) { 2213 ent->flags &= ~BR_SGRP_F_DELETE; 2214 } else { 2215 ent = br_multicast_new_group_src(pg, &src_ip); 2216 if (ent) { 2217 __grp_src_mod_timer(ent, pg->timer.expires); 2218 changed = true; 2219 } 2220 } 2221 if (ent && timer_pending(&ent->timer)) { 2222 ent->flags |= BR_SGRP_F_SEND; 2223 to_send++; 2224 } 2225 } 2226 2227 if (br_multicast_eht_handle(pg, h_addr, srcs, nsrcs, addr_size, grec_type)) 2228 changed = true; 2229 2230 if (__grp_src_delete_marked(pg)) 2231 changed = true; 2232 if (to_send) 2233 __grp_src_query_marked_and_rexmit(pg); 2234 2235 return changed; 2236 } 2237 2238 static bool br_multicast_toex(struct net_bridge_port_group *pg, void *h_addr, 2239 void *srcs, u32 nsrcs, size_t addr_size, 2240 int grec_type) 2241 { 2242 struct net_bridge *br = pg->key.port->br; 2243 bool changed = false; 2244 2245 switch (pg->filter_mode) { 2246 case MCAST_INCLUDE: 2247 __grp_src_toex_incl(pg, h_addr, srcs, nsrcs, addr_size, 2248 grec_type); 2249 br_multicast_star_g_handle_mode(pg, MCAST_EXCLUDE); 2250 changed = true; 2251 break; 2252 case MCAST_EXCLUDE: 2253 changed = __grp_src_toex_excl(pg, h_addr, srcs, nsrcs, addr_size, 2254 grec_type); 2255 break; 2256 } 2257 2258 pg->filter_mode = MCAST_EXCLUDE; 2259 mod_timer(&pg->timer, jiffies + br_multicast_gmi(br)); 2260 2261 return changed; 2262 } 2263 2264 /* State Msg type New state Actions 2265 * INCLUDE (A) BLOCK (B) INCLUDE (A) Send Q(G,A*B) 2266 */ 2267 static bool __grp_src_block_incl(struct net_bridge_port_group *pg, void *h_addr, 2268 void *srcs, u32 nsrcs, size_t addr_size, int grec_type) 2269 { 2270 struct net_bridge_group_src *ent; 2271 u32 src_idx, to_send = 0; 2272 bool changed = false; 2273 struct br_ip src_ip; 2274 2275 hlist_for_each_entry(ent, &pg->src_list, node) 2276 ent->flags &= ~BR_SGRP_F_SEND; 2277 2278 memset(&src_ip, 0, sizeof(src_ip)); 2279 src_ip.proto = pg->key.addr.proto; 2280 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2281 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2282 ent = br_multicast_find_group_src(pg, &src_ip); 2283 if (ent) { 2284 ent->flags |= BR_SGRP_F_SEND; 2285 to_send++; 2286 } 2287 } 2288 2289 if (br_multicast_eht_handle(pg, h_addr, srcs, nsrcs, addr_size, grec_type)) 2290 changed = true; 2291 2292 if (to_send) 2293 __grp_src_query_marked_and_rexmit(pg); 2294 2295 return changed; 2296 } 2297 2298 /* State Msg type New state Actions 2299 * EXCLUDE (X,Y) BLOCK (A) EXCLUDE (X+(A-Y),Y) (A-X-Y)=Group Timer 2300 * Send Q(G,A-Y) 2301 */ 2302 static bool __grp_src_block_excl(struct net_bridge_port_group *pg, void *h_addr, 2303 void *srcs, u32 nsrcs, size_t addr_size, int grec_type) 2304 { 2305 struct net_bridge_group_src *ent; 2306 u32 src_idx, to_send = 0; 2307 bool changed = false; 2308 struct br_ip src_ip; 2309 2310 hlist_for_each_entry(ent, &pg->src_list, node) 2311 ent->flags &= ~BR_SGRP_F_SEND; 2312 2313 memset(&src_ip, 0, sizeof(src_ip)); 2314 src_ip.proto = pg->key.addr.proto; 2315 for (src_idx = 0; src_idx < nsrcs; src_idx++) { 2316 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size); 2317 ent = br_multicast_find_group_src(pg, &src_ip); 2318 if (!ent) { 2319 ent = br_multicast_new_group_src(pg, &src_ip); 2320 if (ent) { 2321 __grp_src_mod_timer(ent, pg->timer.expires); 2322 changed = true; 2323 } 2324 } 2325 if (ent && timer_pending(&ent->timer)) { 2326 ent->flags |= BR_SGRP_F_SEND; 2327 to_send++; 2328 } 2329 } 2330 2331 if (br_multicast_eht_handle(pg, h_addr, srcs, nsrcs, addr_size, grec_type)) 2332 changed = true; 2333 2334 if (to_send) 2335 __grp_src_query_marked_and_rexmit(pg); 2336 2337 return changed; 2338 } 2339 2340 static bool br_multicast_block(struct net_bridge_port_group *pg, void *h_addr, 2341 void *srcs, u32 nsrcs, size_t addr_size, int grec_type) 2342 { 2343 bool changed = false; 2344 2345 switch (pg->filter_mode) { 2346 case MCAST_INCLUDE: 2347 changed = __grp_src_block_incl(pg, h_addr, srcs, nsrcs, addr_size, 2348 grec_type); 2349 break; 2350 case MCAST_EXCLUDE: 2351 changed = __grp_src_block_excl(pg, h_addr, srcs, nsrcs, addr_size, 2352 grec_type); 2353 break; 2354 } 2355 2356 if ((pg->filter_mode == MCAST_INCLUDE && hlist_empty(&pg->src_list)) || 2357 br_multicast_eht_should_del_pg(pg)) { 2358 if (br_multicast_eht_should_del_pg(pg)) 2359 pg->flags |= MDB_PG_FLAGS_FAST_LEAVE; 2360 br_multicast_find_del_pg(pg->key.port->br, pg); 2361 /* a notification has already been sent and we shouldn't 2362 * access pg after the delete so we have to return false 2363 */ 2364 changed = false; 2365 } 2366 2367 return changed; 2368 } 2369 2370 static struct net_bridge_port_group * 2371 br_multicast_find_port(struct net_bridge_mdb_entry *mp, 2372 struct net_bridge_port *p, 2373 const unsigned char *src) 2374 { 2375 struct net_bridge *br __maybe_unused = mp->br; 2376 struct net_bridge_port_group *pg; 2377 2378 for (pg = mlock_dereference(mp->ports, br); 2379 pg; 2380 pg = mlock_dereference(pg->next, br)) 2381 if (br_port_group_equal(pg, p, src)) 2382 return pg; 2383 2384 return NULL; 2385 } 2386 2387 static int br_ip4_multicast_igmp3_report(struct net_bridge *br, 2388 struct net_bridge_port *port, 2389 struct sk_buff *skb, 2390 u16 vid) 2391 { 2392 bool igmpv2 = br->multicast_igmp_version == 2; 2393 struct net_bridge_mdb_entry *mdst; 2394 struct net_bridge_port_group *pg; 2395 const unsigned char *src; 2396 struct igmpv3_report *ih; 2397 struct igmpv3_grec *grec; 2398 int i, len, num, type; 2399 __be32 group, *h_addr; 2400 bool changed = false; 2401 int err = 0; 2402 u16 nsrcs; 2403 2404 ih = igmpv3_report_hdr(skb); 2405 num = ntohs(ih->ngrec); 2406 len = skb_transport_offset(skb) + sizeof(*ih); 2407 2408 for (i = 0; i < num; i++) { 2409 len += sizeof(*grec); 2410 if (!ip_mc_may_pull(skb, len)) 2411 return -EINVAL; 2412 2413 grec = (void *)(skb->data + len - sizeof(*grec)); 2414 group = grec->grec_mca; 2415 type = grec->grec_type; 2416 nsrcs = ntohs(grec->grec_nsrcs); 2417 2418 len += nsrcs * 4; 2419 if (!ip_mc_may_pull(skb, len)) 2420 return -EINVAL; 2421 2422 switch (type) { 2423 case IGMPV3_MODE_IS_INCLUDE: 2424 case IGMPV3_MODE_IS_EXCLUDE: 2425 case IGMPV3_CHANGE_TO_INCLUDE: 2426 case IGMPV3_CHANGE_TO_EXCLUDE: 2427 case IGMPV3_ALLOW_NEW_SOURCES: 2428 case IGMPV3_BLOCK_OLD_SOURCES: 2429 break; 2430 2431 default: 2432 continue; 2433 } 2434 2435 src = eth_hdr(skb)->h_source; 2436 if (nsrcs == 0 && 2437 (type == IGMPV3_CHANGE_TO_INCLUDE || 2438 type == IGMPV3_MODE_IS_INCLUDE)) { 2439 if (!port || igmpv2) { 2440 br_ip4_multicast_leave_group(br, port, group, vid, src); 2441 continue; 2442 } 2443 } else { 2444 err = br_ip4_multicast_add_group(br, port, group, vid, 2445 src, igmpv2); 2446 if (err) 2447 break; 2448 } 2449 2450 if (!port || igmpv2) 2451 continue; 2452 2453 spin_lock_bh(&br->multicast_lock); 2454 mdst = br_mdb_ip4_get(br, group, vid); 2455 if (!mdst) 2456 goto unlock_continue; 2457 pg = br_multicast_find_port(mdst, port, src); 2458 if (!pg || (pg->flags & MDB_PG_FLAGS_PERMANENT)) 2459 goto unlock_continue; 2460 /* reload grec and host addr */ 2461 grec = (void *)(skb->data + len - sizeof(*grec) - (nsrcs * 4)); 2462 h_addr = &ip_hdr(skb)->saddr; 2463 switch (type) { 2464 case IGMPV3_ALLOW_NEW_SOURCES: 2465 changed = br_multicast_isinc_allow(pg, h_addr, grec->grec_src, 2466 nsrcs, sizeof(__be32), type); 2467 break; 2468 case IGMPV3_MODE_IS_INCLUDE: 2469 changed = br_multicast_isinc_allow(pg, h_addr, grec->grec_src, 2470 nsrcs, sizeof(__be32), type); 2471 break; 2472 case IGMPV3_MODE_IS_EXCLUDE: 2473 changed = br_multicast_isexc(pg, h_addr, grec->grec_src, 2474 nsrcs, sizeof(__be32), type); 2475 break; 2476 case IGMPV3_CHANGE_TO_INCLUDE: 2477 changed = br_multicast_toin(pg, h_addr, grec->grec_src, 2478 nsrcs, sizeof(__be32), type); 2479 break; 2480 case IGMPV3_CHANGE_TO_EXCLUDE: 2481 changed = br_multicast_toex(pg, h_addr, grec->grec_src, 2482 nsrcs, sizeof(__be32), type); 2483 break; 2484 case IGMPV3_BLOCK_OLD_SOURCES: 2485 changed = br_multicast_block(pg, h_addr, grec->grec_src, 2486 nsrcs, sizeof(__be32), type); 2487 break; 2488 } 2489 if (changed) 2490 br_mdb_notify(br->dev, mdst, pg, RTM_NEWMDB); 2491 unlock_continue: 2492 spin_unlock_bh(&br->multicast_lock); 2493 } 2494 2495 return err; 2496 } 2497 2498 #if IS_ENABLED(CONFIG_IPV6) 2499 static int br_ip6_multicast_mld2_report(struct net_bridge *br, 2500 struct net_bridge_port *port, 2501 struct sk_buff *skb, 2502 u16 vid) 2503 { 2504 bool mldv1 = br->multicast_mld_version == 1; 2505 struct net_bridge_mdb_entry *mdst; 2506 struct net_bridge_port_group *pg; 2507 unsigned int nsrcs_offset; 2508 const unsigned char *src; 2509 struct icmp6hdr *icmp6h; 2510 struct in6_addr *h_addr; 2511 struct mld2_grec *grec; 2512 unsigned int grec_len; 2513 bool changed = false; 2514 int i, len, num; 2515 int err = 0; 2516 2517 if (!ipv6_mc_may_pull(skb, sizeof(*icmp6h))) 2518 return -EINVAL; 2519 2520 icmp6h = icmp6_hdr(skb); 2521 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]); 2522 len = skb_transport_offset(skb) + sizeof(*icmp6h); 2523 2524 for (i = 0; i < num; i++) { 2525 __be16 *_nsrcs, __nsrcs; 2526 u16 nsrcs; 2527 2528 nsrcs_offset = len + offsetof(struct mld2_grec, grec_nsrcs); 2529 2530 if (skb_transport_offset(skb) + ipv6_transport_len(skb) < 2531 nsrcs_offset + sizeof(__nsrcs)) 2532 return -EINVAL; 2533 2534 _nsrcs = skb_header_pointer(skb, nsrcs_offset, 2535 sizeof(__nsrcs), &__nsrcs); 2536 if (!_nsrcs) 2537 return -EINVAL; 2538 2539 nsrcs = ntohs(*_nsrcs); 2540 grec_len = struct_size(grec, grec_src, nsrcs); 2541 2542 if (!ipv6_mc_may_pull(skb, len + grec_len)) 2543 return -EINVAL; 2544 2545 grec = (struct mld2_grec *)(skb->data + len); 2546 len += grec_len; 2547 2548 switch (grec->grec_type) { 2549 case MLD2_MODE_IS_INCLUDE: 2550 case MLD2_MODE_IS_EXCLUDE: 2551 case MLD2_CHANGE_TO_INCLUDE: 2552 case MLD2_CHANGE_TO_EXCLUDE: 2553 case MLD2_ALLOW_NEW_SOURCES: 2554 case MLD2_BLOCK_OLD_SOURCES: 2555 break; 2556 2557 default: 2558 continue; 2559 } 2560 2561 src = eth_hdr(skb)->h_source; 2562 if ((grec->grec_type == MLD2_CHANGE_TO_INCLUDE || 2563 grec->grec_type == MLD2_MODE_IS_INCLUDE) && 2564 nsrcs == 0) { 2565 if (!port || mldv1) { 2566 br_ip6_multicast_leave_group(br, port, 2567 &grec->grec_mca, 2568 vid, src); 2569 continue; 2570 } 2571 } else { 2572 err = br_ip6_multicast_add_group(br, port, 2573 &grec->grec_mca, vid, 2574 src, mldv1); 2575 if (err) 2576 break; 2577 } 2578 2579 if (!port || mldv1) 2580 continue; 2581 2582 spin_lock_bh(&br->multicast_lock); 2583 mdst = br_mdb_ip6_get(br, &grec->grec_mca, vid); 2584 if (!mdst) 2585 goto unlock_continue; 2586 pg = br_multicast_find_port(mdst, port, src); 2587 if (!pg || (pg->flags & MDB_PG_FLAGS_PERMANENT)) 2588 goto unlock_continue; 2589 h_addr = &ipv6_hdr(skb)->saddr; 2590 switch (grec->grec_type) { 2591 case MLD2_ALLOW_NEW_SOURCES: 2592 changed = br_multicast_isinc_allow(pg, h_addr, 2593 grec->grec_src, nsrcs, 2594 sizeof(struct in6_addr), 2595 grec->grec_type); 2596 break; 2597 case MLD2_MODE_IS_INCLUDE: 2598 changed = br_multicast_isinc_allow(pg, h_addr, 2599 grec->grec_src, nsrcs, 2600 sizeof(struct in6_addr), 2601 grec->grec_type); 2602 break; 2603 case MLD2_MODE_IS_EXCLUDE: 2604 changed = br_multicast_isexc(pg, h_addr, 2605 grec->grec_src, nsrcs, 2606 sizeof(struct in6_addr), 2607 grec->grec_type); 2608 break; 2609 case MLD2_CHANGE_TO_INCLUDE: 2610 changed = br_multicast_toin(pg, h_addr, 2611 grec->grec_src, nsrcs, 2612 sizeof(struct in6_addr), 2613 grec->grec_type); 2614 break; 2615 case MLD2_CHANGE_TO_EXCLUDE: 2616 changed = br_multicast_toex(pg, h_addr, 2617 grec->grec_src, nsrcs, 2618 sizeof(struct in6_addr), 2619 grec->grec_type); 2620 break; 2621 case MLD2_BLOCK_OLD_SOURCES: 2622 changed = br_multicast_block(pg, h_addr, 2623 grec->grec_src, nsrcs, 2624 sizeof(struct in6_addr), 2625 grec->grec_type); 2626 break; 2627 } 2628 if (changed) 2629 br_mdb_notify(br->dev, mdst, pg, RTM_NEWMDB); 2630 unlock_continue: 2631 spin_unlock_bh(&br->multicast_lock); 2632 } 2633 2634 return err; 2635 } 2636 #endif 2637 2638 static bool br_ip4_multicast_select_querier(struct net_bridge *br, 2639 struct net_bridge_port *port, 2640 __be32 saddr) 2641 { 2642 if (!timer_pending(&br->ip4_own_query.timer) && 2643 !timer_pending(&br->ip4_other_query.timer)) 2644 goto update; 2645 2646 if (!br->ip4_querier.addr.src.ip4) 2647 goto update; 2648 2649 if (ntohl(saddr) <= ntohl(br->ip4_querier.addr.src.ip4)) 2650 goto update; 2651 2652 return false; 2653 2654 update: 2655 br->ip4_querier.addr.src.ip4 = saddr; 2656 2657 /* update protected by general multicast_lock by caller */ 2658 rcu_assign_pointer(br->ip4_querier.port, port); 2659 2660 return true; 2661 } 2662 2663 #if IS_ENABLED(CONFIG_IPV6) 2664 static bool br_ip6_multicast_select_querier(struct net_bridge *br, 2665 struct net_bridge_port *port, 2666 struct in6_addr *saddr) 2667 { 2668 if (!timer_pending(&br->ip6_own_query.timer) && 2669 !timer_pending(&br->ip6_other_query.timer)) 2670 goto update; 2671 2672 if (ipv6_addr_cmp(saddr, &br->ip6_querier.addr.src.ip6) <= 0) 2673 goto update; 2674 2675 return false; 2676 2677 update: 2678 br->ip6_querier.addr.src.ip6 = *saddr; 2679 2680 /* update protected by general multicast_lock by caller */ 2681 rcu_assign_pointer(br->ip6_querier.port, port); 2682 2683 return true; 2684 } 2685 #endif 2686 2687 static void 2688 br_multicast_update_query_timer(struct net_bridge *br, 2689 struct bridge_mcast_other_query *query, 2690 unsigned long max_delay) 2691 { 2692 if (!timer_pending(&query->timer)) 2693 query->delay_time = jiffies + max_delay; 2694 2695 mod_timer(&query->timer, jiffies + br->multicast_querier_interval); 2696 } 2697 2698 static void br_port_mc_router_state_change(struct net_bridge_port *p, 2699 bool is_mc_router) 2700 { 2701 struct switchdev_attr attr = { 2702 .orig_dev = p->dev, 2703 .id = SWITCHDEV_ATTR_ID_PORT_MROUTER, 2704 .flags = SWITCHDEV_F_DEFER, 2705 .u.mrouter = is_mc_router, 2706 }; 2707 2708 switchdev_port_attr_set(p->dev, &attr, NULL); 2709 } 2710 2711 static struct net_bridge_port * 2712 br_multicast_rport_from_node(struct net_bridge *br, 2713 struct hlist_head *mc_router_list, 2714 struct hlist_node *rlist) 2715 { 2716 #if IS_ENABLED(CONFIG_IPV6) 2717 if (mc_router_list == &br->ip6_mc_router_list) 2718 return hlist_entry(rlist, struct net_bridge_port, ip6_rlist); 2719 #endif 2720 return hlist_entry(rlist, struct net_bridge_port, ip4_rlist); 2721 } 2722 2723 static struct hlist_node * 2724 br_multicast_get_rport_slot(struct net_bridge *br, 2725 struct net_bridge_port *port, 2726 struct hlist_head *mc_router_list) 2727 2728 { 2729 struct hlist_node *slot = NULL; 2730 struct net_bridge_port *p; 2731 struct hlist_node *rlist; 2732 2733 hlist_for_each(rlist, mc_router_list) { 2734 p = br_multicast_rport_from_node(br, mc_router_list, rlist); 2735 2736 if ((unsigned long)port >= (unsigned long)p) 2737 break; 2738 2739 slot = rlist; 2740 } 2741 2742 return slot; 2743 } 2744 2745 static bool br_multicast_no_router_otherpf(struct net_bridge_port *port, 2746 struct hlist_node *rnode) 2747 { 2748 #if IS_ENABLED(CONFIG_IPV6) 2749 if (rnode != &port->ip6_rlist) 2750 return hlist_unhashed(&port->ip6_rlist); 2751 else 2752 return hlist_unhashed(&port->ip4_rlist); 2753 #else 2754 return true; 2755 #endif 2756 } 2757 2758 /* Add port to router_list 2759 * list is maintained ordered by pointer value 2760 * and locked by br->multicast_lock and RCU 2761 */ 2762 static void br_multicast_add_router(struct net_bridge *br, 2763 struct net_bridge_port *port, 2764 struct hlist_node *rlist, 2765 struct hlist_head *mc_router_list) 2766 { 2767 struct hlist_node *slot; 2768 2769 if (!hlist_unhashed(rlist)) 2770 return; 2771 2772 slot = br_multicast_get_rport_slot(br, port, mc_router_list); 2773 2774 if (slot) 2775 hlist_add_behind_rcu(rlist, slot); 2776 else 2777 hlist_add_head_rcu(rlist, mc_router_list); 2778 2779 /* For backwards compatibility for now, only notify if we 2780 * switched from no IPv4/IPv6 multicast router to a new 2781 * IPv4 or IPv6 multicast router. 2782 */ 2783 if (br_multicast_no_router_otherpf(port, rlist)) { 2784 br_rtr_notify(br->dev, port, RTM_NEWMDB); 2785 br_port_mc_router_state_change(port, true); 2786 } 2787 } 2788 2789 /* Add port to router_list 2790 * list is maintained ordered by pointer value 2791 * and locked by br->multicast_lock and RCU 2792 */ 2793 static void br_ip4_multicast_add_router(struct net_bridge *br, 2794 struct net_bridge_port *port) 2795 { 2796 br_multicast_add_router(br, port, &port->ip4_rlist, 2797 &br->ip4_mc_router_list); 2798 } 2799 2800 /* Add port to router_list 2801 * list is maintained ordered by pointer value 2802 * and locked by br->multicast_lock and RCU 2803 */ 2804 static void br_ip6_multicast_add_router(struct net_bridge *br, 2805 struct net_bridge_port *port) 2806 { 2807 #if IS_ENABLED(CONFIG_IPV6) 2808 br_multicast_add_router(br, port, &port->ip6_rlist, 2809 &br->ip6_mc_router_list); 2810 #endif 2811 } 2812 2813 static void br_multicast_mark_router(struct net_bridge *br, 2814 struct net_bridge_port *port, 2815 struct timer_list *timer, 2816 struct hlist_node *rlist, 2817 struct hlist_head *mc_router_list) 2818 { 2819 unsigned long now = jiffies; 2820 2821 if (!port) { 2822 if (br->multicast_router == MDB_RTR_TYPE_TEMP_QUERY) { 2823 if (!br_ip4_multicast_is_router(br) && 2824 !br_ip6_multicast_is_router(br)) 2825 br_mc_router_state_change(br, true); 2826 mod_timer(timer, now + br->multicast_querier_interval); 2827 } 2828 return; 2829 } 2830 2831 if (port->multicast_router == MDB_RTR_TYPE_DISABLED || 2832 port->multicast_router == MDB_RTR_TYPE_PERM) 2833 return; 2834 2835 br_multicast_add_router(br, port, rlist, mc_router_list); 2836 mod_timer(timer, now + br->multicast_querier_interval); 2837 } 2838 2839 static void br_ip4_multicast_mark_router(struct net_bridge *br, 2840 struct net_bridge_port *port) 2841 { 2842 struct timer_list *timer = &br->ip4_mc_router_timer; 2843 struct hlist_node *rlist = NULL; 2844 2845 if (port) { 2846 timer = &port->ip4_mc_router_timer; 2847 rlist = &port->ip4_rlist; 2848 } 2849 2850 br_multicast_mark_router(br, port, timer, rlist, 2851 &br->ip4_mc_router_list); 2852 } 2853 2854 static void br_ip6_multicast_mark_router(struct net_bridge *br, 2855 struct net_bridge_port *port) 2856 { 2857 #if IS_ENABLED(CONFIG_IPV6) 2858 struct timer_list *timer = &br->ip6_mc_router_timer; 2859 struct hlist_node *rlist = NULL; 2860 2861 if (port) { 2862 timer = &port->ip6_mc_router_timer; 2863 rlist = &port->ip6_rlist; 2864 } 2865 2866 br_multicast_mark_router(br, port, timer, rlist, 2867 &br->ip6_mc_router_list); 2868 #endif 2869 } 2870 2871 static void 2872 br_ip4_multicast_query_received(struct net_bridge *br, 2873 struct net_bridge_port *port, 2874 struct bridge_mcast_other_query *query, 2875 struct br_ip *saddr, 2876 unsigned long max_delay) 2877 { 2878 if (!br_ip4_multicast_select_querier(br, port, saddr->src.ip4)) 2879 return; 2880 2881 br_multicast_update_query_timer(br, query, max_delay); 2882 br_ip4_multicast_mark_router(br, port); 2883 } 2884 2885 #if IS_ENABLED(CONFIG_IPV6) 2886 static void 2887 br_ip6_multicast_query_received(struct net_bridge *br, 2888 struct net_bridge_port *port, 2889 struct bridge_mcast_other_query *query, 2890 struct br_ip *saddr, 2891 unsigned long max_delay) 2892 { 2893 if (!br_ip6_multicast_select_querier(br, port, &saddr->src.ip6)) 2894 return; 2895 2896 br_multicast_update_query_timer(br, query, max_delay); 2897 br_ip6_multicast_mark_router(br, port); 2898 } 2899 #endif 2900 2901 static void br_ip4_multicast_query(struct net_bridge *br, 2902 struct net_bridge_port *port, 2903 struct sk_buff *skb, 2904 u16 vid) 2905 { 2906 unsigned int transport_len = ip_transport_len(skb); 2907 const struct iphdr *iph = ip_hdr(skb); 2908 struct igmphdr *ih = igmp_hdr(skb); 2909 struct net_bridge_mdb_entry *mp; 2910 struct igmpv3_query *ih3; 2911 struct net_bridge_port_group *p; 2912 struct net_bridge_port_group __rcu **pp; 2913 struct br_ip saddr; 2914 unsigned long max_delay; 2915 unsigned long now = jiffies; 2916 __be32 group; 2917 2918 spin_lock(&br->multicast_lock); 2919 if (!netif_running(br->dev) || 2920 (port && port->state == BR_STATE_DISABLED)) 2921 goto out; 2922 2923 group = ih->group; 2924 2925 if (transport_len == sizeof(*ih)) { 2926 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE); 2927 2928 if (!max_delay) { 2929 max_delay = 10 * HZ; 2930 group = 0; 2931 } 2932 } else if (transport_len >= sizeof(*ih3)) { 2933 ih3 = igmpv3_query_hdr(skb); 2934 if (ih3->nsrcs || 2935 (br->multicast_igmp_version == 3 && group && ih3->suppress)) 2936 goto out; 2937 2938 max_delay = ih3->code ? 2939 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1; 2940 } else { 2941 goto out; 2942 } 2943 2944 if (!group) { 2945 saddr.proto = htons(ETH_P_IP); 2946 saddr.src.ip4 = iph->saddr; 2947 2948 br_ip4_multicast_query_received(br, port, &br->ip4_other_query, 2949 &saddr, max_delay); 2950 goto out; 2951 } 2952 2953 mp = br_mdb_ip4_get(br, group, vid); 2954 if (!mp) 2955 goto out; 2956 2957 max_delay *= br->multicast_last_member_count; 2958 2959 if (mp->host_joined && 2960 (timer_pending(&mp->timer) ? 2961 time_after(mp->timer.expires, now + max_delay) : 2962 try_to_del_timer_sync(&mp->timer) >= 0)) 2963 mod_timer(&mp->timer, now + max_delay); 2964 2965 for (pp = &mp->ports; 2966 (p = mlock_dereference(*pp, br)) != NULL; 2967 pp = &p->next) { 2968 if (timer_pending(&p->timer) ? 2969 time_after(p->timer.expires, now + max_delay) : 2970 try_to_del_timer_sync(&p->timer) >= 0 && 2971 (br->multicast_igmp_version == 2 || 2972 p->filter_mode == MCAST_EXCLUDE)) 2973 mod_timer(&p->timer, now + max_delay); 2974 } 2975 2976 out: 2977 spin_unlock(&br->multicast_lock); 2978 } 2979 2980 #if IS_ENABLED(CONFIG_IPV6) 2981 static int br_ip6_multicast_query(struct net_bridge *br, 2982 struct net_bridge_port *port, 2983 struct sk_buff *skb, 2984 u16 vid) 2985 { 2986 unsigned int transport_len = ipv6_transport_len(skb); 2987 struct mld_msg *mld; 2988 struct net_bridge_mdb_entry *mp; 2989 struct mld2_query *mld2q; 2990 struct net_bridge_port_group *p; 2991 struct net_bridge_port_group __rcu **pp; 2992 struct br_ip saddr; 2993 unsigned long max_delay; 2994 unsigned long now = jiffies; 2995 unsigned int offset = skb_transport_offset(skb); 2996 const struct in6_addr *group = NULL; 2997 bool is_general_query; 2998 int err = 0; 2999 3000 spin_lock(&br->multicast_lock); 3001 if (!netif_running(br->dev) || 3002 (port && port->state == BR_STATE_DISABLED)) 3003 goto out; 3004 3005 if (transport_len == sizeof(*mld)) { 3006 if (!pskb_may_pull(skb, offset + sizeof(*mld))) { 3007 err = -EINVAL; 3008 goto out; 3009 } 3010 mld = (struct mld_msg *) icmp6_hdr(skb); 3011 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay)); 3012 if (max_delay) 3013 group = &mld->mld_mca; 3014 } else { 3015 if (!pskb_may_pull(skb, offset + sizeof(*mld2q))) { 3016 err = -EINVAL; 3017 goto out; 3018 } 3019 mld2q = (struct mld2_query *)icmp6_hdr(skb); 3020 if (!mld2q->mld2q_nsrcs) 3021 group = &mld2q->mld2q_mca; 3022 if (br->multicast_mld_version == 2 && 3023 !ipv6_addr_any(&mld2q->mld2q_mca) && 3024 mld2q->mld2q_suppress) 3025 goto out; 3026 3027 max_delay = max(msecs_to_jiffies(mldv2_mrc(mld2q)), 1UL); 3028 } 3029 3030 is_general_query = group && ipv6_addr_any(group); 3031 3032 if (is_general_query) { 3033 saddr.proto = htons(ETH_P_IPV6); 3034 saddr.src.ip6 = ipv6_hdr(skb)->saddr; 3035 3036 br_ip6_multicast_query_received(br, port, &br->ip6_other_query, 3037 &saddr, max_delay); 3038 goto out; 3039 } else if (!group) { 3040 goto out; 3041 } 3042 3043 mp = br_mdb_ip6_get(br, group, vid); 3044 if (!mp) 3045 goto out; 3046 3047 max_delay *= br->multicast_last_member_count; 3048 if (mp->host_joined && 3049 (timer_pending(&mp->timer) ? 3050 time_after(mp->timer.expires, now + max_delay) : 3051 try_to_del_timer_sync(&mp->timer) >= 0)) 3052 mod_timer(&mp->timer, now + max_delay); 3053 3054 for (pp = &mp->ports; 3055 (p = mlock_dereference(*pp, br)) != NULL; 3056 pp = &p->next) { 3057 if (timer_pending(&p->timer) ? 3058 time_after(p->timer.expires, now + max_delay) : 3059 try_to_del_timer_sync(&p->timer) >= 0 && 3060 (br->multicast_mld_version == 1 || 3061 p->filter_mode == MCAST_EXCLUDE)) 3062 mod_timer(&p->timer, now + max_delay); 3063 } 3064 3065 out: 3066 spin_unlock(&br->multicast_lock); 3067 return err; 3068 } 3069 #endif 3070 3071 static void 3072 br_multicast_leave_group(struct net_bridge *br, 3073 struct net_bridge_port *port, 3074 struct br_ip *group, 3075 struct bridge_mcast_other_query *other_query, 3076 struct bridge_mcast_own_query *own_query, 3077 const unsigned char *src) 3078 { 3079 struct net_bridge_mdb_entry *mp; 3080 struct net_bridge_port_group *p; 3081 unsigned long now; 3082 unsigned long time; 3083 3084 spin_lock(&br->multicast_lock); 3085 if (!netif_running(br->dev) || 3086 (port && port->state == BR_STATE_DISABLED)) 3087 goto out; 3088 3089 mp = br_mdb_ip_get(br, group); 3090 if (!mp) 3091 goto out; 3092 3093 if (port && (port->flags & BR_MULTICAST_FAST_LEAVE)) { 3094 struct net_bridge_port_group __rcu **pp; 3095 3096 for (pp = &mp->ports; 3097 (p = mlock_dereference(*pp, br)) != NULL; 3098 pp = &p->next) { 3099 if (!br_port_group_equal(p, port, src)) 3100 continue; 3101 3102 if (p->flags & MDB_PG_FLAGS_PERMANENT) 3103 break; 3104 3105 p->flags |= MDB_PG_FLAGS_FAST_LEAVE; 3106 br_multicast_del_pg(mp, p, pp); 3107 } 3108 goto out; 3109 } 3110 3111 if (timer_pending(&other_query->timer)) 3112 goto out; 3113 3114 if (br_opt_get(br, BROPT_MULTICAST_QUERIER)) { 3115 __br_multicast_send_query(br, port, NULL, NULL, &mp->addr, 3116 false, 0, NULL); 3117 3118 time = jiffies + br->multicast_last_member_count * 3119 br->multicast_last_member_interval; 3120 3121 mod_timer(&own_query->timer, time); 3122 3123 for (p = mlock_dereference(mp->ports, br); 3124 p != NULL; 3125 p = mlock_dereference(p->next, br)) { 3126 if (!br_port_group_equal(p, port, src)) 3127 continue; 3128 3129 if (!hlist_unhashed(&p->mglist) && 3130 (timer_pending(&p->timer) ? 3131 time_after(p->timer.expires, time) : 3132 try_to_del_timer_sync(&p->timer) >= 0)) { 3133 mod_timer(&p->timer, time); 3134 } 3135 3136 break; 3137 } 3138 } 3139 3140 now = jiffies; 3141 time = now + br->multicast_last_member_count * 3142 br->multicast_last_member_interval; 3143 3144 if (!port) { 3145 if (mp->host_joined && 3146 (timer_pending(&mp->timer) ? 3147 time_after(mp->timer.expires, time) : 3148 try_to_del_timer_sync(&mp->timer) >= 0)) { 3149 mod_timer(&mp->timer, time); 3150 } 3151 3152 goto out; 3153 } 3154 3155 for (p = mlock_dereference(mp->ports, br); 3156 p != NULL; 3157 p = mlock_dereference(p->next, br)) { 3158 if (p->key.port != port) 3159 continue; 3160 3161 if (!hlist_unhashed(&p->mglist) && 3162 (timer_pending(&p->timer) ? 3163 time_after(p->timer.expires, time) : 3164 try_to_del_timer_sync(&p->timer) >= 0)) { 3165 mod_timer(&p->timer, time); 3166 } 3167 3168 break; 3169 } 3170 out: 3171 spin_unlock(&br->multicast_lock); 3172 } 3173 3174 static void br_ip4_multicast_leave_group(struct net_bridge *br, 3175 struct net_bridge_port *port, 3176 __be32 group, 3177 __u16 vid, 3178 const unsigned char *src) 3179 { 3180 struct br_ip br_group; 3181 struct bridge_mcast_own_query *own_query; 3182 3183 if (ipv4_is_local_multicast(group)) 3184 return; 3185 3186 own_query = port ? &port->ip4_own_query : &br->ip4_own_query; 3187 3188 memset(&br_group, 0, sizeof(br_group)); 3189 br_group.dst.ip4 = group; 3190 br_group.proto = htons(ETH_P_IP); 3191 br_group.vid = vid; 3192 3193 br_multicast_leave_group(br, port, &br_group, &br->ip4_other_query, 3194 own_query, src); 3195 } 3196 3197 #if IS_ENABLED(CONFIG_IPV6) 3198 static void br_ip6_multicast_leave_group(struct net_bridge *br, 3199 struct net_bridge_port *port, 3200 const struct in6_addr *group, 3201 __u16 vid, 3202 const unsigned char *src) 3203 { 3204 struct br_ip br_group; 3205 struct bridge_mcast_own_query *own_query; 3206 3207 if (ipv6_addr_is_ll_all_nodes(group)) 3208 return; 3209 3210 own_query = port ? &port->ip6_own_query : &br->ip6_own_query; 3211 3212 memset(&br_group, 0, sizeof(br_group)); 3213 br_group.dst.ip6 = *group; 3214 br_group.proto = htons(ETH_P_IPV6); 3215 br_group.vid = vid; 3216 3217 br_multicast_leave_group(br, port, &br_group, &br->ip6_other_query, 3218 own_query, src); 3219 } 3220 #endif 3221 3222 static void br_multicast_err_count(const struct net_bridge *br, 3223 const struct net_bridge_port *p, 3224 __be16 proto) 3225 { 3226 struct bridge_mcast_stats __percpu *stats; 3227 struct bridge_mcast_stats *pstats; 3228 3229 if (!br_opt_get(br, BROPT_MULTICAST_STATS_ENABLED)) 3230 return; 3231 3232 if (p) 3233 stats = p->mcast_stats; 3234 else 3235 stats = br->mcast_stats; 3236 if (WARN_ON(!stats)) 3237 return; 3238 3239 pstats = this_cpu_ptr(stats); 3240 3241 u64_stats_update_begin(&pstats->syncp); 3242 switch (proto) { 3243 case htons(ETH_P_IP): 3244 pstats->mstats.igmp_parse_errors++; 3245 break; 3246 #if IS_ENABLED(CONFIG_IPV6) 3247 case htons(ETH_P_IPV6): 3248 pstats->mstats.mld_parse_errors++; 3249 break; 3250 #endif 3251 } 3252 u64_stats_update_end(&pstats->syncp); 3253 } 3254 3255 static void br_multicast_pim(struct net_bridge *br, 3256 struct net_bridge_port *port, 3257 const struct sk_buff *skb) 3258 { 3259 unsigned int offset = skb_transport_offset(skb); 3260 struct pimhdr *pimhdr, _pimhdr; 3261 3262 pimhdr = skb_header_pointer(skb, offset, sizeof(_pimhdr), &_pimhdr); 3263 if (!pimhdr || pim_hdr_version(pimhdr) != PIM_VERSION || 3264 pim_hdr_type(pimhdr) != PIM_TYPE_HELLO) 3265 return; 3266 3267 br_ip4_multicast_mark_router(br, port); 3268 } 3269 3270 static int br_ip4_multicast_mrd_rcv(struct net_bridge *br, 3271 struct net_bridge_port *port, 3272 struct sk_buff *skb) 3273 { 3274 if (ip_hdr(skb)->protocol != IPPROTO_IGMP || 3275 igmp_hdr(skb)->type != IGMP_MRDISC_ADV) 3276 return -ENOMSG; 3277 3278 br_ip4_multicast_mark_router(br, port); 3279 3280 return 0; 3281 } 3282 3283 static int br_multicast_ipv4_rcv(struct net_bridge *br, 3284 struct net_bridge_port *port, 3285 struct sk_buff *skb, 3286 u16 vid) 3287 { 3288 const unsigned char *src; 3289 struct igmphdr *ih; 3290 int err; 3291 3292 err = ip_mc_check_igmp(skb); 3293 3294 if (err == -ENOMSG) { 3295 if (!ipv4_is_local_multicast(ip_hdr(skb)->daddr)) { 3296 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 3297 } else if (pim_ipv4_all_pim_routers(ip_hdr(skb)->daddr)) { 3298 if (ip_hdr(skb)->protocol == IPPROTO_PIM) 3299 br_multicast_pim(br, port, skb); 3300 } else if (ipv4_is_all_snoopers(ip_hdr(skb)->daddr)) { 3301 br_ip4_multicast_mrd_rcv(br, port, skb); 3302 } 3303 3304 return 0; 3305 } else if (err < 0) { 3306 br_multicast_err_count(br, port, skb->protocol); 3307 return err; 3308 } 3309 3310 ih = igmp_hdr(skb); 3311 src = eth_hdr(skb)->h_source; 3312 BR_INPUT_SKB_CB(skb)->igmp = ih->type; 3313 3314 switch (ih->type) { 3315 case IGMP_HOST_MEMBERSHIP_REPORT: 3316 case IGMPV2_HOST_MEMBERSHIP_REPORT: 3317 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 3318 err = br_ip4_multicast_add_group(br, port, ih->group, vid, src, 3319 true); 3320 break; 3321 case IGMPV3_HOST_MEMBERSHIP_REPORT: 3322 err = br_ip4_multicast_igmp3_report(br, port, skb, vid); 3323 break; 3324 case IGMP_HOST_MEMBERSHIP_QUERY: 3325 br_ip4_multicast_query(br, port, skb, vid); 3326 break; 3327 case IGMP_HOST_LEAVE_MESSAGE: 3328 br_ip4_multicast_leave_group(br, port, ih->group, vid, src); 3329 break; 3330 } 3331 3332 br_multicast_count(br, port, skb, BR_INPUT_SKB_CB(skb)->igmp, 3333 BR_MCAST_DIR_RX); 3334 3335 return err; 3336 } 3337 3338 #if IS_ENABLED(CONFIG_IPV6) 3339 static void br_ip6_multicast_mrd_rcv(struct net_bridge *br, 3340 struct net_bridge_port *port, 3341 struct sk_buff *skb) 3342 { 3343 if (icmp6_hdr(skb)->icmp6_type != ICMPV6_MRDISC_ADV) 3344 return; 3345 3346 br_ip6_multicast_mark_router(br, port); 3347 } 3348 3349 static int br_multicast_ipv6_rcv(struct net_bridge *br, 3350 struct net_bridge_port *port, 3351 struct sk_buff *skb, 3352 u16 vid) 3353 { 3354 const unsigned char *src; 3355 struct mld_msg *mld; 3356 int err; 3357 3358 err = ipv6_mc_check_mld(skb); 3359 3360 if (err == -ENOMSG || err == -ENODATA) { 3361 if (!ipv6_addr_is_ll_all_nodes(&ipv6_hdr(skb)->daddr)) 3362 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 3363 if (err == -ENODATA && 3364 ipv6_addr_is_all_snoopers(&ipv6_hdr(skb)->daddr)) 3365 br_ip6_multicast_mrd_rcv(br, port, skb); 3366 3367 return 0; 3368 } else if (err < 0) { 3369 br_multicast_err_count(br, port, skb->protocol); 3370 return err; 3371 } 3372 3373 mld = (struct mld_msg *)skb_transport_header(skb); 3374 BR_INPUT_SKB_CB(skb)->igmp = mld->mld_type; 3375 3376 switch (mld->mld_type) { 3377 case ICMPV6_MGM_REPORT: 3378 src = eth_hdr(skb)->h_source; 3379 BR_INPUT_SKB_CB(skb)->mrouters_only = 1; 3380 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid, 3381 src, true); 3382 break; 3383 case ICMPV6_MLD2_REPORT: 3384 err = br_ip6_multicast_mld2_report(br, port, skb, vid); 3385 break; 3386 case ICMPV6_MGM_QUERY: 3387 err = br_ip6_multicast_query(br, port, skb, vid); 3388 break; 3389 case ICMPV6_MGM_REDUCTION: 3390 src = eth_hdr(skb)->h_source; 3391 br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid, src); 3392 break; 3393 } 3394 3395 br_multicast_count(br, port, skb, BR_INPUT_SKB_CB(skb)->igmp, 3396 BR_MCAST_DIR_RX); 3397 3398 return err; 3399 } 3400 #endif 3401 3402 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port, 3403 struct sk_buff *skb, u16 vid) 3404 { 3405 int ret = 0; 3406 3407 BR_INPUT_SKB_CB(skb)->igmp = 0; 3408 BR_INPUT_SKB_CB(skb)->mrouters_only = 0; 3409 3410 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) 3411 return 0; 3412 3413 switch (skb->protocol) { 3414 case htons(ETH_P_IP): 3415 ret = br_multicast_ipv4_rcv(br, port, skb, vid); 3416 break; 3417 #if IS_ENABLED(CONFIG_IPV6) 3418 case htons(ETH_P_IPV6): 3419 ret = br_multicast_ipv6_rcv(br, port, skb, vid); 3420 break; 3421 #endif 3422 } 3423 3424 return ret; 3425 } 3426 3427 static void br_multicast_query_expired(struct net_bridge *br, 3428 struct bridge_mcast_own_query *query, 3429 struct bridge_mcast_querier *querier) 3430 { 3431 spin_lock(&br->multicast_lock); 3432 if (query->startup_sent < br->multicast_startup_query_count) 3433 query->startup_sent++; 3434 3435 RCU_INIT_POINTER(querier->port, NULL); 3436 br_multicast_send_query(br, NULL, query); 3437 spin_unlock(&br->multicast_lock); 3438 } 3439 3440 static void br_ip4_multicast_query_expired(struct timer_list *t) 3441 { 3442 struct net_bridge *br = from_timer(br, t, ip4_own_query.timer); 3443 3444 br_multicast_query_expired(br, &br->ip4_own_query, &br->ip4_querier); 3445 } 3446 3447 #if IS_ENABLED(CONFIG_IPV6) 3448 static void br_ip6_multicast_query_expired(struct timer_list *t) 3449 { 3450 struct net_bridge *br = from_timer(br, t, ip6_own_query.timer); 3451 3452 br_multicast_query_expired(br, &br->ip6_own_query, &br->ip6_querier); 3453 } 3454 #endif 3455 3456 static void br_multicast_gc_work(struct work_struct *work) 3457 { 3458 struct net_bridge *br = container_of(work, struct net_bridge, 3459 mcast_gc_work); 3460 HLIST_HEAD(deleted_head); 3461 3462 spin_lock_bh(&br->multicast_lock); 3463 hlist_move_list(&br->mcast_gc_list, &deleted_head); 3464 spin_unlock_bh(&br->multicast_lock); 3465 3466 br_multicast_gc(&deleted_head); 3467 } 3468 3469 void br_multicast_init(struct net_bridge *br) 3470 { 3471 br->hash_max = BR_MULTICAST_DEFAULT_HASH_MAX; 3472 3473 br->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 3474 br->multicast_last_member_count = 2; 3475 br->multicast_startup_query_count = 2; 3476 3477 br->multicast_last_member_interval = HZ; 3478 br->multicast_query_response_interval = 10 * HZ; 3479 br->multicast_startup_query_interval = 125 * HZ / 4; 3480 br->multicast_query_interval = 125 * HZ; 3481 br->multicast_querier_interval = 255 * HZ; 3482 br->multicast_membership_interval = 260 * HZ; 3483 3484 br->ip4_other_query.delay_time = 0; 3485 br->ip4_querier.port = NULL; 3486 br->multicast_igmp_version = 2; 3487 #if IS_ENABLED(CONFIG_IPV6) 3488 br->multicast_mld_version = 1; 3489 br->ip6_other_query.delay_time = 0; 3490 br->ip6_querier.port = NULL; 3491 #endif 3492 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, true); 3493 br_opt_toggle(br, BROPT_HAS_IPV6_ADDR, true); 3494 3495 spin_lock_init(&br->multicast_lock); 3496 timer_setup(&br->ip4_mc_router_timer, 3497 br_ip4_multicast_local_router_expired, 0); 3498 timer_setup(&br->ip4_other_query.timer, 3499 br_ip4_multicast_querier_expired, 0); 3500 timer_setup(&br->ip4_own_query.timer, 3501 br_ip4_multicast_query_expired, 0); 3502 #if IS_ENABLED(CONFIG_IPV6) 3503 timer_setup(&br->ip6_mc_router_timer, 3504 br_ip6_multicast_local_router_expired, 0); 3505 timer_setup(&br->ip6_other_query.timer, 3506 br_ip6_multicast_querier_expired, 0); 3507 timer_setup(&br->ip6_own_query.timer, 3508 br_ip6_multicast_query_expired, 0); 3509 #endif 3510 INIT_HLIST_HEAD(&br->mdb_list); 3511 INIT_HLIST_HEAD(&br->mcast_gc_list); 3512 INIT_WORK(&br->mcast_gc_work, br_multicast_gc_work); 3513 } 3514 3515 static void br_ip4_multicast_join_snoopers(struct net_bridge *br) 3516 { 3517 struct in_device *in_dev = in_dev_get(br->dev); 3518 3519 if (!in_dev) 3520 return; 3521 3522 __ip_mc_inc_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC); 3523 in_dev_put(in_dev); 3524 } 3525 3526 #if IS_ENABLED(CONFIG_IPV6) 3527 static void br_ip6_multicast_join_snoopers(struct net_bridge *br) 3528 { 3529 struct in6_addr addr; 3530 3531 ipv6_addr_set(&addr, htonl(0xff020000), 0, 0, htonl(0x6a)); 3532 ipv6_dev_mc_inc(br->dev, &addr); 3533 } 3534 #else 3535 static inline void br_ip6_multicast_join_snoopers(struct net_bridge *br) 3536 { 3537 } 3538 #endif 3539 3540 void br_multicast_join_snoopers(struct net_bridge *br) 3541 { 3542 br_ip4_multicast_join_snoopers(br); 3543 br_ip6_multicast_join_snoopers(br); 3544 } 3545 3546 static void br_ip4_multicast_leave_snoopers(struct net_bridge *br) 3547 { 3548 struct in_device *in_dev = in_dev_get(br->dev); 3549 3550 if (WARN_ON(!in_dev)) 3551 return; 3552 3553 __ip_mc_dec_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC); 3554 in_dev_put(in_dev); 3555 } 3556 3557 #if IS_ENABLED(CONFIG_IPV6) 3558 static void br_ip6_multicast_leave_snoopers(struct net_bridge *br) 3559 { 3560 struct in6_addr addr; 3561 3562 ipv6_addr_set(&addr, htonl(0xff020000), 0, 0, htonl(0x6a)); 3563 ipv6_dev_mc_dec(br->dev, &addr); 3564 } 3565 #else 3566 static inline void br_ip6_multicast_leave_snoopers(struct net_bridge *br) 3567 { 3568 } 3569 #endif 3570 3571 void br_multicast_leave_snoopers(struct net_bridge *br) 3572 { 3573 br_ip4_multicast_leave_snoopers(br); 3574 br_ip6_multicast_leave_snoopers(br); 3575 } 3576 3577 static void __br_multicast_open(struct net_bridge *br, 3578 struct bridge_mcast_own_query *query) 3579 { 3580 query->startup_sent = 0; 3581 3582 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) 3583 return; 3584 3585 mod_timer(&query->timer, jiffies); 3586 } 3587 3588 void br_multicast_open(struct net_bridge *br) 3589 { 3590 __br_multicast_open(br, &br->ip4_own_query); 3591 #if IS_ENABLED(CONFIG_IPV6) 3592 __br_multicast_open(br, &br->ip6_own_query); 3593 #endif 3594 } 3595 3596 void br_multicast_stop(struct net_bridge *br) 3597 { 3598 del_timer_sync(&br->ip4_mc_router_timer); 3599 del_timer_sync(&br->ip4_other_query.timer); 3600 del_timer_sync(&br->ip4_own_query.timer); 3601 #if IS_ENABLED(CONFIG_IPV6) 3602 del_timer_sync(&br->ip6_mc_router_timer); 3603 del_timer_sync(&br->ip6_other_query.timer); 3604 del_timer_sync(&br->ip6_own_query.timer); 3605 #endif 3606 } 3607 3608 void br_multicast_dev_del(struct net_bridge *br) 3609 { 3610 struct net_bridge_mdb_entry *mp; 3611 HLIST_HEAD(deleted_head); 3612 struct hlist_node *tmp; 3613 3614 spin_lock_bh(&br->multicast_lock); 3615 hlist_for_each_entry_safe(mp, tmp, &br->mdb_list, mdb_node) 3616 br_multicast_del_mdb_entry(mp); 3617 hlist_move_list(&br->mcast_gc_list, &deleted_head); 3618 spin_unlock_bh(&br->multicast_lock); 3619 3620 br_multicast_gc(&deleted_head); 3621 cancel_work_sync(&br->mcast_gc_work); 3622 3623 rcu_barrier(); 3624 } 3625 3626 int br_multicast_set_router(struct net_bridge *br, unsigned long val) 3627 { 3628 int err = -EINVAL; 3629 3630 spin_lock_bh(&br->multicast_lock); 3631 3632 switch (val) { 3633 case MDB_RTR_TYPE_DISABLED: 3634 case MDB_RTR_TYPE_PERM: 3635 br_mc_router_state_change(br, val == MDB_RTR_TYPE_PERM); 3636 del_timer(&br->ip4_mc_router_timer); 3637 #if IS_ENABLED(CONFIG_IPV6) 3638 del_timer(&br->ip6_mc_router_timer); 3639 #endif 3640 br->multicast_router = val; 3641 err = 0; 3642 break; 3643 case MDB_RTR_TYPE_TEMP_QUERY: 3644 if (br->multicast_router != MDB_RTR_TYPE_TEMP_QUERY) 3645 br_mc_router_state_change(br, false); 3646 br->multicast_router = val; 3647 err = 0; 3648 break; 3649 } 3650 3651 spin_unlock_bh(&br->multicast_lock); 3652 3653 return err; 3654 } 3655 3656 static void 3657 br_multicast_rport_del_notify(struct net_bridge_port *p, bool deleted) 3658 { 3659 if (!deleted) 3660 return; 3661 3662 /* For backwards compatibility for now, only notify if there is 3663 * no multicast router anymore for both IPv4 and IPv6. 3664 */ 3665 if (!hlist_unhashed(&p->ip4_rlist)) 3666 return; 3667 #if IS_ENABLED(CONFIG_IPV6) 3668 if (!hlist_unhashed(&p->ip6_rlist)) 3669 return; 3670 #endif 3671 3672 br_rtr_notify(p->br->dev, p, RTM_DELMDB); 3673 br_port_mc_router_state_change(p, false); 3674 3675 /* don't allow timer refresh */ 3676 if (p->multicast_router == MDB_RTR_TYPE_TEMP) 3677 p->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 3678 } 3679 3680 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val) 3681 { 3682 struct net_bridge *br = p->br; 3683 unsigned long now = jiffies; 3684 int err = -EINVAL; 3685 bool del = false; 3686 3687 spin_lock(&br->multicast_lock); 3688 if (p->multicast_router == val) { 3689 /* Refresh the temp router port timer */ 3690 if (p->multicast_router == MDB_RTR_TYPE_TEMP) { 3691 mod_timer(&p->ip4_mc_router_timer, 3692 now + br->multicast_querier_interval); 3693 #if IS_ENABLED(CONFIG_IPV6) 3694 mod_timer(&p->ip6_mc_router_timer, 3695 now + br->multicast_querier_interval); 3696 #endif 3697 } 3698 err = 0; 3699 goto unlock; 3700 } 3701 switch (val) { 3702 case MDB_RTR_TYPE_DISABLED: 3703 p->multicast_router = MDB_RTR_TYPE_DISABLED; 3704 del |= br_ip4_multicast_rport_del(p); 3705 del_timer(&p->ip4_mc_router_timer); 3706 del |= br_ip6_multicast_rport_del(p); 3707 #if IS_ENABLED(CONFIG_IPV6) 3708 del_timer(&p->ip6_mc_router_timer); 3709 #endif 3710 br_multicast_rport_del_notify(p, del); 3711 break; 3712 case MDB_RTR_TYPE_TEMP_QUERY: 3713 p->multicast_router = MDB_RTR_TYPE_TEMP_QUERY; 3714 del |= br_ip4_multicast_rport_del(p); 3715 del |= br_ip6_multicast_rport_del(p); 3716 br_multicast_rport_del_notify(p, del); 3717 break; 3718 case MDB_RTR_TYPE_PERM: 3719 p->multicast_router = MDB_RTR_TYPE_PERM; 3720 del_timer(&p->ip4_mc_router_timer); 3721 br_ip4_multicast_add_router(br, p); 3722 #if IS_ENABLED(CONFIG_IPV6) 3723 del_timer(&p->ip6_mc_router_timer); 3724 #endif 3725 br_ip6_multicast_add_router(br, p); 3726 break; 3727 case MDB_RTR_TYPE_TEMP: 3728 p->multicast_router = MDB_RTR_TYPE_TEMP; 3729 br_ip4_multicast_mark_router(br, p); 3730 br_ip6_multicast_mark_router(br, p); 3731 break; 3732 default: 3733 goto unlock; 3734 } 3735 err = 0; 3736 unlock: 3737 spin_unlock(&br->multicast_lock); 3738 3739 return err; 3740 } 3741 3742 static void br_multicast_start_querier(struct net_bridge *br, 3743 struct bridge_mcast_own_query *query) 3744 { 3745 struct net_bridge_port *port; 3746 3747 __br_multicast_open(br, query); 3748 3749 rcu_read_lock(); 3750 list_for_each_entry_rcu(port, &br->port_list, list) { 3751 if (port->state == BR_STATE_DISABLED || 3752 port->state == BR_STATE_BLOCKING) 3753 continue; 3754 3755 if (query == &br->ip4_own_query) 3756 br_multicast_enable(&port->ip4_own_query); 3757 #if IS_ENABLED(CONFIG_IPV6) 3758 else 3759 br_multicast_enable(&port->ip6_own_query); 3760 #endif 3761 } 3762 rcu_read_unlock(); 3763 } 3764 3765 int br_multicast_toggle(struct net_bridge *br, unsigned long val, 3766 struct netlink_ext_ack *extack) 3767 { 3768 struct net_bridge_port *port; 3769 bool change_snoopers = false; 3770 int err = 0; 3771 3772 spin_lock_bh(&br->multicast_lock); 3773 if (!!br_opt_get(br, BROPT_MULTICAST_ENABLED) == !!val) 3774 goto unlock; 3775 3776 err = br_mc_disabled_update(br->dev, val, extack); 3777 if (err == -EOPNOTSUPP) 3778 err = 0; 3779 if (err) 3780 goto unlock; 3781 3782 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, !!val); 3783 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) { 3784 change_snoopers = true; 3785 goto unlock; 3786 } 3787 3788 if (!netif_running(br->dev)) 3789 goto unlock; 3790 3791 br_multicast_open(br); 3792 list_for_each_entry(port, &br->port_list, list) 3793 __br_multicast_enable_port(port); 3794 3795 change_snoopers = true; 3796 3797 unlock: 3798 spin_unlock_bh(&br->multicast_lock); 3799 3800 /* br_multicast_join_snoopers has the potential to cause 3801 * an MLD Report/Leave to be delivered to br_multicast_rcv, 3802 * which would in turn call br_multicast_add_group, which would 3803 * attempt to acquire multicast_lock. This function should be 3804 * called after the lock has been released to avoid deadlocks on 3805 * multicast_lock. 3806 * 3807 * br_multicast_leave_snoopers does not have the problem since 3808 * br_multicast_rcv first checks BROPT_MULTICAST_ENABLED, and 3809 * returns without calling br_multicast_ipv4/6_rcv if it's not 3810 * enabled. Moved both functions out just for symmetry. 3811 */ 3812 if (change_snoopers) { 3813 if (br_opt_get(br, BROPT_MULTICAST_ENABLED)) 3814 br_multicast_join_snoopers(br); 3815 else 3816 br_multicast_leave_snoopers(br); 3817 } 3818 3819 return err; 3820 } 3821 3822 bool br_multicast_enabled(const struct net_device *dev) 3823 { 3824 struct net_bridge *br = netdev_priv(dev); 3825 3826 return !!br_opt_get(br, BROPT_MULTICAST_ENABLED); 3827 } 3828 EXPORT_SYMBOL_GPL(br_multicast_enabled); 3829 3830 bool br_multicast_router(const struct net_device *dev) 3831 { 3832 struct net_bridge *br = netdev_priv(dev); 3833 bool is_router; 3834 3835 spin_lock_bh(&br->multicast_lock); 3836 is_router = br_multicast_is_router(br, NULL); 3837 spin_unlock_bh(&br->multicast_lock); 3838 return is_router; 3839 } 3840 EXPORT_SYMBOL_GPL(br_multicast_router); 3841 3842 int br_multicast_set_querier(struct net_bridge *br, unsigned long val) 3843 { 3844 unsigned long max_delay; 3845 3846 val = !!val; 3847 3848 spin_lock_bh(&br->multicast_lock); 3849 if (br_opt_get(br, BROPT_MULTICAST_QUERIER) == val) 3850 goto unlock; 3851 3852 br_opt_toggle(br, BROPT_MULTICAST_QUERIER, !!val); 3853 if (!val) 3854 goto unlock; 3855 3856 max_delay = br->multicast_query_response_interval; 3857 3858 if (!timer_pending(&br->ip4_other_query.timer)) 3859 br->ip4_other_query.delay_time = jiffies + max_delay; 3860 3861 br_multicast_start_querier(br, &br->ip4_own_query); 3862 3863 #if IS_ENABLED(CONFIG_IPV6) 3864 if (!timer_pending(&br->ip6_other_query.timer)) 3865 br->ip6_other_query.delay_time = jiffies + max_delay; 3866 3867 br_multicast_start_querier(br, &br->ip6_own_query); 3868 #endif 3869 3870 unlock: 3871 spin_unlock_bh(&br->multicast_lock); 3872 3873 return 0; 3874 } 3875 3876 int br_multicast_set_igmp_version(struct net_bridge *br, unsigned long val) 3877 { 3878 /* Currently we support only version 2 and 3 */ 3879 switch (val) { 3880 case 2: 3881 case 3: 3882 break; 3883 default: 3884 return -EINVAL; 3885 } 3886 3887 spin_lock_bh(&br->multicast_lock); 3888 br->multicast_igmp_version = val; 3889 spin_unlock_bh(&br->multicast_lock); 3890 3891 return 0; 3892 } 3893 3894 #if IS_ENABLED(CONFIG_IPV6) 3895 int br_multicast_set_mld_version(struct net_bridge *br, unsigned long val) 3896 { 3897 /* Currently we support version 1 and 2 */ 3898 switch (val) { 3899 case 1: 3900 case 2: 3901 break; 3902 default: 3903 return -EINVAL; 3904 } 3905 3906 spin_lock_bh(&br->multicast_lock); 3907 br->multicast_mld_version = val; 3908 spin_unlock_bh(&br->multicast_lock); 3909 3910 return 0; 3911 } 3912 #endif 3913 3914 /** 3915 * br_multicast_list_adjacent - Returns snooped multicast addresses 3916 * @dev: The bridge port adjacent to which to retrieve addresses 3917 * @br_ip_list: The list to store found, snooped multicast IP addresses in 3918 * 3919 * Creates a list of IP addresses (struct br_ip_list) sensed by the multicast 3920 * snooping feature on all bridge ports of dev's bridge device, excluding 3921 * the addresses from dev itself. 3922 * 3923 * Returns the number of items added to br_ip_list. 3924 * 3925 * Notes: 3926 * - br_ip_list needs to be initialized by caller 3927 * - br_ip_list might contain duplicates in the end 3928 * (needs to be taken care of by caller) 3929 * - br_ip_list needs to be freed by caller 3930 */ 3931 int br_multicast_list_adjacent(struct net_device *dev, 3932 struct list_head *br_ip_list) 3933 { 3934 struct net_bridge *br; 3935 struct net_bridge_port *port; 3936 struct net_bridge_port_group *group; 3937 struct br_ip_list *entry; 3938 int count = 0; 3939 3940 rcu_read_lock(); 3941 if (!br_ip_list || !netif_is_bridge_port(dev)) 3942 goto unlock; 3943 3944 port = br_port_get_rcu(dev); 3945 if (!port || !port->br) 3946 goto unlock; 3947 3948 br = port->br; 3949 3950 list_for_each_entry_rcu(port, &br->port_list, list) { 3951 if (!port->dev || port->dev == dev) 3952 continue; 3953 3954 hlist_for_each_entry_rcu(group, &port->mglist, mglist) { 3955 entry = kmalloc(sizeof(*entry), GFP_ATOMIC); 3956 if (!entry) 3957 goto unlock; 3958 3959 entry->addr = group->key.addr; 3960 list_add(&entry->list, br_ip_list); 3961 count++; 3962 } 3963 } 3964 3965 unlock: 3966 rcu_read_unlock(); 3967 return count; 3968 } 3969 EXPORT_SYMBOL_GPL(br_multicast_list_adjacent); 3970 3971 /** 3972 * br_multicast_has_querier_anywhere - Checks for a querier on a bridge 3973 * @dev: The bridge port providing the bridge on which to check for a querier 3974 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 3975 * 3976 * Checks whether the given interface has a bridge on top and if so returns 3977 * true if a valid querier exists anywhere on the bridged link layer. 3978 * Otherwise returns false. 3979 */ 3980 bool br_multicast_has_querier_anywhere(struct net_device *dev, int proto) 3981 { 3982 struct net_bridge *br; 3983 struct net_bridge_port *port; 3984 struct ethhdr eth; 3985 bool ret = false; 3986 3987 rcu_read_lock(); 3988 if (!netif_is_bridge_port(dev)) 3989 goto unlock; 3990 3991 port = br_port_get_rcu(dev); 3992 if (!port || !port->br) 3993 goto unlock; 3994 3995 br = port->br; 3996 3997 memset(ð, 0, sizeof(eth)); 3998 eth.h_proto = htons(proto); 3999 4000 ret = br_multicast_querier_exists(br, ð, NULL); 4001 4002 unlock: 4003 rcu_read_unlock(); 4004 return ret; 4005 } 4006 EXPORT_SYMBOL_GPL(br_multicast_has_querier_anywhere); 4007 4008 /** 4009 * br_multicast_has_querier_adjacent - Checks for a querier behind a bridge port 4010 * @dev: The bridge port adjacent to which to check for a querier 4011 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 4012 * 4013 * Checks whether the given interface has a bridge on top and if so returns 4014 * true if a selected querier is behind one of the other ports of this 4015 * bridge. Otherwise returns false. 4016 */ 4017 bool br_multicast_has_querier_adjacent(struct net_device *dev, int proto) 4018 { 4019 struct net_bridge *br; 4020 struct net_bridge_port *port; 4021 bool ret = false; 4022 4023 rcu_read_lock(); 4024 if (!netif_is_bridge_port(dev)) 4025 goto unlock; 4026 4027 port = br_port_get_rcu(dev); 4028 if (!port || !port->br) 4029 goto unlock; 4030 4031 br = port->br; 4032 4033 switch (proto) { 4034 case ETH_P_IP: 4035 if (!timer_pending(&br->ip4_other_query.timer) || 4036 rcu_dereference(br->ip4_querier.port) == port) 4037 goto unlock; 4038 break; 4039 #if IS_ENABLED(CONFIG_IPV6) 4040 case ETH_P_IPV6: 4041 if (!timer_pending(&br->ip6_other_query.timer) || 4042 rcu_dereference(br->ip6_querier.port) == port) 4043 goto unlock; 4044 break; 4045 #endif 4046 default: 4047 goto unlock; 4048 } 4049 4050 ret = true; 4051 unlock: 4052 rcu_read_unlock(); 4053 return ret; 4054 } 4055 EXPORT_SYMBOL_GPL(br_multicast_has_querier_adjacent); 4056 4057 /** 4058 * br_multicast_has_router_adjacent - Checks for a router behind a bridge port 4059 * @dev: The bridge port adjacent to which to check for a multicast router 4060 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6 4061 * 4062 * Checks whether the given interface has a bridge on top and if so returns 4063 * true if a multicast router is behind one of the other ports of this 4064 * bridge. Otherwise returns false. 4065 */ 4066 bool br_multicast_has_router_adjacent(struct net_device *dev, int proto) 4067 { 4068 struct net_bridge_port *port, *p; 4069 bool ret = false; 4070 4071 rcu_read_lock(); 4072 port = br_port_get_check_rcu(dev); 4073 if (!port) 4074 goto unlock; 4075 4076 switch (proto) { 4077 case ETH_P_IP: 4078 hlist_for_each_entry_rcu(p, &port->br->ip4_mc_router_list, 4079 ip4_rlist) { 4080 if (p == port) 4081 continue; 4082 4083 ret = true; 4084 goto unlock; 4085 } 4086 break; 4087 #if IS_ENABLED(CONFIG_IPV6) 4088 case ETH_P_IPV6: 4089 hlist_for_each_entry_rcu(p, &port->br->ip6_mc_router_list, 4090 ip6_rlist) { 4091 if (p == port) 4092 continue; 4093 4094 ret = true; 4095 goto unlock; 4096 } 4097 break; 4098 #endif 4099 default: 4100 /* when compiled without IPv6 support, be conservative and 4101 * always assume presence of an IPv6 multicast router 4102 */ 4103 ret = true; 4104 } 4105 4106 unlock: 4107 rcu_read_unlock(); 4108 return ret; 4109 } 4110 EXPORT_SYMBOL_GPL(br_multicast_has_router_adjacent); 4111 4112 static void br_mcast_stats_add(struct bridge_mcast_stats __percpu *stats, 4113 const struct sk_buff *skb, u8 type, u8 dir) 4114 { 4115 struct bridge_mcast_stats *pstats = this_cpu_ptr(stats); 4116 __be16 proto = skb->protocol; 4117 unsigned int t_len; 4118 4119 u64_stats_update_begin(&pstats->syncp); 4120 switch (proto) { 4121 case htons(ETH_P_IP): 4122 t_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb); 4123 switch (type) { 4124 case IGMP_HOST_MEMBERSHIP_REPORT: 4125 pstats->mstats.igmp_v1reports[dir]++; 4126 break; 4127 case IGMPV2_HOST_MEMBERSHIP_REPORT: 4128 pstats->mstats.igmp_v2reports[dir]++; 4129 break; 4130 case IGMPV3_HOST_MEMBERSHIP_REPORT: 4131 pstats->mstats.igmp_v3reports[dir]++; 4132 break; 4133 case IGMP_HOST_MEMBERSHIP_QUERY: 4134 if (t_len != sizeof(struct igmphdr)) { 4135 pstats->mstats.igmp_v3queries[dir]++; 4136 } else { 4137 unsigned int offset = skb_transport_offset(skb); 4138 struct igmphdr *ih, _ihdr; 4139 4140 ih = skb_header_pointer(skb, offset, 4141 sizeof(_ihdr), &_ihdr); 4142 if (!ih) 4143 break; 4144 if (!ih->code) 4145 pstats->mstats.igmp_v1queries[dir]++; 4146 else 4147 pstats->mstats.igmp_v2queries[dir]++; 4148 } 4149 break; 4150 case IGMP_HOST_LEAVE_MESSAGE: 4151 pstats->mstats.igmp_leaves[dir]++; 4152 break; 4153 } 4154 break; 4155 #if IS_ENABLED(CONFIG_IPV6) 4156 case htons(ETH_P_IPV6): 4157 t_len = ntohs(ipv6_hdr(skb)->payload_len) + 4158 sizeof(struct ipv6hdr); 4159 t_len -= skb_network_header_len(skb); 4160 switch (type) { 4161 case ICMPV6_MGM_REPORT: 4162 pstats->mstats.mld_v1reports[dir]++; 4163 break; 4164 case ICMPV6_MLD2_REPORT: 4165 pstats->mstats.mld_v2reports[dir]++; 4166 break; 4167 case ICMPV6_MGM_QUERY: 4168 if (t_len != sizeof(struct mld_msg)) 4169 pstats->mstats.mld_v2queries[dir]++; 4170 else 4171 pstats->mstats.mld_v1queries[dir]++; 4172 break; 4173 case ICMPV6_MGM_REDUCTION: 4174 pstats->mstats.mld_leaves[dir]++; 4175 break; 4176 } 4177 break; 4178 #endif /* CONFIG_IPV6 */ 4179 } 4180 u64_stats_update_end(&pstats->syncp); 4181 } 4182 4183 void br_multicast_count(struct net_bridge *br, const struct net_bridge_port *p, 4184 const struct sk_buff *skb, u8 type, u8 dir) 4185 { 4186 struct bridge_mcast_stats __percpu *stats; 4187 4188 /* if multicast_disabled is true then igmp type can't be set */ 4189 if (!type || !br_opt_get(br, BROPT_MULTICAST_STATS_ENABLED)) 4190 return; 4191 4192 if (p) 4193 stats = p->mcast_stats; 4194 else 4195 stats = br->mcast_stats; 4196 if (WARN_ON(!stats)) 4197 return; 4198 4199 br_mcast_stats_add(stats, skb, type, dir); 4200 } 4201 4202 int br_multicast_init_stats(struct net_bridge *br) 4203 { 4204 br->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats); 4205 if (!br->mcast_stats) 4206 return -ENOMEM; 4207 4208 return 0; 4209 } 4210 4211 void br_multicast_uninit_stats(struct net_bridge *br) 4212 { 4213 free_percpu(br->mcast_stats); 4214 } 4215 4216 /* noinline for https://bugs.llvm.org/show_bug.cgi?id=45802#c9 */ 4217 static noinline_for_stack void mcast_stats_add_dir(u64 *dst, u64 *src) 4218 { 4219 dst[BR_MCAST_DIR_RX] += src[BR_MCAST_DIR_RX]; 4220 dst[BR_MCAST_DIR_TX] += src[BR_MCAST_DIR_TX]; 4221 } 4222 4223 void br_multicast_get_stats(const struct net_bridge *br, 4224 const struct net_bridge_port *p, 4225 struct br_mcast_stats *dest) 4226 { 4227 struct bridge_mcast_stats __percpu *stats; 4228 struct br_mcast_stats tdst; 4229 int i; 4230 4231 memset(dest, 0, sizeof(*dest)); 4232 if (p) 4233 stats = p->mcast_stats; 4234 else 4235 stats = br->mcast_stats; 4236 if (WARN_ON(!stats)) 4237 return; 4238 4239 memset(&tdst, 0, sizeof(tdst)); 4240 for_each_possible_cpu(i) { 4241 struct bridge_mcast_stats *cpu_stats = per_cpu_ptr(stats, i); 4242 struct br_mcast_stats temp; 4243 unsigned int start; 4244 4245 do { 4246 start = u64_stats_fetch_begin_irq(&cpu_stats->syncp); 4247 memcpy(&temp, &cpu_stats->mstats, sizeof(temp)); 4248 } while (u64_stats_fetch_retry_irq(&cpu_stats->syncp, start)); 4249 4250 mcast_stats_add_dir(tdst.igmp_v1queries, temp.igmp_v1queries); 4251 mcast_stats_add_dir(tdst.igmp_v2queries, temp.igmp_v2queries); 4252 mcast_stats_add_dir(tdst.igmp_v3queries, temp.igmp_v3queries); 4253 mcast_stats_add_dir(tdst.igmp_leaves, temp.igmp_leaves); 4254 mcast_stats_add_dir(tdst.igmp_v1reports, temp.igmp_v1reports); 4255 mcast_stats_add_dir(tdst.igmp_v2reports, temp.igmp_v2reports); 4256 mcast_stats_add_dir(tdst.igmp_v3reports, temp.igmp_v3reports); 4257 tdst.igmp_parse_errors += temp.igmp_parse_errors; 4258 4259 mcast_stats_add_dir(tdst.mld_v1queries, temp.mld_v1queries); 4260 mcast_stats_add_dir(tdst.mld_v2queries, temp.mld_v2queries); 4261 mcast_stats_add_dir(tdst.mld_leaves, temp.mld_leaves); 4262 mcast_stats_add_dir(tdst.mld_v1reports, temp.mld_v1reports); 4263 mcast_stats_add_dir(tdst.mld_v2reports, temp.mld_v2reports); 4264 tdst.mld_parse_errors += temp.mld_parse_errors; 4265 } 4266 memcpy(dest, &tdst, sizeof(*dest)); 4267 } 4268 4269 int br_mdb_hash_init(struct net_bridge *br) 4270 { 4271 int err; 4272 4273 err = rhashtable_init(&br->sg_port_tbl, &br_sg_port_rht_params); 4274 if (err) 4275 return err; 4276 4277 err = rhashtable_init(&br->mdb_hash_tbl, &br_mdb_rht_params); 4278 if (err) { 4279 rhashtable_destroy(&br->sg_port_tbl); 4280 return err; 4281 } 4282 4283 return 0; 4284 } 4285 4286 void br_mdb_hash_fini(struct net_bridge *br) 4287 { 4288 rhashtable_destroy(&br->sg_port_tbl); 4289 rhashtable_destroy(&br->mdb_hash_tbl); 4290 } 4291