1 /* 2 * Linux NET3: Internet Group Management Protocol [IGMP] 3 * 4 * This code implements the IGMP protocol as defined in RFC1112. There has 5 * been a further revision of this protocol since which is now supported. 6 * 7 * If you have trouble with this module be careful what gcc you have used, 8 * the older version didn't come out right using gcc 2.5.8, the newer one 9 * seems to fall out with gcc 2.6.2. 10 * 11 * Authors: 12 * Alan Cox <alan@lxorguk.ukuu.org.uk> 13 * 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License 16 * as published by the Free Software Foundation; either version 17 * 2 of the License, or (at your option) any later version. 18 * 19 * Fixes: 20 * 21 * Alan Cox : Added lots of __inline__ to optimise 22 * the memory usage of all the tiny little 23 * functions. 24 * Alan Cox : Dumped the header building experiment. 25 * Alan Cox : Minor tweaks ready for multicast routing 26 * and extended IGMP protocol. 27 * Alan Cox : Removed a load of inline directives. Gcc 2.5.8 28 * writes utterly bogus code otherwise (sigh) 29 * fixed IGMP loopback to behave in the manner 30 * desired by mrouted, fixed the fact it has been 31 * broken since 1.3.6 and cleaned up a few minor 32 * points. 33 * 34 * Chih-Jen Chang : Tried to revise IGMP to Version 2 35 * Tsu-Sheng Tsao E-mail: chihjenc@scf.usc.edu and tsusheng@scf.usc.edu 36 * The enhancements are mainly based on Steve Deering's 37 * ipmulti-3.5 source code. 38 * Chih-Jen Chang : Added the igmp_get_mrouter_info and 39 * Tsu-Sheng Tsao igmp_set_mrouter_info to keep track of 40 * the mrouted version on that device. 41 * Chih-Jen Chang : Added the max_resp_time parameter to 42 * Tsu-Sheng Tsao igmp_heard_query(). Using this parameter 43 * to identify the multicast router version 44 * and do what the IGMP version 2 specified. 45 * Chih-Jen Chang : Added a timer to revert to IGMP V2 router 46 * Tsu-Sheng Tsao if the specified time expired. 47 * Alan Cox : Stop IGMP from 0.0.0.0 being accepted. 48 * Alan Cox : Use GFP_ATOMIC in the right places. 49 * Christian Daudt : igmp timer wasn't set for local group 50 * memberships but was being deleted, 51 * which caused a "del_timer() called 52 * from %p with timer not initialized\n" 53 * message (960131). 54 * Christian Daudt : removed del_timer from 55 * igmp_timer_expire function (960205). 56 * Christian Daudt : igmp_heard_report now only calls 57 * igmp_timer_expire if tm->running is 58 * true (960216). 59 * Malcolm Beattie : ttl comparison wrong in igmp_rcv made 60 * igmp_heard_query never trigger. Expiry 61 * miscalculation fixed in igmp_heard_query 62 * and random() made to return unsigned to 63 * prevent negative expiry times. 64 * Alexey Kuznetsov: Wrong group leaving behaviour, backport 65 * fix from pending 2.1.x patches. 66 * Alan Cox: Forget to enable FDDI support earlier. 67 * Alexey Kuznetsov: Fixed leaving groups on device down. 68 * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. 69 * David L Stevens: IGMPv3 support, with help from 70 * Vinay Kulkarni 71 */ 72 73 #include <linux/module.h> 74 #include <linux/slab.h> 75 #include <linux/uaccess.h> 76 #include <linux/types.h> 77 #include <linux/kernel.h> 78 #include <linux/jiffies.h> 79 #include <linux/string.h> 80 #include <linux/socket.h> 81 #include <linux/sockios.h> 82 #include <linux/in.h> 83 #include <linux/inet.h> 84 #include <linux/netdevice.h> 85 #include <linux/skbuff.h> 86 #include <linux/inetdevice.h> 87 #include <linux/igmp.h> 88 #include <linux/if_arp.h> 89 #include <linux/rtnetlink.h> 90 #include <linux/times.h> 91 #include <linux/pkt_sched.h> 92 #include <linux/byteorder/generic.h> 93 94 #include <net/net_namespace.h> 95 #include <net/arp.h> 96 #include <net/ip.h> 97 #include <net/protocol.h> 98 #include <net/route.h> 99 #include <net/sock.h> 100 #include <net/checksum.h> 101 #include <net/inet_common.h> 102 #include <linux/netfilter_ipv4.h> 103 #ifdef CONFIG_IP_MROUTE 104 #include <linux/mroute.h> 105 #endif 106 #ifdef CONFIG_PROC_FS 107 #include <linux/proc_fs.h> 108 #include <linux/seq_file.h> 109 #endif 110 111 #ifdef CONFIG_IP_MULTICAST 112 /* Parameter names and values are taken from igmp-v2-06 draft */ 113 114 #define IGMP_V2_UNSOLICITED_REPORT_INTERVAL (10*HZ) 115 #define IGMP_V3_UNSOLICITED_REPORT_INTERVAL (1*HZ) 116 #define IGMP_QUERY_INTERVAL (125*HZ) 117 #define IGMP_QUERY_RESPONSE_INTERVAL (10*HZ) 118 119 #define IGMP_INITIAL_REPORT_DELAY (1) 120 121 /* IGMP_INITIAL_REPORT_DELAY is not from IGMP specs! 122 * IGMP specs require to report membership immediately after 123 * joining a group, but we delay the first report by a 124 * small interval. It seems more natural and still does not 125 * contradict to specs provided this delay is small enough. 126 */ 127 128 #define IGMP_V1_SEEN(in_dev) \ 129 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 1 || \ 130 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 1 || \ 131 ((in_dev)->mr_v1_seen && \ 132 time_before(jiffies, (in_dev)->mr_v1_seen))) 133 #define IGMP_V2_SEEN(in_dev) \ 134 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 2 || \ 135 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 2 || \ 136 ((in_dev)->mr_v2_seen && \ 137 time_before(jiffies, (in_dev)->mr_v2_seen))) 138 139 static int unsolicited_report_interval(struct in_device *in_dev) 140 { 141 int interval_ms, interval_jiffies; 142 143 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) 144 interval_ms = IN_DEV_CONF_GET( 145 in_dev, 146 IGMPV2_UNSOLICITED_REPORT_INTERVAL); 147 else /* v3 */ 148 interval_ms = IN_DEV_CONF_GET( 149 in_dev, 150 IGMPV3_UNSOLICITED_REPORT_INTERVAL); 151 152 interval_jiffies = msecs_to_jiffies(interval_ms); 153 154 /* _timer functions can't handle a delay of 0 jiffies so ensure 155 * we always return a positive value. 156 */ 157 if (interval_jiffies <= 0) 158 interval_jiffies = 1; 159 return interval_jiffies; 160 } 161 162 static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im); 163 static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im); 164 static void igmpv3_clear_delrec(struct in_device *in_dev); 165 static int sf_setstate(struct ip_mc_list *pmc); 166 static void sf_markstate(struct ip_mc_list *pmc); 167 #endif 168 static void ip_mc_clear_src(struct ip_mc_list *pmc); 169 static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 170 int sfcount, __be32 *psfsrc, int delta); 171 172 static void ip_ma_put(struct ip_mc_list *im) 173 { 174 if (refcount_dec_and_test(&im->refcnt)) { 175 in_dev_put(im->interface); 176 kfree_rcu(im, rcu); 177 } 178 } 179 180 #define for_each_pmc_rcu(in_dev, pmc) \ 181 for (pmc = rcu_dereference(in_dev->mc_list); \ 182 pmc != NULL; \ 183 pmc = rcu_dereference(pmc->next_rcu)) 184 185 #define for_each_pmc_rtnl(in_dev, pmc) \ 186 for (pmc = rtnl_dereference(in_dev->mc_list); \ 187 pmc != NULL; \ 188 pmc = rtnl_dereference(pmc->next_rcu)) 189 190 #ifdef CONFIG_IP_MULTICAST 191 192 /* 193 * Timer management 194 */ 195 196 static void igmp_stop_timer(struct ip_mc_list *im) 197 { 198 spin_lock_bh(&im->lock); 199 if (del_timer(&im->timer)) 200 refcount_dec(&im->refcnt); 201 im->tm_running = 0; 202 im->reporter = 0; 203 im->unsolicit_count = 0; 204 spin_unlock_bh(&im->lock); 205 } 206 207 /* It must be called with locked im->lock */ 208 static void igmp_start_timer(struct ip_mc_list *im, int max_delay) 209 { 210 int tv = prandom_u32() % max_delay; 211 212 im->tm_running = 1; 213 if (!mod_timer(&im->timer, jiffies+tv+2)) 214 refcount_inc(&im->refcnt); 215 } 216 217 static void igmp_gq_start_timer(struct in_device *in_dev) 218 { 219 int tv = prandom_u32() % in_dev->mr_maxdelay; 220 unsigned long exp = jiffies + tv + 2; 221 222 if (in_dev->mr_gq_running && 223 time_after_eq(exp, (in_dev->mr_gq_timer).expires)) 224 return; 225 226 in_dev->mr_gq_running = 1; 227 if (!mod_timer(&in_dev->mr_gq_timer, exp)) 228 in_dev_hold(in_dev); 229 } 230 231 static void igmp_ifc_start_timer(struct in_device *in_dev, int delay) 232 { 233 int tv = prandom_u32() % delay; 234 235 if (!mod_timer(&in_dev->mr_ifc_timer, jiffies+tv+2)) 236 in_dev_hold(in_dev); 237 } 238 239 static void igmp_mod_timer(struct ip_mc_list *im, int max_delay) 240 { 241 spin_lock_bh(&im->lock); 242 im->unsolicit_count = 0; 243 if (del_timer(&im->timer)) { 244 if ((long)(im->timer.expires-jiffies) < max_delay) { 245 add_timer(&im->timer); 246 im->tm_running = 1; 247 spin_unlock_bh(&im->lock); 248 return; 249 } 250 refcount_dec(&im->refcnt); 251 } 252 igmp_start_timer(im, max_delay); 253 spin_unlock_bh(&im->lock); 254 } 255 256 257 /* 258 * Send an IGMP report. 259 */ 260 261 #define IGMP_SIZE (sizeof(struct igmphdr)+sizeof(struct iphdr)+4) 262 263 264 static int is_in(struct ip_mc_list *pmc, struct ip_sf_list *psf, int type, 265 int gdeleted, int sdeleted) 266 { 267 switch (type) { 268 case IGMPV3_MODE_IS_INCLUDE: 269 case IGMPV3_MODE_IS_EXCLUDE: 270 if (gdeleted || sdeleted) 271 return 0; 272 if (!(pmc->gsquery && !psf->sf_gsresp)) { 273 if (pmc->sfmode == MCAST_INCLUDE) 274 return 1; 275 /* don't include if this source is excluded 276 * in all filters 277 */ 278 if (psf->sf_count[MCAST_INCLUDE]) 279 return type == IGMPV3_MODE_IS_INCLUDE; 280 return pmc->sfcount[MCAST_EXCLUDE] == 281 psf->sf_count[MCAST_EXCLUDE]; 282 } 283 return 0; 284 case IGMPV3_CHANGE_TO_INCLUDE: 285 if (gdeleted || sdeleted) 286 return 0; 287 return psf->sf_count[MCAST_INCLUDE] != 0; 288 case IGMPV3_CHANGE_TO_EXCLUDE: 289 if (gdeleted || sdeleted) 290 return 0; 291 if (pmc->sfcount[MCAST_EXCLUDE] == 0 || 292 psf->sf_count[MCAST_INCLUDE]) 293 return 0; 294 return pmc->sfcount[MCAST_EXCLUDE] == 295 psf->sf_count[MCAST_EXCLUDE]; 296 case IGMPV3_ALLOW_NEW_SOURCES: 297 if (gdeleted || !psf->sf_crcount) 298 return 0; 299 return (pmc->sfmode == MCAST_INCLUDE) ^ sdeleted; 300 case IGMPV3_BLOCK_OLD_SOURCES: 301 if (pmc->sfmode == MCAST_INCLUDE) 302 return gdeleted || (psf->sf_crcount && sdeleted); 303 return psf->sf_crcount && !gdeleted && !sdeleted; 304 } 305 return 0; 306 } 307 308 static int 309 igmp_scount(struct ip_mc_list *pmc, int type, int gdeleted, int sdeleted) 310 { 311 struct ip_sf_list *psf; 312 int scount = 0; 313 314 for (psf = pmc->sources; psf; psf = psf->sf_next) { 315 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) 316 continue; 317 scount++; 318 } 319 return scount; 320 } 321 322 /* source address selection per RFC 3376 section 4.2.13 */ 323 static __be32 igmpv3_get_srcaddr(struct net_device *dev, 324 const struct flowi4 *fl4) 325 { 326 struct in_device *in_dev = __in_dev_get_rcu(dev); 327 328 if (!in_dev) 329 return htonl(INADDR_ANY); 330 331 for_ifa(in_dev) { 332 if (fl4->saddr == ifa->ifa_local) 333 return fl4->saddr; 334 } endfor_ifa(in_dev); 335 336 return htonl(INADDR_ANY); 337 } 338 339 static struct sk_buff *igmpv3_newpack(struct net_device *dev, unsigned int mtu) 340 { 341 struct sk_buff *skb; 342 struct rtable *rt; 343 struct iphdr *pip; 344 struct igmpv3_report *pig; 345 struct net *net = dev_net(dev); 346 struct flowi4 fl4; 347 int hlen = LL_RESERVED_SPACE(dev); 348 int tlen = dev->needed_tailroom; 349 unsigned int size = mtu; 350 351 while (1) { 352 skb = alloc_skb(size + hlen + tlen, 353 GFP_ATOMIC | __GFP_NOWARN); 354 if (skb) 355 break; 356 size >>= 1; 357 if (size < 256) 358 return NULL; 359 } 360 skb->priority = TC_PRIO_CONTROL; 361 362 rt = ip_route_output_ports(net, &fl4, NULL, IGMPV3_ALL_MCR, 0, 363 0, 0, 364 IPPROTO_IGMP, 0, dev->ifindex); 365 if (IS_ERR(rt)) { 366 kfree_skb(skb); 367 return NULL; 368 } 369 370 skb_dst_set(skb, &rt->dst); 371 skb->dev = dev; 372 373 skb_reserve(skb, hlen); 374 skb_tailroom_reserve(skb, mtu, tlen); 375 376 skb_reset_network_header(skb); 377 pip = ip_hdr(skb); 378 skb_put(skb, sizeof(struct iphdr) + 4); 379 380 pip->version = 4; 381 pip->ihl = (sizeof(struct iphdr)+4)>>2; 382 pip->tos = 0xc0; 383 pip->frag_off = htons(IP_DF); 384 pip->ttl = 1; 385 pip->daddr = fl4.daddr; 386 387 rcu_read_lock(); 388 pip->saddr = igmpv3_get_srcaddr(dev, &fl4); 389 rcu_read_unlock(); 390 391 pip->protocol = IPPROTO_IGMP; 392 pip->tot_len = 0; /* filled in later */ 393 ip_select_ident(net, skb, NULL); 394 ((u8 *)&pip[1])[0] = IPOPT_RA; 395 ((u8 *)&pip[1])[1] = 4; 396 ((u8 *)&pip[1])[2] = 0; 397 ((u8 *)&pip[1])[3] = 0; 398 399 skb->transport_header = skb->network_header + sizeof(struct iphdr) + 4; 400 skb_put(skb, sizeof(*pig)); 401 pig = igmpv3_report_hdr(skb); 402 pig->type = IGMPV3_HOST_MEMBERSHIP_REPORT; 403 pig->resv1 = 0; 404 pig->csum = 0; 405 pig->resv2 = 0; 406 pig->ngrec = 0; 407 return skb; 408 } 409 410 static int igmpv3_sendpack(struct sk_buff *skb) 411 { 412 struct igmphdr *pig = igmp_hdr(skb); 413 const int igmplen = skb_tail_pointer(skb) - skb_transport_header(skb); 414 415 pig->csum = ip_compute_csum(igmp_hdr(skb), igmplen); 416 417 return ip_local_out(dev_net(skb_dst(skb)->dev), skb->sk, skb); 418 } 419 420 static int grec_size(struct ip_mc_list *pmc, int type, int gdel, int sdel) 421 { 422 return sizeof(struct igmpv3_grec) + 4*igmp_scount(pmc, type, gdel, sdel); 423 } 424 425 static struct sk_buff *add_grhead(struct sk_buff *skb, struct ip_mc_list *pmc, 426 int type, struct igmpv3_grec **ppgr, unsigned int mtu) 427 { 428 struct net_device *dev = pmc->interface->dev; 429 struct igmpv3_report *pih; 430 struct igmpv3_grec *pgr; 431 432 if (!skb) { 433 skb = igmpv3_newpack(dev, mtu); 434 if (!skb) 435 return NULL; 436 } 437 pgr = skb_put(skb, sizeof(struct igmpv3_grec)); 438 pgr->grec_type = type; 439 pgr->grec_auxwords = 0; 440 pgr->grec_nsrcs = 0; 441 pgr->grec_mca = pmc->multiaddr; 442 pih = igmpv3_report_hdr(skb); 443 pih->ngrec = htons(ntohs(pih->ngrec)+1); 444 *ppgr = pgr; 445 return skb; 446 } 447 448 #define AVAILABLE(skb) ((skb) ? skb_availroom(skb) : 0) 449 450 static struct sk_buff *add_grec(struct sk_buff *skb, struct ip_mc_list *pmc, 451 int type, int gdeleted, int sdeleted) 452 { 453 struct net_device *dev = pmc->interface->dev; 454 struct net *net = dev_net(dev); 455 struct igmpv3_report *pih; 456 struct igmpv3_grec *pgr = NULL; 457 struct ip_sf_list *psf, *psf_next, *psf_prev, **psf_list; 458 int scount, stotal, first, isquery, truncate; 459 unsigned int mtu; 460 461 if (pmc->multiaddr == IGMP_ALL_HOSTS) 462 return skb; 463 if (ipv4_is_local_multicast(pmc->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 464 return skb; 465 466 mtu = READ_ONCE(dev->mtu); 467 if (mtu < IPV4_MIN_MTU) 468 return skb; 469 470 isquery = type == IGMPV3_MODE_IS_INCLUDE || 471 type == IGMPV3_MODE_IS_EXCLUDE; 472 truncate = type == IGMPV3_MODE_IS_EXCLUDE || 473 type == IGMPV3_CHANGE_TO_EXCLUDE; 474 475 stotal = scount = 0; 476 477 psf_list = sdeleted ? &pmc->tomb : &pmc->sources; 478 479 if (!*psf_list) 480 goto empty_source; 481 482 pih = skb ? igmpv3_report_hdr(skb) : NULL; 483 484 /* EX and TO_EX get a fresh packet, if needed */ 485 if (truncate) { 486 if (pih && pih->ngrec && 487 AVAILABLE(skb) < grec_size(pmc, type, gdeleted, sdeleted)) { 488 if (skb) 489 igmpv3_sendpack(skb); 490 skb = igmpv3_newpack(dev, mtu); 491 } 492 } 493 first = 1; 494 psf_prev = NULL; 495 for (psf = *psf_list; psf; psf = psf_next) { 496 __be32 *psrc; 497 498 psf_next = psf->sf_next; 499 500 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) { 501 psf_prev = psf; 502 continue; 503 } 504 505 /* Based on RFC3376 5.1. Should not send source-list change 506 * records when there is a filter mode change. 507 */ 508 if (((gdeleted && pmc->sfmode == MCAST_EXCLUDE) || 509 (!gdeleted && pmc->crcount)) && 510 (type == IGMPV3_ALLOW_NEW_SOURCES || 511 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) 512 goto decrease_sf_crcount; 513 514 /* clear marks on query responses */ 515 if (isquery) 516 psf->sf_gsresp = 0; 517 518 if (AVAILABLE(skb) < sizeof(__be32) + 519 first*sizeof(struct igmpv3_grec)) { 520 if (truncate && !first) 521 break; /* truncate these */ 522 if (pgr) 523 pgr->grec_nsrcs = htons(scount); 524 if (skb) 525 igmpv3_sendpack(skb); 526 skb = igmpv3_newpack(dev, mtu); 527 first = 1; 528 scount = 0; 529 } 530 if (first) { 531 skb = add_grhead(skb, pmc, type, &pgr, mtu); 532 first = 0; 533 } 534 if (!skb) 535 return NULL; 536 psrc = skb_put(skb, sizeof(__be32)); 537 *psrc = psf->sf_inaddr; 538 scount++; stotal++; 539 if ((type == IGMPV3_ALLOW_NEW_SOURCES || 540 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) { 541 decrease_sf_crcount: 542 psf->sf_crcount--; 543 if ((sdeleted || gdeleted) && psf->sf_crcount == 0) { 544 if (psf_prev) 545 psf_prev->sf_next = psf->sf_next; 546 else 547 *psf_list = psf->sf_next; 548 kfree(psf); 549 continue; 550 } 551 } 552 psf_prev = psf; 553 } 554 555 empty_source: 556 if (!stotal) { 557 if (type == IGMPV3_ALLOW_NEW_SOURCES || 558 type == IGMPV3_BLOCK_OLD_SOURCES) 559 return skb; 560 if (pmc->crcount || isquery) { 561 /* make sure we have room for group header */ 562 if (skb && AVAILABLE(skb) < sizeof(struct igmpv3_grec)) { 563 igmpv3_sendpack(skb); 564 skb = NULL; /* add_grhead will get a new one */ 565 } 566 skb = add_grhead(skb, pmc, type, &pgr, mtu); 567 } 568 } 569 if (pgr) 570 pgr->grec_nsrcs = htons(scount); 571 572 if (isquery) 573 pmc->gsquery = 0; /* clear query state on report */ 574 return skb; 575 } 576 577 static int igmpv3_send_report(struct in_device *in_dev, struct ip_mc_list *pmc) 578 { 579 struct sk_buff *skb = NULL; 580 struct net *net = dev_net(in_dev->dev); 581 int type; 582 583 if (!pmc) { 584 rcu_read_lock(); 585 for_each_pmc_rcu(in_dev, pmc) { 586 if (pmc->multiaddr == IGMP_ALL_HOSTS) 587 continue; 588 if (ipv4_is_local_multicast(pmc->multiaddr) && 589 !net->ipv4.sysctl_igmp_llm_reports) 590 continue; 591 spin_lock_bh(&pmc->lock); 592 if (pmc->sfcount[MCAST_EXCLUDE]) 593 type = IGMPV3_MODE_IS_EXCLUDE; 594 else 595 type = IGMPV3_MODE_IS_INCLUDE; 596 skb = add_grec(skb, pmc, type, 0, 0); 597 spin_unlock_bh(&pmc->lock); 598 } 599 rcu_read_unlock(); 600 } else { 601 spin_lock_bh(&pmc->lock); 602 if (pmc->sfcount[MCAST_EXCLUDE]) 603 type = IGMPV3_MODE_IS_EXCLUDE; 604 else 605 type = IGMPV3_MODE_IS_INCLUDE; 606 skb = add_grec(skb, pmc, type, 0, 0); 607 spin_unlock_bh(&pmc->lock); 608 } 609 if (!skb) 610 return 0; 611 return igmpv3_sendpack(skb); 612 } 613 614 /* 615 * remove zero-count source records from a source filter list 616 */ 617 static void igmpv3_clear_zeros(struct ip_sf_list **ppsf) 618 { 619 struct ip_sf_list *psf_prev, *psf_next, *psf; 620 621 psf_prev = NULL; 622 for (psf = *ppsf; psf; psf = psf_next) { 623 psf_next = psf->sf_next; 624 if (psf->sf_crcount == 0) { 625 if (psf_prev) 626 psf_prev->sf_next = psf->sf_next; 627 else 628 *ppsf = psf->sf_next; 629 kfree(psf); 630 } else 631 psf_prev = psf; 632 } 633 } 634 635 static void igmpv3_send_cr(struct in_device *in_dev) 636 { 637 struct ip_mc_list *pmc, *pmc_prev, *pmc_next; 638 struct sk_buff *skb = NULL; 639 int type, dtype; 640 641 rcu_read_lock(); 642 spin_lock_bh(&in_dev->mc_tomb_lock); 643 644 /* deleted MCA's */ 645 pmc_prev = NULL; 646 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc_next) { 647 pmc_next = pmc->next; 648 if (pmc->sfmode == MCAST_INCLUDE) { 649 type = IGMPV3_BLOCK_OLD_SOURCES; 650 dtype = IGMPV3_BLOCK_OLD_SOURCES; 651 skb = add_grec(skb, pmc, type, 1, 0); 652 skb = add_grec(skb, pmc, dtype, 1, 1); 653 } 654 if (pmc->crcount) { 655 if (pmc->sfmode == MCAST_EXCLUDE) { 656 type = IGMPV3_CHANGE_TO_INCLUDE; 657 skb = add_grec(skb, pmc, type, 1, 0); 658 } 659 pmc->crcount--; 660 if (pmc->crcount == 0) { 661 igmpv3_clear_zeros(&pmc->tomb); 662 igmpv3_clear_zeros(&pmc->sources); 663 } 664 } 665 if (pmc->crcount == 0 && !pmc->tomb && !pmc->sources) { 666 if (pmc_prev) 667 pmc_prev->next = pmc_next; 668 else 669 in_dev->mc_tomb = pmc_next; 670 in_dev_put(pmc->interface); 671 kfree(pmc); 672 } else 673 pmc_prev = pmc; 674 } 675 spin_unlock_bh(&in_dev->mc_tomb_lock); 676 677 /* change recs */ 678 for_each_pmc_rcu(in_dev, pmc) { 679 spin_lock_bh(&pmc->lock); 680 if (pmc->sfcount[MCAST_EXCLUDE]) { 681 type = IGMPV3_BLOCK_OLD_SOURCES; 682 dtype = IGMPV3_ALLOW_NEW_SOURCES; 683 } else { 684 type = IGMPV3_ALLOW_NEW_SOURCES; 685 dtype = IGMPV3_BLOCK_OLD_SOURCES; 686 } 687 skb = add_grec(skb, pmc, type, 0, 0); 688 skb = add_grec(skb, pmc, dtype, 0, 1); /* deleted sources */ 689 690 /* filter mode changes */ 691 if (pmc->crcount) { 692 if (pmc->sfmode == MCAST_EXCLUDE) 693 type = IGMPV3_CHANGE_TO_EXCLUDE; 694 else 695 type = IGMPV3_CHANGE_TO_INCLUDE; 696 skb = add_grec(skb, pmc, type, 0, 0); 697 pmc->crcount--; 698 } 699 spin_unlock_bh(&pmc->lock); 700 } 701 rcu_read_unlock(); 702 703 if (!skb) 704 return; 705 (void) igmpv3_sendpack(skb); 706 } 707 708 static int igmp_send_report(struct in_device *in_dev, struct ip_mc_list *pmc, 709 int type) 710 { 711 struct sk_buff *skb; 712 struct iphdr *iph; 713 struct igmphdr *ih; 714 struct rtable *rt; 715 struct net_device *dev = in_dev->dev; 716 struct net *net = dev_net(dev); 717 __be32 group = pmc ? pmc->multiaddr : 0; 718 struct flowi4 fl4; 719 __be32 dst; 720 int hlen, tlen; 721 722 if (type == IGMPV3_HOST_MEMBERSHIP_REPORT) 723 return igmpv3_send_report(in_dev, pmc); 724 725 if (ipv4_is_local_multicast(group) && !net->ipv4.sysctl_igmp_llm_reports) 726 return 0; 727 728 if (type == IGMP_HOST_LEAVE_MESSAGE) 729 dst = IGMP_ALL_ROUTER; 730 else 731 dst = group; 732 733 rt = ip_route_output_ports(net, &fl4, NULL, dst, 0, 734 0, 0, 735 IPPROTO_IGMP, 0, dev->ifindex); 736 if (IS_ERR(rt)) 737 return -1; 738 739 hlen = LL_RESERVED_SPACE(dev); 740 tlen = dev->needed_tailroom; 741 skb = alloc_skb(IGMP_SIZE + hlen + tlen, GFP_ATOMIC); 742 if (!skb) { 743 ip_rt_put(rt); 744 return -1; 745 } 746 skb->priority = TC_PRIO_CONTROL; 747 748 skb_dst_set(skb, &rt->dst); 749 750 skb_reserve(skb, hlen); 751 752 skb_reset_network_header(skb); 753 iph = ip_hdr(skb); 754 skb_put(skb, sizeof(struct iphdr) + 4); 755 756 iph->version = 4; 757 iph->ihl = (sizeof(struct iphdr)+4)>>2; 758 iph->tos = 0xc0; 759 iph->frag_off = htons(IP_DF); 760 iph->ttl = 1; 761 iph->daddr = dst; 762 iph->saddr = fl4.saddr; 763 iph->protocol = IPPROTO_IGMP; 764 ip_select_ident(net, skb, NULL); 765 ((u8 *)&iph[1])[0] = IPOPT_RA; 766 ((u8 *)&iph[1])[1] = 4; 767 ((u8 *)&iph[1])[2] = 0; 768 ((u8 *)&iph[1])[3] = 0; 769 770 ih = skb_put(skb, sizeof(struct igmphdr)); 771 ih->type = type; 772 ih->code = 0; 773 ih->csum = 0; 774 ih->group = group; 775 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr)); 776 777 return ip_local_out(net, skb->sk, skb); 778 } 779 780 static void igmp_gq_timer_expire(struct timer_list *t) 781 { 782 struct in_device *in_dev = from_timer(in_dev, t, mr_gq_timer); 783 784 in_dev->mr_gq_running = 0; 785 igmpv3_send_report(in_dev, NULL); 786 in_dev_put(in_dev); 787 } 788 789 static void igmp_ifc_timer_expire(struct timer_list *t) 790 { 791 struct in_device *in_dev = from_timer(in_dev, t, mr_ifc_timer); 792 793 igmpv3_send_cr(in_dev); 794 if (in_dev->mr_ifc_count) { 795 in_dev->mr_ifc_count--; 796 igmp_ifc_start_timer(in_dev, 797 unsolicited_report_interval(in_dev)); 798 } 799 in_dev_put(in_dev); 800 } 801 802 static void igmp_ifc_event(struct in_device *in_dev) 803 { 804 struct net *net = dev_net(in_dev->dev); 805 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) 806 return; 807 in_dev->mr_ifc_count = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 808 igmp_ifc_start_timer(in_dev, 1); 809 } 810 811 812 static void igmp_timer_expire(struct timer_list *t) 813 { 814 struct ip_mc_list *im = from_timer(im, t, timer); 815 struct in_device *in_dev = im->interface; 816 817 spin_lock(&im->lock); 818 im->tm_running = 0; 819 820 if (im->unsolicit_count && --im->unsolicit_count) 821 igmp_start_timer(im, unsolicited_report_interval(in_dev)); 822 823 im->reporter = 1; 824 spin_unlock(&im->lock); 825 826 if (IGMP_V1_SEEN(in_dev)) 827 igmp_send_report(in_dev, im, IGMP_HOST_MEMBERSHIP_REPORT); 828 else if (IGMP_V2_SEEN(in_dev)) 829 igmp_send_report(in_dev, im, IGMPV2_HOST_MEMBERSHIP_REPORT); 830 else 831 igmp_send_report(in_dev, im, IGMPV3_HOST_MEMBERSHIP_REPORT); 832 833 ip_ma_put(im); 834 } 835 836 /* mark EXCLUDE-mode sources */ 837 static int igmp_xmarksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs) 838 { 839 struct ip_sf_list *psf; 840 int i, scount; 841 842 scount = 0; 843 for (psf = pmc->sources; psf; psf = psf->sf_next) { 844 if (scount == nsrcs) 845 break; 846 for (i = 0; i < nsrcs; i++) { 847 /* skip inactive filters */ 848 if (psf->sf_count[MCAST_INCLUDE] || 849 pmc->sfcount[MCAST_EXCLUDE] != 850 psf->sf_count[MCAST_EXCLUDE]) 851 break; 852 if (srcs[i] == psf->sf_inaddr) { 853 scount++; 854 break; 855 } 856 } 857 } 858 pmc->gsquery = 0; 859 if (scount == nsrcs) /* all sources excluded */ 860 return 0; 861 return 1; 862 } 863 864 static int igmp_marksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs) 865 { 866 struct ip_sf_list *psf; 867 int i, scount; 868 869 if (pmc->sfmode == MCAST_EXCLUDE) 870 return igmp_xmarksources(pmc, nsrcs, srcs); 871 872 /* mark INCLUDE-mode sources */ 873 scount = 0; 874 for (psf = pmc->sources; psf; psf = psf->sf_next) { 875 if (scount == nsrcs) 876 break; 877 for (i = 0; i < nsrcs; i++) 878 if (srcs[i] == psf->sf_inaddr) { 879 psf->sf_gsresp = 1; 880 scount++; 881 break; 882 } 883 } 884 if (!scount) { 885 pmc->gsquery = 0; 886 return 0; 887 } 888 pmc->gsquery = 1; 889 return 1; 890 } 891 892 /* return true if packet was dropped */ 893 static bool igmp_heard_report(struct in_device *in_dev, __be32 group) 894 { 895 struct ip_mc_list *im; 896 struct net *net = dev_net(in_dev->dev); 897 898 /* Timers are only set for non-local groups */ 899 900 if (group == IGMP_ALL_HOSTS) 901 return false; 902 if (ipv4_is_local_multicast(group) && !net->ipv4.sysctl_igmp_llm_reports) 903 return false; 904 905 rcu_read_lock(); 906 for_each_pmc_rcu(in_dev, im) { 907 if (im->multiaddr == group) { 908 igmp_stop_timer(im); 909 break; 910 } 911 } 912 rcu_read_unlock(); 913 return false; 914 } 915 916 /* return true if packet was dropped */ 917 static bool igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb, 918 int len) 919 { 920 struct igmphdr *ih = igmp_hdr(skb); 921 struct igmpv3_query *ih3 = igmpv3_query_hdr(skb); 922 struct ip_mc_list *im; 923 __be32 group = ih->group; 924 int max_delay; 925 int mark = 0; 926 struct net *net = dev_net(in_dev->dev); 927 928 929 if (len == 8) { 930 if (ih->code == 0) { 931 /* Alas, old v1 router presents here. */ 932 933 max_delay = IGMP_QUERY_RESPONSE_INTERVAL; 934 in_dev->mr_v1_seen = jiffies + 935 (in_dev->mr_qrv * in_dev->mr_qi) + 936 in_dev->mr_qri; 937 group = 0; 938 } else { 939 /* v2 router present */ 940 max_delay = ih->code*(HZ/IGMP_TIMER_SCALE); 941 in_dev->mr_v2_seen = jiffies + 942 (in_dev->mr_qrv * in_dev->mr_qi) + 943 in_dev->mr_qri; 944 } 945 /* cancel the interface change timer */ 946 in_dev->mr_ifc_count = 0; 947 if (del_timer(&in_dev->mr_ifc_timer)) 948 __in_dev_put(in_dev); 949 /* clear deleted report items */ 950 igmpv3_clear_delrec(in_dev); 951 } else if (len < 12) { 952 return true; /* ignore bogus packet; freed by caller */ 953 } else if (IGMP_V1_SEEN(in_dev)) { 954 /* This is a v3 query with v1 queriers present */ 955 max_delay = IGMP_QUERY_RESPONSE_INTERVAL; 956 group = 0; 957 } else if (IGMP_V2_SEEN(in_dev)) { 958 /* this is a v3 query with v2 queriers present; 959 * Interpretation of the max_delay code is problematic here. 960 * A real v2 host would use ih_code directly, while v3 has a 961 * different encoding. We use the v3 encoding as more likely 962 * to be intended in a v3 query. 963 */ 964 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE); 965 if (!max_delay) 966 max_delay = 1; /* can't mod w/ 0 */ 967 } else { /* v3 */ 968 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) 969 return true; 970 971 ih3 = igmpv3_query_hdr(skb); 972 if (ih3->nsrcs) { 973 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query) 974 + ntohs(ih3->nsrcs)*sizeof(__be32))) 975 return true; 976 ih3 = igmpv3_query_hdr(skb); 977 } 978 979 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE); 980 if (!max_delay) 981 max_delay = 1; /* can't mod w/ 0 */ 982 in_dev->mr_maxdelay = max_delay; 983 984 /* RFC3376, 4.1.6. QRV and 4.1.7. QQIC, when the most recently 985 * received value was zero, use the default or statically 986 * configured value. 987 */ 988 in_dev->mr_qrv = ih3->qrv ?: net->ipv4.sysctl_igmp_qrv; 989 in_dev->mr_qi = IGMPV3_QQIC(ih3->qqic)*HZ ?: IGMP_QUERY_INTERVAL; 990 991 /* RFC3376, 8.3. Query Response Interval: 992 * The number of seconds represented by the [Query Response 993 * Interval] must be less than the [Query Interval]. 994 */ 995 if (in_dev->mr_qri >= in_dev->mr_qi) 996 in_dev->mr_qri = (in_dev->mr_qi/HZ - 1)*HZ; 997 998 if (!group) { /* general query */ 999 if (ih3->nsrcs) 1000 return true; /* no sources allowed */ 1001 igmp_gq_start_timer(in_dev); 1002 return false; 1003 } 1004 /* mark sources to include, if group & source-specific */ 1005 mark = ih3->nsrcs != 0; 1006 } 1007 1008 /* 1009 * - Start the timers in all of our membership records 1010 * that the query applies to for the interface on 1011 * which the query arrived excl. those that belong 1012 * to a "local" group (224.0.0.X) 1013 * - For timers already running check if they need to 1014 * be reset. 1015 * - Use the igmp->igmp_code field as the maximum 1016 * delay possible 1017 */ 1018 rcu_read_lock(); 1019 for_each_pmc_rcu(in_dev, im) { 1020 int changed; 1021 1022 if (group && group != im->multiaddr) 1023 continue; 1024 if (im->multiaddr == IGMP_ALL_HOSTS) 1025 continue; 1026 if (ipv4_is_local_multicast(im->multiaddr) && 1027 !net->ipv4.sysctl_igmp_llm_reports) 1028 continue; 1029 spin_lock_bh(&im->lock); 1030 if (im->tm_running) 1031 im->gsquery = im->gsquery && mark; 1032 else 1033 im->gsquery = mark; 1034 changed = !im->gsquery || 1035 igmp_marksources(im, ntohs(ih3->nsrcs), ih3->srcs); 1036 spin_unlock_bh(&im->lock); 1037 if (changed) 1038 igmp_mod_timer(im, max_delay); 1039 } 1040 rcu_read_unlock(); 1041 return false; 1042 } 1043 1044 /* called in rcu_read_lock() section */ 1045 int igmp_rcv(struct sk_buff *skb) 1046 { 1047 /* This basically follows the spec line by line -- see RFC1112 */ 1048 struct igmphdr *ih; 1049 struct net_device *dev = skb->dev; 1050 struct in_device *in_dev; 1051 int len = skb->len; 1052 bool dropped = true; 1053 1054 if (netif_is_l3_master(dev)) { 1055 dev = dev_get_by_index_rcu(dev_net(dev), IPCB(skb)->iif); 1056 if (!dev) 1057 goto drop; 1058 } 1059 1060 in_dev = __in_dev_get_rcu(dev); 1061 if (!in_dev) 1062 goto drop; 1063 1064 if (!pskb_may_pull(skb, sizeof(struct igmphdr))) 1065 goto drop; 1066 1067 if (skb_checksum_simple_validate(skb)) 1068 goto drop; 1069 1070 ih = igmp_hdr(skb); 1071 switch (ih->type) { 1072 case IGMP_HOST_MEMBERSHIP_QUERY: 1073 dropped = igmp_heard_query(in_dev, skb, len); 1074 break; 1075 case IGMP_HOST_MEMBERSHIP_REPORT: 1076 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1077 /* Is it our report looped back? */ 1078 if (rt_is_output_route(skb_rtable(skb))) 1079 break; 1080 /* don't rely on MC router hearing unicast reports */ 1081 if (skb->pkt_type == PACKET_MULTICAST || 1082 skb->pkt_type == PACKET_BROADCAST) 1083 dropped = igmp_heard_report(in_dev, ih->group); 1084 break; 1085 case IGMP_PIM: 1086 #ifdef CONFIG_IP_PIMSM_V1 1087 return pim_rcv_v1(skb); 1088 #endif 1089 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1090 case IGMP_DVMRP: 1091 case IGMP_TRACE: 1092 case IGMP_HOST_LEAVE_MESSAGE: 1093 case IGMP_MTRACE: 1094 case IGMP_MTRACE_RESP: 1095 break; 1096 default: 1097 break; 1098 } 1099 1100 drop: 1101 if (dropped) 1102 kfree_skb(skb); 1103 else 1104 consume_skb(skb); 1105 return 0; 1106 } 1107 1108 #endif 1109 1110 1111 /* 1112 * Add a filter to a device 1113 */ 1114 1115 static void ip_mc_filter_add(struct in_device *in_dev, __be32 addr) 1116 { 1117 char buf[MAX_ADDR_LEN]; 1118 struct net_device *dev = in_dev->dev; 1119 1120 /* Checking for IFF_MULTICAST here is WRONG-WRONG-WRONG. 1121 We will get multicast token leakage, when IFF_MULTICAST 1122 is changed. This check should be done in ndo_set_rx_mode 1123 routine. Something sort of: 1124 if (dev->mc_list && dev->flags&IFF_MULTICAST) { do it; } 1125 --ANK 1126 */ 1127 if (arp_mc_map(addr, buf, dev, 0) == 0) 1128 dev_mc_add(dev, buf); 1129 } 1130 1131 /* 1132 * Remove a filter from a device 1133 */ 1134 1135 static void ip_mc_filter_del(struct in_device *in_dev, __be32 addr) 1136 { 1137 char buf[MAX_ADDR_LEN]; 1138 struct net_device *dev = in_dev->dev; 1139 1140 if (arp_mc_map(addr, buf, dev, 0) == 0) 1141 dev_mc_del(dev, buf); 1142 } 1143 1144 #ifdef CONFIG_IP_MULTICAST 1145 /* 1146 * deleted ip_mc_list manipulation 1147 */ 1148 static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im) 1149 { 1150 struct ip_mc_list *pmc; 1151 struct net *net = dev_net(in_dev->dev); 1152 1153 /* this is an "ip_mc_list" for convenience; only the fields below 1154 * are actually used. In particular, the refcnt and users are not 1155 * used for management of the delete list. Using the same structure 1156 * for deleted items allows change reports to use common code with 1157 * non-deleted or query-response MCA's. 1158 */ 1159 pmc = kzalloc(sizeof(*pmc), GFP_KERNEL); 1160 if (!pmc) 1161 return; 1162 spin_lock_init(&pmc->lock); 1163 spin_lock_bh(&im->lock); 1164 pmc->interface = im->interface; 1165 in_dev_hold(in_dev); 1166 pmc->multiaddr = im->multiaddr; 1167 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1168 pmc->sfmode = im->sfmode; 1169 if (pmc->sfmode == MCAST_INCLUDE) { 1170 struct ip_sf_list *psf; 1171 1172 pmc->tomb = im->tomb; 1173 pmc->sources = im->sources; 1174 im->tomb = im->sources = NULL; 1175 for (psf = pmc->sources; psf; psf = psf->sf_next) 1176 psf->sf_crcount = pmc->crcount; 1177 } 1178 spin_unlock_bh(&im->lock); 1179 1180 spin_lock_bh(&in_dev->mc_tomb_lock); 1181 pmc->next = in_dev->mc_tomb; 1182 in_dev->mc_tomb = pmc; 1183 spin_unlock_bh(&in_dev->mc_tomb_lock); 1184 } 1185 1186 /* 1187 * restore ip_mc_list deleted records 1188 */ 1189 static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im) 1190 { 1191 struct ip_mc_list *pmc, *pmc_prev; 1192 struct ip_sf_list *psf; 1193 struct net *net = dev_net(in_dev->dev); 1194 __be32 multiaddr = im->multiaddr; 1195 1196 spin_lock_bh(&in_dev->mc_tomb_lock); 1197 pmc_prev = NULL; 1198 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc->next) { 1199 if (pmc->multiaddr == multiaddr) 1200 break; 1201 pmc_prev = pmc; 1202 } 1203 if (pmc) { 1204 if (pmc_prev) 1205 pmc_prev->next = pmc->next; 1206 else 1207 in_dev->mc_tomb = pmc->next; 1208 } 1209 spin_unlock_bh(&in_dev->mc_tomb_lock); 1210 1211 spin_lock_bh(&im->lock); 1212 if (pmc) { 1213 im->interface = pmc->interface; 1214 if (im->sfmode == MCAST_INCLUDE) { 1215 im->tomb = pmc->tomb; 1216 im->sources = pmc->sources; 1217 for (psf = im->sources; psf; psf = psf->sf_next) 1218 psf->sf_crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1219 } else { 1220 im->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1221 } 1222 in_dev_put(pmc->interface); 1223 kfree(pmc); 1224 } 1225 spin_unlock_bh(&im->lock); 1226 } 1227 1228 /* 1229 * flush ip_mc_list deleted records 1230 */ 1231 static void igmpv3_clear_delrec(struct in_device *in_dev) 1232 { 1233 struct ip_mc_list *pmc, *nextpmc; 1234 1235 spin_lock_bh(&in_dev->mc_tomb_lock); 1236 pmc = in_dev->mc_tomb; 1237 in_dev->mc_tomb = NULL; 1238 spin_unlock_bh(&in_dev->mc_tomb_lock); 1239 1240 for (; pmc; pmc = nextpmc) { 1241 nextpmc = pmc->next; 1242 ip_mc_clear_src(pmc); 1243 in_dev_put(pmc->interface); 1244 kfree(pmc); 1245 } 1246 /* clear dead sources, too */ 1247 rcu_read_lock(); 1248 for_each_pmc_rcu(in_dev, pmc) { 1249 struct ip_sf_list *psf, *psf_next; 1250 1251 spin_lock_bh(&pmc->lock); 1252 psf = pmc->tomb; 1253 pmc->tomb = NULL; 1254 spin_unlock_bh(&pmc->lock); 1255 for (; psf; psf = psf_next) { 1256 psf_next = psf->sf_next; 1257 kfree(psf); 1258 } 1259 } 1260 rcu_read_unlock(); 1261 } 1262 #endif 1263 1264 static void igmp_group_dropped(struct ip_mc_list *im) 1265 { 1266 struct in_device *in_dev = im->interface; 1267 #ifdef CONFIG_IP_MULTICAST 1268 struct net *net = dev_net(in_dev->dev); 1269 int reporter; 1270 #endif 1271 1272 if (im->loaded) { 1273 im->loaded = 0; 1274 ip_mc_filter_del(in_dev, im->multiaddr); 1275 } 1276 1277 #ifdef CONFIG_IP_MULTICAST 1278 if (im->multiaddr == IGMP_ALL_HOSTS) 1279 return; 1280 if (ipv4_is_local_multicast(im->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 1281 return; 1282 1283 reporter = im->reporter; 1284 igmp_stop_timer(im); 1285 1286 if (!in_dev->dead) { 1287 if (IGMP_V1_SEEN(in_dev)) 1288 return; 1289 if (IGMP_V2_SEEN(in_dev)) { 1290 if (reporter) 1291 igmp_send_report(in_dev, im, IGMP_HOST_LEAVE_MESSAGE); 1292 return; 1293 } 1294 /* IGMPv3 */ 1295 igmpv3_add_delrec(in_dev, im); 1296 1297 igmp_ifc_event(in_dev); 1298 } 1299 #endif 1300 } 1301 1302 static void igmp_group_added(struct ip_mc_list *im) 1303 { 1304 struct in_device *in_dev = im->interface; 1305 #ifdef CONFIG_IP_MULTICAST 1306 struct net *net = dev_net(in_dev->dev); 1307 #endif 1308 1309 if (im->loaded == 0) { 1310 im->loaded = 1; 1311 ip_mc_filter_add(in_dev, im->multiaddr); 1312 } 1313 1314 #ifdef CONFIG_IP_MULTICAST 1315 if (im->multiaddr == IGMP_ALL_HOSTS) 1316 return; 1317 if (ipv4_is_local_multicast(im->multiaddr) && !net->ipv4.sysctl_igmp_llm_reports) 1318 return; 1319 1320 if (in_dev->dead) 1321 return; 1322 1323 im->unsolicit_count = net->ipv4.sysctl_igmp_qrv; 1324 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) { 1325 spin_lock_bh(&im->lock); 1326 igmp_start_timer(im, IGMP_INITIAL_REPORT_DELAY); 1327 spin_unlock_bh(&im->lock); 1328 return; 1329 } 1330 /* else, v3 */ 1331 1332 /* Based on RFC3376 5.1, for newly added INCLUDE SSM, we should 1333 * not send filter-mode change record as the mode should be from 1334 * IN() to IN(A). 1335 */ 1336 if (im->sfmode == MCAST_EXCLUDE) 1337 im->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1338 1339 igmp_ifc_event(in_dev); 1340 #endif 1341 } 1342 1343 1344 /* 1345 * Multicast list managers 1346 */ 1347 1348 static u32 ip_mc_hash(const struct ip_mc_list *im) 1349 { 1350 return hash_32((__force u32)im->multiaddr, MC_HASH_SZ_LOG); 1351 } 1352 1353 static void ip_mc_hash_add(struct in_device *in_dev, 1354 struct ip_mc_list *im) 1355 { 1356 struct ip_mc_list __rcu **mc_hash; 1357 u32 hash; 1358 1359 mc_hash = rtnl_dereference(in_dev->mc_hash); 1360 if (mc_hash) { 1361 hash = ip_mc_hash(im); 1362 im->next_hash = mc_hash[hash]; 1363 rcu_assign_pointer(mc_hash[hash], im); 1364 return; 1365 } 1366 1367 /* do not use a hash table for small number of items */ 1368 if (in_dev->mc_count < 4) 1369 return; 1370 1371 mc_hash = kzalloc(sizeof(struct ip_mc_list *) << MC_HASH_SZ_LOG, 1372 GFP_KERNEL); 1373 if (!mc_hash) 1374 return; 1375 1376 for_each_pmc_rtnl(in_dev, im) { 1377 hash = ip_mc_hash(im); 1378 im->next_hash = mc_hash[hash]; 1379 RCU_INIT_POINTER(mc_hash[hash], im); 1380 } 1381 1382 rcu_assign_pointer(in_dev->mc_hash, mc_hash); 1383 } 1384 1385 static void ip_mc_hash_remove(struct in_device *in_dev, 1386 struct ip_mc_list *im) 1387 { 1388 struct ip_mc_list __rcu **mc_hash = rtnl_dereference(in_dev->mc_hash); 1389 struct ip_mc_list *aux; 1390 1391 if (!mc_hash) 1392 return; 1393 mc_hash += ip_mc_hash(im); 1394 while ((aux = rtnl_dereference(*mc_hash)) != im) 1395 mc_hash = &aux->next_hash; 1396 *mc_hash = im->next_hash; 1397 } 1398 1399 1400 /* 1401 * A socket has joined a multicast group on device dev. 1402 */ 1403 static void __ip_mc_inc_group(struct in_device *in_dev, __be32 addr, 1404 unsigned int mode) 1405 { 1406 struct ip_mc_list *im; 1407 1408 ASSERT_RTNL(); 1409 1410 for_each_pmc_rtnl(in_dev, im) { 1411 if (im->multiaddr == addr) { 1412 im->users++; 1413 ip_mc_add_src(in_dev, &addr, mode, 0, NULL, 0); 1414 goto out; 1415 } 1416 } 1417 1418 im = kzalloc(sizeof(*im), GFP_KERNEL); 1419 if (!im) 1420 goto out; 1421 1422 im->users = 1; 1423 im->interface = in_dev; 1424 in_dev_hold(in_dev); 1425 im->multiaddr = addr; 1426 /* initial mode is (EX, empty) */ 1427 im->sfmode = mode; 1428 im->sfcount[mode] = 1; 1429 refcount_set(&im->refcnt, 1); 1430 spin_lock_init(&im->lock); 1431 #ifdef CONFIG_IP_MULTICAST 1432 timer_setup(&im->timer, igmp_timer_expire, 0); 1433 #endif 1434 1435 im->next_rcu = in_dev->mc_list; 1436 in_dev->mc_count++; 1437 rcu_assign_pointer(in_dev->mc_list, im); 1438 1439 ip_mc_hash_add(in_dev, im); 1440 1441 #ifdef CONFIG_IP_MULTICAST 1442 igmpv3_del_delrec(in_dev, im); 1443 #endif 1444 igmp_group_added(im); 1445 if (!in_dev->dead) 1446 ip_rt_multicast_event(in_dev); 1447 out: 1448 return; 1449 } 1450 1451 void ip_mc_inc_group(struct in_device *in_dev, __be32 addr) 1452 { 1453 __ip_mc_inc_group(in_dev, addr, MCAST_EXCLUDE); 1454 } 1455 EXPORT_SYMBOL(ip_mc_inc_group); 1456 1457 static int ip_mc_check_iphdr(struct sk_buff *skb) 1458 { 1459 const struct iphdr *iph; 1460 unsigned int len; 1461 unsigned int offset = skb_network_offset(skb) + sizeof(*iph); 1462 1463 if (!pskb_may_pull(skb, offset)) 1464 return -EINVAL; 1465 1466 iph = ip_hdr(skb); 1467 1468 if (iph->version != 4 || ip_hdrlen(skb) < sizeof(*iph)) 1469 return -EINVAL; 1470 1471 offset += ip_hdrlen(skb) - sizeof(*iph); 1472 1473 if (!pskb_may_pull(skb, offset)) 1474 return -EINVAL; 1475 1476 iph = ip_hdr(skb); 1477 1478 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl))) 1479 return -EINVAL; 1480 1481 len = skb_network_offset(skb) + ntohs(iph->tot_len); 1482 if (skb->len < len || len < offset) 1483 return -EINVAL; 1484 1485 skb_set_transport_header(skb, offset); 1486 1487 return 0; 1488 } 1489 1490 static int ip_mc_check_igmp_reportv3(struct sk_buff *skb) 1491 { 1492 unsigned int len = skb_transport_offset(skb); 1493 1494 len += sizeof(struct igmpv3_report); 1495 1496 return pskb_may_pull(skb, len) ? 0 : -EINVAL; 1497 } 1498 1499 static int ip_mc_check_igmp_query(struct sk_buff *skb) 1500 { 1501 unsigned int len = skb_transport_offset(skb); 1502 1503 len += sizeof(struct igmphdr); 1504 if (skb->len < len) 1505 return -EINVAL; 1506 1507 /* IGMPv{1,2}? */ 1508 if (skb->len != len) { 1509 /* or IGMPv3? */ 1510 len += sizeof(struct igmpv3_query) - sizeof(struct igmphdr); 1511 if (skb->len < len || !pskb_may_pull(skb, len)) 1512 return -EINVAL; 1513 } 1514 1515 /* RFC2236+RFC3376 (IGMPv2+IGMPv3) require the multicast link layer 1516 * all-systems destination addresses (224.0.0.1) for general queries 1517 */ 1518 if (!igmp_hdr(skb)->group && 1519 ip_hdr(skb)->daddr != htonl(INADDR_ALLHOSTS_GROUP)) 1520 return -EINVAL; 1521 1522 return 0; 1523 } 1524 1525 static int ip_mc_check_igmp_msg(struct sk_buff *skb) 1526 { 1527 switch (igmp_hdr(skb)->type) { 1528 case IGMP_HOST_LEAVE_MESSAGE: 1529 case IGMP_HOST_MEMBERSHIP_REPORT: 1530 case IGMPV2_HOST_MEMBERSHIP_REPORT: 1531 /* fall through */ 1532 return 0; 1533 case IGMPV3_HOST_MEMBERSHIP_REPORT: 1534 return ip_mc_check_igmp_reportv3(skb); 1535 case IGMP_HOST_MEMBERSHIP_QUERY: 1536 return ip_mc_check_igmp_query(skb); 1537 default: 1538 return -ENOMSG; 1539 } 1540 } 1541 1542 static inline __sum16 ip_mc_validate_checksum(struct sk_buff *skb) 1543 { 1544 return skb_checksum_simple_validate(skb); 1545 } 1546 1547 static int __ip_mc_check_igmp(struct sk_buff *skb, struct sk_buff **skb_trimmed) 1548 1549 { 1550 struct sk_buff *skb_chk; 1551 unsigned int transport_len; 1552 unsigned int len = skb_transport_offset(skb) + sizeof(struct igmphdr); 1553 int ret = -EINVAL; 1554 1555 transport_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb); 1556 1557 skb_chk = skb_checksum_trimmed(skb, transport_len, 1558 ip_mc_validate_checksum); 1559 if (!skb_chk) 1560 goto err; 1561 1562 if (!pskb_may_pull(skb_chk, len)) 1563 goto err; 1564 1565 ret = ip_mc_check_igmp_msg(skb_chk); 1566 if (ret) 1567 goto err; 1568 1569 if (skb_trimmed) 1570 *skb_trimmed = skb_chk; 1571 /* free now unneeded clone */ 1572 else if (skb_chk != skb) 1573 kfree_skb(skb_chk); 1574 1575 ret = 0; 1576 1577 err: 1578 if (ret && skb_chk && skb_chk != skb) 1579 kfree_skb(skb_chk); 1580 1581 return ret; 1582 } 1583 1584 /** 1585 * ip_mc_check_igmp - checks whether this is a sane IGMP packet 1586 * @skb: the skb to validate 1587 * @skb_trimmed: to store an skb pointer trimmed to IPv4 packet tail (optional) 1588 * 1589 * Checks whether an IPv4 packet is a valid IGMP packet. If so sets 1590 * skb transport header accordingly and returns zero. 1591 * 1592 * -EINVAL: A broken packet was detected, i.e. it violates some internet 1593 * standard 1594 * -ENOMSG: IP header validation succeeded but it is not an IGMP packet. 1595 * -ENOMEM: A memory allocation failure happened. 1596 * 1597 * Optionally, an skb pointer might be provided via skb_trimmed (or set it 1598 * to NULL): After parsing an IGMP packet successfully it will point to 1599 * an skb which has its tail aligned to the IP packet end. This might 1600 * either be the originally provided skb or a trimmed, cloned version if 1601 * the skb frame had data beyond the IP packet. A cloned skb allows us 1602 * to leave the original skb and its full frame unchanged (which might be 1603 * desirable for layer 2 frame jugglers). 1604 * 1605 * Caller needs to set the skb network header and free any returned skb if it 1606 * differs from the provided skb. 1607 */ 1608 int ip_mc_check_igmp(struct sk_buff *skb, struct sk_buff **skb_trimmed) 1609 { 1610 int ret = ip_mc_check_iphdr(skb); 1611 1612 if (ret < 0) 1613 return ret; 1614 1615 if (ip_hdr(skb)->protocol != IPPROTO_IGMP) 1616 return -ENOMSG; 1617 1618 return __ip_mc_check_igmp(skb, skb_trimmed); 1619 } 1620 EXPORT_SYMBOL(ip_mc_check_igmp); 1621 1622 /* 1623 * Resend IGMP JOIN report; used by netdev notifier. 1624 */ 1625 static void ip_mc_rejoin_groups(struct in_device *in_dev) 1626 { 1627 #ifdef CONFIG_IP_MULTICAST 1628 struct ip_mc_list *im; 1629 int type; 1630 struct net *net = dev_net(in_dev->dev); 1631 1632 ASSERT_RTNL(); 1633 1634 for_each_pmc_rtnl(in_dev, im) { 1635 if (im->multiaddr == IGMP_ALL_HOSTS) 1636 continue; 1637 if (ipv4_is_local_multicast(im->multiaddr) && 1638 !net->ipv4.sysctl_igmp_llm_reports) 1639 continue; 1640 1641 /* a failover is happening and switches 1642 * must be notified immediately 1643 */ 1644 if (IGMP_V1_SEEN(in_dev)) 1645 type = IGMP_HOST_MEMBERSHIP_REPORT; 1646 else if (IGMP_V2_SEEN(in_dev)) 1647 type = IGMPV2_HOST_MEMBERSHIP_REPORT; 1648 else 1649 type = IGMPV3_HOST_MEMBERSHIP_REPORT; 1650 igmp_send_report(in_dev, im, type); 1651 } 1652 #endif 1653 } 1654 1655 /* 1656 * A socket has left a multicast group on device dev 1657 */ 1658 1659 void ip_mc_dec_group(struct in_device *in_dev, __be32 addr) 1660 { 1661 struct ip_mc_list *i; 1662 struct ip_mc_list __rcu **ip; 1663 1664 ASSERT_RTNL(); 1665 1666 for (ip = &in_dev->mc_list; 1667 (i = rtnl_dereference(*ip)) != NULL; 1668 ip = &i->next_rcu) { 1669 if (i->multiaddr == addr) { 1670 if (--i->users == 0) { 1671 ip_mc_hash_remove(in_dev, i); 1672 *ip = i->next_rcu; 1673 in_dev->mc_count--; 1674 igmp_group_dropped(i); 1675 ip_mc_clear_src(i); 1676 1677 if (!in_dev->dead) 1678 ip_rt_multicast_event(in_dev); 1679 1680 ip_ma_put(i); 1681 return; 1682 } 1683 break; 1684 } 1685 } 1686 } 1687 EXPORT_SYMBOL(ip_mc_dec_group); 1688 1689 /* Device changing type */ 1690 1691 void ip_mc_unmap(struct in_device *in_dev) 1692 { 1693 struct ip_mc_list *pmc; 1694 1695 ASSERT_RTNL(); 1696 1697 for_each_pmc_rtnl(in_dev, pmc) 1698 igmp_group_dropped(pmc); 1699 } 1700 1701 void ip_mc_remap(struct in_device *in_dev) 1702 { 1703 struct ip_mc_list *pmc; 1704 1705 ASSERT_RTNL(); 1706 1707 for_each_pmc_rtnl(in_dev, pmc) { 1708 #ifdef CONFIG_IP_MULTICAST 1709 igmpv3_del_delrec(in_dev, pmc); 1710 #endif 1711 igmp_group_added(pmc); 1712 } 1713 } 1714 1715 /* Device going down */ 1716 1717 void ip_mc_down(struct in_device *in_dev) 1718 { 1719 struct ip_mc_list *pmc; 1720 1721 ASSERT_RTNL(); 1722 1723 for_each_pmc_rtnl(in_dev, pmc) 1724 igmp_group_dropped(pmc); 1725 1726 #ifdef CONFIG_IP_MULTICAST 1727 in_dev->mr_ifc_count = 0; 1728 if (del_timer(&in_dev->mr_ifc_timer)) 1729 __in_dev_put(in_dev); 1730 in_dev->mr_gq_running = 0; 1731 if (del_timer(&in_dev->mr_gq_timer)) 1732 __in_dev_put(in_dev); 1733 #endif 1734 1735 ip_mc_dec_group(in_dev, IGMP_ALL_HOSTS); 1736 } 1737 1738 #ifdef CONFIG_IP_MULTICAST 1739 static void ip_mc_reset(struct in_device *in_dev) 1740 { 1741 struct net *net = dev_net(in_dev->dev); 1742 1743 in_dev->mr_qi = IGMP_QUERY_INTERVAL; 1744 in_dev->mr_qri = IGMP_QUERY_RESPONSE_INTERVAL; 1745 in_dev->mr_qrv = net->ipv4.sysctl_igmp_qrv; 1746 } 1747 #else 1748 static void ip_mc_reset(struct in_device *in_dev) 1749 { 1750 } 1751 #endif 1752 1753 void ip_mc_init_dev(struct in_device *in_dev) 1754 { 1755 ASSERT_RTNL(); 1756 1757 #ifdef CONFIG_IP_MULTICAST 1758 timer_setup(&in_dev->mr_gq_timer, igmp_gq_timer_expire, 0); 1759 timer_setup(&in_dev->mr_ifc_timer, igmp_ifc_timer_expire, 0); 1760 #endif 1761 ip_mc_reset(in_dev); 1762 1763 spin_lock_init(&in_dev->mc_tomb_lock); 1764 } 1765 1766 /* Device going up */ 1767 1768 void ip_mc_up(struct in_device *in_dev) 1769 { 1770 struct ip_mc_list *pmc; 1771 1772 ASSERT_RTNL(); 1773 1774 ip_mc_reset(in_dev); 1775 ip_mc_inc_group(in_dev, IGMP_ALL_HOSTS); 1776 1777 for_each_pmc_rtnl(in_dev, pmc) { 1778 #ifdef CONFIG_IP_MULTICAST 1779 igmpv3_del_delrec(in_dev, pmc); 1780 #endif 1781 igmp_group_added(pmc); 1782 } 1783 } 1784 1785 /* 1786 * Device is about to be destroyed: clean up. 1787 */ 1788 1789 void ip_mc_destroy_dev(struct in_device *in_dev) 1790 { 1791 struct ip_mc_list *i; 1792 1793 ASSERT_RTNL(); 1794 1795 /* Deactivate timers */ 1796 ip_mc_down(in_dev); 1797 #ifdef CONFIG_IP_MULTICAST 1798 igmpv3_clear_delrec(in_dev); 1799 #endif 1800 1801 while ((i = rtnl_dereference(in_dev->mc_list)) != NULL) { 1802 in_dev->mc_list = i->next_rcu; 1803 in_dev->mc_count--; 1804 ip_ma_put(i); 1805 } 1806 } 1807 1808 /* RTNL is locked */ 1809 static struct in_device *ip_mc_find_dev(struct net *net, struct ip_mreqn *imr) 1810 { 1811 struct net_device *dev = NULL; 1812 struct in_device *idev = NULL; 1813 1814 if (imr->imr_ifindex) { 1815 idev = inetdev_by_index(net, imr->imr_ifindex); 1816 return idev; 1817 } 1818 if (imr->imr_address.s_addr) { 1819 dev = __ip_dev_find(net, imr->imr_address.s_addr, false); 1820 if (!dev) 1821 return NULL; 1822 } 1823 1824 if (!dev) { 1825 struct rtable *rt = ip_route_output(net, 1826 imr->imr_multiaddr.s_addr, 1827 0, 0, 0); 1828 if (!IS_ERR(rt)) { 1829 dev = rt->dst.dev; 1830 ip_rt_put(rt); 1831 } 1832 } 1833 if (dev) { 1834 imr->imr_ifindex = dev->ifindex; 1835 idev = __in_dev_get_rtnl(dev); 1836 } 1837 return idev; 1838 } 1839 1840 /* 1841 * Join a socket to a group 1842 */ 1843 1844 static int ip_mc_del1_src(struct ip_mc_list *pmc, int sfmode, 1845 __be32 *psfsrc) 1846 { 1847 struct ip_sf_list *psf, *psf_prev; 1848 int rv = 0; 1849 1850 psf_prev = NULL; 1851 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1852 if (psf->sf_inaddr == *psfsrc) 1853 break; 1854 psf_prev = psf; 1855 } 1856 if (!psf || psf->sf_count[sfmode] == 0) { 1857 /* source filter not found, or count wrong => bug */ 1858 return -ESRCH; 1859 } 1860 psf->sf_count[sfmode]--; 1861 if (psf->sf_count[sfmode] == 0) { 1862 ip_rt_multicast_event(pmc->interface); 1863 } 1864 if (!psf->sf_count[MCAST_INCLUDE] && !psf->sf_count[MCAST_EXCLUDE]) { 1865 #ifdef CONFIG_IP_MULTICAST 1866 struct in_device *in_dev = pmc->interface; 1867 struct net *net = dev_net(in_dev->dev); 1868 #endif 1869 1870 /* no more filters for this source */ 1871 if (psf_prev) 1872 psf_prev->sf_next = psf->sf_next; 1873 else 1874 pmc->sources = psf->sf_next; 1875 #ifdef CONFIG_IP_MULTICAST 1876 if (psf->sf_oldin && 1877 !IGMP_V1_SEEN(in_dev) && !IGMP_V2_SEEN(in_dev)) { 1878 psf->sf_crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1879 psf->sf_next = pmc->tomb; 1880 pmc->tomb = psf; 1881 rv = 1; 1882 } else 1883 #endif 1884 kfree(psf); 1885 } 1886 return rv; 1887 } 1888 1889 #ifndef CONFIG_IP_MULTICAST 1890 #define igmp_ifc_event(x) do { } while (0) 1891 #endif 1892 1893 static int ip_mc_del_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 1894 int sfcount, __be32 *psfsrc, int delta) 1895 { 1896 struct ip_mc_list *pmc; 1897 int changerec = 0; 1898 int i, err; 1899 1900 if (!in_dev) 1901 return -ENODEV; 1902 rcu_read_lock(); 1903 for_each_pmc_rcu(in_dev, pmc) { 1904 if (*pmca == pmc->multiaddr) 1905 break; 1906 } 1907 if (!pmc) { 1908 /* MCA not found?? bug */ 1909 rcu_read_unlock(); 1910 return -ESRCH; 1911 } 1912 spin_lock_bh(&pmc->lock); 1913 rcu_read_unlock(); 1914 #ifdef CONFIG_IP_MULTICAST 1915 sf_markstate(pmc); 1916 #endif 1917 if (!delta) { 1918 err = -EINVAL; 1919 if (!pmc->sfcount[sfmode]) 1920 goto out_unlock; 1921 pmc->sfcount[sfmode]--; 1922 } 1923 err = 0; 1924 for (i = 0; i < sfcount; i++) { 1925 int rv = ip_mc_del1_src(pmc, sfmode, &psfsrc[i]); 1926 1927 changerec |= rv > 0; 1928 if (!err && rv < 0) 1929 err = rv; 1930 } 1931 if (pmc->sfmode == MCAST_EXCLUDE && 1932 pmc->sfcount[MCAST_EXCLUDE] == 0 && 1933 pmc->sfcount[MCAST_INCLUDE]) { 1934 #ifdef CONFIG_IP_MULTICAST 1935 struct ip_sf_list *psf; 1936 struct net *net = dev_net(in_dev->dev); 1937 #endif 1938 1939 /* filter mode change */ 1940 pmc->sfmode = MCAST_INCLUDE; 1941 #ifdef CONFIG_IP_MULTICAST 1942 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 1943 in_dev->mr_ifc_count = pmc->crcount; 1944 for (psf = pmc->sources; psf; psf = psf->sf_next) 1945 psf->sf_crcount = 0; 1946 igmp_ifc_event(pmc->interface); 1947 } else if (sf_setstate(pmc) || changerec) { 1948 igmp_ifc_event(pmc->interface); 1949 #endif 1950 } 1951 out_unlock: 1952 spin_unlock_bh(&pmc->lock); 1953 return err; 1954 } 1955 1956 /* 1957 * Add multicast single-source filter to the interface list 1958 */ 1959 static int ip_mc_add1_src(struct ip_mc_list *pmc, int sfmode, 1960 __be32 *psfsrc) 1961 { 1962 struct ip_sf_list *psf, *psf_prev; 1963 1964 psf_prev = NULL; 1965 for (psf = pmc->sources; psf; psf = psf->sf_next) { 1966 if (psf->sf_inaddr == *psfsrc) 1967 break; 1968 psf_prev = psf; 1969 } 1970 if (!psf) { 1971 psf = kzalloc(sizeof(*psf), GFP_ATOMIC); 1972 if (!psf) 1973 return -ENOBUFS; 1974 psf->sf_inaddr = *psfsrc; 1975 if (psf_prev) { 1976 psf_prev->sf_next = psf; 1977 } else 1978 pmc->sources = psf; 1979 } 1980 psf->sf_count[sfmode]++; 1981 if (psf->sf_count[sfmode] == 1) { 1982 ip_rt_multicast_event(pmc->interface); 1983 } 1984 return 0; 1985 } 1986 1987 #ifdef CONFIG_IP_MULTICAST 1988 static void sf_markstate(struct ip_mc_list *pmc) 1989 { 1990 struct ip_sf_list *psf; 1991 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE]; 1992 1993 for (psf = pmc->sources; psf; psf = psf->sf_next) 1994 if (pmc->sfcount[MCAST_EXCLUDE]) { 1995 psf->sf_oldin = mca_xcount == 1996 psf->sf_count[MCAST_EXCLUDE] && 1997 !psf->sf_count[MCAST_INCLUDE]; 1998 } else 1999 psf->sf_oldin = psf->sf_count[MCAST_INCLUDE] != 0; 2000 } 2001 2002 static int sf_setstate(struct ip_mc_list *pmc) 2003 { 2004 struct ip_sf_list *psf, *dpsf; 2005 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE]; 2006 int qrv = pmc->interface->mr_qrv; 2007 int new_in, rv; 2008 2009 rv = 0; 2010 for (psf = pmc->sources; psf; psf = psf->sf_next) { 2011 if (pmc->sfcount[MCAST_EXCLUDE]) { 2012 new_in = mca_xcount == psf->sf_count[MCAST_EXCLUDE] && 2013 !psf->sf_count[MCAST_INCLUDE]; 2014 } else 2015 new_in = psf->sf_count[MCAST_INCLUDE] != 0; 2016 if (new_in) { 2017 if (!psf->sf_oldin) { 2018 struct ip_sf_list *prev = NULL; 2019 2020 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next) { 2021 if (dpsf->sf_inaddr == psf->sf_inaddr) 2022 break; 2023 prev = dpsf; 2024 } 2025 if (dpsf) { 2026 if (prev) 2027 prev->sf_next = dpsf->sf_next; 2028 else 2029 pmc->tomb = dpsf->sf_next; 2030 kfree(dpsf); 2031 } 2032 psf->sf_crcount = qrv; 2033 rv++; 2034 } 2035 } else if (psf->sf_oldin) { 2036 2037 psf->sf_crcount = 0; 2038 /* 2039 * add or update "delete" records if an active filter 2040 * is now inactive 2041 */ 2042 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next) 2043 if (dpsf->sf_inaddr == psf->sf_inaddr) 2044 break; 2045 if (!dpsf) { 2046 dpsf = kmalloc(sizeof(*dpsf), GFP_ATOMIC); 2047 if (!dpsf) 2048 continue; 2049 *dpsf = *psf; 2050 /* pmc->lock held by callers */ 2051 dpsf->sf_next = pmc->tomb; 2052 pmc->tomb = dpsf; 2053 } 2054 dpsf->sf_crcount = qrv; 2055 rv++; 2056 } 2057 } 2058 return rv; 2059 } 2060 #endif 2061 2062 /* 2063 * Add multicast source filter list to the interface list 2064 */ 2065 static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode, 2066 int sfcount, __be32 *psfsrc, int delta) 2067 { 2068 struct ip_mc_list *pmc; 2069 int isexclude; 2070 int i, err; 2071 2072 if (!in_dev) 2073 return -ENODEV; 2074 rcu_read_lock(); 2075 for_each_pmc_rcu(in_dev, pmc) { 2076 if (*pmca == pmc->multiaddr) 2077 break; 2078 } 2079 if (!pmc) { 2080 /* MCA not found?? bug */ 2081 rcu_read_unlock(); 2082 return -ESRCH; 2083 } 2084 spin_lock_bh(&pmc->lock); 2085 rcu_read_unlock(); 2086 2087 #ifdef CONFIG_IP_MULTICAST 2088 sf_markstate(pmc); 2089 #endif 2090 isexclude = pmc->sfmode == MCAST_EXCLUDE; 2091 if (!delta) 2092 pmc->sfcount[sfmode]++; 2093 err = 0; 2094 for (i = 0; i < sfcount; i++) { 2095 err = ip_mc_add1_src(pmc, sfmode, &psfsrc[i]); 2096 if (err) 2097 break; 2098 } 2099 if (err) { 2100 int j; 2101 2102 if (!delta) 2103 pmc->sfcount[sfmode]--; 2104 for (j = 0; j < i; j++) 2105 (void) ip_mc_del1_src(pmc, sfmode, &psfsrc[j]); 2106 } else if (isexclude != (pmc->sfcount[MCAST_EXCLUDE] != 0)) { 2107 #ifdef CONFIG_IP_MULTICAST 2108 struct ip_sf_list *psf; 2109 struct net *net = dev_net(pmc->interface->dev); 2110 in_dev = pmc->interface; 2111 #endif 2112 2113 /* filter mode change */ 2114 if (pmc->sfcount[MCAST_EXCLUDE]) 2115 pmc->sfmode = MCAST_EXCLUDE; 2116 else if (pmc->sfcount[MCAST_INCLUDE]) 2117 pmc->sfmode = MCAST_INCLUDE; 2118 #ifdef CONFIG_IP_MULTICAST 2119 /* else no filters; keep old mode for reports */ 2120 2121 pmc->crcount = in_dev->mr_qrv ?: net->ipv4.sysctl_igmp_qrv; 2122 in_dev->mr_ifc_count = pmc->crcount; 2123 for (psf = pmc->sources; psf; psf = psf->sf_next) 2124 psf->sf_crcount = 0; 2125 igmp_ifc_event(in_dev); 2126 } else if (sf_setstate(pmc)) { 2127 igmp_ifc_event(in_dev); 2128 #endif 2129 } 2130 spin_unlock_bh(&pmc->lock); 2131 return err; 2132 } 2133 2134 static void ip_mc_clear_src(struct ip_mc_list *pmc) 2135 { 2136 struct ip_sf_list *psf, *nextpsf, *tomb, *sources; 2137 2138 spin_lock_bh(&pmc->lock); 2139 tomb = pmc->tomb; 2140 pmc->tomb = NULL; 2141 sources = pmc->sources; 2142 pmc->sources = NULL; 2143 pmc->sfmode = MCAST_EXCLUDE; 2144 pmc->sfcount[MCAST_INCLUDE] = 0; 2145 pmc->sfcount[MCAST_EXCLUDE] = 1; 2146 spin_unlock_bh(&pmc->lock); 2147 2148 for (psf = tomb; psf; psf = nextpsf) { 2149 nextpsf = psf->sf_next; 2150 kfree(psf); 2151 } 2152 for (psf = sources; psf; psf = nextpsf) { 2153 nextpsf = psf->sf_next; 2154 kfree(psf); 2155 } 2156 } 2157 2158 /* Join a multicast group 2159 */ 2160 static int __ip_mc_join_group(struct sock *sk, struct ip_mreqn *imr, 2161 unsigned int mode) 2162 { 2163 __be32 addr = imr->imr_multiaddr.s_addr; 2164 struct ip_mc_socklist *iml, *i; 2165 struct in_device *in_dev; 2166 struct inet_sock *inet = inet_sk(sk); 2167 struct net *net = sock_net(sk); 2168 int ifindex; 2169 int count = 0; 2170 int err; 2171 2172 ASSERT_RTNL(); 2173 2174 if (!ipv4_is_multicast(addr)) 2175 return -EINVAL; 2176 2177 in_dev = ip_mc_find_dev(net, imr); 2178 2179 if (!in_dev) { 2180 err = -ENODEV; 2181 goto done; 2182 } 2183 2184 err = -EADDRINUSE; 2185 ifindex = imr->imr_ifindex; 2186 for_each_pmc_rtnl(inet, i) { 2187 if (i->multi.imr_multiaddr.s_addr == addr && 2188 i->multi.imr_ifindex == ifindex) 2189 goto done; 2190 count++; 2191 } 2192 err = -ENOBUFS; 2193 if (count >= net->ipv4.sysctl_igmp_max_memberships) 2194 goto done; 2195 iml = sock_kmalloc(sk, sizeof(*iml), GFP_KERNEL); 2196 if (!iml) 2197 goto done; 2198 2199 memcpy(&iml->multi, imr, sizeof(*imr)); 2200 iml->next_rcu = inet->mc_list; 2201 iml->sflist = NULL; 2202 iml->sfmode = mode; 2203 rcu_assign_pointer(inet->mc_list, iml); 2204 __ip_mc_inc_group(in_dev, addr, mode); 2205 err = 0; 2206 done: 2207 return err; 2208 } 2209 2210 /* Join ASM (Any-Source Multicast) group 2211 */ 2212 int ip_mc_join_group(struct sock *sk, struct ip_mreqn *imr) 2213 { 2214 return __ip_mc_join_group(sk, imr, MCAST_EXCLUDE); 2215 } 2216 EXPORT_SYMBOL(ip_mc_join_group); 2217 2218 /* Join SSM (Source-Specific Multicast) group 2219 */ 2220 int ip_mc_join_group_ssm(struct sock *sk, struct ip_mreqn *imr, 2221 unsigned int mode) 2222 { 2223 return __ip_mc_join_group(sk, imr, mode); 2224 } 2225 2226 static int ip_mc_leave_src(struct sock *sk, struct ip_mc_socklist *iml, 2227 struct in_device *in_dev) 2228 { 2229 struct ip_sf_socklist *psf = rtnl_dereference(iml->sflist); 2230 int err; 2231 2232 if (!psf) { 2233 /* any-source empty exclude case */ 2234 return ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr, 2235 iml->sfmode, 0, NULL, 0); 2236 } 2237 err = ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr, 2238 iml->sfmode, psf->sl_count, psf->sl_addr, 0); 2239 RCU_INIT_POINTER(iml->sflist, NULL); 2240 /* decrease mem now to avoid the memleak warning */ 2241 atomic_sub(IP_SFLSIZE(psf->sl_max), &sk->sk_omem_alloc); 2242 kfree_rcu(psf, rcu); 2243 return err; 2244 } 2245 2246 int ip_mc_leave_group(struct sock *sk, struct ip_mreqn *imr) 2247 { 2248 struct inet_sock *inet = inet_sk(sk); 2249 struct ip_mc_socklist *iml; 2250 struct ip_mc_socklist __rcu **imlp; 2251 struct in_device *in_dev; 2252 struct net *net = sock_net(sk); 2253 __be32 group = imr->imr_multiaddr.s_addr; 2254 u32 ifindex; 2255 int ret = -EADDRNOTAVAIL; 2256 2257 ASSERT_RTNL(); 2258 2259 in_dev = ip_mc_find_dev(net, imr); 2260 if (!imr->imr_ifindex && !imr->imr_address.s_addr && !in_dev) { 2261 ret = -ENODEV; 2262 goto out; 2263 } 2264 ifindex = imr->imr_ifindex; 2265 for (imlp = &inet->mc_list; 2266 (iml = rtnl_dereference(*imlp)) != NULL; 2267 imlp = &iml->next_rcu) { 2268 if (iml->multi.imr_multiaddr.s_addr != group) 2269 continue; 2270 if (ifindex) { 2271 if (iml->multi.imr_ifindex != ifindex) 2272 continue; 2273 } else if (imr->imr_address.s_addr && imr->imr_address.s_addr != 2274 iml->multi.imr_address.s_addr) 2275 continue; 2276 2277 (void) ip_mc_leave_src(sk, iml, in_dev); 2278 2279 *imlp = iml->next_rcu; 2280 2281 if (in_dev) 2282 ip_mc_dec_group(in_dev, group); 2283 2284 /* decrease mem now to avoid the memleak warning */ 2285 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc); 2286 kfree_rcu(iml, rcu); 2287 return 0; 2288 } 2289 out: 2290 return ret; 2291 } 2292 EXPORT_SYMBOL(ip_mc_leave_group); 2293 2294 int ip_mc_source(int add, int omode, struct sock *sk, struct 2295 ip_mreq_source *mreqs, int ifindex) 2296 { 2297 int err; 2298 struct ip_mreqn imr; 2299 __be32 addr = mreqs->imr_multiaddr; 2300 struct ip_mc_socklist *pmc; 2301 struct in_device *in_dev = NULL; 2302 struct inet_sock *inet = inet_sk(sk); 2303 struct ip_sf_socklist *psl; 2304 struct net *net = sock_net(sk); 2305 int leavegroup = 0; 2306 int i, j, rv; 2307 2308 if (!ipv4_is_multicast(addr)) 2309 return -EINVAL; 2310 2311 ASSERT_RTNL(); 2312 2313 imr.imr_multiaddr.s_addr = mreqs->imr_multiaddr; 2314 imr.imr_address.s_addr = mreqs->imr_interface; 2315 imr.imr_ifindex = ifindex; 2316 in_dev = ip_mc_find_dev(net, &imr); 2317 2318 if (!in_dev) { 2319 err = -ENODEV; 2320 goto done; 2321 } 2322 err = -EADDRNOTAVAIL; 2323 2324 for_each_pmc_rtnl(inet, pmc) { 2325 if ((pmc->multi.imr_multiaddr.s_addr == 2326 imr.imr_multiaddr.s_addr) && 2327 (pmc->multi.imr_ifindex == imr.imr_ifindex)) 2328 break; 2329 } 2330 if (!pmc) { /* must have a prior join */ 2331 err = -EINVAL; 2332 goto done; 2333 } 2334 /* if a source filter was set, must be the same mode as before */ 2335 if (pmc->sflist) { 2336 if (pmc->sfmode != omode) { 2337 err = -EINVAL; 2338 goto done; 2339 } 2340 } else if (pmc->sfmode != omode) { 2341 /* allow mode switches for empty-set filters */ 2342 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 0, NULL, 0); 2343 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, pmc->sfmode, 0, 2344 NULL, 0); 2345 pmc->sfmode = omode; 2346 } 2347 2348 psl = rtnl_dereference(pmc->sflist); 2349 if (!add) { 2350 if (!psl) 2351 goto done; /* err = -EADDRNOTAVAIL */ 2352 rv = !0; 2353 for (i = 0; i < psl->sl_count; i++) { 2354 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr, 2355 sizeof(__be32)); 2356 if (rv == 0) 2357 break; 2358 } 2359 if (rv) /* source not found */ 2360 goto done; /* err = -EADDRNOTAVAIL */ 2361 2362 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 2363 if (psl->sl_count == 1 && omode == MCAST_INCLUDE) { 2364 leavegroup = 1; 2365 goto done; 2366 } 2367 2368 /* update the interface filter */ 2369 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, omode, 1, 2370 &mreqs->imr_sourceaddr, 1); 2371 2372 for (j = i+1; j < psl->sl_count; j++) 2373 psl->sl_addr[j-1] = psl->sl_addr[j]; 2374 psl->sl_count--; 2375 err = 0; 2376 goto done; 2377 } 2378 /* else, add a new source to the filter */ 2379 2380 if (psl && psl->sl_count >= net->ipv4.sysctl_igmp_max_msf) { 2381 err = -ENOBUFS; 2382 goto done; 2383 } 2384 if (!psl || psl->sl_count == psl->sl_max) { 2385 struct ip_sf_socklist *newpsl; 2386 int count = IP_SFBLOCK; 2387 2388 if (psl) 2389 count += psl->sl_max; 2390 newpsl = sock_kmalloc(sk, IP_SFLSIZE(count), GFP_KERNEL); 2391 if (!newpsl) { 2392 err = -ENOBUFS; 2393 goto done; 2394 } 2395 newpsl->sl_max = count; 2396 newpsl->sl_count = count - IP_SFBLOCK; 2397 if (psl) { 2398 for (i = 0; i < psl->sl_count; i++) 2399 newpsl->sl_addr[i] = psl->sl_addr[i]; 2400 /* decrease mem now to avoid the memleak warning */ 2401 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc); 2402 kfree_rcu(psl, rcu); 2403 } 2404 rcu_assign_pointer(pmc->sflist, newpsl); 2405 psl = newpsl; 2406 } 2407 rv = 1; /* > 0 for insert logic below if sl_count is 0 */ 2408 for (i = 0; i < psl->sl_count; i++) { 2409 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr, 2410 sizeof(__be32)); 2411 if (rv == 0) 2412 break; 2413 } 2414 if (rv == 0) /* address already there is an error */ 2415 goto done; 2416 for (j = psl->sl_count-1; j >= i; j--) 2417 psl->sl_addr[j+1] = psl->sl_addr[j]; 2418 psl->sl_addr[i] = mreqs->imr_sourceaddr; 2419 psl->sl_count++; 2420 err = 0; 2421 /* update the interface list */ 2422 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 1, 2423 &mreqs->imr_sourceaddr, 1); 2424 done: 2425 if (leavegroup) 2426 err = ip_mc_leave_group(sk, &imr); 2427 return err; 2428 } 2429 2430 int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex) 2431 { 2432 int err = 0; 2433 struct ip_mreqn imr; 2434 __be32 addr = msf->imsf_multiaddr; 2435 struct ip_mc_socklist *pmc; 2436 struct in_device *in_dev; 2437 struct inet_sock *inet = inet_sk(sk); 2438 struct ip_sf_socklist *newpsl, *psl; 2439 struct net *net = sock_net(sk); 2440 int leavegroup = 0; 2441 2442 if (!ipv4_is_multicast(addr)) 2443 return -EINVAL; 2444 if (msf->imsf_fmode != MCAST_INCLUDE && 2445 msf->imsf_fmode != MCAST_EXCLUDE) 2446 return -EINVAL; 2447 2448 ASSERT_RTNL(); 2449 2450 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; 2451 imr.imr_address.s_addr = msf->imsf_interface; 2452 imr.imr_ifindex = ifindex; 2453 in_dev = ip_mc_find_dev(net, &imr); 2454 2455 if (!in_dev) { 2456 err = -ENODEV; 2457 goto done; 2458 } 2459 2460 /* special case - (INCLUDE, empty) == LEAVE_GROUP */ 2461 if (msf->imsf_fmode == MCAST_INCLUDE && msf->imsf_numsrc == 0) { 2462 leavegroup = 1; 2463 goto done; 2464 } 2465 2466 for_each_pmc_rtnl(inet, pmc) { 2467 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr && 2468 pmc->multi.imr_ifindex == imr.imr_ifindex) 2469 break; 2470 } 2471 if (!pmc) { /* must have a prior join */ 2472 err = -EINVAL; 2473 goto done; 2474 } 2475 if (msf->imsf_numsrc) { 2476 newpsl = sock_kmalloc(sk, IP_SFLSIZE(msf->imsf_numsrc), 2477 GFP_KERNEL); 2478 if (!newpsl) { 2479 err = -ENOBUFS; 2480 goto done; 2481 } 2482 newpsl->sl_max = newpsl->sl_count = msf->imsf_numsrc; 2483 memcpy(newpsl->sl_addr, msf->imsf_slist, 2484 msf->imsf_numsrc * sizeof(msf->imsf_slist[0])); 2485 err = ip_mc_add_src(in_dev, &msf->imsf_multiaddr, 2486 msf->imsf_fmode, newpsl->sl_count, newpsl->sl_addr, 0); 2487 if (err) { 2488 sock_kfree_s(sk, newpsl, IP_SFLSIZE(newpsl->sl_max)); 2489 goto done; 2490 } 2491 } else { 2492 newpsl = NULL; 2493 (void) ip_mc_add_src(in_dev, &msf->imsf_multiaddr, 2494 msf->imsf_fmode, 0, NULL, 0); 2495 } 2496 psl = rtnl_dereference(pmc->sflist); 2497 if (psl) { 2498 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode, 2499 psl->sl_count, psl->sl_addr, 0); 2500 /* decrease mem now to avoid the memleak warning */ 2501 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc); 2502 kfree_rcu(psl, rcu); 2503 } else 2504 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode, 2505 0, NULL, 0); 2506 rcu_assign_pointer(pmc->sflist, newpsl); 2507 pmc->sfmode = msf->imsf_fmode; 2508 err = 0; 2509 done: 2510 if (leavegroup) 2511 err = ip_mc_leave_group(sk, &imr); 2512 return err; 2513 } 2514 2515 int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf, 2516 struct ip_msfilter __user *optval, int __user *optlen) 2517 { 2518 int err, len, count, copycount; 2519 struct ip_mreqn imr; 2520 __be32 addr = msf->imsf_multiaddr; 2521 struct ip_mc_socklist *pmc; 2522 struct in_device *in_dev; 2523 struct inet_sock *inet = inet_sk(sk); 2524 struct ip_sf_socklist *psl; 2525 struct net *net = sock_net(sk); 2526 2527 ASSERT_RTNL(); 2528 2529 if (!ipv4_is_multicast(addr)) 2530 return -EINVAL; 2531 2532 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr; 2533 imr.imr_address.s_addr = msf->imsf_interface; 2534 imr.imr_ifindex = 0; 2535 in_dev = ip_mc_find_dev(net, &imr); 2536 2537 if (!in_dev) { 2538 err = -ENODEV; 2539 goto done; 2540 } 2541 err = -EADDRNOTAVAIL; 2542 2543 for_each_pmc_rtnl(inet, pmc) { 2544 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr && 2545 pmc->multi.imr_ifindex == imr.imr_ifindex) 2546 break; 2547 } 2548 if (!pmc) /* must have a prior join */ 2549 goto done; 2550 msf->imsf_fmode = pmc->sfmode; 2551 psl = rtnl_dereference(pmc->sflist); 2552 if (!psl) { 2553 len = 0; 2554 count = 0; 2555 } else { 2556 count = psl->sl_count; 2557 } 2558 copycount = count < msf->imsf_numsrc ? count : msf->imsf_numsrc; 2559 len = copycount * sizeof(psl->sl_addr[0]); 2560 msf->imsf_numsrc = count; 2561 if (put_user(IP_MSFILTER_SIZE(copycount), optlen) || 2562 copy_to_user(optval, msf, IP_MSFILTER_SIZE(0))) { 2563 return -EFAULT; 2564 } 2565 if (len && 2566 copy_to_user(&optval->imsf_slist[0], psl->sl_addr, len)) 2567 return -EFAULT; 2568 return 0; 2569 done: 2570 return err; 2571 } 2572 2573 int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf, 2574 struct group_filter __user *optval, int __user *optlen) 2575 { 2576 int err, i, count, copycount; 2577 struct sockaddr_in *psin; 2578 __be32 addr; 2579 struct ip_mc_socklist *pmc; 2580 struct inet_sock *inet = inet_sk(sk); 2581 struct ip_sf_socklist *psl; 2582 2583 ASSERT_RTNL(); 2584 2585 psin = (struct sockaddr_in *)&gsf->gf_group; 2586 if (psin->sin_family != AF_INET) 2587 return -EINVAL; 2588 addr = psin->sin_addr.s_addr; 2589 if (!ipv4_is_multicast(addr)) 2590 return -EINVAL; 2591 2592 err = -EADDRNOTAVAIL; 2593 2594 for_each_pmc_rtnl(inet, pmc) { 2595 if (pmc->multi.imr_multiaddr.s_addr == addr && 2596 pmc->multi.imr_ifindex == gsf->gf_interface) 2597 break; 2598 } 2599 if (!pmc) /* must have a prior join */ 2600 goto done; 2601 gsf->gf_fmode = pmc->sfmode; 2602 psl = rtnl_dereference(pmc->sflist); 2603 count = psl ? psl->sl_count : 0; 2604 copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc; 2605 gsf->gf_numsrc = count; 2606 if (put_user(GROUP_FILTER_SIZE(copycount), optlen) || 2607 copy_to_user(optval, gsf, GROUP_FILTER_SIZE(0))) { 2608 return -EFAULT; 2609 } 2610 for (i = 0; i < copycount; i++) { 2611 struct sockaddr_storage ss; 2612 2613 psin = (struct sockaddr_in *)&ss; 2614 memset(&ss, 0, sizeof(ss)); 2615 psin->sin_family = AF_INET; 2616 psin->sin_addr.s_addr = psl->sl_addr[i]; 2617 if (copy_to_user(&optval->gf_slist[i], &ss, sizeof(ss))) 2618 return -EFAULT; 2619 } 2620 return 0; 2621 done: 2622 return err; 2623 } 2624 2625 /* 2626 * check if a multicast source filter allows delivery for a given <src,dst,intf> 2627 */ 2628 int ip_mc_sf_allow(struct sock *sk, __be32 loc_addr, __be32 rmt_addr, 2629 int dif, int sdif) 2630 { 2631 struct inet_sock *inet = inet_sk(sk); 2632 struct ip_mc_socklist *pmc; 2633 struct ip_sf_socklist *psl; 2634 int i; 2635 int ret; 2636 2637 ret = 1; 2638 if (!ipv4_is_multicast(loc_addr)) 2639 goto out; 2640 2641 rcu_read_lock(); 2642 for_each_pmc_rcu(inet, pmc) { 2643 if (pmc->multi.imr_multiaddr.s_addr == loc_addr && 2644 (pmc->multi.imr_ifindex == dif || 2645 (sdif && pmc->multi.imr_ifindex == sdif))) 2646 break; 2647 } 2648 ret = inet->mc_all; 2649 if (!pmc) 2650 goto unlock; 2651 psl = rcu_dereference(pmc->sflist); 2652 ret = (pmc->sfmode == MCAST_EXCLUDE); 2653 if (!psl) 2654 goto unlock; 2655 2656 for (i = 0; i < psl->sl_count; i++) { 2657 if (psl->sl_addr[i] == rmt_addr) 2658 break; 2659 } 2660 ret = 0; 2661 if (pmc->sfmode == MCAST_INCLUDE && i >= psl->sl_count) 2662 goto unlock; 2663 if (pmc->sfmode == MCAST_EXCLUDE && i < psl->sl_count) 2664 goto unlock; 2665 ret = 1; 2666 unlock: 2667 rcu_read_unlock(); 2668 out: 2669 return ret; 2670 } 2671 2672 /* 2673 * A socket is closing. 2674 */ 2675 2676 void ip_mc_drop_socket(struct sock *sk) 2677 { 2678 struct inet_sock *inet = inet_sk(sk); 2679 struct ip_mc_socklist *iml; 2680 struct net *net = sock_net(sk); 2681 2682 if (!inet->mc_list) 2683 return; 2684 2685 rtnl_lock(); 2686 while ((iml = rtnl_dereference(inet->mc_list)) != NULL) { 2687 struct in_device *in_dev; 2688 2689 inet->mc_list = iml->next_rcu; 2690 in_dev = inetdev_by_index(net, iml->multi.imr_ifindex); 2691 (void) ip_mc_leave_src(sk, iml, in_dev); 2692 if (in_dev) 2693 ip_mc_dec_group(in_dev, iml->multi.imr_multiaddr.s_addr); 2694 /* decrease mem now to avoid the memleak warning */ 2695 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc); 2696 kfree_rcu(iml, rcu); 2697 } 2698 rtnl_unlock(); 2699 } 2700 2701 /* called with rcu_read_lock() */ 2702 int ip_check_mc_rcu(struct in_device *in_dev, __be32 mc_addr, __be32 src_addr, u8 proto) 2703 { 2704 struct ip_mc_list *im; 2705 struct ip_mc_list __rcu **mc_hash; 2706 struct ip_sf_list *psf; 2707 int rv = 0; 2708 2709 mc_hash = rcu_dereference(in_dev->mc_hash); 2710 if (mc_hash) { 2711 u32 hash = hash_32((__force u32)mc_addr, MC_HASH_SZ_LOG); 2712 2713 for (im = rcu_dereference(mc_hash[hash]); 2714 im != NULL; 2715 im = rcu_dereference(im->next_hash)) { 2716 if (im->multiaddr == mc_addr) 2717 break; 2718 } 2719 } else { 2720 for_each_pmc_rcu(in_dev, im) { 2721 if (im->multiaddr == mc_addr) 2722 break; 2723 } 2724 } 2725 if (im && proto == IPPROTO_IGMP) { 2726 rv = 1; 2727 } else if (im) { 2728 if (src_addr) { 2729 for (psf = im->sources; psf; psf = psf->sf_next) { 2730 if (psf->sf_inaddr == src_addr) 2731 break; 2732 } 2733 if (psf) 2734 rv = psf->sf_count[MCAST_INCLUDE] || 2735 psf->sf_count[MCAST_EXCLUDE] != 2736 im->sfcount[MCAST_EXCLUDE]; 2737 else 2738 rv = im->sfcount[MCAST_EXCLUDE] != 0; 2739 } else 2740 rv = 1; /* unspecified source; tentatively allow */ 2741 } 2742 return rv; 2743 } 2744 2745 #if defined(CONFIG_PROC_FS) 2746 struct igmp_mc_iter_state { 2747 struct seq_net_private p; 2748 struct net_device *dev; 2749 struct in_device *in_dev; 2750 }; 2751 2752 #define igmp_mc_seq_private(seq) ((struct igmp_mc_iter_state *)(seq)->private) 2753 2754 static inline struct ip_mc_list *igmp_mc_get_first(struct seq_file *seq) 2755 { 2756 struct net *net = seq_file_net(seq); 2757 struct ip_mc_list *im = NULL; 2758 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2759 2760 state->in_dev = NULL; 2761 for_each_netdev_rcu(net, state->dev) { 2762 struct in_device *in_dev; 2763 2764 in_dev = __in_dev_get_rcu(state->dev); 2765 if (!in_dev) 2766 continue; 2767 im = rcu_dereference(in_dev->mc_list); 2768 if (im) { 2769 state->in_dev = in_dev; 2770 break; 2771 } 2772 } 2773 return im; 2774 } 2775 2776 static struct ip_mc_list *igmp_mc_get_next(struct seq_file *seq, struct ip_mc_list *im) 2777 { 2778 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2779 2780 im = rcu_dereference(im->next_rcu); 2781 while (!im) { 2782 state->dev = next_net_device_rcu(state->dev); 2783 if (!state->dev) { 2784 state->in_dev = NULL; 2785 break; 2786 } 2787 state->in_dev = __in_dev_get_rcu(state->dev); 2788 if (!state->in_dev) 2789 continue; 2790 im = rcu_dereference(state->in_dev->mc_list); 2791 } 2792 return im; 2793 } 2794 2795 static struct ip_mc_list *igmp_mc_get_idx(struct seq_file *seq, loff_t pos) 2796 { 2797 struct ip_mc_list *im = igmp_mc_get_first(seq); 2798 if (im) 2799 while (pos && (im = igmp_mc_get_next(seq, im)) != NULL) 2800 --pos; 2801 return pos ? NULL : im; 2802 } 2803 2804 static void *igmp_mc_seq_start(struct seq_file *seq, loff_t *pos) 2805 __acquires(rcu) 2806 { 2807 rcu_read_lock(); 2808 return *pos ? igmp_mc_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2809 } 2810 2811 static void *igmp_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2812 { 2813 struct ip_mc_list *im; 2814 if (v == SEQ_START_TOKEN) 2815 im = igmp_mc_get_first(seq); 2816 else 2817 im = igmp_mc_get_next(seq, v); 2818 ++*pos; 2819 return im; 2820 } 2821 2822 static void igmp_mc_seq_stop(struct seq_file *seq, void *v) 2823 __releases(rcu) 2824 { 2825 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2826 2827 state->in_dev = NULL; 2828 state->dev = NULL; 2829 rcu_read_unlock(); 2830 } 2831 2832 static int igmp_mc_seq_show(struct seq_file *seq, void *v) 2833 { 2834 if (v == SEQ_START_TOKEN) 2835 seq_puts(seq, 2836 "Idx\tDevice : Count Querier\tGroup Users Timer\tReporter\n"); 2837 else { 2838 struct ip_mc_list *im = (struct ip_mc_list *)v; 2839 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq); 2840 char *querier; 2841 long delta; 2842 2843 #ifdef CONFIG_IP_MULTICAST 2844 querier = IGMP_V1_SEEN(state->in_dev) ? "V1" : 2845 IGMP_V2_SEEN(state->in_dev) ? "V2" : 2846 "V3"; 2847 #else 2848 querier = "NONE"; 2849 #endif 2850 2851 if (rcu_access_pointer(state->in_dev->mc_list) == im) { 2852 seq_printf(seq, "%d\t%-10s: %5d %7s\n", 2853 state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); 2854 } 2855 2856 delta = im->timer.expires - jiffies; 2857 seq_printf(seq, 2858 "\t\t\t\t%08X %5d %d:%08lX\t\t%d\n", 2859 im->multiaddr, im->users, 2860 im->tm_running, 2861 im->tm_running ? jiffies_delta_to_clock_t(delta) : 0, 2862 im->reporter); 2863 } 2864 return 0; 2865 } 2866 2867 static const struct seq_operations igmp_mc_seq_ops = { 2868 .start = igmp_mc_seq_start, 2869 .next = igmp_mc_seq_next, 2870 .stop = igmp_mc_seq_stop, 2871 .show = igmp_mc_seq_show, 2872 }; 2873 2874 struct igmp_mcf_iter_state { 2875 struct seq_net_private p; 2876 struct net_device *dev; 2877 struct in_device *idev; 2878 struct ip_mc_list *im; 2879 }; 2880 2881 #define igmp_mcf_seq_private(seq) ((struct igmp_mcf_iter_state *)(seq)->private) 2882 2883 static inline struct ip_sf_list *igmp_mcf_get_first(struct seq_file *seq) 2884 { 2885 struct net *net = seq_file_net(seq); 2886 struct ip_sf_list *psf = NULL; 2887 struct ip_mc_list *im = NULL; 2888 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2889 2890 state->idev = NULL; 2891 state->im = NULL; 2892 for_each_netdev_rcu(net, state->dev) { 2893 struct in_device *idev; 2894 idev = __in_dev_get_rcu(state->dev); 2895 if (unlikely(!idev)) 2896 continue; 2897 im = rcu_dereference(idev->mc_list); 2898 if (likely(im)) { 2899 spin_lock_bh(&im->lock); 2900 psf = im->sources; 2901 if (likely(psf)) { 2902 state->im = im; 2903 state->idev = idev; 2904 break; 2905 } 2906 spin_unlock_bh(&im->lock); 2907 } 2908 } 2909 return psf; 2910 } 2911 2912 static struct ip_sf_list *igmp_mcf_get_next(struct seq_file *seq, struct ip_sf_list *psf) 2913 { 2914 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2915 2916 psf = psf->sf_next; 2917 while (!psf) { 2918 spin_unlock_bh(&state->im->lock); 2919 state->im = state->im->next; 2920 while (!state->im) { 2921 state->dev = next_net_device_rcu(state->dev); 2922 if (!state->dev) { 2923 state->idev = NULL; 2924 goto out; 2925 } 2926 state->idev = __in_dev_get_rcu(state->dev); 2927 if (!state->idev) 2928 continue; 2929 state->im = rcu_dereference(state->idev->mc_list); 2930 } 2931 if (!state->im) 2932 break; 2933 spin_lock_bh(&state->im->lock); 2934 psf = state->im->sources; 2935 } 2936 out: 2937 return psf; 2938 } 2939 2940 static struct ip_sf_list *igmp_mcf_get_idx(struct seq_file *seq, loff_t pos) 2941 { 2942 struct ip_sf_list *psf = igmp_mcf_get_first(seq); 2943 if (psf) 2944 while (pos && (psf = igmp_mcf_get_next(seq, psf)) != NULL) 2945 --pos; 2946 return pos ? NULL : psf; 2947 } 2948 2949 static void *igmp_mcf_seq_start(struct seq_file *seq, loff_t *pos) 2950 __acquires(rcu) 2951 { 2952 rcu_read_lock(); 2953 return *pos ? igmp_mcf_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; 2954 } 2955 2956 static void *igmp_mcf_seq_next(struct seq_file *seq, void *v, loff_t *pos) 2957 { 2958 struct ip_sf_list *psf; 2959 if (v == SEQ_START_TOKEN) 2960 psf = igmp_mcf_get_first(seq); 2961 else 2962 psf = igmp_mcf_get_next(seq, v); 2963 ++*pos; 2964 return psf; 2965 } 2966 2967 static void igmp_mcf_seq_stop(struct seq_file *seq, void *v) 2968 __releases(rcu) 2969 { 2970 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2971 if (likely(state->im)) { 2972 spin_unlock_bh(&state->im->lock); 2973 state->im = NULL; 2974 } 2975 state->idev = NULL; 2976 state->dev = NULL; 2977 rcu_read_unlock(); 2978 } 2979 2980 static int igmp_mcf_seq_show(struct seq_file *seq, void *v) 2981 { 2982 struct ip_sf_list *psf = (struct ip_sf_list *)v; 2983 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq); 2984 2985 if (v == SEQ_START_TOKEN) { 2986 seq_puts(seq, "Idx Device MCA SRC INC EXC\n"); 2987 } else { 2988 seq_printf(seq, 2989 "%3d %6.6s 0x%08x " 2990 "0x%08x %6lu %6lu\n", 2991 state->dev->ifindex, state->dev->name, 2992 ntohl(state->im->multiaddr), 2993 ntohl(psf->sf_inaddr), 2994 psf->sf_count[MCAST_INCLUDE], 2995 psf->sf_count[MCAST_EXCLUDE]); 2996 } 2997 return 0; 2998 } 2999 3000 static const struct seq_operations igmp_mcf_seq_ops = { 3001 .start = igmp_mcf_seq_start, 3002 .next = igmp_mcf_seq_next, 3003 .stop = igmp_mcf_seq_stop, 3004 .show = igmp_mcf_seq_show, 3005 }; 3006 3007 static int __net_init igmp_net_init(struct net *net) 3008 { 3009 struct proc_dir_entry *pde; 3010 int err; 3011 3012 pde = proc_create_net("igmp", 0444, net->proc_net, &igmp_mc_seq_ops, 3013 sizeof(struct igmp_mc_iter_state)); 3014 if (!pde) 3015 goto out_igmp; 3016 pde = proc_create_net("mcfilter", 0444, net->proc_net, 3017 &igmp_mcf_seq_ops, sizeof(struct igmp_mcf_iter_state)); 3018 if (!pde) 3019 goto out_mcfilter; 3020 err = inet_ctl_sock_create(&net->ipv4.mc_autojoin_sk, AF_INET, 3021 SOCK_DGRAM, 0, net); 3022 if (err < 0) { 3023 pr_err("Failed to initialize the IGMP autojoin socket (err %d)\n", 3024 err); 3025 goto out_sock; 3026 } 3027 3028 return 0; 3029 3030 out_sock: 3031 remove_proc_entry("mcfilter", net->proc_net); 3032 out_mcfilter: 3033 remove_proc_entry("igmp", net->proc_net); 3034 out_igmp: 3035 return -ENOMEM; 3036 } 3037 3038 static void __net_exit igmp_net_exit(struct net *net) 3039 { 3040 remove_proc_entry("mcfilter", net->proc_net); 3041 remove_proc_entry("igmp", net->proc_net); 3042 inet_ctl_sock_destroy(net->ipv4.mc_autojoin_sk); 3043 } 3044 3045 static struct pernet_operations igmp_net_ops = { 3046 .init = igmp_net_init, 3047 .exit = igmp_net_exit, 3048 }; 3049 #endif 3050 3051 static int igmp_netdev_event(struct notifier_block *this, 3052 unsigned long event, void *ptr) 3053 { 3054 struct net_device *dev = netdev_notifier_info_to_dev(ptr); 3055 struct in_device *in_dev; 3056 3057 switch (event) { 3058 case NETDEV_RESEND_IGMP: 3059 in_dev = __in_dev_get_rtnl(dev); 3060 if (in_dev) 3061 ip_mc_rejoin_groups(in_dev); 3062 break; 3063 default: 3064 break; 3065 } 3066 return NOTIFY_DONE; 3067 } 3068 3069 static struct notifier_block igmp_notifier = { 3070 .notifier_call = igmp_netdev_event, 3071 }; 3072 3073 int __init igmp_mc_init(void) 3074 { 3075 #if defined(CONFIG_PROC_FS) 3076 int err; 3077 3078 err = register_pernet_subsys(&igmp_net_ops); 3079 if (err) 3080 return err; 3081 err = register_netdevice_notifier(&igmp_notifier); 3082 if (err) 3083 goto reg_notif_fail; 3084 return 0; 3085 3086 reg_notif_fail: 3087 unregister_pernet_subsys(&igmp_net_ops); 3088 return err; 3089 #else 3090 return register_netdevice_notifier(&igmp_notifier); 3091 #endif 3092 } 3093