~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/bridge/br_multicast.c

Version: ~ [ linux-5.6 ] ~ [ linux-5.5.13 ] ~ [ linux-5.4.28 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.113 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.174 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.217 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.217 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.82 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * Bridge multicast support.
  3  *
  4  * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au>
  5  *
  6  * This program is free software; you can redistribute it and/or modify it
  7  * under the terms of the GNU General Public License as published by the Free
  8  * Software Foundation; either version 2 of the License, or (at your option)
  9  * any later version.
 10  *
 11  */
 12 
 13 #include <linux/err.h>
 14 #include <linux/if_ether.h>
 15 #include <linux/igmp.h>
 16 #include <linux/jhash.h>
 17 #include <linux/kernel.h>
 18 #include <linux/log2.h>
 19 #include <linux/netdevice.h>
 20 #include <linux/netfilter_bridge.h>
 21 #include <linux/random.h>
 22 #include <linux/rculist.h>
 23 #include <linux/skbuff.h>
 24 #include <linux/slab.h>
 25 #include <linux/timer.h>
 26 #include <net/ip.h>
 27 #if IS_ENABLED(CONFIG_IPV6)
 28 #include <net/ipv6.h>
 29 #include <net/mld.h>
 30 #include <net/ip6_checksum.h>
 31 #endif
 32 
 33 #include "br_private.h"
 34 
 35 static void br_multicast_start_querier(struct net_bridge *br);
 36 unsigned int br_mdb_rehash_seq;
 37 
 38 static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b)
 39 {
 40         if (a->proto != b->proto)
 41                 return 0;
 42         if (a->vid != b->vid)
 43                 return 0;
 44         switch (a->proto) {
 45         case htons(ETH_P_IP):
 46                 return a->u.ip4 == b->u.ip4;
 47 #if IS_ENABLED(CONFIG_IPV6)
 48         case htons(ETH_P_IPV6):
 49                 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6);
 50 #endif
 51         }
 52         return 0;
 53 }
 54 
 55 static inline int __br_ip4_hash(struct net_bridge_mdb_htable *mdb, __be32 ip,
 56                                 __u16 vid)
 57 {
 58         return jhash_2words((__force u32)ip, vid, mdb->secret) & (mdb->max - 1);
 59 }
 60 
 61 #if IS_ENABLED(CONFIG_IPV6)
 62 static inline int __br_ip6_hash(struct net_bridge_mdb_htable *mdb,
 63                                 const struct in6_addr *ip,
 64                                 __u16 vid)
 65 {
 66         return jhash_2words(ipv6_addr_hash(ip), vid,
 67                             mdb->secret) & (mdb->max - 1);
 68 }
 69 #endif
 70 
 71 static inline int br_ip_hash(struct net_bridge_mdb_htable *mdb,
 72                              struct br_ip *ip)
 73 {
 74         switch (ip->proto) {
 75         case htons(ETH_P_IP):
 76                 return __br_ip4_hash(mdb, ip->u.ip4, ip->vid);
 77 #if IS_ENABLED(CONFIG_IPV6)
 78         case htons(ETH_P_IPV6):
 79                 return __br_ip6_hash(mdb, &ip->u.ip6, ip->vid);
 80 #endif
 81         }
 82         return 0;
 83 }
 84 
 85 static struct net_bridge_mdb_entry *__br_mdb_ip_get(
 86         struct net_bridge_mdb_htable *mdb, struct br_ip *dst, int hash)
 87 {
 88         struct net_bridge_mdb_entry *mp;
 89 
 90         hlist_for_each_entry_rcu(mp, &mdb->mhash[hash], hlist[mdb->ver]) {
 91                 if (br_ip_equal(&mp->addr, dst))
 92                         return mp;
 93         }
 94 
 95         return NULL;
 96 }
 97 
 98 struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge_mdb_htable *mdb,
 99                                            struct br_ip *dst)
100 {
101         if (!mdb)
102                 return NULL;
103 
104         return __br_mdb_ip_get(mdb, dst, br_ip_hash(mdb, dst));
105 }
106 
107 static struct net_bridge_mdb_entry *br_mdb_ip4_get(
108         struct net_bridge_mdb_htable *mdb, __be32 dst, __u16 vid)
109 {
110         struct br_ip br_dst;
111 
112         br_dst.u.ip4 = dst;
113         br_dst.proto = htons(ETH_P_IP);
114         br_dst.vid = vid;
115 
116         return br_mdb_ip_get(mdb, &br_dst);
117 }
118 
119 #if IS_ENABLED(CONFIG_IPV6)
120 static struct net_bridge_mdb_entry *br_mdb_ip6_get(
121         struct net_bridge_mdb_htable *mdb, const struct in6_addr *dst,
122         __u16 vid)
123 {
124         struct br_ip br_dst;
125 
126         br_dst.u.ip6 = *dst;
127         br_dst.proto = htons(ETH_P_IPV6);
128         br_dst.vid = vid;
129 
130         return br_mdb_ip_get(mdb, &br_dst);
131 }
132 #endif
133 
134 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br,
135                                         struct sk_buff *skb, u16 vid)
136 {
137         struct net_bridge_mdb_htable *mdb = rcu_dereference(br->mdb);
138         struct br_ip ip;
139 
140         if (br->multicast_disabled)
141                 return NULL;
142 
143         if (BR_INPUT_SKB_CB(skb)->igmp)
144                 return NULL;
145 
146         ip.proto = skb->protocol;
147         ip.vid = vid;
148 
149         switch (skb->protocol) {
150         case htons(ETH_P_IP):
151                 ip.u.ip4 = ip_hdr(skb)->daddr;
152                 break;
153 #if IS_ENABLED(CONFIG_IPV6)
154         case htons(ETH_P_IPV6):
155                 ip.u.ip6 = ipv6_hdr(skb)->daddr;
156                 break;
157 #endif
158         default:
159                 return NULL;
160         }
161 
162         return br_mdb_ip_get(mdb, &ip);
163 }
164 
165 static void br_mdb_free(struct rcu_head *head)
166 {
167         struct net_bridge_mdb_htable *mdb =
168                 container_of(head, struct net_bridge_mdb_htable, rcu);
169         struct net_bridge_mdb_htable *old = mdb->old;
170 
171         mdb->old = NULL;
172         kfree(old->mhash);
173         kfree(old);
174 }
175 
176 static int br_mdb_copy(struct net_bridge_mdb_htable *new,
177                        struct net_bridge_mdb_htable *old,
178                        int elasticity)
179 {
180         struct net_bridge_mdb_entry *mp;
181         int maxlen;
182         int len;
183         int i;
184 
185         for (i = 0; i < old->max; i++)
186                 hlist_for_each_entry(mp, &old->mhash[i], hlist[old->ver])
187                         hlist_add_head(&mp->hlist[new->ver],
188                                        &new->mhash[br_ip_hash(new, &mp->addr)]);
189 
190         if (!elasticity)
191                 return 0;
192 
193         maxlen = 0;
194         for (i = 0; i < new->max; i++) {
195                 len = 0;
196                 hlist_for_each_entry(mp, &new->mhash[i], hlist[new->ver])
197                         len++;
198                 if (len > maxlen)
199                         maxlen = len;
200         }
201 
202         return maxlen > elasticity ? -EINVAL : 0;
203 }
204 
205 void br_multicast_free_pg(struct rcu_head *head)
206 {
207         struct net_bridge_port_group *p =
208                 container_of(head, struct net_bridge_port_group, rcu);
209 
210         kfree(p);
211 }
212 
213 static void br_multicast_free_group(struct rcu_head *head)
214 {
215         struct net_bridge_mdb_entry *mp =
216                 container_of(head, struct net_bridge_mdb_entry, rcu);
217 
218         kfree(mp);
219 }
220 
221 static void br_multicast_group_expired(unsigned long data)
222 {
223         struct net_bridge_mdb_entry *mp = (void *)data;
224         struct net_bridge *br = mp->br;
225         struct net_bridge_mdb_htable *mdb;
226 
227         spin_lock(&br->multicast_lock);
228         if (!netif_running(br->dev) || timer_pending(&mp->timer))
229                 goto out;
230 
231         mp->mglist = false;
232 
233         if (mp->ports)
234                 goto out;
235 
236         mdb = mlock_dereference(br->mdb, br);
237 
238         hlist_del_rcu(&mp->hlist[mdb->ver]);
239         mdb->size--;
240 
241         call_rcu_bh(&mp->rcu, br_multicast_free_group);
242 
243 out:
244         spin_unlock(&br->multicast_lock);
245 }
246 
247 static void br_multicast_del_pg(struct net_bridge *br,
248                                 struct net_bridge_port_group *pg)
249 {
250         struct net_bridge_mdb_htable *mdb;
251         struct net_bridge_mdb_entry *mp;
252         struct net_bridge_port_group *p;
253         struct net_bridge_port_group __rcu **pp;
254 
255         mdb = mlock_dereference(br->mdb, br);
256 
257         mp = br_mdb_ip_get(mdb, &pg->addr);
258         if (WARN_ON(!mp))
259                 return;
260 
261         for (pp = &mp->ports;
262              (p = mlock_dereference(*pp, br)) != NULL;
263              pp = &p->next) {
264                 if (p != pg)
265                         continue;
266 
267                 rcu_assign_pointer(*pp, p->next);
268                 hlist_del_init(&p->mglist);
269                 del_timer(&p->timer);
270                 call_rcu_bh(&p->rcu, br_multicast_free_pg);
271 
272                 if (!mp->ports && !mp->mglist &&
273                     netif_running(br->dev))
274                         mod_timer(&mp->timer, jiffies);
275 
276                 return;
277         }
278 
279         WARN_ON(1);
280 }
281 
282 static void br_multicast_port_group_expired(unsigned long data)
283 {
284         struct net_bridge_port_group *pg = (void *)data;
285         struct net_bridge *br = pg->port->br;
286 
287         spin_lock(&br->multicast_lock);
288         if (!netif_running(br->dev) || timer_pending(&pg->timer) ||
289             hlist_unhashed(&pg->mglist) || pg->state & MDB_PERMANENT)
290                 goto out;
291 
292         br_multicast_del_pg(br, pg);
293 
294 out:
295         spin_unlock(&br->multicast_lock);
296 }
297 
298 static int br_mdb_rehash(struct net_bridge_mdb_htable __rcu **mdbp, int max,
299                          int elasticity)
300 {
301         struct net_bridge_mdb_htable *old = rcu_dereference_protected(*mdbp, 1);
302         struct net_bridge_mdb_htable *mdb;
303         int err;
304 
305         mdb = kmalloc(sizeof(*mdb), GFP_ATOMIC);
306         if (!mdb)
307                 return -ENOMEM;
308 
309         mdb->max = max;
310         mdb->old = old;
311 
312         mdb->mhash = kzalloc(max * sizeof(*mdb->mhash), GFP_ATOMIC);
313         if (!mdb->mhash) {
314                 kfree(mdb);
315                 return -ENOMEM;
316         }
317 
318         mdb->size = old ? old->size : 0;
319         mdb->ver = old ? old->ver ^ 1 : 0;
320 
321         if (!old || elasticity)
322                 get_random_bytes(&mdb->secret, sizeof(mdb->secret));
323         else
324                 mdb->secret = old->secret;
325 
326         if (!old)
327                 goto out;
328 
329         err = br_mdb_copy(mdb, old, elasticity);
330         if (err) {
331                 kfree(mdb->mhash);
332                 kfree(mdb);
333                 return err;
334         }
335 
336         br_mdb_rehash_seq++;
337         call_rcu_bh(&mdb->rcu, br_mdb_free);
338 
339 out:
340         rcu_assign_pointer(*mdbp, mdb);
341 
342         return 0;
343 }
344 
345 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br,
346                                                     __be32 group)
347 {
348         struct sk_buff *skb;
349         struct igmphdr *ih;
350         struct ethhdr *eth;
351         struct iphdr *iph;
352 
353         skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) +
354                                                  sizeof(*ih) + 4);
355         if (!skb)
356                 goto out;
357 
358         skb->protocol = htons(ETH_P_IP);
359 
360         skb_reset_mac_header(skb);
361         eth = eth_hdr(skb);
362 
363         memcpy(eth->h_source, br->dev->dev_addr, 6);
364         eth->h_dest[0] = 1;
365         eth->h_dest[1] = 0;
366         eth->h_dest[2] = 0x5e;
367         eth->h_dest[3] = 0;
368         eth->h_dest[4] = 0;
369         eth->h_dest[5] = 1;
370         eth->h_proto = htons(ETH_P_IP);
371         skb_put(skb, sizeof(*eth));
372 
373         skb_set_network_header(skb, skb->len);
374         iph = ip_hdr(skb);
375 
376         iph->version = 4;
377         iph->ihl = 6;
378         iph->tos = 0xc0;
379         iph->tot_len = htons(sizeof(*iph) + sizeof(*ih) + 4);
380         iph->id = 0;
381         iph->frag_off = htons(IP_DF);
382         iph->ttl = 1;
383         iph->protocol = IPPROTO_IGMP;
384         iph->saddr = 0;
385         iph->daddr = htonl(INADDR_ALLHOSTS_GROUP);
386         ((u8 *)&iph[1])[0] = IPOPT_RA;
387         ((u8 *)&iph[1])[1] = 4;
388         ((u8 *)&iph[1])[2] = 0;
389         ((u8 *)&iph[1])[3] = 0;
390         ip_send_check(iph);
391         skb_put(skb, 24);
392 
393         skb_set_transport_header(skb, skb->len);
394         ih = igmp_hdr(skb);
395         ih->type = IGMP_HOST_MEMBERSHIP_QUERY;
396         ih->code = (group ? br->multicast_last_member_interval :
397                             br->multicast_query_response_interval) /
398                    (HZ / IGMP_TIMER_SCALE);
399         ih->group = group;
400         ih->csum = 0;
401         ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr));
402         skb_put(skb, sizeof(*ih));
403 
404         __skb_pull(skb, sizeof(*eth));
405 
406 out:
407         return skb;
408 }
409 
410 #if IS_ENABLED(CONFIG_IPV6)
411 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br,
412                                                     const struct in6_addr *group)
413 {
414         struct sk_buff *skb;
415         struct ipv6hdr *ip6h;
416         struct mld_msg *mldq;
417         struct ethhdr *eth;
418         u8 *hopopt;
419         unsigned long interval;
420 
421         skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) +
422                                                  8 + sizeof(*mldq));
423         if (!skb)
424                 goto out;
425 
426         skb->protocol = htons(ETH_P_IPV6);
427 
428         /* Ethernet header */
429         skb_reset_mac_header(skb);
430         eth = eth_hdr(skb);
431 
432         memcpy(eth->h_source, br->dev->dev_addr, 6);
433         eth->h_proto = htons(ETH_P_IPV6);
434         skb_put(skb, sizeof(*eth));
435 
436         /* IPv6 header + HbH option */
437         skb_set_network_header(skb, skb->len);
438         ip6h = ipv6_hdr(skb);
439 
440         *(__force __be32 *)ip6h = htonl(0x60000000);
441         ip6h->payload_len = htons(8 + sizeof(*mldq));
442         ip6h->nexthdr = IPPROTO_HOPOPTS;
443         ip6h->hop_limit = 1;
444         ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1));
445         if (ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0,
446                                &ip6h->saddr)) {
447                 kfree_skb(skb);
448                 return NULL;
449         }
450         ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest);
451 
452         hopopt = (u8 *)(ip6h + 1);
453         hopopt[0] = IPPROTO_ICMPV6;             /* next hdr */
454         hopopt[1] = 0;                          /* length of HbH */
455         hopopt[2] = IPV6_TLV_ROUTERALERT;       /* Router Alert */
456         hopopt[3] = 2;                          /* Length of RA Option */
457         hopopt[4] = 0;                          /* Type = 0x0000 (MLD) */
458         hopopt[5] = 0;
459         hopopt[6] = IPV6_TLV_PAD1;              /* Pad1 */
460         hopopt[7] = IPV6_TLV_PAD1;              /* Pad1 */
461 
462         skb_put(skb, sizeof(*ip6h) + 8);
463 
464         /* ICMPv6 */
465         skb_set_transport_header(skb, skb->len);
466         mldq = (struct mld_msg *) icmp6_hdr(skb);
467 
468         interval = ipv6_addr_any(group) ?
469                         br->multicast_query_response_interval :
470                         br->multicast_last_member_interval;
471 
472         mldq->mld_type = ICMPV6_MGM_QUERY;
473         mldq->mld_code = 0;
474         mldq->mld_cksum = 0;
475         mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval));
476         mldq->mld_reserved = 0;
477         mldq->mld_mca = *group;
478 
479         /* checksum */
480         mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr,
481                                           sizeof(*mldq), IPPROTO_ICMPV6,
482                                           csum_partial(mldq,
483                                                        sizeof(*mldq), 0));
484         skb_put(skb, sizeof(*mldq));
485 
486         __skb_pull(skb, sizeof(*eth));
487 
488 out:
489         return skb;
490 }
491 #endif
492 
493 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br,
494                                                 struct br_ip *addr)
495 {
496         switch (addr->proto) {
497         case htons(ETH_P_IP):
498                 return br_ip4_multicast_alloc_query(br, addr->u.ip4);
499 #if IS_ENABLED(CONFIG_IPV6)
500         case htons(ETH_P_IPV6):
501                 return br_ip6_multicast_alloc_query(br, &addr->u.ip6);
502 #endif
503         }
504         return NULL;
505 }
506 
507 static struct net_bridge_mdb_entry *br_multicast_get_group(
508         struct net_bridge *br, struct net_bridge_port *port,
509         struct br_ip *group, int hash)
510 {
511         struct net_bridge_mdb_htable *mdb;
512         struct net_bridge_mdb_entry *mp;
513         unsigned int count = 0;
514         unsigned int max;
515         int elasticity;
516         int err;
517 
518         mdb = rcu_dereference_protected(br->mdb, 1);
519         hlist_for_each_entry(mp, &mdb->mhash[hash], hlist[mdb->ver]) {
520                 count++;
521                 if (unlikely(br_ip_equal(group, &mp->addr)))
522                         return mp;
523         }
524 
525         elasticity = 0;
526         max = mdb->max;
527 
528         if (unlikely(count > br->hash_elasticity && count)) {
529                 if (net_ratelimit())
530                         br_info(br, "Multicast hash table "
531                                 "chain limit reached: %s\n",
532                                 port ? port->dev->name : br->dev->name);
533 
534                 elasticity = br->hash_elasticity;
535         }
536 
537         if (mdb->size >= max) {
538                 max *= 2;
539                 if (unlikely(max > br->hash_max)) {
540                         br_warn(br, "Multicast hash table maximum of %d "
541                                 "reached, disabling snooping: %s\n",
542                                 br->hash_max,
543                                 port ? port->dev->name : br->dev->name);
544                         err = -E2BIG;
545 disable:
546                         br->multicast_disabled = 1;
547                         goto err;
548                 }
549         }
550 
551         if (max > mdb->max || elasticity) {
552                 if (mdb->old) {
553                         if (net_ratelimit())
554                                 br_info(br, "Multicast hash table "
555                                         "on fire: %s\n",
556                                         port ? port->dev->name : br->dev->name);
557                         err = -EEXIST;
558                         goto err;
559                 }
560 
561                 err = br_mdb_rehash(&br->mdb, max, elasticity);
562                 if (err) {
563                         br_warn(br, "Cannot rehash multicast "
564                                 "hash table, disabling snooping: %s, %d, %d\n",
565                                 port ? port->dev->name : br->dev->name,
566                                 mdb->size, err);
567                         goto disable;
568                 }
569 
570                 err = -EAGAIN;
571                 goto err;
572         }
573 
574         return NULL;
575 
576 err:
577         mp = ERR_PTR(err);
578         return mp;
579 }
580 
581 struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br,
582         struct net_bridge_port *port, struct br_ip *group)
583 {
584         struct net_bridge_mdb_htable *mdb;
585         struct net_bridge_mdb_entry *mp;
586         int hash;
587         int err;
588 
589         mdb = rcu_dereference_protected(br->mdb, 1);
590         if (!mdb) {
591                 err = br_mdb_rehash(&br->mdb, BR_HASH_SIZE, 0);
592                 if (err)
593                         return ERR_PTR(err);
594                 goto rehash;
595         }
596 
597         hash = br_ip_hash(mdb, group);
598         mp = br_multicast_get_group(br, port, group, hash);
599         switch (PTR_ERR(mp)) {
600         case 0:
601                 break;
602 
603         case -EAGAIN:
604 rehash:
605                 mdb = rcu_dereference_protected(br->mdb, 1);
606                 hash = br_ip_hash(mdb, group);
607                 break;
608 
609         default:
610                 goto out;
611         }
612 
613         mp = kzalloc(sizeof(*mp), GFP_ATOMIC);
614         if (unlikely(!mp))
615                 return ERR_PTR(-ENOMEM);
616 
617         mp->br = br;
618         mp->addr = *group;
619         setup_timer(&mp->timer, br_multicast_group_expired,
620                     (unsigned long)mp);
621 
622         hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]);
623         mdb->size++;
624 
625 out:
626         return mp;
627 }
628 
629 struct net_bridge_port_group *br_multicast_new_port_group(
630                         struct net_bridge_port *port,
631                         struct br_ip *group,
632                         struct net_bridge_port_group __rcu *next,
633                         unsigned char state)
634 {
635         struct net_bridge_port_group *p;
636 
637         p = kzalloc(sizeof(*p), GFP_ATOMIC);
638         if (unlikely(!p))
639                 return NULL;
640 
641         p->addr = *group;
642         p->port = port;
643         p->state = state;
644         rcu_assign_pointer(p->next, next);
645         hlist_add_head(&p->mglist, &port->mglist);
646         setup_timer(&p->timer, br_multicast_port_group_expired,
647                     (unsigned long)p);
648         return p;
649 }
650 
651 static int br_multicast_add_group(struct net_bridge *br,
652                                   struct net_bridge_port *port,
653                                   struct br_ip *group)
654 {
655         struct net_bridge_mdb_entry *mp;
656         struct net_bridge_port_group *p;
657         struct net_bridge_port_group __rcu **pp;
658         unsigned long now = jiffies;
659         int err;
660 
661         spin_lock(&br->multicast_lock);
662         if (!netif_running(br->dev) ||
663             (port && port->state == BR_STATE_DISABLED))
664                 goto out;
665 
666         mp = br_multicast_new_group(br, port, group);
667         err = PTR_ERR(mp);
668         if (IS_ERR(mp))
669                 goto err;
670 
671         if (!port) {
672                 mp->mglist = true;
673                 mod_timer(&mp->timer, now + br->multicast_membership_interval);
674                 goto out;
675         }
676 
677         for (pp = &mp->ports;
678              (p = mlock_dereference(*pp, br)) != NULL;
679              pp = &p->next) {
680                 if (p->port == port)
681                         goto found;
682                 if ((unsigned long)p->port < (unsigned long)port)
683                         break;
684         }
685 
686         p = br_multicast_new_port_group(port, group, *pp, MDB_TEMPORARY);
687         if (unlikely(!p))
688                 goto err;
689         rcu_assign_pointer(*pp, p);
690         br_mdb_notify(br->dev, port, group, RTM_NEWMDB);
691 
692 found:
693         mod_timer(&p->timer, now + br->multicast_membership_interval);
694 out:
695         err = 0;
696 
697 err:
698         spin_unlock(&br->multicast_lock);
699         return err;
700 }
701 
702 static int br_ip4_multicast_add_group(struct net_bridge *br,
703                                       struct net_bridge_port *port,
704                                       __be32 group,
705                                       __u16 vid)
706 {
707         struct br_ip br_group;
708 
709         if (ipv4_is_local_multicast(group))
710                 return 0;
711 
712         br_group.u.ip4 = group;
713         br_group.proto = htons(ETH_P_IP);
714         br_group.vid = vid;
715 
716         return br_multicast_add_group(br, port, &br_group);
717 }
718 
719 #if IS_ENABLED(CONFIG_IPV6)
720 static int br_ip6_multicast_add_group(struct net_bridge *br,
721                                       struct net_bridge_port *port,
722                                       const struct in6_addr *group,
723                                       __u16 vid)
724 {
725         struct br_ip br_group;
726 
727         if (!ipv6_is_transient_multicast(group))
728                 return 0;
729 
730         br_group.u.ip6 = *group;
731         br_group.proto = htons(ETH_P_IPV6);
732         br_group.vid = vid;
733 
734         return br_multicast_add_group(br, port, &br_group);
735 }
736 #endif
737 
738 static void br_multicast_router_expired(unsigned long data)
739 {
740         struct net_bridge_port *port = (void *)data;
741         struct net_bridge *br = port->br;
742 
743         spin_lock(&br->multicast_lock);
744         if (port->multicast_router != 1 ||
745             timer_pending(&port->multicast_router_timer) ||
746             hlist_unhashed(&port->rlist))
747                 goto out;
748 
749         hlist_del_init_rcu(&port->rlist);
750 
751 out:
752         spin_unlock(&br->multicast_lock);
753 }
754 
755 static void br_multicast_local_router_expired(unsigned long data)
756 {
757 }
758 
759 static void br_multicast_querier_expired(unsigned long data)
760 {
761         struct net_bridge *br = (void *)data;
762 
763         spin_lock(&br->multicast_lock);
764         if (!netif_running(br->dev) || br->multicast_disabled)
765                 goto out;
766 
767         br_multicast_start_querier(br);
768 
769 out:
770         spin_unlock(&br->multicast_lock);
771 }
772 
773 static void __br_multicast_send_query(struct net_bridge *br,
774                                       struct net_bridge_port *port,
775                                       struct br_ip *ip)
776 {
777         struct sk_buff *skb;
778 
779         skb = br_multicast_alloc_query(br, ip);
780         if (!skb)
781                 return;
782 
783         if (port) {
784                 __skb_push(skb, sizeof(struct ethhdr));
785                 skb->dev = port->dev;
786                 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
787                         dev_queue_xmit);
788         } else
789                 netif_rx(skb);
790 }
791 
792 static void br_multicast_send_query(struct net_bridge *br,
793                                     struct net_bridge_port *port, u32 sent)
794 {
795         unsigned long time;
796         struct br_ip br_group;
797 
798         if (!netif_running(br->dev) || br->multicast_disabled ||
799             !br->multicast_querier ||
800             timer_pending(&br->multicast_querier_timer))
801                 return;
802 
803         memset(&br_group.u, 0, sizeof(br_group.u));
804 
805         br_group.proto = htons(ETH_P_IP);
806         __br_multicast_send_query(br, port, &br_group);
807 
808 #if IS_ENABLED(CONFIG_IPV6)
809         br_group.proto = htons(ETH_P_IPV6);
810         __br_multicast_send_query(br, port, &br_group);
811 #endif
812 
813         time = jiffies;
814         time += sent < br->multicast_startup_query_count ?
815                 br->multicast_startup_query_interval :
816                 br->multicast_query_interval;
817         mod_timer(port ? &port->multicast_query_timer :
818                          &br->multicast_query_timer, time);
819 }
820 
821 static void br_multicast_port_query_expired(unsigned long data)
822 {
823         struct net_bridge_port *port = (void *)data;
824         struct net_bridge *br = port->br;
825 
826         spin_lock(&br->multicast_lock);
827         if (port->state == BR_STATE_DISABLED ||
828             port->state == BR_STATE_BLOCKING)
829                 goto out;
830 
831         if (port->multicast_startup_queries_sent <
832             br->multicast_startup_query_count)
833                 port->multicast_startup_queries_sent++;
834 
835         br_multicast_send_query(port->br, port,
836                                 port->multicast_startup_queries_sent);
837 
838 out:
839         spin_unlock(&br->multicast_lock);
840 }
841 
842 void br_multicast_add_port(struct net_bridge_port *port)
843 {
844         port->multicast_router = 1;
845 
846         setup_timer(&port->multicast_router_timer, br_multicast_router_expired,
847                     (unsigned long)port);
848         setup_timer(&port->multicast_query_timer,
849                     br_multicast_port_query_expired, (unsigned long)port);
850 }
851 
852 void br_multicast_del_port(struct net_bridge_port *port)
853 {
854         del_timer_sync(&port->multicast_router_timer);
855 }
856 
857 static void __br_multicast_enable_port(struct net_bridge_port *port)
858 {
859         port->multicast_startup_queries_sent = 0;
860 
861         if (try_to_del_timer_sync(&port->multicast_query_timer) >= 0 ||
862             del_timer(&port->multicast_query_timer))
863                 mod_timer(&port->multicast_query_timer, jiffies);
864 }
865 
866 void br_multicast_enable_port(struct net_bridge_port *port)
867 {
868         struct net_bridge *br = port->br;
869 
870         spin_lock(&br->multicast_lock);
871         if (br->multicast_disabled || !netif_running(br->dev))
872                 goto out;
873 
874         __br_multicast_enable_port(port);
875 
876 out:
877         spin_unlock(&br->multicast_lock);
878 }
879 
880 void br_multicast_disable_port(struct net_bridge_port *port)
881 {
882         struct net_bridge *br = port->br;
883         struct net_bridge_port_group *pg;
884         struct hlist_node *n;
885 
886         spin_lock(&br->multicast_lock);
887         hlist_for_each_entry_safe(pg, n, &port->mglist, mglist)
888                 br_multicast_del_pg(br, pg);
889 
890         if (!hlist_unhashed(&port->rlist))
891                 hlist_del_init_rcu(&port->rlist);
892         del_timer(&port->multicast_router_timer);
893         del_timer(&port->multicast_query_timer);
894         spin_unlock(&br->multicast_lock);
895 }
896 
897 static int br_ip4_multicast_igmp3_report(struct net_bridge *br,
898                                          struct net_bridge_port *port,
899                                          struct sk_buff *skb)
900 {
901         struct igmpv3_report *ih;
902         struct igmpv3_grec *grec;
903         int i;
904         int len;
905         int num;
906         int type;
907         int err = 0;
908         __be32 group;
909         u16 vid = 0;
910 
911         if (!pskb_may_pull(skb, sizeof(*ih)))
912                 return -EINVAL;
913 
914         br_vlan_get_tag(skb, &vid);
915         ih = igmpv3_report_hdr(skb);
916         num = ntohs(ih->ngrec);
917         len = sizeof(*ih);
918 
919         for (i = 0; i < num; i++) {
920                 len += sizeof(*grec);
921                 if (!pskb_may_pull(skb, len))
922                         return -EINVAL;
923 
924                 grec = (void *)(skb->data + len - sizeof(*grec));
925                 group = grec->grec_mca;
926                 type = grec->grec_type;
927 
928                 len += ntohs(grec->grec_nsrcs) * 4;
929                 if (!pskb_may_pull(skb, len))
930                         return -EINVAL;
931 
932                 /* We treat this as an IGMPv2 report for now. */
933                 switch (type) {
934                 case IGMPV3_MODE_IS_INCLUDE:
935                 case IGMPV3_MODE_IS_EXCLUDE:
936                 case IGMPV3_CHANGE_TO_INCLUDE:
937                 case IGMPV3_CHANGE_TO_EXCLUDE:
938                 case IGMPV3_ALLOW_NEW_SOURCES:
939                 case IGMPV3_BLOCK_OLD_SOURCES:
940                         break;
941 
942                 default:
943                         continue;
944                 }
945 
946                 err = br_ip4_multicast_add_group(br, port, group, vid);
947                 if (err)
948                         break;
949         }
950 
951         return err;
952 }
953 
954 #if IS_ENABLED(CONFIG_IPV6)
955 static int br_ip6_multicast_mld2_report(struct net_bridge *br,
956                                         struct net_bridge_port *port,
957                                         struct sk_buff *skb)
958 {
959         struct icmp6hdr *icmp6h;
960         struct mld2_grec *grec;
961         int i;
962         int len;
963         int num;
964         int err = 0;
965         u16 vid = 0;
966 
967         if (!pskb_may_pull(skb, sizeof(*icmp6h)))
968                 return -EINVAL;
969 
970         br_vlan_get_tag(skb, &vid);
971         icmp6h = icmp6_hdr(skb);
972         num = ntohs(icmp6h->icmp6_dataun.un_data16[1]);
973         len = sizeof(*icmp6h);
974 
975         for (i = 0; i < num; i++) {
976                 __be16 *nsrcs, _nsrcs;
977 
978                 nsrcs = skb_header_pointer(skb,
979                                            len + offsetof(struct mld2_grec,
980                                                           grec_nsrcs),
981                                            sizeof(_nsrcs), &_nsrcs);
982                 if (!nsrcs)
983                         return -EINVAL;
984 
985                 if (!pskb_may_pull(skb,
986                                    len + sizeof(*grec) +
987                                    sizeof(struct in6_addr) * ntohs(*nsrcs)))
988                         return -EINVAL;
989 
990                 grec = (struct mld2_grec *)(skb->data + len);
991                 len += sizeof(*grec) +
992                        sizeof(struct in6_addr) * ntohs(*nsrcs);
993 
994                 /* We treat these as MLDv1 reports for now. */
995                 switch (grec->grec_type) {
996                 case MLD2_MODE_IS_INCLUDE:
997                 case MLD2_MODE_IS_EXCLUDE:
998                 case MLD2_CHANGE_TO_INCLUDE:
999                 case MLD2_CHANGE_TO_EXCLUDE:
1000                 case MLD2_ALLOW_NEW_SOURCES:
1001                 case MLD2_BLOCK_OLD_SOURCES:
1002                         break;
1003 
1004                 default:
1005                         continue;
1006                 }
1007 
1008                 err = br_ip6_multicast_add_group(br, port, &grec->grec_mca,
1009                                                  vid);
1010                 if (err)
1011                         break;
1012         }
1013 
1014         return err;
1015 }
1016 #endif
1017 
1018 /*
1019  * Add port to rotuer_list
1020  *  list is maintained ordered by pointer value
1021  *  and locked by br->multicast_lock and RCU
1022  */
1023 static void br_multicast_add_router(struct net_bridge *br,
1024                                     struct net_bridge_port *port)
1025 {
1026         struct net_bridge_port *p;
1027         struct hlist_node *slot = NULL;
1028 
1029         if (!hlist_unhashed(&port->rlist))
1030                 return;
1031 
1032         hlist_for_each_entry(p, &br->router_list, rlist) {
1033                 if ((unsigned long) port >= (unsigned long) p)
1034                         break;
1035                 slot = &p->rlist;
1036         }
1037 
1038         if (slot)
1039                 hlist_add_after_rcu(slot, &port->rlist);
1040         else
1041                 hlist_add_head_rcu(&port->rlist, &br->router_list);
1042 }
1043 
1044 static void br_multicast_mark_router(struct net_bridge *br,
1045                                      struct net_bridge_port *port)
1046 {
1047         unsigned long now = jiffies;
1048 
1049         if (!port) {
1050                 if (br->multicast_router == 1)
1051                         mod_timer(&br->multicast_router_timer,
1052                                   now + br->multicast_querier_interval);
1053                 return;
1054         }
1055 
1056         if (port->multicast_router != 1)
1057                 return;
1058 
1059         br_multicast_add_router(br, port);
1060 
1061         mod_timer(&port->multicast_router_timer,
1062                   now + br->multicast_querier_interval);
1063 }
1064 
1065 static void br_multicast_query_received(struct net_bridge *br,
1066                                         struct net_bridge_port *port,
1067                                         int saddr)
1068 {
1069         if (saddr)
1070                 mod_timer(&br->multicast_querier_timer,
1071                           jiffies + br->multicast_querier_interval);
1072         else if (timer_pending(&br->multicast_querier_timer))
1073                 return;
1074 
1075         br_multicast_mark_router(br, port);
1076 }
1077 
1078 static int br_ip4_multicast_query(struct net_bridge *br,
1079                                   struct net_bridge_port *port,
1080                                   struct sk_buff *skb)
1081 {
1082         const struct iphdr *iph = ip_hdr(skb);
1083         struct igmphdr *ih = igmp_hdr(skb);
1084         struct net_bridge_mdb_entry *mp;
1085         struct igmpv3_query *ih3;
1086         struct net_bridge_port_group *p;
1087         struct net_bridge_port_group __rcu **pp;
1088         unsigned long max_delay;
1089         unsigned long now = jiffies;
1090         __be32 group;
1091         int err = 0;
1092         u16 vid = 0;
1093 
1094         spin_lock(&br->multicast_lock);
1095         if (!netif_running(br->dev) ||
1096             (port && port->state == BR_STATE_DISABLED))
1097                 goto out;
1098 
1099         br_multicast_query_received(br, port, !!iph->saddr);
1100 
1101         group = ih->group;
1102 
1103         if (skb->len == sizeof(*ih)) {
1104                 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE);
1105 
1106                 if (!max_delay) {
1107                         max_delay = 10 * HZ;
1108                         group = 0;
1109                 }
1110         } else {
1111                 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) {
1112                         err = -EINVAL;
1113                         goto out;
1114                 }
1115 
1116                 ih3 = igmpv3_query_hdr(skb);
1117                 if (ih3->nsrcs)
1118                         goto out;
1119 
1120                 max_delay = ih3->code ?
1121                             IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1;
1122         }
1123 
1124         if (!group)
1125                 goto out;
1126 
1127         br_vlan_get_tag(skb, &vid);
1128         mp = br_mdb_ip4_get(mlock_dereference(br->mdb, br), group, vid);
1129         if (!mp)
1130                 goto out;
1131 
1132         max_delay *= br->multicast_last_member_count;
1133 
1134         if (mp->mglist &&
1135             (timer_pending(&mp->timer) ?
1136              time_after(mp->timer.expires, now + max_delay) :
1137              try_to_del_timer_sync(&mp->timer) >= 0))
1138                 mod_timer(&mp->timer, now + max_delay);
1139 
1140         for (pp = &mp->ports;
1141              (p = mlock_dereference(*pp, br)) != NULL;
1142              pp = &p->next) {
1143                 if (timer_pending(&p->timer) ?
1144                     time_after(p->timer.expires, now + max_delay) :
1145                     try_to_del_timer_sync(&p->timer) >= 0)
1146                         mod_timer(&p->timer, now + max_delay);
1147         }
1148 
1149 out:
1150         spin_unlock(&br->multicast_lock);
1151         return err;
1152 }
1153 
1154 #if IS_ENABLED(CONFIG_IPV6)
1155 static int br_ip6_multicast_query(struct net_bridge *br,
1156                                   struct net_bridge_port *port,
1157                                   struct sk_buff *skb)
1158 {
1159         const struct ipv6hdr *ip6h = ipv6_hdr(skb);
1160         struct mld_msg *mld;
1161         struct net_bridge_mdb_entry *mp;
1162         struct mld2_query *mld2q;
1163         struct net_bridge_port_group *p;
1164         struct net_bridge_port_group __rcu **pp;
1165         unsigned long max_delay;
1166         unsigned long now = jiffies;
1167         const struct in6_addr *group = NULL;
1168         int err = 0;
1169         u16 vid = 0;
1170 
1171         spin_lock(&br->multicast_lock);
1172         if (!netif_running(br->dev) ||
1173             (port && port->state == BR_STATE_DISABLED))
1174                 goto out;
1175 
1176         br_multicast_query_received(br, port, !ipv6_addr_any(&ip6h->saddr));
1177 
1178         /* RFC2710+RFC3810 (MLDv1+MLDv2) require link-local source addresses */
1179         if (!(ipv6_addr_type(&ip6h->saddr) & IPV6_ADDR_LINKLOCAL)) {
1180                 err = -EINVAL;
1181                 goto out;
1182         }
1183 
1184         if (skb->len == sizeof(*mld)) {
1185                 if (!pskb_may_pull(skb, sizeof(*mld))) {
1186                         err = -EINVAL;
1187                         goto out;
1188                 }
1189                 mld = (struct mld_msg *) icmp6_hdr(skb);
1190                 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay));
1191                 if (max_delay)
1192                         group = &mld->mld_mca;
1193         } else {
1194                 if (!pskb_may_pull(skb, sizeof(*mld2q))) {
1195                         err = -EINVAL;
1196                         goto out;
1197                 }
1198                 mld2q = (struct mld2_query *)icmp6_hdr(skb);
1199                 if (!mld2q->mld2q_nsrcs)
1200                         group = &mld2q->mld2q_mca;
1201 
1202                 max_delay = max(msecs_to_jiffies(MLDV2_MRC(ntohs(mld2q->mld2q_mrc))), 1UL);
1203         }
1204 
1205         if (!group)
1206                 goto out;
1207 
1208         br_vlan_get_tag(skb, &vid);
1209         mp = br_mdb_ip6_get(mlock_dereference(br->mdb, br), group, vid);
1210         if (!mp)
1211                 goto out;
1212 
1213         max_delay *= br->multicast_last_member_count;
1214         if (mp->mglist &&
1215             (timer_pending(&mp->timer) ?
1216              time_after(mp->timer.expires, now + max_delay) :
1217              try_to_del_timer_sync(&mp->timer) >= 0))
1218                 mod_timer(&mp->timer, now + max_delay);
1219 
1220         for (pp = &mp->ports;
1221              (p = mlock_dereference(*pp, br)) != NULL;
1222              pp = &p->next) {
1223                 if (timer_pending(&p->timer) ?
1224                     time_after(p->timer.expires, now + max_delay) :
1225                     try_to_del_timer_sync(&p->timer) >= 0)
1226                         mod_timer(&p->timer, now + max_delay);
1227         }
1228 
1229 out:
1230         spin_unlock(&br->multicast_lock);
1231         return err;
1232 }
1233 #endif
1234 
1235 static void br_multicast_leave_group(struct net_bridge *br,
1236                                      struct net_bridge_port *port,
1237                                      struct br_ip *group)
1238 {
1239         struct net_bridge_mdb_htable *mdb;
1240         struct net_bridge_mdb_entry *mp;
1241         struct net_bridge_port_group *p;
1242         unsigned long now;
1243         unsigned long time;
1244 
1245         spin_lock(&br->multicast_lock);
1246         if (!netif_running(br->dev) ||
1247             (port && port->state == BR_STATE_DISABLED) ||
1248             timer_pending(&br->multicast_querier_timer))
1249                 goto out;
1250 
1251         mdb = mlock_dereference(br->mdb, br);
1252         mp = br_mdb_ip_get(mdb, group);
1253         if (!mp)
1254                 goto out;
1255 
1256         if (port && (port->flags & BR_MULTICAST_FAST_LEAVE)) {
1257                 struct net_bridge_port_group __rcu **pp;
1258 
1259                 for (pp = &mp->ports;
1260                      (p = mlock_dereference(*pp, br)) != NULL;
1261                      pp = &p->next) {
1262                         if (p->port != port)
1263                                 continue;
1264 
1265                         rcu_assign_pointer(*pp, p->next);
1266                         hlist_del_init(&p->mglist);
1267                         del_timer(&p->timer);
1268                         call_rcu_bh(&p->rcu, br_multicast_free_pg);
1269                         br_mdb_notify(br->dev, port, group, RTM_DELMDB);
1270 
1271                         if (!mp->ports && !mp->mglist &&
1272                             netif_running(br->dev))
1273                                 mod_timer(&mp->timer, jiffies);
1274                 }
1275                 goto out;
1276         }
1277 
1278         now = jiffies;
1279         time = now + br->multicast_last_member_count *
1280                      br->multicast_last_member_interval;
1281 
1282         if (!port) {
1283                 if (mp->mglist &&
1284                     (timer_pending(&mp->timer) ?
1285                      time_after(mp->timer.expires, time) :
1286                      try_to_del_timer_sync(&mp->timer) >= 0)) {
1287                         mod_timer(&mp->timer, time);
1288                 }
1289 
1290                 goto out;
1291         }
1292 
1293         for (p = mlock_dereference(mp->ports, br);
1294              p != NULL;
1295              p = mlock_dereference(p->next, br)) {
1296                 if (p->port != port)
1297                         continue;
1298 
1299                 if (!hlist_unhashed(&p->mglist) &&
1300                     (timer_pending(&p->timer) ?
1301                      time_after(p->timer.expires, time) :
1302                      try_to_del_timer_sync(&p->timer) >= 0)) {
1303                         mod_timer(&p->timer, time);
1304                 }
1305 
1306                 break;
1307         }
1308 
1309 out:
1310         spin_unlock(&br->multicast_lock);
1311 }
1312 
1313 static void br_ip4_multicast_leave_group(struct net_bridge *br,
1314                                          struct net_bridge_port *port,
1315                                          __be32 group,
1316                                          __u16 vid)
1317 {
1318         struct br_ip br_group;
1319 
1320         if (ipv4_is_local_multicast(group))
1321                 return;
1322 
1323         br_group.u.ip4 = group;
1324         br_group.proto = htons(ETH_P_IP);
1325         br_group.vid = vid;
1326 
1327         br_multicast_leave_group(br, port, &br_group);
1328 }
1329 
1330 #if IS_ENABLED(CONFIG_IPV6)
1331 static void br_ip6_multicast_leave_group(struct net_bridge *br,
1332                                          struct net_bridge_port *port,
1333                                          const struct in6_addr *group,
1334                                          __u16 vid)
1335 {
1336         struct br_ip br_group;
1337 
1338         if (!ipv6_is_transient_multicast(group))
1339                 return;
1340 
1341         br_group.u.ip6 = *group;
1342         br_group.proto = htons(ETH_P_IPV6);
1343         br_group.vid = vid;
1344 
1345         br_multicast_leave_group(br, port, &br_group);
1346 }
1347 #endif
1348 
1349 static int br_multicast_ipv4_rcv(struct net_bridge *br,
1350                                  struct net_bridge_port *port,
1351                                  struct sk_buff *skb)
1352 {
1353         struct sk_buff *skb2 = skb;
1354         const struct iphdr *iph;
1355         struct igmphdr *ih;
1356         unsigned int len;
1357         unsigned int offset;
1358         int err;
1359         u16 vid = 0;
1360 
1361         /* We treat OOM as packet loss for now. */
1362         if (!pskb_may_pull(skb, sizeof(*iph)))
1363                 return -EINVAL;
1364 
1365         iph = ip_hdr(skb);
1366 
1367         if (iph->ihl < 5 || iph->version != 4)
1368                 return -EINVAL;
1369 
1370         if (!pskb_may_pull(skb, ip_hdrlen(skb)))
1371                 return -EINVAL;
1372 
1373         iph = ip_hdr(skb);
1374 
1375         if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl)))
1376                 return -EINVAL;
1377 
1378         if (iph->protocol != IPPROTO_IGMP) {
1379                 if (!ipv4_is_local_multicast(iph->daddr))
1380                         BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1381                 return 0;
1382         }
1383 
1384         len = ntohs(iph->tot_len);
1385         if (skb->len < len || len < ip_hdrlen(skb))
1386                 return -EINVAL;
1387 
1388         if (skb->len > len) {
1389                 skb2 = skb_clone(skb, GFP_ATOMIC);
1390                 if (!skb2)
1391                         return -ENOMEM;
1392 
1393                 err = pskb_trim_rcsum(skb2, len);
1394                 if (err)
1395                         goto err_out;
1396         }
1397 
1398         len -= ip_hdrlen(skb2);
1399         offset = skb_network_offset(skb2) + ip_hdrlen(skb2);
1400         __skb_pull(skb2, offset);
1401         skb_reset_transport_header(skb2);
1402 
1403         err = -EINVAL;
1404         if (!pskb_may_pull(skb2, sizeof(*ih)))
1405                 goto out;
1406 
1407         switch (skb2->ip_summed) {
1408         case CHECKSUM_COMPLETE:
1409                 if (!csum_fold(skb2->csum))
1410                         break;
1411                 /* fall through */
1412         case CHECKSUM_NONE:
1413                 skb2->csum = 0;
1414                 if (skb_checksum_complete(skb2))
1415                         goto out;
1416         }
1417 
1418         err = 0;
1419 
1420         br_vlan_get_tag(skb2, &vid);
1421         BR_INPUT_SKB_CB(skb)->igmp = 1;
1422         ih = igmp_hdr(skb2);
1423 
1424         switch (ih->type) {
1425         case IGMP_HOST_MEMBERSHIP_REPORT:
1426         case IGMPV2_HOST_MEMBERSHIP_REPORT:
1427                 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1428                 err = br_ip4_multicast_add_group(br, port, ih->group, vid);
1429                 break;
1430         case IGMPV3_HOST_MEMBERSHIP_REPORT:
1431                 err = br_ip4_multicast_igmp3_report(br, port, skb2);
1432                 break;
1433         case IGMP_HOST_MEMBERSHIP_QUERY:
1434                 err = br_ip4_multicast_query(br, port, skb2);
1435                 break;
1436         case IGMP_HOST_LEAVE_MESSAGE:
1437                 br_ip4_multicast_leave_group(br, port, ih->group, vid);
1438                 break;
1439         }
1440 
1441 out:
1442         __skb_push(skb2, offset);
1443 err_out:
1444         if (skb2 != skb)
1445                 kfree_skb(skb2);
1446         return err;
1447 }
1448 
1449 #if IS_ENABLED(CONFIG_IPV6)
1450 static int br_multicast_ipv6_rcv(struct net_bridge *br,
1451                                  struct net_bridge_port *port,
1452                                  struct sk_buff *skb)
1453 {
1454         struct sk_buff *skb2;
1455         const struct ipv6hdr *ip6h;
1456         u8 icmp6_type;
1457         u8 nexthdr;
1458         __be16 frag_off;
1459         unsigned int len;
1460         int offset;
1461         int err;
1462         u16 vid = 0;
1463 
1464         if (!pskb_may_pull(skb, sizeof(*ip6h)))
1465                 return -EINVAL;
1466 
1467         ip6h = ipv6_hdr(skb);
1468 
1469         /*
1470          * We're interested in MLD messages only.
1471          *  - Version is 6
1472          *  - MLD has always Router Alert hop-by-hop option
1473          *  - But we do not support jumbrograms.
1474          */
1475         if (ip6h->version != 6 ||
1476             ip6h->nexthdr != IPPROTO_HOPOPTS ||
1477             ip6h->payload_len == 0)
1478                 return 0;
1479 
1480         len = ntohs(ip6h->payload_len) + sizeof(*ip6h);
1481         if (skb->len < len)
1482                 return -EINVAL;
1483 
1484         nexthdr = ip6h->nexthdr;
1485         offset = ipv6_skip_exthdr(skb, sizeof(*ip6h), &nexthdr, &frag_off);
1486 
1487         if (offset < 0 || nexthdr != IPPROTO_ICMPV6)
1488                 return 0;
1489 
1490         /* Okay, we found ICMPv6 header */
1491         skb2 = skb_clone(skb, GFP_ATOMIC);
1492         if (!skb2)
1493                 return -ENOMEM;
1494 
1495         err = -EINVAL;
1496         if (!pskb_may_pull(skb2, offset + sizeof(struct icmp6hdr)))
1497                 goto out;
1498 
1499         len -= offset - skb_network_offset(skb2);
1500 
1501         __skb_pull(skb2, offset);
1502         skb_reset_transport_header(skb2);
1503         skb_postpull_rcsum(skb2, skb_network_header(skb2),
1504                            skb_network_header_len(skb2));
1505 
1506         icmp6_type = icmp6_hdr(skb2)->icmp6_type;
1507 
1508         switch (icmp6_type) {
1509         case ICMPV6_MGM_QUERY:
1510         case ICMPV6_MGM_REPORT:
1511         case ICMPV6_MGM_REDUCTION:
1512         case ICMPV6_MLD2_REPORT:
1513                 break;
1514         default:
1515                 err = 0;
1516                 goto out;
1517         }
1518 
1519         /* Okay, we found MLD message. Check further. */
1520         if (skb2->len > len) {
1521                 err = pskb_trim_rcsum(skb2, len);
1522                 if (err)
1523                         goto out;
1524                 err = -EINVAL;
1525         }
1526 
1527         ip6h = ipv6_hdr(skb2);
1528 
1529         switch (skb2->ip_summed) {
1530         case CHECKSUM_COMPLETE:
1531                 if (!csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, skb2->len,
1532                                         IPPROTO_ICMPV6, skb2->csum))
1533                         break;
1534                 /*FALLTHROUGH*/
1535         case CHECKSUM_NONE:
1536                 skb2->csum = ~csum_unfold(csum_ipv6_magic(&ip6h->saddr,
1537                                                         &ip6h->daddr,
1538                                                         skb2->len,
1539                                                         IPPROTO_ICMPV6, 0));
1540                 if (__skb_checksum_complete(skb2))
1541                         goto out;
1542         }
1543 
1544         err = 0;
1545 
1546         br_vlan_get_tag(skb, &vid);
1547         BR_INPUT_SKB_CB(skb)->igmp = 1;
1548 
1549         switch (icmp6_type) {
1550         case ICMPV6_MGM_REPORT:
1551             {
1552                 struct mld_msg *mld;
1553                 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1554                         err = -EINVAL;
1555                         goto out;
1556                 }
1557                 mld = (struct mld_msg *)skb_transport_header(skb2);
1558                 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1559                 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid);
1560                 break;
1561             }
1562         case ICMPV6_MLD2_REPORT:
1563                 err = br_ip6_multicast_mld2_report(br, port, skb2);
1564                 break;
1565         case ICMPV6_MGM_QUERY:
1566                 err = br_ip6_multicast_query(br, port, skb2);
1567                 break;
1568         case ICMPV6_MGM_REDUCTION:
1569             {
1570                 struct mld_msg *mld;
1571                 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1572                         err = -EINVAL;
1573                         goto out;
1574                 }
1575                 mld = (struct mld_msg *)skb_transport_header(skb2);
1576                 br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid);
1577             }
1578         }
1579 
1580 out:
1581         kfree_skb(skb2);
1582         return err;
1583 }
1584 #endif
1585 
1586 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port,
1587                      struct sk_buff *skb)
1588 {
1589         BR_INPUT_SKB_CB(skb)->igmp = 0;
1590         BR_INPUT_SKB_CB(skb)->mrouters_only = 0;
1591 
1592         if (br->multicast_disabled)
1593                 return 0;
1594 
1595         switch (skb->protocol) {
1596         case htons(ETH_P_IP):
1597                 return br_multicast_ipv4_rcv(br, port, skb);
1598 #if IS_ENABLED(CONFIG_IPV6)
1599         case htons(ETH_P_IPV6):
1600                 return br_multicast_ipv6_rcv(br, port, skb);
1601 #endif
1602         }
1603 
1604         return 0;
1605 }
1606 
1607 static void br_multicast_query_expired(unsigned long data)
1608 {
1609         struct net_bridge *br = (void *)data;
1610 
1611         spin_lock(&br->multicast_lock);
1612         if (br->multicast_startup_queries_sent <
1613             br->multicast_startup_query_count)
1614                 br->multicast_startup_queries_sent++;
1615 
1616         br_multicast_send_query(br, NULL, br->multicast_startup_queries_sent);
1617 
1618         spin_unlock(&br->multicast_lock);
1619 }
1620 
1621 void br_multicast_init(struct net_bridge *br)
1622 {
1623         br->hash_elasticity = 4;
1624         br->hash_max = 512;
1625 
1626         br->multicast_router = 1;
1627         br->multicast_querier = 0;
1628         br->multicast_last_member_count = 2;
1629         br->multicast_startup_query_count = 2;
1630 
1631         br->multicast_last_member_interval = HZ;
1632         br->multicast_query_response_interval = 10 * HZ;
1633         br->multicast_startup_query_interval = 125 * HZ / 4;
1634         br->multicast_query_interval = 125 * HZ;
1635         br->multicast_querier_interval = 255 * HZ;
1636         br->multicast_membership_interval = 260 * HZ;
1637 
1638         spin_lock_init(&br->multicast_lock);
1639         setup_timer(&br->multicast_router_timer,
1640                     br_multicast_local_router_expired, 0);
1641         setup_timer(&br->multicast_querier_timer,
1642                     br_multicast_querier_expired, (unsigned long)br);
1643         setup_timer(&br->multicast_query_timer, br_multicast_query_expired,
1644                     (unsigned long)br);
1645 }
1646 
1647 void br_multicast_open(struct net_bridge *br)
1648 {
1649         br->multicast_startup_queries_sent = 0;
1650 
1651         if (br->multicast_disabled)
1652                 return;
1653 
1654         mod_timer(&br->multicast_query_timer, jiffies);
1655 }
1656 
1657 void br_multicast_stop(struct net_bridge *br)
1658 {
1659         struct net_bridge_mdb_htable *mdb;
1660         struct net_bridge_mdb_entry *mp;
1661         struct hlist_node *n;
1662         u32 ver;
1663         int i;
1664 
1665         del_timer_sync(&br->multicast_router_timer);
1666         del_timer_sync(&br->multicast_querier_timer);
1667         del_timer_sync(&br->multicast_query_timer);
1668 
1669         spin_lock_bh(&br->multicast_lock);
1670         mdb = mlock_dereference(br->mdb, br);
1671         if (!mdb)
1672                 goto out;
1673 
1674         br->mdb = NULL;
1675 
1676         ver = mdb->ver;
1677         for (i = 0; i < mdb->max; i++) {
1678                 hlist_for_each_entry_safe(mp, n, &mdb->mhash[i],
1679                                           hlist[ver]) {
1680                         del_timer(&mp->timer);
1681                         call_rcu_bh(&mp->rcu, br_multicast_free_group);
1682                 }
1683         }
1684 
1685         if (mdb->old) {
1686                 spin_unlock_bh(&br->multicast_lock);
1687                 rcu_barrier_bh();
1688                 spin_lock_bh(&br->multicast_lock);
1689                 WARN_ON(mdb->old);
1690         }
1691 
1692         mdb->old = mdb;
1693         call_rcu_bh(&mdb->rcu, br_mdb_free);
1694 
1695 out:
1696         spin_unlock_bh(&br->multicast_lock);
1697 }
1698 
1699 int br_multicast_set_router(struct net_bridge *br, unsigned long val)
1700 {
1701         int err = -ENOENT;
1702 
1703         spin_lock_bh(&br->multicast_lock);
1704         if (!netif_running(br->dev))
1705                 goto unlock;
1706 
1707         switch (val) {
1708         case 0:
1709         case 2:
1710                 del_timer(&br->multicast_router_timer);
1711                 /* fall through */
1712         case 1:
1713                 br->multicast_router = val;
1714                 err = 0;
1715                 break;
1716 
1717         default:
1718                 err = -EINVAL;
1719                 break;
1720         }
1721 
1722 unlock:
1723         spin_unlock_bh(&br->multicast_lock);
1724 
1725         return err;
1726 }
1727 
1728 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val)
1729 {
1730         struct net_bridge *br = p->br;
1731         int err = -ENOENT;
1732 
1733         spin_lock(&br->multicast_lock);
1734         if (!netif_running(br->dev) || p->state == BR_STATE_DISABLED)
1735                 goto unlock;
1736 
1737         switch (val) {
1738         case 0:
1739         case 1:
1740         case 2:
1741                 p->multicast_router = val;
1742                 err = 0;
1743 
1744                 if (val < 2 && !hlist_unhashed(&p->rlist))
1745                         hlist_del_init_rcu(&p->rlist);
1746 
1747                 if (val == 1)
1748                         break;
1749 
1750                 del_timer(&p->multicast_router_timer);
1751 
1752                 if (val == 0)
1753                         break;
1754 
1755                 br_multicast_add_router(br, p);
1756                 break;
1757 
1758         default:
1759                 err = -EINVAL;
1760                 break;
1761         }
1762 
1763 unlock:
1764         spin_unlock(&br->multicast_lock);
1765 
1766         return err;
1767 }
1768 
1769 static void br_multicast_start_querier(struct net_bridge *br)
1770 {
1771         struct net_bridge_port *port;
1772 
1773         br_multicast_open(br);
1774 
1775         list_for_each_entry(port, &br->port_list, list) {
1776                 if (port->state == BR_STATE_DISABLED ||
1777                     port->state == BR_STATE_BLOCKING)
1778                         continue;
1779 
1780                 __br_multicast_enable_port(port);
1781         }
1782 }
1783 
1784 int br_multicast_toggle(struct net_bridge *br, unsigned long val)
1785 {
1786         int err = 0;
1787         struct net_bridge_mdb_htable *mdb;
1788 
1789         spin_lock_bh(&br->multicast_lock);
1790         if (br->multicast_disabled == !val)
1791                 goto unlock;
1792 
1793         br->multicast_disabled = !val;
1794         if (br->multicast_disabled)
1795                 goto unlock;
1796 
1797         if (!netif_running(br->dev))
1798                 goto unlock;
1799 
1800         mdb = mlock_dereference(br->mdb, br);
1801         if (mdb) {
1802                 if (mdb->old) {
1803                         err = -EEXIST;
1804 rollback:
1805                         br->multicast_disabled = !!val;
1806                         goto unlock;
1807                 }
1808 
1809                 err = br_mdb_rehash(&br->mdb, mdb->max,
1810                                     br->hash_elasticity);
1811                 if (err)
1812                         goto rollback;
1813         }
1814 
1815         br_multicast_start_querier(br);
1816 
1817 unlock:
1818         spin_unlock_bh(&br->multicast_lock);
1819 
1820         return err;
1821 }
1822 
1823 int br_multicast_set_querier(struct net_bridge *br, unsigned long val)
1824 {
1825         val = !!val;
1826 
1827         spin_lock_bh(&br->multicast_lock);
1828         if (br->multicast_querier == val)
1829                 goto unlock;
1830 
1831         br->multicast_querier = val;
1832         if (val)
1833                 br_multicast_start_querier(br);
1834 
1835 unlock:
1836         spin_unlock_bh(&br->multicast_lock);
1837 
1838         return 0;
1839 }
1840 
1841 int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val)
1842 {
1843         int err = -ENOENT;
1844         u32 old;
1845         struct net_bridge_mdb_htable *mdb;
1846 
1847         spin_lock_bh(&br->multicast_lock);
1848         if (!netif_running(br->dev))
1849                 goto unlock;
1850 
1851         err = -EINVAL;
1852         if (!is_power_of_2(val))
1853                 goto unlock;
1854 
1855         mdb = mlock_dereference(br->mdb, br);
1856         if (mdb && val < mdb->size)
1857                 goto unlock;
1858 
1859         err = 0;
1860 
1861         old = br->hash_max;
1862         br->hash_max = val;
1863 
1864         if (mdb) {
1865                 if (mdb->old) {
1866                         err = -EEXIST;
1867 rollback:
1868                         br->hash_max = old;
1869                         goto unlock;
1870                 }
1871 
1872                 err = br_mdb_rehash(&br->mdb, br->hash_max,
1873                                     br->hash_elasticity);
1874                 if (err)
1875                         goto rollback;
1876         }
1877 
1878 unlock:
1879         spin_unlock_bh(&br->multicast_lock);
1880 
1881         return err;
1882 }
1883 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp