search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
rbtree: move augmented rbtree functionality to rbtree_augmented.h
[linux-2.6.git] / net / bridge / br_multicast.c
blob241743417f498bdc9c8c63fe2500a78f9a4d2126
1 /*
2 * Bridge multicast support.
3 *
4 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au>
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 2 of the License, or (at your option)
9 * any later version.
10 *
11 */
12
13 #include <linux/err.h>
14 #include <linux/if_ether.h>
15 #include <linux/igmp.h>
16 #include <linux/jhash.h>
17 #include <linux/kernel.h>
18 #include <linux/log2.h>
19 #include <linux/netdevice.h>
20 #include <linux/netfilter_bridge.h>
21 #include <linux/random.h>
22 #include <linux/rculist.h>
23 #include <linux/skbuff.h>
24 #include <linux/slab.h>
25 #include <linux/timer.h>
26 #include <net/ip.h>
27 #if IS_ENABLED(CONFIG_IPV6)
28 #include <net/ipv6.h>
29 #include <net/mld.h>
30 #include <net/addrconf.h>
31 #include <net/ip6_checksum.h>
32 #endif
33
34 #include "br_private.h"
35
36 #define mlock_dereference(X, br) \
37 rcu_dereference_protected(X, lockdep_is_held(&br->multicast_lock))
38
39 static void br_multicast_start_querier(struct net_bridge *br);
40
41 #if IS_ENABLED(CONFIG_IPV6)
42 static inline int ipv6_is_transient_multicast(const struct in6_addr *addr)
43 {
44 if (ipv6_addr_is_multicast(addr) && IPV6_ADDR_MC_FLAG_TRANSIENT(addr))
45 return 1;
46 return 0;
47 }
48 #endif
49
50 static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b)
51 {
52 if (a->proto != b->proto)
53 return 0;
54 switch (a->proto) {
55 case htons(ETH_P_IP):
56 return a->u.ip4 == b->u.ip4;
57 #if IS_ENABLED(CONFIG_IPV6)
58 case htons(ETH_P_IPV6):
59 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6);
60 #endif
61 }
62 return 0;
63 }
64
65 static inline int __br_ip4_hash(struct net_bridge_mdb_htable *mdb, __be32 ip)
66 {
67 return jhash_1word(mdb->secret, (__force u32)ip) & (mdb->max - 1);
68 }
69
70 #if IS_ENABLED(CONFIG_IPV6)
71 static inline int __br_ip6_hash(struct net_bridge_mdb_htable *mdb,
72 const struct in6_addr *ip)
73 {
74 return jhash2((__force u32 *)ip->s6_addr32, 4, mdb->secret) & (mdb->max - 1);
75 }
76 #endif
77
78 static inline int br_ip_hash(struct net_bridge_mdb_htable *mdb,
79 struct br_ip *ip)
80 {
81 switch (ip->proto) {
82 case htons(ETH_P_IP):
83 return __br_ip4_hash(mdb, ip->u.ip4);
84 #if IS_ENABLED(CONFIG_IPV6)
85 case htons(ETH_P_IPV6):
86 return __br_ip6_hash(mdb, &ip->u.ip6);
87 #endif
88 }
89 return 0;
90 }
91
92 static struct net_bridge_mdb_entry *__br_mdb_ip_get(
93 struct net_bridge_mdb_htable *mdb, struct br_ip *dst, int hash)
94 {
95 struct net_bridge_mdb_entry *mp;
96 struct hlist_node *p;
97
98 hlist_for_each_entry_rcu(mp, p, &mdb->mhash[hash], hlist[mdb->ver]) {
99 if (br_ip_equal(&mp->addr, dst))
100 return mp;
101 }
102
103 return NULL;
104 }
105
106 static struct net_bridge_mdb_entry *br_mdb_ip_get(
107 struct net_bridge_mdb_htable *mdb, struct br_ip *dst)
108 {
109 if (!mdb)
110 return NULL;
111
112 return __br_mdb_ip_get(mdb, dst, br_ip_hash(mdb, dst));
113 }
114
115 static struct net_bridge_mdb_entry *br_mdb_ip4_get(
116 struct net_bridge_mdb_htable *mdb, __be32 dst)
117 {
118 struct br_ip br_dst;
119
120 br_dst.u.ip4 = dst;
121 br_dst.proto = htons(ETH_P_IP);
122
123 return br_mdb_ip_get(mdb, &br_dst);
124 }
125
126 #if IS_ENABLED(CONFIG_IPV6)
127 static struct net_bridge_mdb_entry *br_mdb_ip6_get(
128 struct net_bridge_mdb_htable *mdb, const struct in6_addr *dst)
129 {
130 struct br_ip br_dst;
131
132 br_dst.u.ip6 = *dst;
133 br_dst.proto = htons(ETH_P_IPV6);
134
135 return br_mdb_ip_get(mdb, &br_dst);
136 }
137 #endif
138
139 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br,
140 struct sk_buff *skb)
141 {
142 struct net_bridge_mdb_htable *mdb = rcu_dereference(br->mdb);
143 struct br_ip ip;
144
145 if (br->multicast_disabled)
146 return NULL;
147
148 if (BR_INPUT_SKB_CB(skb)->igmp)
149 return NULL;
150
151 ip.proto = skb->protocol;
152
153 switch (skb->protocol) {
154 case htons(ETH_P_IP):
155 ip.u.ip4 = ip_hdr(skb)->daddr;
156 break;
157 #if IS_ENABLED(CONFIG_IPV6)
158 case htons(ETH_P_IPV6):
159 ip.u.ip6 = ipv6_hdr(skb)->daddr;
160 break;
161 #endif
162 default:
163 return NULL;
164 }
165
166 return br_mdb_ip_get(mdb, &ip);
167 }
168
169 static void br_mdb_free(struct rcu_head *head)
170 {
171 struct net_bridge_mdb_htable *mdb =
172 container_of(head, struct net_bridge_mdb_htable, rcu);
173 struct net_bridge_mdb_htable *old = mdb->old;
174
175 mdb->old = NULL;
176 kfree(old->mhash);
177 kfree(old);
178 }
179
180 static int br_mdb_copy(struct net_bridge_mdb_htable *new,
181 struct net_bridge_mdb_htable *old,
182 int elasticity)
183 {
184 struct net_bridge_mdb_entry *mp;
185 struct hlist_node *p;
186 int maxlen;
187 int len;
188 int i;
189
190 for (i = 0; i < old->max; i++)
191 hlist_for_each_entry(mp, p, &old->mhash[i], hlist[old->ver])
192 hlist_add_head(&mp->hlist[new->ver],
193 &new->mhash[br_ip_hash(new, &mp->addr)]);
194
195 if (!elasticity)
196 return 0;
197
198 maxlen = 0;
199 for (i = 0; i < new->max; i++) {
200 len = 0;
201 hlist_for_each_entry(mp, p, &new->mhash[i], hlist[new->ver])
202 len++;
203 if (len > maxlen)
204 maxlen = len;
205 }
206
207 return maxlen > elasticity ? -EINVAL : 0;
208 }
209
210 static void br_multicast_free_pg(struct rcu_head *head)
211 {
212 struct net_bridge_port_group *p =
213 container_of(head, struct net_bridge_port_group, rcu);
214
215 kfree(p);
216 }
217
218 static void br_multicast_free_group(struct rcu_head *head)
219 {
220 struct net_bridge_mdb_entry *mp =
221 container_of(head, struct net_bridge_mdb_entry, rcu);
222
223 kfree(mp);
224 }
225
226 static void br_multicast_group_expired(unsigned long data)
227 {
228 struct net_bridge_mdb_entry *mp = (void *)data;
229 struct net_bridge *br = mp->br;
230 struct net_bridge_mdb_htable *mdb;
231
232 spin_lock(&br->multicast_lock);
233 if (!netif_running(br->dev) || timer_pending(&mp->timer))
234 goto out;
235
236 mp->mglist = false;
237
238 if (mp->ports)
239 goto out;
240
241 mdb = mlock_dereference(br->mdb, br);
242
243 hlist_del_rcu(&mp->hlist[mdb->ver]);
244 mdb->size--;
245
246 call_rcu_bh(&mp->rcu, br_multicast_free_group);
247
248 out:
249 spin_unlock(&br->multicast_lock);
250 }
251
252 static void br_multicast_del_pg(struct net_bridge *br,
253 struct net_bridge_port_group *pg)
254 {
255 struct net_bridge_mdb_htable *mdb;
256 struct net_bridge_mdb_entry *mp;
257 struct net_bridge_port_group *p;
258 struct net_bridge_port_group __rcu **pp;
259
260 mdb = mlock_dereference(br->mdb, br);
261
262 mp = br_mdb_ip_get(mdb, &pg->addr);
263 if (WARN_ON(!mp))
264 return;
265
266 for (pp = &mp->ports;
267 (p = mlock_dereference(*pp, br)) != NULL;
268 pp = &p->next) {
269 if (p != pg)
270 continue;
271
272 rcu_assign_pointer(*pp, p->next);
273 hlist_del_init(&p->mglist);
274 del_timer(&p->timer);
275 call_rcu_bh(&p->rcu, br_multicast_free_pg);
276
277 if (!mp->ports && !mp->mglist &&
278 netif_running(br->dev))
279 mod_timer(&mp->timer, jiffies);
280
281 return;
282 }
283
284 WARN_ON(1);
285 }
286
287 static void br_multicast_port_group_expired(unsigned long data)
288 {
289 struct net_bridge_port_group *pg = (void *)data;
290 struct net_bridge *br = pg->port->br;
291
292 spin_lock(&br->multicast_lock);
293 if (!netif_running(br->dev) || timer_pending(&pg->timer) ||
294 hlist_unhashed(&pg->mglist))
295 goto out;
296
297 br_multicast_del_pg(br, pg);
298
299 out:
300 spin_unlock(&br->multicast_lock);
301 }
302
303 static int br_mdb_rehash(struct net_bridge_mdb_htable __rcu **mdbp, int max,
304 int elasticity)
305 {
306 struct net_bridge_mdb_htable *old = rcu_dereference_protected(*mdbp, 1);
307 struct net_bridge_mdb_htable *mdb;
308 int err;
309
310 mdb = kmalloc(sizeof(*mdb), GFP_ATOMIC);
311 if (!mdb)
312 return -ENOMEM;
313
314 mdb->max = max;
315 mdb->old = old;
316
317 mdb->mhash = kzalloc(max * sizeof(*mdb->mhash), GFP_ATOMIC);
318 if (!mdb->mhash) {
319 kfree(mdb);
320 return -ENOMEM;
321 }
322
323 mdb->size = old ? old->size : 0;
324 mdb->ver = old ? old->ver ^ 1 : 0;
325
326 if (!old || elasticity)
327 get_random_bytes(&mdb->secret, sizeof(mdb->secret));
328 else
329 mdb->secret = old->secret;
330
331 if (!old)
332 goto out;
333
334 err = br_mdb_copy(mdb, old, elasticity);
335 if (err) {
336 kfree(mdb->mhash);
337 kfree(mdb);
338 return err;
339 }
340
341 call_rcu_bh(&mdb->rcu, br_mdb_free);
342
343 out:
344 rcu_assign_pointer(*mdbp, mdb);
345
346 return 0;
347 }
348
349 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br,
350 __be32 group)
351 {
352 struct sk_buff *skb;
353 struct igmphdr *ih;
354 struct ethhdr *eth;
355 struct iphdr *iph;
356
357 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) +
358 sizeof(*ih) + 4);
359 if (!skb)
360 goto out;
361
362 skb->protocol = htons(ETH_P_IP);
363
364 skb_reset_mac_header(skb);
365 eth = eth_hdr(skb);
366
367 memcpy(eth->h_source, br->dev->dev_addr, 6);
368 eth->h_dest[0] = 1;
369 eth->h_dest[1] = 0;
370 eth->h_dest[2] = 0x5e;
371 eth->h_dest[3] = 0;
372 eth->h_dest[4] = 0;
373 eth->h_dest[5] = 1;
374 eth->h_proto = htons(ETH_P_IP);
375 skb_put(skb, sizeof(*eth));
376
377 skb_set_network_header(skb, skb->len);
378 iph = ip_hdr(skb);
379
380 iph->version = 4;
381 iph->ihl = 6;
382 iph->tos = 0xc0;
383 iph->tot_len = htons(sizeof(*iph) + sizeof(*ih) + 4);
384 iph->id = 0;
385 iph->frag_off = htons(IP_DF);
386 iph->ttl = 1;
387 iph->protocol = IPPROTO_IGMP;
388 iph->saddr = 0;
389 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP);
390 ((u8 *)&iph[1])[0] = IPOPT_RA;
391 ((u8 *)&iph[1])[1] = 4;
392 ((u8 *)&iph[1])[2] = 0;
393 ((u8 *)&iph[1])[3] = 0;
394 ip_send_check(iph);
395 skb_put(skb, 24);
396
397 skb_set_transport_header(skb, skb->len);
398 ih = igmp_hdr(skb);
399 ih->type = IGMP_HOST_MEMBERSHIP_QUERY;
400 ih->code = (group ? br->multicast_last_member_interval :
401 br->multicast_query_response_interval) /
402 (HZ / IGMP_TIMER_SCALE);
403 ih->group = group;
404 ih->csum = 0;
405 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr));
406 skb_put(skb, sizeof(*ih));
407
408 __skb_pull(skb, sizeof(*eth));
409
410 out:
411 return skb;
412 }
413
414 #if IS_ENABLED(CONFIG_IPV6)
415 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br,
416 const struct in6_addr *group)
417 {
418 struct sk_buff *skb;
419 struct ipv6hdr *ip6h;
420 struct mld_msg *mldq;
421 struct ethhdr *eth;
422 u8 *hopopt;
423 unsigned long interval;
424
425 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) +
426 8 + sizeof(*mldq));
427 if (!skb)
428 goto out;
429
430 skb->protocol = htons(ETH_P_IPV6);
431
432 /* Ethernet header */
433 skb_reset_mac_header(skb);
434 eth = eth_hdr(skb);
435
436 memcpy(eth->h_source, br->dev->dev_addr, 6);
437 eth->h_proto = htons(ETH_P_IPV6);
438 skb_put(skb, sizeof(*eth));
439
440 /* IPv6 header + HbH option */
441 skb_set_network_header(skb, skb->len);
442 ip6h = ipv6_hdr(skb);
443
444 *(__force __be32 *)ip6h = htonl(0x60000000);
445 ip6h->payload_len = htons(8 + sizeof(*mldq));
446 ip6h->nexthdr = IPPROTO_HOPOPTS;
447 ip6h->hop_limit = 1;
448 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1));
449 if (ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0,
450 &ip6h->saddr)) {
451 kfree_skb(skb);
452 return NULL;
453 }
454 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest);
455
456 hopopt = (u8 *)(ip6h + 1);
457 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */
458 hopopt[1] = 0; /* length of HbH */
459 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */
460 hopopt[3] = 2; /* Length of RA Option */
461 hopopt[4] = 0; /* Type = 0x0000 (MLD) */
462 hopopt[5] = 0;
463 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */
464 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */
465
466 skb_put(skb, sizeof(*ip6h) + 8);
467
468 /* ICMPv6 */
469 skb_set_transport_header(skb, skb->len);
470 mldq = (struct mld_msg *) icmp6_hdr(skb);
471
472 interval = ipv6_addr_any(group) ? br->multicast_last_member_interval :
473 br->multicast_query_response_interval;
474
475 mldq->mld_type = ICMPV6_MGM_QUERY;
476 mldq->mld_code = 0;
477 mldq->mld_cksum = 0;
478 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval));
479 mldq->mld_reserved = 0;
480 mldq->mld_mca = *group;
481
482 /* checksum */
483 mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr,
484 sizeof(*mldq), IPPROTO_ICMPV6,
485 csum_partial(mldq,
486 sizeof(*mldq), 0));
487 skb_put(skb, sizeof(*mldq));
488
489 __skb_pull(skb, sizeof(*eth));
490
491 out:
492 return skb;
493 }
494 #endif
495
496 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br,
497 struct br_ip *addr)
498 {
499 switch (addr->proto) {
500 case htons(ETH_P_IP):
501 return br_ip4_multicast_alloc_query(br, addr->u.ip4);
502 #if IS_ENABLED(CONFIG_IPV6)
503 case htons(ETH_P_IPV6):
504 return br_ip6_multicast_alloc_query(br, &addr->u.ip6);
505 #endif
506 }
507 return NULL;
508 }
509
510 static struct net_bridge_mdb_entry *br_multicast_get_group(
511 struct net_bridge *br, struct net_bridge_port *port,
512 struct br_ip *group, int hash)
513 {
514 struct net_bridge_mdb_htable *mdb;
515 struct net_bridge_mdb_entry *mp;
516 struct hlist_node *p;
517 unsigned int count = 0;
518 unsigned int max;
519 int elasticity;
520 int err;
521
522 mdb = rcu_dereference_protected(br->mdb, 1);
523 hlist_for_each_entry(mp, p, &mdb->mhash[hash], hlist[mdb->ver]) {
524 count++;
525 if (unlikely(br_ip_equal(group, &mp->addr)))
526 return mp;
527 }
528
529 elasticity = 0;
530 max = mdb->max;
531
532 if (unlikely(count > br->hash_elasticity && count)) {
533 if (net_ratelimit())
534 br_info(br, "Multicast hash table "
535 "chain limit reached: %s\n",
536 port ? port->dev->name : br->dev->name);
537
538 elasticity = br->hash_elasticity;
539 }
540
541 if (mdb->size >= max) {
542 max *= 2;
543 if (unlikely(max > br->hash_max)) {
544 br_warn(br, "Multicast hash table maximum of %d "
545 "reached, disabling snooping: %s\n",
546 br->hash_max,
547 port ? port->dev->name : br->dev->name);
548 err = -E2BIG;
549 disable:
550 br->multicast_disabled = 1;
551 goto err;
552 }
553 }
554
555 if (max > mdb->max || elasticity) {
556 if (mdb->old) {
557 if (net_ratelimit())
558 br_info(br, "Multicast hash table "
559 "on fire: %s\n",
560 port ? port->dev->name : br->dev->name);
561 err = -EEXIST;
562 goto err;
563 }
564
565 err = br_mdb_rehash(&br->mdb, max, elasticity);
566 if (err) {
567 br_warn(br, "Cannot rehash multicast "
568 "hash table, disabling snooping: %s, %d, %d\n",
569 port ? port->dev->name : br->dev->name,
570 mdb->size, err);
571 goto disable;
572 }
573
574 err = -EAGAIN;
575 goto err;
576 }
577
578 return NULL;
579
580 err:
581 mp = ERR_PTR(err);
582 return mp;
583 }
584
585 static struct net_bridge_mdb_entry *br_multicast_new_group(
586 struct net_bridge *br, struct net_bridge_port *port,
587 struct br_ip *group)
588 {
589 struct net_bridge_mdb_htable *mdb;
590 struct net_bridge_mdb_entry *mp;
591 int hash;
592 int err;
593
594 mdb = rcu_dereference_protected(br->mdb, 1);
595 if (!mdb) {
596 err = br_mdb_rehash(&br->mdb, BR_HASH_SIZE, 0);
597 if (err)
598 return ERR_PTR(err);
599 goto rehash;
600 }
601
602 hash = br_ip_hash(mdb, group);
603 mp = br_multicast_get_group(br, port, group, hash);
604 switch (PTR_ERR(mp)) {
605 case 0:
606 break;
607
608 case -EAGAIN:
609 rehash:
610 mdb = rcu_dereference_protected(br->mdb, 1);
611 hash = br_ip_hash(mdb, group);
612 break;
613
614 default:
615 goto out;
616 }
617
618 mp = kzalloc(sizeof(*mp), GFP_ATOMIC);
619 if (unlikely(!mp))
620 return ERR_PTR(-ENOMEM);
621
622 mp->br = br;
623 mp->addr = *group;
624 setup_timer(&mp->timer, br_multicast_group_expired,
625 (unsigned long)mp);
626
627 hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]);
628 mdb->size++;
629
630 out:
631 return mp;
632 }
633
634 static int br_multicast_add_group(struct net_bridge *br,
635 struct net_bridge_port *port,
636 struct br_ip *group)
637 {
638 struct net_bridge_mdb_entry *mp;
639 struct net_bridge_port_group *p;
640 struct net_bridge_port_group __rcu **pp;
641 unsigned long now = jiffies;
642 int err;
643
644 spin_lock(&br->multicast_lock);
645 if (!netif_running(br->dev) ||
646 (port && port->state == BR_STATE_DISABLED))
647 goto out;
648
649 mp = br_multicast_new_group(br, port, group);
650 err = PTR_ERR(mp);
651 if (IS_ERR(mp))
652 goto err;
653
654 if (!port) {
655 mp->mglist = true;
656 mod_timer(&mp->timer, now + br->multicast_membership_interval);
657 goto out;
658 }
659
660 for (pp = &mp->ports;
661 (p = mlock_dereference(*pp, br)) != NULL;
662 pp = &p->next) {
663 if (p->port == port)
664 goto found;
665 if ((unsigned long)p->port < (unsigned long)port)
666 break;
667 }
668
669 p = kzalloc(sizeof(*p), GFP_ATOMIC);
670 err = -ENOMEM;
671 if (unlikely(!p))
672 goto err;
673
674 p->addr = *group;
675 p->port = port;
676 p->next = *pp;
677 hlist_add_head(&p->mglist, &port->mglist);
678 setup_timer(&p->timer, br_multicast_port_group_expired,
679 (unsigned long)p);
680
681 rcu_assign_pointer(*pp, p);
682
683 found:
684 mod_timer(&p->timer, now + br->multicast_membership_interval);
685 out:
686 err = 0;
687
688 err:
689 spin_unlock(&br->multicast_lock);
690 return err;
691 }
692
693 static int br_ip4_multicast_add_group(struct net_bridge *br,
694 struct net_bridge_port *port,
695 __be32 group)
696 {
697 struct br_ip br_group;
698
699 if (ipv4_is_local_multicast(group))
700 return 0;
701
702 br_group.u.ip4 = group;
703 br_group.proto = htons(ETH_P_IP);
704
705 return br_multicast_add_group(br, port, &br_group);
706 }
707
708 #if IS_ENABLED(CONFIG_IPV6)
709 static int br_ip6_multicast_add_group(struct net_bridge *br,
710 struct net_bridge_port *port,
711 const struct in6_addr *group)
712 {
713 struct br_ip br_group;
714
715 if (!ipv6_is_transient_multicast(group))
716 return 0;
717
718 br_group.u.ip6 = *group;
719 br_group.proto = htons(ETH_P_IPV6);
720
721 return br_multicast_add_group(br, port, &br_group);
722 }
723 #endif
724
725 static void br_multicast_router_expired(unsigned long data)
726 {
727 struct net_bridge_port *port = (void *)data;
728 struct net_bridge *br = port->br;
729
730 spin_lock(&br->multicast_lock);
731 if (port->multicast_router != 1 ||
732 timer_pending(&port->multicast_router_timer) ||
733 hlist_unhashed(&port->rlist))
734 goto out;
735
736 hlist_del_init_rcu(&port->rlist);
737
738 out:
739 spin_unlock(&br->multicast_lock);
740 }
741
742 static void br_multicast_local_router_expired(unsigned long data)
743 {
744 }
745
746 static void br_multicast_querier_expired(unsigned long data)
747 {
748 struct net_bridge *br = (void *)data;
749
750 spin_lock(&br->multicast_lock);
751 if (!netif_running(br->dev) || br->multicast_disabled)
752 goto out;
753
754 br_multicast_start_querier(br);
755
756 out:
757 spin_unlock(&br->multicast_lock);
758 }
759
760 static void __br_multicast_send_query(struct net_bridge *br,
761 struct net_bridge_port *port,
762 struct br_ip *ip)
763 {
764 struct sk_buff *skb;
765
766 skb = br_multicast_alloc_query(br, ip);
767 if (!skb)
768 return;
769
770 if (port) {
771 __skb_push(skb, sizeof(struct ethhdr));
772 skb->dev = port->dev;
773 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
774 dev_queue_xmit);
775 } else
776 netif_rx(skb);
777 }
778
779 static void br_multicast_send_query(struct net_bridge *br,
780 struct net_bridge_port *port, u32 sent)
781 {
782 unsigned long time;
783 struct br_ip br_group;
784
785 if (!netif_running(br->dev) || br->multicast_disabled ||
786 !br->multicast_querier ||
787 timer_pending(&br->multicast_querier_timer))
788 return;
789
790 memset(&br_group.u, 0, sizeof(br_group.u));
791
792 br_group.proto = htons(ETH_P_IP);
793 __br_multicast_send_query(br, port, &br_group);
794
795 #if IS_ENABLED(CONFIG_IPV6)
796 br_group.proto = htons(ETH_P_IPV6);
797 __br_multicast_send_query(br, port, &br_group);
798 #endif
799
800 time = jiffies;
801 time += sent < br->multicast_startup_query_count ?
802 br->multicast_startup_query_interval :
803 br->multicast_query_interval;
804 mod_timer(port ? &port->multicast_query_timer :
805 &br->multicast_query_timer, time);
806 }
807
808 static void br_multicast_port_query_expired(unsigned long data)
809 {
810 struct net_bridge_port *port = (void *)data;
811 struct net_bridge *br = port->br;
812
813 spin_lock(&br->multicast_lock);
814 if (port->state == BR_STATE_DISABLED ||
815 port->state == BR_STATE_BLOCKING)
816 goto out;
817
818 if (port->multicast_startup_queries_sent <
819 br->multicast_startup_query_count)
820 port->multicast_startup_queries_sent++;
821
822 br_multicast_send_query(port->br, port,
823 port->multicast_startup_queries_sent);
824
825 out:
826 spin_unlock(&br->multicast_lock);
827 }
828
829 void br_multicast_add_port(struct net_bridge_port *port)
830 {
831 port->multicast_router = 1;
832
833 setup_timer(&port->multicast_router_timer, br_multicast_router_expired,
834 (unsigned long)port);
835 setup_timer(&port->multicast_query_timer,
836 br_multicast_port_query_expired, (unsigned long)port);
837 }
838
839 void br_multicast_del_port(struct net_bridge_port *port)
840 {
841 del_timer_sync(&port->multicast_router_timer);
842 }
843
844 static void __br_multicast_enable_port(struct net_bridge_port *port)
845 {
846 port->multicast_startup_queries_sent = 0;
847
848 if (try_to_del_timer_sync(&port->multicast_query_timer) >= 0 ||
849 del_timer(&port->multicast_query_timer))
850 mod_timer(&port->multicast_query_timer, jiffies);
851 }
852
853 void br_multicast_enable_port(struct net_bridge_port *port)
854 {
855 struct net_bridge *br = port->br;
856
857 spin_lock(&br->multicast_lock);
858 if (br->multicast_disabled || !netif_running(br->dev))
859 goto out;
860
861 __br_multicast_enable_port(port);
862
863 out:
864 spin_unlock(&br->multicast_lock);
865 }
866
867 void br_multicast_disable_port(struct net_bridge_port *port)
868 {
869 struct net_bridge *br = port->br;
870 struct net_bridge_port_group *pg;
871 struct hlist_node *p, *n;
872
873 spin_lock(&br->multicast_lock);
874 hlist_for_each_entry_safe(pg, p, n, &port->mglist, mglist)
875 br_multicast_del_pg(br, pg);
876
877 if (!hlist_unhashed(&port->rlist))
878 hlist_del_init_rcu(&port->rlist);
879 del_timer(&port->multicast_router_timer);
880 del_timer(&port->multicast_query_timer);
881 spin_unlock(&br->multicast_lock);
882 }
883
884 static int br_ip4_multicast_igmp3_report(struct net_bridge *br,
885 struct net_bridge_port *port,
886 struct sk_buff *skb)
887 {
888 struct igmpv3_report *ih;
889 struct igmpv3_grec *grec;
890 int i;
891 int len;
892 int num;
893 int type;
894 int err = 0;
895 __be32 group;
896
897 if (!pskb_may_pull(skb, sizeof(*ih)))
898 return -EINVAL;
899
900 ih = igmpv3_report_hdr(skb);
901 num = ntohs(ih->ngrec);
902 len = sizeof(*ih);
903
904 for (i = 0; i < num; i++) {
905 len += sizeof(*grec);
906 if (!pskb_may_pull(skb, len))
907 return -EINVAL;
908
909 grec = (void *)(skb->data + len - sizeof(*grec));
910 group = grec->grec_mca;
911 type = grec->grec_type;
912
913 len += ntohs(grec->grec_nsrcs) * 4;
914 if (!pskb_may_pull(skb, len))
915 return -EINVAL;
916
917 /* We treat this as an IGMPv2 report for now. */
918 switch (type) {
919 case IGMPV3_MODE_IS_INCLUDE:
920 case IGMPV3_MODE_IS_EXCLUDE:
921 case IGMPV3_CHANGE_TO_INCLUDE:
922 case IGMPV3_CHANGE_TO_EXCLUDE:
923 case IGMPV3_ALLOW_NEW_SOURCES:
924 case IGMPV3_BLOCK_OLD_SOURCES:
925 break;
926
927 default:
928 continue;
929 }
930
931 err = br_ip4_multicast_add_group(br, port, group);
932 if (err)
933 break;
934 }
935
936 return err;
937 }
938
939 #if IS_ENABLED(CONFIG_IPV6)
940 static int br_ip6_multicast_mld2_report(struct net_bridge *br,
941 struct net_bridge_port *port,
942 struct sk_buff *skb)
943 {
944 struct icmp6hdr *icmp6h;
945 struct mld2_grec *grec;
946 int i;
947 int len;
948 int num;
949 int err = 0;
950
951 if (!pskb_may_pull(skb, sizeof(*icmp6h)))
952 return -EINVAL;
953
954 icmp6h = icmp6_hdr(skb);
955 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]);
956 len = sizeof(*icmp6h);
957
958 for (i = 0; i < num; i++) {
959 __be16 *nsrcs, _nsrcs;
960
961 nsrcs = skb_header_pointer(skb,
962 len + offsetof(struct mld2_grec,
963 grec_nsrcs),
964 sizeof(_nsrcs), &_nsrcs);
965 if (!nsrcs)
966 return -EINVAL;
967
968 if (!pskb_may_pull(skb,
969 len + sizeof(*grec) +
970 sizeof(struct in6_addr) * ntohs(*nsrcs)))
971 return -EINVAL;
972
973 grec = (struct mld2_grec *)(skb->data + len);
974 len += sizeof(*grec) +
975 sizeof(struct in6_addr) * ntohs(*nsrcs);
976
977 /* We treat these as MLDv1 reports for now. */
978 switch (grec->grec_type) {
979 case MLD2_MODE_IS_INCLUDE:
980 case MLD2_MODE_IS_EXCLUDE:
981 case MLD2_CHANGE_TO_INCLUDE:
982 case MLD2_CHANGE_TO_EXCLUDE:
983 case MLD2_ALLOW_NEW_SOURCES:
984 case MLD2_BLOCK_OLD_SOURCES:
985 break;
986
987 default:
988 continue;
989 }
990
991 err = br_ip6_multicast_add_group(br, port, &grec->grec_mca);
992 if (!err)
993 break;
994 }
995
996 return err;
997 }
998 #endif
999
1000 /*
1001 * Add port to rotuer_list
1002 * list is maintained ordered by pointer value
1003 * and locked by br->multicast_lock and RCU
1004 */
1005 static void br_multicast_add_router(struct net_bridge *br,
1006 struct net_bridge_port *port)
1007 {
1008 struct net_bridge_port *p;
1009 struct hlist_node *n, *slot = NULL;
1010
1011 hlist_for_each_entry(p, n, &br->router_list, rlist) {
1012 if ((unsigned long) port >= (unsigned long) p)
1013 break;
1014 slot = n;
1015 }
1016
1017 if (slot)
1018 hlist_add_after_rcu(slot, &port->rlist);
1019 else
1020 hlist_add_head_rcu(&port->rlist, &br->router_list);
1021 }
1022
1023 static void br_multicast_mark_router(struct net_bridge *br,
1024 struct net_bridge_port *port)
1025 {
1026 unsigned long now = jiffies;
1027
1028 if (!port) {
1029 if (br->multicast_router == 1)
1030 mod_timer(&br->multicast_router_timer,
1031 now + br->multicast_querier_interval);
1032 return;
1033 }
1034
1035 if (port->multicast_router != 1)
1036 return;
1037
1038 if (!hlist_unhashed(&port->rlist))
1039 goto timer;
1040
1041 br_multicast_add_router(br, port);
1042
1043 timer:
1044 mod_timer(&port->multicast_router_timer,
1045 now + br->multicast_querier_interval);
1046 }
1047
1048 static void br_multicast_query_received(struct net_bridge *br,
1049 struct net_bridge_port *port,
1050 int saddr)
1051 {
1052 if (saddr)
1053 mod_timer(&br->multicast_querier_timer,
1054 jiffies + br->multicast_querier_interval);
1055 else if (timer_pending(&br->multicast_querier_timer))
1056 return;
1057
1058 br_multicast_mark_router(br, port);
1059 }
1060
1061 static int br_ip4_multicast_query(struct net_bridge *br,
1062 struct net_bridge_port *port,
1063 struct sk_buff *skb)
1064 {
1065 const struct iphdr *iph = ip_hdr(skb);
1066 struct igmphdr *ih = igmp_hdr(skb);
1067 struct net_bridge_mdb_entry *mp;
1068 struct igmpv3_query *ih3;
1069 struct net_bridge_port_group *p;
1070 struct net_bridge_port_group __rcu **pp;
1071 unsigned long max_delay;
1072 unsigned long now = jiffies;
1073 __be32 group;
1074 int err = 0;
1075
1076 spin_lock(&br->multicast_lock);
1077 if (!netif_running(br->dev) ||
1078 (port && port->state == BR_STATE_DISABLED))
1079 goto out;
1080
1081 br_multicast_query_received(br, port, !!iph->saddr);
1082
1083 group = ih->group;
1084
1085 if (skb->len == sizeof(*ih)) {
1086 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE);
1087
1088 if (!max_delay) {
1089 max_delay = 10 * HZ;
1090 group = 0;
1091 }
1092 } else {
1093 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) {
1094 err = -EINVAL;
1095 goto out;
1096 }
1097
1098 ih3 = igmpv3_query_hdr(skb);
1099 if (ih3->nsrcs)
1100 goto out;
1101
1102 max_delay = ih3->code ?
1103 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1;
1104 }
1105
1106 if (!group)
1107 goto out;
1108
1109 mp = br_mdb_ip4_get(mlock_dereference(br->mdb, br), group);
1110 if (!mp)
1111 goto out;
1112
1113 max_delay *= br->multicast_last_member_count;
1114
1115 if (mp->mglist &&
1116 (timer_pending(&mp->timer) ?
1117 time_after(mp->timer.expires, now + max_delay) :
1118 try_to_del_timer_sync(&mp->timer) >= 0))
1119 mod_timer(&mp->timer, now + max_delay);
1120
1121 for (pp = &mp->ports;
1122 (p = mlock_dereference(*pp, br)) != NULL;
1123 pp = &p->next) {
1124 if (timer_pending(&p->timer) ?
1125 time_after(p->timer.expires, now + max_delay) :
1126 try_to_del_timer_sync(&p->timer) >= 0)
1127 mod_timer(&p->timer, now + max_delay);
1128 }
1129
1130 out:
1131 spin_unlock(&br->multicast_lock);
1132 return err;
1133 }
1134
1135 #if IS_ENABLED(CONFIG_IPV6)
1136 static int br_ip6_multicast_query(struct net_bridge *br,
1137 struct net_bridge_port *port,
1138 struct sk_buff *skb)
1139 {
1140 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
1141 struct mld_msg *mld = (struct mld_msg *) icmp6_hdr(skb);
1142 struct net_bridge_mdb_entry *mp;
1143 struct mld2_query *mld2q;
1144 struct net_bridge_port_group *p;
1145 struct net_bridge_port_group __rcu **pp;
1146 unsigned long max_delay;
1147 unsigned long now = jiffies;
1148 const struct in6_addr *group = NULL;
1149 int err = 0;
1150
1151 spin_lock(&br->multicast_lock);
1152 if (!netif_running(br->dev) ||
1153 (port && port->state == BR_STATE_DISABLED))
1154 goto out;
1155
1156 br_multicast_query_received(br, port, !ipv6_addr_any(&ip6h->saddr));
1157
1158 if (skb->len == sizeof(*mld)) {
1159 if (!pskb_may_pull(skb, sizeof(*mld))) {
1160 err = -EINVAL;
1161 goto out;
1162 }
1163 mld = (struct mld_msg *) icmp6_hdr(skb);
1164 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay));
1165 if (max_delay)
1166 group = &mld->mld_mca;
1167 } else if (skb->len >= sizeof(*mld2q)) {
1168 if (!pskb_may_pull(skb, sizeof(*mld2q))) {
1169 err = -EINVAL;
1170 goto out;
1171 }
1172 mld2q = (struct mld2_query *)icmp6_hdr(skb);
1173 if (!mld2q->mld2q_nsrcs)
1174 group = &mld2q->mld2q_mca;
1175 max_delay = mld2q->mld2q_mrc ? MLDV2_MRC(mld2q->mld2q_mrc) : 1;
1176 }
1177
1178 if (!group)
1179 goto out;
1180
1181 mp = br_mdb_ip6_get(mlock_dereference(br->mdb, br), group);
1182 if (!mp)
1183 goto out;
1184
1185 max_delay *= br->multicast_last_member_count;
1186 if (mp->mglist &&
1187 (timer_pending(&mp->timer) ?
1188 time_after(mp->timer.expires, now + max_delay) :
1189 try_to_del_timer_sync(&mp->timer) >= 0))
1190 mod_timer(&mp->timer, now + max_delay);
1191
1192 for (pp = &mp->ports;
1193 (p = mlock_dereference(*pp, br)) != NULL;
1194 pp = &p->next) {
1195 if (timer_pending(&p->timer) ?
1196 time_after(p->timer.expires, now + max_delay) :
1197 try_to_del_timer_sync(&p->timer) >= 0)
1198 mod_timer(&p->timer, now + max_delay);
1199 }
1200
1201 out:
1202 spin_unlock(&br->multicast_lock);
1203 return err;
1204 }
1205 #endif
1206
1207 static void br_multicast_leave_group(struct net_bridge *br,
1208 struct net_bridge_port *port,
1209 struct br_ip *group)
1210 {
1211 struct net_bridge_mdb_htable *mdb;
1212 struct net_bridge_mdb_entry *mp;
1213 struct net_bridge_port_group *p;
1214 unsigned long now;
1215 unsigned long time;
1216
1217 spin_lock(&br->multicast_lock);
1218 if (!netif_running(br->dev) ||
1219 (port && port->state == BR_STATE_DISABLED) ||
1220 timer_pending(&br->multicast_querier_timer))
1221 goto out;
1222
1223 mdb = mlock_dereference(br->mdb, br);
1224 mp = br_mdb_ip_get(mdb, group);
1225 if (!mp)
1226 goto out;
1227
1228 now = jiffies;
1229 time = now + br->multicast_last_member_count *
1230 br->multicast_last_member_interval;
1231
1232 if (!port) {
1233 if (mp->mglist &&
1234 (timer_pending(&mp->timer) ?
1235 time_after(mp->timer.expires, time) :
1236 try_to_del_timer_sync(&mp->timer) >= 0)) {
1237 mod_timer(&mp->timer, time);
1238 }
1239
1240 goto out;
1241 }
1242
1243 for (p = mlock_dereference(mp->ports, br);
1244 p != NULL;
1245 p = mlock_dereference(p->next, br)) {
1246 if (p->port != port)
1247 continue;
1248
1249 if (!hlist_unhashed(&p->mglist) &&
1250 (timer_pending(&p->timer) ?
1251 time_after(p->timer.expires, time) :
1252 try_to_del_timer_sync(&p->timer) >= 0)) {
1253 mod_timer(&p->timer, time);
1254 }
1255
1256 break;
1257 }
1258
1259 out:
1260 spin_unlock(&br->multicast_lock);
1261 }
1262
1263 static void br_ip4_multicast_leave_group(struct net_bridge *br,
1264 struct net_bridge_port *port,
1265 __be32 group)
1266 {
1267 struct br_ip br_group;
1268
1269 if (ipv4_is_local_multicast(group))
1270 return;
1271
1272 br_group.u.ip4 = group;
1273 br_group.proto = htons(ETH_P_IP);
1274
1275 br_multicast_leave_group(br, port, &br_group);
1276 }
1277
1278 #if IS_ENABLED(CONFIG_IPV6)
1279 static void br_ip6_multicast_leave_group(struct net_bridge *br,
1280 struct net_bridge_port *port,
1281 const struct in6_addr *group)
1282 {
1283 struct br_ip br_group;
1284
1285 if (!ipv6_is_transient_multicast(group))
1286 return;
1287
1288 br_group.u.ip6 = *group;
1289 br_group.proto = htons(ETH_P_IPV6);
1290
1291 br_multicast_leave_group(br, port, &br_group);
1292 }
1293 #endif
1294
1295 static int br_multicast_ipv4_rcv(struct net_bridge *br,
1296 struct net_bridge_port *port,
1297 struct sk_buff *skb)
1298 {
1299 struct sk_buff *skb2 = skb;
1300 const struct iphdr *iph;
1301 struct igmphdr *ih;
1302 unsigned int len;
1303 unsigned int offset;
1304 int err;
1305
1306 /* We treat OOM as packet loss for now. */
1307 if (!pskb_may_pull(skb, sizeof(*iph)))
1308 return -EINVAL;
1309
1310 iph = ip_hdr(skb);
1311
1312 if (iph->ihl < 5 || iph->version != 4)
1313 return -EINVAL;
1314
1315 if (!pskb_may_pull(skb, ip_hdrlen(skb)))
1316 return -EINVAL;
1317
1318 iph = ip_hdr(skb);
1319
1320 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl)))
1321 return -EINVAL;
1322
1323 if (iph->protocol != IPPROTO_IGMP) {
1324 if ((iph->daddr & IGMP_LOCAL_GROUP_MASK) != IGMP_LOCAL_GROUP)
1325 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1326 return 0;
1327 }
1328
1329 len = ntohs(iph->tot_len);
1330 if (skb->len < len || len < ip_hdrlen(skb))
1331 return -EINVAL;
1332
1333 if (skb->len > len) {
1334 skb2 = skb_clone(skb, GFP_ATOMIC);
1335 if (!skb2)
1336 return -ENOMEM;
1337
1338 err = pskb_trim_rcsum(skb2, len);
1339 if (err)
1340 goto err_out;
1341 }
1342
1343 len -= ip_hdrlen(skb2);
1344 offset = skb_network_offset(skb2) + ip_hdrlen(skb2);
1345 __skb_pull(skb2, offset);
1346 skb_reset_transport_header(skb2);
1347
1348 err = -EINVAL;
1349 if (!pskb_may_pull(skb2, sizeof(*ih)))
1350 goto out;
1351
1352 switch (skb2->ip_summed) {
1353 case CHECKSUM_COMPLETE:
1354 if (!csum_fold(skb2->csum))
1355 break;
1356 /* fall through */
1357 case CHECKSUM_NONE:
1358 skb2->csum = 0;
1359 if (skb_checksum_complete(skb2))
1360 goto out;
1361 }
1362
1363 err = 0;
1364
1365 BR_INPUT_SKB_CB(skb)->igmp = 1;
1366 ih = igmp_hdr(skb2);
1367
1368 switch (ih->type) {
1369 case IGMP_HOST_MEMBERSHIP_REPORT:
1370 case IGMPV2_HOST_MEMBERSHIP_REPORT:
1371 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1372 err = br_ip4_multicast_add_group(br, port, ih->group);
1373 break;
1374 case IGMPV3_HOST_MEMBERSHIP_REPORT:
1375 err = br_ip4_multicast_igmp3_report(br, port, skb2);
1376 break;
1377 case IGMP_HOST_MEMBERSHIP_QUERY:
1378 err = br_ip4_multicast_query(br, port, skb2);
1379 break;
1380 case IGMP_HOST_LEAVE_MESSAGE:
1381 br_ip4_multicast_leave_group(br, port, ih->group);
1382 break;
1383 }
1384
1385 out:
1386 __skb_push(skb2, offset);
1387 err_out:
1388 if (skb2 != skb)
1389 kfree_skb(skb2);
1390 return err;
1391 }
1392
1393 #if IS_ENABLED(CONFIG_IPV6)
1394 static int br_multicast_ipv6_rcv(struct net_bridge *br,
1395 struct net_bridge_port *port,
1396 struct sk_buff *skb)
1397 {
1398 struct sk_buff *skb2;
1399 const struct ipv6hdr *ip6h;
1400 u8 icmp6_type;
1401 u8 nexthdr;
1402 __be16 frag_off;
1403 unsigned int len;
1404 int offset;
1405 int err;
1406
1407 if (!pskb_may_pull(skb, sizeof(*ip6h)))
1408 return -EINVAL;
1409
1410 ip6h = ipv6_hdr(skb);
1411
1412 /*
1413 * We're interested in MLD messages only.
1414 * - Version is 6
1415 * - MLD has always Router Alert hop-by-hop option
1416 * - But we do not support jumbrograms.
1417 */
1418 if (ip6h->version != 6 ||
1419 ip6h->nexthdr != IPPROTO_HOPOPTS ||
1420 ip6h->payload_len == 0)
1421 return 0;
1422
1423 len = ntohs(ip6h->payload_len) + sizeof(*ip6h);
1424 if (skb->len < len)
1425 return -EINVAL;
1426
1427 nexthdr = ip6h->nexthdr;
1428 offset = ipv6_skip_exthdr(skb, sizeof(*ip6h), &nexthdr, &frag_off);
1429
1430 if (offset < 0 || nexthdr != IPPROTO_ICMPV6)
1431 return 0;
1432
1433 /* Okay, we found ICMPv6 header */
1434 skb2 = skb_clone(skb, GFP_ATOMIC);
1435 if (!skb2)
1436 return -ENOMEM;
1437
1438 err = -EINVAL;
1439 if (!pskb_may_pull(skb2, offset + sizeof(struct icmp6hdr)))
1440 goto out;
1441
1442 len -= offset - skb_network_offset(skb2);
1443
1444 __skb_pull(skb2, offset);
1445 skb_reset_transport_header(skb2);
1446 skb_postpull_rcsum(skb2, skb_network_header(skb2),
1447 skb_network_header_len(skb2));
1448
1449 icmp6_type = icmp6_hdr(skb2)->icmp6_type;
1450
1451 switch (icmp6_type) {
1452 case ICMPV6_MGM_QUERY:
1453 case ICMPV6_MGM_REPORT:
1454 case ICMPV6_MGM_REDUCTION:
1455 case ICMPV6_MLD2_REPORT:
1456 break;
1457 default:
1458 err = 0;
1459 goto out;
1460 }
1461
1462 /* Okay, we found MLD message. Check further. */
1463 if (skb2->len > len) {
1464 err = pskb_trim_rcsum(skb2, len);
1465 if (err)
1466 goto out;
1467 err = -EINVAL;
1468 }
1469
1470 ip6h = ipv6_hdr(skb2);
1471
1472 switch (skb2->ip_summed) {
1473 case CHECKSUM_COMPLETE:
1474 if (!csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, skb2->len,
1475 IPPROTO_ICMPV6, skb2->csum))
1476 break;
1477 /*FALLTHROUGH*/
1478 case CHECKSUM_NONE:
1479 skb2->csum = ~csum_unfold(csum_ipv6_magic(&ip6h->saddr,
1480 &ip6h->daddr,
1481 skb2->len,
1482 IPPROTO_ICMPV6, 0));
1483 if (__skb_checksum_complete(skb2))
1484 goto out;
1485 }
1486
1487 err = 0;
1488
1489 BR_INPUT_SKB_CB(skb)->igmp = 1;
1490
1491 switch (icmp6_type) {
1492 case ICMPV6_MGM_REPORT:
1493 {
1494 struct mld_msg *mld;
1495 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1496 err = -EINVAL;
1497 goto out;
1498 }
1499 mld = (struct mld_msg *)skb_transport_header(skb2);
1500 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1501 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca);
1502 break;
1503 }
1504 case ICMPV6_MLD2_REPORT:
1505 err = br_ip6_multicast_mld2_report(br, port, skb2);
1506 break;
1507 case ICMPV6_MGM_QUERY:
1508 err = br_ip6_multicast_query(br, port, skb2);
1509 break;
1510 case ICMPV6_MGM_REDUCTION:
1511 {
1512 struct mld_msg *mld;
1513 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1514 err = -EINVAL;
1515 goto out;
1516 }
1517 mld = (struct mld_msg *)skb_transport_header(skb2);
1518 br_ip6_multicast_leave_group(br, port, &mld->mld_mca);
1519 }
1520 }
1521
1522 out:
1523 kfree_skb(skb2);
1524 return err;
1525 }
1526 #endif
1527
1528 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port,
1529 struct sk_buff *skb)
1530 {
1531 BR_INPUT_SKB_CB(skb)->igmp = 0;
1532 BR_INPUT_SKB_CB(skb)->mrouters_only = 0;
1533
1534 if (br->multicast_disabled)
1535 return 0;
1536
1537 switch (skb->protocol) {
1538 case htons(ETH_P_IP):
1539 return br_multicast_ipv4_rcv(br, port, skb);
1540 #if IS_ENABLED(CONFIG_IPV6)
1541 case htons(ETH_P_IPV6):
1542 return br_multicast_ipv6_rcv(br, port, skb);
1543 #endif
1544 }
1545
1546 return 0;
1547 }
1548
1549 static void br_multicast_query_expired(unsigned long data)
1550 {
1551 struct net_bridge *br = (void *)data;
1552
1553 spin_lock(&br->multicast_lock);
1554 if (br->multicast_startup_queries_sent <
1555 br->multicast_startup_query_count)
1556 br->multicast_startup_queries_sent++;
1557
1558 br_multicast_send_query(br, NULL, br->multicast_startup_queries_sent);
1559
1560 spin_unlock(&br->multicast_lock);
1561 }
1562
1563 void br_multicast_init(struct net_bridge *br)
1564 {
1565 br->hash_elasticity = 4;
1566 br->hash_max = 512;
1567
1568 br->multicast_router = 1;
1569 br->multicast_querier = 0;
1570 br->multicast_last_member_count = 2;
1571 br->multicast_startup_query_count = 2;
1572
1573 br->multicast_last_member_interval = HZ;
1574 br->multicast_query_response_interval = 10 * HZ;
1575 br->multicast_startup_query_interval = 125 * HZ / 4;
1576 br->multicast_query_interval = 125 * HZ;
1577 br->multicast_querier_interval = 255 * HZ;
1578 br->multicast_membership_interval = 260 * HZ;
1579
1580 spin_lock_init(&br->multicast_lock);
1581 setup_timer(&br->multicast_router_timer,
1582 br_multicast_local_router_expired, 0);
1583 setup_timer(&br->multicast_querier_timer,
1584 br_multicast_querier_expired, (unsigned long)br);
1585 setup_timer(&br->multicast_query_timer, br_multicast_query_expired,
1586 (unsigned long)br);
1587 }
1588
1589 void br_multicast_open(struct net_bridge *br)
1590 {
1591 br->multicast_startup_queries_sent = 0;
1592
1593 if (br->multicast_disabled)
1594 return;
1595
1596 mod_timer(&br->multicast_query_timer, jiffies);
1597 }
1598
1599 void br_multicast_stop(struct net_bridge *br)
1600 {
1601 struct net_bridge_mdb_htable *mdb;
1602 struct net_bridge_mdb_entry *mp;
1603 struct hlist_node *p, *n;
1604 u32 ver;
1605 int i;
1606
1607 del_timer_sync(&br->multicast_router_timer);
1608 del_timer_sync(&br->multicast_querier_timer);
1609 del_timer_sync(&br->multicast_query_timer);
1610
1611 spin_lock_bh(&br->multicast_lock);
1612 mdb = mlock_dereference(br->mdb, br);
1613 if (!mdb)
1614 goto out;
1615
1616 br->mdb = NULL;
1617
1618 ver = mdb->ver;
1619 for (i = 0; i < mdb->max; i++) {
1620 hlist_for_each_entry_safe(mp, p, n, &mdb->mhash[i],
1621 hlist[ver]) {
1622 del_timer(&mp->timer);
1623 call_rcu_bh(&mp->rcu, br_multicast_free_group);
1624 }
1625 }
1626
1627 if (mdb->old) {
1628 spin_unlock_bh(&br->multicast_lock);
1629 rcu_barrier_bh();
1630 spin_lock_bh(&br->multicast_lock);
1631 WARN_ON(mdb->old);
1632 }
1633
1634 mdb->old = mdb;
1635 call_rcu_bh(&mdb->rcu, br_mdb_free);
1636
1637 out:
1638 spin_unlock_bh(&br->multicast_lock);
1639 }
1640
1641 int br_multicast_set_router(struct net_bridge *br, unsigned long val)
1642 {
1643 int err = -ENOENT;
1644
1645 spin_lock_bh(&br->multicast_lock);
1646 if (!netif_running(br->dev))
1647 goto unlock;
1648
1649 switch (val) {
1650 case 0:
1651 case 2:
1652 del_timer(&br->multicast_router_timer);
1653 /* fall through */
1654 case 1:
1655 br->multicast_router = val;
1656 err = 0;
1657 break;
1658
1659 default:
1660 err = -EINVAL;
1661 break;
1662 }
1663
1664 unlock:
1665 spin_unlock_bh(&br->multicast_lock);
1666
1667 return err;
1668 }
1669
1670 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val)
1671 {
1672 struct net_bridge *br = p->br;
1673 int err = -ENOENT;
1674
1675 spin_lock(&br->multicast_lock);
1676 if (!netif_running(br->dev) || p->state == BR_STATE_DISABLED)
1677 goto unlock;
1678
1679 switch (val) {
1680 case 0:
1681 case 1:
1682 case 2:
1683 p->multicast_router = val;
1684 err = 0;
1685
1686 if (val < 2 && !hlist_unhashed(&p->rlist))
1687 hlist_del_init_rcu(&p->rlist);
1688
1689 if (val == 1)
1690 break;
1691
1692 del_timer(&p->multicast_router_timer);
1693
1694 if (val == 0)
1695 break;
1696
1697 br_multicast_add_router(br, p);
1698 break;
1699
1700 default:
1701 err = -EINVAL;
1702 break;
1703 }
1704
1705 unlock:
1706 spin_unlock(&br->multicast_lock);
1707
1708 return err;
1709 }
1710
1711 static void br_multicast_start_querier(struct net_bridge *br)
1712 {
1713 struct net_bridge_port *port;
1714
1715 br_multicast_open(br);
1716
1717 list_for_each_entry(port, &br->port_list, list) {
1718 if (port->state == BR_STATE_DISABLED ||
1719 port->state == BR_STATE_BLOCKING)
1720 continue;
1721
1722 __br_multicast_enable_port(port);
1723 }
1724 }
1725
1726 int br_multicast_toggle(struct net_bridge *br, unsigned long val)
1727 {
1728 int err = 0;
1729 struct net_bridge_mdb_htable *mdb;
1730
1731 spin_lock_bh(&br->multicast_lock);
1732 if (br->multicast_disabled == !val)
1733 goto unlock;
1734
1735 br->multicast_disabled = !val;
1736 if (br->multicast_disabled)
1737 goto unlock;
1738
1739 if (!netif_running(br->dev))
1740 goto unlock;
1741
1742 mdb = mlock_dereference(br->mdb, br);
1743 if (mdb) {
1744 if (mdb->old) {
1745 err = -EEXIST;
1746 rollback:
1747 br->multicast_disabled = !!val;
1748 goto unlock;
1749 }
1750
1751 err = br_mdb_rehash(&br->mdb, mdb->max,
1752 br->hash_elasticity);
1753 if (err)
1754 goto rollback;
1755 }
1756
1757 br_multicast_start_querier(br);
1758
1759 unlock:
1760 spin_unlock_bh(&br->multicast_lock);
1761
1762 return err;
1763 }
1764
1765 int br_multicast_set_querier(struct net_bridge *br, unsigned long val)
1766 {
1767 val = !!val;
1768
1769 spin_lock_bh(&br->multicast_lock);
1770 if (br->multicast_querier == val)
1771 goto unlock;
1772
1773 br->multicast_querier = val;
1774 if (val)
1775 br_multicast_start_querier(br);
1776
1777 unlock:
1778 spin_unlock_bh(&br->multicast_lock);
1779
1780 return 0;
1781 }
1782
1783 int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val)
1784 {
1785 int err = -ENOENT;
1786 u32 old;
1787 struct net_bridge_mdb_htable *mdb;
1788
1789 spin_lock(&br->multicast_lock);
1790 if (!netif_running(br->dev))
1791 goto unlock;
1792
1793 err = -EINVAL;
1794 if (!is_power_of_2(val))
1795 goto unlock;
1796
1797 mdb = mlock_dereference(br->mdb, br);
1798 if (mdb && val < mdb->size)
1799 goto unlock;
1800
1801 err = 0;
1802
1803 old = br->hash_max;
1804 br->hash_max = val;
1805
1806 if (mdb) {
1807 if (mdb->old) {
1808 err = -EEXIST;
1809 rollback:
1810 br->hash_max = old;
1811 goto unlock;
1812 }
1813
1814 err = br_mdb_rehash(&br->mdb, br->hash_max,
1815 br->hash_elasticity);
1816 if (err)
1817 goto rollback;
1818 }
1819
1820 unlock:
1821 spin_unlock(&br->multicast_lock);
1822
1823 return err;
1824 }
Linus' kernel tree