Gitiles
Code Review Sign In
192.168.1.100 / T108 / 50f43abd51b98a89a2ec2d51cd2725a28869fae6 / . / marvell / linux / net / ipv4 / igmp.c
blob: 94b81c90f89effdad771c0457d404c479ff646ff [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame]1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Linux NET3: Internet Group Management Protocol [IGMP]
4 *
5 * This code implements the IGMP protocol as defined in RFC1112. There has
6 * been a further revision of this protocol since which is now supported.
7 *
8 * If you have trouble with this module be careful what gcc you have used,
9 * the older version didn't come out right using gcc 2.5.8, the newer one
10 * seems to fall out with gcc 2.6.2.
11 *
12 * Authors:
13 * Alan Cox <alan@lxorguk.ukuu.org.uk>
14 *
15 * Fixes:
16 *
17 * Alan Cox : Added lots of __inline__ to optimise
18 * the memory usage of all the tiny little
19 * functions.
20 * Alan Cox : Dumped the header building experiment.
21 * Alan Cox : Minor tweaks ready for multicast routing
22 * and extended IGMP protocol.
23 * Alan Cox : Removed a load of inline directives. Gcc 2.5.8
24 * writes utterly bogus code otherwise (sigh)
25 * fixed IGMP loopback to behave in the manner
26 * desired by mrouted, fixed the fact it has been
27 * broken since 1.3.6 and cleaned up a few minor
28 * points.
29 *
30 * Chih-Jen Chang : Tried to revise IGMP to Version 2
31 * Tsu-Sheng Tsao E-mail: chihjenc@scf.usc.edu and tsusheng@scf.usc.edu
32 * The enhancements are mainly based on Steve Deering's
33 * ipmulti-3.5 source code.
34 * Chih-Jen Chang : Added the igmp_get_mrouter_info and
35 * Tsu-Sheng Tsao igmp_set_mrouter_info to keep track of
36 * the mrouted version on that device.
37 * Chih-Jen Chang : Added the max_resp_time parameter to
38 * Tsu-Sheng Tsao igmp_heard_query(). Using this parameter
39 * to identify the multicast router version
40 * and do what the IGMP version 2 specified.
41 * Chih-Jen Chang : Added a timer to revert to IGMP V2 router
42 * Tsu-Sheng Tsao if the specified time expired.
43 * Alan Cox : Stop IGMP from 0.0.0.0 being accepted.
44 * Alan Cox : Use GFP_ATOMIC in the right places.
45 * Christian Daudt : igmp timer wasn't set for local group
46 * memberships but was being deleted,
47 * which caused a "del_timer() called
48 * from %p with timer not initialized\n"
49 * message (960131).
50 * Christian Daudt : removed del_timer from
51 * igmp_timer_expire function (960205).
52 * Christian Daudt : igmp_heard_report now only calls
53 * igmp_timer_expire if tm->running is
54 * true (960216).
55 * Malcolm Beattie : ttl comparison wrong in igmp_rcv made
56 * igmp_heard_query never trigger. Expiry
57 * miscalculation fixed in igmp_heard_query
58 * and random() made to return unsigned to
59 * prevent negative expiry times.
60 * Alexey Kuznetsov: Wrong group leaving behaviour, backport
61 * fix from pending 2.1.x patches.
62 * Alan Cox: Forget to enable FDDI support earlier.
63 * Alexey Kuznetsov: Fixed leaving groups on device down.
64 * Alexey Kuznetsov: Accordance to igmp-v2-06 draft.
65 * David L Stevens: IGMPv3 support, with help from
66 * Vinay Kulkarni
67 */
68
69#include <linux/module.h>
70#include <linux/slab.h>
71#include <linux/uaccess.h>
72#include <linux/types.h>
73#include <linux/kernel.h>
74#include <linux/jiffies.h>
75#include <linux/string.h>
76#include <linux/socket.h>
77#include <linux/sockios.h>
78#include <linux/in.h>
79#include <linux/inet.h>
80#include <linux/netdevice.h>
81#include <linux/skbuff.h>
82#include <linux/inetdevice.h>
83#include <linux/igmp.h>
84#include <linux/if_arp.h>
85#include <linux/rtnetlink.h>
86#include <linux/times.h>
87#include <linux/pkt_sched.h>
88#include <linux/byteorder/generic.h>
89
90#include <net/net_namespace.h>
91#include <net/arp.h>
92#include <net/ip.h>
93#include <net/protocol.h>
94#include <net/route.h>
95#include <net/sock.h>
96#include <net/checksum.h>
97#include <net/inet_common.h>
98#include <linux/netfilter_ipv4.h>
99#ifdef CONFIG_IP_MROUTE
100#include <linux/mroute.h>
101#endif
102#ifdef CONFIG_PROC_FS
103#include <linux/proc_fs.h>
104#include <linux/seq_file.h>
105#endif
106
107#ifdef CONFIG_IP_MULTICAST
108/* Parameter names and values are taken from igmp-v2-06 draft */
109
110#define IGMP_V2_UNSOLICITED_REPORT_INTERVAL (10*HZ)
111#define IGMP_V3_UNSOLICITED_REPORT_INTERVAL (1*HZ)
112#define IGMP_QUERY_INTERVAL (125*HZ)
113#define IGMP_QUERY_RESPONSE_INTERVAL (10*HZ)
114
115#define IGMP_INITIAL_REPORT_DELAY (1)
116
117/* IGMP_INITIAL_REPORT_DELAY is not from IGMP specs!
118 * IGMP specs require to report membership immediately after
119 * joining a group, but we delay the first report by a
120 * small interval. It seems more natural and still does not
121 * contradict to specs provided this delay is small enough.
122 */
123
124#define IGMP_V1_SEEN(in_dev) \
125 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 1 || \
126 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 1 || \
127 ((in_dev)->mr_v1_seen && \
128 time_before(jiffies, (in_dev)->mr_v1_seen)))
129#define IGMP_V2_SEEN(in_dev) \
130 (IPV4_DEVCONF_ALL(dev_net(in_dev->dev), FORCE_IGMP_VERSION) == 2 || \
131 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 2 || \
132 ((in_dev)->mr_v2_seen && \
133 time_before(jiffies, (in_dev)->mr_v2_seen)))
134
135static int unsolicited_report_interval(struct in_device *in_dev)
136{
137 int interval_ms, interval_jiffies;
138
139 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev))
140 interval_ms = IN_DEV_CONF_GET(
141 in_dev,
142 IGMPV2_UNSOLICITED_REPORT_INTERVAL);
143 else /* v3 */
144 interval_ms = IN_DEV_CONF_GET(
145 in_dev,
146 IGMPV3_UNSOLICITED_REPORT_INTERVAL);
147
148 interval_jiffies = msecs_to_jiffies(interval_ms);
149
150 /* _timer functions can't handle a delay of 0 jiffies so ensure
151 * we always return a positive value.
152 */
153 if (interval_jiffies <= 0)
154 interval_jiffies = 1;
155 return interval_jiffies;
156}
157
158static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im,
159 gfp_t gfp);
160static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im);
161static void igmpv3_clear_delrec(struct in_device *in_dev);
162static int sf_setstate(struct ip_mc_list *pmc);
163static void sf_markstate(struct ip_mc_list *pmc);
164#endif
165static void ip_mc_clear_src(struct ip_mc_list *pmc);
166static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode,
167 int sfcount, __be32 *psfsrc, int delta);
168
169static void ip_ma_put(struct ip_mc_list *im)
170{
171 if (refcount_dec_and_test(&im->refcnt)) {
172 in_dev_put(im->interface);
173 kfree_rcu(im, rcu);
174 }
175}
176
177#define for_each_pmc_rcu(in_dev, pmc) \
178 for (pmc = rcu_dereference(in_dev->mc_list); \
179 pmc != NULL; \
180 pmc = rcu_dereference(pmc->next_rcu))
181
182#define for_each_pmc_rtnl(in_dev, pmc) \
183 for (pmc = rtnl_dereference(in_dev->mc_list); \
184 pmc != NULL; \
185 pmc = rtnl_dereference(pmc->next_rcu))
186
187static void ip_sf_list_clear_all(struct ip_sf_list *psf)
188{
189 struct ip_sf_list *next;
190
191 while (psf) {
192 next = psf->sf_next;
193 kfree(psf);
194 psf = next;
195 }
196}
197
198#ifdef CONFIG_IP_MULTICAST
199
200/*
201 * Timer management
202 */
203
204static void igmp_stop_timer(struct ip_mc_list *im)
205{
206 spin_lock_bh(&im->lock);
207 if (del_timer(&im->timer))
208 refcount_dec(&im->refcnt);
209 im->tm_running = 0;
210 im->reporter = 0;
211 im->unsolicit_count = 0;
212 spin_unlock_bh(&im->lock);
213}
214
215/* It must be called with locked im->lock */
216static void igmp_start_timer(struct ip_mc_list *im, int max_delay)
217{
218 int tv = prandom_u32() % max_delay;
219
220 im->tm_running = 1;
221 if (refcount_inc_not_zero(&im->refcnt)) {
222 if (mod_timer(&im->timer, jiffies + tv + 2))
223 ip_ma_put(im);
224 }
225}
226
227static void igmp_gq_start_timer(struct in_device *in_dev)
228{
229 int tv = prandom_u32() % in_dev->mr_maxdelay;
230 unsigned long exp = jiffies + tv + 2;
231
232 if (in_dev->mr_gq_running &&
233 time_after_eq(exp, (in_dev->mr_gq_timer).expires))
234 return;
235
236 in_dev->mr_gq_running = 1;
237 if (!mod_timer(&in_dev->mr_gq_timer, exp))
238 in_dev_hold(in_dev);
239}
240
241static void igmp_ifc_start_timer(struct in_device *in_dev, int delay)
242{
243 int tv = prandom_u32() % delay;
244
245 if (!mod_timer(&in_dev->mr_ifc_timer, jiffies+tv+2))
246 in_dev_hold(in_dev);
247}
248
249static void igmp_mod_timer(struct ip_mc_list *im, int max_delay)
250{
251 spin_lock_bh(&im->lock);
252 im->unsolicit_count = 0;
253 if (del_timer(&im->timer)) {
254 if ((long)(im->timer.expires-jiffies) < max_delay) {
255 add_timer(&im->timer);
256 im->tm_running = 1;
257 spin_unlock_bh(&im->lock);
258 return;
259 }
260 refcount_dec(&im->refcnt);
261 }
262 igmp_start_timer(im, max_delay);
263 spin_unlock_bh(&im->lock);
264}
265
266
267/*
268 * Send an IGMP report.
269 */
270
271#define IGMP_SIZE (sizeof(struct igmphdr)+sizeof(struct iphdr)+4)
272
273
274static int is_in(struct ip_mc_list *pmc, struct ip_sf_list *psf, int type,
275 int gdeleted, int sdeleted)
276{
277 switch (type) {
278 case IGMPV3_MODE_IS_INCLUDE:
279 case IGMPV3_MODE_IS_EXCLUDE:
280 if (gdeleted || sdeleted)
281 return 0;
282 if (!(pmc->gsquery && !psf->sf_gsresp)) {
283 if (pmc->sfmode == MCAST_INCLUDE)
284 return 1;
285 /* don't include if this source is excluded
286 * in all filters
287 */
288 if (psf->sf_count[MCAST_INCLUDE])
289 return type == IGMPV3_MODE_IS_INCLUDE;
290 return pmc->sfcount[MCAST_EXCLUDE] ==
291 psf->sf_count[MCAST_EXCLUDE];
292 }
293 return 0;
294 case IGMPV3_CHANGE_TO_INCLUDE:
295 if (gdeleted || sdeleted)
296 return 0;
297 return psf->sf_count[MCAST_INCLUDE] != 0;
298 case IGMPV3_CHANGE_TO_EXCLUDE:
299 if (gdeleted || sdeleted)
300 return 0;
301 if (pmc->sfcount[MCAST_EXCLUDE] == 0 ||
302 psf->sf_count[MCAST_INCLUDE])
303 return 0;
304 return pmc->sfcount[MCAST_EXCLUDE] ==
305 psf->sf_count[MCAST_EXCLUDE];
306 case IGMPV3_ALLOW_NEW_SOURCES:
307 if (gdeleted || !psf->sf_crcount)
308 return 0;
309 return (pmc->sfmode == MCAST_INCLUDE) ^ sdeleted;
310 case IGMPV3_BLOCK_OLD_SOURCES:
311 if (pmc->sfmode == MCAST_INCLUDE)
312 return gdeleted || (psf->sf_crcount && sdeleted);
313 return psf->sf_crcount && !gdeleted && !sdeleted;
314 }
315 return 0;
316}
317
318static int
319igmp_scount(struct ip_mc_list *pmc, int type, int gdeleted, int sdeleted)
320{
321 struct ip_sf_list *psf;
322 int scount = 0;
323
324 for (psf = pmc->sources; psf; psf = psf->sf_next) {
325 if (!is_in(pmc, psf, type, gdeleted, sdeleted))
326 continue;
327 scount++;
328 }
329 return scount;
330}
331
332/* source address selection per RFC 3376 section 4.2.13 */
333static __be32 igmpv3_get_srcaddr(struct net_device *dev,
334 const struct flowi4 *fl4)
335{
336 struct in_device *in_dev = __in_dev_get_rcu(dev);
337 const struct in_ifaddr *ifa;
338
339 if (!in_dev)
340 return htonl(INADDR_ANY);
341
342 in_dev_for_each_ifa_rcu(ifa, in_dev) {
343 if (fl4->saddr == ifa->ifa_local)
344 return fl4->saddr;
345 }
346
347 return htonl(INADDR_ANY);
348}
349
350static struct sk_buff *igmpv3_newpack(struct net_device *dev, unsigned int mtu)
351{
352 struct sk_buff *skb;
353 struct rtable *rt;
354 struct iphdr *pip;
355 struct igmpv3_report *pig;
356 struct net *net = dev_net(dev);
357 struct flowi4 fl4;
358 int hlen = LL_RESERVED_SPACE(dev);
359 int tlen = dev->needed_tailroom;
360 unsigned int size;
361
362 size = min(mtu, IP_MAX_MTU);
363 while (1) {
364 skb = alloc_skb(size + hlen + tlen,
365 GFP_ATOMIC | __GFP_NOWARN);
366 if (skb)
367 break;
368 size >>= 1;
369 if (size < 256)
370 return NULL;
371 }
372 skb->priority = TC_PRIO_CONTROL;
373
374 rt = ip_route_output_ports(net, &fl4, NULL, IGMPV3_ALL_MCR, 0,
375 0, 0,
376 IPPROTO_IGMP, 0, dev->ifindex);
377 if (IS_ERR(rt)) {
378 kfree_skb(skb);
379 return NULL;
380 }
381
382 skb_dst_set(skb, &rt->dst);
383 skb->dev = dev;
384
385 skb_reserve(skb, hlen);
386 skb_tailroom_reserve(skb, mtu, tlen);
387
388 skb_reset_network_header(skb);
389 pip = ip_hdr(skb);
390 skb_put(skb, sizeof(struct iphdr) + 4);
391
392 pip->version = 4;
393 pip->ihl = (sizeof(struct iphdr)+4)>>2;
394 pip->tos = 0xc0;
395 pip->frag_off = htons(IP_DF);
396 pip->ttl = 1;
397 pip->daddr = fl4.daddr;
398
399 rcu_read_lock();
400 pip->saddr = igmpv3_get_srcaddr(dev, &fl4);
401 rcu_read_unlock();
402
403 pip->protocol = IPPROTO_IGMP;
404 pip->tot_len = 0; /* filled in later */
405 ip_select_ident(net, skb, NULL);
406 ((u8 *)&pip[1])[0] = IPOPT_RA;
407 ((u8 *)&pip[1])[1] = 4;
408 ((u8 *)&pip[1])[2] = 0;
409 ((u8 *)&pip[1])[3] = 0;
410
411 skb->transport_header = skb->network_header + sizeof(struct iphdr) + 4;
412 skb_put(skb, sizeof(*pig));
413 pig = igmpv3_report_hdr(skb);
414 pig->type = IGMPV3_HOST_MEMBERSHIP_REPORT;
415 pig->resv1 = 0;
416 pig->csum = 0;
417 pig->resv2 = 0;
418 pig->ngrec = 0;
419 return skb;
420}
421
422static int igmpv3_sendpack(struct sk_buff *skb)
423{
424 struct igmphdr *pig = igmp_hdr(skb);
425 const int igmplen = skb_tail_pointer(skb) - skb_transport_header(skb);
426
427 pig->csum = ip_compute_csum(igmp_hdr(skb), igmplen);
428
429 return ip_local_out(dev_net(skb_dst(skb)->dev), skb->sk, skb);
430}
431
432static int grec_size(struct ip_mc_list *pmc, int type, int gdel, int sdel)
433{
434 return sizeof(struct igmpv3_grec) + 4*igmp_scount(pmc, type, gdel, sdel);
435}
436
437static struct sk_buff *add_grhead(struct sk_buff *skb, struct ip_mc_list *pmc,
438 int type, struct igmpv3_grec **ppgr, unsigned int mtu)
439{
440 struct net_device *dev = pmc->interface->dev;
441 struct igmpv3_report *pih;
442 struct igmpv3_grec *pgr;
443
444 if (!skb) {
445 skb = igmpv3_newpack(dev, mtu);
446 if (!skb)
447 return NULL;
448 }
449 pgr = skb_put(skb, sizeof(struct igmpv3_grec));
450 pgr->grec_type = type;
451 pgr->grec_auxwords = 0;
452 pgr->grec_nsrcs = 0;
453 pgr->grec_mca = pmc->multiaddr;
454 pih = igmpv3_report_hdr(skb);
455 pih->ngrec = htons(ntohs(pih->ngrec)+1);
456 *ppgr = pgr;
457 return skb;
458}
459
460#define AVAILABLE(skb) ((skb) ? skb_availroom(skb) : 0)
461
462static struct sk_buff *add_grec(struct sk_buff *skb, struct ip_mc_list *pmc,
463 int type, int gdeleted, int sdeleted)
464{
465 struct net_device *dev = pmc->interface->dev;
466 struct net *net = dev_net(dev);
467 struct igmpv3_report *pih;
468 struct igmpv3_grec *pgr = NULL;
469 struct ip_sf_list *psf, *psf_next, *psf_prev, **psf_list;
470 int scount, stotal, first, isquery, truncate;
471 unsigned int mtu;
472
473 if (pmc->multiaddr == IGMP_ALL_HOSTS)
474 return skb;
475 if (ipv4_is_local_multicast(pmc->multiaddr) &&
476 !READ_ONCE(net->ipv4.sysctl_igmp_llm_reports))
477 return skb;
478
479 mtu = READ_ONCE(dev->mtu);
480 if (mtu < IPV4_MIN_MTU)
481 return skb;
482
483 isquery = type == IGMPV3_MODE_IS_INCLUDE ||
484 type == IGMPV3_MODE_IS_EXCLUDE;
485 truncate = type == IGMPV3_MODE_IS_EXCLUDE ||
486 type == IGMPV3_CHANGE_TO_EXCLUDE;
487
488 stotal = scount = 0;
489
490 psf_list = sdeleted ? &pmc->tomb : &pmc->sources;
491
492 if (!*psf_list)
493 goto empty_source;
494
495 pih = skb ? igmpv3_report_hdr(skb) : NULL;
496
497 /* EX and TO_EX get a fresh packet, if needed */
498 if (truncate) {
499 if (pih && pih->ngrec &&
500 AVAILABLE(skb) < grec_size(pmc, type, gdeleted, sdeleted)) {
501 if (skb)
502 igmpv3_sendpack(skb);
503 skb = igmpv3_newpack(dev, mtu);
504 }
505 }
506 first = 1;
507 psf_prev = NULL;
508 for (psf = *psf_list; psf; psf = psf_next) {
509 __be32 *psrc;
510
511 psf_next = psf->sf_next;
512
513 if (!is_in(pmc, psf, type, gdeleted, sdeleted)) {
514 psf_prev = psf;
515 continue;
516 }
517
518 /* Based on RFC3376 5.1. Should not send source-list change
519 * records when there is a filter mode change.
520 */
521 if (((gdeleted && pmc->sfmode == MCAST_EXCLUDE) ||
522 (!gdeleted && pmc->crcount)) &&
523 (type == IGMPV3_ALLOW_NEW_SOURCES ||
524 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount)
525 goto decrease_sf_crcount;
526
527 /* clear marks on query responses */
528 if (isquery)
529 psf->sf_gsresp = 0;
530
531 if (AVAILABLE(skb) < sizeof(__be32) +
532 first*sizeof(struct igmpv3_grec)) {
533 if (truncate && !first)
534 break; /* truncate these */
535 if (pgr)
536 pgr->grec_nsrcs = htons(scount);
537 if (skb)
538 igmpv3_sendpack(skb);
539 skb = igmpv3_newpack(dev, mtu);
540 first = 1;
541 scount = 0;
542 }
543 if (first) {
544 skb = add_grhead(skb, pmc, type, &pgr, mtu);
545 first = 0;
546 }
547 if (!skb)
548 return NULL;
549 psrc = skb_put(skb, sizeof(__be32));
550 *psrc = psf->sf_inaddr;
551 scount++; stotal++;
552 if ((type == IGMPV3_ALLOW_NEW_SOURCES ||
553 type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) {
554decrease_sf_crcount:
555 psf->sf_crcount--;
556 if ((sdeleted || gdeleted) && psf->sf_crcount == 0) {
557 if (psf_prev)
558 psf_prev->sf_next = psf->sf_next;
559 else
560 *psf_list = psf->sf_next;
561 kfree(psf);
562 continue;
563 }
564 }
565 psf_prev = psf;
566 }
567
568empty_source:
569 if (!stotal) {
570 if (type == IGMPV3_ALLOW_NEW_SOURCES ||
571 type == IGMPV3_BLOCK_OLD_SOURCES)
572 return skb;
573 if (pmc->crcount || isquery) {
574 /* make sure we have room for group header */
575 if (skb && AVAILABLE(skb) < sizeof(struct igmpv3_grec)) {
576 igmpv3_sendpack(skb);
577 skb = NULL; /* add_grhead will get a new one */
578 }
579 skb = add_grhead(skb, pmc, type, &pgr, mtu);
580 }
581 }
582 if (pgr)
583 pgr->grec_nsrcs = htons(scount);
584
585 if (isquery)
586 pmc->gsquery = 0; /* clear query state on report */
587 return skb;
588}
589
590static int igmpv3_send_report(struct in_device *in_dev, struct ip_mc_list *pmc)
591{
592 struct sk_buff *skb = NULL;
593 struct net *net = dev_net(in_dev->dev);
594 int type;
595
596 if (!pmc) {
597 rcu_read_lock();
598 for_each_pmc_rcu(in_dev, pmc) {
599 if (pmc->multiaddr == IGMP_ALL_HOSTS)
600 continue;
601 if (ipv4_is_local_multicast(pmc->multiaddr) &&
602 !READ_ONCE(net->ipv4.sysctl_igmp_llm_reports))
603 continue;
604 spin_lock_bh(&pmc->lock);
605 if (pmc->sfcount[MCAST_EXCLUDE])
606 type = IGMPV3_MODE_IS_EXCLUDE;
607 else
608 type = IGMPV3_MODE_IS_INCLUDE;
609 skb = add_grec(skb, pmc, type, 0, 0);
610 spin_unlock_bh(&pmc->lock);
611 }
612 rcu_read_unlock();
613 } else {
614 spin_lock_bh(&pmc->lock);
615 if (pmc->sfcount[MCAST_EXCLUDE])
616 type = IGMPV3_MODE_IS_EXCLUDE;
617 else
618 type = IGMPV3_MODE_IS_INCLUDE;
619 skb = add_grec(skb, pmc, type, 0, 0);
620 spin_unlock_bh(&pmc->lock);
621 }
622 if (!skb)
623 return 0;
624 return igmpv3_sendpack(skb);
625}
626
627/*
628 * remove zero-count source records from a source filter list
629 */
630static void igmpv3_clear_zeros(struct ip_sf_list **ppsf)
631{
632 struct ip_sf_list *psf_prev, *psf_next, *psf;
633
634 psf_prev = NULL;
635 for (psf = *ppsf; psf; psf = psf_next) {
636 psf_next = psf->sf_next;
637 if (psf->sf_crcount == 0) {
638 if (psf_prev)
639 psf_prev->sf_next = psf->sf_next;
640 else
641 *ppsf = psf->sf_next;
642 kfree(psf);
643 } else
644 psf_prev = psf;
645 }
646}
647
648static void kfree_pmc(struct ip_mc_list *pmc)
649{
650 ip_sf_list_clear_all(pmc->sources);
651 ip_sf_list_clear_all(pmc->tomb);
652 kfree(pmc);
653}
654
655static void igmpv3_send_cr(struct in_device *in_dev)
656{
657 struct ip_mc_list *pmc, *pmc_prev, *pmc_next;
658 struct sk_buff *skb = NULL;
659 int type, dtype;
660
661 rcu_read_lock();
662 spin_lock_bh(&in_dev->mc_tomb_lock);
663
664 /* deleted MCA's */
665 pmc_prev = NULL;
666 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc_next) {
667 pmc_next = pmc->next;
668 if (pmc->sfmode == MCAST_INCLUDE) {
669 type = IGMPV3_BLOCK_OLD_SOURCES;
670 dtype = IGMPV3_BLOCK_OLD_SOURCES;
671 skb = add_grec(skb, pmc, type, 1, 0);
672 skb = add_grec(skb, pmc, dtype, 1, 1);
673 }
674 if (pmc->crcount) {
675 if (pmc->sfmode == MCAST_EXCLUDE) {
676 type = IGMPV3_CHANGE_TO_INCLUDE;
677 skb = add_grec(skb, pmc, type, 1, 0);
678 }
679 pmc->crcount--;
680 if (pmc->crcount == 0) {
681 igmpv3_clear_zeros(&pmc->tomb);
682 igmpv3_clear_zeros(&pmc->sources);
683 }
684 }
685 if (pmc->crcount == 0 && !pmc->tomb && !pmc->sources) {
686 if (pmc_prev)
687 pmc_prev->next = pmc_next;
688 else
689 in_dev->mc_tomb = pmc_next;
690 in_dev_put(pmc->interface);
691 kfree_pmc(pmc);
692 } else
693 pmc_prev = pmc;
694 }
695 spin_unlock_bh(&in_dev->mc_tomb_lock);
696
697 /* change recs */
698 for_each_pmc_rcu(in_dev, pmc) {
699 spin_lock_bh(&pmc->lock);
700 if (pmc->sfcount[MCAST_EXCLUDE]) {
701 type = IGMPV3_BLOCK_OLD_SOURCES;
702 dtype = IGMPV3_ALLOW_NEW_SOURCES;
703 } else {
704 type = IGMPV3_ALLOW_NEW_SOURCES;
705 dtype = IGMPV3_BLOCK_OLD_SOURCES;
706 }
707 skb = add_grec(skb, pmc, type, 0, 0);
708 skb = add_grec(skb, pmc, dtype, 0, 1); /* deleted sources */
709
710 /* filter mode changes */
711 if (pmc->crcount) {
712 if (pmc->sfmode == MCAST_EXCLUDE)
713 type = IGMPV3_CHANGE_TO_EXCLUDE;
714 else
715 type = IGMPV3_CHANGE_TO_INCLUDE;
716 skb = add_grec(skb, pmc, type, 0, 0);
717 pmc->crcount--;
718 }
719 spin_unlock_bh(&pmc->lock);
720 }
721 rcu_read_unlock();
722
723 if (!skb)
724 return;
725 (void) igmpv3_sendpack(skb);
726}
727
728static int igmp_send_report(struct in_device *in_dev, struct ip_mc_list *pmc,
729 int type)
730{
731 struct sk_buff *skb;
732 struct iphdr *iph;
733 struct igmphdr *ih;
734 struct rtable *rt;
735 struct net_device *dev = in_dev->dev;
736 struct net *net = dev_net(dev);
737 __be32 group = pmc ? pmc->multiaddr : 0;
738 struct flowi4 fl4;
739 __be32 dst;
740 int hlen, tlen;
741
742 if (type == IGMPV3_HOST_MEMBERSHIP_REPORT)
743 return igmpv3_send_report(in_dev, pmc);
744
745 if (ipv4_is_local_multicast(group) &&
746 !READ_ONCE(net->ipv4.sysctl_igmp_llm_reports))
747 return 0;
748
749 if (type == IGMP_HOST_LEAVE_MESSAGE)
750 dst = IGMP_ALL_ROUTER;
751 else
752 dst = group;
753
754 rt = ip_route_output_ports(net, &fl4, NULL, dst, 0,
755 0, 0,
756 IPPROTO_IGMP, 0, dev->ifindex);
757 if (IS_ERR(rt))
758 return -1;
759
760 hlen = LL_RESERVED_SPACE(dev);
761 tlen = dev->needed_tailroom;
762 skb = alloc_skb(IGMP_SIZE + hlen + tlen, GFP_ATOMIC);
763 if (!skb) {
764 ip_rt_put(rt);
765 return -1;
766 }
767 skb->priority = TC_PRIO_CONTROL;
768
769 skb_dst_set(skb, &rt->dst);
770
771 skb_reserve(skb, hlen);
772
773 skb_reset_network_header(skb);
774 iph = ip_hdr(skb);
775 skb_put(skb, sizeof(struct iphdr) + 4);
776
777 iph->version = 4;
778 iph->ihl = (sizeof(struct iphdr)+4)>>2;
779 iph->tos = 0xc0;
780 iph->frag_off = htons(IP_DF);
781 iph->ttl = 1;
782 iph->daddr = dst;
783 iph->saddr = fl4.saddr;
784 iph->protocol = IPPROTO_IGMP;
785 ip_select_ident(net, skb, NULL);
786 ((u8 *)&iph[1])[0] = IPOPT_RA;
787 ((u8 *)&iph[1])[1] = 4;
788 ((u8 *)&iph[1])[2] = 0;
789 ((u8 *)&iph[1])[3] = 0;
790
791 ih = skb_put(skb, sizeof(struct igmphdr));
792 ih->type = type;
793 ih->code = 0;
794 ih->csum = 0;
795 ih->group = group;
796 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr));
797
798 return ip_local_out(net, skb->sk, skb);
799}
800
801static void igmp_gq_timer_expire(struct timer_list *t)
802{
803 struct in_device *in_dev = from_timer(in_dev, t, mr_gq_timer);
804
805 in_dev->mr_gq_running = 0;
806 igmpv3_send_report(in_dev, NULL);
807 in_dev_put(in_dev);
808}
809
810static void igmp_ifc_timer_expire(struct timer_list *t)
811{
812 struct in_device *in_dev = from_timer(in_dev, t, mr_ifc_timer);
813 u8 mr_ifc_count;
814
815 igmpv3_send_cr(in_dev);
816restart:
817 mr_ifc_count = READ_ONCE(in_dev->mr_ifc_count);
818
819 if (mr_ifc_count) {
820 if (cmpxchg(&in_dev->mr_ifc_count,
821 mr_ifc_count,
822 mr_ifc_count - 1) != mr_ifc_count)
823 goto restart;
824 igmp_ifc_start_timer(in_dev,
825 unsolicited_report_interval(in_dev));
826 }
827 in_dev_put(in_dev);
828}
829
830static void igmp_ifc_event(struct in_device *in_dev)
831{
832 struct net *net = dev_net(in_dev->dev);
833 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev))
834 return;
835 WRITE_ONCE(in_dev->mr_ifc_count, in_dev->mr_qrv ?: READ_ONCE(net->ipv4.sysctl_igmp_qrv));
836 igmp_ifc_start_timer(in_dev, 1);
837}
838
839
840static void igmp_timer_expire(struct timer_list *t)
841{
842 struct ip_mc_list *im = from_timer(im, t, timer);
843 struct in_device *in_dev = im->interface;
844
845 spin_lock(&im->lock);
846 im->tm_running = 0;
847
848 if (im->unsolicit_count && --im->unsolicit_count)
849 igmp_start_timer(im, unsolicited_report_interval(in_dev));
850
851 im->reporter = 1;
852 spin_unlock(&im->lock);
853
854 if (IGMP_V1_SEEN(in_dev))
855 igmp_send_report(in_dev, im, IGMP_HOST_MEMBERSHIP_REPORT);
856 else if (IGMP_V2_SEEN(in_dev))
857 igmp_send_report(in_dev, im, IGMPV2_HOST_MEMBERSHIP_REPORT);
858 else
859 igmp_send_report(in_dev, im, IGMPV3_HOST_MEMBERSHIP_REPORT);
860
861 ip_ma_put(im);
862}
863
864/* mark EXCLUDE-mode sources */
865static int igmp_xmarksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs)
866{
867 struct ip_sf_list *psf;
868 int i, scount;
869
870 scount = 0;
871 for (psf = pmc->sources; psf; psf = psf->sf_next) {
872 if (scount == nsrcs)
873 break;
874 for (i = 0; i < nsrcs; i++) {
875 /* skip inactive filters */
876 if (psf->sf_count[MCAST_INCLUDE] ||
877 pmc->sfcount[MCAST_EXCLUDE] !=
878 psf->sf_count[MCAST_EXCLUDE])
879 break;
880 if (srcs[i] == psf->sf_inaddr) {
881 scount++;
882 break;
883 }
884 }
885 }
886 pmc->gsquery = 0;
887 if (scount == nsrcs) /* all sources excluded */
888 return 0;
889 return 1;
890}
891
892static int igmp_marksources(struct ip_mc_list *pmc, int nsrcs, __be32 *srcs)
893{
894 struct ip_sf_list *psf;
895 int i, scount;
896
897 if (pmc->sfmode == MCAST_EXCLUDE)
898 return igmp_xmarksources(pmc, nsrcs, srcs);
899
900 /* mark INCLUDE-mode sources */
901 scount = 0;
902 for (psf = pmc->sources; psf; psf = psf->sf_next) {
903 if (scount == nsrcs)
904 break;
905 for (i = 0; i < nsrcs; i++)
906 if (srcs[i] == psf->sf_inaddr) {
907 psf->sf_gsresp = 1;
908 scount++;
909 break;
910 }
911 }
912 if (!scount) {
913 pmc->gsquery = 0;
914 return 0;
915 }
916 pmc->gsquery = 1;
917 return 1;
918}
919
920/* return true if packet was dropped */
921static bool igmp_heard_report(struct in_device *in_dev, __be32 group)
922{
923 struct ip_mc_list *im;
924 struct net *net = dev_net(in_dev->dev);
925
926 /* Timers are only set for non-local groups */
927
928 if (group == IGMP_ALL_HOSTS)
929 return false;
930 if (ipv4_is_local_multicast(group) &&
931 !READ_ONCE(net->ipv4.sysctl_igmp_llm_reports))
932 return false;
933
934 rcu_read_lock();
935 for_each_pmc_rcu(in_dev, im) {
936 if (im->multiaddr == group) {
937 igmp_stop_timer(im);
938 break;
939 }
940 }
941 rcu_read_unlock();
942 return false;
943}
944
945/* return true if packet was dropped */
946static bool igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb,
947 int len)
948{
949 struct igmphdr *ih = igmp_hdr(skb);
950 struct igmpv3_query *ih3 = igmpv3_query_hdr(skb);
951 struct ip_mc_list *im;
952 __be32 group = ih->group;
953 int max_delay;
954 int mark = 0;
955 struct net *net = dev_net(in_dev->dev);
956
957
958 if (len == 8) {
959 if (ih->code == 0) {
960 /* Alas, old v1 router presents here. */
961
962 max_delay = IGMP_QUERY_RESPONSE_INTERVAL;
963 in_dev->mr_v1_seen = jiffies +
964 (in_dev->mr_qrv * in_dev->mr_qi) +
965 in_dev->mr_qri;
966 group = 0;
967 } else {
968 /* v2 router present */
969 max_delay = ih->code*(HZ/IGMP_TIMER_SCALE);
970 in_dev->mr_v2_seen = jiffies +
971 (in_dev->mr_qrv * in_dev->mr_qi) +
972 in_dev->mr_qri;
973 }
974 /* cancel the interface change timer */
975 WRITE_ONCE(in_dev->mr_ifc_count, 0);
976 if (del_timer(&in_dev->mr_ifc_timer))
977 __in_dev_put(in_dev);
978 /* clear deleted report items */
979 igmpv3_clear_delrec(in_dev);
980 } else if (len < 12) {
981 return true; /* ignore bogus packet; freed by caller */
982 } else if (IGMP_V1_SEEN(in_dev)) {
983 /* This is a v3 query with v1 queriers present */
984 max_delay = IGMP_QUERY_RESPONSE_INTERVAL;
985 group = 0;
986 } else if (IGMP_V2_SEEN(in_dev)) {
987 /* this is a v3 query with v2 queriers present;
988 * Interpretation of the max_delay code is problematic here.
989 * A real v2 host would use ih_code directly, while v3 has a
990 * different encoding. We use the v3 encoding as more likely
991 * to be intended in a v3 query.
992 */
993 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE);
994 if (!max_delay)
995 max_delay = 1; /* can't mod w/ 0 */
996 } else { /* v3 */
997 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query)))
998 return true;
999
1000 ih3 = igmpv3_query_hdr(skb);
1001 if (ih3->nsrcs) {
1002 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query)
1003 + ntohs(ih3->nsrcs)*sizeof(__be32)))
1004 return true;
1005 ih3 = igmpv3_query_hdr(skb);
1006 }
1007
1008 max_delay = IGMPV3_MRC(ih3->code)*(HZ/IGMP_TIMER_SCALE);
1009 if (!max_delay)
1010 max_delay = 1; /* can't mod w/ 0 */
1011 in_dev->mr_maxdelay = max_delay;
1012
1013 /* RFC3376, 4.1.6. QRV and 4.1.7. QQIC, when the most recently
1014 * received value was zero, use the default or statically
1015 * configured value.
1016 */
1017 in_dev->mr_qrv = ih3->qrv ?: READ_ONCE(net->ipv4.sysctl_igmp_qrv);
1018 in_dev->mr_qi = IGMPV3_QQIC(ih3->qqic)*HZ ?: IGMP_QUERY_INTERVAL;
1019
1020 /* RFC3376, 8.3. Query Response Interval:
1021 * The number of seconds represented by the [Query Response
1022 * Interval] must be less than the [Query Interval].
1023 */
1024 if (in_dev->mr_qri >= in_dev->mr_qi)
1025 in_dev->mr_qri = (in_dev->mr_qi/HZ - 1)*HZ;
1026
1027 if (!group) { /* general query */
1028 if (ih3->nsrcs)
1029 return true; /* no sources allowed */
1030 igmp_gq_start_timer(in_dev);
1031 return false;
1032 }
1033 /* mark sources to include, if group & source-specific */
1034 mark = ih3->nsrcs != 0;
1035 }
1036
1037 /*
1038 * - Start the timers in all of our membership records
1039 * that the query applies to for the interface on
1040 * which the query arrived excl. those that belong
1041 * to a "local" group (224.0.0.X)
1042 * - For timers already running check if they need to
1043 * be reset.
1044 * - Use the igmp->igmp_code field as the maximum
1045 * delay possible
1046 */
1047 rcu_read_lock();
1048 for_each_pmc_rcu(in_dev, im) {
1049 int changed;
1050
1051 if (group && group != im->multiaddr)
1052 continue;
1053 if (im->multiaddr == IGMP_ALL_HOSTS)
1054 continue;
1055 if (ipv4_is_local_multicast(im->multiaddr) &&
1056 !READ_ONCE(net->ipv4.sysctl_igmp_llm_reports))
1057 continue;
1058 spin_lock_bh(&im->lock);
1059 if (im->tm_running)
1060 im->gsquery = im->gsquery && mark;
1061 else
1062 im->gsquery = mark;
1063 changed = !im->gsquery ||
1064 igmp_marksources(im, ntohs(ih3->nsrcs), ih3->srcs);
1065 spin_unlock_bh(&im->lock);
1066 if (changed)
1067 igmp_mod_timer(im, max_delay);
1068 }
1069 rcu_read_unlock();
1070 return false;
1071}
1072
1073/* called in rcu_read_lock() section */
1074int igmp_rcv(struct sk_buff *skb)
1075{
1076 /* This basically follows the spec line by line -- see RFC1112 */
1077 struct igmphdr *ih;
1078 struct net_device *dev = skb->dev;
1079 struct in_device *in_dev;
1080 int len = skb->len;
1081 bool dropped = true;
1082
1083 if (netif_is_l3_master(dev)) {
1084 dev = dev_get_by_index_rcu(dev_net(dev), IPCB(skb)->iif);
1085 if (!dev)
1086 goto drop;
1087 }
1088
1089 in_dev = __in_dev_get_rcu(dev);
1090 if (!in_dev)
1091 goto drop;
1092
1093 if (!pskb_may_pull(skb, sizeof(struct igmphdr)))
1094 goto drop;
1095
1096 if (skb_checksum_simple_validate(skb))
1097 goto drop;
1098
1099 ih = igmp_hdr(skb);
1100 switch (ih->type) {
1101 case IGMP_HOST_MEMBERSHIP_QUERY:
1102 dropped = igmp_heard_query(in_dev, skb, len);
1103 break;
1104 case IGMP_HOST_MEMBERSHIP_REPORT:
1105 case IGMPV2_HOST_MEMBERSHIP_REPORT:
1106 /* Is it our report looped back? */
1107 if (rt_is_output_route(skb_rtable(skb)))
1108 break;
1109 /* don't rely on MC router hearing unicast reports */
1110 if (skb->pkt_type == PACKET_MULTICAST ||
1111 skb->pkt_type == PACKET_BROADCAST)
1112 dropped = igmp_heard_report(in_dev, ih->group);
1113 break;
1114 case IGMP_PIM:
1115#ifdef CONFIG_IP_PIMSM_V1
1116 return pim_rcv_v1(skb);
1117#endif
1118 case IGMPV3_HOST_MEMBERSHIP_REPORT:
1119 case IGMP_DVMRP:
1120 case IGMP_TRACE:
1121 case IGMP_HOST_LEAVE_MESSAGE:
1122 case IGMP_MTRACE:
1123 case IGMP_MTRACE_RESP:
1124 break;
1125 default:
1126 break;
1127 }
1128
1129drop:
1130 if (dropped)
1131 kfree_skb(skb);
1132 else
1133 consume_skb(skb);
1134 return 0;
1135}
1136
1137#endif
1138
1139
1140/*
1141 * Add a filter to a device
1142 */
1143
1144static void ip_mc_filter_add(struct in_device *in_dev, __be32 addr)
1145{
1146 char buf[MAX_ADDR_LEN];
1147 struct net_device *dev = in_dev->dev;
1148
1149 /* Checking for IFF_MULTICAST here is WRONG-WRONG-WRONG.
1150 We will get multicast token leakage, when IFF_MULTICAST
1151 is changed. This check should be done in ndo_set_rx_mode
1152 routine. Something sort of:
1153 if (dev->mc_list && dev->flags&IFF_MULTICAST) { do it; }
1154 --ANK
1155 */
1156 if (arp_mc_map(addr, buf, dev, 0) == 0)
1157 dev_mc_add(dev, buf);
1158}
1159
1160/*
1161 * Remove a filter from a device
1162 */
1163
1164static void ip_mc_filter_del(struct in_device *in_dev, __be32 addr)
1165{
1166 char buf[MAX_ADDR_LEN];
1167 struct net_device *dev = in_dev->dev;
1168
1169 if (arp_mc_map(addr, buf, dev, 0) == 0)
1170 dev_mc_del(dev, buf);
1171}
1172
1173#ifdef CONFIG_IP_MULTICAST
1174/*
1175 * deleted ip_mc_list manipulation
1176 */
1177static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im,
1178 gfp_t gfp)
1179{
1180 struct ip_mc_list *pmc;
1181 struct net *net = dev_net(in_dev->dev);
1182
1183 /* this is an "ip_mc_list" for convenience; only the fields below
1184 * are actually used. In particular, the refcnt and users are not
1185 * used for management of the delete list. Using the same structure
1186 * for deleted items allows change reports to use common code with
1187 * non-deleted or query-response MCA's.
1188 */
1189 pmc = kzalloc(sizeof(*pmc), gfp);
1190 if (!pmc)
1191 return;
1192 spin_lock_init(&pmc->lock);
1193 spin_lock_bh(&im->lock);
1194 pmc->interface = im->interface;
1195 in_dev_hold(in_dev);
1196 pmc->multiaddr = im->multiaddr;
1197 pmc->crcount = in_dev->mr_qrv ?: READ_ONCE(net->ipv4.sysctl_igmp_qrv);
1198 pmc->sfmode = im->sfmode;
1199 if (pmc->sfmode == MCAST_INCLUDE) {
1200 struct ip_sf_list *psf;
1201
1202 pmc->tomb = im->tomb;
1203 pmc->sources = im->sources;
1204 im->tomb = im->sources = NULL;
1205 for (psf = pmc->sources; psf; psf = psf->sf_next)
1206 psf->sf_crcount = pmc->crcount;
1207 }
1208 spin_unlock_bh(&im->lock);
1209
1210 spin_lock_bh(&in_dev->mc_tomb_lock);
1211 pmc->next = in_dev->mc_tomb;
1212 in_dev->mc_tomb = pmc;
1213 spin_unlock_bh(&in_dev->mc_tomb_lock);
1214}
1215
1216/*
1217 * restore ip_mc_list deleted records
1218 */
1219static void igmpv3_del_delrec(struct in_device *in_dev, struct ip_mc_list *im)
1220{
1221 struct ip_mc_list *pmc, *pmc_prev;
1222 struct ip_sf_list *psf;
1223 struct net *net = dev_net(in_dev->dev);
1224 __be32 multiaddr = im->multiaddr;
1225
1226 spin_lock_bh(&in_dev->mc_tomb_lock);
1227 pmc_prev = NULL;
1228 for (pmc = in_dev->mc_tomb; pmc; pmc = pmc->next) {
1229 if (pmc->multiaddr == multiaddr)
1230 break;
1231 pmc_prev = pmc;
1232 }
1233 if (pmc) {
1234 if (pmc_prev)
1235 pmc_prev->next = pmc->next;
1236 else
1237 in_dev->mc_tomb = pmc->next;
1238 }
1239 spin_unlock_bh(&in_dev->mc_tomb_lock);
1240
1241 spin_lock_bh(&im->lock);
1242 if (pmc) {
1243 im->interface = pmc->interface;
1244 if (im->sfmode == MCAST_INCLUDE) {
1245 swap(im->tomb, pmc->tomb);
1246 swap(im->sources, pmc->sources);
1247 for (psf = im->sources; psf; psf = psf->sf_next)
1248 psf->sf_crcount = in_dev->mr_qrv ?:
1249 READ_ONCE(net->ipv4.sysctl_igmp_qrv);
1250 } else {
1251 im->crcount = in_dev->mr_qrv ?:
1252 READ_ONCE(net->ipv4.sysctl_igmp_qrv);
1253 }
1254 in_dev_put(pmc->interface);
1255 kfree_pmc(pmc);
1256 }
1257 spin_unlock_bh(&im->lock);
1258}
1259
1260/*
1261 * flush ip_mc_list deleted records
1262 */
1263static void igmpv3_clear_delrec(struct in_device *in_dev)
1264{
1265 struct ip_mc_list *pmc, *nextpmc;
1266
1267 spin_lock_bh(&in_dev->mc_tomb_lock);
1268 pmc = in_dev->mc_tomb;
1269 in_dev->mc_tomb = NULL;
1270 spin_unlock_bh(&in_dev->mc_tomb_lock);
1271
1272 for (; pmc; pmc = nextpmc) {
1273 nextpmc = pmc->next;
1274 ip_mc_clear_src(pmc);
1275 in_dev_put(pmc->interface);
1276 kfree_pmc(pmc);
1277 }
1278 /* clear dead sources, too */
1279 rcu_read_lock();
1280 for_each_pmc_rcu(in_dev, pmc) {
1281 struct ip_sf_list *psf;
1282
1283 spin_lock_bh(&pmc->lock);
1284 psf = pmc->tomb;
1285 pmc->tomb = NULL;
1286 spin_unlock_bh(&pmc->lock);
1287 ip_sf_list_clear_all(psf);
1288 }
1289 rcu_read_unlock();
1290}
1291#endif
1292
1293static void __igmp_group_dropped(struct ip_mc_list *im, gfp_t gfp)
1294{
1295 struct in_device *in_dev = im->interface;
1296#ifdef CONFIG_IP_MULTICAST
1297 struct net *net = dev_net(in_dev->dev);
1298 int reporter;
1299#endif
1300
1301 if (im->loaded) {
1302 im->loaded = 0;
1303 ip_mc_filter_del(in_dev, im->multiaddr);
1304 }
1305
1306#ifdef CONFIG_IP_MULTICAST
1307 if (im->multiaddr == IGMP_ALL_HOSTS)
1308 return;
1309 if (ipv4_is_local_multicast(im->multiaddr) &&
1310 !READ_ONCE(net->ipv4.sysctl_igmp_llm_reports))
1311 return;
1312
1313 reporter = im->reporter;
1314 igmp_stop_timer(im);
1315
1316 if (!in_dev->dead) {
1317 if (IGMP_V1_SEEN(in_dev))
1318 return;
1319 if (IGMP_V2_SEEN(in_dev)) {
1320 if (reporter)
1321 igmp_send_report(in_dev, im, IGMP_HOST_LEAVE_MESSAGE);
1322 return;
1323 }
1324 /* IGMPv3 */
1325 igmpv3_add_delrec(in_dev, im, gfp);
1326
1327 igmp_ifc_event(in_dev);
1328 }
1329#endif
1330}
1331
1332static void igmp_group_dropped(struct ip_mc_list *im)
1333{
1334 __igmp_group_dropped(im, GFP_KERNEL);
1335}
1336
1337static void igmp_group_added(struct ip_mc_list *im)
1338{
1339 struct in_device *in_dev = im->interface;
1340#ifdef CONFIG_IP_MULTICAST
1341 struct net *net = dev_net(in_dev->dev);
1342#endif
1343
1344 if (im->loaded == 0) {
1345 im->loaded = 1;
1346 ip_mc_filter_add(in_dev, im->multiaddr);
1347 }
1348
1349#ifdef CONFIG_IP_MULTICAST
1350 if (im->multiaddr == IGMP_ALL_HOSTS)
1351 return;
1352 if (ipv4_is_local_multicast(im->multiaddr) &&
1353 !READ_ONCE(net->ipv4.sysctl_igmp_llm_reports))
1354 return;
1355
1356 if (in_dev->dead)
1357 return;
1358
1359 im->unsolicit_count = READ_ONCE(net->ipv4.sysctl_igmp_qrv);
1360 if (IGMP_V1_SEEN(in_dev) || IGMP_V2_SEEN(in_dev)) {
1361 spin_lock_bh(&im->lock);
1362 igmp_start_timer(im, IGMP_INITIAL_REPORT_DELAY);
1363 spin_unlock_bh(&im->lock);
1364 return;
1365 }
1366 /* else, v3 */
1367
1368 /* Based on RFC3376 5.1, for newly added INCLUDE SSM, we should
1369 * not send filter-mode change record as the mode should be from
1370 * IN() to IN(A).
1371 */
1372 if (im->sfmode == MCAST_EXCLUDE)
1373 im->crcount = in_dev->mr_qrv ?: READ_ONCE(net->ipv4.sysctl_igmp_qrv);
1374
1375 igmp_ifc_event(in_dev);
1376#endif
1377}
1378
1379
1380/*
1381 * Multicast list managers
1382 */
1383
1384static u32 ip_mc_hash(const struct ip_mc_list *im)
1385{
1386 return hash_32((__force u32)im->multiaddr, MC_HASH_SZ_LOG);
1387}
1388
1389static void ip_mc_hash_add(struct in_device *in_dev,
1390 struct ip_mc_list *im)
1391{
1392 struct ip_mc_list __rcu **mc_hash;
1393 u32 hash;
1394
1395 mc_hash = rtnl_dereference(in_dev->mc_hash);
1396 if (mc_hash) {
1397 hash = ip_mc_hash(im);
1398 im->next_hash = mc_hash[hash];
1399 rcu_assign_pointer(mc_hash[hash], im);
1400 return;
1401 }
1402
1403 /* do not use a hash table for small number of items */
1404 if (in_dev->mc_count < 4)
1405 return;
1406
1407 mc_hash = kzalloc(sizeof(struct ip_mc_list *) << MC_HASH_SZ_LOG,
1408 GFP_KERNEL);
1409 if (!mc_hash)
1410 return;
1411
1412 for_each_pmc_rtnl(in_dev, im) {
1413 hash = ip_mc_hash(im);
1414 im->next_hash = mc_hash[hash];
1415 RCU_INIT_POINTER(mc_hash[hash], im);
1416 }
1417
1418 rcu_assign_pointer(in_dev->mc_hash, mc_hash);
1419}
1420
1421static void ip_mc_hash_remove(struct in_device *in_dev,
1422 struct ip_mc_list *im)
1423{
1424 struct ip_mc_list __rcu **mc_hash = rtnl_dereference(in_dev->mc_hash);
1425 struct ip_mc_list *aux;
1426
1427 if (!mc_hash)
1428 return;
1429 mc_hash += ip_mc_hash(im);
1430 while ((aux = rtnl_dereference(*mc_hash)) != im)
1431 mc_hash = &aux->next_hash;
1432 *mc_hash = im->next_hash;
1433}
1434
1435
1436/*
1437 * A socket has joined a multicast group on device dev.
1438 */
1439static void ____ip_mc_inc_group(struct in_device *in_dev, __be32 addr,
1440 unsigned int mode, gfp_t gfp)
1441{
1442 struct ip_mc_list *im;
1443
1444 ASSERT_RTNL();
1445
1446 for_each_pmc_rtnl(in_dev, im) {
1447 if (im->multiaddr == addr) {
1448 im->users++;
1449 ip_mc_add_src(in_dev, &addr, mode, 0, NULL, 0);
1450 goto out;
1451 }
1452 }
1453
1454 im = kzalloc(sizeof(*im), gfp);
1455 if (!im)
1456 goto out;
1457
1458 im->users = 1;
1459 im->interface = in_dev;
1460 in_dev_hold(in_dev);
1461 im->multiaddr = addr;
1462 /* initial mode is (EX, empty) */
1463 im->sfmode = mode;
1464 im->sfcount[mode] = 1;
1465 refcount_set(&im->refcnt, 1);
1466 spin_lock_init(&im->lock);
1467#ifdef CONFIG_IP_MULTICAST
1468 timer_setup(&im->timer, igmp_timer_expire, 0);
1469#endif
1470
1471 im->next_rcu = in_dev->mc_list;
1472 in_dev->mc_count++;
1473 rcu_assign_pointer(in_dev->mc_list, im);
1474
1475 ip_mc_hash_add(in_dev, im);
1476
1477#ifdef CONFIG_IP_MULTICAST
1478 igmpv3_del_delrec(in_dev, im);
1479#endif
1480 igmp_group_added(im);
1481 if (!in_dev->dead)
1482 ip_rt_multicast_event(in_dev);
1483out:
1484 return;
1485}
1486
1487void __ip_mc_inc_group(struct in_device *in_dev, __be32 addr, gfp_t gfp)
1488{
1489 ____ip_mc_inc_group(in_dev, addr, MCAST_EXCLUDE, gfp);
1490}
1491EXPORT_SYMBOL(__ip_mc_inc_group);
1492
1493void ip_mc_inc_group(struct in_device *in_dev, __be32 addr)
1494{
1495 __ip_mc_inc_group(in_dev, addr, GFP_KERNEL);
1496}
1497EXPORT_SYMBOL(ip_mc_inc_group);
1498
1499static int ip_mc_check_iphdr(struct sk_buff *skb)
1500{
1501 const struct iphdr *iph;
1502 unsigned int len;
1503 unsigned int offset = skb_network_offset(skb) + sizeof(*iph);
1504
1505 if (!pskb_may_pull(skb, offset))
1506 return -EINVAL;
1507
1508 iph = ip_hdr(skb);
1509
1510 if (iph->version != 4 || ip_hdrlen(skb) < sizeof(*iph))
1511 return -EINVAL;
1512
1513 offset += ip_hdrlen(skb) - sizeof(*iph);
1514
1515 if (!pskb_may_pull(skb, offset))
1516 return -EINVAL;
1517
1518 iph = ip_hdr(skb);
1519
1520 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl)))
1521 return -EINVAL;
1522
1523 len = skb_network_offset(skb) + ntohs(iph->tot_len);
1524 if (skb->len < len || len < offset)
1525 return -EINVAL;
1526
1527 skb_set_transport_header(skb, offset);
1528
1529 return 0;
1530}
1531
1532static int ip_mc_check_igmp_reportv3(struct sk_buff *skb)
1533{
1534 unsigned int len = skb_transport_offset(skb);
1535
1536 len += sizeof(struct igmpv3_report);
1537
1538 return ip_mc_may_pull(skb, len) ? 0 : -EINVAL;
1539}
1540
1541static int ip_mc_check_igmp_query(struct sk_buff *skb)
1542{
1543 unsigned int transport_len = ip_transport_len(skb);
1544 unsigned int len;
1545
1546 /* IGMPv{1,2}? */
1547 if (transport_len != sizeof(struct igmphdr)) {
1548 /* or IGMPv3? */
1549 if (transport_len < sizeof(struct igmpv3_query))
1550 return -EINVAL;
1551
1552 len = skb_transport_offset(skb) + sizeof(struct igmpv3_query);
1553 if (!ip_mc_may_pull(skb, len))
1554 return -EINVAL;
1555 }
1556
1557 /* RFC2236+RFC3376 (IGMPv2+IGMPv3) require the multicast link layer
1558 * all-systems destination addresses (224.0.0.1) for general queries
1559 */
1560 if (!igmp_hdr(skb)->group &&
1561 ip_hdr(skb)->daddr != htonl(INADDR_ALLHOSTS_GROUP))
1562 return -EINVAL;
1563
1564 return 0;
1565}
1566
1567static int ip_mc_check_igmp_msg(struct sk_buff *skb)
1568{
1569 switch (igmp_hdr(skb)->type) {
1570 case IGMP_HOST_LEAVE_MESSAGE:
1571 case IGMP_HOST_MEMBERSHIP_REPORT:
1572 case IGMPV2_HOST_MEMBERSHIP_REPORT:
1573 return 0;
1574 case IGMPV3_HOST_MEMBERSHIP_REPORT:
1575 return ip_mc_check_igmp_reportv3(skb);
1576 case IGMP_HOST_MEMBERSHIP_QUERY:
1577 return ip_mc_check_igmp_query(skb);
1578 default:
1579 return -ENOMSG;
1580 }
1581}
1582
1583static inline __sum16 ip_mc_validate_checksum(struct sk_buff *skb)
1584{
1585 return skb_checksum_simple_validate(skb);
1586}
1587
1588static int ip_mc_check_igmp_csum(struct sk_buff *skb)
1589{
1590 unsigned int len = skb_transport_offset(skb) + sizeof(struct igmphdr);
1591 unsigned int transport_len = ip_transport_len(skb);
1592 struct sk_buff *skb_chk;
1593
1594 if (!ip_mc_may_pull(skb, len))
1595 return -EINVAL;
1596
1597 skb_chk = skb_checksum_trimmed(skb, transport_len,
1598 ip_mc_validate_checksum);
1599 if (!skb_chk)
1600 return -EINVAL;
1601
1602 if (skb_chk != skb)
1603 kfree_skb(skb_chk);
1604
1605 return 0;
1606}
1607
1608/**
1609 * ip_mc_check_igmp - checks whether this is a sane IGMP packet
1610 * @skb: the skb to validate
1611 *
1612 * Checks whether an IPv4 packet is a valid IGMP packet. If so sets
1613 * skb transport header accordingly and returns zero.
1614 *
1615 * -EINVAL: A broken packet was detected, i.e. it violates some internet
1616 * standard
1617 * -ENOMSG: IP header validation succeeded but it is not an IGMP packet.
1618 * -ENOMEM: A memory allocation failure happened.
1619 *
1620 * Caller needs to set the skb network header and free any returned skb if it
1621 * differs from the provided skb.
1622 */
1623int ip_mc_check_igmp(struct sk_buff *skb)
1624{
1625 int ret = ip_mc_check_iphdr(skb);
1626
1627 if (ret < 0)
1628 return ret;
1629
1630 if (ip_hdr(skb)->protocol != IPPROTO_IGMP)
1631 return -ENOMSG;
1632
1633 ret = ip_mc_check_igmp_csum(skb);
1634 if (ret < 0)
1635 return ret;
1636
1637 return ip_mc_check_igmp_msg(skb);
1638}
1639EXPORT_SYMBOL(ip_mc_check_igmp);
1640
1641/*
1642 * Resend IGMP JOIN report; used by netdev notifier.
1643 */
1644static void ip_mc_rejoin_groups(struct in_device *in_dev)
1645{
1646#ifdef CONFIG_IP_MULTICAST
1647 struct ip_mc_list *im;
1648 int type;
1649 struct net *net = dev_net(in_dev->dev);
1650
1651 ASSERT_RTNL();
1652
1653 for_each_pmc_rtnl(in_dev, im) {
1654 if (im->multiaddr == IGMP_ALL_HOSTS)
1655 continue;
1656 if (ipv4_is_local_multicast(im->multiaddr) &&
1657 !READ_ONCE(net->ipv4.sysctl_igmp_llm_reports))
1658 continue;
1659
1660 /* a failover is happening and switches
1661 * must be notified immediately
1662 */
1663 if (IGMP_V1_SEEN(in_dev))
1664 type = IGMP_HOST_MEMBERSHIP_REPORT;
1665 else if (IGMP_V2_SEEN(in_dev))
1666 type = IGMPV2_HOST_MEMBERSHIP_REPORT;
1667 else
1668 type = IGMPV3_HOST_MEMBERSHIP_REPORT;
1669 igmp_send_report(in_dev, im, type);
1670 }
1671#endif
1672}
1673
1674/*
1675 * A socket has left a multicast group on device dev
1676 */
1677
1678void __ip_mc_dec_group(struct in_device *in_dev, __be32 addr, gfp_t gfp)
1679{
1680 struct ip_mc_list *i;
1681 struct ip_mc_list __rcu **ip;
1682
1683 ASSERT_RTNL();
1684
1685 for (ip = &in_dev->mc_list;
1686 (i = rtnl_dereference(*ip)) != NULL;
1687 ip = &i->next_rcu) {
1688 if (i->multiaddr == addr) {
1689 if (--i->users == 0) {
1690 ip_mc_hash_remove(in_dev, i);
1691 *ip = i->next_rcu;
1692 in_dev->mc_count--;
1693 __igmp_group_dropped(i, gfp);
1694 ip_mc_clear_src(i);
1695
1696 if (!in_dev->dead)
1697 ip_rt_multicast_event(in_dev);
1698
1699 ip_ma_put(i);
1700 return;
1701 }
1702 break;
1703 }
1704 }
1705}
1706EXPORT_SYMBOL(__ip_mc_dec_group);
1707
1708/* Device changing type */
1709
1710void ip_mc_unmap(struct in_device *in_dev)
1711{
1712 struct ip_mc_list *pmc;
1713
1714 ASSERT_RTNL();
1715
1716 for_each_pmc_rtnl(in_dev, pmc)
1717 igmp_group_dropped(pmc);
1718}
1719
1720void ip_mc_remap(struct in_device *in_dev)
1721{
1722 struct ip_mc_list *pmc;
1723
1724 ASSERT_RTNL();
1725
1726 for_each_pmc_rtnl(in_dev, pmc) {
1727#ifdef CONFIG_IP_MULTICAST
1728 igmpv3_del_delrec(in_dev, pmc);
1729#endif
1730 igmp_group_added(pmc);
1731 }
1732}
1733
1734/* Device going down */
1735
1736void ip_mc_down(struct in_device *in_dev)
1737{
1738 struct ip_mc_list *pmc;
1739
1740 ASSERT_RTNL();
1741
1742 for_each_pmc_rtnl(in_dev, pmc)
1743 igmp_group_dropped(pmc);
1744
1745#ifdef CONFIG_IP_MULTICAST
1746 WRITE_ONCE(in_dev->mr_ifc_count, 0);
1747 if (del_timer(&in_dev->mr_ifc_timer))
1748 __in_dev_put(in_dev);
1749 in_dev->mr_gq_running = 0;
1750 if (del_timer(&in_dev->mr_gq_timer))
1751 __in_dev_put(in_dev);
1752#endif
1753
1754 ip_mc_dec_group(in_dev, IGMP_ALL_HOSTS);
1755}
1756
1757#ifdef CONFIG_IP_MULTICAST
1758static void ip_mc_reset(struct in_device *in_dev)
1759{
1760 struct net *net = dev_net(in_dev->dev);
1761
1762 in_dev->mr_qi = IGMP_QUERY_INTERVAL;
1763 in_dev->mr_qri = IGMP_QUERY_RESPONSE_INTERVAL;
1764 in_dev->mr_qrv = READ_ONCE(net->ipv4.sysctl_igmp_qrv);
1765}
1766#else
1767static void ip_mc_reset(struct in_device *in_dev)
1768{
1769}
1770#endif
1771
1772void ip_mc_init_dev(struct in_device *in_dev)
1773{
1774 ASSERT_RTNL();
1775
1776#ifdef CONFIG_IP_MULTICAST
1777 timer_setup(&in_dev->mr_gq_timer, igmp_gq_timer_expire, 0);
1778 timer_setup(&in_dev->mr_ifc_timer, igmp_ifc_timer_expire, 0);
1779#endif
1780 ip_mc_reset(in_dev);
1781
1782 spin_lock_init(&in_dev->mc_tomb_lock);
1783}
1784
1785/* Device going up */
1786
1787void ip_mc_up(struct in_device *in_dev)
1788{
1789 struct ip_mc_list *pmc;
1790
1791 ASSERT_RTNL();
1792
1793 ip_mc_reset(in_dev);
1794 ip_mc_inc_group(in_dev, IGMP_ALL_HOSTS);
1795
1796 for_each_pmc_rtnl(in_dev, pmc) {
1797#ifdef CONFIG_IP_MULTICAST
1798 igmpv3_del_delrec(in_dev, pmc);
1799#endif
1800 igmp_group_added(pmc);
1801 }
1802}
1803
1804/*
1805 * Device is about to be destroyed: clean up.
1806 */
1807
1808void ip_mc_destroy_dev(struct in_device *in_dev)
1809{
1810 struct ip_mc_list *i;
1811
1812 ASSERT_RTNL();
1813
1814 /* Deactivate timers */
1815 ip_mc_down(in_dev);
1816#ifdef CONFIG_IP_MULTICAST
1817 igmpv3_clear_delrec(in_dev);
1818#endif
1819
1820 while ((i = rtnl_dereference(in_dev->mc_list)) != NULL) {
1821 in_dev->mc_list = i->next_rcu;
1822 in_dev->mc_count--;
1823 ip_mc_clear_src(i);
1824 ip_ma_put(i);
1825 }
1826}
1827
1828/* RTNL is locked */
1829static struct in_device *ip_mc_find_dev(struct net *net, struct ip_mreqn *imr)
1830{
1831 struct net_device *dev = NULL;
1832 struct in_device *idev = NULL;
1833
1834 if (imr->imr_ifindex) {
1835 idev = inetdev_by_index(net, imr->imr_ifindex);
1836 return idev;
1837 }
1838 if (imr->imr_address.s_addr) {
1839 dev = __ip_dev_find(net, imr->imr_address.s_addr, false);
1840 if (!dev)
1841 return NULL;
1842 }
1843
1844 if (!dev) {
1845 struct rtable *rt = ip_route_output(net,
1846 imr->imr_multiaddr.s_addr,
1847 0, 0, 0);
1848 if (!IS_ERR(rt)) {
1849 dev = rt->dst.dev;
1850 ip_rt_put(rt);
1851 }
1852 }
1853 if (dev) {
1854 imr->imr_ifindex = dev->ifindex;
1855 idev = __in_dev_get_rtnl(dev);
1856 }
1857 return idev;
1858}
1859
1860/*
1861 * Join a socket to a group
1862 */
1863
1864static int ip_mc_del1_src(struct ip_mc_list *pmc, int sfmode,
1865 __be32 *psfsrc)
1866{
1867 struct ip_sf_list *psf, *psf_prev;
1868 int rv = 0;
1869
1870 psf_prev = NULL;
1871 for (psf = pmc->sources; psf; psf = psf->sf_next) {
1872 if (psf->sf_inaddr == *psfsrc)
1873 break;
1874 psf_prev = psf;
1875 }
1876 if (!psf || psf->sf_count[sfmode] == 0) {
1877 /* source filter not found, or count wrong => bug */
1878 return -ESRCH;
1879 }
1880 psf->sf_count[sfmode]--;
1881 if (psf->sf_count[sfmode] == 0) {
1882 ip_rt_multicast_event(pmc->interface);
1883 }
1884 if (!psf->sf_count[MCAST_INCLUDE] && !psf->sf_count[MCAST_EXCLUDE]) {
1885#ifdef CONFIG_IP_MULTICAST
1886 struct in_device *in_dev = pmc->interface;
1887 struct net *net = dev_net(in_dev->dev);
1888#endif
1889
1890 /* no more filters for this source */
1891 if (psf_prev)
1892 psf_prev->sf_next = psf->sf_next;
1893 else
1894 pmc->sources = psf->sf_next;
1895#ifdef CONFIG_IP_MULTICAST
1896 if (psf->sf_oldin &&
1897 !IGMP_V1_SEEN(in_dev) && !IGMP_V2_SEEN(in_dev)) {
1898 psf->sf_crcount = in_dev->mr_qrv ?: READ_ONCE(net->ipv4.sysctl_igmp_qrv);
1899 psf->sf_next = pmc->tomb;
1900 pmc->tomb = psf;
1901 rv = 1;
1902 } else
1903#endif
1904 kfree(psf);
1905 }
1906 return rv;
1907}
1908
1909#ifndef CONFIG_IP_MULTICAST
1910#define igmp_ifc_event(x) do { } while (0)
1911#endif
1912
1913static int ip_mc_del_src(struct in_device *in_dev, __be32 *pmca, int sfmode,
1914 int sfcount, __be32 *psfsrc, int delta)
1915{
1916 struct ip_mc_list *pmc;
1917 int changerec = 0;
1918 int i, err;
1919
1920 if (!in_dev)
1921 return -ENODEV;
1922 rcu_read_lock();
1923 for_each_pmc_rcu(in_dev, pmc) {
1924 if (*pmca == pmc->multiaddr)
1925 break;
1926 }
1927 if (!pmc) {
1928 /* MCA not found?? bug */
1929 rcu_read_unlock();
1930 return -ESRCH;
1931 }
1932 spin_lock_bh(&pmc->lock);
1933 rcu_read_unlock();
1934#ifdef CONFIG_IP_MULTICAST
1935 sf_markstate(pmc);
1936#endif
1937 if (!delta) {
1938 err = -EINVAL;
1939 if (!pmc->sfcount[sfmode])
1940 goto out_unlock;
1941 pmc->sfcount[sfmode]--;
1942 }
1943 err = 0;
1944 for (i = 0; i < sfcount; i++) {
1945 int rv = ip_mc_del1_src(pmc, sfmode, &psfsrc[i]);
1946
1947 changerec |= rv > 0;
1948 if (!err && rv < 0)
1949 err = rv;
1950 }
1951 if (pmc->sfmode == MCAST_EXCLUDE &&
1952 pmc->sfcount[MCAST_EXCLUDE] == 0 &&
1953 pmc->sfcount[MCAST_INCLUDE]) {
1954#ifdef CONFIG_IP_MULTICAST
1955 struct ip_sf_list *psf;
1956 struct net *net = dev_net(in_dev->dev);
1957#endif
1958
1959 /* filter mode change */
1960 pmc->sfmode = MCAST_INCLUDE;
1961#ifdef CONFIG_IP_MULTICAST
1962 pmc->crcount = in_dev->mr_qrv ?: READ_ONCE(net->ipv4.sysctl_igmp_qrv);
1963 WRITE_ONCE(in_dev->mr_ifc_count, pmc->crcount);
1964 for (psf = pmc->sources; psf; psf = psf->sf_next)
1965 psf->sf_crcount = 0;
1966 igmp_ifc_event(pmc->interface);
1967 } else if (sf_setstate(pmc) || changerec) {
1968 igmp_ifc_event(pmc->interface);
1969#endif
1970 }
1971out_unlock:
1972 spin_unlock_bh(&pmc->lock);
1973 return err;
1974}
1975
1976/*
1977 * Add multicast single-source filter to the interface list
1978 */
1979static int ip_mc_add1_src(struct ip_mc_list *pmc, int sfmode,
1980 __be32 *psfsrc)
1981{
1982 struct ip_sf_list *psf, *psf_prev;
1983
1984 psf_prev = NULL;
1985 for (psf = pmc->sources; psf; psf = psf->sf_next) {
1986 if (psf->sf_inaddr == *psfsrc)
1987 break;
1988 psf_prev = psf;
1989 }
1990 if (!psf) {
1991 psf = kzalloc(sizeof(*psf), GFP_ATOMIC);
1992 if (!psf)
1993 return -ENOBUFS;
1994 psf->sf_inaddr = *psfsrc;
1995 if (psf_prev) {
1996 psf_prev->sf_next = psf;
1997 } else
1998 pmc->sources = psf;
1999 }
2000 psf->sf_count[sfmode]++;
2001 if (psf->sf_count[sfmode] == 1) {
2002 ip_rt_multicast_event(pmc->interface);
2003 }
2004 return 0;
2005}
2006
2007#ifdef CONFIG_IP_MULTICAST
2008static void sf_markstate(struct ip_mc_list *pmc)
2009{
2010 struct ip_sf_list *psf;
2011 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE];
2012
2013 for (psf = pmc->sources; psf; psf = psf->sf_next)
2014 if (pmc->sfcount[MCAST_EXCLUDE]) {
2015 psf->sf_oldin = mca_xcount ==
2016 psf->sf_count[MCAST_EXCLUDE] &&
2017 !psf->sf_count[MCAST_INCLUDE];
2018 } else
2019 psf->sf_oldin = psf->sf_count[MCAST_INCLUDE] != 0;
2020}
2021
2022static int sf_setstate(struct ip_mc_list *pmc)
2023{
2024 struct ip_sf_list *psf, *dpsf;
2025 int mca_xcount = pmc->sfcount[MCAST_EXCLUDE];
2026 int qrv = pmc->interface->mr_qrv;
2027 int new_in, rv;
2028
2029 rv = 0;
2030 for (psf = pmc->sources; psf; psf = psf->sf_next) {
2031 if (pmc->sfcount[MCAST_EXCLUDE]) {
2032 new_in = mca_xcount == psf->sf_count[MCAST_EXCLUDE] &&
2033 !psf->sf_count[MCAST_INCLUDE];
2034 } else
2035 new_in = psf->sf_count[MCAST_INCLUDE] != 0;
2036 if (new_in) {
2037 if (!psf->sf_oldin) {
2038 struct ip_sf_list *prev = NULL;
2039
2040 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next) {
2041 if (dpsf->sf_inaddr == psf->sf_inaddr)
2042 break;
2043 prev = dpsf;
2044 }
2045 if (dpsf) {
2046 if (prev)
2047 prev->sf_next = dpsf->sf_next;
2048 else
2049 pmc->tomb = dpsf->sf_next;
2050 kfree(dpsf);
2051 }
2052 psf->sf_crcount = qrv;
2053 rv++;
2054 }
2055 } else if (psf->sf_oldin) {
2056
2057 psf->sf_crcount = 0;
2058 /*
2059 * add or update "delete" records if an active filter
2060 * is now inactive
2061 */
2062 for (dpsf = pmc->tomb; dpsf; dpsf = dpsf->sf_next)
2063 if (dpsf->sf_inaddr == psf->sf_inaddr)
2064 break;
2065 if (!dpsf) {
2066 dpsf = kmalloc(sizeof(*dpsf), GFP_ATOMIC);
2067 if (!dpsf)
2068 continue;
2069 *dpsf = *psf;
2070 /* pmc->lock held by callers */
2071 dpsf->sf_next = pmc->tomb;
2072 pmc->tomb = dpsf;
2073 }
2074 dpsf->sf_crcount = qrv;
2075 rv++;
2076 }
2077 }
2078 return rv;
2079}
2080#endif
2081
2082/*
2083 * Add multicast source filter list to the interface list
2084 */
2085static int ip_mc_add_src(struct in_device *in_dev, __be32 *pmca, int sfmode,
2086 int sfcount, __be32 *psfsrc, int delta)
2087{
2088 struct ip_mc_list *pmc;
2089 int isexclude;
2090 int i, err;
2091
2092 if (!in_dev)
2093 return -ENODEV;
2094 rcu_read_lock();
2095 for_each_pmc_rcu(in_dev, pmc) {
2096 if (*pmca == pmc->multiaddr)
2097 break;
2098 }
2099 if (!pmc) {
2100 /* MCA not found?? bug */
2101 rcu_read_unlock();
2102 return -ESRCH;
2103 }
2104 spin_lock_bh(&pmc->lock);
2105 rcu_read_unlock();
2106
2107#ifdef CONFIG_IP_MULTICAST
2108 sf_markstate(pmc);
2109#endif
2110 isexclude = pmc->sfmode == MCAST_EXCLUDE;
2111 if (!delta)
2112 pmc->sfcount[sfmode]++;
2113 err = 0;
2114 for (i = 0; i < sfcount; i++) {
2115 err = ip_mc_add1_src(pmc, sfmode, &psfsrc[i]);
2116 if (err)
2117 break;
2118 }
2119 if (err) {
2120 int j;
2121
2122 if (!delta)
2123 pmc->sfcount[sfmode]--;
2124 for (j = 0; j < i; j++)
2125 (void) ip_mc_del1_src(pmc, sfmode, &psfsrc[j]);
2126 } else if (isexclude != (pmc->sfcount[MCAST_EXCLUDE] != 0)) {
2127#ifdef CONFIG_IP_MULTICAST
2128 struct ip_sf_list *psf;
2129 struct net *net = dev_net(pmc->interface->dev);
2130 in_dev = pmc->interface;
2131#endif
2132
2133 /* filter mode change */
2134 if (pmc->sfcount[MCAST_EXCLUDE])
2135 pmc->sfmode = MCAST_EXCLUDE;
2136 else if (pmc->sfcount[MCAST_INCLUDE])
2137 pmc->sfmode = MCAST_INCLUDE;
2138#ifdef CONFIG_IP_MULTICAST
2139 /* else no filters; keep old mode for reports */
2140
2141 pmc->crcount = in_dev->mr_qrv ?: READ_ONCE(net->ipv4.sysctl_igmp_qrv);
2142 WRITE_ONCE(in_dev->mr_ifc_count, pmc->crcount);
2143 for (psf = pmc->sources; psf; psf = psf->sf_next)
2144 psf->sf_crcount = 0;
2145 igmp_ifc_event(in_dev);
2146 } else if (sf_setstate(pmc)) {
2147 igmp_ifc_event(in_dev);
2148#endif
2149 }
2150 spin_unlock_bh(&pmc->lock);
2151 return err;
2152}
2153
2154static void ip_mc_clear_src(struct ip_mc_list *pmc)
2155{
2156 struct ip_sf_list *tomb, *sources;
2157
2158 spin_lock_bh(&pmc->lock);
2159 tomb = pmc->tomb;
2160 pmc->tomb = NULL;
2161 sources = pmc->sources;
2162 pmc->sources = NULL;
2163 pmc->sfmode = MCAST_EXCLUDE;
2164 pmc->sfcount[MCAST_INCLUDE] = 0;
2165 pmc->sfcount[MCAST_EXCLUDE] = 1;
2166 spin_unlock_bh(&pmc->lock);
2167
2168 ip_sf_list_clear_all(tomb);
2169 ip_sf_list_clear_all(sources);
2170}
2171
2172/* Join a multicast group
2173 */
2174static int __ip_mc_join_group(struct sock *sk, struct ip_mreqn *imr,
2175 unsigned int mode)
2176{
2177 __be32 addr = imr->imr_multiaddr.s_addr;
2178 struct ip_mc_socklist *iml, *i;
2179 struct in_device *in_dev;
2180 struct inet_sock *inet = inet_sk(sk);
2181 struct net *net = sock_net(sk);
2182 int ifindex;
2183 int count = 0;
2184 int err;
2185
2186 ASSERT_RTNL();
2187
2188 if (!ipv4_is_multicast(addr))
2189 return -EINVAL;
2190
2191 in_dev = ip_mc_find_dev(net, imr);
2192
2193 if (!in_dev) {
2194 err = -ENODEV;
2195 goto done;
2196 }
2197
2198 err = -EADDRINUSE;
2199 ifindex = imr->imr_ifindex;
2200 for_each_pmc_rtnl(inet, i) {
2201 if (i->multi.imr_multiaddr.s_addr == addr &&
2202 i->multi.imr_ifindex == ifindex)
2203 goto done;
2204 count++;
2205 }
2206 err = -ENOBUFS;
2207 if (count >= READ_ONCE(net->ipv4.sysctl_igmp_max_memberships))
2208 goto done;
2209 iml = sock_kmalloc(sk, sizeof(*iml), GFP_KERNEL);
2210 if (!iml)
2211 goto done;
2212
2213 memcpy(&iml->multi, imr, sizeof(*imr));
2214 iml->next_rcu = inet->mc_list;
2215 iml->sflist = NULL;
2216 iml->sfmode = mode;
2217 rcu_assign_pointer(inet->mc_list, iml);
2218 ____ip_mc_inc_group(in_dev, addr, mode, GFP_KERNEL);
2219 err = 0;
2220done:
2221 return err;
2222}
2223
2224/* Join ASM (Any-Source Multicast) group
2225 */
2226int ip_mc_join_group(struct sock *sk, struct ip_mreqn *imr)
2227{
2228 return __ip_mc_join_group(sk, imr, MCAST_EXCLUDE);
2229}
2230EXPORT_SYMBOL(ip_mc_join_group);
2231
2232/* Join SSM (Source-Specific Multicast) group
2233 */
2234int ip_mc_join_group_ssm(struct sock *sk, struct ip_mreqn *imr,
2235 unsigned int mode)
2236{
2237 return __ip_mc_join_group(sk, imr, mode);
2238}
2239
2240static int ip_mc_leave_src(struct sock *sk, struct ip_mc_socklist *iml,
2241 struct in_device *in_dev)
2242{
2243 struct ip_sf_socklist *psf = rtnl_dereference(iml->sflist);
2244 int err;
2245
2246 if (!psf) {
2247 /* any-source empty exclude case */
2248 return ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr,
2249 iml->sfmode, 0, NULL, 0);
2250 }
2251 err = ip_mc_del_src(in_dev, &iml->multi.imr_multiaddr.s_addr,
2252 iml->sfmode, psf->sl_count, psf->sl_addr, 0);
2253 RCU_INIT_POINTER(iml->sflist, NULL);
2254 /* decrease mem now to avoid the memleak warning */
2255 atomic_sub(IP_SFLSIZE(psf->sl_max), &sk->sk_omem_alloc);
2256 kfree_rcu(psf, rcu);
2257 return err;
2258}
2259
2260int ip_mc_leave_group(struct sock *sk, struct ip_mreqn *imr)
2261{
2262 struct inet_sock *inet = inet_sk(sk);
2263 struct ip_mc_socklist *iml;
2264 struct ip_mc_socklist __rcu **imlp;
2265 struct in_device *in_dev;
2266 struct net *net = sock_net(sk);
2267 __be32 group = imr->imr_multiaddr.s_addr;
2268 u32 ifindex;
2269 int ret = -EADDRNOTAVAIL;
2270
2271 ASSERT_RTNL();
2272
2273 in_dev = ip_mc_find_dev(net, imr);
2274 if (!imr->imr_ifindex && !imr->imr_address.s_addr && !in_dev) {
2275 ret = -ENODEV;
2276 goto out;
2277 }
2278 ifindex = imr->imr_ifindex;
2279 for (imlp = &inet->mc_list;
2280 (iml = rtnl_dereference(*imlp)) != NULL;
2281 imlp = &iml->next_rcu) {
2282 if (iml->multi.imr_multiaddr.s_addr != group)
2283 continue;
2284 if (ifindex) {
2285 if (iml->multi.imr_ifindex != ifindex)
2286 continue;
2287 } else if (imr->imr_address.s_addr && imr->imr_address.s_addr !=
2288 iml->multi.imr_address.s_addr)
2289 continue;
2290
2291 (void) ip_mc_leave_src(sk, iml, in_dev);
2292
2293 *imlp = iml->next_rcu;
2294
2295 if (in_dev)
2296 ip_mc_dec_group(in_dev, group);
2297
2298 /* decrease mem now to avoid the memleak warning */
2299 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc);
2300 kfree_rcu(iml, rcu);
2301 return 0;
2302 }
2303out:
2304 return ret;
2305}
2306EXPORT_SYMBOL(ip_mc_leave_group);
2307
2308int ip_mc_source(int add, int omode, struct sock *sk, struct
2309 ip_mreq_source *mreqs, int ifindex)
2310{
2311 int err;
2312 struct ip_mreqn imr;
2313 __be32 addr = mreqs->imr_multiaddr;
2314 struct ip_mc_socklist *pmc;
2315 struct in_device *in_dev = NULL;
2316 struct inet_sock *inet = inet_sk(sk);
2317 struct ip_sf_socklist *psl;
2318 struct net *net = sock_net(sk);
2319 int leavegroup = 0;
2320 int i, j, rv;
2321
2322 if (!ipv4_is_multicast(addr))
2323 return -EINVAL;
2324
2325 ASSERT_RTNL();
2326
2327 imr.imr_multiaddr.s_addr = mreqs->imr_multiaddr;
2328 imr.imr_address.s_addr = mreqs->imr_interface;
2329 imr.imr_ifindex = ifindex;
2330 in_dev = ip_mc_find_dev(net, &imr);
2331
2332 if (!in_dev) {
2333 err = -ENODEV;
2334 goto done;
2335 }
2336 err = -EADDRNOTAVAIL;
2337
2338 for_each_pmc_rtnl(inet, pmc) {
2339 if ((pmc->multi.imr_multiaddr.s_addr ==
2340 imr.imr_multiaddr.s_addr) &&
2341 (pmc->multi.imr_ifindex == imr.imr_ifindex))
2342 break;
2343 }
2344 if (!pmc) { /* must have a prior join */
2345 err = -EINVAL;
2346 goto done;
2347 }
2348 /* if a source filter was set, must be the same mode as before */
2349 if (pmc->sflist) {
2350 if (pmc->sfmode != omode) {
2351 err = -EINVAL;
2352 goto done;
2353 }
2354 } else if (pmc->sfmode != omode) {
2355 /* allow mode switches for empty-set filters */
2356 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 0, NULL, 0);
2357 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, pmc->sfmode, 0,
2358 NULL, 0);
2359 pmc->sfmode = omode;
2360 }
2361
2362 psl = rtnl_dereference(pmc->sflist);
2363 if (!add) {
2364 if (!psl)
2365 goto done; /* err = -EADDRNOTAVAIL */
2366 rv = !0;
2367 for (i = 0; i < psl->sl_count; i++) {
2368 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr,
2369 sizeof(__be32));
2370 if (rv == 0)
2371 break;
2372 }
2373 if (rv) /* source not found */
2374 goto done; /* err = -EADDRNOTAVAIL */
2375
2376 /* special case - (INCLUDE, empty) == LEAVE_GROUP */
2377 if (psl->sl_count == 1 && omode == MCAST_INCLUDE) {
2378 leavegroup = 1;
2379 goto done;
2380 }
2381
2382 /* update the interface filter */
2383 ip_mc_del_src(in_dev, &mreqs->imr_multiaddr, omode, 1,
2384 &mreqs->imr_sourceaddr, 1);
2385
2386 for (j = i+1; j < psl->sl_count; j++)
2387 psl->sl_addr[j-1] = psl->sl_addr[j];
2388 psl->sl_count--;
2389 err = 0;
2390 goto done;
2391 }
2392 /* else, add a new source to the filter */
2393
2394 if (psl && psl->sl_count >= net->ipv4.sysctl_igmp_max_msf) {
2395 err = -ENOBUFS;
2396 goto done;
2397 }
2398 if (!psl || psl->sl_count == psl->sl_max) {
2399 struct ip_sf_socklist *newpsl;
2400 int count = IP_SFBLOCK;
2401
2402 if (psl)
2403 count += psl->sl_max;
2404 newpsl = sock_kmalloc(sk, IP_SFLSIZE(count), GFP_KERNEL);
2405 if (!newpsl) {
2406 err = -ENOBUFS;
2407 goto done;
2408 }
2409 newpsl->sl_max = count;
2410 newpsl->sl_count = count - IP_SFBLOCK;
2411 if (psl) {
2412 for (i = 0; i < psl->sl_count; i++)
2413 newpsl->sl_addr[i] = psl->sl_addr[i];
2414 /* decrease mem now to avoid the memleak warning */
2415 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc);
2416 }
2417 rcu_assign_pointer(pmc->sflist, newpsl);
2418 if (psl)
2419 kfree_rcu(psl, rcu);
2420 psl = newpsl;
2421 }
2422 rv = 1; /* > 0 for insert logic below if sl_count is 0 */
2423 for (i = 0; i < psl->sl_count; i++) {
2424 rv = memcmp(&psl->sl_addr[i], &mreqs->imr_sourceaddr,
2425 sizeof(__be32));
2426 if (rv == 0)
2427 break;
2428 }
2429 if (rv == 0) /* address already there is an error */
2430 goto done;
2431 for (j = psl->sl_count-1; j >= i; j--)
2432 psl->sl_addr[j+1] = psl->sl_addr[j];
2433 psl->sl_addr[i] = mreqs->imr_sourceaddr;
2434 psl->sl_count++;
2435 err = 0;
2436 /* update the interface list */
2437 ip_mc_add_src(in_dev, &mreqs->imr_multiaddr, omode, 1,
2438 &mreqs->imr_sourceaddr, 1);
2439done:
2440 if (leavegroup)
2441 err = ip_mc_leave_group(sk, &imr);
2442 return err;
2443}
2444
2445int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex)
2446{
2447 int err = 0;
2448 struct ip_mreqn imr;
2449 __be32 addr = msf->imsf_multiaddr;
2450 struct ip_mc_socklist *pmc;
2451 struct in_device *in_dev;
2452 struct inet_sock *inet = inet_sk(sk);
2453 struct ip_sf_socklist *newpsl, *psl;
2454 struct net *net = sock_net(sk);
2455 int leavegroup = 0;
2456
2457 if (!ipv4_is_multicast(addr))
2458 return -EINVAL;
2459 if (msf->imsf_fmode != MCAST_INCLUDE &&
2460 msf->imsf_fmode != MCAST_EXCLUDE)
2461 return -EINVAL;
2462
2463 ASSERT_RTNL();
2464
2465 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr;
2466 imr.imr_address.s_addr = msf->imsf_interface;
2467 imr.imr_ifindex = ifindex;
2468 in_dev = ip_mc_find_dev(net, &imr);
2469
2470 if (!in_dev) {
2471 err = -ENODEV;
2472 goto done;
2473 }
2474
2475 /* special case - (INCLUDE, empty) == LEAVE_GROUP */
2476 if (msf->imsf_fmode == MCAST_INCLUDE && msf->imsf_numsrc == 0) {
2477 leavegroup = 1;
2478 goto done;
2479 }
2480
2481 for_each_pmc_rtnl(inet, pmc) {
2482 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr &&
2483 pmc->multi.imr_ifindex == imr.imr_ifindex)
2484 break;
2485 }
2486 if (!pmc) { /* must have a prior join */
2487 err = -EINVAL;
2488 goto done;
2489 }
2490 if (msf->imsf_numsrc) {
2491 newpsl = sock_kmalloc(sk, IP_SFLSIZE(msf->imsf_numsrc),
2492 GFP_KERNEL);
2493 if (!newpsl) {
2494 err = -ENOBUFS;
2495 goto done;
2496 }
2497 newpsl->sl_max = newpsl->sl_count = msf->imsf_numsrc;
2498 memcpy(newpsl->sl_addr, msf->imsf_slist,
2499 msf->imsf_numsrc * sizeof(msf->imsf_slist[0]));
2500 err = ip_mc_add_src(in_dev, &msf->imsf_multiaddr,
2501 msf->imsf_fmode, newpsl->sl_count, newpsl->sl_addr, 0);
2502 if (err) {
2503 sock_kfree_s(sk, newpsl, IP_SFLSIZE(newpsl->sl_max));
2504 goto done;
2505 }
2506 } else {
2507 newpsl = NULL;
2508 (void) ip_mc_add_src(in_dev, &msf->imsf_multiaddr,
2509 msf->imsf_fmode, 0, NULL, 0);
2510 }
2511 psl = rtnl_dereference(pmc->sflist);
2512 if (psl) {
2513 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode,
2514 psl->sl_count, psl->sl_addr, 0);
2515 /* decrease mem now to avoid the memleak warning */
2516 atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc);
2517 } else {
2518 (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode,
2519 0, NULL, 0);
2520 }
2521 rcu_assign_pointer(pmc->sflist, newpsl);
2522 if (psl)
2523 kfree_rcu(psl, rcu);
2524 pmc->sfmode = msf->imsf_fmode;
2525 err = 0;
2526done:
2527 if (leavegroup)
2528 err = ip_mc_leave_group(sk, &imr);
2529 return err;
2530}
2531
2532int ip_mc_msfget(struct sock *sk, struct ip_msfilter *msf,
2533 struct ip_msfilter __user *optval, int __user *optlen)
2534{
2535 int err, len, count, copycount;
2536 struct ip_mreqn imr;
2537 __be32 addr = msf->imsf_multiaddr;
2538 struct ip_mc_socklist *pmc;
2539 struct in_device *in_dev;
2540 struct inet_sock *inet = inet_sk(sk);
2541 struct ip_sf_socklist *psl;
2542 struct net *net = sock_net(sk);
2543
2544 ASSERT_RTNL();
2545
2546 if (!ipv4_is_multicast(addr))
2547 return -EINVAL;
2548
2549 imr.imr_multiaddr.s_addr = msf->imsf_multiaddr;
2550 imr.imr_address.s_addr = msf->imsf_interface;
2551 imr.imr_ifindex = 0;
2552 in_dev = ip_mc_find_dev(net, &imr);
2553
2554 if (!in_dev) {
2555 err = -ENODEV;
2556 goto done;
2557 }
2558 err = -EADDRNOTAVAIL;
2559
2560 for_each_pmc_rtnl(inet, pmc) {
2561 if (pmc->multi.imr_multiaddr.s_addr == msf->imsf_multiaddr &&
2562 pmc->multi.imr_ifindex == imr.imr_ifindex)
2563 break;
2564 }
2565 if (!pmc) /* must have a prior join */
2566 goto done;
2567 msf->imsf_fmode = pmc->sfmode;
2568 psl = rtnl_dereference(pmc->sflist);
2569 if (!psl) {
2570 len = 0;
2571 count = 0;
2572 } else {
2573 count = psl->sl_count;
2574 }
2575 copycount = count < msf->imsf_numsrc ? count : msf->imsf_numsrc;
2576 len = copycount * sizeof(psl->sl_addr[0]);
2577 msf->imsf_numsrc = count;
2578 if (put_user(IP_MSFILTER_SIZE(copycount), optlen) ||
2579 copy_to_user(optval, msf, IP_MSFILTER_SIZE(0))) {
2580 return -EFAULT;
2581 }
2582 if (len &&
2583 copy_to_user(&optval->imsf_slist[0], psl->sl_addr, len))
2584 return -EFAULT;
2585 return 0;
2586done:
2587 return err;
2588}
2589
2590int ip_mc_gsfget(struct sock *sk, struct group_filter *gsf,
2591 struct group_filter __user *optval, int __user *optlen)
2592{
2593 int err, i, count, copycount;
2594 struct sockaddr_in *psin;
2595 __be32 addr;
2596 struct ip_mc_socklist *pmc;
2597 struct inet_sock *inet = inet_sk(sk);
2598 struct ip_sf_socklist *psl;
2599
2600 ASSERT_RTNL();
2601
2602 psin = (struct sockaddr_in *)&gsf->gf_group;
2603 if (psin->sin_family != AF_INET)
2604 return -EINVAL;
2605 addr = psin->sin_addr.s_addr;
2606 if (!ipv4_is_multicast(addr))
2607 return -EINVAL;
2608
2609 err = -EADDRNOTAVAIL;
2610
2611 for_each_pmc_rtnl(inet, pmc) {
2612 if (pmc->multi.imr_multiaddr.s_addr == addr &&
2613 pmc->multi.imr_ifindex == gsf->gf_interface)
2614 break;
2615 }
2616 if (!pmc) /* must have a prior join */
2617 goto done;
2618 gsf->gf_fmode = pmc->sfmode;
2619 psl = rtnl_dereference(pmc->sflist);
2620 count = psl ? psl->sl_count : 0;
2621 copycount = count < gsf->gf_numsrc ? count : gsf->gf_numsrc;
2622 gsf->gf_numsrc = count;
2623 if (put_user(GROUP_FILTER_SIZE(copycount), optlen) ||
2624 copy_to_user(optval, gsf, GROUP_FILTER_SIZE(0))) {
2625 return -EFAULT;
2626 }
2627 for (i = 0; i < copycount; i++) {
2628 struct sockaddr_storage ss;
2629
2630 psin = (struct sockaddr_in *)&ss;
2631 memset(&ss, 0, sizeof(ss));
2632 psin->sin_family = AF_INET;
2633 psin->sin_addr.s_addr = psl->sl_addr[i];
2634 if (copy_to_user(&optval->gf_slist[i], &ss, sizeof(ss)))
2635 return -EFAULT;
2636 }
2637 return 0;
2638done:
2639 return err;
2640}
2641
2642/*
2643 * check if a multicast source filter allows delivery for a given <src,dst,intf>
2644 */
2645int ip_mc_sf_allow(struct sock *sk, __be32 loc_addr, __be32 rmt_addr,
2646 int dif, int sdif)
2647{
2648 struct inet_sock *inet = inet_sk(sk);
2649 struct ip_mc_socklist *pmc;
2650 struct ip_sf_socklist *psl;
2651 int i;
2652 int ret;
2653
2654 ret = 1;
2655 if (!ipv4_is_multicast(loc_addr))
2656 goto out;
2657
2658 rcu_read_lock();
2659 for_each_pmc_rcu(inet, pmc) {
2660 if (pmc->multi.imr_multiaddr.s_addr == loc_addr &&
2661 (pmc->multi.imr_ifindex == dif ||
2662 (sdif && pmc->multi.imr_ifindex == sdif)))
2663 break;
2664 }
2665 ret = inet->mc_all;
2666 if (!pmc)
2667 goto unlock;
2668 psl = rcu_dereference(pmc->sflist);
2669 ret = (pmc->sfmode == MCAST_EXCLUDE);
2670 if (!psl)
2671 goto unlock;
2672
2673 for (i = 0; i < psl->sl_count; i++) {
2674 if (psl->sl_addr[i] == rmt_addr)
2675 break;
2676 }
2677 ret = 0;
2678 if (pmc->sfmode == MCAST_INCLUDE && i >= psl->sl_count)
2679 goto unlock;
2680 if (pmc->sfmode == MCAST_EXCLUDE && i < psl->sl_count)
2681 goto unlock;
2682 ret = 1;
2683unlock:
2684 rcu_read_unlock();
2685out:
2686 return ret;
2687}
2688
2689/*
2690 * A socket is closing.
2691 */
2692
2693void ip_mc_drop_socket(struct sock *sk)
2694{
2695 struct inet_sock *inet = inet_sk(sk);
2696 struct ip_mc_socklist *iml;
2697 struct net *net = sock_net(sk);
2698
2699 if (!inet->mc_list)
2700 return;
2701
2702 rtnl_lock();
2703 while ((iml = rtnl_dereference(inet->mc_list)) != NULL) {
2704 struct in_device *in_dev;
2705
2706 inet->mc_list = iml->next_rcu;
2707 in_dev = inetdev_by_index(net, iml->multi.imr_ifindex);
2708 (void) ip_mc_leave_src(sk, iml, in_dev);
2709 if (in_dev)
2710 ip_mc_dec_group(in_dev, iml->multi.imr_multiaddr.s_addr);
2711 /* decrease mem now to avoid the memleak warning */
2712 atomic_sub(sizeof(*iml), &sk->sk_omem_alloc);
2713 kfree_rcu(iml, rcu);
2714 }
2715 rtnl_unlock();
2716}
2717
2718/* called with rcu_read_lock() */
2719int ip_check_mc_rcu(struct in_device *in_dev, __be32 mc_addr, __be32 src_addr, u8 proto)
2720{
2721 struct ip_mc_list *im;
2722 struct ip_mc_list __rcu **mc_hash;
2723 struct ip_sf_list *psf;
2724 int rv = 0;
2725
2726 mc_hash = rcu_dereference(in_dev->mc_hash);
2727 if (mc_hash) {
2728 u32 hash = hash_32((__force u32)mc_addr, MC_HASH_SZ_LOG);
2729
2730 for (im = rcu_dereference(mc_hash[hash]);
2731 im != NULL;
2732 im = rcu_dereference(im->next_hash)) {
2733 if (im->multiaddr == mc_addr)
2734 break;
2735 }
2736 } else {
2737 for_each_pmc_rcu(in_dev, im) {
2738 if (im->multiaddr == mc_addr)
2739 break;
2740 }
2741 }
2742 if (im && proto == IPPROTO_IGMP) {
2743 rv = 1;
2744 } else if (im) {
2745 if (src_addr) {
2746 spin_lock_bh(&im->lock);
2747 for (psf = im->sources; psf; psf = psf->sf_next) {
2748 if (psf->sf_inaddr == src_addr)
2749 break;
2750 }
2751 if (psf)
2752 rv = psf->sf_count[MCAST_INCLUDE] ||
2753 psf->sf_count[MCAST_EXCLUDE] !=
2754 im->sfcount[MCAST_EXCLUDE];
2755 else
2756 rv = im->sfcount[MCAST_EXCLUDE] != 0;
2757 spin_unlock_bh(&im->lock);
2758 } else
2759 rv = 1; /* unspecified source; tentatively allow */
2760 }
2761 return rv;
2762}
2763
2764#if defined(CONFIG_PROC_FS)
2765struct igmp_mc_iter_state {
2766 struct seq_net_private p;
2767 struct net_device *dev;
2768 struct in_device *in_dev;
2769};
2770
2771#define igmp_mc_seq_private(seq) ((struct igmp_mc_iter_state *)(seq)->private)
2772
2773static inline struct ip_mc_list *igmp_mc_get_first(struct seq_file *seq)
2774{
2775 struct net *net = seq_file_net(seq);
2776 struct ip_mc_list *im = NULL;
2777 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq);
2778
2779 state->in_dev = NULL;
2780 for_each_netdev_rcu(net, state->dev) {
2781 struct in_device *in_dev;
2782
2783 in_dev = __in_dev_get_rcu(state->dev);
2784 if (!in_dev)
2785 continue;
2786 im = rcu_dereference(in_dev->mc_list);
2787 if (im) {
2788 state->in_dev = in_dev;
2789 break;
2790 }
2791 }
2792 return im;
2793}
2794
2795static struct ip_mc_list *igmp_mc_get_next(struct seq_file *seq, struct ip_mc_list *im)
2796{
2797 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq);
2798
2799 im = rcu_dereference(im->next_rcu);
2800 while (!im) {
2801 state->dev = next_net_device_rcu(state->dev);
2802 if (!state->dev) {
2803 state->in_dev = NULL;
2804 break;
2805 }
2806 state->in_dev = __in_dev_get_rcu(state->dev);
2807 if (!state->in_dev)
2808 continue;
2809 im = rcu_dereference(state->in_dev->mc_list);
2810 }
2811 return im;
2812}
2813
2814static struct ip_mc_list *igmp_mc_get_idx(struct seq_file *seq, loff_t pos)
2815{
2816 struct ip_mc_list *im = igmp_mc_get_first(seq);
2817 if (im)
2818 while (pos && (im = igmp_mc_get_next(seq, im)) != NULL)
2819 --pos;
2820 return pos ? NULL : im;
2821}
2822
2823static void *igmp_mc_seq_start(struct seq_file *seq, loff_t *pos)
2824 __acquires(rcu)
2825{
2826 rcu_read_lock();
2827 return *pos ? igmp_mc_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2828}
2829
2830static void *igmp_mc_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2831{
2832 struct ip_mc_list *im;
2833 if (v == SEQ_START_TOKEN)
2834 im = igmp_mc_get_first(seq);
2835 else
2836 im = igmp_mc_get_next(seq, v);
2837 ++*pos;
2838 return im;
2839}
2840
2841static void igmp_mc_seq_stop(struct seq_file *seq, void *v)
2842 __releases(rcu)
2843{
2844 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq);
2845
2846 state->in_dev = NULL;
2847 state->dev = NULL;
2848 rcu_read_unlock();
2849}
2850
2851static int igmp_mc_seq_show(struct seq_file *seq, void *v)
2852{
2853 if (v == SEQ_START_TOKEN)
2854 seq_puts(seq,
2855 "Idx\tDevice : Count Querier\tGroup Users Timer\tReporter\n");
2856 else {
2857 struct ip_mc_list *im = (struct ip_mc_list *)v;
2858 struct igmp_mc_iter_state *state = igmp_mc_seq_private(seq);
2859 char *querier;
2860 long delta;
2861
2862#ifdef CONFIG_IP_MULTICAST
2863 querier = IGMP_V1_SEEN(state->in_dev) ? "V1" :
2864 IGMP_V2_SEEN(state->in_dev) ? "V2" :
2865 "V3";
2866#else
2867 querier = "NONE";
2868#endif
2869
2870 if (rcu_access_pointer(state->in_dev->mc_list) == im) {
2871 seq_printf(seq, "%d\t%-10s: %5d %7s\n",
2872 state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier);
2873 }
2874
2875 delta = im->timer.expires - jiffies;
2876 seq_printf(seq,
2877 "\t\t\t\t%08X %5d %d:%08lX\t\t%d\n",
2878 im->multiaddr, im->users,
2879 im->tm_running,
2880 im->tm_running ? jiffies_delta_to_clock_t(delta) : 0,
2881 im->reporter);
2882 }
2883 return 0;
2884}
2885
2886static const struct seq_operations igmp_mc_seq_ops = {
2887 .start = igmp_mc_seq_start,
2888 .next = igmp_mc_seq_next,
2889 .stop = igmp_mc_seq_stop,
2890 .show = igmp_mc_seq_show,
2891};
2892
2893struct igmp_mcf_iter_state {
2894 struct seq_net_private p;
2895 struct net_device *dev;
2896 struct in_device *idev;
2897 struct ip_mc_list *im;
2898};
2899
2900#define igmp_mcf_seq_private(seq) ((struct igmp_mcf_iter_state *)(seq)->private)
2901
2902static inline struct ip_sf_list *igmp_mcf_get_first(struct seq_file *seq)
2903{
2904 struct net *net = seq_file_net(seq);
2905 struct ip_sf_list *psf = NULL;
2906 struct ip_mc_list *im = NULL;
2907 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq);
2908
2909 state->idev = NULL;
2910 state->im = NULL;
2911 for_each_netdev_rcu(net, state->dev) {
2912 struct in_device *idev;
2913 idev = __in_dev_get_rcu(state->dev);
2914 if (unlikely(!idev))
2915 continue;
2916 im = rcu_dereference(idev->mc_list);
2917 if (likely(im)) {
2918 spin_lock_bh(&im->lock);
2919 psf = im->sources;
2920 if (likely(psf)) {
2921 state->im = im;
2922 state->idev = idev;
2923 break;
2924 }
2925 spin_unlock_bh(&im->lock);
2926 }
2927 }
2928 return psf;
2929}
2930
2931static struct ip_sf_list *igmp_mcf_get_next(struct seq_file *seq, struct ip_sf_list *psf)
2932{
2933 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq);
2934
2935 psf = psf->sf_next;
2936 while (!psf) {
2937 spin_unlock_bh(&state->im->lock);
2938 state->im = state->im->next;
2939 while (!state->im) {
2940 state->dev = next_net_device_rcu(state->dev);
2941 if (!state->dev) {
2942 state->idev = NULL;
2943 goto out;
2944 }
2945 state->idev = __in_dev_get_rcu(state->dev);
2946 if (!state->idev)
2947 continue;
2948 state->im = rcu_dereference(state->idev->mc_list);
2949 }
2950 if (!state->im)
2951 break;
2952 spin_lock_bh(&state->im->lock);
2953 psf = state->im->sources;
2954 }
2955out:
2956 return psf;
2957}
2958
2959static struct ip_sf_list *igmp_mcf_get_idx(struct seq_file *seq, loff_t pos)
2960{
2961 struct ip_sf_list *psf = igmp_mcf_get_first(seq);
2962 if (psf)
2963 while (pos && (psf = igmp_mcf_get_next(seq, psf)) != NULL)
2964 --pos;
2965 return pos ? NULL : psf;
2966}
2967
2968static void *igmp_mcf_seq_start(struct seq_file *seq, loff_t *pos)
2969 __acquires(rcu)
2970{
2971 rcu_read_lock();
2972 return *pos ? igmp_mcf_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2973}
2974
2975static void *igmp_mcf_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2976{
2977 struct ip_sf_list *psf;
2978 if (v == SEQ_START_TOKEN)
2979 psf = igmp_mcf_get_first(seq);
2980 else
2981 psf = igmp_mcf_get_next(seq, v);
2982 ++*pos;
2983 return psf;
2984}
2985
2986static void igmp_mcf_seq_stop(struct seq_file *seq, void *v)
2987 __releases(rcu)
2988{
2989 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq);
2990 if (likely(state->im)) {
2991 spin_unlock_bh(&state->im->lock);
2992 state->im = NULL;
2993 }
2994 state->idev = NULL;
2995 state->dev = NULL;
2996 rcu_read_unlock();
2997}
2998
2999static int igmp_mcf_seq_show(struct seq_file *seq, void *v)
3000{
3001 struct ip_sf_list *psf = (struct ip_sf_list *)v;
3002 struct igmp_mcf_iter_state *state = igmp_mcf_seq_private(seq);
3003
3004 if (v == SEQ_START_TOKEN) {
3005 seq_puts(seq, "Idx Device MCA SRC INC EXC\n");
3006 } else {
3007 seq_printf(seq,
3008 "%3d %6.6s 0x%08x "
3009 "0x%08x %6lu %6lu\n",
3010 state->dev->ifindex, state->dev->name,
3011 ntohl(state->im->multiaddr),
3012 ntohl(psf->sf_inaddr),
3013 psf->sf_count[MCAST_INCLUDE],
3014 psf->sf_count[MCAST_EXCLUDE]);
3015 }
3016 return 0;
3017}
3018
3019static const struct seq_operations igmp_mcf_seq_ops = {
3020 .start = igmp_mcf_seq_start,
3021 .next = igmp_mcf_seq_next,
3022 .stop = igmp_mcf_seq_stop,
3023 .show = igmp_mcf_seq_show,
3024};
3025
3026static int __net_init igmp_net_init(struct net *net)
3027{
3028 struct proc_dir_entry *pde;
3029 int err;
3030
3031 pde = proc_create_net("igmp", 0444, net->proc_net, &igmp_mc_seq_ops,
3032 sizeof(struct igmp_mc_iter_state));
3033 if (!pde)
3034 goto out_igmp;
3035 pde = proc_create_net("mcfilter", 0444, net->proc_net,
3036 &igmp_mcf_seq_ops, sizeof(struct igmp_mcf_iter_state));
3037 if (!pde)
3038 goto out_mcfilter;
3039 err = inet_ctl_sock_create(&net->ipv4.mc_autojoin_sk, AF_INET,
3040 SOCK_DGRAM, 0, net);
3041 if (err < 0) {
3042 pr_err("Failed to initialize the IGMP autojoin socket (err %d)\n",
3043 err);
3044 goto out_sock;
3045 }
3046
3047 return 0;
3048
3049out_sock:
3050 remove_proc_entry("mcfilter", net->proc_net);
3051out_mcfilter:
3052 remove_proc_entry("igmp", net->proc_net);
3053out_igmp:
3054 return -ENOMEM;
3055}
3056
3057static void __net_exit igmp_net_exit(struct net *net)
3058{
3059 remove_proc_entry("mcfilter", net->proc_net);
3060 remove_proc_entry("igmp", net->proc_net);
3061 inet_ctl_sock_destroy(net->ipv4.mc_autojoin_sk);
3062}
3063
3064static struct pernet_operations igmp_net_ops = {
3065 .init = igmp_net_init,
3066 .exit = igmp_net_exit,
3067};
3068#endif
3069
3070static int igmp_netdev_event(struct notifier_block *this,
3071 unsigned long event, void *ptr)
3072{
3073 struct net_device *dev = netdev_notifier_info_to_dev(ptr);
3074 struct in_device *in_dev;
3075
3076 switch (event) {
3077 case NETDEV_RESEND_IGMP:
3078 in_dev = __in_dev_get_rtnl(dev);
3079 if (in_dev)
3080 ip_mc_rejoin_groups(in_dev);
3081 break;
3082 default:
3083 break;
3084 }
3085 return NOTIFY_DONE;
3086}
3087
3088static struct notifier_block igmp_notifier = {
3089 .notifier_call = igmp_netdev_event,
3090};
3091
3092int __init igmp_mc_init(void)
3093{
3094#if defined(CONFIG_PROC_FS)
3095 int err;
3096
3097 err = register_pernet_subsys(&igmp_net_ops);
3098 if (err)
3099 return err;
3100 err = register_netdevice_notifier(&igmp_notifier);
3101 if (err)
3102 goto reg_notif_fail;
3103 return 0;
3104
3105reg_notif_fail:
3106 unregister_pernet_subsys(&igmp_net_ops);
3107 return err;
3108#else
3109 return register_netdevice_notifier(&igmp_notifier);
3110#endif
3111}