2 * Bridge multicast support.
4 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 2 of the License, or (at your option)
13 #include <linux/err.h>
14 #include <linux/if_ether.h>
15 #include <linux/igmp.h>
16 #include <linux/jhash.h>
17 #include <linux/kernel.h>
18 #include <linux/log2.h>
19 #include <linux/netdevice.h>
20 #include <linux/netfilter_bridge.h>
21 #include <linux/random.h>
22 #include <linux/rculist.h>
23 #include <linux/skbuff.h>
24 #include <linux/slab.h>
25 #include <linux/timer.h>
27 #if IS_ENABLED(CONFIG_IPV6)
30 #include <net/ip6_checksum.h>
33 #include "br_private.h"
35 static void br_multicast_start_querier(struct net_bridge *br);
36 unsigned int br_mdb_rehash_seq;
38 static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b)
40 if (a->proto != b->proto)
46 return a->u.ip4 == b->u.ip4;
47 #if IS_ENABLED(CONFIG_IPV6)
48 case htons(ETH_P_IPV6):
49 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6);
55 static inline int __br_ip4_hash(struct net_bridge_mdb_htable *mdb, __be32 ip,
58 return jhash_2words((__force u32)ip, vid, mdb->secret) & (mdb->max - 1);
61 #if IS_ENABLED(CONFIG_IPV6)
62 static inline int __br_ip6_hash(struct net_bridge_mdb_htable *mdb,
63 const struct in6_addr *ip,
66 return jhash_2words(ipv6_addr_hash(ip), vid,
67 mdb->secret) & (mdb->max - 1);
71 static inline int br_ip_hash(struct net_bridge_mdb_htable *mdb,
76 return __br_ip4_hash(mdb, ip->u.ip4, ip->vid);
77 #if IS_ENABLED(CONFIG_IPV6)
78 case htons(ETH_P_IPV6):
79 return __br_ip6_hash(mdb, &ip->u.ip6, ip->vid);
85 static struct net_bridge_mdb_entry *__br_mdb_ip_get(
86 struct net_bridge_mdb_htable *mdb, struct br_ip *dst, int hash)
88 struct net_bridge_mdb_entry *mp;
90 hlist_for_each_entry_rcu(mp, &mdb->mhash[hash], hlist[mdb->ver]) {
91 if (br_ip_equal(&mp->addr, dst))
98 struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge_mdb_htable *mdb,
104 return __br_mdb_ip_get(mdb, dst, br_ip_hash(mdb, dst));
107 static struct net_bridge_mdb_entry *br_mdb_ip4_get(
108 struct net_bridge_mdb_htable *mdb, __be32 dst, __u16 vid)
113 br_dst.proto = htons(ETH_P_IP);
116 return br_mdb_ip_get(mdb, &br_dst);
119 #if IS_ENABLED(CONFIG_IPV6)
120 static struct net_bridge_mdb_entry *br_mdb_ip6_get(
121 struct net_bridge_mdb_htable *mdb, const struct in6_addr *dst,
127 br_dst.proto = htons(ETH_P_IPV6);
130 return br_mdb_ip_get(mdb, &br_dst);
134 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br,
137 struct net_bridge_mdb_htable *mdb = rcu_dereference(br->mdb);
140 if (br->multicast_disabled)
143 if (BR_INPUT_SKB_CB(skb)->igmp)
146 ip.proto = skb->protocol;
148 switch (skb->protocol) {
149 case htons(ETH_P_IP):
150 ip.u.ip4 = ip_hdr(skb)->daddr;
152 #if IS_ENABLED(CONFIG_IPV6)
153 case htons(ETH_P_IPV6):
154 ip.u.ip6 = ipv6_hdr(skb)->daddr;
161 return br_mdb_ip_get(mdb, &ip);
164 static void br_mdb_free(struct rcu_head *head)
166 struct net_bridge_mdb_htable *mdb =
167 container_of(head, struct net_bridge_mdb_htable, rcu);
168 struct net_bridge_mdb_htable *old = mdb->old;
175 static int br_mdb_copy(struct net_bridge_mdb_htable *new,
176 struct net_bridge_mdb_htable *old,
179 struct net_bridge_mdb_entry *mp;
184 for (i = 0; i < old->max; i++)
185 hlist_for_each_entry(mp, &old->mhash[i], hlist[old->ver])
186 hlist_add_head(&mp->hlist[new->ver],
187 &new->mhash[br_ip_hash(new, &mp->addr)]);
193 for (i = 0; i < new->max; i++) {
195 hlist_for_each_entry(mp, &new->mhash[i], hlist[new->ver])
201 return maxlen > elasticity ? -EINVAL : 0;
204 void br_multicast_free_pg(struct rcu_head *head)
206 struct net_bridge_port_group *p =
207 container_of(head, struct net_bridge_port_group, rcu);
212 static void br_multicast_free_group(struct rcu_head *head)
214 struct net_bridge_mdb_entry *mp =
215 container_of(head, struct net_bridge_mdb_entry, rcu);
220 static void br_multicast_group_expired(unsigned long data)
222 struct net_bridge_mdb_entry *mp = (void *)data;
223 struct net_bridge *br = mp->br;
224 struct net_bridge_mdb_htable *mdb;
226 spin_lock(&br->multicast_lock);
227 if (!netif_running(br->dev) || timer_pending(&mp->timer))
235 mdb = mlock_dereference(br->mdb, br);
237 hlist_del_rcu(&mp->hlist[mdb->ver]);
240 call_rcu_bh(&mp->rcu, br_multicast_free_group);
243 spin_unlock(&br->multicast_lock);
246 static void br_multicast_del_pg(struct net_bridge *br,
247 struct net_bridge_port_group *pg)
249 struct net_bridge_mdb_htable *mdb;
250 struct net_bridge_mdb_entry *mp;
251 struct net_bridge_port_group *p;
252 struct net_bridge_port_group __rcu **pp;
254 mdb = mlock_dereference(br->mdb, br);
256 mp = br_mdb_ip_get(mdb, &pg->addr);
260 for (pp = &mp->ports;
261 (p = mlock_dereference(*pp, br)) != NULL;
266 rcu_assign_pointer(*pp, p->next);
267 hlist_del_init(&p->mglist);
268 del_timer(&p->timer);
269 call_rcu_bh(&p->rcu, br_multicast_free_pg);
271 if (!mp->ports && !mp->mglist &&
272 netif_running(br->dev))
273 mod_timer(&mp->timer, jiffies);
281 static void br_multicast_port_group_expired(unsigned long data)
283 struct net_bridge_port_group *pg = (void *)data;
284 struct net_bridge *br = pg->port->br;
286 spin_lock(&br->multicast_lock);
287 if (!netif_running(br->dev) || timer_pending(&pg->timer) ||
288 hlist_unhashed(&pg->mglist) || pg->state & MDB_PERMANENT)
291 br_multicast_del_pg(br, pg);
294 spin_unlock(&br->multicast_lock);
297 static int br_mdb_rehash(struct net_bridge_mdb_htable __rcu **mdbp, int max,
300 struct net_bridge_mdb_htable *old = rcu_dereference_protected(*mdbp, 1);
301 struct net_bridge_mdb_htable *mdb;
304 mdb = kmalloc(sizeof(*mdb), GFP_ATOMIC);
311 mdb->mhash = kzalloc(max * sizeof(*mdb->mhash), GFP_ATOMIC);
317 mdb->size = old ? old->size : 0;
318 mdb->ver = old ? old->ver ^ 1 : 0;
320 if (!old || elasticity)
321 get_random_bytes(&mdb->secret, sizeof(mdb->secret));
323 mdb->secret = old->secret;
328 err = br_mdb_copy(mdb, old, elasticity);
336 call_rcu_bh(&mdb->rcu, br_mdb_free);
339 rcu_assign_pointer(*mdbp, mdb);
344 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br,
352 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) +
357 skb->protocol = htons(ETH_P_IP);
359 skb_reset_mac_header(skb);
362 memcpy(eth->h_source, br->dev->dev_addr, 6);
365 eth->h_dest[2] = 0x5e;
369 eth->h_proto = htons(ETH_P_IP);
370 skb_put(skb, sizeof(*eth));
372 skb_set_network_header(skb, skb->len);
378 iph->tot_len = htons(sizeof(*iph) + sizeof(*ih) + 4);
380 iph->frag_off = htons(IP_DF);
382 iph->protocol = IPPROTO_IGMP;
384 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP);
385 ((u8 *)&iph[1])[0] = IPOPT_RA;
386 ((u8 *)&iph[1])[1] = 4;
387 ((u8 *)&iph[1])[2] = 0;
388 ((u8 *)&iph[1])[3] = 0;
392 skb_set_transport_header(skb, skb->len);
394 ih->type = IGMP_HOST_MEMBERSHIP_QUERY;
395 ih->code = (group ? br->multicast_last_member_interval :
396 br->multicast_query_response_interval) /
397 (HZ / IGMP_TIMER_SCALE);
400 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr));
401 skb_put(skb, sizeof(*ih));
403 __skb_pull(skb, sizeof(*eth));
409 #if IS_ENABLED(CONFIG_IPV6)
410 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br,
411 const struct in6_addr *group)
414 struct ipv6hdr *ip6h;
415 struct mld_msg *mldq;
418 unsigned long interval;
420 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) +
425 skb->protocol = htons(ETH_P_IPV6);
427 /* Ethernet header */
428 skb_reset_mac_header(skb);
431 memcpy(eth->h_source, br->dev->dev_addr, 6);
432 eth->h_proto = htons(ETH_P_IPV6);
433 skb_put(skb, sizeof(*eth));
435 /* IPv6 header + HbH option */
436 skb_set_network_header(skb, skb->len);
437 ip6h = ipv6_hdr(skb);
439 *(__force __be32 *)ip6h = htonl(0x60000000);
440 ip6h->payload_len = htons(8 + sizeof(*mldq));
441 ip6h->nexthdr = IPPROTO_HOPOPTS;
443 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1));
444 if (ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0,
449 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest);
451 hopopt = (u8 *)(ip6h + 1);
452 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */
453 hopopt[1] = 0; /* length of HbH */
454 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */
455 hopopt[3] = 2; /* Length of RA Option */
456 hopopt[4] = 0; /* Type = 0x0000 (MLD) */
458 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */
459 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */
461 skb_put(skb, sizeof(*ip6h) + 8);
464 skb_set_transport_header(skb, skb->len);
465 mldq = (struct mld_msg *) icmp6_hdr(skb);
467 interval = ipv6_addr_any(group) ? br->multicast_last_member_interval :
468 br->multicast_query_response_interval;
470 mldq->mld_type = ICMPV6_MGM_QUERY;
473 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval));
474 mldq->mld_reserved = 0;
475 mldq->mld_mca = *group;
478 mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr,
479 sizeof(*mldq), IPPROTO_ICMPV6,
482 skb_put(skb, sizeof(*mldq));
484 __skb_pull(skb, sizeof(*eth));
491 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br,
494 switch (addr->proto) {
495 case htons(ETH_P_IP):
496 return br_ip4_multicast_alloc_query(br, addr->u.ip4);
497 #if IS_ENABLED(CONFIG_IPV6)
498 case htons(ETH_P_IPV6):
499 return br_ip6_multicast_alloc_query(br, &addr->u.ip6);
505 static struct net_bridge_mdb_entry *br_multicast_get_group(
506 struct net_bridge *br, struct net_bridge_port *port,
507 struct br_ip *group, int hash)
509 struct net_bridge_mdb_htable *mdb;
510 struct net_bridge_mdb_entry *mp;
511 unsigned int count = 0;
516 mdb = rcu_dereference_protected(br->mdb, 1);
517 hlist_for_each_entry(mp, &mdb->mhash[hash], hlist[mdb->ver]) {
519 if (unlikely(br_ip_equal(group, &mp->addr)))
526 if (unlikely(count > br->hash_elasticity && count)) {
528 br_info(br, "Multicast hash table "
529 "chain limit reached: %s\n",
530 port ? port->dev->name : br->dev->name);
532 elasticity = br->hash_elasticity;
535 if (mdb->size >= max) {
537 if (unlikely(max > br->hash_max)) {
538 br_warn(br, "Multicast hash table maximum of %d "
539 "reached, disabling snooping: %s\n",
541 port ? port->dev->name : br->dev->name);
544 br->multicast_disabled = 1;
549 if (max > mdb->max || elasticity) {
552 br_info(br, "Multicast hash table "
554 port ? port->dev->name : br->dev->name);
559 err = br_mdb_rehash(&br->mdb, max, elasticity);
561 br_warn(br, "Cannot rehash multicast "
562 "hash table, disabling snooping: %s, %d, %d\n",
563 port ? port->dev->name : br->dev->name,
579 struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br,
580 struct net_bridge_port *port, struct br_ip *group)
582 struct net_bridge_mdb_htable *mdb;
583 struct net_bridge_mdb_entry *mp;
587 mdb = rcu_dereference_protected(br->mdb, 1);
589 err = br_mdb_rehash(&br->mdb, BR_HASH_SIZE, 0);
595 hash = br_ip_hash(mdb, group);
596 mp = br_multicast_get_group(br, port, group, hash);
597 switch (PTR_ERR(mp)) {
603 mdb = rcu_dereference_protected(br->mdb, 1);
604 hash = br_ip_hash(mdb, group);
611 mp = kzalloc(sizeof(*mp), GFP_ATOMIC);
613 return ERR_PTR(-ENOMEM);
617 setup_timer(&mp->timer, br_multicast_group_expired,
620 hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]);
627 struct net_bridge_port_group *br_multicast_new_port_group(
628 struct net_bridge_port *port,
630 struct net_bridge_port_group __rcu *next,
633 struct net_bridge_port_group *p;
635 p = kzalloc(sizeof(*p), GFP_ATOMIC);
642 rcu_assign_pointer(p->next, next);
643 hlist_add_head(&p->mglist, &port->mglist);
644 setup_timer(&p->timer, br_multicast_port_group_expired,
649 static int br_multicast_add_group(struct net_bridge *br,
650 struct net_bridge_port *port,
653 struct net_bridge_mdb_entry *mp;
654 struct net_bridge_port_group *p;
655 struct net_bridge_port_group __rcu **pp;
656 unsigned long now = jiffies;
659 spin_lock(&br->multicast_lock);
660 if (!netif_running(br->dev) ||
661 (port && port->state == BR_STATE_DISABLED))
664 mp = br_multicast_new_group(br, port, group);
671 mod_timer(&mp->timer, now + br->multicast_membership_interval);
675 for (pp = &mp->ports;
676 (p = mlock_dereference(*pp, br)) != NULL;
680 if ((unsigned long)p->port < (unsigned long)port)
684 p = br_multicast_new_port_group(port, group, *pp, MDB_TEMPORARY);
687 rcu_assign_pointer(*pp, p);
688 br_mdb_notify(br->dev, port, group, RTM_NEWMDB);
691 mod_timer(&p->timer, now + br->multicast_membership_interval);
696 spin_unlock(&br->multicast_lock);
700 static int br_ip4_multicast_add_group(struct net_bridge *br,
701 struct net_bridge_port *port,
705 struct br_ip br_group;
707 if (ipv4_is_local_multicast(group))
710 br_group.u.ip4 = group;
711 br_group.proto = htons(ETH_P_IP);
714 return br_multicast_add_group(br, port, &br_group);
717 #if IS_ENABLED(CONFIG_IPV6)
718 static int br_ip6_multicast_add_group(struct net_bridge *br,
719 struct net_bridge_port *port,
720 const struct in6_addr *group,
723 struct br_ip br_group;
725 if (!ipv6_is_transient_multicast(group))
728 br_group.u.ip6 = *group;
729 br_group.proto = htons(ETH_P_IPV6);
732 return br_multicast_add_group(br, port, &br_group);
736 static void br_multicast_router_expired(unsigned long data)
738 struct net_bridge_port *port = (void *)data;
739 struct net_bridge *br = port->br;
741 spin_lock(&br->multicast_lock);
742 if (port->multicast_router != 1 ||
743 timer_pending(&port->multicast_router_timer) ||
744 hlist_unhashed(&port->rlist))
747 hlist_del_init_rcu(&port->rlist);
750 spin_unlock(&br->multicast_lock);
753 static void br_multicast_local_router_expired(unsigned long data)
757 static void br_multicast_querier_expired(unsigned long data)
759 struct net_bridge *br = (void *)data;
761 spin_lock(&br->multicast_lock);
762 if (!netif_running(br->dev) || br->multicast_disabled)
765 br_multicast_start_querier(br);
768 spin_unlock(&br->multicast_lock);
771 static void __br_multicast_send_query(struct net_bridge *br,
772 struct net_bridge_port *port,
777 skb = br_multicast_alloc_query(br, ip);
782 __skb_push(skb, sizeof(struct ethhdr));
783 skb->dev = port->dev;
784 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
790 static void br_multicast_send_query(struct net_bridge *br,
791 struct net_bridge_port *port, u32 sent)
794 struct br_ip br_group;
796 if (!netif_running(br->dev) || br->multicast_disabled ||
797 !br->multicast_querier ||
798 timer_pending(&br->multicast_querier_timer))
801 memset(&br_group.u, 0, sizeof(br_group.u));
803 br_group.proto = htons(ETH_P_IP);
804 __br_multicast_send_query(br, port, &br_group);
806 #if IS_ENABLED(CONFIG_IPV6)
807 br_group.proto = htons(ETH_P_IPV6);
808 __br_multicast_send_query(br, port, &br_group);
812 time += sent < br->multicast_startup_query_count ?
813 br->multicast_startup_query_interval :
814 br->multicast_query_interval;
815 mod_timer(port ? &port->multicast_query_timer :
816 &br->multicast_query_timer, time);
819 static void br_multicast_port_query_expired(unsigned long data)
821 struct net_bridge_port *port = (void *)data;
822 struct net_bridge *br = port->br;
824 spin_lock(&br->multicast_lock);
825 if (port->state == BR_STATE_DISABLED ||
826 port->state == BR_STATE_BLOCKING)
829 if (port->multicast_startup_queries_sent <
830 br->multicast_startup_query_count)
831 port->multicast_startup_queries_sent++;
833 br_multicast_send_query(port->br, port,
834 port->multicast_startup_queries_sent);
837 spin_unlock(&br->multicast_lock);
840 void br_multicast_add_port(struct net_bridge_port *port)
842 port->multicast_router = 1;
844 setup_timer(&port->multicast_router_timer, br_multicast_router_expired,
845 (unsigned long)port);
846 setup_timer(&port->multicast_query_timer,
847 br_multicast_port_query_expired, (unsigned long)port);
850 void br_multicast_del_port(struct net_bridge_port *port)
852 del_timer_sync(&port->multicast_router_timer);
855 static void __br_multicast_enable_port(struct net_bridge_port *port)
857 port->multicast_startup_queries_sent = 0;
859 if (try_to_del_timer_sync(&port->multicast_query_timer) >= 0 ||
860 del_timer(&port->multicast_query_timer))
861 mod_timer(&port->multicast_query_timer, jiffies);
864 void br_multicast_enable_port(struct net_bridge_port *port)
866 struct net_bridge *br = port->br;
868 spin_lock(&br->multicast_lock);
869 if (br->multicast_disabled || !netif_running(br->dev))
872 __br_multicast_enable_port(port);
875 spin_unlock(&br->multicast_lock);
878 void br_multicast_disable_port(struct net_bridge_port *port)
880 struct net_bridge *br = port->br;
881 struct net_bridge_port_group *pg;
882 struct hlist_node *n;
884 spin_lock(&br->multicast_lock);
885 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist)
886 br_multicast_del_pg(br, pg);
888 if (!hlist_unhashed(&port->rlist))
889 hlist_del_init_rcu(&port->rlist);
890 del_timer(&port->multicast_router_timer);
891 del_timer(&port->multicast_query_timer);
892 spin_unlock(&br->multicast_lock);
895 static int br_ip4_multicast_igmp3_report(struct net_bridge *br,
896 struct net_bridge_port *port,
899 struct igmpv3_report *ih;
900 struct igmpv3_grec *grec;
909 if (!pskb_may_pull(skb, sizeof(*ih)))
912 br_vlan_get_tag(skb, &vid);
913 ih = igmpv3_report_hdr(skb);
914 num = ntohs(ih->ngrec);
917 for (i = 0; i < num; i++) {
918 len += sizeof(*grec);
919 if (!pskb_may_pull(skb, len))
922 grec = (void *)(skb->data + len - sizeof(*grec));
923 group = grec->grec_mca;
924 type = grec->grec_type;
926 len += ntohs(grec->grec_nsrcs) * 4;
927 if (!pskb_may_pull(skb, len))
930 /* We treat this as an IGMPv2 report for now. */
932 case IGMPV3_MODE_IS_INCLUDE:
933 case IGMPV3_MODE_IS_EXCLUDE:
934 case IGMPV3_CHANGE_TO_INCLUDE:
935 case IGMPV3_CHANGE_TO_EXCLUDE:
936 case IGMPV3_ALLOW_NEW_SOURCES:
937 case IGMPV3_BLOCK_OLD_SOURCES:
944 err = br_ip4_multicast_add_group(br, port, group, vid);
952 #if IS_ENABLED(CONFIG_IPV6)
953 static int br_ip6_multicast_mld2_report(struct net_bridge *br,
954 struct net_bridge_port *port,
957 struct icmp6hdr *icmp6h;
958 struct mld2_grec *grec;
965 if (!pskb_may_pull(skb, sizeof(*icmp6h)))
968 br_vlan_get_tag(skb, &vid);
969 icmp6h = icmp6_hdr(skb);
970 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]);
971 len = sizeof(*icmp6h);
973 for (i = 0; i < num; i++) {
974 __be16 *nsrcs, _nsrcs;
976 nsrcs = skb_header_pointer(skb,
977 len + offsetof(struct mld2_grec,
979 sizeof(_nsrcs), &_nsrcs);
983 if (!pskb_may_pull(skb,
984 len + sizeof(*grec) +
985 sizeof(struct in6_addr) * ntohs(*nsrcs)))
988 grec = (struct mld2_grec *)(skb->data + len);
989 len += sizeof(*grec) +
990 sizeof(struct in6_addr) * ntohs(*nsrcs);
992 /* We treat these as MLDv1 reports for now. */
993 switch (grec->grec_type) {
994 case MLD2_MODE_IS_INCLUDE:
995 case MLD2_MODE_IS_EXCLUDE:
996 case MLD2_CHANGE_TO_INCLUDE:
997 case MLD2_CHANGE_TO_EXCLUDE:
998 case MLD2_ALLOW_NEW_SOURCES:
999 case MLD2_BLOCK_OLD_SOURCES:
1006 err = br_ip6_multicast_add_group(br, port, &grec->grec_mca,
1017 * Add port to rotuer_list
1018 * list is maintained ordered by pointer value
1019 * and locked by br->multicast_lock and RCU
1021 static void br_multicast_add_router(struct net_bridge *br,
1022 struct net_bridge_port *port)
1024 struct net_bridge_port *p;
1025 struct hlist_node *slot = NULL;
1027 hlist_for_each_entry(p, &br->router_list, rlist) {
1028 if ((unsigned long) port >= (unsigned long) p)
1034 hlist_add_after_rcu(slot, &port->rlist);
1036 hlist_add_head_rcu(&port->rlist, &br->router_list);
1039 static void br_multicast_mark_router(struct net_bridge *br,
1040 struct net_bridge_port *port)
1042 unsigned long now = jiffies;
1045 if (br->multicast_router == 1)
1046 mod_timer(&br->multicast_router_timer,
1047 now + br->multicast_querier_interval);
1051 if (port->multicast_router != 1)
1054 if (!hlist_unhashed(&port->rlist))
1057 br_multicast_add_router(br, port);
1060 mod_timer(&port->multicast_router_timer,
1061 now + br->multicast_querier_interval);
1064 static void br_multicast_query_received(struct net_bridge *br,
1065 struct net_bridge_port *port,
1069 mod_timer(&br->multicast_querier_timer,
1070 jiffies + br->multicast_querier_interval);
1071 else if (timer_pending(&br->multicast_querier_timer))
1074 br_multicast_mark_router(br, port);
1077 static int br_ip4_multicast_query(struct net_bridge *br,
1078 struct net_bridge_port *port,
1079 struct sk_buff *skb)
1081 const struct iphdr *iph = ip_hdr(skb);
1082 struct igmphdr *ih = igmp_hdr(skb);
1083 struct net_bridge_mdb_entry *mp;
1084 struct igmpv3_query *ih3;
1085 struct net_bridge_port_group *p;
1086 struct net_bridge_port_group __rcu **pp;
1087 unsigned long max_delay;
1088 unsigned long now = jiffies;
1093 spin_lock(&br->multicast_lock);
1094 if (!netif_running(br->dev) ||
1095 (port && port->state == BR_STATE_DISABLED))
1098 br_multicast_query_received(br, port, !!iph->saddr);
1102 if (skb->len == sizeof(*ih)) {
1103 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE);
1106 max_delay = 10 * HZ;
1110 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) {
1115 ih3 = igmpv3_query_hdr(skb);
1119 max_delay = ih3->code ?
1120 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1;
1126 br_vlan_get_tag(skb, &vid);
1127 mp = br_mdb_ip4_get(mlock_dereference(br->mdb, br), group, vid);
1131 max_delay *= br->multicast_last_member_count;
1134 (timer_pending(&mp->timer) ?
1135 time_after(mp->timer.expires, now + max_delay) :
1136 try_to_del_timer_sync(&mp->timer) >= 0))
1137 mod_timer(&mp->timer, now + max_delay);
1139 for (pp = &mp->ports;
1140 (p = mlock_dereference(*pp, br)) != NULL;
1142 if (timer_pending(&p->timer) ?
1143 time_after(p->timer.expires, now + max_delay) :
1144 try_to_del_timer_sync(&p->timer) >= 0)
1145 mod_timer(&p->timer, now + max_delay);
1149 spin_unlock(&br->multicast_lock);
1153 #if IS_ENABLED(CONFIG_IPV6)
1154 static int br_ip6_multicast_query(struct net_bridge *br,
1155 struct net_bridge_port *port,
1156 struct sk_buff *skb)
1158 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
1159 struct mld_msg *mld;
1160 struct net_bridge_mdb_entry *mp;
1161 struct mld2_query *mld2q;
1162 struct net_bridge_port_group *p;
1163 struct net_bridge_port_group __rcu **pp;
1164 unsigned long max_delay;
1165 unsigned long now = jiffies;
1166 const struct in6_addr *group = NULL;
1170 spin_lock(&br->multicast_lock);
1171 if (!netif_running(br->dev) ||
1172 (port && port->state == BR_STATE_DISABLED))
1175 br_multicast_query_received(br, port, !ipv6_addr_any(&ip6h->saddr));
1177 if (skb->len == sizeof(*mld)) {
1178 if (!pskb_may_pull(skb, sizeof(*mld))) {
1182 mld = (struct mld_msg *) icmp6_hdr(skb);
1183 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay));
1185 group = &mld->mld_mca;
1186 } else if (skb->len >= sizeof(*mld2q)) {
1187 if (!pskb_may_pull(skb, sizeof(*mld2q))) {
1191 mld2q = (struct mld2_query *)icmp6_hdr(skb);
1192 if (!mld2q->mld2q_nsrcs)
1193 group = &mld2q->mld2q_mca;
1194 max_delay = mld2q->mld2q_mrc ? MLDV2_MRC(ntohs(mld2q->mld2q_mrc)) : 1;
1200 br_vlan_get_tag(skb, &vid);
1201 mp = br_mdb_ip6_get(mlock_dereference(br->mdb, br), group, vid);
1205 max_delay *= br->multicast_last_member_count;
1207 (timer_pending(&mp->timer) ?
1208 time_after(mp->timer.expires, now + max_delay) :
1209 try_to_del_timer_sync(&mp->timer) >= 0))
1210 mod_timer(&mp->timer, now + max_delay);
1212 for (pp = &mp->ports;
1213 (p = mlock_dereference(*pp, br)) != NULL;
1215 if (timer_pending(&p->timer) ?
1216 time_after(p->timer.expires, now + max_delay) :
1217 try_to_del_timer_sync(&p->timer) >= 0)
1218 mod_timer(&p->timer, now + max_delay);
1222 spin_unlock(&br->multicast_lock);
1227 static void br_multicast_leave_group(struct net_bridge *br,
1228 struct net_bridge_port *port,
1229 struct br_ip *group)
1231 struct net_bridge_mdb_htable *mdb;
1232 struct net_bridge_mdb_entry *mp;
1233 struct net_bridge_port_group *p;
1237 spin_lock(&br->multicast_lock);
1238 if (!netif_running(br->dev) ||
1239 (port && port->state == BR_STATE_DISABLED) ||
1240 timer_pending(&br->multicast_querier_timer))
1243 mdb = mlock_dereference(br->mdb, br);
1244 mp = br_mdb_ip_get(mdb, group);
1248 if (port && (port->flags & BR_MULTICAST_FAST_LEAVE)) {
1249 struct net_bridge_port_group __rcu **pp;
1251 for (pp = &mp->ports;
1252 (p = mlock_dereference(*pp, br)) != NULL;
1254 if (p->port != port)
1257 rcu_assign_pointer(*pp, p->next);
1258 hlist_del_init(&p->mglist);
1259 del_timer(&p->timer);
1260 call_rcu_bh(&p->rcu, br_multicast_free_pg);
1261 br_mdb_notify(br->dev, port, group, RTM_DELMDB);
1263 if (!mp->ports && !mp->mglist &&
1264 netif_running(br->dev))
1265 mod_timer(&mp->timer, jiffies);
1271 time = now + br->multicast_last_member_count *
1272 br->multicast_last_member_interval;
1276 (timer_pending(&mp->timer) ?
1277 time_after(mp->timer.expires, time) :
1278 try_to_del_timer_sync(&mp->timer) >= 0)) {
1279 mod_timer(&mp->timer, time);
1285 for (p = mlock_dereference(mp->ports, br);
1287 p = mlock_dereference(p->next, br)) {
1288 if (p->port != port)
1291 if (!hlist_unhashed(&p->mglist) &&
1292 (timer_pending(&p->timer) ?
1293 time_after(p->timer.expires, time) :
1294 try_to_del_timer_sync(&p->timer) >= 0)) {
1295 mod_timer(&p->timer, time);
1302 spin_unlock(&br->multicast_lock);
1305 static void br_ip4_multicast_leave_group(struct net_bridge *br,
1306 struct net_bridge_port *port,
1310 struct br_ip br_group;
1312 if (ipv4_is_local_multicast(group))
1315 br_group.u.ip4 = group;
1316 br_group.proto = htons(ETH_P_IP);
1319 br_multicast_leave_group(br, port, &br_group);
1322 #if IS_ENABLED(CONFIG_IPV6)
1323 static void br_ip6_multicast_leave_group(struct net_bridge *br,
1324 struct net_bridge_port *port,
1325 const struct in6_addr *group,
1328 struct br_ip br_group;
1330 if (!ipv6_is_transient_multicast(group))
1333 br_group.u.ip6 = *group;
1334 br_group.proto = htons(ETH_P_IPV6);
1337 br_multicast_leave_group(br, port, &br_group);
1341 static int br_multicast_ipv4_rcv(struct net_bridge *br,
1342 struct net_bridge_port *port,
1343 struct sk_buff *skb)
1345 struct sk_buff *skb2 = skb;
1346 const struct iphdr *iph;
1349 unsigned int offset;
1353 /* We treat OOM as packet loss for now. */
1354 if (!pskb_may_pull(skb, sizeof(*iph)))
1359 if (iph->ihl < 5 || iph->version != 4)
1362 if (!pskb_may_pull(skb, ip_hdrlen(skb)))
1367 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl)))
1370 if (iph->protocol != IPPROTO_IGMP) {
1371 if ((iph->daddr & IGMP_LOCAL_GROUP_MASK) != IGMP_LOCAL_GROUP)
1372 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1376 len = ntohs(iph->tot_len);
1377 if (skb->len < len || len < ip_hdrlen(skb))
1380 if (skb->len > len) {
1381 skb2 = skb_clone(skb, GFP_ATOMIC);
1385 err = pskb_trim_rcsum(skb2, len);
1390 len -= ip_hdrlen(skb2);
1391 offset = skb_network_offset(skb2) + ip_hdrlen(skb2);
1392 __skb_pull(skb2, offset);
1393 skb_reset_transport_header(skb2);
1396 if (!pskb_may_pull(skb2, sizeof(*ih)))
1399 switch (skb2->ip_summed) {
1400 case CHECKSUM_COMPLETE:
1401 if (!csum_fold(skb2->csum))
1406 if (skb_checksum_complete(skb2))
1412 br_vlan_get_tag(skb2, &vid);
1413 BR_INPUT_SKB_CB(skb)->igmp = 1;
1414 ih = igmp_hdr(skb2);
1417 case IGMP_HOST_MEMBERSHIP_REPORT:
1418 case IGMPV2_HOST_MEMBERSHIP_REPORT:
1419 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1420 err = br_ip4_multicast_add_group(br, port, ih->group, vid);
1422 case IGMPV3_HOST_MEMBERSHIP_REPORT:
1423 err = br_ip4_multicast_igmp3_report(br, port, skb2);
1425 case IGMP_HOST_MEMBERSHIP_QUERY:
1426 err = br_ip4_multicast_query(br, port, skb2);
1428 case IGMP_HOST_LEAVE_MESSAGE:
1429 br_ip4_multicast_leave_group(br, port, ih->group, vid);
1434 __skb_push(skb2, offset);
1441 #if IS_ENABLED(CONFIG_IPV6)
1442 static int br_multicast_ipv6_rcv(struct net_bridge *br,
1443 struct net_bridge_port *port,
1444 struct sk_buff *skb)
1446 struct sk_buff *skb2;
1447 const struct ipv6hdr *ip6h;
1456 if (!pskb_may_pull(skb, sizeof(*ip6h)))
1459 ip6h = ipv6_hdr(skb);
1462 * We're interested in MLD messages only.
1464 * - MLD has always Router Alert hop-by-hop option
1465 * - But we do not support jumbrograms.
1467 if (ip6h->version != 6 ||
1468 ip6h->nexthdr != IPPROTO_HOPOPTS ||
1469 ip6h->payload_len == 0)
1472 len = ntohs(ip6h->payload_len) + sizeof(*ip6h);
1476 nexthdr = ip6h->nexthdr;
1477 offset = ipv6_skip_exthdr(skb, sizeof(*ip6h), &nexthdr, &frag_off);
1479 if (offset < 0 || nexthdr != IPPROTO_ICMPV6)
1482 /* Okay, we found ICMPv6 header */
1483 skb2 = skb_clone(skb, GFP_ATOMIC);
1488 if (!pskb_may_pull(skb2, offset + sizeof(struct icmp6hdr)))
1491 len -= offset - skb_network_offset(skb2);
1493 __skb_pull(skb2, offset);
1494 skb_reset_transport_header(skb2);
1495 skb_postpull_rcsum(skb2, skb_network_header(skb2),
1496 skb_network_header_len(skb2));
1498 icmp6_type = icmp6_hdr(skb2)->icmp6_type;
1500 switch (icmp6_type) {
1501 case ICMPV6_MGM_QUERY:
1502 case ICMPV6_MGM_REPORT:
1503 case ICMPV6_MGM_REDUCTION:
1504 case ICMPV6_MLD2_REPORT:
1511 /* Okay, we found MLD message. Check further. */
1512 if (skb2->len > len) {
1513 err = pskb_trim_rcsum(skb2, len);
1519 ip6h = ipv6_hdr(skb2);
1521 switch (skb2->ip_summed) {
1522 case CHECKSUM_COMPLETE:
1523 if (!csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, skb2->len,
1524 IPPROTO_ICMPV6, skb2->csum))
1528 skb2->csum = ~csum_unfold(csum_ipv6_magic(&ip6h->saddr,
1531 IPPROTO_ICMPV6, 0));
1532 if (__skb_checksum_complete(skb2))
1538 br_vlan_get_tag(skb, &vid);
1539 BR_INPUT_SKB_CB(skb)->igmp = 1;
1541 switch (icmp6_type) {
1542 case ICMPV6_MGM_REPORT:
1544 struct mld_msg *mld;
1545 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1549 mld = (struct mld_msg *)skb_transport_header(skb2);
1550 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1551 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid);
1554 case ICMPV6_MLD2_REPORT:
1555 err = br_ip6_multicast_mld2_report(br, port, skb2);
1557 case ICMPV6_MGM_QUERY:
1558 err = br_ip6_multicast_query(br, port, skb2);
1560 case ICMPV6_MGM_REDUCTION:
1562 struct mld_msg *mld;
1563 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1567 mld = (struct mld_msg *)skb_transport_header(skb2);
1568 br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid);
1578 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port,
1579 struct sk_buff *skb)
1581 BR_INPUT_SKB_CB(skb)->igmp = 0;
1582 BR_INPUT_SKB_CB(skb)->mrouters_only = 0;
1584 if (br->multicast_disabled)
1587 switch (skb->protocol) {
1588 case htons(ETH_P_IP):
1589 return br_multicast_ipv4_rcv(br, port, skb);
1590 #if IS_ENABLED(CONFIG_IPV6)
1591 case htons(ETH_P_IPV6):
1592 return br_multicast_ipv6_rcv(br, port, skb);
1599 static void br_multicast_query_expired(unsigned long data)
1601 struct net_bridge *br = (void *)data;
1603 spin_lock(&br->multicast_lock);
1604 if (br->multicast_startup_queries_sent <
1605 br->multicast_startup_query_count)
1606 br->multicast_startup_queries_sent++;
1608 br_multicast_send_query(br, NULL, br->multicast_startup_queries_sent);
1610 spin_unlock(&br->multicast_lock);
1613 void br_multicast_init(struct net_bridge *br)
1615 br->hash_elasticity = 4;
1618 br->multicast_router = 1;
1619 br->multicast_querier = 0;
1620 br->multicast_last_member_count = 2;
1621 br->multicast_startup_query_count = 2;
1623 br->multicast_last_member_interval = HZ;
1624 br->multicast_query_response_interval = 10 * HZ;
1625 br->multicast_startup_query_interval = 125 * HZ / 4;
1626 br->multicast_query_interval = 125 * HZ;
1627 br->multicast_querier_interval = 255 * HZ;
1628 br->multicast_membership_interval = 260 * HZ;
1630 spin_lock_init(&br->multicast_lock);
1631 setup_timer(&br->multicast_router_timer,
1632 br_multicast_local_router_expired, 0);
1633 setup_timer(&br->multicast_querier_timer,
1634 br_multicast_querier_expired, (unsigned long)br);
1635 setup_timer(&br->multicast_query_timer, br_multicast_query_expired,
1639 void br_multicast_open(struct net_bridge *br)
1641 br->multicast_startup_queries_sent = 0;
1643 if (br->multicast_disabled)
1646 mod_timer(&br->multicast_query_timer, jiffies);
1649 void br_multicast_stop(struct net_bridge *br)
1651 struct net_bridge_mdb_htable *mdb;
1652 struct net_bridge_mdb_entry *mp;
1653 struct hlist_node *n;
1657 del_timer_sync(&br->multicast_router_timer);
1658 del_timer_sync(&br->multicast_querier_timer);
1659 del_timer_sync(&br->multicast_query_timer);
1661 spin_lock_bh(&br->multicast_lock);
1662 mdb = mlock_dereference(br->mdb, br);
1669 for (i = 0; i < mdb->max; i++) {
1670 hlist_for_each_entry_safe(mp, n, &mdb->mhash[i],
1672 del_timer(&mp->timer);
1673 call_rcu_bh(&mp->rcu, br_multicast_free_group);
1678 spin_unlock_bh(&br->multicast_lock);
1680 spin_lock_bh(&br->multicast_lock);
1685 call_rcu_bh(&mdb->rcu, br_mdb_free);
1688 spin_unlock_bh(&br->multicast_lock);
1691 int br_multicast_set_router(struct net_bridge *br, unsigned long val)
1695 spin_lock_bh(&br->multicast_lock);
1696 if (!netif_running(br->dev))
1702 del_timer(&br->multicast_router_timer);
1705 br->multicast_router = val;
1715 spin_unlock_bh(&br->multicast_lock);
1720 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val)
1722 struct net_bridge *br = p->br;
1725 spin_lock(&br->multicast_lock);
1726 if (!netif_running(br->dev) || p->state == BR_STATE_DISABLED)
1733 p->multicast_router = val;
1736 if (val < 2 && !hlist_unhashed(&p->rlist))
1737 hlist_del_init_rcu(&p->rlist);
1742 del_timer(&p->multicast_router_timer);
1747 br_multicast_add_router(br, p);
1756 spin_unlock(&br->multicast_lock);
1761 static void br_multicast_start_querier(struct net_bridge *br)
1763 struct net_bridge_port *port;
1765 br_multicast_open(br);
1767 list_for_each_entry(port, &br->port_list, list) {
1768 if (port->state == BR_STATE_DISABLED ||
1769 port->state == BR_STATE_BLOCKING)
1772 __br_multicast_enable_port(port);
1776 int br_multicast_toggle(struct net_bridge *br, unsigned long val)
1779 struct net_bridge_mdb_htable *mdb;
1781 spin_lock_bh(&br->multicast_lock);
1782 if (br->multicast_disabled == !val)
1785 br->multicast_disabled = !val;
1786 if (br->multicast_disabled)
1789 if (!netif_running(br->dev))
1792 mdb = mlock_dereference(br->mdb, br);
1797 br->multicast_disabled = !!val;
1801 err = br_mdb_rehash(&br->mdb, mdb->max,
1802 br->hash_elasticity);
1807 br_multicast_start_querier(br);
1810 spin_unlock_bh(&br->multicast_lock);
1815 int br_multicast_set_querier(struct net_bridge *br, unsigned long val)
1819 spin_lock_bh(&br->multicast_lock);
1820 if (br->multicast_querier == val)
1823 br->multicast_querier = val;
1825 br_multicast_start_querier(br);
1828 spin_unlock_bh(&br->multicast_lock);
1833 int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val)
1837 struct net_bridge_mdb_htable *mdb;
1839 spin_lock(&br->multicast_lock);
1840 if (!netif_running(br->dev))
1844 if (!is_power_of_2(val))
1847 mdb = mlock_dereference(br->mdb, br);
1848 if (mdb && val < mdb->size)
1864 err = br_mdb_rehash(&br->mdb, br->hash_max,
1865 br->hash_elasticity);
1871 spin_unlock(&br->multicast_lock);
projects / karo-tx-linux.git / blob