Loading...
1/*
2 * Bridge multicast support.
3 *
4 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au>
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 2 of the License, or (at your option)
9 * any later version.
10 *
11 */
12
13#include <linux/err.h>
14#include <linux/if_ether.h>
15#include <linux/igmp.h>
16#include <linux/jhash.h>
17#include <linux/kernel.h>
18#include <linux/log2.h>
19#include <linux/netdevice.h>
20#include <linux/netfilter_bridge.h>
21#include <linux/random.h>
22#include <linux/rculist.h>
23#include <linux/skbuff.h>
24#include <linux/slab.h>
25#include <linux/timer.h>
26#include <net/ip.h>
27#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
28#include <net/ipv6.h>
29#include <net/mld.h>
30#include <net/addrconf.h>
31#include <net/ip6_checksum.h>
32#endif
33
34#include "br_private.h"
35
36#define mlock_dereference(X, br) \
37 rcu_dereference_protected(X, lockdep_is_held(&br->multicast_lock))
38
39#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
40static inline int ipv6_is_transient_multicast(const struct in6_addr *addr)
41{
42 if (ipv6_addr_is_multicast(addr) && IPV6_ADDR_MC_FLAG_TRANSIENT(addr))
43 return 1;
44 return 0;
45}
46#endif
47
48static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b)
49{
50 if (a->proto != b->proto)
51 return 0;
52 switch (a->proto) {
53 case htons(ETH_P_IP):
54 return a->u.ip4 == b->u.ip4;
55#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
56 case htons(ETH_P_IPV6):
57 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6);
58#endif
59 }
60 return 0;
61}
62
63static inline int __br_ip4_hash(struct net_bridge_mdb_htable *mdb, __be32 ip)
64{
65 return jhash_1word(mdb->secret, (__force u32)ip) & (mdb->max - 1);
66}
67
68#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
69static inline int __br_ip6_hash(struct net_bridge_mdb_htable *mdb,
70 const struct in6_addr *ip)
71{
72 return jhash2((__force u32 *)ip->s6_addr32, 4, mdb->secret) & (mdb->max - 1);
73}
74#endif
75
76static inline int br_ip_hash(struct net_bridge_mdb_htable *mdb,
77 struct br_ip *ip)
78{
79 switch (ip->proto) {
80 case htons(ETH_P_IP):
81 return __br_ip4_hash(mdb, ip->u.ip4);
82#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
83 case htons(ETH_P_IPV6):
84 return __br_ip6_hash(mdb, &ip->u.ip6);
85#endif
86 }
87 return 0;
88}
89
90static struct net_bridge_mdb_entry *__br_mdb_ip_get(
91 struct net_bridge_mdb_htable *mdb, struct br_ip *dst, int hash)
92{
93 struct net_bridge_mdb_entry *mp;
94 struct hlist_node *p;
95
96 hlist_for_each_entry_rcu(mp, p, &mdb->mhash[hash], hlist[mdb->ver]) {
97 if (br_ip_equal(&mp->addr, dst))
98 return mp;
99 }
100
101 return NULL;
102}
103
104static struct net_bridge_mdb_entry *br_mdb_ip_get(
105 struct net_bridge_mdb_htable *mdb, struct br_ip *dst)
106{
107 if (!mdb)
108 return NULL;
109
110 return __br_mdb_ip_get(mdb, dst, br_ip_hash(mdb, dst));
111}
112
113static struct net_bridge_mdb_entry *br_mdb_ip4_get(
114 struct net_bridge_mdb_htable *mdb, __be32 dst)
115{
116 struct br_ip br_dst;
117
118 br_dst.u.ip4 = dst;
119 br_dst.proto = htons(ETH_P_IP);
120
121 return br_mdb_ip_get(mdb, &br_dst);
122}
123
124#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
125static struct net_bridge_mdb_entry *br_mdb_ip6_get(
126 struct net_bridge_mdb_htable *mdb, const struct in6_addr *dst)
127{
128 struct br_ip br_dst;
129
130 ipv6_addr_copy(&br_dst.u.ip6, dst);
131 br_dst.proto = htons(ETH_P_IPV6);
132
133 return br_mdb_ip_get(mdb, &br_dst);
134}
135#endif
136
137struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br,
138 struct sk_buff *skb)
139{
140 struct net_bridge_mdb_htable *mdb = rcu_dereference(br->mdb);
141 struct br_ip ip;
142
143 if (br->multicast_disabled)
144 return NULL;
145
146 if (BR_INPUT_SKB_CB(skb)->igmp)
147 return NULL;
148
149 ip.proto = skb->protocol;
150
151 switch (skb->protocol) {
152 case htons(ETH_P_IP):
153 ip.u.ip4 = ip_hdr(skb)->daddr;
154 break;
155#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
156 case htons(ETH_P_IPV6):
157 ipv6_addr_copy(&ip.u.ip6, &ipv6_hdr(skb)->daddr);
158 break;
159#endif
160 default:
161 return NULL;
162 }
163
164 return br_mdb_ip_get(mdb, &ip);
165}
166
167static void br_mdb_free(struct rcu_head *head)
168{
169 struct net_bridge_mdb_htable *mdb =
170 container_of(head, struct net_bridge_mdb_htable, rcu);
171 struct net_bridge_mdb_htable *old = mdb->old;
172
173 mdb->old = NULL;
174 kfree(old->mhash);
175 kfree(old);
176}
177
178static int br_mdb_copy(struct net_bridge_mdb_htable *new,
179 struct net_bridge_mdb_htable *old,
180 int elasticity)
181{
182 struct net_bridge_mdb_entry *mp;
183 struct hlist_node *p;
184 int maxlen;
185 int len;
186 int i;
187
188 for (i = 0; i < old->max; i++)
189 hlist_for_each_entry(mp, p, &old->mhash[i], hlist[old->ver])
190 hlist_add_head(&mp->hlist[new->ver],
191 &new->mhash[br_ip_hash(new, &mp->addr)]);
192
193 if (!elasticity)
194 return 0;
195
196 maxlen = 0;
197 for (i = 0; i < new->max; i++) {
198 len = 0;
199 hlist_for_each_entry(mp, p, &new->mhash[i], hlist[new->ver])
200 len++;
201 if (len > maxlen)
202 maxlen = len;
203 }
204
205 return maxlen > elasticity ? -EINVAL : 0;
206}
207
208static void br_multicast_free_pg(struct rcu_head *head)
209{
210 struct net_bridge_port_group *p =
211 container_of(head, struct net_bridge_port_group, rcu);
212
213 kfree(p);
214}
215
216static void br_multicast_free_group(struct rcu_head *head)
217{
218 struct net_bridge_mdb_entry *mp =
219 container_of(head, struct net_bridge_mdb_entry, rcu);
220
221 kfree(mp);
222}
223
224static void br_multicast_group_expired(unsigned long data)
225{
226 struct net_bridge_mdb_entry *mp = (void *)data;
227 struct net_bridge *br = mp->br;
228 struct net_bridge_mdb_htable *mdb;
229
230 spin_lock(&br->multicast_lock);
231 if (!netif_running(br->dev) || timer_pending(&mp->timer))
232 goto out;
233
234 mp->mglist = false;
235
236 if (mp->ports)
237 goto out;
238
239 mdb = mlock_dereference(br->mdb, br);
240
241 hlist_del_rcu(&mp->hlist[mdb->ver]);
242 mdb->size--;
243
244 del_timer(&mp->query_timer);
245 call_rcu_bh(&mp->rcu, br_multicast_free_group);
246
247out:
248 spin_unlock(&br->multicast_lock);
249}
250
251static void br_multicast_del_pg(struct net_bridge *br,
252 struct net_bridge_port_group *pg)
253{
254 struct net_bridge_mdb_htable *mdb;
255 struct net_bridge_mdb_entry *mp;
256 struct net_bridge_port_group *p;
257 struct net_bridge_port_group __rcu **pp;
258
259 mdb = mlock_dereference(br->mdb, br);
260
261 mp = br_mdb_ip_get(mdb, &pg->addr);
262 if (WARN_ON(!mp))
263 return;
264
265 for (pp = &mp->ports;
266 (p = mlock_dereference(*pp, br)) != NULL;
267 pp = &p->next) {
268 if (p != pg)
269 continue;
270
271 rcu_assign_pointer(*pp, p->next);
272 hlist_del_init(&p->mglist);
273 del_timer(&p->timer);
274 del_timer(&p->query_timer);
275 call_rcu_bh(&p->rcu, br_multicast_free_pg);
276
277 if (!mp->ports && !mp->mglist &&
278 netif_running(br->dev))
279 mod_timer(&mp->timer, jiffies);
280
281 return;
282 }
283
284 WARN_ON(1);
285}
286
287static void br_multicast_port_group_expired(unsigned long data)
288{
289 struct net_bridge_port_group *pg = (void *)data;
290 struct net_bridge *br = pg->port->br;
291
292 spin_lock(&br->multicast_lock);
293 if (!netif_running(br->dev) || timer_pending(&pg->timer) ||
294 hlist_unhashed(&pg->mglist))
295 goto out;
296
297 br_multicast_del_pg(br, pg);
298
299out:
300 spin_unlock(&br->multicast_lock);
301}
302
303static int br_mdb_rehash(struct net_bridge_mdb_htable __rcu **mdbp, int max,
304 int elasticity)
305{
306 struct net_bridge_mdb_htable *old = rcu_dereference_protected(*mdbp, 1);
307 struct net_bridge_mdb_htable *mdb;
308 int err;
309
310 mdb = kmalloc(sizeof(*mdb), GFP_ATOMIC);
311 if (!mdb)
312 return -ENOMEM;
313
314 mdb->max = max;
315 mdb->old = old;
316
317 mdb->mhash = kzalloc(max * sizeof(*mdb->mhash), GFP_ATOMIC);
318 if (!mdb->mhash) {
319 kfree(mdb);
320 return -ENOMEM;
321 }
322
323 mdb->size = old ? old->size : 0;
324 mdb->ver = old ? old->ver ^ 1 : 0;
325
326 if (!old || elasticity)
327 get_random_bytes(&mdb->secret, sizeof(mdb->secret));
328 else
329 mdb->secret = old->secret;
330
331 if (!old)
332 goto out;
333
334 err = br_mdb_copy(mdb, old, elasticity);
335 if (err) {
336 kfree(mdb->mhash);
337 kfree(mdb);
338 return err;
339 }
340
341 call_rcu_bh(&mdb->rcu, br_mdb_free);
342
343out:
344 rcu_assign_pointer(*mdbp, mdb);
345
346 return 0;
347}
348
349static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br,
350 __be32 group)
351{
352 struct sk_buff *skb;
353 struct igmphdr *ih;
354 struct ethhdr *eth;
355 struct iphdr *iph;
356
357 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) +
358 sizeof(*ih) + 4);
359 if (!skb)
360 goto out;
361
362 skb->protocol = htons(ETH_P_IP);
363
364 skb_reset_mac_header(skb);
365 eth = eth_hdr(skb);
366
367 memcpy(eth->h_source, br->dev->dev_addr, 6);
368 eth->h_dest[0] = 1;
369 eth->h_dest[1] = 0;
370 eth->h_dest[2] = 0x5e;
371 eth->h_dest[3] = 0;
372 eth->h_dest[4] = 0;
373 eth->h_dest[5] = 1;
374 eth->h_proto = htons(ETH_P_IP);
375 skb_put(skb, sizeof(*eth));
376
377 skb_set_network_header(skb, skb->len);
378 iph = ip_hdr(skb);
379
380 iph->version = 4;
381 iph->ihl = 6;
382 iph->tos = 0xc0;
383 iph->tot_len = htons(sizeof(*iph) + sizeof(*ih) + 4);
384 iph->id = 0;
385 iph->frag_off = htons(IP_DF);
386 iph->ttl = 1;
387 iph->protocol = IPPROTO_IGMP;
388 iph->saddr = 0;
389 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP);
390 ((u8 *)&iph[1])[0] = IPOPT_RA;
391 ((u8 *)&iph[1])[1] = 4;
392 ((u8 *)&iph[1])[2] = 0;
393 ((u8 *)&iph[1])[3] = 0;
394 ip_send_check(iph);
395 skb_put(skb, 24);
396
397 skb_set_transport_header(skb, skb->len);
398 ih = igmp_hdr(skb);
399 ih->type = IGMP_HOST_MEMBERSHIP_QUERY;
400 ih->code = (group ? br->multicast_last_member_interval :
401 br->multicast_query_response_interval) /
402 (HZ / IGMP_TIMER_SCALE);
403 ih->group = group;
404 ih->csum = 0;
405 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr));
406 skb_put(skb, sizeof(*ih));
407
408 __skb_pull(skb, sizeof(*eth));
409
410out:
411 return skb;
412}
413
414#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
415static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br,
416 const struct in6_addr *group)
417{
418 struct sk_buff *skb;
419 struct ipv6hdr *ip6h;
420 struct mld_msg *mldq;
421 struct ethhdr *eth;
422 u8 *hopopt;
423 unsigned long interval;
424
425 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) +
426 8 + sizeof(*mldq));
427 if (!skb)
428 goto out;
429
430 skb->protocol = htons(ETH_P_IPV6);
431
432 /* Ethernet header */
433 skb_reset_mac_header(skb);
434 eth = eth_hdr(skb);
435
436 memcpy(eth->h_source, br->dev->dev_addr, 6);
437 eth->h_proto = htons(ETH_P_IPV6);
438 skb_put(skb, sizeof(*eth));
439
440 /* IPv6 header + HbH option */
441 skb_set_network_header(skb, skb->len);
442 ip6h = ipv6_hdr(skb);
443
444 *(__force __be32 *)ip6h = htonl(0x60000000);
445 ip6h->payload_len = htons(8 + sizeof(*mldq));
446 ip6h->nexthdr = IPPROTO_HOPOPTS;
447 ip6h->hop_limit = 1;
448 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1));
449 ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0,
450 &ip6h->saddr);
451 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest);
452
453 hopopt = (u8 *)(ip6h + 1);
454 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */
455 hopopt[1] = 0; /* length of HbH */
456 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */
457 hopopt[3] = 2; /* Length of RA Option */
458 hopopt[4] = 0; /* Type = 0x0000 (MLD) */
459 hopopt[5] = 0;
460 hopopt[6] = IPV6_TLV_PAD0; /* Pad0 */
461 hopopt[7] = IPV6_TLV_PAD0; /* Pad0 */
462
463 skb_put(skb, sizeof(*ip6h) + 8);
464
465 /* ICMPv6 */
466 skb_set_transport_header(skb, skb->len);
467 mldq = (struct mld_msg *) icmp6_hdr(skb);
468
469 interval = ipv6_addr_any(group) ? br->multicast_last_member_interval :
470 br->multicast_query_response_interval;
471
472 mldq->mld_type = ICMPV6_MGM_QUERY;
473 mldq->mld_code = 0;
474 mldq->mld_cksum = 0;
475 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval));
476 mldq->mld_reserved = 0;
477 ipv6_addr_copy(&mldq->mld_mca, group);
478
479 /* checksum */
480 mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr,
481 sizeof(*mldq), IPPROTO_ICMPV6,
482 csum_partial(mldq,
483 sizeof(*mldq), 0));
484 skb_put(skb, sizeof(*mldq));
485
486 __skb_pull(skb, sizeof(*eth));
487
488out:
489 return skb;
490}
491#endif
492
493static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br,
494 struct br_ip *addr)
495{
496 switch (addr->proto) {
497 case htons(ETH_P_IP):
498 return br_ip4_multicast_alloc_query(br, addr->u.ip4);
499#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
500 case htons(ETH_P_IPV6):
501 return br_ip6_multicast_alloc_query(br, &addr->u.ip6);
502#endif
503 }
504 return NULL;
505}
506
507static void br_multicast_send_group_query(struct net_bridge_mdb_entry *mp)
508{
509 struct net_bridge *br = mp->br;
510 struct sk_buff *skb;
511
512 skb = br_multicast_alloc_query(br, &mp->addr);
513 if (!skb)
514 goto timer;
515
516 netif_rx(skb);
517
518timer:
519 if (++mp->queries_sent < br->multicast_last_member_count)
520 mod_timer(&mp->query_timer,
521 jiffies + br->multicast_last_member_interval);
522}
523
524static void br_multicast_group_query_expired(unsigned long data)
525{
526 struct net_bridge_mdb_entry *mp = (void *)data;
527 struct net_bridge *br = mp->br;
528
529 spin_lock(&br->multicast_lock);
530 if (!netif_running(br->dev) || !mp->mglist ||
531 mp->queries_sent >= br->multicast_last_member_count)
532 goto out;
533
534 br_multicast_send_group_query(mp);
535
536out:
537 spin_unlock(&br->multicast_lock);
538}
539
540static void br_multicast_send_port_group_query(struct net_bridge_port_group *pg)
541{
542 struct net_bridge_port *port = pg->port;
543 struct net_bridge *br = port->br;
544 struct sk_buff *skb;
545
546 skb = br_multicast_alloc_query(br, &pg->addr);
547 if (!skb)
548 goto timer;
549
550 br_deliver(port, skb);
551
552timer:
553 if (++pg->queries_sent < br->multicast_last_member_count)
554 mod_timer(&pg->query_timer,
555 jiffies + br->multicast_last_member_interval);
556}
557
558static void br_multicast_port_group_query_expired(unsigned long data)
559{
560 struct net_bridge_port_group *pg = (void *)data;
561 struct net_bridge_port *port = pg->port;
562 struct net_bridge *br = port->br;
563
564 spin_lock(&br->multicast_lock);
565 if (!netif_running(br->dev) || hlist_unhashed(&pg->mglist) ||
566 pg->queries_sent >= br->multicast_last_member_count)
567 goto out;
568
569 br_multicast_send_port_group_query(pg);
570
571out:
572 spin_unlock(&br->multicast_lock);
573}
574
575static struct net_bridge_mdb_entry *br_multicast_get_group(
576 struct net_bridge *br, struct net_bridge_port *port,
577 struct br_ip *group, int hash)
578{
579 struct net_bridge_mdb_htable *mdb;
580 struct net_bridge_mdb_entry *mp;
581 struct hlist_node *p;
582 unsigned count = 0;
583 unsigned max;
584 int elasticity;
585 int err;
586
587 mdb = rcu_dereference_protected(br->mdb, 1);
588 hlist_for_each_entry(mp, p, &mdb->mhash[hash], hlist[mdb->ver]) {
589 count++;
590 if (unlikely(br_ip_equal(group, &mp->addr)))
591 return mp;
592 }
593
594 elasticity = 0;
595 max = mdb->max;
596
597 if (unlikely(count > br->hash_elasticity && count)) {
598 if (net_ratelimit())
599 br_info(br, "Multicast hash table "
600 "chain limit reached: %s\n",
601 port ? port->dev->name : br->dev->name);
602
603 elasticity = br->hash_elasticity;
604 }
605
606 if (mdb->size >= max) {
607 max *= 2;
608 if (unlikely(max >= br->hash_max)) {
609 br_warn(br, "Multicast hash table maximum "
610 "reached, disabling snooping: %s, %d\n",
611 port ? port->dev->name : br->dev->name, max);
612 err = -E2BIG;
613disable:
614 br->multicast_disabled = 1;
615 goto err;
616 }
617 }
618
619 if (max > mdb->max || elasticity) {
620 if (mdb->old) {
621 if (net_ratelimit())
622 br_info(br, "Multicast hash table "
623 "on fire: %s\n",
624 port ? port->dev->name : br->dev->name);
625 err = -EEXIST;
626 goto err;
627 }
628
629 err = br_mdb_rehash(&br->mdb, max, elasticity);
630 if (err) {
631 br_warn(br, "Cannot rehash multicast "
632 "hash table, disabling snooping: %s, %d, %d\n",
633 port ? port->dev->name : br->dev->name,
634 mdb->size, err);
635 goto disable;
636 }
637
638 err = -EAGAIN;
639 goto err;
640 }
641
642 return NULL;
643
644err:
645 mp = ERR_PTR(err);
646 return mp;
647}
648
649static struct net_bridge_mdb_entry *br_multicast_new_group(
650 struct net_bridge *br, struct net_bridge_port *port,
651 struct br_ip *group)
652{
653 struct net_bridge_mdb_htable *mdb;
654 struct net_bridge_mdb_entry *mp;
655 int hash;
656 int err;
657
658 mdb = rcu_dereference_protected(br->mdb, 1);
659 if (!mdb) {
660 err = br_mdb_rehash(&br->mdb, BR_HASH_SIZE, 0);
661 if (err)
662 return ERR_PTR(err);
663 goto rehash;
664 }
665
666 hash = br_ip_hash(mdb, group);
667 mp = br_multicast_get_group(br, port, group, hash);
668 switch (PTR_ERR(mp)) {
669 case 0:
670 break;
671
672 case -EAGAIN:
673rehash:
674 mdb = rcu_dereference_protected(br->mdb, 1);
675 hash = br_ip_hash(mdb, group);
676 break;
677
678 default:
679 goto out;
680 }
681
682 mp = kzalloc(sizeof(*mp), GFP_ATOMIC);
683 if (unlikely(!mp))
684 return ERR_PTR(-ENOMEM);
685
686 mp->br = br;
687 mp->addr = *group;
688 setup_timer(&mp->timer, br_multicast_group_expired,
689 (unsigned long)mp);
690 setup_timer(&mp->query_timer, br_multicast_group_query_expired,
691 (unsigned long)mp);
692
693 hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]);
694 mdb->size++;
695
696out:
697 return mp;
698}
699
700static int br_multicast_add_group(struct net_bridge *br,
701 struct net_bridge_port *port,
702 struct br_ip *group)
703{
704 struct net_bridge_mdb_entry *mp;
705 struct net_bridge_port_group *p;
706 struct net_bridge_port_group __rcu **pp;
707 unsigned long now = jiffies;
708 int err;
709
710 spin_lock(&br->multicast_lock);
711 if (!netif_running(br->dev) ||
712 (port && port->state == BR_STATE_DISABLED))
713 goto out;
714
715 mp = br_multicast_new_group(br, port, group);
716 err = PTR_ERR(mp);
717 if (IS_ERR(mp))
718 goto err;
719
720 if (!port) {
721 mp->mglist = true;
722 mod_timer(&mp->timer, now + br->multicast_membership_interval);
723 goto out;
724 }
725
726 for (pp = &mp->ports;
727 (p = mlock_dereference(*pp, br)) != NULL;
728 pp = &p->next) {
729 if (p->port == port)
730 goto found;
731 if ((unsigned long)p->port < (unsigned long)port)
732 break;
733 }
734
735 p = kzalloc(sizeof(*p), GFP_ATOMIC);
736 err = -ENOMEM;
737 if (unlikely(!p))
738 goto err;
739
740 p->addr = *group;
741 p->port = port;
742 p->next = *pp;
743 hlist_add_head(&p->mglist, &port->mglist);
744 setup_timer(&p->timer, br_multicast_port_group_expired,
745 (unsigned long)p);
746 setup_timer(&p->query_timer, br_multicast_port_group_query_expired,
747 (unsigned long)p);
748
749 rcu_assign_pointer(*pp, p);
750
751found:
752 mod_timer(&p->timer, now + br->multicast_membership_interval);
753out:
754 err = 0;
755
756err:
757 spin_unlock(&br->multicast_lock);
758 return err;
759}
760
761static int br_ip4_multicast_add_group(struct net_bridge *br,
762 struct net_bridge_port *port,
763 __be32 group)
764{
765 struct br_ip br_group;
766
767 if (ipv4_is_local_multicast(group))
768 return 0;
769
770 br_group.u.ip4 = group;
771 br_group.proto = htons(ETH_P_IP);
772
773 return br_multicast_add_group(br, port, &br_group);
774}
775
776#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
777static int br_ip6_multicast_add_group(struct net_bridge *br,
778 struct net_bridge_port *port,
779 const struct in6_addr *group)
780{
781 struct br_ip br_group;
782
783 if (!ipv6_is_transient_multicast(group))
784 return 0;
785
786 ipv6_addr_copy(&br_group.u.ip6, group);
787 br_group.proto = htons(ETH_P_IPV6);
788
789 return br_multicast_add_group(br, port, &br_group);
790}
791#endif
792
793static void br_multicast_router_expired(unsigned long data)
794{
795 struct net_bridge_port *port = (void *)data;
796 struct net_bridge *br = port->br;
797
798 spin_lock(&br->multicast_lock);
799 if (port->multicast_router != 1 ||
800 timer_pending(&port->multicast_router_timer) ||
801 hlist_unhashed(&port->rlist))
802 goto out;
803
804 hlist_del_init_rcu(&port->rlist);
805
806out:
807 spin_unlock(&br->multicast_lock);
808}
809
810static void br_multicast_local_router_expired(unsigned long data)
811{
812}
813
814static void __br_multicast_send_query(struct net_bridge *br,
815 struct net_bridge_port *port,
816 struct br_ip *ip)
817{
818 struct sk_buff *skb;
819
820 skb = br_multicast_alloc_query(br, ip);
821 if (!skb)
822 return;
823
824 if (port) {
825 __skb_push(skb, sizeof(struct ethhdr));
826 skb->dev = port->dev;
827 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
828 dev_queue_xmit);
829 } else
830 netif_rx(skb);
831}
832
833static void br_multicast_send_query(struct net_bridge *br,
834 struct net_bridge_port *port, u32 sent)
835{
836 unsigned long time;
837 struct br_ip br_group;
838
839 if (!netif_running(br->dev) || br->multicast_disabled ||
840 timer_pending(&br->multicast_querier_timer))
841 return;
842
843 memset(&br_group.u, 0, sizeof(br_group.u));
844
845 br_group.proto = htons(ETH_P_IP);
846 __br_multicast_send_query(br, port, &br_group);
847
848#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
849 br_group.proto = htons(ETH_P_IPV6);
850 __br_multicast_send_query(br, port, &br_group);
851#endif
852
853 time = jiffies;
854 time += sent < br->multicast_startup_query_count ?
855 br->multicast_startup_query_interval :
856 br->multicast_query_interval;
857 mod_timer(port ? &port->multicast_query_timer :
858 &br->multicast_query_timer, time);
859}
860
861static void br_multicast_port_query_expired(unsigned long data)
862{
863 struct net_bridge_port *port = (void *)data;
864 struct net_bridge *br = port->br;
865
866 spin_lock(&br->multicast_lock);
867 if (port->state == BR_STATE_DISABLED ||
868 port->state == BR_STATE_BLOCKING)
869 goto out;
870
871 if (port->multicast_startup_queries_sent <
872 br->multicast_startup_query_count)
873 port->multicast_startup_queries_sent++;
874
875 br_multicast_send_query(port->br, port,
876 port->multicast_startup_queries_sent);
877
878out:
879 spin_unlock(&br->multicast_lock);
880}
881
882void br_multicast_add_port(struct net_bridge_port *port)
883{
884 port->multicast_router = 1;
885
886 setup_timer(&port->multicast_router_timer, br_multicast_router_expired,
887 (unsigned long)port);
888 setup_timer(&port->multicast_query_timer,
889 br_multicast_port_query_expired, (unsigned long)port);
890}
891
892void br_multicast_del_port(struct net_bridge_port *port)
893{
894 del_timer_sync(&port->multicast_router_timer);
895}
896
897static void __br_multicast_enable_port(struct net_bridge_port *port)
898{
899 port->multicast_startup_queries_sent = 0;
900
901 if (try_to_del_timer_sync(&port->multicast_query_timer) >= 0 ||
902 del_timer(&port->multicast_query_timer))
903 mod_timer(&port->multicast_query_timer, jiffies);
904}
905
906void br_multicast_enable_port(struct net_bridge_port *port)
907{
908 struct net_bridge *br = port->br;
909
910 spin_lock(&br->multicast_lock);
911 if (br->multicast_disabled || !netif_running(br->dev))
912 goto out;
913
914 __br_multicast_enable_port(port);
915
916out:
917 spin_unlock(&br->multicast_lock);
918}
919
920void br_multicast_disable_port(struct net_bridge_port *port)
921{
922 struct net_bridge *br = port->br;
923 struct net_bridge_port_group *pg;
924 struct hlist_node *p, *n;
925
926 spin_lock(&br->multicast_lock);
927 hlist_for_each_entry_safe(pg, p, n, &port->mglist, mglist)
928 br_multicast_del_pg(br, pg);
929
930 if (!hlist_unhashed(&port->rlist))
931 hlist_del_init_rcu(&port->rlist);
932 del_timer(&port->multicast_router_timer);
933 del_timer(&port->multicast_query_timer);
934 spin_unlock(&br->multicast_lock);
935}
936
937static int br_ip4_multicast_igmp3_report(struct net_bridge *br,
938 struct net_bridge_port *port,
939 struct sk_buff *skb)
940{
941 struct igmpv3_report *ih;
942 struct igmpv3_grec *grec;
943 int i;
944 int len;
945 int num;
946 int type;
947 int err = 0;
948 __be32 group;
949
950 if (!pskb_may_pull(skb, sizeof(*ih)))
951 return -EINVAL;
952
953 ih = igmpv3_report_hdr(skb);
954 num = ntohs(ih->ngrec);
955 len = sizeof(*ih);
956
957 for (i = 0; i < num; i++) {
958 len += sizeof(*grec);
959 if (!pskb_may_pull(skb, len))
960 return -EINVAL;
961
962 grec = (void *)(skb->data + len - sizeof(*grec));
963 group = grec->grec_mca;
964 type = grec->grec_type;
965
966 len += ntohs(grec->grec_nsrcs) * 4;
967 if (!pskb_may_pull(skb, len))
968 return -EINVAL;
969
970 /* We treat this as an IGMPv2 report for now. */
971 switch (type) {
972 case IGMPV3_MODE_IS_INCLUDE:
973 case IGMPV3_MODE_IS_EXCLUDE:
974 case IGMPV3_CHANGE_TO_INCLUDE:
975 case IGMPV3_CHANGE_TO_EXCLUDE:
976 case IGMPV3_ALLOW_NEW_SOURCES:
977 case IGMPV3_BLOCK_OLD_SOURCES:
978 break;
979
980 default:
981 continue;
982 }
983
984 err = br_ip4_multicast_add_group(br, port, group);
985 if (err)
986 break;
987 }
988
989 return err;
990}
991
992#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
993static int br_ip6_multicast_mld2_report(struct net_bridge *br,
994 struct net_bridge_port *port,
995 struct sk_buff *skb)
996{
997 struct icmp6hdr *icmp6h;
998 struct mld2_grec *grec;
999 int i;
1000 int len;
1001 int num;
1002 int err = 0;
1003
1004 if (!pskb_may_pull(skb, sizeof(*icmp6h)))
1005 return -EINVAL;
1006
1007 icmp6h = icmp6_hdr(skb);
1008 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]);
1009 len = sizeof(*icmp6h);
1010
1011 for (i = 0; i < num; i++) {
1012 __be16 *nsrcs, _nsrcs;
1013
1014 nsrcs = skb_header_pointer(skb,
1015 len + offsetof(struct mld2_grec,
1016 grec_nsrcs),
1017 sizeof(_nsrcs), &_nsrcs);
1018 if (!nsrcs)
1019 return -EINVAL;
1020
1021 if (!pskb_may_pull(skb,
1022 len + sizeof(*grec) +
1023 sizeof(struct in6_addr) * ntohs(*nsrcs)))
1024 return -EINVAL;
1025
1026 grec = (struct mld2_grec *)(skb->data + len);
1027 len += sizeof(*grec) +
1028 sizeof(struct in6_addr) * ntohs(*nsrcs);
1029
1030 /* We treat these as MLDv1 reports for now. */
1031 switch (grec->grec_type) {
1032 case MLD2_MODE_IS_INCLUDE:
1033 case MLD2_MODE_IS_EXCLUDE:
1034 case MLD2_CHANGE_TO_INCLUDE:
1035 case MLD2_CHANGE_TO_EXCLUDE:
1036 case MLD2_ALLOW_NEW_SOURCES:
1037 case MLD2_BLOCK_OLD_SOURCES:
1038 break;
1039
1040 default:
1041 continue;
1042 }
1043
1044 err = br_ip6_multicast_add_group(br, port, &grec->grec_mca);
1045 if (!err)
1046 break;
1047 }
1048
1049 return err;
1050}
1051#endif
1052
1053/*
1054 * Add port to rotuer_list
1055 * list is maintained ordered by pointer value
1056 * and locked by br->multicast_lock and RCU
1057 */
1058static void br_multicast_add_router(struct net_bridge *br,
1059 struct net_bridge_port *port)
1060{
1061 struct net_bridge_port *p;
1062 struct hlist_node *n, *slot = NULL;
1063
1064 hlist_for_each_entry(p, n, &br->router_list, rlist) {
1065 if ((unsigned long) port >= (unsigned long) p)
1066 break;
1067 slot = n;
1068 }
1069
1070 if (slot)
1071 hlist_add_after_rcu(slot, &port->rlist);
1072 else
1073 hlist_add_head_rcu(&port->rlist, &br->router_list);
1074}
1075
1076static void br_multicast_mark_router(struct net_bridge *br,
1077 struct net_bridge_port *port)
1078{
1079 unsigned long now = jiffies;
1080
1081 if (!port) {
1082 if (br->multicast_router == 1)
1083 mod_timer(&br->multicast_router_timer,
1084 now + br->multicast_querier_interval);
1085 return;
1086 }
1087
1088 if (port->multicast_router != 1)
1089 return;
1090
1091 if (!hlist_unhashed(&port->rlist))
1092 goto timer;
1093
1094 br_multicast_add_router(br, port);
1095
1096timer:
1097 mod_timer(&port->multicast_router_timer,
1098 now + br->multicast_querier_interval);
1099}
1100
1101static void br_multicast_query_received(struct net_bridge *br,
1102 struct net_bridge_port *port,
1103 int saddr)
1104{
1105 if (saddr)
1106 mod_timer(&br->multicast_querier_timer,
1107 jiffies + br->multicast_querier_interval);
1108 else if (timer_pending(&br->multicast_querier_timer))
1109 return;
1110
1111 br_multicast_mark_router(br, port);
1112}
1113
1114static int br_ip4_multicast_query(struct net_bridge *br,
1115 struct net_bridge_port *port,
1116 struct sk_buff *skb)
1117{
1118 const struct iphdr *iph = ip_hdr(skb);
1119 struct igmphdr *ih = igmp_hdr(skb);
1120 struct net_bridge_mdb_entry *mp;
1121 struct igmpv3_query *ih3;
1122 struct net_bridge_port_group *p;
1123 struct net_bridge_port_group __rcu **pp;
1124 unsigned long max_delay;
1125 unsigned long now = jiffies;
1126 __be32 group;
1127 int err = 0;
1128
1129 spin_lock(&br->multicast_lock);
1130 if (!netif_running(br->dev) ||
1131 (port && port->state == BR_STATE_DISABLED))
1132 goto out;
1133
1134 br_multicast_query_received(br, port, !!iph->saddr);
1135
1136 group = ih->group;
1137
1138 if (skb->len == sizeof(*ih)) {
1139 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE);
1140
1141 if (!max_delay) {
1142 max_delay = 10 * HZ;
1143 group = 0;
1144 }
1145 } else {
1146 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) {
1147 err = -EINVAL;
1148 goto out;
1149 }
1150
1151 ih3 = igmpv3_query_hdr(skb);
1152 if (ih3->nsrcs)
1153 goto out;
1154
1155 max_delay = ih3->code ?
1156 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1;
1157 }
1158
1159 if (!group)
1160 goto out;
1161
1162 mp = br_mdb_ip4_get(mlock_dereference(br->mdb, br), group);
1163 if (!mp)
1164 goto out;
1165
1166 max_delay *= br->multicast_last_member_count;
1167
1168 if (mp->mglist &&
1169 (timer_pending(&mp->timer) ?
1170 time_after(mp->timer.expires, now + max_delay) :
1171 try_to_del_timer_sync(&mp->timer) >= 0))
1172 mod_timer(&mp->timer, now + max_delay);
1173
1174 for (pp = &mp->ports;
1175 (p = mlock_dereference(*pp, br)) != NULL;
1176 pp = &p->next) {
1177 if (timer_pending(&p->timer) ?
1178 time_after(p->timer.expires, now + max_delay) :
1179 try_to_del_timer_sync(&p->timer) >= 0)
1180 mod_timer(&p->timer, now + max_delay);
1181 }
1182
1183out:
1184 spin_unlock(&br->multicast_lock);
1185 return err;
1186}
1187
1188#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1189static int br_ip6_multicast_query(struct net_bridge *br,
1190 struct net_bridge_port *port,
1191 struct sk_buff *skb)
1192{
1193 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
1194 struct mld_msg *mld = (struct mld_msg *) icmp6_hdr(skb);
1195 struct net_bridge_mdb_entry *mp;
1196 struct mld2_query *mld2q;
1197 struct net_bridge_port_group *p;
1198 struct net_bridge_port_group __rcu **pp;
1199 unsigned long max_delay;
1200 unsigned long now = jiffies;
1201 const struct in6_addr *group = NULL;
1202 int err = 0;
1203
1204 spin_lock(&br->multicast_lock);
1205 if (!netif_running(br->dev) ||
1206 (port && port->state == BR_STATE_DISABLED))
1207 goto out;
1208
1209 br_multicast_query_received(br, port, !ipv6_addr_any(&ip6h->saddr));
1210
1211 if (skb->len == sizeof(*mld)) {
1212 if (!pskb_may_pull(skb, sizeof(*mld))) {
1213 err = -EINVAL;
1214 goto out;
1215 }
1216 mld = (struct mld_msg *) icmp6_hdr(skb);
1217 max_delay = msecs_to_jiffies(htons(mld->mld_maxdelay));
1218 if (max_delay)
1219 group = &mld->mld_mca;
1220 } else if (skb->len >= sizeof(*mld2q)) {
1221 if (!pskb_may_pull(skb, sizeof(*mld2q))) {
1222 err = -EINVAL;
1223 goto out;
1224 }
1225 mld2q = (struct mld2_query *)icmp6_hdr(skb);
1226 if (!mld2q->mld2q_nsrcs)
1227 group = &mld2q->mld2q_mca;
1228 max_delay = mld2q->mld2q_mrc ? MLDV2_MRC(mld2q->mld2q_mrc) : 1;
1229 }
1230
1231 if (!group)
1232 goto out;
1233
1234 mp = br_mdb_ip6_get(mlock_dereference(br->mdb, br), group);
1235 if (!mp)
1236 goto out;
1237
1238 max_delay *= br->multicast_last_member_count;
1239 if (mp->mglist &&
1240 (timer_pending(&mp->timer) ?
1241 time_after(mp->timer.expires, now + max_delay) :
1242 try_to_del_timer_sync(&mp->timer) >= 0))
1243 mod_timer(&mp->timer, now + max_delay);
1244
1245 for (pp = &mp->ports;
1246 (p = mlock_dereference(*pp, br)) != NULL;
1247 pp = &p->next) {
1248 if (timer_pending(&p->timer) ?
1249 time_after(p->timer.expires, now + max_delay) :
1250 try_to_del_timer_sync(&p->timer) >= 0)
1251 mod_timer(&p->timer, now + max_delay);
1252 }
1253
1254out:
1255 spin_unlock(&br->multicast_lock);
1256 return err;
1257}
1258#endif
1259
1260static void br_multicast_leave_group(struct net_bridge *br,
1261 struct net_bridge_port *port,
1262 struct br_ip *group)
1263{
1264 struct net_bridge_mdb_htable *mdb;
1265 struct net_bridge_mdb_entry *mp;
1266 struct net_bridge_port_group *p;
1267 unsigned long now;
1268 unsigned long time;
1269
1270 spin_lock(&br->multicast_lock);
1271 if (!netif_running(br->dev) ||
1272 (port && port->state == BR_STATE_DISABLED) ||
1273 timer_pending(&br->multicast_querier_timer))
1274 goto out;
1275
1276 mdb = mlock_dereference(br->mdb, br);
1277 mp = br_mdb_ip_get(mdb, group);
1278 if (!mp)
1279 goto out;
1280
1281 now = jiffies;
1282 time = now + br->multicast_last_member_count *
1283 br->multicast_last_member_interval;
1284
1285 if (!port) {
1286 if (mp->mglist &&
1287 (timer_pending(&mp->timer) ?
1288 time_after(mp->timer.expires, time) :
1289 try_to_del_timer_sync(&mp->timer) >= 0)) {
1290 mod_timer(&mp->timer, time);
1291
1292 mp->queries_sent = 0;
1293 mod_timer(&mp->query_timer, now);
1294 }
1295
1296 goto out;
1297 }
1298
1299 for (p = mlock_dereference(mp->ports, br);
1300 p != NULL;
1301 p = mlock_dereference(p->next, br)) {
1302 if (p->port != port)
1303 continue;
1304
1305 if (!hlist_unhashed(&p->mglist) &&
1306 (timer_pending(&p->timer) ?
1307 time_after(p->timer.expires, time) :
1308 try_to_del_timer_sync(&p->timer) >= 0)) {
1309 mod_timer(&p->timer, time);
1310
1311 p->queries_sent = 0;
1312 mod_timer(&p->query_timer, now);
1313 }
1314
1315 break;
1316 }
1317
1318out:
1319 spin_unlock(&br->multicast_lock);
1320}
1321
1322static void br_ip4_multicast_leave_group(struct net_bridge *br,
1323 struct net_bridge_port *port,
1324 __be32 group)
1325{
1326 struct br_ip br_group;
1327
1328 if (ipv4_is_local_multicast(group))
1329 return;
1330
1331 br_group.u.ip4 = group;
1332 br_group.proto = htons(ETH_P_IP);
1333
1334 br_multicast_leave_group(br, port, &br_group);
1335}
1336
1337#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1338static void br_ip6_multicast_leave_group(struct net_bridge *br,
1339 struct net_bridge_port *port,
1340 const struct in6_addr *group)
1341{
1342 struct br_ip br_group;
1343
1344 if (!ipv6_is_transient_multicast(group))
1345 return;
1346
1347 ipv6_addr_copy(&br_group.u.ip6, group);
1348 br_group.proto = htons(ETH_P_IPV6);
1349
1350 br_multicast_leave_group(br, port, &br_group);
1351}
1352#endif
1353
1354static int br_multicast_ipv4_rcv(struct net_bridge *br,
1355 struct net_bridge_port *port,
1356 struct sk_buff *skb)
1357{
1358 struct sk_buff *skb2 = skb;
1359 const struct iphdr *iph;
1360 struct igmphdr *ih;
1361 unsigned len;
1362 unsigned offset;
1363 int err;
1364
1365 /* We treat OOM as packet loss for now. */
1366 if (!pskb_may_pull(skb, sizeof(*iph)))
1367 return -EINVAL;
1368
1369 iph = ip_hdr(skb);
1370
1371 if (iph->ihl < 5 || iph->version != 4)
1372 return -EINVAL;
1373
1374 if (!pskb_may_pull(skb, ip_hdrlen(skb)))
1375 return -EINVAL;
1376
1377 iph = ip_hdr(skb);
1378
1379 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl)))
1380 return -EINVAL;
1381
1382 if (iph->protocol != IPPROTO_IGMP) {
1383 if ((iph->daddr & IGMP_LOCAL_GROUP_MASK) != IGMP_LOCAL_GROUP)
1384 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1385 return 0;
1386 }
1387
1388 len = ntohs(iph->tot_len);
1389 if (skb->len < len || len < ip_hdrlen(skb))
1390 return -EINVAL;
1391
1392 if (skb->len > len) {
1393 skb2 = skb_clone(skb, GFP_ATOMIC);
1394 if (!skb2)
1395 return -ENOMEM;
1396
1397 err = pskb_trim_rcsum(skb2, len);
1398 if (err)
1399 goto err_out;
1400 }
1401
1402 len -= ip_hdrlen(skb2);
1403 offset = skb_network_offset(skb2) + ip_hdrlen(skb2);
1404 __skb_pull(skb2, offset);
1405 skb_reset_transport_header(skb2);
1406
1407 err = -EINVAL;
1408 if (!pskb_may_pull(skb2, sizeof(*ih)))
1409 goto out;
1410
1411 switch (skb2->ip_summed) {
1412 case CHECKSUM_COMPLETE:
1413 if (!csum_fold(skb2->csum))
1414 break;
1415 /* fall through */
1416 case CHECKSUM_NONE:
1417 skb2->csum = 0;
1418 if (skb_checksum_complete(skb2))
1419 goto out;
1420 }
1421
1422 err = 0;
1423
1424 BR_INPUT_SKB_CB(skb)->igmp = 1;
1425 ih = igmp_hdr(skb2);
1426
1427 switch (ih->type) {
1428 case IGMP_HOST_MEMBERSHIP_REPORT:
1429 case IGMPV2_HOST_MEMBERSHIP_REPORT:
1430 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1431 err = br_ip4_multicast_add_group(br, port, ih->group);
1432 break;
1433 case IGMPV3_HOST_MEMBERSHIP_REPORT:
1434 err = br_ip4_multicast_igmp3_report(br, port, skb2);
1435 break;
1436 case IGMP_HOST_MEMBERSHIP_QUERY:
1437 err = br_ip4_multicast_query(br, port, skb2);
1438 break;
1439 case IGMP_HOST_LEAVE_MESSAGE:
1440 br_ip4_multicast_leave_group(br, port, ih->group);
1441 break;
1442 }
1443
1444out:
1445 __skb_push(skb2, offset);
1446err_out:
1447 if (skb2 != skb)
1448 kfree_skb(skb2);
1449 return err;
1450}
1451
1452#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1453static int br_multicast_ipv6_rcv(struct net_bridge *br,
1454 struct net_bridge_port *port,
1455 struct sk_buff *skb)
1456{
1457 struct sk_buff *skb2;
1458 const struct ipv6hdr *ip6h;
1459 u8 icmp6_type;
1460 u8 nexthdr;
1461 unsigned len;
1462 int offset;
1463 int err;
1464
1465 if (!pskb_may_pull(skb, sizeof(*ip6h)))
1466 return -EINVAL;
1467
1468 ip6h = ipv6_hdr(skb);
1469
1470 /*
1471 * We're interested in MLD messages only.
1472 * - Version is 6
1473 * - MLD has always Router Alert hop-by-hop option
1474 * - But we do not support jumbrograms.
1475 */
1476 if (ip6h->version != 6 ||
1477 ip6h->nexthdr != IPPROTO_HOPOPTS ||
1478 ip6h->payload_len == 0)
1479 return 0;
1480
1481 len = ntohs(ip6h->payload_len) + sizeof(*ip6h);
1482 if (skb->len < len)
1483 return -EINVAL;
1484
1485 nexthdr = ip6h->nexthdr;
1486 offset = ipv6_skip_exthdr(skb, sizeof(*ip6h), &nexthdr);
1487
1488 if (offset < 0 || nexthdr != IPPROTO_ICMPV6)
1489 return 0;
1490
1491 /* Okay, we found ICMPv6 header */
1492 skb2 = skb_clone(skb, GFP_ATOMIC);
1493 if (!skb2)
1494 return -ENOMEM;
1495
1496 err = -EINVAL;
1497 if (!pskb_may_pull(skb2, offset + sizeof(struct icmp6hdr)))
1498 goto out;
1499
1500 len -= offset - skb_network_offset(skb2);
1501
1502 __skb_pull(skb2, offset);
1503 skb_reset_transport_header(skb2);
1504
1505 icmp6_type = icmp6_hdr(skb2)->icmp6_type;
1506
1507 switch (icmp6_type) {
1508 case ICMPV6_MGM_QUERY:
1509 case ICMPV6_MGM_REPORT:
1510 case ICMPV6_MGM_REDUCTION:
1511 case ICMPV6_MLD2_REPORT:
1512 break;
1513 default:
1514 err = 0;
1515 goto out;
1516 }
1517
1518 /* Okay, we found MLD message. Check further. */
1519 if (skb2->len > len) {
1520 err = pskb_trim_rcsum(skb2, len);
1521 if (err)
1522 goto out;
1523 err = -EINVAL;
1524 }
1525
1526 ip6h = ipv6_hdr(skb2);
1527
1528 switch (skb2->ip_summed) {
1529 case CHECKSUM_COMPLETE:
1530 if (!csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, skb2->len,
1531 IPPROTO_ICMPV6, skb2->csum))
1532 break;
1533 /*FALLTHROUGH*/
1534 case CHECKSUM_NONE:
1535 skb2->csum = ~csum_unfold(csum_ipv6_magic(&ip6h->saddr,
1536 &ip6h->daddr,
1537 skb2->len,
1538 IPPROTO_ICMPV6, 0));
1539 if (__skb_checksum_complete(skb2))
1540 goto out;
1541 }
1542
1543 err = 0;
1544
1545 BR_INPUT_SKB_CB(skb)->igmp = 1;
1546
1547 switch (icmp6_type) {
1548 case ICMPV6_MGM_REPORT:
1549 {
1550 struct mld_msg *mld;
1551 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1552 err = -EINVAL;
1553 goto out;
1554 }
1555 mld = (struct mld_msg *)skb_transport_header(skb2);
1556 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1557 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca);
1558 break;
1559 }
1560 case ICMPV6_MLD2_REPORT:
1561 err = br_ip6_multicast_mld2_report(br, port, skb2);
1562 break;
1563 case ICMPV6_MGM_QUERY:
1564 err = br_ip6_multicast_query(br, port, skb2);
1565 break;
1566 case ICMPV6_MGM_REDUCTION:
1567 {
1568 struct mld_msg *mld;
1569 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1570 err = -EINVAL;
1571 goto out;
1572 }
1573 mld = (struct mld_msg *)skb_transport_header(skb2);
1574 br_ip6_multicast_leave_group(br, port, &mld->mld_mca);
1575 }
1576 }
1577
1578out:
1579 kfree_skb(skb2);
1580 return err;
1581}
1582#endif
1583
1584int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port,
1585 struct sk_buff *skb)
1586{
1587 BR_INPUT_SKB_CB(skb)->igmp = 0;
1588 BR_INPUT_SKB_CB(skb)->mrouters_only = 0;
1589
1590 if (br->multicast_disabled)
1591 return 0;
1592
1593 switch (skb->protocol) {
1594 case htons(ETH_P_IP):
1595 return br_multicast_ipv4_rcv(br, port, skb);
1596#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
1597 case htons(ETH_P_IPV6):
1598 return br_multicast_ipv6_rcv(br, port, skb);
1599#endif
1600 }
1601
1602 return 0;
1603}
1604
1605static void br_multicast_query_expired(unsigned long data)
1606{
1607 struct net_bridge *br = (void *)data;
1608
1609 spin_lock(&br->multicast_lock);
1610 if (br->multicast_startup_queries_sent <
1611 br->multicast_startup_query_count)
1612 br->multicast_startup_queries_sent++;
1613
1614 br_multicast_send_query(br, NULL, br->multicast_startup_queries_sent);
1615
1616 spin_unlock(&br->multicast_lock);
1617}
1618
1619void br_multicast_init(struct net_bridge *br)
1620{
1621 br->hash_elasticity = 4;
1622 br->hash_max = 512;
1623
1624 br->multicast_router = 1;
1625 br->multicast_last_member_count = 2;
1626 br->multicast_startup_query_count = 2;
1627
1628 br->multicast_last_member_interval = HZ;
1629 br->multicast_query_response_interval = 10 * HZ;
1630 br->multicast_startup_query_interval = 125 * HZ / 4;
1631 br->multicast_query_interval = 125 * HZ;
1632 br->multicast_querier_interval = 255 * HZ;
1633 br->multicast_membership_interval = 260 * HZ;
1634
1635 spin_lock_init(&br->multicast_lock);
1636 setup_timer(&br->multicast_router_timer,
1637 br_multicast_local_router_expired, 0);
1638 setup_timer(&br->multicast_querier_timer,
1639 br_multicast_local_router_expired, 0);
1640 setup_timer(&br->multicast_query_timer, br_multicast_query_expired,
1641 (unsigned long)br);
1642}
1643
1644void br_multicast_open(struct net_bridge *br)
1645{
1646 br->multicast_startup_queries_sent = 0;
1647
1648 if (br->multicast_disabled)
1649 return;
1650
1651 mod_timer(&br->multicast_query_timer, jiffies);
1652}
1653
1654void br_multicast_stop(struct net_bridge *br)
1655{
1656 struct net_bridge_mdb_htable *mdb;
1657 struct net_bridge_mdb_entry *mp;
1658 struct hlist_node *p, *n;
1659 u32 ver;
1660 int i;
1661
1662 del_timer_sync(&br->multicast_router_timer);
1663 del_timer_sync(&br->multicast_querier_timer);
1664 del_timer_sync(&br->multicast_query_timer);
1665
1666 spin_lock_bh(&br->multicast_lock);
1667 mdb = mlock_dereference(br->mdb, br);
1668 if (!mdb)
1669 goto out;
1670
1671 br->mdb = NULL;
1672
1673 ver = mdb->ver;
1674 for (i = 0; i < mdb->max; i++) {
1675 hlist_for_each_entry_safe(mp, p, n, &mdb->mhash[i],
1676 hlist[ver]) {
1677 del_timer(&mp->timer);
1678 del_timer(&mp->query_timer);
1679 call_rcu_bh(&mp->rcu, br_multicast_free_group);
1680 }
1681 }
1682
1683 if (mdb->old) {
1684 spin_unlock_bh(&br->multicast_lock);
1685 rcu_barrier_bh();
1686 spin_lock_bh(&br->multicast_lock);
1687 WARN_ON(mdb->old);
1688 }
1689
1690 mdb->old = mdb;
1691 call_rcu_bh(&mdb->rcu, br_mdb_free);
1692
1693out:
1694 spin_unlock_bh(&br->multicast_lock);
1695}
1696
1697int br_multicast_set_router(struct net_bridge *br, unsigned long val)
1698{
1699 int err = -ENOENT;
1700
1701 spin_lock_bh(&br->multicast_lock);
1702 if (!netif_running(br->dev))
1703 goto unlock;
1704
1705 switch (val) {
1706 case 0:
1707 case 2:
1708 del_timer(&br->multicast_router_timer);
1709 /* fall through */
1710 case 1:
1711 br->multicast_router = val;
1712 err = 0;
1713 break;
1714
1715 default:
1716 err = -EINVAL;
1717 break;
1718 }
1719
1720unlock:
1721 spin_unlock_bh(&br->multicast_lock);
1722
1723 return err;
1724}
1725
1726int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val)
1727{
1728 struct net_bridge *br = p->br;
1729 int err = -ENOENT;
1730
1731 spin_lock(&br->multicast_lock);
1732 if (!netif_running(br->dev) || p->state == BR_STATE_DISABLED)
1733 goto unlock;
1734
1735 switch (val) {
1736 case 0:
1737 case 1:
1738 case 2:
1739 p->multicast_router = val;
1740 err = 0;
1741
1742 if (val < 2 && !hlist_unhashed(&p->rlist))
1743 hlist_del_init_rcu(&p->rlist);
1744
1745 if (val == 1)
1746 break;
1747
1748 del_timer(&p->multicast_router_timer);
1749
1750 if (val == 0)
1751 break;
1752
1753 br_multicast_add_router(br, p);
1754 break;
1755
1756 default:
1757 err = -EINVAL;
1758 break;
1759 }
1760
1761unlock:
1762 spin_unlock(&br->multicast_lock);
1763
1764 return err;
1765}
1766
1767int br_multicast_toggle(struct net_bridge *br, unsigned long val)
1768{
1769 struct net_bridge_port *port;
1770 int err = 0;
1771 struct net_bridge_mdb_htable *mdb;
1772
1773 spin_lock(&br->multicast_lock);
1774 if (br->multicast_disabled == !val)
1775 goto unlock;
1776
1777 br->multicast_disabled = !val;
1778 if (br->multicast_disabled)
1779 goto unlock;
1780
1781 if (!netif_running(br->dev))
1782 goto unlock;
1783
1784 mdb = mlock_dereference(br->mdb, br);
1785 if (mdb) {
1786 if (mdb->old) {
1787 err = -EEXIST;
1788rollback:
1789 br->multicast_disabled = !!val;
1790 goto unlock;
1791 }
1792
1793 err = br_mdb_rehash(&br->mdb, mdb->max,
1794 br->hash_elasticity);
1795 if (err)
1796 goto rollback;
1797 }
1798
1799 br_multicast_open(br);
1800 list_for_each_entry(port, &br->port_list, list) {
1801 if (port->state == BR_STATE_DISABLED ||
1802 port->state == BR_STATE_BLOCKING)
1803 continue;
1804
1805 __br_multicast_enable_port(port);
1806 }
1807
1808unlock:
1809 spin_unlock(&br->multicast_lock);
1810
1811 return err;
1812}
1813
1814int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val)
1815{
1816 int err = -ENOENT;
1817 u32 old;
1818 struct net_bridge_mdb_htable *mdb;
1819
1820 spin_lock(&br->multicast_lock);
1821 if (!netif_running(br->dev))
1822 goto unlock;
1823
1824 err = -EINVAL;
1825 if (!is_power_of_2(val))
1826 goto unlock;
1827
1828 mdb = mlock_dereference(br->mdb, br);
1829 if (mdb && val < mdb->size)
1830 goto unlock;
1831
1832 err = 0;
1833
1834 old = br->hash_max;
1835 br->hash_max = val;
1836
1837 if (mdb) {
1838 if (mdb->old) {
1839 err = -EEXIST;
1840rollback:
1841 br->hash_max = old;
1842 goto unlock;
1843 }
1844
1845 err = br_mdb_rehash(&br->mdb, br->hash_max,
1846 br->hash_elasticity);
1847 if (err)
1848 goto rollback;
1849 }
1850
1851unlock:
1852 spin_unlock(&br->multicast_lock);
1853
1854 return err;
1855}
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Bridge multicast support.
4 *
5 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au>
6 */
7
8#include <linux/err.h>
9#include <linux/export.h>
10#include <linux/if_ether.h>
11#include <linux/igmp.h>
12#include <linux/in.h>
13#include <linux/jhash.h>
14#include <linux/kernel.h>
15#include <linux/log2.h>
16#include <linux/netdevice.h>
17#include <linux/netfilter_bridge.h>
18#include <linux/random.h>
19#include <linux/rculist.h>
20#include <linux/skbuff.h>
21#include <linux/slab.h>
22#include <linux/timer.h>
23#include <linux/inetdevice.h>
24#include <linux/mroute.h>
25#include <net/ip.h>
26#include <net/switchdev.h>
27#if IS_ENABLED(CONFIG_IPV6)
28#include <linux/icmpv6.h>
29#include <net/ipv6.h>
30#include <net/mld.h>
31#include <net/ip6_checksum.h>
32#include <net/addrconf.h>
33#endif
34#include <trace/events/bridge.h>
35
36#include "br_private.h"
37#include "br_private_mcast_eht.h"
38
39static const struct rhashtable_params br_mdb_rht_params = {
40 .head_offset = offsetof(struct net_bridge_mdb_entry, rhnode),
41 .key_offset = offsetof(struct net_bridge_mdb_entry, addr),
42 .key_len = sizeof(struct br_ip),
43 .automatic_shrinking = true,
44};
45
46static const struct rhashtable_params br_sg_port_rht_params = {
47 .head_offset = offsetof(struct net_bridge_port_group, rhnode),
48 .key_offset = offsetof(struct net_bridge_port_group, key),
49 .key_len = sizeof(struct net_bridge_port_group_sg_key),
50 .automatic_shrinking = true,
51};
52
53static void br_multicast_start_querier(struct net_bridge_mcast *brmctx,
54 struct bridge_mcast_own_query *query);
55static void br_ip4_multicast_add_router(struct net_bridge_mcast *brmctx,
56 struct net_bridge_mcast_port *pmctx);
57static void br_ip4_multicast_leave_group(struct net_bridge_mcast *brmctx,
58 struct net_bridge_mcast_port *pmctx,
59 __be32 group,
60 __u16 vid,
61 const unsigned char *src);
62static void br_multicast_port_group_rexmit(struct timer_list *t);
63
64static void
65br_multicast_rport_del_notify(struct net_bridge_mcast_port *pmctx, bool deleted);
66static void br_ip6_multicast_add_router(struct net_bridge_mcast *brmctx,
67 struct net_bridge_mcast_port *pmctx);
68#if IS_ENABLED(CONFIG_IPV6)
69static void br_ip6_multicast_leave_group(struct net_bridge_mcast *brmctx,
70 struct net_bridge_mcast_port *pmctx,
71 const struct in6_addr *group,
72 __u16 vid, const unsigned char *src);
73#endif
74static struct net_bridge_port_group *
75__br_multicast_add_group(struct net_bridge_mcast *brmctx,
76 struct net_bridge_mcast_port *pmctx,
77 struct br_ip *group,
78 const unsigned char *src,
79 u8 filter_mode,
80 bool igmpv2_mldv1,
81 bool blocked);
82static void br_multicast_find_del_pg(struct net_bridge *br,
83 struct net_bridge_port_group *pg);
84static void __br_multicast_stop(struct net_bridge_mcast *brmctx);
85
86static int br_mc_disabled_update(struct net_device *dev, bool value,
87 struct netlink_ext_ack *extack);
88
89static struct net_bridge_port_group *
90br_sg_port_find(struct net_bridge *br,
91 struct net_bridge_port_group_sg_key *sg_p)
92{
93 lockdep_assert_held_once(&br->multicast_lock);
94
95 return rhashtable_lookup_fast(&br->sg_port_tbl, sg_p,
96 br_sg_port_rht_params);
97}
98
99static struct net_bridge_mdb_entry *br_mdb_ip_get_rcu(struct net_bridge *br,
100 struct br_ip *dst)
101{
102 return rhashtable_lookup(&br->mdb_hash_tbl, dst, br_mdb_rht_params);
103}
104
105struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge *br,
106 struct br_ip *dst)
107{
108 struct net_bridge_mdb_entry *ent;
109
110 lockdep_assert_held_once(&br->multicast_lock);
111
112 rcu_read_lock();
113 ent = rhashtable_lookup(&br->mdb_hash_tbl, dst, br_mdb_rht_params);
114 rcu_read_unlock();
115
116 return ent;
117}
118
119static struct net_bridge_mdb_entry *br_mdb_ip4_get(struct net_bridge *br,
120 __be32 dst, __u16 vid)
121{
122 struct br_ip br_dst;
123
124 memset(&br_dst, 0, sizeof(br_dst));
125 br_dst.dst.ip4 = dst;
126 br_dst.proto = htons(ETH_P_IP);
127 br_dst.vid = vid;
128
129 return br_mdb_ip_get(br, &br_dst);
130}
131
132#if IS_ENABLED(CONFIG_IPV6)
133static struct net_bridge_mdb_entry *br_mdb_ip6_get(struct net_bridge *br,
134 const struct in6_addr *dst,
135 __u16 vid)
136{
137 struct br_ip br_dst;
138
139 memset(&br_dst, 0, sizeof(br_dst));
140 br_dst.dst.ip6 = *dst;
141 br_dst.proto = htons(ETH_P_IPV6);
142 br_dst.vid = vid;
143
144 return br_mdb_ip_get(br, &br_dst);
145}
146#endif
147
148struct net_bridge_mdb_entry *
149br_mdb_entry_skb_get(struct net_bridge_mcast *brmctx, struct sk_buff *skb,
150 u16 vid)
151{
152 struct net_bridge *br = brmctx->br;
153 struct br_ip ip;
154
155 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED) ||
156 br_multicast_ctx_vlan_global_disabled(brmctx))
157 return NULL;
158
159 if (BR_INPUT_SKB_CB(skb)->igmp)
160 return NULL;
161
162 memset(&ip, 0, sizeof(ip));
163 ip.proto = skb->protocol;
164 ip.vid = vid;
165
166 switch (skb->protocol) {
167 case htons(ETH_P_IP):
168 ip.dst.ip4 = ip_hdr(skb)->daddr;
169 if (brmctx->multicast_igmp_version == 3) {
170 struct net_bridge_mdb_entry *mdb;
171
172 ip.src.ip4 = ip_hdr(skb)->saddr;
173 mdb = br_mdb_ip_get_rcu(br, &ip);
174 if (mdb)
175 return mdb;
176 ip.src.ip4 = 0;
177 }
178 break;
179#if IS_ENABLED(CONFIG_IPV6)
180 case htons(ETH_P_IPV6):
181 ip.dst.ip6 = ipv6_hdr(skb)->daddr;
182 if (brmctx->multicast_mld_version == 2) {
183 struct net_bridge_mdb_entry *mdb;
184
185 ip.src.ip6 = ipv6_hdr(skb)->saddr;
186 mdb = br_mdb_ip_get_rcu(br, &ip);
187 if (mdb)
188 return mdb;
189 memset(&ip.src.ip6, 0, sizeof(ip.src.ip6));
190 }
191 break;
192#endif
193 default:
194 ip.proto = 0;
195 ether_addr_copy(ip.dst.mac_addr, eth_hdr(skb)->h_dest);
196 }
197
198 return br_mdb_ip_get_rcu(br, &ip);
199}
200
201/* IMPORTANT: this function must be used only when the contexts cannot be
202 * passed down (e.g. timer) and must be used for read-only purposes because
203 * the vlan snooping option can change, so it can return any context
204 * (non-vlan or vlan). Its initial intended purpose is to read timer values
205 * from the *current* context based on the option. At worst that could lead
206 * to inconsistent timers when the contexts are changed, i.e. src timer
207 * which needs to re-arm with a specific delay taken from the old context
208 */
209static struct net_bridge_mcast_port *
210br_multicast_pg_to_port_ctx(const struct net_bridge_port_group *pg)
211{
212 struct net_bridge_mcast_port *pmctx = &pg->key.port->multicast_ctx;
213 struct net_bridge_vlan *vlan;
214
215 lockdep_assert_held_once(&pg->key.port->br->multicast_lock);
216
217 /* if vlan snooping is disabled use the port's multicast context */
218 if (!pg->key.addr.vid ||
219 !br_opt_get(pg->key.port->br, BROPT_MCAST_VLAN_SNOOPING_ENABLED))
220 goto out;
221
222 /* locking is tricky here, due to different rules for multicast and
223 * vlans we need to take rcu to find the vlan and make sure it has
224 * the BR_VLFLAG_MCAST_ENABLED flag set, it can only change under
225 * multicast_lock which must be already held here, so the vlan's pmctx
226 * can safely be used on return
227 */
228 rcu_read_lock();
229 vlan = br_vlan_find(nbp_vlan_group_rcu(pg->key.port), pg->key.addr.vid);
230 if (vlan && !br_multicast_port_ctx_vlan_disabled(&vlan->port_mcast_ctx))
231 pmctx = &vlan->port_mcast_ctx;
232 else
233 pmctx = NULL;
234 rcu_read_unlock();
235out:
236 return pmctx;
237}
238
239static struct net_bridge_mcast_port *
240br_multicast_port_vid_to_port_ctx(struct net_bridge_port *port, u16 vid)
241{
242 struct net_bridge_mcast_port *pmctx = NULL;
243 struct net_bridge_vlan *vlan;
244
245 lockdep_assert_held_once(&port->br->multicast_lock);
246
247 if (!br_opt_get(port->br, BROPT_MCAST_VLAN_SNOOPING_ENABLED))
248 return NULL;
249
250 /* Take RCU to access the vlan. */
251 rcu_read_lock();
252
253 vlan = br_vlan_find(nbp_vlan_group_rcu(port), vid);
254 if (vlan && !br_multicast_port_ctx_vlan_disabled(&vlan->port_mcast_ctx))
255 pmctx = &vlan->port_mcast_ctx;
256
257 rcu_read_unlock();
258
259 return pmctx;
260}
261
262/* when snooping we need to check if the contexts should be used
263 * in the following order:
264 * - if pmctx is non-NULL (port), check if it should be used
265 * - if pmctx is NULL (bridge), check if brmctx should be used
266 */
267static bool
268br_multicast_ctx_should_use(const struct net_bridge_mcast *brmctx,
269 const struct net_bridge_mcast_port *pmctx)
270{
271 if (!netif_running(brmctx->br->dev))
272 return false;
273
274 if (pmctx)
275 return !br_multicast_port_ctx_state_disabled(pmctx);
276 else
277 return !br_multicast_ctx_vlan_disabled(brmctx);
278}
279
280static bool br_port_group_equal(struct net_bridge_port_group *p,
281 struct net_bridge_port *port,
282 const unsigned char *src)
283{
284 if (p->key.port != port)
285 return false;
286
287 if (!(port->flags & BR_MULTICAST_TO_UNICAST))
288 return true;
289
290 return ether_addr_equal(src, p->eth_addr);
291}
292
293static void __fwd_add_star_excl(struct net_bridge_mcast_port *pmctx,
294 struct net_bridge_port_group *pg,
295 struct br_ip *sg_ip)
296{
297 struct net_bridge_port_group_sg_key sg_key;
298 struct net_bridge_port_group *src_pg;
299 struct net_bridge_mcast *brmctx;
300
301 memset(&sg_key, 0, sizeof(sg_key));
302 brmctx = br_multicast_port_ctx_get_global(pmctx);
303 sg_key.port = pg->key.port;
304 sg_key.addr = *sg_ip;
305 if (br_sg_port_find(brmctx->br, &sg_key))
306 return;
307
308 src_pg = __br_multicast_add_group(brmctx, pmctx,
309 sg_ip, pg->eth_addr,
310 MCAST_INCLUDE, false, false);
311 if (IS_ERR_OR_NULL(src_pg) ||
312 src_pg->rt_protocol != RTPROT_KERNEL)
313 return;
314
315 src_pg->flags |= MDB_PG_FLAGS_STAR_EXCL;
316}
317
318static void __fwd_del_star_excl(struct net_bridge_port_group *pg,
319 struct br_ip *sg_ip)
320{
321 struct net_bridge_port_group_sg_key sg_key;
322 struct net_bridge *br = pg->key.port->br;
323 struct net_bridge_port_group *src_pg;
324
325 memset(&sg_key, 0, sizeof(sg_key));
326 sg_key.port = pg->key.port;
327 sg_key.addr = *sg_ip;
328 src_pg = br_sg_port_find(br, &sg_key);
329 if (!src_pg || !(src_pg->flags & MDB_PG_FLAGS_STAR_EXCL) ||
330 src_pg->rt_protocol != RTPROT_KERNEL)
331 return;
332
333 br_multicast_find_del_pg(br, src_pg);
334}
335
336/* When a port group transitions to (or is added as) EXCLUDE we need to add it
337 * to all other ports' S,G entries which are not blocked by the current group
338 * for proper replication, the assumption is that any S,G blocked entries
339 * are already added so the S,G,port lookup should skip them.
340 * When a port group transitions from EXCLUDE -> INCLUDE mode or is being
341 * deleted we need to remove it from all ports' S,G entries where it was
342 * automatically installed before (i.e. where it's MDB_PG_FLAGS_STAR_EXCL).
343 */
344void br_multicast_star_g_handle_mode(struct net_bridge_port_group *pg,
345 u8 filter_mode)
346{
347 struct net_bridge *br = pg->key.port->br;
348 struct net_bridge_port_group *pg_lst;
349 struct net_bridge_mcast_port *pmctx;
350 struct net_bridge_mdb_entry *mp;
351 struct br_ip sg_ip;
352
353 if (WARN_ON(!br_multicast_is_star_g(&pg->key.addr)))
354 return;
355
356 mp = br_mdb_ip_get(br, &pg->key.addr);
357 if (!mp)
358 return;
359 pmctx = br_multicast_pg_to_port_ctx(pg);
360 if (!pmctx)
361 return;
362
363 memset(&sg_ip, 0, sizeof(sg_ip));
364 sg_ip = pg->key.addr;
365
366 for (pg_lst = mlock_dereference(mp->ports, br);
367 pg_lst;
368 pg_lst = mlock_dereference(pg_lst->next, br)) {
369 struct net_bridge_group_src *src_ent;
370
371 if (pg_lst == pg)
372 continue;
373 hlist_for_each_entry(src_ent, &pg_lst->src_list, node) {
374 if (!(src_ent->flags & BR_SGRP_F_INSTALLED))
375 continue;
376 sg_ip.src = src_ent->addr.src;
377 switch (filter_mode) {
378 case MCAST_INCLUDE:
379 __fwd_del_star_excl(pg, &sg_ip);
380 break;
381 case MCAST_EXCLUDE:
382 __fwd_add_star_excl(pmctx, pg, &sg_ip);
383 break;
384 }
385 }
386 }
387}
388
389/* called when adding a new S,G with host_joined == false by default */
390static void br_multicast_sg_host_state(struct net_bridge_mdb_entry *star_mp,
391 struct net_bridge_port_group *sg)
392{
393 struct net_bridge_mdb_entry *sg_mp;
394
395 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr)))
396 return;
397 if (!star_mp->host_joined)
398 return;
399
400 sg_mp = br_mdb_ip_get(star_mp->br, &sg->key.addr);
401 if (!sg_mp)
402 return;
403 sg_mp->host_joined = true;
404}
405
406/* set the host_joined state of all of *,G's S,G entries */
407static void br_multicast_star_g_host_state(struct net_bridge_mdb_entry *star_mp)
408{
409 struct net_bridge *br = star_mp->br;
410 struct net_bridge_mdb_entry *sg_mp;
411 struct net_bridge_port_group *pg;
412 struct br_ip sg_ip;
413
414 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr)))
415 return;
416
417 memset(&sg_ip, 0, sizeof(sg_ip));
418 sg_ip = star_mp->addr;
419 for (pg = mlock_dereference(star_mp->ports, br);
420 pg;
421 pg = mlock_dereference(pg->next, br)) {
422 struct net_bridge_group_src *src_ent;
423
424 hlist_for_each_entry(src_ent, &pg->src_list, node) {
425 if (!(src_ent->flags & BR_SGRP_F_INSTALLED))
426 continue;
427 sg_ip.src = src_ent->addr.src;
428 sg_mp = br_mdb_ip_get(br, &sg_ip);
429 if (!sg_mp)
430 continue;
431 sg_mp->host_joined = star_mp->host_joined;
432 }
433 }
434}
435
436static void br_multicast_sg_del_exclude_ports(struct net_bridge_mdb_entry *sgmp)
437{
438 struct net_bridge_port_group __rcu **pp;
439 struct net_bridge_port_group *p;
440
441 /* *,G exclude ports are only added to S,G entries */
442 if (WARN_ON(br_multicast_is_star_g(&sgmp->addr)))
443 return;
444
445 /* we need the STAR_EXCLUDE ports if there are non-STAR_EXCLUDE ports
446 * we should ignore perm entries since they're managed by user-space
447 */
448 for (pp = &sgmp->ports;
449 (p = mlock_dereference(*pp, sgmp->br)) != NULL;
450 pp = &p->next)
451 if (!(p->flags & (MDB_PG_FLAGS_STAR_EXCL |
452 MDB_PG_FLAGS_PERMANENT)))
453 return;
454
455 /* currently the host can only have joined the *,G which means
456 * we treat it as EXCLUDE {}, so for an S,G it's considered a
457 * STAR_EXCLUDE entry and we can safely leave it
458 */
459 sgmp->host_joined = false;
460
461 for (pp = &sgmp->ports;
462 (p = mlock_dereference(*pp, sgmp->br)) != NULL;) {
463 if (!(p->flags & MDB_PG_FLAGS_PERMANENT))
464 br_multicast_del_pg(sgmp, p, pp);
465 else
466 pp = &p->next;
467 }
468}
469
470void br_multicast_sg_add_exclude_ports(struct net_bridge_mdb_entry *star_mp,
471 struct net_bridge_port_group *sg)
472{
473 struct net_bridge_port_group_sg_key sg_key;
474 struct net_bridge *br = star_mp->br;
475 struct net_bridge_mcast_port *pmctx;
476 struct net_bridge_port_group *pg;
477 struct net_bridge_mcast *brmctx;
478
479 if (WARN_ON(br_multicast_is_star_g(&sg->key.addr)))
480 return;
481 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr)))
482 return;
483
484 br_multicast_sg_host_state(star_mp, sg);
485 memset(&sg_key, 0, sizeof(sg_key));
486 sg_key.addr = sg->key.addr;
487 /* we need to add all exclude ports to the S,G */
488 for (pg = mlock_dereference(star_mp->ports, br);
489 pg;
490 pg = mlock_dereference(pg->next, br)) {
491 struct net_bridge_port_group *src_pg;
492
493 if (pg == sg || pg->filter_mode == MCAST_INCLUDE)
494 continue;
495
496 sg_key.port = pg->key.port;
497 if (br_sg_port_find(br, &sg_key))
498 continue;
499
500 pmctx = br_multicast_pg_to_port_ctx(pg);
501 if (!pmctx)
502 continue;
503 brmctx = br_multicast_port_ctx_get_global(pmctx);
504
505 src_pg = __br_multicast_add_group(brmctx, pmctx,
506 &sg->key.addr,
507 sg->eth_addr,
508 MCAST_INCLUDE, false, false);
509 if (IS_ERR_OR_NULL(src_pg) ||
510 src_pg->rt_protocol != RTPROT_KERNEL)
511 continue;
512 src_pg->flags |= MDB_PG_FLAGS_STAR_EXCL;
513 }
514}
515
516static void br_multicast_fwd_src_add(struct net_bridge_group_src *src)
517{
518 struct net_bridge_mdb_entry *star_mp;
519 struct net_bridge_mcast_port *pmctx;
520 struct net_bridge_port_group *sg;
521 struct net_bridge_mcast *brmctx;
522 struct br_ip sg_ip;
523
524 if (src->flags & BR_SGRP_F_INSTALLED)
525 return;
526
527 memset(&sg_ip, 0, sizeof(sg_ip));
528 pmctx = br_multicast_pg_to_port_ctx(src->pg);
529 if (!pmctx)
530 return;
531 brmctx = br_multicast_port_ctx_get_global(pmctx);
532 sg_ip = src->pg->key.addr;
533 sg_ip.src = src->addr.src;
534
535 sg = __br_multicast_add_group(brmctx, pmctx, &sg_ip,
536 src->pg->eth_addr, MCAST_INCLUDE, false,
537 !timer_pending(&src->timer));
538 if (IS_ERR_OR_NULL(sg))
539 return;
540 src->flags |= BR_SGRP_F_INSTALLED;
541 sg->flags &= ~MDB_PG_FLAGS_STAR_EXCL;
542
543 /* if it was added by user-space as perm we can skip next steps */
544 if (sg->rt_protocol != RTPROT_KERNEL &&
545 (sg->flags & MDB_PG_FLAGS_PERMANENT))
546 return;
547
548 /* the kernel is now responsible for removing this S,G */
549 del_timer(&sg->timer);
550 star_mp = br_mdb_ip_get(src->br, &src->pg->key.addr);
551 if (!star_mp)
552 return;
553
554 br_multicast_sg_add_exclude_ports(star_mp, sg);
555}
556
557static void br_multicast_fwd_src_remove(struct net_bridge_group_src *src,
558 bool fastleave)
559{
560 struct net_bridge_port_group *p, *pg = src->pg;
561 struct net_bridge_port_group __rcu **pp;
562 struct net_bridge_mdb_entry *mp;
563 struct br_ip sg_ip;
564
565 memset(&sg_ip, 0, sizeof(sg_ip));
566 sg_ip = pg->key.addr;
567 sg_ip.src = src->addr.src;
568
569 mp = br_mdb_ip_get(src->br, &sg_ip);
570 if (!mp)
571 return;
572
573 for (pp = &mp->ports;
574 (p = mlock_dereference(*pp, src->br)) != NULL;
575 pp = &p->next) {
576 if (!br_port_group_equal(p, pg->key.port, pg->eth_addr))
577 continue;
578
579 if (p->rt_protocol != RTPROT_KERNEL &&
580 (p->flags & MDB_PG_FLAGS_PERMANENT) &&
581 !(src->flags & BR_SGRP_F_USER_ADDED))
582 break;
583
584 if (fastleave)
585 p->flags |= MDB_PG_FLAGS_FAST_LEAVE;
586 br_multicast_del_pg(mp, p, pp);
587 break;
588 }
589 src->flags &= ~BR_SGRP_F_INSTALLED;
590}
591
592/* install S,G and based on src's timer enable or disable forwarding */
593static void br_multicast_fwd_src_handle(struct net_bridge_group_src *src)
594{
595 struct net_bridge_port_group_sg_key sg_key;
596 struct net_bridge_port_group *sg;
597 u8 old_flags;
598
599 br_multicast_fwd_src_add(src);
600
601 memset(&sg_key, 0, sizeof(sg_key));
602 sg_key.addr = src->pg->key.addr;
603 sg_key.addr.src = src->addr.src;
604 sg_key.port = src->pg->key.port;
605
606 sg = br_sg_port_find(src->br, &sg_key);
607 if (!sg || (sg->flags & MDB_PG_FLAGS_PERMANENT))
608 return;
609
610 old_flags = sg->flags;
611 if (timer_pending(&src->timer))
612 sg->flags &= ~MDB_PG_FLAGS_BLOCKED;
613 else
614 sg->flags |= MDB_PG_FLAGS_BLOCKED;
615
616 if (old_flags != sg->flags) {
617 struct net_bridge_mdb_entry *sg_mp;
618
619 sg_mp = br_mdb_ip_get(src->br, &sg_key.addr);
620 if (!sg_mp)
621 return;
622 br_mdb_notify(src->br->dev, sg_mp, sg, RTM_NEWMDB);
623 }
624}
625
626static void br_multicast_destroy_mdb_entry(struct net_bridge_mcast_gc *gc)
627{
628 struct net_bridge_mdb_entry *mp;
629
630 mp = container_of(gc, struct net_bridge_mdb_entry, mcast_gc);
631 WARN_ON(!hlist_unhashed(&mp->mdb_node));
632 WARN_ON(mp->ports);
633
634 timer_shutdown_sync(&mp->timer);
635 kfree_rcu(mp, rcu);
636}
637
638static void br_multicast_del_mdb_entry(struct net_bridge_mdb_entry *mp)
639{
640 struct net_bridge *br = mp->br;
641
642 rhashtable_remove_fast(&br->mdb_hash_tbl, &mp->rhnode,
643 br_mdb_rht_params);
644 hlist_del_init_rcu(&mp->mdb_node);
645 hlist_add_head(&mp->mcast_gc.gc_node, &br->mcast_gc_list);
646 queue_work(system_long_wq, &br->mcast_gc_work);
647}
648
649static void br_multicast_group_expired(struct timer_list *t)
650{
651 struct net_bridge_mdb_entry *mp = from_timer(mp, t, timer);
652 struct net_bridge *br = mp->br;
653
654 spin_lock(&br->multicast_lock);
655 if (hlist_unhashed(&mp->mdb_node) || !netif_running(br->dev) ||
656 timer_pending(&mp->timer))
657 goto out;
658
659 br_multicast_host_leave(mp, true);
660
661 if (mp->ports)
662 goto out;
663 br_multicast_del_mdb_entry(mp);
664out:
665 spin_unlock(&br->multicast_lock);
666}
667
668static void br_multicast_destroy_group_src(struct net_bridge_mcast_gc *gc)
669{
670 struct net_bridge_group_src *src;
671
672 src = container_of(gc, struct net_bridge_group_src, mcast_gc);
673 WARN_ON(!hlist_unhashed(&src->node));
674
675 timer_shutdown_sync(&src->timer);
676 kfree_rcu(src, rcu);
677}
678
679void __br_multicast_del_group_src(struct net_bridge_group_src *src)
680{
681 struct net_bridge *br = src->pg->key.port->br;
682
683 hlist_del_init_rcu(&src->node);
684 src->pg->src_ents--;
685 hlist_add_head(&src->mcast_gc.gc_node, &br->mcast_gc_list);
686 queue_work(system_long_wq, &br->mcast_gc_work);
687}
688
689void br_multicast_del_group_src(struct net_bridge_group_src *src,
690 bool fastleave)
691{
692 br_multicast_fwd_src_remove(src, fastleave);
693 __br_multicast_del_group_src(src);
694}
695
696static int
697br_multicast_port_ngroups_inc_one(struct net_bridge_mcast_port *pmctx,
698 struct netlink_ext_ack *extack,
699 const char *what)
700{
701 u32 max = READ_ONCE(pmctx->mdb_max_entries);
702 u32 n = READ_ONCE(pmctx->mdb_n_entries);
703
704 if (max && n >= max) {
705 NL_SET_ERR_MSG_FMT_MOD(extack, "%s is already in %u groups, and mcast_max_groups=%u",
706 what, n, max);
707 return -E2BIG;
708 }
709
710 WRITE_ONCE(pmctx->mdb_n_entries, n + 1);
711 return 0;
712}
713
714static void br_multicast_port_ngroups_dec_one(struct net_bridge_mcast_port *pmctx)
715{
716 u32 n = READ_ONCE(pmctx->mdb_n_entries);
717
718 WARN_ON_ONCE(n == 0);
719 WRITE_ONCE(pmctx->mdb_n_entries, n - 1);
720}
721
722static int br_multicast_port_ngroups_inc(struct net_bridge_port *port,
723 const struct br_ip *group,
724 struct netlink_ext_ack *extack)
725{
726 struct net_bridge_mcast_port *pmctx;
727 int err;
728
729 lockdep_assert_held_once(&port->br->multicast_lock);
730
731 /* Always count on the port context. */
732 err = br_multicast_port_ngroups_inc_one(&port->multicast_ctx, extack,
733 "Port");
734 if (err) {
735 trace_br_mdb_full(port->dev, group);
736 return err;
737 }
738
739 /* Only count on the VLAN context if VID is given, and if snooping on
740 * that VLAN is enabled.
741 */
742 if (!group->vid)
743 return 0;
744
745 pmctx = br_multicast_port_vid_to_port_ctx(port, group->vid);
746 if (!pmctx)
747 return 0;
748
749 err = br_multicast_port_ngroups_inc_one(pmctx, extack, "Port-VLAN");
750 if (err) {
751 trace_br_mdb_full(port->dev, group);
752 goto dec_one_out;
753 }
754
755 return 0;
756
757dec_one_out:
758 br_multicast_port_ngroups_dec_one(&port->multicast_ctx);
759 return err;
760}
761
762static void br_multicast_port_ngroups_dec(struct net_bridge_port *port, u16 vid)
763{
764 struct net_bridge_mcast_port *pmctx;
765
766 lockdep_assert_held_once(&port->br->multicast_lock);
767
768 if (vid) {
769 pmctx = br_multicast_port_vid_to_port_ctx(port, vid);
770 if (pmctx)
771 br_multicast_port_ngroups_dec_one(pmctx);
772 }
773 br_multicast_port_ngroups_dec_one(&port->multicast_ctx);
774}
775
776u32 br_multicast_ngroups_get(const struct net_bridge_mcast_port *pmctx)
777{
778 return READ_ONCE(pmctx->mdb_n_entries);
779}
780
781void br_multicast_ngroups_set_max(struct net_bridge_mcast_port *pmctx, u32 max)
782{
783 WRITE_ONCE(pmctx->mdb_max_entries, max);
784}
785
786u32 br_multicast_ngroups_get_max(const struct net_bridge_mcast_port *pmctx)
787{
788 return READ_ONCE(pmctx->mdb_max_entries);
789}
790
791static void br_multicast_destroy_port_group(struct net_bridge_mcast_gc *gc)
792{
793 struct net_bridge_port_group *pg;
794
795 pg = container_of(gc, struct net_bridge_port_group, mcast_gc);
796 WARN_ON(!hlist_unhashed(&pg->mglist));
797 WARN_ON(!hlist_empty(&pg->src_list));
798
799 timer_shutdown_sync(&pg->rexmit_timer);
800 timer_shutdown_sync(&pg->timer);
801 kfree_rcu(pg, rcu);
802}
803
804void br_multicast_del_pg(struct net_bridge_mdb_entry *mp,
805 struct net_bridge_port_group *pg,
806 struct net_bridge_port_group __rcu **pp)
807{
808 struct net_bridge *br = pg->key.port->br;
809 struct net_bridge_group_src *ent;
810 struct hlist_node *tmp;
811
812 rcu_assign_pointer(*pp, pg->next);
813 hlist_del_init(&pg->mglist);
814 br_multicast_eht_clean_sets(pg);
815 hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node)
816 br_multicast_del_group_src(ent, false);
817 br_mdb_notify(br->dev, mp, pg, RTM_DELMDB);
818 if (!br_multicast_is_star_g(&mp->addr)) {
819 rhashtable_remove_fast(&br->sg_port_tbl, &pg->rhnode,
820 br_sg_port_rht_params);
821 br_multicast_sg_del_exclude_ports(mp);
822 } else {
823 br_multicast_star_g_handle_mode(pg, MCAST_INCLUDE);
824 }
825 br_multicast_port_ngroups_dec(pg->key.port, pg->key.addr.vid);
826 hlist_add_head(&pg->mcast_gc.gc_node, &br->mcast_gc_list);
827 queue_work(system_long_wq, &br->mcast_gc_work);
828
829 if (!mp->ports && !mp->host_joined && netif_running(br->dev))
830 mod_timer(&mp->timer, jiffies);
831}
832
833static void br_multicast_find_del_pg(struct net_bridge *br,
834 struct net_bridge_port_group *pg)
835{
836 struct net_bridge_port_group __rcu **pp;
837 struct net_bridge_mdb_entry *mp;
838 struct net_bridge_port_group *p;
839
840 mp = br_mdb_ip_get(br, &pg->key.addr);
841 if (WARN_ON(!mp))
842 return;
843
844 for (pp = &mp->ports;
845 (p = mlock_dereference(*pp, br)) != NULL;
846 pp = &p->next) {
847 if (p != pg)
848 continue;
849
850 br_multicast_del_pg(mp, pg, pp);
851 return;
852 }
853
854 WARN_ON(1);
855}
856
857static void br_multicast_port_group_expired(struct timer_list *t)
858{
859 struct net_bridge_port_group *pg = from_timer(pg, t, timer);
860 struct net_bridge_group_src *src_ent;
861 struct net_bridge *br = pg->key.port->br;
862 struct hlist_node *tmp;
863 bool changed;
864
865 spin_lock(&br->multicast_lock);
866 if (!netif_running(br->dev) || timer_pending(&pg->timer) ||
867 hlist_unhashed(&pg->mglist) || pg->flags & MDB_PG_FLAGS_PERMANENT)
868 goto out;
869
870 changed = !!(pg->filter_mode == MCAST_EXCLUDE);
871 pg->filter_mode = MCAST_INCLUDE;
872 hlist_for_each_entry_safe(src_ent, tmp, &pg->src_list, node) {
873 if (!timer_pending(&src_ent->timer)) {
874 br_multicast_del_group_src(src_ent, false);
875 changed = true;
876 }
877 }
878
879 if (hlist_empty(&pg->src_list)) {
880 br_multicast_find_del_pg(br, pg);
881 } else if (changed) {
882 struct net_bridge_mdb_entry *mp = br_mdb_ip_get(br, &pg->key.addr);
883
884 if (changed && br_multicast_is_star_g(&pg->key.addr))
885 br_multicast_star_g_handle_mode(pg, MCAST_INCLUDE);
886
887 if (WARN_ON(!mp))
888 goto out;
889 br_mdb_notify(br->dev, mp, pg, RTM_NEWMDB);
890 }
891out:
892 spin_unlock(&br->multicast_lock);
893}
894
895static void br_multicast_gc(struct hlist_head *head)
896{
897 struct net_bridge_mcast_gc *gcent;
898 struct hlist_node *tmp;
899
900 hlist_for_each_entry_safe(gcent, tmp, head, gc_node) {
901 hlist_del_init(&gcent->gc_node);
902 gcent->destroy(gcent);
903 }
904}
905
906static void __br_multicast_query_handle_vlan(struct net_bridge_mcast *brmctx,
907 struct net_bridge_mcast_port *pmctx,
908 struct sk_buff *skb)
909{
910 struct net_bridge_vlan *vlan = NULL;
911
912 if (pmctx && br_multicast_port_ctx_is_vlan(pmctx))
913 vlan = pmctx->vlan;
914 else if (br_multicast_ctx_is_vlan(brmctx))
915 vlan = brmctx->vlan;
916
917 if (vlan && !(vlan->flags & BRIDGE_VLAN_INFO_UNTAGGED)) {
918 u16 vlan_proto;
919
920 if (br_vlan_get_proto(brmctx->br->dev, &vlan_proto) != 0)
921 return;
922 __vlan_hwaccel_put_tag(skb, htons(vlan_proto), vlan->vid);
923 }
924}
925
926static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge_mcast *brmctx,
927 struct net_bridge_mcast_port *pmctx,
928 struct net_bridge_port_group *pg,
929 __be32 ip_dst, __be32 group,
930 bool with_srcs, bool over_lmqt,
931 u8 sflag, u8 *igmp_type,
932 bool *need_rexmit)
933{
934 struct net_bridge_port *p = pg ? pg->key.port : NULL;
935 struct net_bridge_group_src *ent;
936 size_t pkt_size, igmp_hdr_size;
937 unsigned long now = jiffies;
938 struct igmpv3_query *ihv3;
939 void *csum_start = NULL;
940 __sum16 *csum = NULL;
941 struct sk_buff *skb;
942 struct igmphdr *ih;
943 struct ethhdr *eth;
944 unsigned long lmqt;
945 struct iphdr *iph;
946 u16 lmqt_srcs = 0;
947
948 igmp_hdr_size = sizeof(*ih);
949 if (brmctx->multicast_igmp_version == 3) {
950 igmp_hdr_size = sizeof(*ihv3);
951 if (pg && with_srcs) {
952 lmqt = now + (brmctx->multicast_last_member_interval *
953 brmctx->multicast_last_member_count);
954 hlist_for_each_entry(ent, &pg->src_list, node) {
955 if (over_lmqt == time_after(ent->timer.expires,
956 lmqt) &&
957 ent->src_query_rexmit_cnt > 0)
958 lmqt_srcs++;
959 }
960
961 if (!lmqt_srcs)
962 return NULL;
963 igmp_hdr_size += lmqt_srcs * sizeof(__be32);
964 }
965 }
966
967 pkt_size = sizeof(*eth) + sizeof(*iph) + 4 + igmp_hdr_size;
968 if ((p && pkt_size > p->dev->mtu) ||
969 pkt_size > brmctx->br->dev->mtu)
970 return NULL;
971
972 skb = netdev_alloc_skb_ip_align(brmctx->br->dev, pkt_size);
973 if (!skb)
974 goto out;
975
976 __br_multicast_query_handle_vlan(brmctx, pmctx, skb);
977 skb->protocol = htons(ETH_P_IP);
978
979 skb_reset_mac_header(skb);
980 eth = eth_hdr(skb);
981
982 ether_addr_copy(eth->h_source, brmctx->br->dev->dev_addr);
983 ip_eth_mc_map(ip_dst, eth->h_dest);
984 eth->h_proto = htons(ETH_P_IP);
985 skb_put(skb, sizeof(*eth));
986
987 skb_set_network_header(skb, skb->len);
988 iph = ip_hdr(skb);
989 iph->tot_len = htons(pkt_size - sizeof(*eth));
990
991 iph->version = 4;
992 iph->ihl = 6;
993 iph->tos = 0xc0;
994 iph->id = 0;
995 iph->frag_off = htons(IP_DF);
996 iph->ttl = 1;
997 iph->protocol = IPPROTO_IGMP;
998 iph->saddr = br_opt_get(brmctx->br, BROPT_MULTICAST_QUERY_USE_IFADDR) ?
999 inet_select_addr(brmctx->br->dev, 0, RT_SCOPE_LINK) : 0;
1000 iph->daddr = ip_dst;
1001 ((u8 *)&iph[1])[0] = IPOPT_RA;
1002 ((u8 *)&iph[1])[1] = 4;
1003 ((u8 *)&iph[1])[2] = 0;
1004 ((u8 *)&iph[1])[3] = 0;
1005 ip_send_check(iph);
1006 skb_put(skb, 24);
1007
1008 skb_set_transport_header(skb, skb->len);
1009 *igmp_type = IGMP_HOST_MEMBERSHIP_QUERY;
1010
1011 switch (brmctx->multicast_igmp_version) {
1012 case 2:
1013 ih = igmp_hdr(skb);
1014 ih->type = IGMP_HOST_MEMBERSHIP_QUERY;
1015 ih->code = (group ? brmctx->multicast_last_member_interval :
1016 brmctx->multicast_query_response_interval) /
1017 (HZ / IGMP_TIMER_SCALE);
1018 ih->group = group;
1019 ih->csum = 0;
1020 csum = &ih->csum;
1021 csum_start = (void *)ih;
1022 break;
1023 case 3:
1024 ihv3 = igmpv3_query_hdr(skb);
1025 ihv3->type = IGMP_HOST_MEMBERSHIP_QUERY;
1026 ihv3->code = (group ? brmctx->multicast_last_member_interval :
1027 brmctx->multicast_query_response_interval) /
1028 (HZ / IGMP_TIMER_SCALE);
1029 ihv3->group = group;
1030 ihv3->qqic = brmctx->multicast_query_interval / HZ;
1031 ihv3->nsrcs = htons(lmqt_srcs);
1032 ihv3->resv = 0;
1033 ihv3->suppress = sflag;
1034 ihv3->qrv = 2;
1035 ihv3->csum = 0;
1036 csum = &ihv3->csum;
1037 csum_start = (void *)ihv3;
1038 if (!pg || !with_srcs)
1039 break;
1040
1041 lmqt_srcs = 0;
1042 hlist_for_each_entry(ent, &pg->src_list, node) {
1043 if (over_lmqt == time_after(ent->timer.expires,
1044 lmqt) &&
1045 ent->src_query_rexmit_cnt > 0) {
1046 ihv3->srcs[lmqt_srcs++] = ent->addr.src.ip4;
1047 ent->src_query_rexmit_cnt--;
1048 if (need_rexmit && ent->src_query_rexmit_cnt)
1049 *need_rexmit = true;
1050 }
1051 }
1052 if (WARN_ON(lmqt_srcs != ntohs(ihv3->nsrcs))) {
1053 kfree_skb(skb);
1054 return NULL;
1055 }
1056 break;
1057 }
1058
1059 if (WARN_ON(!csum || !csum_start)) {
1060 kfree_skb(skb);
1061 return NULL;
1062 }
1063
1064 *csum = ip_compute_csum(csum_start, igmp_hdr_size);
1065 skb_put(skb, igmp_hdr_size);
1066 __skb_pull(skb, sizeof(*eth));
1067
1068out:
1069 return skb;
1070}
1071
1072#if IS_ENABLED(CONFIG_IPV6)
1073static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge_mcast *brmctx,
1074 struct net_bridge_mcast_port *pmctx,
1075 struct net_bridge_port_group *pg,
1076 const struct in6_addr *ip6_dst,
1077 const struct in6_addr *group,
1078 bool with_srcs, bool over_llqt,
1079 u8 sflag, u8 *igmp_type,
1080 bool *need_rexmit)
1081{
1082 struct net_bridge_port *p = pg ? pg->key.port : NULL;
1083 struct net_bridge_group_src *ent;
1084 size_t pkt_size, mld_hdr_size;
1085 unsigned long now = jiffies;
1086 struct mld2_query *mld2q;
1087 void *csum_start = NULL;
1088 unsigned long interval;
1089 __sum16 *csum = NULL;
1090 struct ipv6hdr *ip6h;
1091 struct mld_msg *mldq;
1092 struct sk_buff *skb;
1093 unsigned long llqt;
1094 struct ethhdr *eth;
1095 u16 llqt_srcs = 0;
1096 u8 *hopopt;
1097
1098 mld_hdr_size = sizeof(*mldq);
1099 if (brmctx->multicast_mld_version == 2) {
1100 mld_hdr_size = sizeof(*mld2q);
1101 if (pg && with_srcs) {
1102 llqt = now + (brmctx->multicast_last_member_interval *
1103 brmctx->multicast_last_member_count);
1104 hlist_for_each_entry(ent, &pg->src_list, node) {
1105 if (over_llqt == time_after(ent->timer.expires,
1106 llqt) &&
1107 ent->src_query_rexmit_cnt > 0)
1108 llqt_srcs++;
1109 }
1110
1111 if (!llqt_srcs)
1112 return NULL;
1113 mld_hdr_size += llqt_srcs * sizeof(struct in6_addr);
1114 }
1115 }
1116
1117 pkt_size = sizeof(*eth) + sizeof(*ip6h) + 8 + mld_hdr_size;
1118 if ((p && pkt_size > p->dev->mtu) ||
1119 pkt_size > brmctx->br->dev->mtu)
1120 return NULL;
1121
1122 skb = netdev_alloc_skb_ip_align(brmctx->br->dev, pkt_size);
1123 if (!skb)
1124 goto out;
1125
1126 __br_multicast_query_handle_vlan(brmctx, pmctx, skb);
1127 skb->protocol = htons(ETH_P_IPV6);
1128
1129 /* Ethernet header */
1130 skb_reset_mac_header(skb);
1131 eth = eth_hdr(skb);
1132
1133 ether_addr_copy(eth->h_source, brmctx->br->dev->dev_addr);
1134 eth->h_proto = htons(ETH_P_IPV6);
1135 skb_put(skb, sizeof(*eth));
1136
1137 /* IPv6 header + HbH option */
1138 skb_set_network_header(skb, skb->len);
1139 ip6h = ipv6_hdr(skb);
1140
1141 *(__force __be32 *)ip6h = htonl(0x60000000);
1142 ip6h->payload_len = htons(8 + mld_hdr_size);
1143 ip6h->nexthdr = IPPROTO_HOPOPTS;
1144 ip6h->hop_limit = 1;
1145 ip6h->daddr = *ip6_dst;
1146 if (ipv6_dev_get_saddr(dev_net(brmctx->br->dev), brmctx->br->dev,
1147 &ip6h->daddr, 0, &ip6h->saddr)) {
1148 kfree_skb(skb);
1149 br_opt_toggle(brmctx->br, BROPT_HAS_IPV6_ADDR, false);
1150 return NULL;
1151 }
1152
1153 br_opt_toggle(brmctx->br, BROPT_HAS_IPV6_ADDR, true);
1154 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest);
1155
1156 hopopt = (u8 *)(ip6h + 1);
1157 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */
1158 hopopt[1] = 0; /* length of HbH */
1159 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */
1160 hopopt[3] = 2; /* Length of RA Option */
1161 hopopt[4] = 0; /* Type = 0x0000 (MLD) */
1162 hopopt[5] = 0;
1163 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */
1164 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */
1165
1166 skb_put(skb, sizeof(*ip6h) + 8);
1167
1168 /* ICMPv6 */
1169 skb_set_transport_header(skb, skb->len);
1170 interval = ipv6_addr_any(group) ?
1171 brmctx->multicast_query_response_interval :
1172 brmctx->multicast_last_member_interval;
1173 *igmp_type = ICMPV6_MGM_QUERY;
1174 switch (brmctx->multicast_mld_version) {
1175 case 1:
1176 mldq = (struct mld_msg *)icmp6_hdr(skb);
1177 mldq->mld_type = ICMPV6_MGM_QUERY;
1178 mldq->mld_code = 0;
1179 mldq->mld_cksum = 0;
1180 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval));
1181 mldq->mld_reserved = 0;
1182 mldq->mld_mca = *group;
1183 csum = &mldq->mld_cksum;
1184 csum_start = (void *)mldq;
1185 break;
1186 case 2:
1187 mld2q = (struct mld2_query *)icmp6_hdr(skb);
1188 mld2q->mld2q_mrc = htons((u16)jiffies_to_msecs(interval));
1189 mld2q->mld2q_type = ICMPV6_MGM_QUERY;
1190 mld2q->mld2q_code = 0;
1191 mld2q->mld2q_cksum = 0;
1192 mld2q->mld2q_resv1 = 0;
1193 mld2q->mld2q_resv2 = 0;
1194 mld2q->mld2q_suppress = sflag;
1195 mld2q->mld2q_qrv = 2;
1196 mld2q->mld2q_nsrcs = htons(llqt_srcs);
1197 mld2q->mld2q_qqic = brmctx->multicast_query_interval / HZ;
1198 mld2q->mld2q_mca = *group;
1199 csum = &mld2q->mld2q_cksum;
1200 csum_start = (void *)mld2q;
1201 if (!pg || !with_srcs)
1202 break;
1203
1204 llqt_srcs = 0;
1205 hlist_for_each_entry(ent, &pg->src_list, node) {
1206 if (over_llqt == time_after(ent->timer.expires,
1207 llqt) &&
1208 ent->src_query_rexmit_cnt > 0) {
1209 mld2q->mld2q_srcs[llqt_srcs++] = ent->addr.src.ip6;
1210 ent->src_query_rexmit_cnt--;
1211 if (need_rexmit && ent->src_query_rexmit_cnt)
1212 *need_rexmit = true;
1213 }
1214 }
1215 if (WARN_ON(llqt_srcs != ntohs(mld2q->mld2q_nsrcs))) {
1216 kfree_skb(skb);
1217 return NULL;
1218 }
1219 break;
1220 }
1221
1222 if (WARN_ON(!csum || !csum_start)) {
1223 kfree_skb(skb);
1224 return NULL;
1225 }
1226
1227 *csum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, mld_hdr_size,
1228 IPPROTO_ICMPV6,
1229 csum_partial(csum_start, mld_hdr_size, 0));
1230 skb_put(skb, mld_hdr_size);
1231 __skb_pull(skb, sizeof(*eth));
1232
1233out:
1234 return skb;
1235}
1236#endif
1237
1238static struct sk_buff *br_multicast_alloc_query(struct net_bridge_mcast *brmctx,
1239 struct net_bridge_mcast_port *pmctx,
1240 struct net_bridge_port_group *pg,
1241 struct br_ip *ip_dst,
1242 struct br_ip *group,
1243 bool with_srcs, bool over_lmqt,
1244 u8 sflag, u8 *igmp_type,
1245 bool *need_rexmit)
1246{
1247 __be32 ip4_dst;
1248
1249 switch (group->proto) {
1250 case htons(ETH_P_IP):
1251 ip4_dst = ip_dst ? ip_dst->dst.ip4 : htonl(INADDR_ALLHOSTS_GROUP);
1252 return br_ip4_multicast_alloc_query(brmctx, pmctx, pg,
1253 ip4_dst, group->dst.ip4,
1254 with_srcs, over_lmqt,
1255 sflag, igmp_type,
1256 need_rexmit);
1257#if IS_ENABLED(CONFIG_IPV6)
1258 case htons(ETH_P_IPV6): {
1259 struct in6_addr ip6_dst;
1260
1261 if (ip_dst)
1262 ip6_dst = ip_dst->dst.ip6;
1263 else
1264 ipv6_addr_set(&ip6_dst, htonl(0xff020000), 0, 0,
1265 htonl(1));
1266
1267 return br_ip6_multicast_alloc_query(brmctx, pmctx, pg,
1268 &ip6_dst, &group->dst.ip6,
1269 with_srcs, over_lmqt,
1270 sflag, igmp_type,
1271 need_rexmit);
1272 }
1273#endif
1274 }
1275 return NULL;
1276}
1277
1278struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br,
1279 struct br_ip *group)
1280{
1281 struct net_bridge_mdb_entry *mp;
1282 int err;
1283
1284 mp = br_mdb_ip_get(br, group);
1285 if (mp)
1286 return mp;
1287
1288 if (atomic_read(&br->mdb_hash_tbl.nelems) >= br->hash_max) {
1289 trace_br_mdb_full(br->dev, group);
1290 br_mc_disabled_update(br->dev, false, NULL);
1291 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, false);
1292 return ERR_PTR(-E2BIG);
1293 }
1294
1295 mp = kzalloc(sizeof(*mp), GFP_ATOMIC);
1296 if (unlikely(!mp))
1297 return ERR_PTR(-ENOMEM);
1298
1299 mp->br = br;
1300 mp->addr = *group;
1301 mp->mcast_gc.destroy = br_multicast_destroy_mdb_entry;
1302 timer_setup(&mp->timer, br_multicast_group_expired, 0);
1303 err = rhashtable_lookup_insert_fast(&br->mdb_hash_tbl, &mp->rhnode,
1304 br_mdb_rht_params);
1305 if (err) {
1306 kfree(mp);
1307 mp = ERR_PTR(err);
1308 } else {
1309 hlist_add_head_rcu(&mp->mdb_node, &br->mdb_list);
1310 }
1311
1312 return mp;
1313}
1314
1315static void br_multicast_group_src_expired(struct timer_list *t)
1316{
1317 struct net_bridge_group_src *src = from_timer(src, t, timer);
1318 struct net_bridge_port_group *pg;
1319 struct net_bridge *br = src->br;
1320
1321 spin_lock(&br->multicast_lock);
1322 if (hlist_unhashed(&src->node) || !netif_running(br->dev) ||
1323 timer_pending(&src->timer))
1324 goto out;
1325
1326 pg = src->pg;
1327 if (pg->filter_mode == MCAST_INCLUDE) {
1328 br_multicast_del_group_src(src, false);
1329 if (!hlist_empty(&pg->src_list))
1330 goto out;
1331 br_multicast_find_del_pg(br, pg);
1332 } else {
1333 br_multicast_fwd_src_handle(src);
1334 }
1335
1336out:
1337 spin_unlock(&br->multicast_lock);
1338}
1339
1340struct net_bridge_group_src *
1341br_multicast_find_group_src(struct net_bridge_port_group *pg, struct br_ip *ip)
1342{
1343 struct net_bridge_group_src *ent;
1344
1345 switch (ip->proto) {
1346 case htons(ETH_P_IP):
1347 hlist_for_each_entry(ent, &pg->src_list, node)
1348 if (ip->src.ip4 == ent->addr.src.ip4)
1349 return ent;
1350 break;
1351#if IS_ENABLED(CONFIG_IPV6)
1352 case htons(ETH_P_IPV6):
1353 hlist_for_each_entry(ent, &pg->src_list, node)
1354 if (!ipv6_addr_cmp(&ent->addr.src.ip6, &ip->src.ip6))
1355 return ent;
1356 break;
1357#endif
1358 }
1359
1360 return NULL;
1361}
1362
1363struct net_bridge_group_src *
1364br_multicast_new_group_src(struct net_bridge_port_group *pg, struct br_ip *src_ip)
1365{
1366 struct net_bridge_group_src *grp_src;
1367
1368 if (unlikely(pg->src_ents >= PG_SRC_ENT_LIMIT))
1369 return NULL;
1370
1371 switch (src_ip->proto) {
1372 case htons(ETH_P_IP):
1373 if (ipv4_is_zeronet(src_ip->src.ip4) ||
1374 ipv4_is_multicast(src_ip->src.ip4))
1375 return NULL;
1376 break;
1377#if IS_ENABLED(CONFIG_IPV6)
1378 case htons(ETH_P_IPV6):
1379 if (ipv6_addr_any(&src_ip->src.ip6) ||
1380 ipv6_addr_is_multicast(&src_ip->src.ip6))
1381 return NULL;
1382 break;
1383#endif
1384 }
1385
1386 grp_src = kzalloc(sizeof(*grp_src), GFP_ATOMIC);
1387 if (unlikely(!grp_src))
1388 return NULL;
1389
1390 grp_src->pg = pg;
1391 grp_src->br = pg->key.port->br;
1392 grp_src->addr = *src_ip;
1393 grp_src->mcast_gc.destroy = br_multicast_destroy_group_src;
1394 timer_setup(&grp_src->timer, br_multicast_group_src_expired, 0);
1395
1396 hlist_add_head_rcu(&grp_src->node, &pg->src_list);
1397 pg->src_ents++;
1398
1399 return grp_src;
1400}
1401
1402struct net_bridge_port_group *br_multicast_new_port_group(
1403 struct net_bridge_port *port,
1404 const struct br_ip *group,
1405 struct net_bridge_port_group __rcu *next,
1406 unsigned char flags,
1407 const unsigned char *src,
1408 u8 filter_mode,
1409 u8 rt_protocol,
1410 struct netlink_ext_ack *extack)
1411{
1412 struct net_bridge_port_group *p;
1413 int err;
1414
1415 err = br_multicast_port_ngroups_inc(port, group, extack);
1416 if (err)
1417 return NULL;
1418
1419 p = kzalloc(sizeof(*p), GFP_ATOMIC);
1420 if (unlikely(!p)) {
1421 NL_SET_ERR_MSG_MOD(extack, "Couldn't allocate new port group");
1422 goto dec_out;
1423 }
1424
1425 p->key.addr = *group;
1426 p->key.port = port;
1427 p->flags = flags;
1428 p->filter_mode = filter_mode;
1429 p->rt_protocol = rt_protocol;
1430 p->eht_host_tree = RB_ROOT;
1431 p->eht_set_tree = RB_ROOT;
1432 p->mcast_gc.destroy = br_multicast_destroy_port_group;
1433 INIT_HLIST_HEAD(&p->src_list);
1434
1435 if (!br_multicast_is_star_g(group) &&
1436 rhashtable_lookup_insert_fast(&port->br->sg_port_tbl, &p->rhnode,
1437 br_sg_port_rht_params)) {
1438 NL_SET_ERR_MSG_MOD(extack, "Couldn't insert new port group");
1439 goto free_out;
1440 }
1441
1442 rcu_assign_pointer(p->next, next);
1443 timer_setup(&p->timer, br_multicast_port_group_expired, 0);
1444 timer_setup(&p->rexmit_timer, br_multicast_port_group_rexmit, 0);
1445 hlist_add_head(&p->mglist, &port->mglist);
1446
1447 if (src)
1448 memcpy(p->eth_addr, src, ETH_ALEN);
1449 else
1450 eth_broadcast_addr(p->eth_addr);
1451
1452 return p;
1453
1454free_out:
1455 kfree(p);
1456dec_out:
1457 br_multicast_port_ngroups_dec(port, group->vid);
1458 return NULL;
1459}
1460
1461void br_multicast_del_port_group(struct net_bridge_port_group *p)
1462{
1463 struct net_bridge_port *port = p->key.port;
1464 __u16 vid = p->key.addr.vid;
1465
1466 hlist_del_init(&p->mglist);
1467 if (!br_multicast_is_star_g(&p->key.addr))
1468 rhashtable_remove_fast(&port->br->sg_port_tbl, &p->rhnode,
1469 br_sg_port_rht_params);
1470 kfree(p);
1471 br_multicast_port_ngroups_dec(port, vid);
1472}
1473
1474void br_multicast_host_join(const struct net_bridge_mcast *brmctx,
1475 struct net_bridge_mdb_entry *mp, bool notify)
1476{
1477 if (!mp->host_joined) {
1478 mp->host_joined = true;
1479 if (br_multicast_is_star_g(&mp->addr))
1480 br_multicast_star_g_host_state(mp);
1481 if (notify)
1482 br_mdb_notify(mp->br->dev, mp, NULL, RTM_NEWMDB);
1483 }
1484
1485 if (br_group_is_l2(&mp->addr))
1486 return;
1487
1488 mod_timer(&mp->timer, jiffies + brmctx->multicast_membership_interval);
1489}
1490
1491void br_multicast_host_leave(struct net_bridge_mdb_entry *mp, bool notify)
1492{
1493 if (!mp->host_joined)
1494 return;
1495
1496 mp->host_joined = false;
1497 if (br_multicast_is_star_g(&mp->addr))
1498 br_multicast_star_g_host_state(mp);
1499 if (notify)
1500 br_mdb_notify(mp->br->dev, mp, NULL, RTM_DELMDB);
1501}
1502
1503static struct net_bridge_port_group *
1504__br_multicast_add_group(struct net_bridge_mcast *brmctx,
1505 struct net_bridge_mcast_port *pmctx,
1506 struct br_ip *group,
1507 const unsigned char *src,
1508 u8 filter_mode,
1509 bool igmpv2_mldv1,
1510 bool blocked)
1511{
1512 struct net_bridge_port_group __rcu **pp;
1513 struct net_bridge_port_group *p = NULL;
1514 struct net_bridge_mdb_entry *mp;
1515 unsigned long now = jiffies;
1516
1517 if (!br_multicast_ctx_should_use(brmctx, pmctx))
1518 goto out;
1519
1520 mp = br_multicast_new_group(brmctx->br, group);
1521 if (IS_ERR(mp))
1522 return ERR_CAST(mp);
1523
1524 if (!pmctx) {
1525 br_multicast_host_join(brmctx, mp, true);
1526 goto out;
1527 }
1528
1529 for (pp = &mp->ports;
1530 (p = mlock_dereference(*pp, brmctx->br)) != NULL;
1531 pp = &p->next) {
1532 if (br_port_group_equal(p, pmctx->port, src))
1533 goto found;
1534 if ((unsigned long)p->key.port < (unsigned long)pmctx->port)
1535 break;
1536 }
1537
1538 p = br_multicast_new_port_group(pmctx->port, group, *pp, 0, src,
1539 filter_mode, RTPROT_KERNEL, NULL);
1540 if (unlikely(!p)) {
1541 p = ERR_PTR(-ENOMEM);
1542 goto out;
1543 }
1544 rcu_assign_pointer(*pp, p);
1545 if (blocked)
1546 p->flags |= MDB_PG_FLAGS_BLOCKED;
1547 br_mdb_notify(brmctx->br->dev, mp, p, RTM_NEWMDB);
1548
1549found:
1550 if (igmpv2_mldv1)
1551 mod_timer(&p->timer,
1552 now + brmctx->multicast_membership_interval);
1553
1554out:
1555 return p;
1556}
1557
1558static int br_multicast_add_group(struct net_bridge_mcast *brmctx,
1559 struct net_bridge_mcast_port *pmctx,
1560 struct br_ip *group,
1561 const unsigned char *src,
1562 u8 filter_mode,
1563 bool igmpv2_mldv1)
1564{
1565 struct net_bridge_port_group *pg;
1566 int err;
1567
1568 spin_lock(&brmctx->br->multicast_lock);
1569 pg = __br_multicast_add_group(brmctx, pmctx, group, src, filter_mode,
1570 igmpv2_mldv1, false);
1571 /* NULL is considered valid for host joined groups */
1572 err = PTR_ERR_OR_ZERO(pg);
1573 spin_unlock(&brmctx->br->multicast_lock);
1574
1575 return err;
1576}
1577
1578static int br_ip4_multicast_add_group(struct net_bridge_mcast *brmctx,
1579 struct net_bridge_mcast_port *pmctx,
1580 __be32 group,
1581 __u16 vid,
1582 const unsigned char *src,
1583 bool igmpv2)
1584{
1585 struct br_ip br_group;
1586 u8 filter_mode;
1587
1588 if (ipv4_is_local_multicast(group))
1589 return 0;
1590
1591 memset(&br_group, 0, sizeof(br_group));
1592 br_group.dst.ip4 = group;
1593 br_group.proto = htons(ETH_P_IP);
1594 br_group.vid = vid;
1595 filter_mode = igmpv2 ? MCAST_EXCLUDE : MCAST_INCLUDE;
1596
1597 return br_multicast_add_group(brmctx, pmctx, &br_group, src,
1598 filter_mode, igmpv2);
1599}
1600
1601#if IS_ENABLED(CONFIG_IPV6)
1602static int br_ip6_multicast_add_group(struct net_bridge_mcast *brmctx,
1603 struct net_bridge_mcast_port *pmctx,
1604 const struct in6_addr *group,
1605 __u16 vid,
1606 const unsigned char *src,
1607 bool mldv1)
1608{
1609 struct br_ip br_group;
1610 u8 filter_mode;
1611
1612 if (ipv6_addr_is_ll_all_nodes(group))
1613 return 0;
1614
1615 memset(&br_group, 0, sizeof(br_group));
1616 br_group.dst.ip6 = *group;
1617 br_group.proto = htons(ETH_P_IPV6);
1618 br_group.vid = vid;
1619 filter_mode = mldv1 ? MCAST_EXCLUDE : MCAST_INCLUDE;
1620
1621 return br_multicast_add_group(brmctx, pmctx, &br_group, src,
1622 filter_mode, mldv1);
1623}
1624#endif
1625
1626static bool br_multicast_rport_del(struct hlist_node *rlist)
1627{
1628 if (hlist_unhashed(rlist))
1629 return false;
1630
1631 hlist_del_init_rcu(rlist);
1632 return true;
1633}
1634
1635static bool br_ip4_multicast_rport_del(struct net_bridge_mcast_port *pmctx)
1636{
1637 return br_multicast_rport_del(&pmctx->ip4_rlist);
1638}
1639
1640static bool br_ip6_multicast_rport_del(struct net_bridge_mcast_port *pmctx)
1641{
1642#if IS_ENABLED(CONFIG_IPV6)
1643 return br_multicast_rport_del(&pmctx->ip6_rlist);
1644#else
1645 return false;
1646#endif
1647}
1648
1649static void br_multicast_router_expired(struct net_bridge_mcast_port *pmctx,
1650 struct timer_list *t,
1651 struct hlist_node *rlist)
1652{
1653 struct net_bridge *br = pmctx->port->br;
1654 bool del;
1655
1656 spin_lock(&br->multicast_lock);
1657 if (pmctx->multicast_router == MDB_RTR_TYPE_DISABLED ||
1658 pmctx->multicast_router == MDB_RTR_TYPE_PERM ||
1659 timer_pending(t))
1660 goto out;
1661
1662 del = br_multicast_rport_del(rlist);
1663 br_multicast_rport_del_notify(pmctx, del);
1664out:
1665 spin_unlock(&br->multicast_lock);
1666}
1667
1668static void br_ip4_multicast_router_expired(struct timer_list *t)
1669{
1670 struct net_bridge_mcast_port *pmctx = from_timer(pmctx, t,
1671 ip4_mc_router_timer);
1672
1673 br_multicast_router_expired(pmctx, t, &pmctx->ip4_rlist);
1674}
1675
1676#if IS_ENABLED(CONFIG_IPV6)
1677static void br_ip6_multicast_router_expired(struct timer_list *t)
1678{
1679 struct net_bridge_mcast_port *pmctx = from_timer(pmctx, t,
1680 ip6_mc_router_timer);
1681
1682 br_multicast_router_expired(pmctx, t, &pmctx->ip6_rlist);
1683}
1684#endif
1685
1686static void br_mc_router_state_change(struct net_bridge *p,
1687 bool is_mc_router)
1688{
1689 struct switchdev_attr attr = {
1690 .orig_dev = p->dev,
1691 .id = SWITCHDEV_ATTR_ID_BRIDGE_MROUTER,
1692 .flags = SWITCHDEV_F_DEFER,
1693 .u.mrouter = is_mc_router,
1694 };
1695
1696 switchdev_port_attr_set(p->dev, &attr, NULL);
1697}
1698
1699static void br_multicast_local_router_expired(struct net_bridge_mcast *brmctx,
1700 struct timer_list *timer)
1701{
1702 spin_lock(&brmctx->br->multicast_lock);
1703 if (brmctx->multicast_router == MDB_RTR_TYPE_DISABLED ||
1704 brmctx->multicast_router == MDB_RTR_TYPE_PERM ||
1705 br_ip4_multicast_is_router(brmctx) ||
1706 br_ip6_multicast_is_router(brmctx))
1707 goto out;
1708
1709 br_mc_router_state_change(brmctx->br, false);
1710out:
1711 spin_unlock(&brmctx->br->multicast_lock);
1712}
1713
1714static void br_ip4_multicast_local_router_expired(struct timer_list *t)
1715{
1716 struct net_bridge_mcast *brmctx = from_timer(brmctx, t,
1717 ip4_mc_router_timer);
1718
1719 br_multicast_local_router_expired(brmctx, t);
1720}
1721
1722#if IS_ENABLED(CONFIG_IPV6)
1723static void br_ip6_multicast_local_router_expired(struct timer_list *t)
1724{
1725 struct net_bridge_mcast *brmctx = from_timer(brmctx, t,
1726 ip6_mc_router_timer);
1727
1728 br_multicast_local_router_expired(brmctx, t);
1729}
1730#endif
1731
1732static void br_multicast_querier_expired(struct net_bridge_mcast *brmctx,
1733 struct bridge_mcast_own_query *query)
1734{
1735 spin_lock(&brmctx->br->multicast_lock);
1736 if (!netif_running(brmctx->br->dev) ||
1737 br_multicast_ctx_vlan_global_disabled(brmctx) ||
1738 !br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED))
1739 goto out;
1740
1741 br_multicast_start_querier(brmctx, query);
1742
1743out:
1744 spin_unlock(&brmctx->br->multicast_lock);
1745}
1746
1747static void br_ip4_multicast_querier_expired(struct timer_list *t)
1748{
1749 struct net_bridge_mcast *brmctx = from_timer(brmctx, t,
1750 ip4_other_query.timer);
1751
1752 br_multicast_querier_expired(brmctx, &brmctx->ip4_own_query);
1753}
1754
1755#if IS_ENABLED(CONFIG_IPV6)
1756static void br_ip6_multicast_querier_expired(struct timer_list *t)
1757{
1758 struct net_bridge_mcast *brmctx = from_timer(brmctx, t,
1759 ip6_other_query.timer);
1760
1761 br_multicast_querier_expired(brmctx, &brmctx->ip6_own_query);
1762}
1763#endif
1764
1765static void br_multicast_query_delay_expired(struct timer_list *t)
1766{
1767}
1768
1769static void br_multicast_select_own_querier(struct net_bridge_mcast *brmctx,
1770 struct br_ip *ip,
1771 struct sk_buff *skb)
1772{
1773 if (ip->proto == htons(ETH_P_IP))
1774 brmctx->ip4_querier.addr.src.ip4 = ip_hdr(skb)->saddr;
1775#if IS_ENABLED(CONFIG_IPV6)
1776 else
1777 brmctx->ip6_querier.addr.src.ip6 = ipv6_hdr(skb)->saddr;
1778#endif
1779}
1780
1781static void __br_multicast_send_query(struct net_bridge_mcast *brmctx,
1782 struct net_bridge_mcast_port *pmctx,
1783 struct net_bridge_port_group *pg,
1784 struct br_ip *ip_dst,
1785 struct br_ip *group,
1786 bool with_srcs,
1787 u8 sflag,
1788 bool *need_rexmit)
1789{
1790 bool over_lmqt = !!sflag;
1791 struct sk_buff *skb;
1792 u8 igmp_type;
1793
1794 if (!br_multicast_ctx_should_use(brmctx, pmctx) ||
1795 !br_multicast_ctx_matches_vlan_snooping(brmctx))
1796 return;
1797
1798again_under_lmqt:
1799 skb = br_multicast_alloc_query(brmctx, pmctx, pg, ip_dst, group,
1800 with_srcs, over_lmqt, sflag, &igmp_type,
1801 need_rexmit);
1802 if (!skb)
1803 return;
1804
1805 if (pmctx) {
1806 skb->dev = pmctx->port->dev;
1807 br_multicast_count(brmctx->br, pmctx->port, skb, igmp_type,
1808 BR_MCAST_DIR_TX);
1809 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT,
1810 dev_net(pmctx->port->dev), NULL, skb, NULL, skb->dev,
1811 br_dev_queue_push_xmit);
1812
1813 if (over_lmqt && with_srcs && sflag) {
1814 over_lmqt = false;
1815 goto again_under_lmqt;
1816 }
1817 } else {
1818 br_multicast_select_own_querier(brmctx, group, skb);
1819 br_multicast_count(brmctx->br, NULL, skb, igmp_type,
1820 BR_MCAST_DIR_RX);
1821 netif_rx(skb);
1822 }
1823}
1824
1825static void br_multicast_read_querier(const struct bridge_mcast_querier *querier,
1826 struct bridge_mcast_querier *dest)
1827{
1828 unsigned int seq;
1829
1830 memset(dest, 0, sizeof(*dest));
1831 do {
1832 seq = read_seqcount_begin(&querier->seq);
1833 dest->port_ifidx = querier->port_ifidx;
1834 memcpy(&dest->addr, &querier->addr, sizeof(struct br_ip));
1835 } while (read_seqcount_retry(&querier->seq, seq));
1836}
1837
1838static void br_multicast_update_querier(struct net_bridge_mcast *brmctx,
1839 struct bridge_mcast_querier *querier,
1840 int ifindex,
1841 struct br_ip *saddr)
1842{
1843 write_seqcount_begin(&querier->seq);
1844 querier->port_ifidx = ifindex;
1845 memcpy(&querier->addr, saddr, sizeof(*saddr));
1846 write_seqcount_end(&querier->seq);
1847}
1848
1849static void br_multicast_send_query(struct net_bridge_mcast *brmctx,
1850 struct net_bridge_mcast_port *pmctx,
1851 struct bridge_mcast_own_query *own_query)
1852{
1853 struct bridge_mcast_other_query *other_query = NULL;
1854 struct bridge_mcast_querier *querier;
1855 struct br_ip br_group;
1856 unsigned long time;
1857
1858 if (!br_multicast_ctx_should_use(brmctx, pmctx) ||
1859 !br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED) ||
1860 !brmctx->multicast_querier)
1861 return;
1862
1863 memset(&br_group.dst, 0, sizeof(br_group.dst));
1864
1865 if (pmctx ? (own_query == &pmctx->ip4_own_query) :
1866 (own_query == &brmctx->ip4_own_query)) {
1867 querier = &brmctx->ip4_querier;
1868 other_query = &brmctx->ip4_other_query;
1869 br_group.proto = htons(ETH_P_IP);
1870#if IS_ENABLED(CONFIG_IPV6)
1871 } else {
1872 querier = &brmctx->ip6_querier;
1873 other_query = &brmctx->ip6_other_query;
1874 br_group.proto = htons(ETH_P_IPV6);
1875#endif
1876 }
1877
1878 if (!other_query || timer_pending(&other_query->timer))
1879 return;
1880
1881 /* we're about to select ourselves as querier */
1882 if (!pmctx && querier->port_ifidx) {
1883 struct br_ip zeroip = {};
1884
1885 br_multicast_update_querier(brmctx, querier, 0, &zeroip);
1886 }
1887
1888 __br_multicast_send_query(brmctx, pmctx, NULL, NULL, &br_group, false,
1889 0, NULL);
1890
1891 time = jiffies;
1892 time += own_query->startup_sent < brmctx->multicast_startup_query_count ?
1893 brmctx->multicast_startup_query_interval :
1894 brmctx->multicast_query_interval;
1895 mod_timer(&own_query->timer, time);
1896}
1897
1898static void
1899br_multicast_port_query_expired(struct net_bridge_mcast_port *pmctx,
1900 struct bridge_mcast_own_query *query)
1901{
1902 struct net_bridge *br = pmctx->port->br;
1903 struct net_bridge_mcast *brmctx;
1904
1905 spin_lock(&br->multicast_lock);
1906 if (br_multicast_port_ctx_state_stopped(pmctx))
1907 goto out;
1908
1909 brmctx = br_multicast_port_ctx_get_global(pmctx);
1910 if (query->startup_sent < brmctx->multicast_startup_query_count)
1911 query->startup_sent++;
1912
1913 br_multicast_send_query(brmctx, pmctx, query);
1914
1915out:
1916 spin_unlock(&br->multicast_lock);
1917}
1918
1919static void br_ip4_multicast_port_query_expired(struct timer_list *t)
1920{
1921 struct net_bridge_mcast_port *pmctx = from_timer(pmctx, t,
1922 ip4_own_query.timer);
1923
1924 br_multicast_port_query_expired(pmctx, &pmctx->ip4_own_query);
1925}
1926
1927#if IS_ENABLED(CONFIG_IPV6)
1928static void br_ip6_multicast_port_query_expired(struct timer_list *t)
1929{
1930 struct net_bridge_mcast_port *pmctx = from_timer(pmctx, t,
1931 ip6_own_query.timer);
1932
1933 br_multicast_port_query_expired(pmctx, &pmctx->ip6_own_query);
1934}
1935#endif
1936
1937static void br_multicast_port_group_rexmit(struct timer_list *t)
1938{
1939 struct net_bridge_port_group *pg = from_timer(pg, t, rexmit_timer);
1940 struct bridge_mcast_other_query *other_query = NULL;
1941 struct net_bridge *br = pg->key.port->br;
1942 struct net_bridge_mcast_port *pmctx;
1943 struct net_bridge_mcast *brmctx;
1944 bool need_rexmit = false;
1945
1946 spin_lock(&br->multicast_lock);
1947 if (!netif_running(br->dev) || hlist_unhashed(&pg->mglist) ||
1948 !br_opt_get(br, BROPT_MULTICAST_ENABLED))
1949 goto out;
1950
1951 pmctx = br_multicast_pg_to_port_ctx(pg);
1952 if (!pmctx)
1953 goto out;
1954 brmctx = br_multicast_port_ctx_get_global(pmctx);
1955 if (!brmctx->multicast_querier)
1956 goto out;
1957
1958 if (pg->key.addr.proto == htons(ETH_P_IP))
1959 other_query = &brmctx->ip4_other_query;
1960#if IS_ENABLED(CONFIG_IPV6)
1961 else
1962 other_query = &brmctx->ip6_other_query;
1963#endif
1964
1965 if (!other_query || timer_pending(&other_query->timer))
1966 goto out;
1967
1968 if (pg->grp_query_rexmit_cnt) {
1969 pg->grp_query_rexmit_cnt--;
1970 __br_multicast_send_query(brmctx, pmctx, pg, &pg->key.addr,
1971 &pg->key.addr, false, 1, NULL);
1972 }
1973 __br_multicast_send_query(brmctx, pmctx, pg, &pg->key.addr,
1974 &pg->key.addr, true, 0, &need_rexmit);
1975
1976 if (pg->grp_query_rexmit_cnt || need_rexmit)
1977 mod_timer(&pg->rexmit_timer, jiffies +
1978 brmctx->multicast_last_member_interval);
1979out:
1980 spin_unlock(&br->multicast_lock);
1981}
1982
1983static int br_mc_disabled_update(struct net_device *dev, bool value,
1984 struct netlink_ext_ack *extack)
1985{
1986 struct switchdev_attr attr = {
1987 .orig_dev = dev,
1988 .id = SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED,
1989 .flags = SWITCHDEV_F_DEFER,
1990 .u.mc_disabled = !value,
1991 };
1992
1993 return switchdev_port_attr_set(dev, &attr, extack);
1994}
1995
1996void br_multicast_port_ctx_init(struct net_bridge_port *port,
1997 struct net_bridge_vlan *vlan,
1998 struct net_bridge_mcast_port *pmctx)
1999{
2000 pmctx->port = port;
2001 pmctx->vlan = vlan;
2002 pmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY;
2003 timer_setup(&pmctx->ip4_mc_router_timer,
2004 br_ip4_multicast_router_expired, 0);
2005 timer_setup(&pmctx->ip4_own_query.timer,
2006 br_ip4_multicast_port_query_expired, 0);
2007#if IS_ENABLED(CONFIG_IPV6)
2008 timer_setup(&pmctx->ip6_mc_router_timer,
2009 br_ip6_multicast_router_expired, 0);
2010 timer_setup(&pmctx->ip6_own_query.timer,
2011 br_ip6_multicast_port_query_expired, 0);
2012#endif
2013}
2014
2015void br_multicast_port_ctx_deinit(struct net_bridge_mcast_port *pmctx)
2016{
2017#if IS_ENABLED(CONFIG_IPV6)
2018 del_timer_sync(&pmctx->ip6_mc_router_timer);
2019#endif
2020 del_timer_sync(&pmctx->ip4_mc_router_timer);
2021}
2022
2023int br_multicast_add_port(struct net_bridge_port *port)
2024{
2025 int err;
2026
2027 port->multicast_eht_hosts_limit = BR_MCAST_DEFAULT_EHT_HOSTS_LIMIT;
2028 br_multicast_port_ctx_init(port, NULL, &port->multicast_ctx);
2029
2030 err = br_mc_disabled_update(port->dev,
2031 br_opt_get(port->br,
2032 BROPT_MULTICAST_ENABLED),
2033 NULL);
2034 if (err && err != -EOPNOTSUPP)
2035 return err;
2036
2037 port->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats);
2038 if (!port->mcast_stats)
2039 return -ENOMEM;
2040
2041 return 0;
2042}
2043
2044void br_multicast_del_port(struct net_bridge_port *port)
2045{
2046 struct net_bridge *br = port->br;
2047 struct net_bridge_port_group *pg;
2048 struct hlist_node *n;
2049
2050 /* Take care of the remaining groups, only perm ones should be left */
2051 spin_lock_bh(&br->multicast_lock);
2052 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist)
2053 br_multicast_find_del_pg(br, pg);
2054 spin_unlock_bh(&br->multicast_lock);
2055 flush_work(&br->mcast_gc_work);
2056 br_multicast_port_ctx_deinit(&port->multicast_ctx);
2057 free_percpu(port->mcast_stats);
2058}
2059
2060static void br_multicast_enable(struct bridge_mcast_own_query *query)
2061{
2062 query->startup_sent = 0;
2063
2064 if (try_to_del_timer_sync(&query->timer) >= 0 ||
2065 del_timer(&query->timer))
2066 mod_timer(&query->timer, jiffies);
2067}
2068
2069static void __br_multicast_enable_port_ctx(struct net_bridge_mcast_port *pmctx)
2070{
2071 struct net_bridge *br = pmctx->port->br;
2072 struct net_bridge_mcast *brmctx;
2073
2074 brmctx = br_multicast_port_ctx_get_global(pmctx);
2075 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED) ||
2076 !netif_running(br->dev))
2077 return;
2078
2079 br_multicast_enable(&pmctx->ip4_own_query);
2080#if IS_ENABLED(CONFIG_IPV6)
2081 br_multicast_enable(&pmctx->ip6_own_query);
2082#endif
2083 if (pmctx->multicast_router == MDB_RTR_TYPE_PERM) {
2084 br_ip4_multicast_add_router(brmctx, pmctx);
2085 br_ip6_multicast_add_router(brmctx, pmctx);
2086 }
2087
2088 if (br_multicast_port_ctx_is_vlan(pmctx)) {
2089 struct net_bridge_port_group *pg;
2090 u32 n = 0;
2091
2092 /* The mcast_n_groups counter might be wrong. First,
2093 * BR_VLFLAG_MCAST_ENABLED is toggled before temporary entries
2094 * are flushed, thus mcast_n_groups after the toggle does not
2095 * reflect the true values. And second, permanent entries added
2096 * while BR_VLFLAG_MCAST_ENABLED was disabled, are not reflected
2097 * either. Thus we have to refresh the counter.
2098 */
2099
2100 hlist_for_each_entry(pg, &pmctx->port->mglist, mglist) {
2101 if (pg->key.addr.vid == pmctx->vlan->vid)
2102 n++;
2103 }
2104 WRITE_ONCE(pmctx->mdb_n_entries, n);
2105 }
2106}
2107
2108void br_multicast_enable_port(struct net_bridge_port *port)
2109{
2110 struct net_bridge *br = port->br;
2111
2112 spin_lock_bh(&br->multicast_lock);
2113 __br_multicast_enable_port_ctx(&port->multicast_ctx);
2114 spin_unlock_bh(&br->multicast_lock);
2115}
2116
2117static void __br_multicast_disable_port_ctx(struct net_bridge_mcast_port *pmctx)
2118{
2119 struct net_bridge_port_group *pg;
2120 struct hlist_node *n;
2121 bool del = false;
2122
2123 hlist_for_each_entry_safe(pg, n, &pmctx->port->mglist, mglist)
2124 if (!(pg->flags & MDB_PG_FLAGS_PERMANENT) &&
2125 (!br_multicast_port_ctx_is_vlan(pmctx) ||
2126 pg->key.addr.vid == pmctx->vlan->vid))
2127 br_multicast_find_del_pg(pmctx->port->br, pg);
2128
2129 del |= br_ip4_multicast_rport_del(pmctx);
2130 del_timer(&pmctx->ip4_mc_router_timer);
2131 del_timer(&pmctx->ip4_own_query.timer);
2132 del |= br_ip6_multicast_rport_del(pmctx);
2133#if IS_ENABLED(CONFIG_IPV6)
2134 del_timer(&pmctx->ip6_mc_router_timer);
2135 del_timer(&pmctx->ip6_own_query.timer);
2136#endif
2137 br_multicast_rport_del_notify(pmctx, del);
2138}
2139
2140void br_multicast_disable_port(struct net_bridge_port *port)
2141{
2142 spin_lock_bh(&port->br->multicast_lock);
2143 __br_multicast_disable_port_ctx(&port->multicast_ctx);
2144 spin_unlock_bh(&port->br->multicast_lock);
2145}
2146
2147static int __grp_src_delete_marked(struct net_bridge_port_group *pg)
2148{
2149 struct net_bridge_group_src *ent;
2150 struct hlist_node *tmp;
2151 int deleted = 0;
2152
2153 hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node)
2154 if (ent->flags & BR_SGRP_F_DELETE) {
2155 br_multicast_del_group_src(ent, false);
2156 deleted++;
2157 }
2158
2159 return deleted;
2160}
2161
2162static void __grp_src_mod_timer(struct net_bridge_group_src *src,
2163 unsigned long expires)
2164{
2165 mod_timer(&src->timer, expires);
2166 br_multicast_fwd_src_handle(src);
2167}
2168
2169static void __grp_src_query_marked_and_rexmit(struct net_bridge_mcast *brmctx,
2170 struct net_bridge_mcast_port *pmctx,
2171 struct net_bridge_port_group *pg)
2172{
2173 struct bridge_mcast_other_query *other_query = NULL;
2174 u32 lmqc = brmctx->multicast_last_member_count;
2175 unsigned long lmqt, lmi, now = jiffies;
2176 struct net_bridge_group_src *ent;
2177
2178 if (!netif_running(brmctx->br->dev) ||
2179 !br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED))
2180 return;
2181
2182 if (pg->key.addr.proto == htons(ETH_P_IP))
2183 other_query = &brmctx->ip4_other_query;
2184#if IS_ENABLED(CONFIG_IPV6)
2185 else
2186 other_query = &brmctx->ip6_other_query;
2187#endif
2188
2189 lmqt = now + br_multicast_lmqt(brmctx);
2190 hlist_for_each_entry(ent, &pg->src_list, node) {
2191 if (ent->flags & BR_SGRP_F_SEND) {
2192 ent->flags &= ~BR_SGRP_F_SEND;
2193 if (ent->timer.expires > lmqt) {
2194 if (brmctx->multicast_querier &&
2195 other_query &&
2196 !timer_pending(&other_query->timer))
2197 ent->src_query_rexmit_cnt = lmqc;
2198 __grp_src_mod_timer(ent, lmqt);
2199 }
2200 }
2201 }
2202
2203 if (!brmctx->multicast_querier ||
2204 !other_query || timer_pending(&other_query->timer))
2205 return;
2206
2207 __br_multicast_send_query(brmctx, pmctx, pg, &pg->key.addr,
2208 &pg->key.addr, true, 1, NULL);
2209
2210 lmi = now + brmctx->multicast_last_member_interval;
2211 if (!timer_pending(&pg->rexmit_timer) ||
2212 time_after(pg->rexmit_timer.expires, lmi))
2213 mod_timer(&pg->rexmit_timer, lmi);
2214}
2215
2216static void __grp_send_query_and_rexmit(struct net_bridge_mcast *brmctx,
2217 struct net_bridge_mcast_port *pmctx,
2218 struct net_bridge_port_group *pg)
2219{
2220 struct bridge_mcast_other_query *other_query = NULL;
2221 unsigned long now = jiffies, lmi;
2222
2223 if (!netif_running(brmctx->br->dev) ||
2224 !br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED))
2225 return;
2226
2227 if (pg->key.addr.proto == htons(ETH_P_IP))
2228 other_query = &brmctx->ip4_other_query;
2229#if IS_ENABLED(CONFIG_IPV6)
2230 else
2231 other_query = &brmctx->ip6_other_query;
2232#endif
2233
2234 if (brmctx->multicast_querier &&
2235 other_query && !timer_pending(&other_query->timer)) {
2236 lmi = now + brmctx->multicast_last_member_interval;
2237 pg->grp_query_rexmit_cnt = brmctx->multicast_last_member_count - 1;
2238 __br_multicast_send_query(brmctx, pmctx, pg, &pg->key.addr,
2239 &pg->key.addr, false, 0, NULL);
2240 if (!timer_pending(&pg->rexmit_timer) ||
2241 time_after(pg->rexmit_timer.expires, lmi))
2242 mod_timer(&pg->rexmit_timer, lmi);
2243 }
2244
2245 if (pg->filter_mode == MCAST_EXCLUDE &&
2246 (!timer_pending(&pg->timer) ||
2247 time_after(pg->timer.expires, now + br_multicast_lmqt(brmctx))))
2248 mod_timer(&pg->timer, now + br_multicast_lmqt(brmctx));
2249}
2250
2251/* State Msg type New state Actions
2252 * INCLUDE (A) IS_IN (B) INCLUDE (A+B) (B)=GMI
2253 * INCLUDE (A) ALLOW (B) INCLUDE (A+B) (B)=GMI
2254 * EXCLUDE (X,Y) ALLOW (A) EXCLUDE (X+A,Y-A) (A)=GMI
2255 */
2256static bool br_multicast_isinc_allow(const struct net_bridge_mcast *brmctx,
2257 struct net_bridge_port_group *pg, void *h_addr,
2258 void *srcs, u32 nsrcs, size_t addr_size,
2259 int grec_type)
2260{
2261 struct net_bridge_group_src *ent;
2262 unsigned long now = jiffies;
2263 bool changed = false;
2264 struct br_ip src_ip;
2265 u32 src_idx;
2266
2267 memset(&src_ip, 0, sizeof(src_ip));
2268 src_ip.proto = pg->key.addr.proto;
2269 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2270 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2271 ent = br_multicast_find_group_src(pg, &src_ip);
2272 if (!ent) {
2273 ent = br_multicast_new_group_src(pg, &src_ip);
2274 if (ent)
2275 changed = true;
2276 }
2277
2278 if (ent)
2279 __grp_src_mod_timer(ent, now + br_multicast_gmi(brmctx));
2280 }
2281
2282 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2283 grec_type))
2284 changed = true;
2285
2286 return changed;
2287}
2288
2289/* State Msg type New state Actions
2290 * INCLUDE (A) IS_EX (B) EXCLUDE (A*B,B-A) (B-A)=0
2291 * Delete (A-B)
2292 * Group Timer=GMI
2293 */
2294static void __grp_src_isexc_incl(const struct net_bridge_mcast *brmctx,
2295 struct net_bridge_port_group *pg, void *h_addr,
2296 void *srcs, u32 nsrcs, size_t addr_size,
2297 int grec_type)
2298{
2299 struct net_bridge_group_src *ent;
2300 struct br_ip src_ip;
2301 u32 src_idx;
2302
2303 hlist_for_each_entry(ent, &pg->src_list, node)
2304 ent->flags |= BR_SGRP_F_DELETE;
2305
2306 memset(&src_ip, 0, sizeof(src_ip));
2307 src_ip.proto = pg->key.addr.proto;
2308 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2309 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2310 ent = br_multicast_find_group_src(pg, &src_ip);
2311 if (ent)
2312 ent->flags &= ~BR_SGRP_F_DELETE;
2313 else
2314 ent = br_multicast_new_group_src(pg, &src_ip);
2315 if (ent)
2316 br_multicast_fwd_src_handle(ent);
2317 }
2318
2319 br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2320 grec_type);
2321
2322 __grp_src_delete_marked(pg);
2323}
2324
2325/* State Msg type New state Actions
2326 * EXCLUDE (X,Y) IS_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=GMI
2327 * Delete (X-A)
2328 * Delete (Y-A)
2329 * Group Timer=GMI
2330 */
2331static bool __grp_src_isexc_excl(const struct net_bridge_mcast *brmctx,
2332 struct net_bridge_port_group *pg, void *h_addr,
2333 void *srcs, u32 nsrcs, size_t addr_size,
2334 int grec_type)
2335{
2336 struct net_bridge_group_src *ent;
2337 unsigned long now = jiffies;
2338 bool changed = false;
2339 struct br_ip src_ip;
2340 u32 src_idx;
2341
2342 hlist_for_each_entry(ent, &pg->src_list, node)
2343 ent->flags |= BR_SGRP_F_DELETE;
2344
2345 memset(&src_ip, 0, sizeof(src_ip));
2346 src_ip.proto = pg->key.addr.proto;
2347 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2348 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2349 ent = br_multicast_find_group_src(pg, &src_ip);
2350 if (ent) {
2351 ent->flags &= ~BR_SGRP_F_DELETE;
2352 } else {
2353 ent = br_multicast_new_group_src(pg, &src_ip);
2354 if (ent) {
2355 __grp_src_mod_timer(ent,
2356 now + br_multicast_gmi(brmctx));
2357 changed = true;
2358 }
2359 }
2360 }
2361
2362 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2363 grec_type))
2364 changed = true;
2365
2366 if (__grp_src_delete_marked(pg))
2367 changed = true;
2368
2369 return changed;
2370}
2371
2372static bool br_multicast_isexc(const struct net_bridge_mcast *brmctx,
2373 struct net_bridge_port_group *pg, void *h_addr,
2374 void *srcs, u32 nsrcs, size_t addr_size,
2375 int grec_type)
2376{
2377 bool changed = false;
2378
2379 switch (pg->filter_mode) {
2380 case MCAST_INCLUDE:
2381 __grp_src_isexc_incl(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2382 grec_type);
2383 br_multicast_star_g_handle_mode(pg, MCAST_EXCLUDE);
2384 changed = true;
2385 break;
2386 case MCAST_EXCLUDE:
2387 changed = __grp_src_isexc_excl(brmctx, pg, h_addr, srcs, nsrcs,
2388 addr_size, grec_type);
2389 break;
2390 }
2391
2392 pg->filter_mode = MCAST_EXCLUDE;
2393 mod_timer(&pg->timer, jiffies + br_multicast_gmi(brmctx));
2394
2395 return changed;
2396}
2397
2398/* State Msg type New state Actions
2399 * INCLUDE (A) TO_IN (B) INCLUDE (A+B) (B)=GMI
2400 * Send Q(G,A-B)
2401 */
2402static bool __grp_src_toin_incl(struct net_bridge_mcast *brmctx,
2403 struct net_bridge_mcast_port *pmctx,
2404 struct net_bridge_port_group *pg, void *h_addr,
2405 void *srcs, u32 nsrcs, size_t addr_size,
2406 int grec_type)
2407{
2408 u32 src_idx, to_send = pg->src_ents;
2409 struct net_bridge_group_src *ent;
2410 unsigned long now = jiffies;
2411 bool changed = false;
2412 struct br_ip src_ip;
2413
2414 hlist_for_each_entry(ent, &pg->src_list, node)
2415 ent->flags |= BR_SGRP_F_SEND;
2416
2417 memset(&src_ip, 0, sizeof(src_ip));
2418 src_ip.proto = pg->key.addr.proto;
2419 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2420 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2421 ent = br_multicast_find_group_src(pg, &src_ip);
2422 if (ent) {
2423 ent->flags &= ~BR_SGRP_F_SEND;
2424 to_send--;
2425 } else {
2426 ent = br_multicast_new_group_src(pg, &src_ip);
2427 if (ent)
2428 changed = true;
2429 }
2430 if (ent)
2431 __grp_src_mod_timer(ent, now + br_multicast_gmi(brmctx));
2432 }
2433
2434 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2435 grec_type))
2436 changed = true;
2437
2438 if (to_send)
2439 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2440
2441 return changed;
2442}
2443
2444/* State Msg type New state Actions
2445 * EXCLUDE (X,Y) TO_IN (A) EXCLUDE (X+A,Y-A) (A)=GMI
2446 * Send Q(G,X-A)
2447 * Send Q(G)
2448 */
2449static bool __grp_src_toin_excl(struct net_bridge_mcast *brmctx,
2450 struct net_bridge_mcast_port *pmctx,
2451 struct net_bridge_port_group *pg, void *h_addr,
2452 void *srcs, u32 nsrcs, size_t addr_size,
2453 int grec_type)
2454{
2455 u32 src_idx, to_send = pg->src_ents;
2456 struct net_bridge_group_src *ent;
2457 unsigned long now = jiffies;
2458 bool changed = false;
2459 struct br_ip src_ip;
2460
2461 hlist_for_each_entry(ent, &pg->src_list, node)
2462 if (timer_pending(&ent->timer))
2463 ent->flags |= BR_SGRP_F_SEND;
2464
2465 memset(&src_ip, 0, sizeof(src_ip));
2466 src_ip.proto = pg->key.addr.proto;
2467 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2468 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2469 ent = br_multicast_find_group_src(pg, &src_ip);
2470 if (ent) {
2471 if (timer_pending(&ent->timer)) {
2472 ent->flags &= ~BR_SGRP_F_SEND;
2473 to_send--;
2474 }
2475 } else {
2476 ent = br_multicast_new_group_src(pg, &src_ip);
2477 if (ent)
2478 changed = true;
2479 }
2480 if (ent)
2481 __grp_src_mod_timer(ent, now + br_multicast_gmi(brmctx));
2482 }
2483
2484 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2485 grec_type))
2486 changed = true;
2487
2488 if (to_send)
2489 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2490
2491 __grp_send_query_and_rexmit(brmctx, pmctx, pg);
2492
2493 return changed;
2494}
2495
2496static bool br_multicast_toin(struct net_bridge_mcast *brmctx,
2497 struct net_bridge_mcast_port *pmctx,
2498 struct net_bridge_port_group *pg, void *h_addr,
2499 void *srcs, u32 nsrcs, size_t addr_size,
2500 int grec_type)
2501{
2502 bool changed = false;
2503
2504 switch (pg->filter_mode) {
2505 case MCAST_INCLUDE:
2506 changed = __grp_src_toin_incl(brmctx, pmctx, pg, h_addr, srcs,
2507 nsrcs, addr_size, grec_type);
2508 break;
2509 case MCAST_EXCLUDE:
2510 changed = __grp_src_toin_excl(brmctx, pmctx, pg, h_addr, srcs,
2511 nsrcs, addr_size, grec_type);
2512 break;
2513 }
2514
2515 if (br_multicast_eht_should_del_pg(pg)) {
2516 pg->flags |= MDB_PG_FLAGS_FAST_LEAVE;
2517 br_multicast_find_del_pg(pg->key.port->br, pg);
2518 /* a notification has already been sent and we shouldn't
2519 * access pg after the delete so we have to return false
2520 */
2521 changed = false;
2522 }
2523
2524 return changed;
2525}
2526
2527/* State Msg type New state Actions
2528 * INCLUDE (A) TO_EX (B) EXCLUDE (A*B,B-A) (B-A)=0
2529 * Delete (A-B)
2530 * Send Q(G,A*B)
2531 * Group Timer=GMI
2532 */
2533static void __grp_src_toex_incl(struct net_bridge_mcast *brmctx,
2534 struct net_bridge_mcast_port *pmctx,
2535 struct net_bridge_port_group *pg, void *h_addr,
2536 void *srcs, u32 nsrcs, size_t addr_size,
2537 int grec_type)
2538{
2539 struct net_bridge_group_src *ent;
2540 u32 src_idx, to_send = 0;
2541 struct br_ip src_ip;
2542
2543 hlist_for_each_entry(ent, &pg->src_list, node)
2544 ent->flags = (ent->flags & ~BR_SGRP_F_SEND) | BR_SGRP_F_DELETE;
2545
2546 memset(&src_ip, 0, sizeof(src_ip));
2547 src_ip.proto = pg->key.addr.proto;
2548 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2549 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2550 ent = br_multicast_find_group_src(pg, &src_ip);
2551 if (ent) {
2552 ent->flags = (ent->flags & ~BR_SGRP_F_DELETE) |
2553 BR_SGRP_F_SEND;
2554 to_send++;
2555 } else {
2556 ent = br_multicast_new_group_src(pg, &src_ip);
2557 }
2558 if (ent)
2559 br_multicast_fwd_src_handle(ent);
2560 }
2561
2562 br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2563 grec_type);
2564
2565 __grp_src_delete_marked(pg);
2566 if (to_send)
2567 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2568}
2569
2570/* State Msg type New state Actions
2571 * EXCLUDE (X,Y) TO_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=Group Timer
2572 * Delete (X-A)
2573 * Delete (Y-A)
2574 * Send Q(G,A-Y)
2575 * Group Timer=GMI
2576 */
2577static bool __grp_src_toex_excl(struct net_bridge_mcast *brmctx,
2578 struct net_bridge_mcast_port *pmctx,
2579 struct net_bridge_port_group *pg, void *h_addr,
2580 void *srcs, u32 nsrcs, size_t addr_size,
2581 int grec_type)
2582{
2583 struct net_bridge_group_src *ent;
2584 u32 src_idx, to_send = 0;
2585 bool changed = false;
2586 struct br_ip src_ip;
2587
2588 hlist_for_each_entry(ent, &pg->src_list, node)
2589 ent->flags = (ent->flags & ~BR_SGRP_F_SEND) | BR_SGRP_F_DELETE;
2590
2591 memset(&src_ip, 0, sizeof(src_ip));
2592 src_ip.proto = pg->key.addr.proto;
2593 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2594 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2595 ent = br_multicast_find_group_src(pg, &src_ip);
2596 if (ent) {
2597 ent->flags &= ~BR_SGRP_F_DELETE;
2598 } else {
2599 ent = br_multicast_new_group_src(pg, &src_ip);
2600 if (ent) {
2601 __grp_src_mod_timer(ent, pg->timer.expires);
2602 changed = true;
2603 }
2604 }
2605 if (ent && timer_pending(&ent->timer)) {
2606 ent->flags |= BR_SGRP_F_SEND;
2607 to_send++;
2608 }
2609 }
2610
2611 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2612 grec_type))
2613 changed = true;
2614
2615 if (__grp_src_delete_marked(pg))
2616 changed = true;
2617 if (to_send)
2618 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2619
2620 return changed;
2621}
2622
2623static bool br_multicast_toex(struct net_bridge_mcast *brmctx,
2624 struct net_bridge_mcast_port *pmctx,
2625 struct net_bridge_port_group *pg, void *h_addr,
2626 void *srcs, u32 nsrcs, size_t addr_size,
2627 int grec_type)
2628{
2629 bool changed = false;
2630
2631 switch (pg->filter_mode) {
2632 case MCAST_INCLUDE:
2633 __grp_src_toex_incl(brmctx, pmctx, pg, h_addr, srcs, nsrcs,
2634 addr_size, grec_type);
2635 br_multicast_star_g_handle_mode(pg, MCAST_EXCLUDE);
2636 changed = true;
2637 break;
2638 case MCAST_EXCLUDE:
2639 changed = __grp_src_toex_excl(brmctx, pmctx, pg, h_addr, srcs,
2640 nsrcs, addr_size, grec_type);
2641 break;
2642 }
2643
2644 pg->filter_mode = MCAST_EXCLUDE;
2645 mod_timer(&pg->timer, jiffies + br_multicast_gmi(brmctx));
2646
2647 return changed;
2648}
2649
2650/* State Msg type New state Actions
2651 * INCLUDE (A) BLOCK (B) INCLUDE (A) Send Q(G,A*B)
2652 */
2653static bool __grp_src_block_incl(struct net_bridge_mcast *brmctx,
2654 struct net_bridge_mcast_port *pmctx,
2655 struct net_bridge_port_group *pg, void *h_addr,
2656 void *srcs, u32 nsrcs, size_t addr_size, int grec_type)
2657{
2658 struct net_bridge_group_src *ent;
2659 u32 src_idx, to_send = 0;
2660 bool changed = false;
2661 struct br_ip src_ip;
2662
2663 hlist_for_each_entry(ent, &pg->src_list, node)
2664 ent->flags &= ~BR_SGRP_F_SEND;
2665
2666 memset(&src_ip, 0, sizeof(src_ip));
2667 src_ip.proto = pg->key.addr.proto;
2668 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2669 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2670 ent = br_multicast_find_group_src(pg, &src_ip);
2671 if (ent) {
2672 ent->flags |= BR_SGRP_F_SEND;
2673 to_send++;
2674 }
2675 }
2676
2677 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2678 grec_type))
2679 changed = true;
2680
2681 if (to_send)
2682 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2683
2684 return changed;
2685}
2686
2687/* State Msg type New state Actions
2688 * EXCLUDE (X,Y) BLOCK (A) EXCLUDE (X+(A-Y),Y) (A-X-Y)=Group Timer
2689 * Send Q(G,A-Y)
2690 */
2691static bool __grp_src_block_excl(struct net_bridge_mcast *brmctx,
2692 struct net_bridge_mcast_port *pmctx,
2693 struct net_bridge_port_group *pg, void *h_addr,
2694 void *srcs, u32 nsrcs, size_t addr_size, int grec_type)
2695{
2696 struct net_bridge_group_src *ent;
2697 u32 src_idx, to_send = 0;
2698 bool changed = false;
2699 struct br_ip src_ip;
2700
2701 hlist_for_each_entry(ent, &pg->src_list, node)
2702 ent->flags &= ~BR_SGRP_F_SEND;
2703
2704 memset(&src_ip, 0, sizeof(src_ip));
2705 src_ip.proto = pg->key.addr.proto;
2706 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2707 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2708 ent = br_multicast_find_group_src(pg, &src_ip);
2709 if (!ent) {
2710 ent = br_multicast_new_group_src(pg, &src_ip);
2711 if (ent) {
2712 __grp_src_mod_timer(ent, pg->timer.expires);
2713 changed = true;
2714 }
2715 }
2716 if (ent && timer_pending(&ent->timer)) {
2717 ent->flags |= BR_SGRP_F_SEND;
2718 to_send++;
2719 }
2720 }
2721
2722 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2723 grec_type))
2724 changed = true;
2725
2726 if (to_send)
2727 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2728
2729 return changed;
2730}
2731
2732static bool br_multicast_block(struct net_bridge_mcast *brmctx,
2733 struct net_bridge_mcast_port *pmctx,
2734 struct net_bridge_port_group *pg, void *h_addr,
2735 void *srcs, u32 nsrcs, size_t addr_size, int grec_type)
2736{
2737 bool changed = false;
2738
2739 switch (pg->filter_mode) {
2740 case MCAST_INCLUDE:
2741 changed = __grp_src_block_incl(brmctx, pmctx, pg, h_addr, srcs,
2742 nsrcs, addr_size, grec_type);
2743 break;
2744 case MCAST_EXCLUDE:
2745 changed = __grp_src_block_excl(brmctx, pmctx, pg, h_addr, srcs,
2746 nsrcs, addr_size, grec_type);
2747 break;
2748 }
2749
2750 if ((pg->filter_mode == MCAST_INCLUDE && hlist_empty(&pg->src_list)) ||
2751 br_multicast_eht_should_del_pg(pg)) {
2752 if (br_multicast_eht_should_del_pg(pg))
2753 pg->flags |= MDB_PG_FLAGS_FAST_LEAVE;
2754 br_multicast_find_del_pg(pg->key.port->br, pg);
2755 /* a notification has already been sent and we shouldn't
2756 * access pg after the delete so we have to return false
2757 */
2758 changed = false;
2759 }
2760
2761 return changed;
2762}
2763
2764static struct net_bridge_port_group *
2765br_multicast_find_port(struct net_bridge_mdb_entry *mp,
2766 struct net_bridge_port *p,
2767 const unsigned char *src)
2768{
2769 struct net_bridge *br __maybe_unused = mp->br;
2770 struct net_bridge_port_group *pg;
2771
2772 for (pg = mlock_dereference(mp->ports, br);
2773 pg;
2774 pg = mlock_dereference(pg->next, br))
2775 if (br_port_group_equal(pg, p, src))
2776 return pg;
2777
2778 return NULL;
2779}
2780
2781static int br_ip4_multicast_igmp3_report(struct net_bridge_mcast *brmctx,
2782 struct net_bridge_mcast_port *pmctx,
2783 struct sk_buff *skb,
2784 u16 vid)
2785{
2786 bool igmpv2 = brmctx->multicast_igmp_version == 2;
2787 struct net_bridge_mdb_entry *mdst;
2788 struct net_bridge_port_group *pg;
2789 const unsigned char *src;
2790 struct igmpv3_report *ih;
2791 struct igmpv3_grec *grec;
2792 int i, len, num, type;
2793 __be32 group, *h_addr;
2794 bool changed = false;
2795 int err = 0;
2796 u16 nsrcs;
2797
2798 ih = igmpv3_report_hdr(skb);
2799 num = ntohs(ih->ngrec);
2800 len = skb_transport_offset(skb) + sizeof(*ih);
2801
2802 for (i = 0; i < num; i++) {
2803 len += sizeof(*grec);
2804 if (!ip_mc_may_pull(skb, len))
2805 return -EINVAL;
2806
2807 grec = (void *)(skb->data + len - sizeof(*grec));
2808 group = grec->grec_mca;
2809 type = grec->grec_type;
2810 nsrcs = ntohs(grec->grec_nsrcs);
2811
2812 len += nsrcs * 4;
2813 if (!ip_mc_may_pull(skb, len))
2814 return -EINVAL;
2815
2816 switch (type) {
2817 case IGMPV3_MODE_IS_INCLUDE:
2818 case IGMPV3_MODE_IS_EXCLUDE:
2819 case IGMPV3_CHANGE_TO_INCLUDE:
2820 case IGMPV3_CHANGE_TO_EXCLUDE:
2821 case IGMPV3_ALLOW_NEW_SOURCES:
2822 case IGMPV3_BLOCK_OLD_SOURCES:
2823 break;
2824
2825 default:
2826 continue;
2827 }
2828
2829 src = eth_hdr(skb)->h_source;
2830 if (nsrcs == 0 &&
2831 (type == IGMPV3_CHANGE_TO_INCLUDE ||
2832 type == IGMPV3_MODE_IS_INCLUDE)) {
2833 if (!pmctx || igmpv2) {
2834 br_ip4_multicast_leave_group(brmctx, pmctx,
2835 group, vid, src);
2836 continue;
2837 }
2838 } else {
2839 err = br_ip4_multicast_add_group(brmctx, pmctx, group,
2840 vid, src, igmpv2);
2841 if (err)
2842 break;
2843 }
2844
2845 if (!pmctx || igmpv2)
2846 continue;
2847
2848 spin_lock(&brmctx->br->multicast_lock);
2849 if (!br_multicast_ctx_should_use(brmctx, pmctx))
2850 goto unlock_continue;
2851
2852 mdst = br_mdb_ip4_get(brmctx->br, group, vid);
2853 if (!mdst)
2854 goto unlock_continue;
2855 pg = br_multicast_find_port(mdst, pmctx->port, src);
2856 if (!pg || (pg->flags & MDB_PG_FLAGS_PERMANENT))
2857 goto unlock_continue;
2858 /* reload grec and host addr */
2859 grec = (void *)(skb->data + len - sizeof(*grec) - (nsrcs * 4));
2860 h_addr = &ip_hdr(skb)->saddr;
2861 switch (type) {
2862 case IGMPV3_ALLOW_NEW_SOURCES:
2863 changed = br_multicast_isinc_allow(brmctx, pg, h_addr,
2864 grec->grec_src,
2865 nsrcs, sizeof(__be32), type);
2866 break;
2867 case IGMPV3_MODE_IS_INCLUDE:
2868 changed = br_multicast_isinc_allow(brmctx, pg, h_addr,
2869 grec->grec_src,
2870 nsrcs, sizeof(__be32), type);
2871 break;
2872 case IGMPV3_MODE_IS_EXCLUDE:
2873 changed = br_multicast_isexc(brmctx, pg, h_addr,
2874 grec->grec_src,
2875 nsrcs, sizeof(__be32), type);
2876 break;
2877 case IGMPV3_CHANGE_TO_INCLUDE:
2878 changed = br_multicast_toin(brmctx, pmctx, pg, h_addr,
2879 grec->grec_src,
2880 nsrcs, sizeof(__be32), type);
2881 break;
2882 case IGMPV3_CHANGE_TO_EXCLUDE:
2883 changed = br_multicast_toex(brmctx, pmctx, pg, h_addr,
2884 grec->grec_src,
2885 nsrcs, sizeof(__be32), type);
2886 break;
2887 case IGMPV3_BLOCK_OLD_SOURCES:
2888 changed = br_multicast_block(brmctx, pmctx, pg, h_addr,
2889 grec->grec_src,
2890 nsrcs, sizeof(__be32), type);
2891 break;
2892 }
2893 if (changed)
2894 br_mdb_notify(brmctx->br->dev, mdst, pg, RTM_NEWMDB);
2895unlock_continue:
2896 spin_unlock(&brmctx->br->multicast_lock);
2897 }
2898
2899 return err;
2900}
2901
2902#if IS_ENABLED(CONFIG_IPV6)
2903static int br_ip6_multicast_mld2_report(struct net_bridge_mcast *brmctx,
2904 struct net_bridge_mcast_port *pmctx,
2905 struct sk_buff *skb,
2906 u16 vid)
2907{
2908 bool mldv1 = brmctx->multicast_mld_version == 1;
2909 struct net_bridge_mdb_entry *mdst;
2910 struct net_bridge_port_group *pg;
2911 unsigned int nsrcs_offset;
2912 struct mld2_report *mld2r;
2913 const unsigned char *src;
2914 struct in6_addr *h_addr;
2915 struct mld2_grec *grec;
2916 unsigned int grec_len;
2917 bool changed = false;
2918 int i, len, num;
2919 int err = 0;
2920
2921 if (!ipv6_mc_may_pull(skb, sizeof(*mld2r)))
2922 return -EINVAL;
2923
2924 mld2r = (struct mld2_report *)icmp6_hdr(skb);
2925 num = ntohs(mld2r->mld2r_ngrec);
2926 len = skb_transport_offset(skb) + sizeof(*mld2r);
2927
2928 for (i = 0; i < num; i++) {
2929 __be16 *_nsrcs, __nsrcs;
2930 u16 nsrcs;
2931
2932 nsrcs_offset = len + offsetof(struct mld2_grec, grec_nsrcs);
2933
2934 if (skb_transport_offset(skb) + ipv6_transport_len(skb) <
2935 nsrcs_offset + sizeof(__nsrcs))
2936 return -EINVAL;
2937
2938 _nsrcs = skb_header_pointer(skb, nsrcs_offset,
2939 sizeof(__nsrcs), &__nsrcs);
2940 if (!_nsrcs)
2941 return -EINVAL;
2942
2943 nsrcs = ntohs(*_nsrcs);
2944 grec_len = struct_size(grec, grec_src, nsrcs);
2945
2946 if (!ipv6_mc_may_pull(skb, len + grec_len))
2947 return -EINVAL;
2948
2949 grec = (struct mld2_grec *)(skb->data + len);
2950 len += grec_len;
2951
2952 switch (grec->grec_type) {
2953 case MLD2_MODE_IS_INCLUDE:
2954 case MLD2_MODE_IS_EXCLUDE:
2955 case MLD2_CHANGE_TO_INCLUDE:
2956 case MLD2_CHANGE_TO_EXCLUDE:
2957 case MLD2_ALLOW_NEW_SOURCES:
2958 case MLD2_BLOCK_OLD_SOURCES:
2959 break;
2960
2961 default:
2962 continue;
2963 }
2964
2965 src = eth_hdr(skb)->h_source;
2966 if ((grec->grec_type == MLD2_CHANGE_TO_INCLUDE ||
2967 grec->grec_type == MLD2_MODE_IS_INCLUDE) &&
2968 nsrcs == 0) {
2969 if (!pmctx || mldv1) {
2970 br_ip6_multicast_leave_group(brmctx, pmctx,
2971 &grec->grec_mca,
2972 vid, src);
2973 continue;
2974 }
2975 } else {
2976 err = br_ip6_multicast_add_group(brmctx, pmctx,
2977 &grec->grec_mca, vid,
2978 src, mldv1);
2979 if (err)
2980 break;
2981 }
2982
2983 if (!pmctx || mldv1)
2984 continue;
2985
2986 spin_lock(&brmctx->br->multicast_lock);
2987 if (!br_multicast_ctx_should_use(brmctx, pmctx))
2988 goto unlock_continue;
2989
2990 mdst = br_mdb_ip6_get(brmctx->br, &grec->grec_mca, vid);
2991 if (!mdst)
2992 goto unlock_continue;
2993 pg = br_multicast_find_port(mdst, pmctx->port, src);
2994 if (!pg || (pg->flags & MDB_PG_FLAGS_PERMANENT))
2995 goto unlock_continue;
2996 h_addr = &ipv6_hdr(skb)->saddr;
2997 switch (grec->grec_type) {
2998 case MLD2_ALLOW_NEW_SOURCES:
2999 changed = br_multicast_isinc_allow(brmctx, pg, h_addr,
3000 grec->grec_src, nsrcs,
3001 sizeof(struct in6_addr),
3002 grec->grec_type);
3003 break;
3004 case MLD2_MODE_IS_INCLUDE:
3005 changed = br_multicast_isinc_allow(brmctx, pg, h_addr,
3006 grec->grec_src, nsrcs,
3007 sizeof(struct in6_addr),
3008 grec->grec_type);
3009 break;
3010 case MLD2_MODE_IS_EXCLUDE:
3011 changed = br_multicast_isexc(brmctx, pg, h_addr,
3012 grec->grec_src, nsrcs,
3013 sizeof(struct in6_addr),
3014 grec->grec_type);
3015 break;
3016 case MLD2_CHANGE_TO_INCLUDE:
3017 changed = br_multicast_toin(brmctx, pmctx, pg, h_addr,
3018 grec->grec_src, nsrcs,
3019 sizeof(struct in6_addr),
3020 grec->grec_type);
3021 break;
3022 case MLD2_CHANGE_TO_EXCLUDE:
3023 changed = br_multicast_toex(brmctx, pmctx, pg, h_addr,
3024 grec->grec_src, nsrcs,
3025 sizeof(struct in6_addr),
3026 grec->grec_type);
3027 break;
3028 case MLD2_BLOCK_OLD_SOURCES:
3029 changed = br_multicast_block(brmctx, pmctx, pg, h_addr,
3030 grec->grec_src, nsrcs,
3031 sizeof(struct in6_addr),
3032 grec->grec_type);
3033 break;
3034 }
3035 if (changed)
3036 br_mdb_notify(brmctx->br->dev, mdst, pg, RTM_NEWMDB);
3037unlock_continue:
3038 spin_unlock(&brmctx->br->multicast_lock);
3039 }
3040
3041 return err;
3042}
3043#endif
3044
3045static bool br_multicast_select_querier(struct net_bridge_mcast *brmctx,
3046 struct net_bridge_mcast_port *pmctx,
3047 struct br_ip *saddr)
3048{
3049 int port_ifidx = pmctx ? pmctx->port->dev->ifindex : 0;
3050 struct timer_list *own_timer, *other_timer;
3051 struct bridge_mcast_querier *querier;
3052
3053 switch (saddr->proto) {
3054 case htons(ETH_P_IP):
3055 querier = &brmctx->ip4_querier;
3056 own_timer = &brmctx->ip4_own_query.timer;
3057 other_timer = &brmctx->ip4_other_query.timer;
3058 if (!querier->addr.src.ip4 ||
3059 ntohl(saddr->src.ip4) <= ntohl(querier->addr.src.ip4))
3060 goto update;
3061 break;
3062#if IS_ENABLED(CONFIG_IPV6)
3063 case htons(ETH_P_IPV6):
3064 querier = &brmctx->ip6_querier;
3065 own_timer = &brmctx->ip6_own_query.timer;
3066 other_timer = &brmctx->ip6_other_query.timer;
3067 if (ipv6_addr_cmp(&saddr->src.ip6, &querier->addr.src.ip6) <= 0)
3068 goto update;
3069 break;
3070#endif
3071 default:
3072 return false;
3073 }
3074
3075 if (!timer_pending(own_timer) && !timer_pending(other_timer))
3076 goto update;
3077
3078 return false;
3079
3080update:
3081 br_multicast_update_querier(brmctx, querier, port_ifidx, saddr);
3082
3083 return true;
3084}
3085
3086static struct net_bridge_port *
3087__br_multicast_get_querier_port(struct net_bridge *br,
3088 const struct bridge_mcast_querier *querier)
3089{
3090 int port_ifidx = READ_ONCE(querier->port_ifidx);
3091 struct net_bridge_port *p;
3092 struct net_device *dev;
3093
3094 if (port_ifidx == 0)
3095 return NULL;
3096
3097 dev = dev_get_by_index_rcu(dev_net(br->dev), port_ifidx);
3098 if (!dev)
3099 return NULL;
3100 p = br_port_get_rtnl_rcu(dev);
3101 if (!p || p->br != br)
3102 return NULL;
3103
3104 return p;
3105}
3106
3107size_t br_multicast_querier_state_size(void)
3108{
3109 return nla_total_size(0) + /* nest attribute */
3110 nla_total_size(sizeof(__be32)) + /* BRIDGE_QUERIER_IP_ADDRESS */
3111 nla_total_size(sizeof(int)) + /* BRIDGE_QUERIER_IP_PORT */
3112 nla_total_size_64bit(sizeof(u64)) + /* BRIDGE_QUERIER_IP_OTHER_TIMER */
3113#if IS_ENABLED(CONFIG_IPV6)
3114 nla_total_size(sizeof(struct in6_addr)) + /* BRIDGE_QUERIER_IPV6_ADDRESS */
3115 nla_total_size(sizeof(int)) + /* BRIDGE_QUERIER_IPV6_PORT */
3116 nla_total_size_64bit(sizeof(u64)) + /* BRIDGE_QUERIER_IPV6_OTHER_TIMER */
3117#endif
3118 0;
3119}
3120
3121/* protected by rtnl or rcu */
3122int br_multicast_dump_querier_state(struct sk_buff *skb,
3123 const struct net_bridge_mcast *brmctx,
3124 int nest_attr)
3125{
3126 struct bridge_mcast_querier querier = {};
3127 struct net_bridge_port *p;
3128 struct nlattr *nest;
3129
3130 if (!br_opt_get(brmctx->br, BROPT_MULTICAST_ENABLED) ||
3131 br_multicast_ctx_vlan_global_disabled(brmctx))
3132 return 0;
3133
3134 nest = nla_nest_start(skb, nest_attr);
3135 if (!nest)
3136 return -EMSGSIZE;
3137
3138 rcu_read_lock();
3139 if (!brmctx->multicast_querier &&
3140 !timer_pending(&brmctx->ip4_other_query.timer))
3141 goto out_v6;
3142
3143 br_multicast_read_querier(&brmctx->ip4_querier, &querier);
3144 if (nla_put_in_addr(skb, BRIDGE_QUERIER_IP_ADDRESS,
3145 querier.addr.src.ip4)) {
3146 rcu_read_unlock();
3147 goto out_err;
3148 }
3149
3150 p = __br_multicast_get_querier_port(brmctx->br, &querier);
3151 if (timer_pending(&brmctx->ip4_other_query.timer) &&
3152 (nla_put_u64_64bit(skb, BRIDGE_QUERIER_IP_OTHER_TIMER,
3153 br_timer_value(&brmctx->ip4_other_query.timer),
3154 BRIDGE_QUERIER_PAD) ||
3155 (p && nla_put_u32(skb, BRIDGE_QUERIER_IP_PORT, p->dev->ifindex)))) {
3156 rcu_read_unlock();
3157 goto out_err;
3158 }
3159
3160out_v6:
3161#if IS_ENABLED(CONFIG_IPV6)
3162 if (!brmctx->multicast_querier &&
3163 !timer_pending(&brmctx->ip6_other_query.timer))
3164 goto out;
3165
3166 br_multicast_read_querier(&brmctx->ip6_querier, &querier);
3167 if (nla_put_in6_addr(skb, BRIDGE_QUERIER_IPV6_ADDRESS,
3168 &querier.addr.src.ip6)) {
3169 rcu_read_unlock();
3170 goto out_err;
3171 }
3172
3173 p = __br_multicast_get_querier_port(brmctx->br, &querier);
3174 if (timer_pending(&brmctx->ip6_other_query.timer) &&
3175 (nla_put_u64_64bit(skb, BRIDGE_QUERIER_IPV6_OTHER_TIMER,
3176 br_timer_value(&brmctx->ip6_other_query.timer),
3177 BRIDGE_QUERIER_PAD) ||
3178 (p && nla_put_u32(skb, BRIDGE_QUERIER_IPV6_PORT,
3179 p->dev->ifindex)))) {
3180 rcu_read_unlock();
3181 goto out_err;
3182 }
3183out:
3184#endif
3185 rcu_read_unlock();
3186 nla_nest_end(skb, nest);
3187 if (!nla_len(nest))
3188 nla_nest_cancel(skb, nest);
3189
3190 return 0;
3191
3192out_err:
3193 nla_nest_cancel(skb, nest);
3194 return -EMSGSIZE;
3195}
3196
3197static void
3198br_multicast_update_query_timer(struct net_bridge_mcast *brmctx,
3199 struct bridge_mcast_other_query *query,
3200 unsigned long max_delay)
3201{
3202 if (!timer_pending(&query->timer))
3203 mod_timer(&query->delay_timer, jiffies + max_delay);
3204
3205 mod_timer(&query->timer, jiffies + brmctx->multicast_querier_interval);
3206}
3207
3208static void br_port_mc_router_state_change(struct net_bridge_port *p,
3209 bool is_mc_router)
3210{
3211 struct switchdev_attr attr = {
3212 .orig_dev = p->dev,
3213 .id = SWITCHDEV_ATTR_ID_PORT_MROUTER,
3214 .flags = SWITCHDEV_F_DEFER,
3215 .u.mrouter = is_mc_router,
3216 };
3217
3218 switchdev_port_attr_set(p->dev, &attr, NULL);
3219}
3220
3221static struct net_bridge_port *
3222br_multicast_rport_from_node(struct net_bridge_mcast *brmctx,
3223 struct hlist_head *mc_router_list,
3224 struct hlist_node *rlist)
3225{
3226 struct net_bridge_mcast_port *pmctx;
3227
3228#if IS_ENABLED(CONFIG_IPV6)
3229 if (mc_router_list == &brmctx->ip6_mc_router_list)
3230 pmctx = hlist_entry(rlist, struct net_bridge_mcast_port,
3231 ip6_rlist);
3232 else
3233#endif
3234 pmctx = hlist_entry(rlist, struct net_bridge_mcast_port,
3235 ip4_rlist);
3236
3237 return pmctx->port;
3238}
3239
3240static struct hlist_node *
3241br_multicast_get_rport_slot(struct net_bridge_mcast *brmctx,
3242 struct net_bridge_port *port,
3243 struct hlist_head *mc_router_list)
3244
3245{
3246 struct hlist_node *slot = NULL;
3247 struct net_bridge_port *p;
3248 struct hlist_node *rlist;
3249
3250 hlist_for_each(rlist, mc_router_list) {
3251 p = br_multicast_rport_from_node(brmctx, mc_router_list, rlist);
3252
3253 if ((unsigned long)port >= (unsigned long)p)
3254 break;
3255
3256 slot = rlist;
3257 }
3258
3259 return slot;
3260}
3261
3262static bool br_multicast_no_router_otherpf(struct net_bridge_mcast_port *pmctx,
3263 struct hlist_node *rnode)
3264{
3265#if IS_ENABLED(CONFIG_IPV6)
3266 if (rnode != &pmctx->ip6_rlist)
3267 return hlist_unhashed(&pmctx->ip6_rlist);
3268 else
3269 return hlist_unhashed(&pmctx->ip4_rlist);
3270#else
3271 return true;
3272#endif
3273}
3274
3275/* Add port to router_list
3276 * list is maintained ordered by pointer value
3277 * and locked by br->multicast_lock and RCU
3278 */
3279static void br_multicast_add_router(struct net_bridge_mcast *brmctx,
3280 struct net_bridge_mcast_port *pmctx,
3281 struct hlist_node *rlist,
3282 struct hlist_head *mc_router_list)
3283{
3284 struct hlist_node *slot;
3285
3286 if (!hlist_unhashed(rlist))
3287 return;
3288
3289 slot = br_multicast_get_rport_slot(brmctx, pmctx->port, mc_router_list);
3290
3291 if (slot)
3292 hlist_add_behind_rcu(rlist, slot);
3293 else
3294 hlist_add_head_rcu(rlist, mc_router_list);
3295
3296 /* For backwards compatibility for now, only notify if we
3297 * switched from no IPv4/IPv6 multicast router to a new
3298 * IPv4 or IPv6 multicast router.
3299 */
3300 if (br_multicast_no_router_otherpf(pmctx, rlist)) {
3301 br_rtr_notify(pmctx->port->br->dev, pmctx, RTM_NEWMDB);
3302 br_port_mc_router_state_change(pmctx->port, true);
3303 }
3304}
3305
3306/* Add port to router_list
3307 * list is maintained ordered by pointer value
3308 * and locked by br->multicast_lock and RCU
3309 */
3310static void br_ip4_multicast_add_router(struct net_bridge_mcast *brmctx,
3311 struct net_bridge_mcast_port *pmctx)
3312{
3313 br_multicast_add_router(brmctx, pmctx, &pmctx->ip4_rlist,
3314 &brmctx->ip4_mc_router_list);
3315}
3316
3317/* Add port to router_list
3318 * list is maintained ordered by pointer value
3319 * and locked by br->multicast_lock and RCU
3320 */
3321static void br_ip6_multicast_add_router(struct net_bridge_mcast *brmctx,
3322 struct net_bridge_mcast_port *pmctx)
3323{
3324#if IS_ENABLED(CONFIG_IPV6)
3325 br_multicast_add_router(brmctx, pmctx, &pmctx->ip6_rlist,
3326 &brmctx->ip6_mc_router_list);
3327#endif
3328}
3329
3330static void br_multicast_mark_router(struct net_bridge_mcast *brmctx,
3331 struct net_bridge_mcast_port *pmctx,
3332 struct timer_list *timer,
3333 struct hlist_node *rlist,
3334 struct hlist_head *mc_router_list)
3335{
3336 unsigned long now = jiffies;
3337
3338 if (!br_multicast_ctx_should_use(brmctx, pmctx))
3339 return;
3340
3341 if (!pmctx) {
3342 if (brmctx->multicast_router == MDB_RTR_TYPE_TEMP_QUERY) {
3343 if (!br_ip4_multicast_is_router(brmctx) &&
3344 !br_ip6_multicast_is_router(brmctx))
3345 br_mc_router_state_change(brmctx->br, true);
3346 mod_timer(timer, now + brmctx->multicast_querier_interval);
3347 }
3348 return;
3349 }
3350
3351 if (pmctx->multicast_router == MDB_RTR_TYPE_DISABLED ||
3352 pmctx->multicast_router == MDB_RTR_TYPE_PERM)
3353 return;
3354
3355 br_multicast_add_router(brmctx, pmctx, rlist, mc_router_list);
3356 mod_timer(timer, now + brmctx->multicast_querier_interval);
3357}
3358
3359static void br_ip4_multicast_mark_router(struct net_bridge_mcast *brmctx,
3360 struct net_bridge_mcast_port *pmctx)
3361{
3362 struct timer_list *timer = &brmctx->ip4_mc_router_timer;
3363 struct hlist_node *rlist = NULL;
3364
3365 if (pmctx) {
3366 timer = &pmctx->ip4_mc_router_timer;
3367 rlist = &pmctx->ip4_rlist;
3368 }
3369
3370 br_multicast_mark_router(brmctx, pmctx, timer, rlist,
3371 &brmctx->ip4_mc_router_list);
3372}
3373
3374static void br_ip6_multicast_mark_router(struct net_bridge_mcast *brmctx,
3375 struct net_bridge_mcast_port *pmctx)
3376{
3377#if IS_ENABLED(CONFIG_IPV6)
3378 struct timer_list *timer = &brmctx->ip6_mc_router_timer;
3379 struct hlist_node *rlist = NULL;
3380
3381 if (pmctx) {
3382 timer = &pmctx->ip6_mc_router_timer;
3383 rlist = &pmctx->ip6_rlist;
3384 }
3385
3386 br_multicast_mark_router(brmctx, pmctx, timer, rlist,
3387 &brmctx->ip6_mc_router_list);
3388#endif
3389}
3390
3391static void
3392br_ip4_multicast_query_received(struct net_bridge_mcast *brmctx,
3393 struct net_bridge_mcast_port *pmctx,
3394 struct bridge_mcast_other_query *query,
3395 struct br_ip *saddr,
3396 unsigned long max_delay)
3397{
3398 if (!br_multicast_select_querier(brmctx, pmctx, saddr))
3399 return;
3400
3401 br_multicast_update_query_timer(brmctx, query, max_delay);
3402 br_ip4_multicast_mark_router(brmctx, pmctx);
3403}
3404
3405#if IS_ENABLED(CONFIG_IPV6)
3406static void
3407br_ip6_multicast_query_received(struct net_bridge_mcast *brmctx,
3408 struct net_bridge_mcast_port *pmctx,
3409 struct bridge_mcast_other_query *query,
3410 struct br_ip *saddr,
3411 unsigned long max_delay)
3412{
3413 if (!br_multicast_select_querier(brmctx, pmctx, saddr))
3414 return;
3415
3416 br_multicast_update_query_timer(brmctx, query, max_delay);
3417 br_ip6_multicast_mark_router(brmctx, pmctx);
3418}
3419#endif
3420
3421static void br_ip4_multicast_query(struct net_bridge_mcast *brmctx,
3422 struct net_bridge_mcast_port *pmctx,
3423 struct sk_buff *skb,
3424 u16 vid)
3425{
3426 unsigned int transport_len = ip_transport_len(skb);
3427 const struct iphdr *iph = ip_hdr(skb);
3428 struct igmphdr *ih = igmp_hdr(skb);
3429 struct net_bridge_mdb_entry *mp;
3430 struct igmpv3_query *ih3;
3431 struct net_bridge_port_group *p;
3432 struct net_bridge_port_group __rcu **pp;
3433 struct br_ip saddr = {};
3434 unsigned long max_delay;
3435 unsigned long now = jiffies;
3436 __be32 group;
3437
3438 spin_lock(&brmctx->br->multicast_lock);
3439 if (!br_multicast_ctx_should_use(brmctx, pmctx))
3440 goto out;
3441
3442 group = ih->group;
3443
3444 if (transport_len == sizeof(*ih)) {
3445 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE);
3446
3447 if (!max_delay) {
3448 max_delay = 10 * HZ;
3449 group = 0;
3450 }
3451 } else if (transport_len >= sizeof(*ih3)) {
3452 ih3 = igmpv3_query_hdr(skb);
3453 if (ih3->nsrcs ||
3454 (brmctx->multicast_igmp_version == 3 && group &&
3455 ih3->suppress))
3456 goto out;
3457
3458 max_delay = ih3->code ?
3459 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1;
3460 } else {
3461 goto out;
3462 }
3463
3464 if (!group) {
3465 saddr.proto = htons(ETH_P_IP);
3466 saddr.src.ip4 = iph->saddr;
3467
3468 br_ip4_multicast_query_received(brmctx, pmctx,
3469 &brmctx->ip4_other_query,
3470 &saddr, max_delay);
3471 goto out;
3472 }
3473
3474 mp = br_mdb_ip4_get(brmctx->br, group, vid);
3475 if (!mp)
3476 goto out;
3477
3478 max_delay *= brmctx->multicast_last_member_count;
3479
3480 if (mp->host_joined &&
3481 (timer_pending(&mp->timer) ?
3482 time_after(mp->timer.expires, now + max_delay) :
3483 try_to_del_timer_sync(&mp->timer) >= 0))
3484 mod_timer(&mp->timer, now + max_delay);
3485
3486 for (pp = &mp->ports;
3487 (p = mlock_dereference(*pp, brmctx->br)) != NULL;
3488 pp = &p->next) {
3489 if (timer_pending(&p->timer) ?
3490 time_after(p->timer.expires, now + max_delay) :
3491 try_to_del_timer_sync(&p->timer) >= 0 &&
3492 (brmctx->multicast_igmp_version == 2 ||
3493 p->filter_mode == MCAST_EXCLUDE))
3494 mod_timer(&p->timer, now + max_delay);
3495 }
3496
3497out:
3498 spin_unlock(&brmctx->br->multicast_lock);
3499}
3500
3501#if IS_ENABLED(CONFIG_IPV6)
3502static int br_ip6_multicast_query(struct net_bridge_mcast *brmctx,
3503 struct net_bridge_mcast_port *pmctx,
3504 struct sk_buff *skb,
3505 u16 vid)
3506{
3507 unsigned int transport_len = ipv6_transport_len(skb);
3508 struct mld_msg *mld;
3509 struct net_bridge_mdb_entry *mp;
3510 struct mld2_query *mld2q;
3511 struct net_bridge_port_group *p;
3512 struct net_bridge_port_group __rcu **pp;
3513 struct br_ip saddr = {};
3514 unsigned long max_delay;
3515 unsigned long now = jiffies;
3516 unsigned int offset = skb_transport_offset(skb);
3517 const struct in6_addr *group = NULL;
3518 bool is_general_query;
3519 int err = 0;
3520
3521 spin_lock(&brmctx->br->multicast_lock);
3522 if (!br_multicast_ctx_should_use(brmctx, pmctx))
3523 goto out;
3524
3525 if (transport_len == sizeof(*mld)) {
3526 if (!pskb_may_pull(skb, offset + sizeof(*mld))) {
3527 err = -EINVAL;
3528 goto out;
3529 }
3530 mld = (struct mld_msg *) icmp6_hdr(skb);
3531 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay));
3532 if (max_delay)
3533 group = &mld->mld_mca;
3534 } else {
3535 if (!pskb_may_pull(skb, offset + sizeof(*mld2q))) {
3536 err = -EINVAL;
3537 goto out;
3538 }
3539 mld2q = (struct mld2_query *)icmp6_hdr(skb);
3540 if (!mld2q->mld2q_nsrcs)
3541 group = &mld2q->mld2q_mca;
3542 if (brmctx->multicast_mld_version == 2 &&
3543 !ipv6_addr_any(&mld2q->mld2q_mca) &&
3544 mld2q->mld2q_suppress)
3545 goto out;
3546
3547 max_delay = max(msecs_to_jiffies(mldv2_mrc(mld2q)), 1UL);
3548 }
3549
3550 is_general_query = group && ipv6_addr_any(group);
3551
3552 if (is_general_query) {
3553 saddr.proto = htons(ETH_P_IPV6);
3554 saddr.src.ip6 = ipv6_hdr(skb)->saddr;
3555
3556 br_ip6_multicast_query_received(brmctx, pmctx,
3557 &brmctx->ip6_other_query,
3558 &saddr, max_delay);
3559 goto out;
3560 } else if (!group) {
3561 goto out;
3562 }
3563
3564 mp = br_mdb_ip6_get(brmctx->br, group, vid);
3565 if (!mp)
3566 goto out;
3567
3568 max_delay *= brmctx->multicast_last_member_count;
3569 if (mp->host_joined &&
3570 (timer_pending(&mp->timer) ?
3571 time_after(mp->timer.expires, now + max_delay) :
3572 try_to_del_timer_sync(&mp->timer) >= 0))
3573 mod_timer(&mp->timer, now + max_delay);
3574
3575 for (pp = &mp->ports;
3576 (p = mlock_dereference(*pp, brmctx->br)) != NULL;
3577 pp = &p->next) {
3578 if (timer_pending(&p->timer) ?
3579 time_after(p->timer.expires, now + max_delay) :
3580 try_to_del_timer_sync(&p->timer) >= 0 &&
3581 (brmctx->multicast_mld_version == 1 ||
3582 p->filter_mode == MCAST_EXCLUDE))
3583 mod_timer(&p->timer, now + max_delay);
3584 }
3585
3586out:
3587 spin_unlock(&brmctx->br->multicast_lock);
3588 return err;
3589}
3590#endif
3591
3592static void
3593br_multicast_leave_group(struct net_bridge_mcast *brmctx,
3594 struct net_bridge_mcast_port *pmctx,
3595 struct br_ip *group,
3596 struct bridge_mcast_other_query *other_query,
3597 struct bridge_mcast_own_query *own_query,
3598 const unsigned char *src)
3599{
3600 struct net_bridge_mdb_entry *mp;
3601 struct net_bridge_port_group *p;
3602 unsigned long now;
3603 unsigned long time;
3604
3605 spin_lock(&brmctx->br->multicast_lock);
3606 if (!br_multicast_ctx_should_use(brmctx, pmctx))
3607 goto out;
3608
3609 mp = br_mdb_ip_get(brmctx->br, group);
3610 if (!mp)
3611 goto out;
3612
3613 if (pmctx && (pmctx->port->flags & BR_MULTICAST_FAST_LEAVE)) {
3614 struct net_bridge_port_group __rcu **pp;
3615
3616 for (pp = &mp->ports;
3617 (p = mlock_dereference(*pp, brmctx->br)) != NULL;
3618 pp = &p->next) {
3619 if (!br_port_group_equal(p, pmctx->port, src))
3620 continue;
3621
3622 if (p->flags & MDB_PG_FLAGS_PERMANENT)
3623 break;
3624
3625 p->flags |= MDB_PG_FLAGS_FAST_LEAVE;
3626 br_multicast_del_pg(mp, p, pp);
3627 }
3628 goto out;
3629 }
3630
3631 if (timer_pending(&other_query->timer))
3632 goto out;
3633
3634 if (brmctx->multicast_querier) {
3635 __br_multicast_send_query(brmctx, pmctx, NULL, NULL, &mp->addr,
3636 false, 0, NULL);
3637
3638 time = jiffies + brmctx->multicast_last_member_count *
3639 brmctx->multicast_last_member_interval;
3640
3641 mod_timer(&own_query->timer, time);
3642
3643 for (p = mlock_dereference(mp->ports, brmctx->br);
3644 p != NULL && pmctx != NULL;
3645 p = mlock_dereference(p->next, brmctx->br)) {
3646 if (!br_port_group_equal(p, pmctx->port, src))
3647 continue;
3648
3649 if (!hlist_unhashed(&p->mglist) &&
3650 (timer_pending(&p->timer) ?
3651 time_after(p->timer.expires, time) :
3652 try_to_del_timer_sync(&p->timer) >= 0)) {
3653 mod_timer(&p->timer, time);
3654 }
3655
3656 break;
3657 }
3658 }
3659
3660 now = jiffies;
3661 time = now + brmctx->multicast_last_member_count *
3662 brmctx->multicast_last_member_interval;
3663
3664 if (!pmctx) {
3665 if (mp->host_joined &&
3666 (timer_pending(&mp->timer) ?
3667 time_after(mp->timer.expires, time) :
3668 try_to_del_timer_sync(&mp->timer) >= 0)) {
3669 mod_timer(&mp->timer, time);
3670 }
3671
3672 goto out;
3673 }
3674
3675 for (p = mlock_dereference(mp->ports, brmctx->br);
3676 p != NULL;
3677 p = mlock_dereference(p->next, brmctx->br)) {
3678 if (p->key.port != pmctx->port)
3679 continue;
3680
3681 if (!hlist_unhashed(&p->mglist) &&
3682 (timer_pending(&p->timer) ?
3683 time_after(p->timer.expires, time) :
3684 try_to_del_timer_sync(&p->timer) >= 0)) {
3685 mod_timer(&p->timer, time);
3686 }
3687
3688 break;
3689 }
3690out:
3691 spin_unlock(&brmctx->br->multicast_lock);
3692}
3693
3694static void br_ip4_multicast_leave_group(struct net_bridge_mcast *brmctx,
3695 struct net_bridge_mcast_port *pmctx,
3696 __be32 group,
3697 __u16 vid,
3698 const unsigned char *src)
3699{
3700 struct br_ip br_group;
3701 struct bridge_mcast_own_query *own_query;
3702
3703 if (ipv4_is_local_multicast(group))
3704 return;
3705
3706 own_query = pmctx ? &pmctx->ip4_own_query : &brmctx->ip4_own_query;
3707
3708 memset(&br_group, 0, sizeof(br_group));
3709 br_group.dst.ip4 = group;
3710 br_group.proto = htons(ETH_P_IP);
3711 br_group.vid = vid;
3712
3713 br_multicast_leave_group(brmctx, pmctx, &br_group,
3714 &brmctx->ip4_other_query,
3715 own_query, src);
3716}
3717
3718#if IS_ENABLED(CONFIG_IPV6)
3719static void br_ip6_multicast_leave_group(struct net_bridge_mcast *brmctx,
3720 struct net_bridge_mcast_port *pmctx,
3721 const struct in6_addr *group,
3722 __u16 vid,
3723 const unsigned char *src)
3724{
3725 struct br_ip br_group;
3726 struct bridge_mcast_own_query *own_query;
3727
3728 if (ipv6_addr_is_ll_all_nodes(group))
3729 return;
3730
3731 own_query = pmctx ? &pmctx->ip6_own_query : &brmctx->ip6_own_query;
3732
3733 memset(&br_group, 0, sizeof(br_group));
3734 br_group.dst.ip6 = *group;
3735 br_group.proto = htons(ETH_P_IPV6);
3736 br_group.vid = vid;
3737
3738 br_multicast_leave_group(brmctx, pmctx, &br_group,
3739 &brmctx->ip6_other_query,
3740 own_query, src);
3741}
3742#endif
3743
3744static void br_multicast_err_count(const struct net_bridge *br,
3745 const struct net_bridge_port *p,
3746 __be16 proto)
3747{
3748 struct bridge_mcast_stats __percpu *stats;
3749 struct bridge_mcast_stats *pstats;
3750
3751 if (!br_opt_get(br, BROPT_MULTICAST_STATS_ENABLED))
3752 return;
3753
3754 if (p)
3755 stats = p->mcast_stats;
3756 else
3757 stats = br->mcast_stats;
3758 if (WARN_ON(!stats))
3759 return;
3760
3761 pstats = this_cpu_ptr(stats);
3762
3763 u64_stats_update_begin(&pstats->syncp);
3764 switch (proto) {
3765 case htons(ETH_P_IP):
3766 pstats->mstats.igmp_parse_errors++;
3767 break;
3768#if IS_ENABLED(CONFIG_IPV6)
3769 case htons(ETH_P_IPV6):
3770 pstats->mstats.mld_parse_errors++;
3771 break;
3772#endif
3773 }
3774 u64_stats_update_end(&pstats->syncp);
3775}
3776
3777static void br_multicast_pim(struct net_bridge_mcast *brmctx,
3778 struct net_bridge_mcast_port *pmctx,
3779 const struct sk_buff *skb)
3780{
3781 unsigned int offset = skb_transport_offset(skb);
3782 struct pimhdr *pimhdr, _pimhdr;
3783
3784 pimhdr = skb_header_pointer(skb, offset, sizeof(_pimhdr), &_pimhdr);
3785 if (!pimhdr || pim_hdr_version(pimhdr) != PIM_VERSION ||
3786 pim_hdr_type(pimhdr) != PIM_TYPE_HELLO)
3787 return;
3788
3789 spin_lock(&brmctx->br->multicast_lock);
3790 br_ip4_multicast_mark_router(brmctx, pmctx);
3791 spin_unlock(&brmctx->br->multicast_lock);
3792}
3793
3794static int br_ip4_multicast_mrd_rcv(struct net_bridge_mcast *brmctx,
3795 struct net_bridge_mcast_port *pmctx,
3796 struct sk_buff *skb)
3797{
3798 if (ip_hdr(skb)->protocol != IPPROTO_IGMP ||
3799 igmp_hdr(skb)->type != IGMP_MRDISC_ADV)
3800 return -ENOMSG;
3801
3802 spin_lock(&brmctx->br->multicast_lock);
3803 br_ip4_multicast_mark_router(brmctx, pmctx);
3804 spin_unlock(&brmctx->br->multicast_lock);
3805
3806 return 0;
3807}
3808
3809static int br_multicast_ipv4_rcv(struct net_bridge_mcast *brmctx,
3810 struct net_bridge_mcast_port *pmctx,
3811 struct sk_buff *skb,
3812 u16 vid)
3813{
3814 struct net_bridge_port *p = pmctx ? pmctx->port : NULL;
3815 const unsigned char *src;
3816 struct igmphdr *ih;
3817 int err;
3818
3819 err = ip_mc_check_igmp(skb);
3820
3821 if (err == -ENOMSG) {
3822 if (!ipv4_is_local_multicast(ip_hdr(skb)->daddr)) {
3823 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
3824 } else if (pim_ipv4_all_pim_routers(ip_hdr(skb)->daddr)) {
3825 if (ip_hdr(skb)->protocol == IPPROTO_PIM)
3826 br_multicast_pim(brmctx, pmctx, skb);
3827 } else if (ipv4_is_all_snoopers(ip_hdr(skb)->daddr)) {
3828 br_ip4_multicast_mrd_rcv(brmctx, pmctx, skb);
3829 }
3830
3831 return 0;
3832 } else if (err < 0) {
3833 br_multicast_err_count(brmctx->br, p, skb->protocol);
3834 return err;
3835 }
3836
3837 ih = igmp_hdr(skb);
3838 src = eth_hdr(skb)->h_source;
3839 BR_INPUT_SKB_CB(skb)->igmp = ih->type;
3840
3841 switch (ih->type) {
3842 case IGMP_HOST_MEMBERSHIP_REPORT:
3843 case IGMPV2_HOST_MEMBERSHIP_REPORT:
3844 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
3845 err = br_ip4_multicast_add_group(brmctx, pmctx, ih->group, vid,
3846 src, true);
3847 break;
3848 case IGMPV3_HOST_MEMBERSHIP_REPORT:
3849 err = br_ip4_multicast_igmp3_report(brmctx, pmctx, skb, vid);
3850 break;
3851 case IGMP_HOST_MEMBERSHIP_QUERY:
3852 br_ip4_multicast_query(brmctx, pmctx, skb, vid);
3853 break;
3854 case IGMP_HOST_LEAVE_MESSAGE:
3855 br_ip4_multicast_leave_group(brmctx, pmctx, ih->group, vid, src);
3856 break;
3857 }
3858
3859 br_multicast_count(brmctx->br, p, skb, BR_INPUT_SKB_CB(skb)->igmp,
3860 BR_MCAST_DIR_RX);
3861
3862 return err;
3863}
3864
3865#if IS_ENABLED(CONFIG_IPV6)
3866static void br_ip6_multicast_mrd_rcv(struct net_bridge_mcast *brmctx,
3867 struct net_bridge_mcast_port *pmctx,
3868 struct sk_buff *skb)
3869{
3870 if (icmp6_hdr(skb)->icmp6_type != ICMPV6_MRDISC_ADV)
3871 return;
3872
3873 spin_lock(&brmctx->br->multicast_lock);
3874 br_ip6_multicast_mark_router(brmctx, pmctx);
3875 spin_unlock(&brmctx->br->multicast_lock);
3876}
3877
3878static int br_multicast_ipv6_rcv(struct net_bridge_mcast *brmctx,
3879 struct net_bridge_mcast_port *pmctx,
3880 struct sk_buff *skb,
3881 u16 vid)
3882{
3883 struct net_bridge_port *p = pmctx ? pmctx->port : NULL;
3884 const unsigned char *src;
3885 struct mld_msg *mld;
3886 int err;
3887
3888 err = ipv6_mc_check_mld(skb);
3889
3890 if (err == -ENOMSG || err == -ENODATA) {
3891 if (!ipv6_addr_is_ll_all_nodes(&ipv6_hdr(skb)->daddr))
3892 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
3893 if (err == -ENODATA &&
3894 ipv6_addr_is_all_snoopers(&ipv6_hdr(skb)->daddr))
3895 br_ip6_multicast_mrd_rcv(brmctx, pmctx, skb);
3896
3897 return 0;
3898 } else if (err < 0) {
3899 br_multicast_err_count(brmctx->br, p, skb->protocol);
3900 return err;
3901 }
3902
3903 mld = (struct mld_msg *)skb_transport_header(skb);
3904 BR_INPUT_SKB_CB(skb)->igmp = mld->mld_type;
3905
3906 switch (mld->mld_type) {
3907 case ICMPV6_MGM_REPORT:
3908 src = eth_hdr(skb)->h_source;
3909 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
3910 err = br_ip6_multicast_add_group(brmctx, pmctx, &mld->mld_mca,
3911 vid, src, true);
3912 break;
3913 case ICMPV6_MLD2_REPORT:
3914 err = br_ip6_multicast_mld2_report(brmctx, pmctx, skb, vid);
3915 break;
3916 case ICMPV6_MGM_QUERY:
3917 err = br_ip6_multicast_query(brmctx, pmctx, skb, vid);
3918 break;
3919 case ICMPV6_MGM_REDUCTION:
3920 src = eth_hdr(skb)->h_source;
3921 br_ip6_multicast_leave_group(brmctx, pmctx, &mld->mld_mca, vid,
3922 src);
3923 break;
3924 }
3925
3926 br_multicast_count(brmctx->br, p, skb, BR_INPUT_SKB_CB(skb)->igmp,
3927 BR_MCAST_DIR_RX);
3928
3929 return err;
3930}
3931#endif
3932
3933int br_multicast_rcv(struct net_bridge_mcast **brmctx,
3934 struct net_bridge_mcast_port **pmctx,
3935 struct net_bridge_vlan *vlan,
3936 struct sk_buff *skb, u16 vid)
3937{
3938 int ret = 0;
3939
3940 BR_INPUT_SKB_CB(skb)->igmp = 0;
3941 BR_INPUT_SKB_CB(skb)->mrouters_only = 0;
3942
3943 if (!br_opt_get((*brmctx)->br, BROPT_MULTICAST_ENABLED))
3944 return 0;
3945
3946 if (br_opt_get((*brmctx)->br, BROPT_MCAST_VLAN_SNOOPING_ENABLED) && vlan) {
3947 const struct net_bridge_vlan *masterv;
3948
3949 /* the vlan has the master flag set only when transmitting
3950 * through the bridge device
3951 */
3952 if (br_vlan_is_master(vlan)) {
3953 masterv = vlan;
3954 *brmctx = &vlan->br_mcast_ctx;
3955 *pmctx = NULL;
3956 } else {
3957 masterv = vlan->brvlan;
3958 *brmctx = &vlan->brvlan->br_mcast_ctx;
3959 *pmctx = &vlan->port_mcast_ctx;
3960 }
3961
3962 if (!(masterv->priv_flags & BR_VLFLAG_GLOBAL_MCAST_ENABLED))
3963 return 0;
3964 }
3965
3966 switch (skb->protocol) {
3967 case htons(ETH_P_IP):
3968 ret = br_multicast_ipv4_rcv(*brmctx, *pmctx, skb, vid);
3969 break;
3970#if IS_ENABLED(CONFIG_IPV6)
3971 case htons(ETH_P_IPV6):
3972 ret = br_multicast_ipv6_rcv(*brmctx, *pmctx, skb, vid);
3973 break;
3974#endif
3975 }
3976
3977 return ret;
3978}
3979
3980static void br_multicast_query_expired(struct net_bridge_mcast *brmctx,
3981 struct bridge_mcast_own_query *query,
3982 struct bridge_mcast_querier *querier)
3983{
3984 spin_lock(&brmctx->br->multicast_lock);
3985 if (br_multicast_ctx_vlan_disabled(brmctx))
3986 goto out;
3987
3988 if (query->startup_sent < brmctx->multicast_startup_query_count)
3989 query->startup_sent++;
3990
3991 br_multicast_send_query(brmctx, NULL, query);
3992out:
3993 spin_unlock(&brmctx->br->multicast_lock);
3994}
3995
3996static void br_ip4_multicast_query_expired(struct timer_list *t)
3997{
3998 struct net_bridge_mcast *brmctx = from_timer(brmctx, t,
3999 ip4_own_query.timer);
4000
4001 br_multicast_query_expired(brmctx, &brmctx->ip4_own_query,
4002 &brmctx->ip4_querier);
4003}
4004
4005#if IS_ENABLED(CONFIG_IPV6)
4006static void br_ip6_multicast_query_expired(struct timer_list *t)
4007{
4008 struct net_bridge_mcast *brmctx = from_timer(brmctx, t,
4009 ip6_own_query.timer);
4010
4011 br_multicast_query_expired(brmctx, &brmctx->ip6_own_query,
4012 &brmctx->ip6_querier);
4013}
4014#endif
4015
4016static void br_multicast_gc_work(struct work_struct *work)
4017{
4018 struct net_bridge *br = container_of(work, struct net_bridge,
4019 mcast_gc_work);
4020 HLIST_HEAD(deleted_head);
4021
4022 spin_lock_bh(&br->multicast_lock);
4023 hlist_move_list(&br->mcast_gc_list, &deleted_head);
4024 spin_unlock_bh(&br->multicast_lock);
4025
4026 br_multicast_gc(&deleted_head);
4027}
4028
4029void br_multicast_ctx_init(struct net_bridge *br,
4030 struct net_bridge_vlan *vlan,
4031 struct net_bridge_mcast *brmctx)
4032{
4033 brmctx->br = br;
4034 brmctx->vlan = vlan;
4035 brmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY;
4036 brmctx->multicast_last_member_count = 2;
4037 brmctx->multicast_startup_query_count = 2;
4038
4039 brmctx->multicast_last_member_interval = HZ;
4040 brmctx->multicast_query_response_interval = 10 * HZ;
4041 brmctx->multicast_startup_query_interval = 125 * HZ / 4;
4042 brmctx->multicast_query_interval = 125 * HZ;
4043 brmctx->multicast_querier_interval = 255 * HZ;
4044 brmctx->multicast_membership_interval = 260 * HZ;
4045
4046 brmctx->ip4_querier.port_ifidx = 0;
4047 seqcount_spinlock_init(&brmctx->ip4_querier.seq, &br->multicast_lock);
4048 brmctx->multicast_igmp_version = 2;
4049#if IS_ENABLED(CONFIG_IPV6)
4050 brmctx->multicast_mld_version = 1;
4051 brmctx->ip6_querier.port_ifidx = 0;
4052 seqcount_spinlock_init(&brmctx->ip6_querier.seq, &br->multicast_lock);
4053#endif
4054
4055 timer_setup(&brmctx->ip4_mc_router_timer,
4056 br_ip4_multicast_local_router_expired, 0);
4057 timer_setup(&brmctx->ip4_other_query.timer,
4058 br_ip4_multicast_querier_expired, 0);
4059 timer_setup(&brmctx->ip4_other_query.delay_timer,
4060 br_multicast_query_delay_expired, 0);
4061 timer_setup(&brmctx->ip4_own_query.timer,
4062 br_ip4_multicast_query_expired, 0);
4063#if IS_ENABLED(CONFIG_IPV6)
4064 timer_setup(&brmctx->ip6_mc_router_timer,
4065 br_ip6_multicast_local_router_expired, 0);
4066 timer_setup(&brmctx->ip6_other_query.timer,
4067 br_ip6_multicast_querier_expired, 0);
4068 timer_setup(&brmctx->ip6_other_query.delay_timer,
4069 br_multicast_query_delay_expired, 0);
4070 timer_setup(&brmctx->ip6_own_query.timer,
4071 br_ip6_multicast_query_expired, 0);
4072#endif
4073}
4074
4075void br_multicast_ctx_deinit(struct net_bridge_mcast *brmctx)
4076{
4077 __br_multicast_stop(brmctx);
4078}
4079
4080void br_multicast_init(struct net_bridge *br)
4081{
4082 br->hash_max = BR_MULTICAST_DEFAULT_HASH_MAX;
4083
4084 br_multicast_ctx_init(br, NULL, &br->multicast_ctx);
4085
4086 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, true);
4087 br_opt_toggle(br, BROPT_HAS_IPV6_ADDR, true);
4088
4089 spin_lock_init(&br->multicast_lock);
4090 INIT_HLIST_HEAD(&br->mdb_list);
4091 INIT_HLIST_HEAD(&br->mcast_gc_list);
4092 INIT_WORK(&br->mcast_gc_work, br_multicast_gc_work);
4093}
4094
4095static void br_ip4_multicast_join_snoopers(struct net_bridge *br)
4096{
4097 struct in_device *in_dev = in_dev_get(br->dev);
4098
4099 if (!in_dev)
4100 return;
4101
4102 __ip_mc_inc_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC);
4103 in_dev_put(in_dev);
4104}
4105
4106#if IS_ENABLED(CONFIG_IPV6)
4107static void br_ip6_multicast_join_snoopers(struct net_bridge *br)
4108{
4109 struct in6_addr addr;
4110
4111 ipv6_addr_set(&addr, htonl(0xff020000), 0, 0, htonl(0x6a));
4112 ipv6_dev_mc_inc(br->dev, &addr);
4113}
4114#else
4115static inline void br_ip6_multicast_join_snoopers(struct net_bridge *br)
4116{
4117}
4118#endif
4119
4120void br_multicast_join_snoopers(struct net_bridge *br)
4121{
4122 br_ip4_multicast_join_snoopers(br);
4123 br_ip6_multicast_join_snoopers(br);
4124}
4125
4126static void br_ip4_multicast_leave_snoopers(struct net_bridge *br)
4127{
4128 struct in_device *in_dev = in_dev_get(br->dev);
4129
4130 if (WARN_ON(!in_dev))
4131 return;
4132
4133 __ip_mc_dec_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC);
4134 in_dev_put(in_dev);
4135}
4136
4137#if IS_ENABLED(CONFIG_IPV6)
4138static void br_ip6_multicast_leave_snoopers(struct net_bridge *br)
4139{
4140 struct in6_addr addr;
4141
4142 ipv6_addr_set(&addr, htonl(0xff020000), 0, 0, htonl(0x6a));
4143 ipv6_dev_mc_dec(br->dev, &addr);
4144}
4145#else
4146static inline void br_ip6_multicast_leave_snoopers(struct net_bridge *br)
4147{
4148}
4149#endif
4150
4151void br_multicast_leave_snoopers(struct net_bridge *br)
4152{
4153 br_ip4_multicast_leave_snoopers(br);
4154 br_ip6_multicast_leave_snoopers(br);
4155}
4156
4157static void __br_multicast_open_query(struct net_bridge *br,
4158 struct bridge_mcast_own_query *query)
4159{
4160 query->startup_sent = 0;
4161
4162 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED))
4163 return;
4164
4165 mod_timer(&query->timer, jiffies);
4166}
4167
4168static void __br_multicast_open(struct net_bridge_mcast *brmctx)
4169{
4170 __br_multicast_open_query(brmctx->br, &brmctx->ip4_own_query);
4171#if IS_ENABLED(CONFIG_IPV6)
4172 __br_multicast_open_query(brmctx->br, &brmctx->ip6_own_query);
4173#endif
4174}
4175
4176void br_multicast_open(struct net_bridge *br)
4177{
4178 ASSERT_RTNL();
4179
4180 if (br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) {
4181 struct net_bridge_vlan_group *vg;
4182 struct net_bridge_vlan *vlan;
4183
4184 vg = br_vlan_group(br);
4185 if (vg) {
4186 list_for_each_entry(vlan, &vg->vlan_list, vlist) {
4187 struct net_bridge_mcast *brmctx;
4188
4189 brmctx = &vlan->br_mcast_ctx;
4190 if (br_vlan_is_brentry(vlan) &&
4191 !br_multicast_ctx_vlan_disabled(brmctx))
4192 __br_multicast_open(&vlan->br_mcast_ctx);
4193 }
4194 }
4195 } else {
4196 __br_multicast_open(&br->multicast_ctx);
4197 }
4198}
4199
4200static void __br_multicast_stop(struct net_bridge_mcast *brmctx)
4201{
4202 del_timer_sync(&brmctx->ip4_mc_router_timer);
4203 del_timer_sync(&brmctx->ip4_other_query.timer);
4204 del_timer_sync(&brmctx->ip4_other_query.delay_timer);
4205 del_timer_sync(&brmctx->ip4_own_query.timer);
4206#if IS_ENABLED(CONFIG_IPV6)
4207 del_timer_sync(&brmctx->ip6_mc_router_timer);
4208 del_timer_sync(&brmctx->ip6_other_query.timer);
4209 del_timer_sync(&brmctx->ip6_other_query.delay_timer);
4210 del_timer_sync(&brmctx->ip6_own_query.timer);
4211#endif
4212}
4213
4214void br_multicast_toggle_one_vlan(struct net_bridge_vlan *vlan, bool on)
4215{
4216 struct net_bridge *br;
4217
4218 /* it's okay to check for the flag without the multicast lock because it
4219 * can only change under RTNL -> multicast_lock, we need the latter to
4220 * sync with timers and packets
4221 */
4222 if (on == !!(vlan->priv_flags & BR_VLFLAG_MCAST_ENABLED))
4223 return;
4224
4225 if (br_vlan_is_master(vlan)) {
4226 br = vlan->br;
4227
4228 if (!br_vlan_is_brentry(vlan) ||
4229 (on &&
4230 br_multicast_ctx_vlan_global_disabled(&vlan->br_mcast_ctx)))
4231 return;
4232
4233 spin_lock_bh(&br->multicast_lock);
4234 vlan->priv_flags ^= BR_VLFLAG_MCAST_ENABLED;
4235 spin_unlock_bh(&br->multicast_lock);
4236
4237 if (on)
4238 __br_multicast_open(&vlan->br_mcast_ctx);
4239 else
4240 __br_multicast_stop(&vlan->br_mcast_ctx);
4241 } else {
4242 struct net_bridge_mcast *brmctx;
4243
4244 brmctx = br_multicast_port_ctx_get_global(&vlan->port_mcast_ctx);
4245 if (on && br_multicast_ctx_vlan_global_disabled(brmctx))
4246 return;
4247
4248 br = vlan->port->br;
4249 spin_lock_bh(&br->multicast_lock);
4250 vlan->priv_flags ^= BR_VLFLAG_MCAST_ENABLED;
4251 if (on)
4252 __br_multicast_enable_port_ctx(&vlan->port_mcast_ctx);
4253 else
4254 __br_multicast_disable_port_ctx(&vlan->port_mcast_ctx);
4255 spin_unlock_bh(&br->multicast_lock);
4256 }
4257}
4258
4259static void br_multicast_toggle_vlan(struct net_bridge_vlan *vlan, bool on)
4260{
4261 struct net_bridge_port *p;
4262
4263 if (WARN_ON_ONCE(!br_vlan_is_master(vlan)))
4264 return;
4265
4266 list_for_each_entry(p, &vlan->br->port_list, list) {
4267 struct net_bridge_vlan *vport;
4268
4269 vport = br_vlan_find(nbp_vlan_group(p), vlan->vid);
4270 if (!vport)
4271 continue;
4272 br_multicast_toggle_one_vlan(vport, on);
4273 }
4274
4275 if (br_vlan_is_brentry(vlan))
4276 br_multicast_toggle_one_vlan(vlan, on);
4277}
4278
4279int br_multicast_toggle_vlan_snooping(struct net_bridge *br, bool on,
4280 struct netlink_ext_ack *extack)
4281{
4282 struct net_bridge_vlan_group *vg;
4283 struct net_bridge_vlan *vlan;
4284 struct net_bridge_port *p;
4285
4286 if (br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED) == on)
4287 return 0;
4288
4289 if (on && !br_opt_get(br, BROPT_VLAN_ENABLED)) {
4290 NL_SET_ERR_MSG_MOD(extack, "Cannot enable multicast vlan snooping with vlan filtering disabled");
4291 return -EINVAL;
4292 }
4293
4294 vg = br_vlan_group(br);
4295 if (!vg)
4296 return 0;
4297
4298 br_opt_toggle(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED, on);
4299
4300 /* disable/enable non-vlan mcast contexts based on vlan snooping */
4301 if (on)
4302 __br_multicast_stop(&br->multicast_ctx);
4303 else
4304 __br_multicast_open(&br->multicast_ctx);
4305 list_for_each_entry(p, &br->port_list, list) {
4306 if (on)
4307 br_multicast_disable_port(p);
4308 else
4309 br_multicast_enable_port(p);
4310 }
4311
4312 list_for_each_entry(vlan, &vg->vlan_list, vlist)
4313 br_multicast_toggle_vlan(vlan, on);
4314
4315 return 0;
4316}
4317
4318bool br_multicast_toggle_global_vlan(struct net_bridge_vlan *vlan, bool on)
4319{
4320 ASSERT_RTNL();
4321
4322 /* BR_VLFLAG_GLOBAL_MCAST_ENABLED relies on eventual consistency and
4323 * requires only RTNL to change
4324 */
4325 if (on == !!(vlan->priv_flags & BR_VLFLAG_GLOBAL_MCAST_ENABLED))
4326 return false;
4327
4328 vlan->priv_flags ^= BR_VLFLAG_GLOBAL_MCAST_ENABLED;
4329 br_multicast_toggle_vlan(vlan, on);
4330
4331 return true;
4332}
4333
4334void br_multicast_stop(struct net_bridge *br)
4335{
4336 ASSERT_RTNL();
4337
4338 if (br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) {
4339 struct net_bridge_vlan_group *vg;
4340 struct net_bridge_vlan *vlan;
4341
4342 vg = br_vlan_group(br);
4343 if (vg) {
4344 list_for_each_entry(vlan, &vg->vlan_list, vlist) {
4345 struct net_bridge_mcast *brmctx;
4346
4347 brmctx = &vlan->br_mcast_ctx;
4348 if (br_vlan_is_brentry(vlan) &&
4349 !br_multicast_ctx_vlan_disabled(brmctx))
4350 __br_multicast_stop(&vlan->br_mcast_ctx);
4351 }
4352 }
4353 } else {
4354 __br_multicast_stop(&br->multicast_ctx);
4355 }
4356}
4357
4358void br_multicast_dev_del(struct net_bridge *br)
4359{
4360 struct net_bridge_mdb_entry *mp;
4361 HLIST_HEAD(deleted_head);
4362 struct hlist_node *tmp;
4363
4364 spin_lock_bh(&br->multicast_lock);
4365 hlist_for_each_entry_safe(mp, tmp, &br->mdb_list, mdb_node)
4366 br_multicast_del_mdb_entry(mp);
4367 hlist_move_list(&br->mcast_gc_list, &deleted_head);
4368 spin_unlock_bh(&br->multicast_lock);
4369
4370 br_multicast_ctx_deinit(&br->multicast_ctx);
4371 br_multicast_gc(&deleted_head);
4372 cancel_work_sync(&br->mcast_gc_work);
4373
4374 rcu_barrier();
4375}
4376
4377int br_multicast_set_router(struct net_bridge_mcast *brmctx, unsigned long val)
4378{
4379 int err = -EINVAL;
4380
4381 spin_lock_bh(&brmctx->br->multicast_lock);
4382
4383 switch (val) {
4384 case MDB_RTR_TYPE_DISABLED:
4385 case MDB_RTR_TYPE_PERM:
4386 br_mc_router_state_change(brmctx->br, val == MDB_RTR_TYPE_PERM);
4387 del_timer(&brmctx->ip4_mc_router_timer);
4388#if IS_ENABLED(CONFIG_IPV6)
4389 del_timer(&brmctx->ip6_mc_router_timer);
4390#endif
4391 brmctx->multicast_router = val;
4392 err = 0;
4393 break;
4394 case MDB_RTR_TYPE_TEMP_QUERY:
4395 if (brmctx->multicast_router != MDB_RTR_TYPE_TEMP_QUERY)
4396 br_mc_router_state_change(brmctx->br, false);
4397 brmctx->multicast_router = val;
4398 err = 0;
4399 break;
4400 }
4401
4402 spin_unlock_bh(&brmctx->br->multicast_lock);
4403
4404 return err;
4405}
4406
4407static void
4408br_multicast_rport_del_notify(struct net_bridge_mcast_port *pmctx, bool deleted)
4409{
4410 if (!deleted)
4411 return;
4412
4413 /* For backwards compatibility for now, only notify if there is
4414 * no multicast router anymore for both IPv4 and IPv6.
4415 */
4416 if (!hlist_unhashed(&pmctx->ip4_rlist))
4417 return;
4418#if IS_ENABLED(CONFIG_IPV6)
4419 if (!hlist_unhashed(&pmctx->ip6_rlist))
4420 return;
4421#endif
4422
4423 br_rtr_notify(pmctx->port->br->dev, pmctx, RTM_DELMDB);
4424 br_port_mc_router_state_change(pmctx->port, false);
4425
4426 /* don't allow timer refresh */
4427 if (pmctx->multicast_router == MDB_RTR_TYPE_TEMP)
4428 pmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY;
4429}
4430
4431int br_multicast_set_port_router(struct net_bridge_mcast_port *pmctx,
4432 unsigned long val)
4433{
4434 struct net_bridge_mcast *brmctx;
4435 unsigned long now = jiffies;
4436 int err = -EINVAL;
4437 bool del = false;
4438
4439 brmctx = br_multicast_port_ctx_get_global(pmctx);
4440 spin_lock_bh(&brmctx->br->multicast_lock);
4441 if (pmctx->multicast_router == val) {
4442 /* Refresh the temp router port timer */
4443 if (pmctx->multicast_router == MDB_RTR_TYPE_TEMP) {
4444 mod_timer(&pmctx->ip4_mc_router_timer,
4445 now + brmctx->multicast_querier_interval);
4446#if IS_ENABLED(CONFIG_IPV6)
4447 mod_timer(&pmctx->ip6_mc_router_timer,
4448 now + brmctx->multicast_querier_interval);
4449#endif
4450 }
4451 err = 0;
4452 goto unlock;
4453 }
4454 switch (val) {
4455 case MDB_RTR_TYPE_DISABLED:
4456 pmctx->multicast_router = MDB_RTR_TYPE_DISABLED;
4457 del |= br_ip4_multicast_rport_del(pmctx);
4458 del_timer(&pmctx->ip4_mc_router_timer);
4459 del |= br_ip6_multicast_rport_del(pmctx);
4460#if IS_ENABLED(CONFIG_IPV6)
4461 del_timer(&pmctx->ip6_mc_router_timer);
4462#endif
4463 br_multicast_rport_del_notify(pmctx, del);
4464 break;
4465 case MDB_RTR_TYPE_TEMP_QUERY:
4466 pmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY;
4467 del |= br_ip4_multicast_rport_del(pmctx);
4468 del |= br_ip6_multicast_rport_del(pmctx);
4469 br_multicast_rport_del_notify(pmctx, del);
4470 break;
4471 case MDB_RTR_TYPE_PERM:
4472 pmctx->multicast_router = MDB_RTR_TYPE_PERM;
4473 del_timer(&pmctx->ip4_mc_router_timer);
4474 br_ip4_multicast_add_router(brmctx, pmctx);
4475#if IS_ENABLED(CONFIG_IPV6)
4476 del_timer(&pmctx->ip6_mc_router_timer);
4477#endif
4478 br_ip6_multicast_add_router(brmctx, pmctx);
4479 break;
4480 case MDB_RTR_TYPE_TEMP:
4481 pmctx->multicast_router = MDB_RTR_TYPE_TEMP;
4482 br_ip4_multicast_mark_router(brmctx, pmctx);
4483 br_ip6_multicast_mark_router(brmctx, pmctx);
4484 break;
4485 default:
4486 goto unlock;
4487 }
4488 err = 0;
4489unlock:
4490 spin_unlock_bh(&brmctx->br->multicast_lock);
4491
4492 return err;
4493}
4494
4495int br_multicast_set_vlan_router(struct net_bridge_vlan *v, u8 mcast_router)
4496{
4497 int err;
4498
4499 if (br_vlan_is_master(v))
4500 err = br_multicast_set_router(&v->br_mcast_ctx, mcast_router);
4501 else
4502 err = br_multicast_set_port_router(&v->port_mcast_ctx,
4503 mcast_router);
4504
4505 return err;
4506}
4507
4508static void br_multicast_start_querier(struct net_bridge_mcast *brmctx,
4509 struct bridge_mcast_own_query *query)
4510{
4511 struct net_bridge_port *port;
4512
4513 if (!br_multicast_ctx_matches_vlan_snooping(brmctx))
4514 return;
4515
4516 __br_multicast_open_query(brmctx->br, query);
4517
4518 rcu_read_lock();
4519 list_for_each_entry_rcu(port, &brmctx->br->port_list, list) {
4520 struct bridge_mcast_own_query *ip4_own_query;
4521#if IS_ENABLED(CONFIG_IPV6)
4522 struct bridge_mcast_own_query *ip6_own_query;
4523#endif
4524
4525 if (br_multicast_port_ctx_state_stopped(&port->multicast_ctx))
4526 continue;
4527
4528 if (br_multicast_ctx_is_vlan(brmctx)) {
4529 struct net_bridge_vlan *vlan;
4530
4531 vlan = br_vlan_find(nbp_vlan_group_rcu(port),
4532 brmctx->vlan->vid);
4533 if (!vlan ||
4534 br_multicast_port_ctx_state_stopped(&vlan->port_mcast_ctx))
4535 continue;
4536
4537 ip4_own_query = &vlan->port_mcast_ctx.ip4_own_query;
4538#if IS_ENABLED(CONFIG_IPV6)
4539 ip6_own_query = &vlan->port_mcast_ctx.ip6_own_query;
4540#endif
4541 } else {
4542 ip4_own_query = &port->multicast_ctx.ip4_own_query;
4543#if IS_ENABLED(CONFIG_IPV6)
4544 ip6_own_query = &port->multicast_ctx.ip6_own_query;
4545#endif
4546 }
4547
4548 if (query == &brmctx->ip4_own_query)
4549 br_multicast_enable(ip4_own_query);
4550#if IS_ENABLED(CONFIG_IPV6)
4551 else
4552 br_multicast_enable(ip6_own_query);
4553#endif
4554 }
4555 rcu_read_unlock();
4556}
4557
4558int br_multicast_toggle(struct net_bridge *br, unsigned long val,
4559 struct netlink_ext_ack *extack)
4560{
4561 struct net_bridge_port *port;
4562 bool change_snoopers = false;
4563 int err = 0;
4564
4565 spin_lock_bh(&br->multicast_lock);
4566 if (!!br_opt_get(br, BROPT_MULTICAST_ENABLED) == !!val)
4567 goto unlock;
4568
4569 err = br_mc_disabled_update(br->dev, val, extack);
4570 if (err == -EOPNOTSUPP)
4571 err = 0;
4572 if (err)
4573 goto unlock;
4574
4575 br_opt_toggle(br, BROPT_MULTICAST_ENABLED, !!val);
4576 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) {
4577 change_snoopers = true;
4578 goto unlock;
4579 }
4580
4581 if (!netif_running(br->dev))
4582 goto unlock;
4583
4584 br_multicast_open(br);
4585 list_for_each_entry(port, &br->port_list, list)
4586 __br_multicast_enable_port_ctx(&port->multicast_ctx);
4587
4588 change_snoopers = true;
4589
4590unlock:
4591 spin_unlock_bh(&br->multicast_lock);
4592
4593 /* br_multicast_join_snoopers has the potential to cause
4594 * an MLD Report/Leave to be delivered to br_multicast_rcv,
4595 * which would in turn call br_multicast_add_group, which would
4596 * attempt to acquire multicast_lock. This function should be
4597 * called after the lock has been released to avoid deadlocks on
4598 * multicast_lock.
4599 *
4600 * br_multicast_leave_snoopers does not have the problem since
4601 * br_multicast_rcv first checks BROPT_MULTICAST_ENABLED, and
4602 * returns without calling br_multicast_ipv4/6_rcv if it's not
4603 * enabled. Moved both functions out just for symmetry.
4604 */
4605 if (change_snoopers) {
4606 if (br_opt_get(br, BROPT_MULTICAST_ENABLED))
4607 br_multicast_join_snoopers(br);
4608 else
4609 br_multicast_leave_snoopers(br);
4610 }
4611
4612 return err;
4613}
4614
4615bool br_multicast_enabled(const struct net_device *dev)
4616{
4617 struct net_bridge *br = netdev_priv(dev);
4618
4619 return !!br_opt_get(br, BROPT_MULTICAST_ENABLED);
4620}
4621EXPORT_SYMBOL_GPL(br_multicast_enabled);
4622
4623bool br_multicast_router(const struct net_device *dev)
4624{
4625 struct net_bridge *br = netdev_priv(dev);
4626 bool is_router;
4627
4628 spin_lock_bh(&br->multicast_lock);
4629 is_router = br_multicast_is_router(&br->multicast_ctx, NULL);
4630 spin_unlock_bh(&br->multicast_lock);
4631 return is_router;
4632}
4633EXPORT_SYMBOL_GPL(br_multicast_router);
4634
4635int br_multicast_set_querier(struct net_bridge_mcast *brmctx, unsigned long val)
4636{
4637 unsigned long max_delay;
4638
4639 val = !!val;
4640
4641 spin_lock_bh(&brmctx->br->multicast_lock);
4642 if (brmctx->multicast_querier == val)
4643 goto unlock;
4644
4645 WRITE_ONCE(brmctx->multicast_querier, val);
4646 if (!val)
4647 goto unlock;
4648
4649 max_delay = brmctx->multicast_query_response_interval;
4650
4651 if (!timer_pending(&brmctx->ip4_other_query.timer))
4652 mod_timer(&brmctx->ip4_other_query.delay_timer,
4653 jiffies + max_delay);
4654
4655 br_multicast_start_querier(brmctx, &brmctx->ip4_own_query);
4656
4657#if IS_ENABLED(CONFIG_IPV6)
4658 if (!timer_pending(&brmctx->ip6_other_query.timer))
4659 mod_timer(&brmctx->ip6_other_query.delay_timer,
4660 jiffies + max_delay);
4661
4662 br_multicast_start_querier(brmctx, &brmctx->ip6_own_query);
4663#endif
4664
4665unlock:
4666 spin_unlock_bh(&brmctx->br->multicast_lock);
4667
4668 return 0;
4669}
4670
4671int br_multicast_set_igmp_version(struct net_bridge_mcast *brmctx,
4672 unsigned long val)
4673{
4674 /* Currently we support only version 2 and 3 */
4675 switch (val) {
4676 case 2:
4677 case 3:
4678 break;
4679 default:
4680 return -EINVAL;
4681 }
4682
4683 spin_lock_bh(&brmctx->br->multicast_lock);
4684 brmctx->multicast_igmp_version = val;
4685 spin_unlock_bh(&brmctx->br->multicast_lock);
4686
4687 return 0;
4688}
4689
4690#if IS_ENABLED(CONFIG_IPV6)
4691int br_multicast_set_mld_version(struct net_bridge_mcast *brmctx,
4692 unsigned long val)
4693{
4694 /* Currently we support version 1 and 2 */
4695 switch (val) {
4696 case 1:
4697 case 2:
4698 break;
4699 default:
4700 return -EINVAL;
4701 }
4702
4703 spin_lock_bh(&brmctx->br->multicast_lock);
4704 brmctx->multicast_mld_version = val;
4705 spin_unlock_bh(&brmctx->br->multicast_lock);
4706
4707 return 0;
4708}
4709#endif
4710
4711void br_multicast_set_query_intvl(struct net_bridge_mcast *brmctx,
4712 unsigned long val)
4713{
4714 unsigned long intvl_jiffies = clock_t_to_jiffies(val);
4715
4716 if (intvl_jiffies < BR_MULTICAST_QUERY_INTVL_MIN) {
4717 br_info(brmctx->br,
4718 "trying to set multicast query interval below minimum, setting to %lu (%ums)\n",
4719 jiffies_to_clock_t(BR_MULTICAST_QUERY_INTVL_MIN),
4720 jiffies_to_msecs(BR_MULTICAST_QUERY_INTVL_MIN));
4721 intvl_jiffies = BR_MULTICAST_QUERY_INTVL_MIN;
4722 }
4723
4724 brmctx->multicast_query_interval = intvl_jiffies;
4725}
4726
4727void br_multicast_set_startup_query_intvl(struct net_bridge_mcast *brmctx,
4728 unsigned long val)
4729{
4730 unsigned long intvl_jiffies = clock_t_to_jiffies(val);
4731
4732 if (intvl_jiffies < BR_MULTICAST_STARTUP_QUERY_INTVL_MIN) {
4733 br_info(brmctx->br,
4734 "trying to set multicast startup query interval below minimum, setting to %lu (%ums)\n",
4735 jiffies_to_clock_t(BR_MULTICAST_STARTUP_QUERY_INTVL_MIN),
4736 jiffies_to_msecs(BR_MULTICAST_STARTUP_QUERY_INTVL_MIN));
4737 intvl_jiffies = BR_MULTICAST_STARTUP_QUERY_INTVL_MIN;
4738 }
4739
4740 brmctx->multicast_startup_query_interval = intvl_jiffies;
4741}
4742
4743/**
4744 * br_multicast_list_adjacent - Returns snooped multicast addresses
4745 * @dev: The bridge port adjacent to which to retrieve addresses
4746 * @br_ip_list: The list to store found, snooped multicast IP addresses in
4747 *
4748 * Creates a list of IP addresses (struct br_ip_list) sensed by the multicast
4749 * snooping feature on all bridge ports of dev's bridge device, excluding
4750 * the addresses from dev itself.
4751 *
4752 * Returns the number of items added to br_ip_list.
4753 *
4754 * Notes:
4755 * - br_ip_list needs to be initialized by caller
4756 * - br_ip_list might contain duplicates in the end
4757 * (needs to be taken care of by caller)
4758 * - br_ip_list needs to be freed by caller
4759 */
4760int br_multicast_list_adjacent(struct net_device *dev,
4761 struct list_head *br_ip_list)
4762{
4763 struct net_bridge *br;
4764 struct net_bridge_port *port;
4765 struct net_bridge_port_group *group;
4766 struct br_ip_list *entry;
4767 int count = 0;
4768
4769 rcu_read_lock();
4770 if (!br_ip_list || !netif_is_bridge_port(dev))
4771 goto unlock;
4772
4773 port = br_port_get_rcu(dev);
4774 if (!port || !port->br)
4775 goto unlock;
4776
4777 br = port->br;
4778
4779 list_for_each_entry_rcu(port, &br->port_list, list) {
4780 if (!port->dev || port->dev == dev)
4781 continue;
4782
4783 hlist_for_each_entry_rcu(group, &port->mglist, mglist) {
4784 entry = kmalloc(sizeof(*entry), GFP_ATOMIC);
4785 if (!entry)
4786 goto unlock;
4787
4788 entry->addr = group->key.addr;
4789 list_add(&entry->list, br_ip_list);
4790 count++;
4791 }
4792 }
4793
4794unlock:
4795 rcu_read_unlock();
4796 return count;
4797}
4798EXPORT_SYMBOL_GPL(br_multicast_list_adjacent);
4799
4800/**
4801 * br_multicast_has_querier_anywhere - Checks for a querier on a bridge
4802 * @dev: The bridge port providing the bridge on which to check for a querier
4803 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6
4804 *
4805 * Checks whether the given interface has a bridge on top and if so returns
4806 * true if a valid querier exists anywhere on the bridged link layer.
4807 * Otherwise returns false.
4808 */
4809bool br_multicast_has_querier_anywhere(struct net_device *dev, int proto)
4810{
4811 struct net_bridge *br;
4812 struct net_bridge_port *port;
4813 struct ethhdr eth;
4814 bool ret = false;
4815
4816 rcu_read_lock();
4817 if (!netif_is_bridge_port(dev))
4818 goto unlock;
4819
4820 port = br_port_get_rcu(dev);
4821 if (!port || !port->br)
4822 goto unlock;
4823
4824 br = port->br;
4825
4826 memset(ð, 0, sizeof(eth));
4827 eth.h_proto = htons(proto);
4828
4829 ret = br_multicast_querier_exists(&br->multicast_ctx, ð, NULL);
4830
4831unlock:
4832 rcu_read_unlock();
4833 return ret;
4834}
4835EXPORT_SYMBOL_GPL(br_multicast_has_querier_anywhere);
4836
4837/**
4838 * br_multicast_has_querier_adjacent - Checks for a querier behind a bridge port
4839 * @dev: The bridge port adjacent to which to check for a querier
4840 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6
4841 *
4842 * Checks whether the given interface has a bridge on top and if so returns
4843 * true if a selected querier is behind one of the other ports of this
4844 * bridge. Otherwise returns false.
4845 */
4846bool br_multicast_has_querier_adjacent(struct net_device *dev, int proto)
4847{
4848 struct net_bridge_mcast *brmctx;
4849 struct net_bridge *br;
4850 struct net_bridge_port *port;
4851 bool ret = false;
4852 int port_ifidx;
4853
4854 rcu_read_lock();
4855 if (!netif_is_bridge_port(dev))
4856 goto unlock;
4857
4858 port = br_port_get_rcu(dev);
4859 if (!port || !port->br)
4860 goto unlock;
4861
4862 br = port->br;
4863 brmctx = &br->multicast_ctx;
4864
4865 switch (proto) {
4866 case ETH_P_IP:
4867 port_ifidx = brmctx->ip4_querier.port_ifidx;
4868 if (!timer_pending(&brmctx->ip4_other_query.timer) ||
4869 port_ifidx == port->dev->ifindex)
4870 goto unlock;
4871 break;
4872#if IS_ENABLED(CONFIG_IPV6)
4873 case ETH_P_IPV6:
4874 port_ifidx = brmctx->ip6_querier.port_ifidx;
4875 if (!timer_pending(&brmctx->ip6_other_query.timer) ||
4876 port_ifidx == port->dev->ifindex)
4877 goto unlock;
4878 break;
4879#endif
4880 default:
4881 goto unlock;
4882 }
4883
4884 ret = true;
4885unlock:
4886 rcu_read_unlock();
4887 return ret;
4888}
4889EXPORT_SYMBOL_GPL(br_multicast_has_querier_adjacent);
4890
4891/**
4892 * br_multicast_has_router_adjacent - Checks for a router behind a bridge port
4893 * @dev: The bridge port adjacent to which to check for a multicast router
4894 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6
4895 *
4896 * Checks whether the given interface has a bridge on top and if so returns
4897 * true if a multicast router is behind one of the other ports of this
4898 * bridge. Otherwise returns false.
4899 */
4900bool br_multicast_has_router_adjacent(struct net_device *dev, int proto)
4901{
4902 struct net_bridge_mcast_port *pmctx;
4903 struct net_bridge_mcast *brmctx;
4904 struct net_bridge_port *port;
4905 bool ret = false;
4906
4907 rcu_read_lock();
4908 port = br_port_get_check_rcu(dev);
4909 if (!port)
4910 goto unlock;
4911
4912 brmctx = &port->br->multicast_ctx;
4913 switch (proto) {
4914 case ETH_P_IP:
4915 hlist_for_each_entry_rcu(pmctx, &brmctx->ip4_mc_router_list,
4916 ip4_rlist) {
4917 if (pmctx->port == port)
4918 continue;
4919
4920 ret = true;
4921 goto unlock;
4922 }
4923 break;
4924#if IS_ENABLED(CONFIG_IPV6)
4925 case ETH_P_IPV6:
4926 hlist_for_each_entry_rcu(pmctx, &brmctx->ip6_mc_router_list,
4927 ip6_rlist) {
4928 if (pmctx->port == port)
4929 continue;
4930
4931 ret = true;
4932 goto unlock;
4933 }
4934 break;
4935#endif
4936 default:
4937 /* when compiled without IPv6 support, be conservative and
4938 * always assume presence of an IPv6 multicast router
4939 */
4940 ret = true;
4941 }
4942
4943unlock:
4944 rcu_read_unlock();
4945 return ret;
4946}
4947EXPORT_SYMBOL_GPL(br_multicast_has_router_adjacent);
4948
4949static void br_mcast_stats_add(struct bridge_mcast_stats __percpu *stats,
4950 const struct sk_buff *skb, u8 type, u8 dir)
4951{
4952 struct bridge_mcast_stats *pstats = this_cpu_ptr(stats);
4953 __be16 proto = skb->protocol;
4954 unsigned int t_len;
4955
4956 u64_stats_update_begin(&pstats->syncp);
4957 switch (proto) {
4958 case htons(ETH_P_IP):
4959 t_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb);
4960 switch (type) {
4961 case IGMP_HOST_MEMBERSHIP_REPORT:
4962 pstats->mstats.igmp_v1reports[dir]++;
4963 break;
4964 case IGMPV2_HOST_MEMBERSHIP_REPORT:
4965 pstats->mstats.igmp_v2reports[dir]++;
4966 break;
4967 case IGMPV3_HOST_MEMBERSHIP_REPORT:
4968 pstats->mstats.igmp_v3reports[dir]++;
4969 break;
4970 case IGMP_HOST_MEMBERSHIP_QUERY:
4971 if (t_len != sizeof(struct igmphdr)) {
4972 pstats->mstats.igmp_v3queries[dir]++;
4973 } else {
4974 unsigned int offset = skb_transport_offset(skb);
4975 struct igmphdr *ih, _ihdr;
4976
4977 ih = skb_header_pointer(skb, offset,
4978 sizeof(_ihdr), &_ihdr);
4979 if (!ih)
4980 break;
4981 if (!ih->code)
4982 pstats->mstats.igmp_v1queries[dir]++;
4983 else
4984 pstats->mstats.igmp_v2queries[dir]++;
4985 }
4986 break;
4987 case IGMP_HOST_LEAVE_MESSAGE:
4988 pstats->mstats.igmp_leaves[dir]++;
4989 break;
4990 }
4991 break;
4992#if IS_ENABLED(CONFIG_IPV6)
4993 case htons(ETH_P_IPV6):
4994 t_len = ntohs(ipv6_hdr(skb)->payload_len) +
4995 sizeof(struct ipv6hdr);
4996 t_len -= skb_network_header_len(skb);
4997 switch (type) {
4998 case ICMPV6_MGM_REPORT:
4999 pstats->mstats.mld_v1reports[dir]++;
5000 break;
5001 case ICMPV6_MLD2_REPORT:
5002 pstats->mstats.mld_v2reports[dir]++;
5003 break;
5004 case ICMPV6_MGM_QUERY:
5005 if (t_len != sizeof(struct mld_msg))
5006 pstats->mstats.mld_v2queries[dir]++;
5007 else
5008 pstats->mstats.mld_v1queries[dir]++;
5009 break;
5010 case ICMPV6_MGM_REDUCTION:
5011 pstats->mstats.mld_leaves[dir]++;
5012 break;
5013 }
5014 break;
5015#endif /* CONFIG_IPV6 */
5016 }
5017 u64_stats_update_end(&pstats->syncp);
5018}
5019
5020void br_multicast_count(struct net_bridge *br,
5021 const struct net_bridge_port *p,
5022 const struct sk_buff *skb, u8 type, u8 dir)
5023{
5024 struct bridge_mcast_stats __percpu *stats;
5025
5026 /* if multicast_disabled is true then igmp type can't be set */
5027 if (!type || !br_opt_get(br, BROPT_MULTICAST_STATS_ENABLED))
5028 return;
5029
5030 if (p)
5031 stats = p->mcast_stats;
5032 else
5033 stats = br->mcast_stats;
5034 if (WARN_ON(!stats))
5035 return;
5036
5037 br_mcast_stats_add(stats, skb, type, dir);
5038}
5039
5040int br_multicast_init_stats(struct net_bridge *br)
5041{
5042 br->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats);
5043 if (!br->mcast_stats)
5044 return -ENOMEM;
5045
5046 return 0;
5047}
5048
5049void br_multicast_uninit_stats(struct net_bridge *br)
5050{
5051 free_percpu(br->mcast_stats);
5052}
5053
5054/* noinline for https://llvm.org/pr45802#c9 */
5055static noinline_for_stack void mcast_stats_add_dir(u64 *dst, u64 *src)
5056{
5057 dst[BR_MCAST_DIR_RX] += src[BR_MCAST_DIR_RX];
5058 dst[BR_MCAST_DIR_TX] += src[BR_MCAST_DIR_TX];
5059}
5060
5061void br_multicast_get_stats(const struct net_bridge *br,
5062 const struct net_bridge_port *p,
5063 struct br_mcast_stats *dest)
5064{
5065 struct bridge_mcast_stats __percpu *stats;
5066 struct br_mcast_stats tdst;
5067 int i;
5068
5069 memset(dest, 0, sizeof(*dest));
5070 if (p)
5071 stats = p->mcast_stats;
5072 else
5073 stats = br->mcast_stats;
5074 if (WARN_ON(!stats))
5075 return;
5076
5077 memset(&tdst, 0, sizeof(tdst));
5078 for_each_possible_cpu(i) {
5079 struct bridge_mcast_stats *cpu_stats = per_cpu_ptr(stats, i);
5080 struct br_mcast_stats temp;
5081 unsigned int start;
5082
5083 do {
5084 start = u64_stats_fetch_begin(&cpu_stats->syncp);
5085 memcpy(&temp, &cpu_stats->mstats, sizeof(temp));
5086 } while (u64_stats_fetch_retry(&cpu_stats->syncp, start));
5087
5088 mcast_stats_add_dir(tdst.igmp_v1queries, temp.igmp_v1queries);
5089 mcast_stats_add_dir(tdst.igmp_v2queries, temp.igmp_v2queries);
5090 mcast_stats_add_dir(tdst.igmp_v3queries, temp.igmp_v3queries);
5091 mcast_stats_add_dir(tdst.igmp_leaves, temp.igmp_leaves);
5092 mcast_stats_add_dir(tdst.igmp_v1reports, temp.igmp_v1reports);
5093 mcast_stats_add_dir(tdst.igmp_v2reports, temp.igmp_v2reports);
5094 mcast_stats_add_dir(tdst.igmp_v3reports, temp.igmp_v3reports);
5095 tdst.igmp_parse_errors += temp.igmp_parse_errors;
5096
5097 mcast_stats_add_dir(tdst.mld_v1queries, temp.mld_v1queries);
5098 mcast_stats_add_dir(tdst.mld_v2queries, temp.mld_v2queries);
5099 mcast_stats_add_dir(tdst.mld_leaves, temp.mld_leaves);
5100 mcast_stats_add_dir(tdst.mld_v1reports, temp.mld_v1reports);
5101 mcast_stats_add_dir(tdst.mld_v2reports, temp.mld_v2reports);
5102 tdst.mld_parse_errors += temp.mld_parse_errors;
5103 }
5104 memcpy(dest, &tdst, sizeof(*dest));
5105}
5106
5107int br_mdb_hash_init(struct net_bridge *br)
5108{
5109 int err;
5110
5111 err = rhashtable_init(&br->sg_port_tbl, &br_sg_port_rht_params);
5112 if (err)
5113 return err;
5114
5115 err = rhashtable_init(&br->mdb_hash_tbl, &br_mdb_rht_params);
5116 if (err) {
5117 rhashtable_destroy(&br->sg_port_tbl);
5118 return err;
5119 }
5120
5121 return 0;
5122}
5123
5124void br_mdb_hash_fini(struct net_bridge *br)
5125{
5126 rhashtable_destroy(&br->sg_port_tbl);
5127 rhashtable_destroy(&br->mdb_hash_tbl);
5128}