2 * Bridge multicast support.
4 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; either version 2 of the License, or (at your option)
13 #include <linux/err.h>
14 #include <linux/if_ether.h>
15 #include <linux/igmp.h>
16 #include <linux/jhash.h>
17 #include <linux/kernel.h>
18 #include <linux/log2.h>
19 #include <linux/netdevice.h>
20 #include <linux/netfilter_bridge.h>
21 #include <linux/random.h>
22 #include <linux/rculist.h>
23 #include <linux/skbuff.h>
24 #include <linux/slab.h>
25 #include <linux/timer.h>
27 #if IS_ENABLED(CONFIG_IPV6)
30 #include <net/ip6_checksum.h>
33 #include "br_private.h"
35 static void br_multicast_start_querier(struct net_bridge *br);
36 unsigned int br_mdb_rehash_seq;
38 static inline int br_ip_equal(const struct br_ip *a, const struct br_ip *b)
40 if (a->proto != b->proto)
46 return a->u.ip4 == b->u.ip4;
47 #if IS_ENABLED(CONFIG_IPV6)
48 case htons(ETH_P_IPV6):
49 return ipv6_addr_equal(&a->u.ip6, &b->u.ip6);
55 static inline int __br_ip4_hash(struct net_bridge_mdb_htable *mdb, __be32 ip,
58 return jhash_2words((__force u32)ip, vid, mdb->secret) & (mdb->max - 1);
61 #if IS_ENABLED(CONFIG_IPV6)
62 static inline int __br_ip6_hash(struct net_bridge_mdb_htable *mdb,
63 const struct in6_addr *ip,
66 return jhash_2words(ipv6_addr_hash(ip), vid,
67 mdb->secret) & (mdb->max - 1);
71 static inline int br_ip_hash(struct net_bridge_mdb_htable *mdb,
76 return __br_ip4_hash(mdb, ip->u.ip4, ip->vid);
77 #if IS_ENABLED(CONFIG_IPV6)
78 case htons(ETH_P_IPV6):
79 return __br_ip6_hash(mdb, &ip->u.ip6, ip->vid);
85 static struct net_bridge_mdb_entry *__br_mdb_ip_get(
86 struct net_bridge_mdb_htable *mdb, struct br_ip *dst, int hash)
88 struct net_bridge_mdb_entry *mp;
90 hlist_for_each_entry_rcu(mp, &mdb->mhash[hash], hlist[mdb->ver]) {
91 if (br_ip_equal(&mp->addr, dst))
98 struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge_mdb_htable *mdb,
104 return __br_mdb_ip_get(mdb, dst, br_ip_hash(mdb, dst));
107 static struct net_bridge_mdb_entry *br_mdb_ip4_get(
108 struct net_bridge_mdb_htable *mdb, __be32 dst, __u16 vid)
113 br_dst.proto = htons(ETH_P_IP);
116 return br_mdb_ip_get(mdb, &br_dst);
119 #if IS_ENABLED(CONFIG_IPV6)
120 static struct net_bridge_mdb_entry *br_mdb_ip6_get(
121 struct net_bridge_mdb_htable *mdb, const struct in6_addr *dst,
127 br_dst.proto = htons(ETH_P_IPV6);
130 return br_mdb_ip_get(mdb, &br_dst);
134 struct net_bridge_mdb_entry *br_mdb_get(struct net_bridge *br,
135 struct sk_buff *skb, u16 vid)
137 struct net_bridge_mdb_htable *mdb = rcu_dereference(br->mdb);
140 if (br->multicast_disabled)
143 if (BR_INPUT_SKB_CB(skb)->igmp)
146 ip.proto = skb->protocol;
149 switch (skb->protocol) {
150 case htons(ETH_P_IP):
151 ip.u.ip4 = ip_hdr(skb)->daddr;
153 #if IS_ENABLED(CONFIG_IPV6)
154 case htons(ETH_P_IPV6):
155 ip.u.ip6 = ipv6_hdr(skb)->daddr;
162 return br_mdb_ip_get(mdb, &ip);
165 static void br_mdb_free(struct rcu_head *head)
167 struct net_bridge_mdb_htable *mdb =
168 container_of(head, struct net_bridge_mdb_htable, rcu);
169 struct net_bridge_mdb_htable *old = mdb->old;
176 static int br_mdb_copy(struct net_bridge_mdb_htable *new,
177 struct net_bridge_mdb_htable *old,
180 struct net_bridge_mdb_entry *mp;
185 for (i = 0; i < old->max; i++)
186 hlist_for_each_entry(mp, &old->mhash[i], hlist[old->ver])
187 hlist_add_head(&mp->hlist[new->ver],
188 &new->mhash[br_ip_hash(new, &mp->addr)]);
194 for (i = 0; i < new->max; i++) {
196 hlist_for_each_entry(mp, &new->mhash[i], hlist[new->ver])
202 return maxlen > elasticity ? -EINVAL : 0;
205 void br_multicast_free_pg(struct rcu_head *head)
207 struct net_bridge_port_group *p =
208 container_of(head, struct net_bridge_port_group, rcu);
213 static void br_multicast_free_group(struct rcu_head *head)
215 struct net_bridge_mdb_entry *mp =
216 container_of(head, struct net_bridge_mdb_entry, rcu);
221 static void br_multicast_group_expired(unsigned long data)
223 struct net_bridge_mdb_entry *mp = (void *)data;
224 struct net_bridge *br = mp->br;
225 struct net_bridge_mdb_htable *mdb;
227 spin_lock(&br->multicast_lock);
228 if (!netif_running(br->dev) || timer_pending(&mp->timer))
236 mdb = mlock_dereference(br->mdb, br);
238 hlist_del_rcu(&mp->hlist[mdb->ver]);
241 call_rcu_bh(&mp->rcu, br_multicast_free_group);
244 spin_unlock(&br->multicast_lock);
247 static void br_multicast_del_pg(struct net_bridge *br,
248 struct net_bridge_port_group *pg)
250 struct net_bridge_mdb_htable *mdb;
251 struct net_bridge_mdb_entry *mp;
252 struct net_bridge_port_group *p;
253 struct net_bridge_port_group __rcu **pp;
255 mdb = mlock_dereference(br->mdb, br);
257 mp = br_mdb_ip_get(mdb, &pg->addr);
261 for (pp = &mp->ports;
262 (p = mlock_dereference(*pp, br)) != NULL;
267 rcu_assign_pointer(*pp, p->next);
268 hlist_del_init(&p->mglist);
269 del_timer(&p->timer);
270 call_rcu_bh(&p->rcu, br_multicast_free_pg);
272 if (!mp->ports && !mp->mglist &&
273 netif_running(br->dev))
274 mod_timer(&mp->timer, jiffies);
282 static void br_multicast_port_group_expired(unsigned long data)
284 struct net_bridge_port_group *pg = (void *)data;
285 struct net_bridge *br = pg->port->br;
287 spin_lock(&br->multicast_lock);
288 if (!netif_running(br->dev) || timer_pending(&pg->timer) ||
289 hlist_unhashed(&pg->mglist) || pg->state & MDB_PERMANENT)
292 br_multicast_del_pg(br, pg);
295 spin_unlock(&br->multicast_lock);
298 static int br_mdb_rehash(struct net_bridge_mdb_htable __rcu **mdbp, int max,
301 struct net_bridge_mdb_htable *old = rcu_dereference_protected(*mdbp, 1);
302 struct net_bridge_mdb_htable *mdb;
305 mdb = kmalloc(sizeof(*mdb), GFP_ATOMIC);
312 mdb->mhash = kzalloc(max * sizeof(*mdb->mhash), GFP_ATOMIC);
318 mdb->size = old ? old->size : 0;
319 mdb->ver = old ? old->ver ^ 1 : 0;
321 if (!old || elasticity)
322 get_random_bytes(&mdb->secret, sizeof(mdb->secret));
324 mdb->secret = old->secret;
329 err = br_mdb_copy(mdb, old, elasticity);
337 call_rcu_bh(&mdb->rcu, br_mdb_free);
340 rcu_assign_pointer(*mdbp, mdb);
345 static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge *br,
353 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*iph) +
358 skb->protocol = htons(ETH_P_IP);
360 skb_reset_mac_header(skb);
363 memcpy(eth->h_source, br->dev->dev_addr, 6);
366 eth->h_dest[2] = 0x5e;
370 eth->h_proto = htons(ETH_P_IP);
371 skb_put(skb, sizeof(*eth));
373 skb_set_network_header(skb, skb->len);
379 iph->tot_len = htons(sizeof(*iph) + sizeof(*ih) + 4);
381 iph->frag_off = htons(IP_DF);
383 iph->protocol = IPPROTO_IGMP;
385 iph->daddr = htonl(INADDR_ALLHOSTS_GROUP);
386 ((u8 *)&iph[1])[0] = IPOPT_RA;
387 ((u8 *)&iph[1])[1] = 4;
388 ((u8 *)&iph[1])[2] = 0;
389 ((u8 *)&iph[1])[3] = 0;
393 skb_set_transport_header(skb, skb->len);
395 ih->type = IGMP_HOST_MEMBERSHIP_QUERY;
396 ih->code = (group ? br->multicast_last_member_interval :
397 br->multicast_query_response_interval) /
398 (HZ / IGMP_TIMER_SCALE);
401 ih->csum = ip_compute_csum((void *)ih, sizeof(struct igmphdr));
402 skb_put(skb, sizeof(*ih));
404 __skb_pull(skb, sizeof(*eth));
410 #if IS_ENABLED(CONFIG_IPV6)
411 static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge *br,
412 const struct in6_addr *group)
415 struct ipv6hdr *ip6h;
416 struct mld_msg *mldq;
419 unsigned long interval;
421 skb = netdev_alloc_skb_ip_align(br->dev, sizeof(*eth) + sizeof(*ip6h) +
426 skb->protocol = htons(ETH_P_IPV6);
428 /* Ethernet header */
429 skb_reset_mac_header(skb);
432 memcpy(eth->h_source, br->dev->dev_addr, 6);
433 eth->h_proto = htons(ETH_P_IPV6);
434 skb_put(skb, sizeof(*eth));
436 /* IPv6 header + HbH option */
437 skb_set_network_header(skb, skb->len);
438 ip6h = ipv6_hdr(skb);
440 *(__force __be32 *)ip6h = htonl(0x60000000);
441 ip6h->payload_len = htons(8 + sizeof(*mldq));
442 ip6h->nexthdr = IPPROTO_HOPOPTS;
444 ipv6_addr_set(&ip6h->daddr, htonl(0xff020000), 0, 0, htonl(1));
445 if (ipv6_dev_get_saddr(dev_net(br->dev), br->dev, &ip6h->daddr, 0,
450 ipv6_eth_mc_map(&ip6h->daddr, eth->h_dest);
452 hopopt = (u8 *)(ip6h + 1);
453 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */
454 hopopt[1] = 0; /* length of HbH */
455 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */
456 hopopt[3] = 2; /* Length of RA Option */
457 hopopt[4] = 0; /* Type = 0x0000 (MLD) */
459 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */
460 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */
462 skb_put(skb, sizeof(*ip6h) + 8);
465 skb_set_transport_header(skb, skb->len);
466 mldq = (struct mld_msg *) icmp6_hdr(skb);
468 interval = ipv6_addr_any(group) ?
469 br->multicast_query_response_interval :
470 br->multicast_last_member_interval;
472 mldq->mld_type = ICMPV6_MGM_QUERY;
475 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval));
476 mldq->mld_reserved = 0;
477 mldq->mld_mca = *group;
480 mldq->mld_cksum = csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr,
481 sizeof(*mldq), IPPROTO_ICMPV6,
484 skb_put(skb, sizeof(*mldq));
486 __skb_pull(skb, sizeof(*eth));
493 static struct sk_buff *br_multicast_alloc_query(struct net_bridge *br,
496 switch (addr->proto) {
497 case htons(ETH_P_IP):
498 return br_ip4_multicast_alloc_query(br, addr->u.ip4);
499 #if IS_ENABLED(CONFIG_IPV6)
500 case htons(ETH_P_IPV6):
501 return br_ip6_multicast_alloc_query(br, &addr->u.ip6);
507 static struct net_bridge_mdb_entry *br_multicast_get_group(
508 struct net_bridge *br, struct net_bridge_port *port,
509 struct br_ip *group, int hash)
511 struct net_bridge_mdb_htable *mdb;
512 struct net_bridge_mdb_entry *mp;
513 unsigned int count = 0;
518 mdb = rcu_dereference_protected(br->mdb, 1);
519 hlist_for_each_entry(mp, &mdb->mhash[hash], hlist[mdb->ver]) {
521 if (unlikely(br_ip_equal(group, &mp->addr)))
528 if (unlikely(count > br->hash_elasticity && count)) {
530 br_info(br, "Multicast hash table "
531 "chain limit reached: %s\n",
532 port ? port->dev->name : br->dev->name);
534 elasticity = br->hash_elasticity;
537 if (mdb->size >= max) {
539 if (unlikely(max > br->hash_max)) {
540 br_warn(br, "Multicast hash table maximum of %d "
541 "reached, disabling snooping: %s\n",
543 port ? port->dev->name : br->dev->name);
546 br->multicast_disabled = 1;
551 if (max > mdb->max || elasticity) {
554 br_info(br, "Multicast hash table "
556 port ? port->dev->name : br->dev->name);
561 err = br_mdb_rehash(&br->mdb, max, elasticity);
563 br_warn(br, "Cannot rehash multicast "
564 "hash table, disabling snooping: %s, %d, %d\n",
565 port ? port->dev->name : br->dev->name,
581 struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br,
582 struct net_bridge_port *port, struct br_ip *group)
584 struct net_bridge_mdb_htable *mdb;
585 struct net_bridge_mdb_entry *mp;
589 mdb = rcu_dereference_protected(br->mdb, 1);
591 err = br_mdb_rehash(&br->mdb, BR_HASH_SIZE, 0);
597 hash = br_ip_hash(mdb, group);
598 mp = br_multicast_get_group(br, port, group, hash);
599 switch (PTR_ERR(mp)) {
605 mdb = rcu_dereference_protected(br->mdb, 1);
606 hash = br_ip_hash(mdb, group);
613 mp = kzalloc(sizeof(*mp), GFP_ATOMIC);
615 return ERR_PTR(-ENOMEM);
619 setup_timer(&mp->timer, br_multicast_group_expired,
622 hlist_add_head_rcu(&mp->hlist[mdb->ver], &mdb->mhash[hash]);
629 struct net_bridge_port_group *br_multicast_new_port_group(
630 struct net_bridge_port *port,
632 struct net_bridge_port_group __rcu *next,
635 struct net_bridge_port_group *p;
637 p = kzalloc(sizeof(*p), GFP_ATOMIC);
644 rcu_assign_pointer(p->next, next);
645 hlist_add_head(&p->mglist, &port->mglist);
646 setup_timer(&p->timer, br_multicast_port_group_expired,
651 static int br_multicast_add_group(struct net_bridge *br,
652 struct net_bridge_port *port,
655 struct net_bridge_mdb_entry *mp;
656 struct net_bridge_port_group *p;
657 struct net_bridge_port_group __rcu **pp;
658 unsigned long now = jiffies;
661 spin_lock(&br->multicast_lock);
662 if (!netif_running(br->dev) ||
663 (port && port->state == BR_STATE_DISABLED))
666 mp = br_multicast_new_group(br, port, group);
673 mod_timer(&mp->timer, now + br->multicast_membership_interval);
677 for (pp = &mp->ports;
678 (p = mlock_dereference(*pp, br)) != NULL;
682 if ((unsigned long)p->port < (unsigned long)port)
686 p = br_multicast_new_port_group(port, group, *pp, MDB_TEMPORARY);
689 rcu_assign_pointer(*pp, p);
690 br_mdb_notify(br->dev, port, group, RTM_NEWMDB);
693 mod_timer(&p->timer, now + br->multicast_membership_interval);
698 spin_unlock(&br->multicast_lock);
702 static int br_ip4_multicast_add_group(struct net_bridge *br,
703 struct net_bridge_port *port,
707 struct br_ip br_group;
709 if (ipv4_is_local_multicast(group))
712 br_group.u.ip4 = group;
713 br_group.proto = htons(ETH_P_IP);
716 return br_multicast_add_group(br, port, &br_group);
719 #if IS_ENABLED(CONFIG_IPV6)
720 static int br_ip6_multicast_add_group(struct net_bridge *br,
721 struct net_bridge_port *port,
722 const struct in6_addr *group,
725 struct br_ip br_group;
727 if (!ipv6_is_transient_multicast(group))
730 br_group.u.ip6 = *group;
731 br_group.proto = htons(ETH_P_IPV6);
734 return br_multicast_add_group(br, port, &br_group);
738 static void br_multicast_router_expired(unsigned long data)
740 struct net_bridge_port *port = (void *)data;
741 struct net_bridge *br = port->br;
743 spin_lock(&br->multicast_lock);
744 if (port->multicast_router != 1 ||
745 timer_pending(&port->multicast_router_timer) ||
746 hlist_unhashed(&port->rlist))
749 hlist_del_init_rcu(&port->rlist);
752 spin_unlock(&br->multicast_lock);
755 static void br_multicast_local_router_expired(unsigned long data)
759 static void br_multicast_querier_expired(unsigned long data)
761 struct net_bridge *br = (void *)data;
763 spin_lock(&br->multicast_lock);
764 if (!netif_running(br->dev) || br->multicast_disabled)
767 br_multicast_start_querier(br);
770 spin_unlock(&br->multicast_lock);
773 static void __br_multicast_send_query(struct net_bridge *br,
774 struct net_bridge_port *port,
779 skb = br_multicast_alloc_query(br, ip);
784 __skb_push(skb, sizeof(struct ethhdr));
785 skb->dev = port->dev;
786 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
792 static void br_multicast_send_query(struct net_bridge *br,
793 struct net_bridge_port *port, u32 sent)
796 struct br_ip br_group;
798 if (!netif_running(br->dev) || br->multicast_disabled ||
799 !br->multicast_querier ||
800 timer_pending(&br->multicast_querier_timer))
803 memset(&br_group.u, 0, sizeof(br_group.u));
805 br_group.proto = htons(ETH_P_IP);
806 __br_multicast_send_query(br, port, &br_group);
808 #if IS_ENABLED(CONFIG_IPV6)
809 br_group.proto = htons(ETH_P_IPV6);
810 __br_multicast_send_query(br, port, &br_group);
814 time += sent < br->multicast_startup_query_count ?
815 br->multicast_startup_query_interval :
816 br->multicast_query_interval;
817 mod_timer(port ? &port->multicast_query_timer :
818 &br->multicast_query_timer, time);
821 static void br_multicast_port_query_expired(unsigned long data)
823 struct net_bridge_port *port = (void *)data;
824 struct net_bridge *br = port->br;
826 spin_lock(&br->multicast_lock);
827 if (port->state == BR_STATE_DISABLED ||
828 port->state == BR_STATE_BLOCKING)
831 if (port->multicast_startup_queries_sent <
832 br->multicast_startup_query_count)
833 port->multicast_startup_queries_sent++;
835 br_multicast_send_query(port->br, port,
836 port->multicast_startup_queries_sent);
839 spin_unlock(&br->multicast_lock);
842 void br_multicast_add_port(struct net_bridge_port *port)
844 port->multicast_router = 1;
846 setup_timer(&port->multicast_router_timer, br_multicast_router_expired,
847 (unsigned long)port);
848 setup_timer(&port->multicast_query_timer,
849 br_multicast_port_query_expired, (unsigned long)port);
852 void br_multicast_del_port(struct net_bridge_port *port)
854 del_timer_sync(&port->multicast_router_timer);
857 static void __br_multicast_enable_port(struct net_bridge_port *port)
859 port->multicast_startup_queries_sent = 0;
861 if (try_to_del_timer_sync(&port->multicast_query_timer) >= 0 ||
862 del_timer(&port->multicast_query_timer))
863 mod_timer(&port->multicast_query_timer, jiffies);
866 void br_multicast_enable_port(struct net_bridge_port *port)
868 struct net_bridge *br = port->br;
870 spin_lock(&br->multicast_lock);
871 if (br->multicast_disabled || !netif_running(br->dev))
874 __br_multicast_enable_port(port);
877 spin_unlock(&br->multicast_lock);
880 void br_multicast_disable_port(struct net_bridge_port *port)
882 struct net_bridge *br = port->br;
883 struct net_bridge_port_group *pg;
884 struct hlist_node *n;
886 spin_lock(&br->multicast_lock);
887 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist)
888 br_multicast_del_pg(br, pg);
890 if (!hlist_unhashed(&port->rlist))
891 hlist_del_init_rcu(&port->rlist);
892 del_timer(&port->multicast_router_timer);
893 del_timer(&port->multicast_query_timer);
894 spin_unlock(&br->multicast_lock);
897 static int br_ip4_multicast_igmp3_report(struct net_bridge *br,
898 struct net_bridge_port *port,
901 struct igmpv3_report *ih;
902 struct igmpv3_grec *grec;
911 if (!pskb_may_pull(skb, sizeof(*ih)))
914 br_vlan_get_tag(skb, &vid);
915 ih = igmpv3_report_hdr(skb);
916 num = ntohs(ih->ngrec);
919 for (i = 0; i < num; i++) {
920 len += sizeof(*grec);
921 if (!pskb_may_pull(skb, len))
924 grec = (void *)(skb->data + len - sizeof(*grec));
925 group = grec->grec_mca;
926 type = grec->grec_type;
928 len += ntohs(grec->grec_nsrcs) * 4;
929 if (!pskb_may_pull(skb, len))
932 /* We treat this as an IGMPv2 report for now. */
934 case IGMPV3_MODE_IS_INCLUDE:
935 case IGMPV3_MODE_IS_EXCLUDE:
936 case IGMPV3_CHANGE_TO_INCLUDE:
937 case IGMPV3_CHANGE_TO_EXCLUDE:
938 case IGMPV3_ALLOW_NEW_SOURCES:
939 case IGMPV3_BLOCK_OLD_SOURCES:
946 err = br_ip4_multicast_add_group(br, port, group, vid);
954 #if IS_ENABLED(CONFIG_IPV6)
955 static int br_ip6_multicast_mld2_report(struct net_bridge *br,
956 struct net_bridge_port *port,
959 struct icmp6hdr *icmp6h;
960 struct mld2_grec *grec;
967 if (!pskb_may_pull(skb, sizeof(*icmp6h)))
970 br_vlan_get_tag(skb, &vid);
971 icmp6h = icmp6_hdr(skb);
972 num = ntohs(icmp6h->icmp6_dataun.un_data16[1]);
973 len = sizeof(*icmp6h);
975 for (i = 0; i < num; i++) {
976 __be16 *nsrcs, _nsrcs;
978 nsrcs = skb_header_pointer(skb,
979 len + offsetof(struct mld2_grec,
981 sizeof(_nsrcs), &_nsrcs);
985 if (!pskb_may_pull(skb,
986 len + sizeof(*grec) +
987 sizeof(struct in6_addr) * ntohs(*nsrcs)))
990 grec = (struct mld2_grec *)(skb->data + len);
991 len += sizeof(*grec) +
992 sizeof(struct in6_addr) * ntohs(*nsrcs);
994 /* We treat these as MLDv1 reports for now. */
995 switch (grec->grec_type) {
996 case MLD2_MODE_IS_INCLUDE:
997 case MLD2_MODE_IS_EXCLUDE:
998 case MLD2_CHANGE_TO_INCLUDE:
999 case MLD2_CHANGE_TO_EXCLUDE:
1000 case MLD2_ALLOW_NEW_SOURCES:
1001 case MLD2_BLOCK_OLD_SOURCES:
1008 err = br_ip6_multicast_add_group(br, port, &grec->grec_mca,
1019 * Add port to rotuer_list
1020 * list is maintained ordered by pointer value
1021 * and locked by br->multicast_lock and RCU
1023 static void br_multicast_add_router(struct net_bridge *br,
1024 struct net_bridge_port *port)
1026 struct net_bridge_port *p;
1027 struct hlist_node *slot = NULL;
1029 hlist_for_each_entry(p, &br->router_list, rlist) {
1030 if ((unsigned long) port >= (unsigned long) p)
1036 hlist_add_after_rcu(slot, &port->rlist);
1038 hlist_add_head_rcu(&port->rlist, &br->router_list);
1041 static void br_multicast_mark_router(struct net_bridge *br,
1042 struct net_bridge_port *port)
1044 unsigned long now = jiffies;
1047 if (br->multicast_router == 1)
1048 mod_timer(&br->multicast_router_timer,
1049 now + br->multicast_querier_interval);
1053 if (port->multicast_router != 1)
1056 if (!hlist_unhashed(&port->rlist))
1059 br_multicast_add_router(br, port);
1062 mod_timer(&port->multicast_router_timer,
1063 now + br->multicast_querier_interval);
1066 static void br_multicast_query_received(struct net_bridge *br,
1067 struct net_bridge_port *port,
1071 mod_timer(&br->multicast_querier_timer,
1072 jiffies + br->multicast_querier_interval);
1073 else if (timer_pending(&br->multicast_querier_timer))
1076 br_multicast_mark_router(br, port);
1079 static int br_ip4_multicast_query(struct net_bridge *br,
1080 struct net_bridge_port *port,
1081 struct sk_buff *skb)
1083 const struct iphdr *iph = ip_hdr(skb);
1084 struct igmphdr *ih = igmp_hdr(skb);
1085 struct net_bridge_mdb_entry *mp;
1086 struct igmpv3_query *ih3;
1087 struct net_bridge_port_group *p;
1088 struct net_bridge_port_group __rcu **pp;
1089 unsigned long max_delay;
1090 unsigned long now = jiffies;
1095 spin_lock(&br->multicast_lock);
1096 if (!netif_running(br->dev) ||
1097 (port && port->state == BR_STATE_DISABLED))
1100 br_multicast_query_received(br, port, !!iph->saddr);
1104 if (skb->len == sizeof(*ih)) {
1105 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE);
1108 max_delay = 10 * HZ;
1112 if (!pskb_may_pull(skb, sizeof(struct igmpv3_query))) {
1117 ih3 = igmpv3_query_hdr(skb);
1121 max_delay = ih3->code ?
1122 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1;
1128 br_vlan_get_tag(skb, &vid);
1129 mp = br_mdb_ip4_get(mlock_dereference(br->mdb, br), group, vid);
1133 max_delay *= br->multicast_last_member_count;
1136 (timer_pending(&mp->timer) ?
1137 time_after(mp->timer.expires, now + max_delay) :
1138 try_to_del_timer_sync(&mp->timer) >= 0))
1139 mod_timer(&mp->timer, now + max_delay);
1141 for (pp = &mp->ports;
1142 (p = mlock_dereference(*pp, br)) != NULL;
1144 if (timer_pending(&p->timer) ?
1145 time_after(p->timer.expires, now + max_delay) :
1146 try_to_del_timer_sync(&p->timer) >= 0)
1147 mod_timer(&p->timer, now + max_delay);
1151 spin_unlock(&br->multicast_lock);
1155 #if IS_ENABLED(CONFIG_IPV6)
1156 static int br_ip6_multicast_query(struct net_bridge *br,
1157 struct net_bridge_port *port,
1158 struct sk_buff *skb)
1160 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
1161 struct mld_msg *mld;
1162 struct net_bridge_mdb_entry *mp;
1163 struct mld2_query *mld2q;
1164 struct net_bridge_port_group *p;
1165 struct net_bridge_port_group __rcu **pp;
1166 unsigned long max_delay;
1167 unsigned long now = jiffies;
1168 const struct in6_addr *group = NULL;
1172 spin_lock(&br->multicast_lock);
1173 if (!netif_running(br->dev) ||
1174 (port && port->state == BR_STATE_DISABLED))
1177 br_multicast_query_received(br, port, !ipv6_addr_any(&ip6h->saddr));
1179 if (skb->len == sizeof(*mld)) {
1180 if (!pskb_may_pull(skb, sizeof(*mld))) {
1184 mld = (struct mld_msg *) icmp6_hdr(skb);
1185 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay));
1187 group = &mld->mld_mca;
1188 } else if (skb->len >= sizeof(*mld2q)) {
1189 if (!pskb_may_pull(skb, sizeof(*mld2q))) {
1193 mld2q = (struct mld2_query *)icmp6_hdr(skb);
1194 if (!mld2q->mld2q_nsrcs)
1195 group = &mld2q->mld2q_mca;
1196 max_delay = mld2q->mld2q_mrc ? MLDV2_MRC(ntohs(mld2q->mld2q_mrc)) : 1;
1202 br_vlan_get_tag(skb, &vid);
1203 mp = br_mdb_ip6_get(mlock_dereference(br->mdb, br), group, vid);
1207 max_delay *= br->multicast_last_member_count;
1209 (timer_pending(&mp->timer) ?
1210 time_after(mp->timer.expires, now + max_delay) :
1211 try_to_del_timer_sync(&mp->timer) >= 0))
1212 mod_timer(&mp->timer, now + max_delay);
1214 for (pp = &mp->ports;
1215 (p = mlock_dereference(*pp, br)) != NULL;
1217 if (timer_pending(&p->timer) ?
1218 time_after(p->timer.expires, now + max_delay) :
1219 try_to_del_timer_sync(&p->timer) >= 0)
1220 mod_timer(&p->timer, now + max_delay);
1224 spin_unlock(&br->multicast_lock);
1229 static void br_multicast_leave_group(struct net_bridge *br,
1230 struct net_bridge_port *port,
1231 struct br_ip *group)
1233 struct net_bridge_mdb_htable *mdb;
1234 struct net_bridge_mdb_entry *mp;
1235 struct net_bridge_port_group *p;
1239 spin_lock(&br->multicast_lock);
1240 if (!netif_running(br->dev) ||
1241 (port && port->state == BR_STATE_DISABLED) ||
1242 timer_pending(&br->multicast_querier_timer))
1245 mdb = mlock_dereference(br->mdb, br);
1246 mp = br_mdb_ip_get(mdb, group);
1250 if (port && (port->flags & BR_MULTICAST_FAST_LEAVE)) {
1251 struct net_bridge_port_group __rcu **pp;
1253 for (pp = &mp->ports;
1254 (p = mlock_dereference(*pp, br)) != NULL;
1256 if (p->port != port)
1259 rcu_assign_pointer(*pp, p->next);
1260 hlist_del_init(&p->mglist);
1261 del_timer(&p->timer);
1262 call_rcu_bh(&p->rcu, br_multicast_free_pg);
1263 br_mdb_notify(br->dev, port, group, RTM_DELMDB);
1265 if (!mp->ports && !mp->mglist &&
1266 netif_running(br->dev))
1267 mod_timer(&mp->timer, jiffies);
1273 time = now + br->multicast_last_member_count *
1274 br->multicast_last_member_interval;
1278 (timer_pending(&mp->timer) ?
1279 time_after(mp->timer.expires, time) :
1280 try_to_del_timer_sync(&mp->timer) >= 0)) {
1281 mod_timer(&mp->timer, time);
1287 for (p = mlock_dereference(mp->ports, br);
1289 p = mlock_dereference(p->next, br)) {
1290 if (p->port != port)
1293 if (!hlist_unhashed(&p->mglist) &&
1294 (timer_pending(&p->timer) ?
1295 time_after(p->timer.expires, time) :
1296 try_to_del_timer_sync(&p->timer) >= 0)) {
1297 mod_timer(&p->timer, time);
1304 spin_unlock(&br->multicast_lock);
1307 static void br_ip4_multicast_leave_group(struct net_bridge *br,
1308 struct net_bridge_port *port,
1312 struct br_ip br_group;
1314 if (ipv4_is_local_multicast(group))
1317 br_group.u.ip4 = group;
1318 br_group.proto = htons(ETH_P_IP);
1321 br_multicast_leave_group(br, port, &br_group);
1324 #if IS_ENABLED(CONFIG_IPV6)
1325 static void br_ip6_multicast_leave_group(struct net_bridge *br,
1326 struct net_bridge_port *port,
1327 const struct in6_addr *group,
1330 struct br_ip br_group;
1332 if (!ipv6_is_transient_multicast(group))
1335 br_group.u.ip6 = *group;
1336 br_group.proto = htons(ETH_P_IPV6);
1339 br_multicast_leave_group(br, port, &br_group);
1343 static int br_multicast_ipv4_rcv(struct net_bridge *br,
1344 struct net_bridge_port *port,
1345 struct sk_buff *skb)
1347 struct sk_buff *skb2 = skb;
1348 const struct iphdr *iph;
1351 unsigned int offset;
1355 /* We treat OOM as packet loss for now. */
1356 if (!pskb_may_pull(skb, sizeof(*iph)))
1361 if (iph->ihl < 5 || iph->version != 4)
1364 if (!pskb_may_pull(skb, ip_hdrlen(skb)))
1369 if (unlikely(ip_fast_csum((u8 *)iph, iph->ihl)))
1372 if (iph->protocol != IPPROTO_IGMP) {
1373 if (!ipv4_is_local_multicast(iph->daddr))
1374 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1378 len = ntohs(iph->tot_len);
1379 if (skb->len < len || len < ip_hdrlen(skb))
1382 if (skb->len > len) {
1383 skb2 = skb_clone(skb, GFP_ATOMIC);
1387 err = pskb_trim_rcsum(skb2, len);
1392 len -= ip_hdrlen(skb2);
1393 offset = skb_network_offset(skb2) + ip_hdrlen(skb2);
1394 __skb_pull(skb2, offset);
1395 skb_reset_transport_header(skb2);
1398 if (!pskb_may_pull(skb2, sizeof(*ih)))
1401 switch (skb2->ip_summed) {
1402 case CHECKSUM_COMPLETE:
1403 if (!csum_fold(skb2->csum))
1408 if (skb_checksum_complete(skb2))
1414 br_vlan_get_tag(skb2, &vid);
1415 BR_INPUT_SKB_CB(skb)->igmp = 1;
1416 ih = igmp_hdr(skb2);
1419 case IGMP_HOST_MEMBERSHIP_REPORT:
1420 case IGMPV2_HOST_MEMBERSHIP_REPORT:
1421 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1422 err = br_ip4_multicast_add_group(br, port, ih->group, vid);
1424 case IGMPV3_HOST_MEMBERSHIP_REPORT:
1425 err = br_ip4_multicast_igmp3_report(br, port, skb2);
1427 case IGMP_HOST_MEMBERSHIP_QUERY:
1428 err = br_ip4_multicast_query(br, port, skb2);
1430 case IGMP_HOST_LEAVE_MESSAGE:
1431 br_ip4_multicast_leave_group(br, port, ih->group, vid);
1436 __skb_push(skb2, offset);
1443 #if IS_ENABLED(CONFIG_IPV6)
1444 static int br_multicast_ipv6_rcv(struct net_bridge *br,
1445 struct net_bridge_port *port,
1446 struct sk_buff *skb)
1448 struct sk_buff *skb2;
1449 const struct ipv6hdr *ip6h;
1458 if (!pskb_may_pull(skb, sizeof(*ip6h)))
1461 ip6h = ipv6_hdr(skb);
1464 * We're interested in MLD messages only.
1466 * - MLD has always Router Alert hop-by-hop option
1467 * - But we do not support jumbrograms.
1469 if (ip6h->version != 6 ||
1470 ip6h->nexthdr != IPPROTO_HOPOPTS ||
1471 ip6h->payload_len == 0)
1474 len = ntohs(ip6h->payload_len) + sizeof(*ip6h);
1478 nexthdr = ip6h->nexthdr;
1479 offset = ipv6_skip_exthdr(skb, sizeof(*ip6h), &nexthdr, &frag_off);
1481 if (offset < 0 || nexthdr != IPPROTO_ICMPV6)
1484 /* Okay, we found ICMPv6 header */
1485 skb2 = skb_clone(skb, GFP_ATOMIC);
1490 if (!pskb_may_pull(skb2, offset + sizeof(struct icmp6hdr)))
1493 len -= offset - skb_network_offset(skb2);
1495 __skb_pull(skb2, offset);
1496 skb_reset_transport_header(skb2);
1497 skb_postpull_rcsum(skb2, skb_network_header(skb2),
1498 skb_network_header_len(skb2));
1500 icmp6_type = icmp6_hdr(skb2)->icmp6_type;
1502 switch (icmp6_type) {
1503 case ICMPV6_MGM_QUERY:
1504 case ICMPV6_MGM_REPORT:
1505 case ICMPV6_MGM_REDUCTION:
1506 case ICMPV6_MLD2_REPORT:
1513 /* Okay, we found MLD message. Check further. */
1514 if (skb2->len > len) {
1515 err = pskb_trim_rcsum(skb2, len);
1521 ip6h = ipv6_hdr(skb2);
1523 switch (skb2->ip_summed) {
1524 case CHECKSUM_COMPLETE:
1525 if (!csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, skb2->len,
1526 IPPROTO_ICMPV6, skb2->csum))
1530 skb2->csum = ~csum_unfold(csum_ipv6_magic(&ip6h->saddr,
1533 IPPROTO_ICMPV6, 0));
1534 if (__skb_checksum_complete(skb2))
1540 br_vlan_get_tag(skb, &vid);
1541 BR_INPUT_SKB_CB(skb)->igmp = 1;
1543 switch (icmp6_type) {
1544 case ICMPV6_MGM_REPORT:
1546 struct mld_msg *mld;
1547 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1551 mld = (struct mld_msg *)skb_transport_header(skb2);
1552 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
1553 err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid);
1556 case ICMPV6_MLD2_REPORT:
1557 err = br_ip6_multicast_mld2_report(br, port, skb2);
1559 case ICMPV6_MGM_QUERY:
1560 err = br_ip6_multicast_query(br, port, skb2);
1562 case ICMPV6_MGM_REDUCTION:
1564 struct mld_msg *mld;
1565 if (!pskb_may_pull(skb2, sizeof(*mld))) {
1569 mld = (struct mld_msg *)skb_transport_header(skb2);
1570 br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid);
1580 int br_multicast_rcv(struct net_bridge *br, struct net_bridge_port *port,
1581 struct sk_buff *skb)
1583 BR_INPUT_SKB_CB(skb)->igmp = 0;
1584 BR_INPUT_SKB_CB(skb)->mrouters_only = 0;
1586 if (br->multicast_disabled)
1589 switch (skb->protocol) {
1590 case htons(ETH_P_IP):
1591 return br_multicast_ipv4_rcv(br, port, skb);
1592 #if IS_ENABLED(CONFIG_IPV6)
1593 case htons(ETH_P_IPV6):
1594 return br_multicast_ipv6_rcv(br, port, skb);
1601 static void br_multicast_query_expired(unsigned long data)
1603 struct net_bridge *br = (void *)data;
1605 spin_lock(&br->multicast_lock);
1606 if (br->multicast_startup_queries_sent <
1607 br->multicast_startup_query_count)
1608 br->multicast_startup_queries_sent++;
1610 br_multicast_send_query(br, NULL, br->multicast_startup_queries_sent);
1612 spin_unlock(&br->multicast_lock);
1615 void br_multicast_init(struct net_bridge *br)
1617 br->hash_elasticity = 4;
1620 br->multicast_router = 1;
1621 br->multicast_querier = 0;
1622 br->multicast_last_member_count = 2;
1623 br->multicast_startup_query_count = 2;
1625 br->multicast_last_member_interval = HZ;
1626 br->multicast_query_response_interval = 10 * HZ;
1627 br->multicast_startup_query_interval = 125 * HZ / 4;
1628 br->multicast_query_interval = 125 * HZ;
1629 br->multicast_querier_interval = 255 * HZ;
1630 br->multicast_membership_interval = 260 * HZ;
1632 spin_lock_init(&br->multicast_lock);
1633 setup_timer(&br->multicast_router_timer,
1634 br_multicast_local_router_expired, 0);
1635 setup_timer(&br->multicast_querier_timer,
1636 br_multicast_querier_expired, (unsigned long)br);
1637 setup_timer(&br->multicast_query_timer, br_multicast_query_expired,
1641 void br_multicast_open(struct net_bridge *br)
1643 br->multicast_startup_queries_sent = 0;
1645 if (br->multicast_disabled)
1648 mod_timer(&br->multicast_query_timer, jiffies);
1651 void br_multicast_stop(struct net_bridge *br)
1653 struct net_bridge_mdb_htable *mdb;
1654 struct net_bridge_mdb_entry *mp;
1655 struct hlist_node *n;
1659 del_timer_sync(&br->multicast_router_timer);
1660 del_timer_sync(&br->multicast_querier_timer);
1661 del_timer_sync(&br->multicast_query_timer);
1663 spin_lock_bh(&br->multicast_lock);
1664 mdb = mlock_dereference(br->mdb, br);
1671 for (i = 0; i < mdb->max; i++) {
1672 hlist_for_each_entry_safe(mp, n, &mdb->mhash[i],
1674 del_timer(&mp->timer);
1675 call_rcu_bh(&mp->rcu, br_multicast_free_group);
1680 spin_unlock_bh(&br->multicast_lock);
1682 spin_lock_bh(&br->multicast_lock);
1687 call_rcu_bh(&mdb->rcu, br_mdb_free);
1690 spin_unlock_bh(&br->multicast_lock);
1693 int br_multicast_set_router(struct net_bridge *br, unsigned long val)
1697 spin_lock_bh(&br->multicast_lock);
1698 if (!netif_running(br->dev))
1704 del_timer(&br->multicast_router_timer);
1707 br->multicast_router = val;
1717 spin_unlock_bh(&br->multicast_lock);
1722 int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val)
1724 struct net_bridge *br = p->br;
1727 spin_lock(&br->multicast_lock);
1728 if (!netif_running(br->dev) || p->state == BR_STATE_DISABLED)
1735 p->multicast_router = val;
1738 if (val < 2 && !hlist_unhashed(&p->rlist))
1739 hlist_del_init_rcu(&p->rlist);
1744 del_timer(&p->multicast_router_timer);
1749 br_multicast_add_router(br, p);
1758 spin_unlock(&br->multicast_lock);
1763 static void br_multicast_start_querier(struct net_bridge *br)
1765 struct net_bridge_port *port;
1767 br_multicast_open(br);
1769 list_for_each_entry(port, &br->port_list, list) {
1770 if (port->state == BR_STATE_DISABLED ||
1771 port->state == BR_STATE_BLOCKING)
1774 __br_multicast_enable_port(port);
1778 int br_multicast_toggle(struct net_bridge *br, unsigned long val)
1781 struct net_bridge_mdb_htable *mdb;
1783 spin_lock_bh(&br->multicast_lock);
1784 if (br->multicast_disabled == !val)
1787 br->multicast_disabled = !val;
1788 if (br->multicast_disabled)
1791 if (!netif_running(br->dev))
1794 mdb = mlock_dereference(br->mdb, br);
1799 br->multicast_disabled = !!val;
1803 err = br_mdb_rehash(&br->mdb, mdb->max,
1804 br->hash_elasticity);
1809 br_multicast_start_querier(br);
1812 spin_unlock_bh(&br->multicast_lock);
1817 int br_multicast_set_querier(struct net_bridge *br, unsigned long val)
1821 spin_lock_bh(&br->multicast_lock);
1822 if (br->multicast_querier == val)
1825 br->multicast_querier = val;
1827 br_multicast_start_querier(br);
1830 spin_unlock_bh(&br->multicast_lock);
1835 int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val)
1839 struct net_bridge_mdb_htable *mdb;
1841 spin_lock(&br->multicast_lock);
1842 if (!netif_running(br->dev))
1846 if (!is_power_of_2(val))
1849 mdb = mlock_dereference(br->mdb, br);
1850 if (mdb && val < mdb->size)
1866 err = br_mdb_rehash(&br->mdb, br->hash_max,
1867 br->hash_elasticity);
1873 spin_unlock(&br->multicast_lock);