1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Bridge multicast support.
4 *
5 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au>
6 */
7
8#include <linux/err.h>
9#include <linux/export.h>
10#include <linux/if_ether.h>
11#include <linux/igmp.h>
12#include <linux/in.h>
13#include <linux/jhash.h>
14#include <linux/kernel.h>
15#include <linux/log2.h>
16#include <linux/netdevice.h>
17#include <linux/netfilter_bridge.h>
18#include <linux/random.h>
19#include <linux/rculist.h>
20#include <linux/skbuff.h>
21#include <linux/slab.h>
22#include <linux/timer.h>
23#include <linux/inetdevice.h>
24#include <linux/mroute.h>
25#include <net/ip.h>
26#include <net/switchdev.h>
27#if IS_ENABLED(CONFIG_IPV6)
28#include <linux/icmpv6.h>
29#include <net/ipv6.h>
30#include <net/mld.h>
31#include <net/ip6_checksum.h>
32#include <net/addrconf.h>
33#endif
34#include <trace/events/bridge.h>
35
36#include "br_private.h"
37#include "br_private_mcast_eht.h"
38
39static const struct rhashtable_params br_mdb_rht_params = {
40 .head_offset = offsetof(struct net_bridge_mdb_entry, rhnode),
41 .key_offset = offsetof(struct net_bridge_mdb_entry, addr),
42 .key_len = sizeof(struct br_ip),
43 .automatic_shrinking = true,
44};
45
46static const struct rhashtable_params br_sg_port_rht_params = {
47 .head_offset = offsetof(struct net_bridge_port_group, rhnode),
48 .key_offset = offsetof(struct net_bridge_port_group, key),
49 .key_len = sizeof(struct net_bridge_port_group_sg_key),
50 .automatic_shrinking = true,
51};
52
53static void br_multicast_start_querier(struct net_bridge_mcast *brmctx,
54 struct bridge_mcast_own_query *query);
55static void br_ip4_multicast_add_router(struct net_bridge_mcast *brmctx,
56 struct net_bridge_mcast_port *pmctx);
57static void br_ip4_multicast_leave_group(struct net_bridge_mcast *brmctx,
58 struct net_bridge_mcast_port *pmctx,
59 __be32 group,
60 __u16 vid,
61 const unsigned char *src);
62static void br_multicast_port_group_rexmit(struct timer_list *t);
63
64static void
65br_multicast_rport_del_notify(struct net_bridge_mcast_port *pmctx, bool deleted);
66static void br_ip6_multicast_add_router(struct net_bridge_mcast *brmctx,
67 struct net_bridge_mcast_port *pmctx);
68#if IS_ENABLED(CONFIG_IPV6)
69static void br_ip6_multicast_leave_group(struct net_bridge_mcast *brmctx,
70 struct net_bridge_mcast_port *pmctx,
71 const struct in6_addr *group,
72 __u16 vid, const unsigned char *src);
73#endif
74static struct net_bridge_port_group *
75__br_multicast_add_group(struct net_bridge_mcast *brmctx,
76 struct net_bridge_mcast_port *pmctx,
77 struct br_ip *group,
78 const unsigned char *src,
79 u8 filter_mode,
80 bool igmpv2_mldv1,
81 bool blocked);
82static void br_multicast_find_del_pg(struct net_bridge *br,
83 struct net_bridge_port_group *pg);
84static void __br_multicast_stop(struct net_bridge_mcast *brmctx);
85
86static int br_mc_disabled_update(struct net_device *dev, bool value,
87 struct netlink_ext_ack *extack);
88
89static struct net_bridge_port_group *
90br_sg_port_find(struct net_bridge *br,
91 struct net_bridge_port_group_sg_key *sg_p)
92{
93 lockdep_assert_held_once(&br->multicast_lock);
94
95 return rhashtable_lookup_fast(ht: &br->sg_port_tbl, key: sg_p,
96 params: br_sg_port_rht_params);
97}
98
99static struct net_bridge_mdb_entry *br_mdb_ip_get_rcu(struct net_bridge *br,
100 struct br_ip *dst)
101{
102 return rhashtable_lookup(ht: &br->mdb_hash_tbl, key: dst, params: br_mdb_rht_params);
103}
104
105struct net_bridge_mdb_entry *br_mdb_ip_get(struct net_bridge *br,
106 struct br_ip *dst)
107{
108 struct net_bridge_mdb_entry *ent;
109
110 lockdep_assert_held_once(&br->multicast_lock);
111
112 rcu_read_lock();
113 ent = rhashtable_lookup(ht: &br->mdb_hash_tbl, key: dst, params: br_mdb_rht_params);
114 rcu_read_unlock();
115
116 return ent;
117}
118
119static struct net_bridge_mdb_entry *br_mdb_ip4_get(struct net_bridge *br,
120 __be32 dst, __u16 vid)
121{
122 struct br_ip br_dst;
123
124 memset(&br_dst, 0, sizeof(br_dst));
125 br_dst.dst.ip4 = dst;
126 br_dst.proto = htons(ETH_P_IP);
127 br_dst.vid = vid;
128
129 return br_mdb_ip_get(br, dst: &br_dst);
130}
131
132#if IS_ENABLED(CONFIG_IPV6)
133static struct net_bridge_mdb_entry *br_mdb_ip6_get(struct net_bridge *br,
134 const struct in6_addr *dst,
135 __u16 vid)
136{
137 struct br_ip br_dst;
138
139 memset(&br_dst, 0, sizeof(br_dst));
140 br_dst.dst.ip6 = *dst;
141 br_dst.proto = htons(ETH_P_IPV6);
142 br_dst.vid = vid;
143
144 return br_mdb_ip_get(br, dst: &br_dst);
145}
146#endif
147
148struct net_bridge_mdb_entry *
149br_mdb_entry_skb_get(struct net_bridge_mcast *brmctx, struct sk_buff *skb,
150 u16 vid)
151{
152 struct net_bridge *br = brmctx->br;
153 struct br_ip ip;
154
155 if (!br_opt_get(br, opt: BROPT_MULTICAST_ENABLED) ||
156 br_multicast_ctx_vlan_global_disabled(brmctx))
157 return NULL;
158
159 if (BR_INPUT_SKB_CB(skb)->igmp)
160 return NULL;
161
162 memset(&ip, 0, sizeof(ip));
163 ip.proto = skb->protocol;
164 ip.vid = vid;
165
166 switch (skb->protocol) {
167 case htons(ETH_P_IP):
168 ip.dst.ip4 = ip_hdr(skb)->daddr;
169 if (brmctx->multicast_igmp_version == 3) {
170 struct net_bridge_mdb_entry *mdb;
171
172 ip.src.ip4 = ip_hdr(skb)->saddr;
173 mdb = br_mdb_ip_get_rcu(br, dst: &ip);
174 if (mdb)
175 return mdb;
176 ip.src.ip4 = 0;
177 }
178 break;
179#if IS_ENABLED(CONFIG_IPV6)
180 case htons(ETH_P_IPV6):
181 ip.dst.ip6 = ipv6_hdr(skb)->daddr;
182 if (brmctx->multicast_mld_version == 2) {
183 struct net_bridge_mdb_entry *mdb;
184
185 ip.src.ip6 = ipv6_hdr(skb)->saddr;
186 mdb = br_mdb_ip_get_rcu(br, dst: &ip);
187 if (mdb)
188 return mdb;
189 memset(&ip.src.ip6, 0, sizeof(ip.src.ip6));
190 }
191 break;
192#endif
193 default:
194 ip.proto = 0;
195 ether_addr_copy(dst: ip.dst.mac_addr, src: eth_hdr(skb)->h_dest);
196 }
197
198 return br_mdb_ip_get_rcu(br, dst: &ip);
199}
200
201/* IMPORTANT: this function must be used only when the contexts cannot be
202 * passed down (e.g. timer) and must be used for read-only purposes because
203 * the vlan snooping option can change, so it can return any context
204 * (non-vlan or vlan). Its initial intended purpose is to read timer values
205 * from the *current* context based on the option. At worst that could lead
206 * to inconsistent timers when the contexts are changed, i.e. src timer
207 * which needs to re-arm with a specific delay taken from the old context
208 */
209static struct net_bridge_mcast_port *
210br_multicast_pg_to_port_ctx(const struct net_bridge_port_group *pg)
211{
212 struct net_bridge_mcast_port *pmctx = &pg->key.port->multicast_ctx;
213 struct net_bridge_vlan *vlan;
214
215 lockdep_assert_held_once(&pg->key.port->br->multicast_lock);
216
217 /* if vlan snooping is disabled use the port's multicast context */
218 if (!pg->key.addr.vid ||
219 !br_opt_get(br: pg->key.port->br, opt: BROPT_MCAST_VLAN_SNOOPING_ENABLED))
220 goto out;
221
222 /* locking is tricky here, due to different rules for multicast and
223 * vlans we need to take rcu to find the vlan and make sure it has
224 * the BR_VLFLAG_MCAST_ENABLED flag set, it can only change under
225 * multicast_lock which must be already held here, so the vlan's pmctx
226 * can safely be used on return
227 */
228 rcu_read_lock();
229 vlan = br_vlan_find(vg: nbp_vlan_group_rcu(p: pg->key.port), vid: pg->key.addr.vid);
230 if (vlan && !br_multicast_port_ctx_vlan_disabled(pmctx: &vlan->port_mcast_ctx))
231 pmctx = &vlan->port_mcast_ctx;
232 else
233 pmctx = NULL;
234 rcu_read_unlock();
235out:
236 return pmctx;
237}
238
239static struct net_bridge_mcast_port *
240br_multicast_port_vid_to_port_ctx(struct net_bridge_port *port, u16 vid)
241{
242 struct net_bridge_mcast_port *pmctx = NULL;
243 struct net_bridge_vlan *vlan;
244
245 lockdep_assert_held_once(&port->br->multicast_lock);
246
247 if (!br_opt_get(br: port->br, opt: BROPT_MCAST_VLAN_SNOOPING_ENABLED))
248 return NULL;
249
250 /* Take RCU to access the vlan. */
251 rcu_read_lock();
252
253 vlan = br_vlan_find(vg: nbp_vlan_group_rcu(p: port), vid);
254 if (vlan && !br_multicast_port_ctx_vlan_disabled(pmctx: &vlan->port_mcast_ctx))
255 pmctx = &vlan->port_mcast_ctx;
256
257 rcu_read_unlock();
258
259 return pmctx;
260}
261
262/* when snooping we need to check if the contexts should be used
263 * in the following order:
264 * - if pmctx is non-NULL (port), check if it should be used
265 * - if pmctx is NULL (bridge), check if brmctx should be used
266 */
267static bool
268br_multicast_ctx_should_use(const struct net_bridge_mcast *brmctx,
269 const struct net_bridge_mcast_port *pmctx)
270{
271 if (!netif_running(dev: brmctx->br->dev))
272 return false;
273
274 if (pmctx)
275 return !br_multicast_port_ctx_state_disabled(pmctx);
276 else
277 return !br_multicast_ctx_vlan_disabled(brmctx);
278}
279
280static bool br_port_group_equal(struct net_bridge_port_group *p,
281 struct net_bridge_port *port,
282 const unsigned char *src)
283{
284 if (p->key.port != port)
285 return false;
286
287 if (!(port->flags & BR_MULTICAST_TO_UNICAST))
288 return true;
289
290 return ether_addr_equal(addr1: src, addr2: p->eth_addr);
291}
292
293static void __fwd_add_star_excl(struct net_bridge_mcast_port *pmctx,
294 struct net_bridge_port_group *pg,
295 struct br_ip *sg_ip)
296{
297 struct net_bridge_port_group_sg_key sg_key;
298 struct net_bridge_port_group *src_pg;
299 struct net_bridge_mcast *brmctx;
300
301 memset(&sg_key, 0, sizeof(sg_key));
302 brmctx = br_multicast_port_ctx_get_global(pmctx);
303 sg_key.port = pg->key.port;
304 sg_key.addr = *sg_ip;
305 if (br_sg_port_find(br: brmctx->br, sg_p: &sg_key))
306 return;
307
308 src_pg = __br_multicast_add_group(brmctx, pmctx,
309 group: sg_ip, src: pg->eth_addr,
310 MCAST_INCLUDE, igmpv2_mldv1: false, blocked: false);
311 if (IS_ERR_OR_NULL(ptr: src_pg) ||
312 src_pg->rt_protocol != RTPROT_KERNEL)
313 return;
314
315 src_pg->flags |= MDB_PG_FLAGS_STAR_EXCL;
316}
317
318static void __fwd_del_star_excl(struct net_bridge_port_group *pg,
319 struct br_ip *sg_ip)
320{
321 struct net_bridge_port_group_sg_key sg_key;
322 struct net_bridge *br = pg->key.port->br;
323 struct net_bridge_port_group *src_pg;
324
325 memset(&sg_key, 0, sizeof(sg_key));
326 sg_key.port = pg->key.port;
327 sg_key.addr = *sg_ip;
328 src_pg = br_sg_port_find(br, sg_p: &sg_key);
329 if (!src_pg || !(src_pg->flags & MDB_PG_FLAGS_STAR_EXCL) ||
330 src_pg->rt_protocol != RTPROT_KERNEL)
331 return;
332
333 br_multicast_find_del_pg(br, pg: src_pg);
334}
335
336/* When a port group transitions to (or is added as) EXCLUDE we need to add it
337 * to all other ports' S,G entries which are not blocked by the current group
338 * for proper replication, the assumption is that any S,G blocked entries
339 * are already added so the S,G,port lookup should skip them.
340 * When a port group transitions from EXCLUDE -> INCLUDE mode or is being
341 * deleted we need to remove it from all ports' S,G entries where it was
342 * automatically installed before (i.e. where it's MDB_PG_FLAGS_STAR_EXCL).
343 */
344void br_multicast_star_g_handle_mode(struct net_bridge_port_group *pg,
345 u8 filter_mode)
346{
347 struct net_bridge *br = pg->key.port->br;
348 struct net_bridge_port_group *pg_lst;
349 struct net_bridge_mcast_port *pmctx;
350 struct net_bridge_mdb_entry *mp;
351 struct br_ip sg_ip;
352
353 if (WARN_ON(!br_multicast_is_star_g(&pg->key.addr)))
354 return;
355
356 mp = br_mdb_ip_get(br, dst: &pg->key.addr);
357 if (!mp)
358 return;
359 pmctx = br_multicast_pg_to_port_ctx(pg);
360 if (!pmctx)
361 return;
362
363 memset(&sg_ip, 0, sizeof(sg_ip));
364 sg_ip = pg->key.addr;
365
366 for (pg_lst = mlock_dereference(mp->ports, br);
367 pg_lst;
368 pg_lst = mlock_dereference(pg_lst->next, br)) {
369 struct net_bridge_group_src *src_ent;
370
371 if (pg_lst == pg)
372 continue;
373 hlist_for_each_entry(src_ent, &pg_lst->src_list, node) {
374 if (!(src_ent->flags & BR_SGRP_F_INSTALLED))
375 continue;
376 sg_ip.src = src_ent->addr.src;
377 switch (filter_mode) {
378 case MCAST_INCLUDE:
379 __fwd_del_star_excl(pg, sg_ip: &sg_ip);
380 break;
381 case MCAST_EXCLUDE:
382 __fwd_add_star_excl(pmctx, pg, sg_ip: &sg_ip);
383 break;
384 }
385 }
386 }
387}
388
389/* called when adding a new S,G with host_joined == false by default */
390static void br_multicast_sg_host_state(struct net_bridge_mdb_entry *star_mp,
391 struct net_bridge_port_group *sg)
392{
393 struct net_bridge_mdb_entry *sg_mp;
394
395 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr)))
396 return;
397 if (!star_mp->host_joined)
398 return;
399
400 sg_mp = br_mdb_ip_get(br: star_mp->br, dst: &sg->key.addr);
401 if (!sg_mp)
402 return;
403 sg_mp->host_joined = true;
404}
405
406/* set the host_joined state of all of *,G's S,G entries */
407static void br_multicast_star_g_host_state(struct net_bridge_mdb_entry *star_mp)
408{
409 struct net_bridge *br = star_mp->br;
410 struct net_bridge_mdb_entry *sg_mp;
411 struct net_bridge_port_group *pg;
412 struct br_ip sg_ip;
413
414 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr)))
415 return;
416
417 memset(&sg_ip, 0, sizeof(sg_ip));
418 sg_ip = star_mp->addr;
419 for (pg = mlock_dereference(star_mp->ports, br);
420 pg;
421 pg = mlock_dereference(pg->next, br)) {
422 struct net_bridge_group_src *src_ent;
423
424 hlist_for_each_entry(src_ent, &pg->src_list, node) {
425 if (!(src_ent->flags & BR_SGRP_F_INSTALLED))
426 continue;
427 sg_ip.src = src_ent->addr.src;
428 sg_mp = br_mdb_ip_get(br, dst: &sg_ip);
429 if (!sg_mp)
430 continue;
431 sg_mp->host_joined = star_mp->host_joined;
432 }
433 }
434}
435
436static void br_multicast_sg_del_exclude_ports(struct net_bridge_mdb_entry *sgmp)
437{
438 struct net_bridge_port_group __rcu **pp;
439 struct net_bridge_port_group *p;
440
441 /* *,G exclude ports are only added to S,G entries */
442 if (WARN_ON(br_multicast_is_star_g(&sgmp->addr)))
443 return;
444
445 /* we need the STAR_EXCLUDE ports if there are non-STAR_EXCLUDE ports
446 * we should ignore perm entries since they're managed by user-space
447 */
448 for (pp = &sgmp->ports;
449 (p = mlock_dereference(*pp, sgmp->br)) != NULL;
450 pp = &p->next)
451 if (!(p->flags & (MDB_PG_FLAGS_STAR_EXCL |
452 MDB_PG_FLAGS_PERMANENT)))
453 return;
454
455 /* currently the host can only have joined the *,G which means
456 * we treat it as EXCLUDE {}, so for an S,G it's considered a
457 * STAR_EXCLUDE entry and we can safely leave it
458 */
459 sgmp->host_joined = false;
460
461 for (pp = &sgmp->ports;
462 (p = mlock_dereference(*pp, sgmp->br)) != NULL;) {
463 if (!(p->flags & MDB_PG_FLAGS_PERMANENT))
464 br_multicast_del_pg(mp: sgmp, pg: p, pp);
465 else
466 pp = &p->next;
467 }
468}
469
470void br_multicast_sg_add_exclude_ports(struct net_bridge_mdb_entry *star_mp,
471 struct net_bridge_port_group *sg)
472{
473 struct net_bridge_port_group_sg_key sg_key;
474 struct net_bridge *br = star_mp->br;
475 struct net_bridge_mcast_port *pmctx;
476 struct net_bridge_port_group *pg;
477 struct net_bridge_mcast *brmctx;
478
479 if (WARN_ON(br_multicast_is_star_g(&sg->key.addr)))
480 return;
481 if (WARN_ON(!br_multicast_is_star_g(&star_mp->addr)))
482 return;
483
484 br_multicast_sg_host_state(star_mp, sg);
485 memset(&sg_key, 0, sizeof(sg_key));
486 sg_key.addr = sg->key.addr;
487 /* we need to add all exclude ports to the S,G */
488 for (pg = mlock_dereference(star_mp->ports, br);
489 pg;
490 pg = mlock_dereference(pg->next, br)) {
491 struct net_bridge_port_group *src_pg;
492
493 if (pg == sg || pg->filter_mode == MCAST_INCLUDE)
494 continue;
495
496 sg_key.port = pg->key.port;
497 if (br_sg_port_find(br, sg_p: &sg_key))
498 continue;
499
500 pmctx = br_multicast_pg_to_port_ctx(pg);
501 if (!pmctx)
502 continue;
503 brmctx = br_multicast_port_ctx_get_global(pmctx);
504
505 src_pg = __br_multicast_add_group(brmctx, pmctx,
506 group: &sg->key.addr,
507 src: sg->eth_addr,
508 MCAST_INCLUDE, igmpv2_mldv1: false, blocked: false);
509 if (IS_ERR_OR_NULL(ptr: src_pg) ||
510 src_pg->rt_protocol != RTPROT_KERNEL)
511 continue;
512 src_pg->flags |= MDB_PG_FLAGS_STAR_EXCL;
513 }
514}
515
516static void br_multicast_fwd_src_add(struct net_bridge_group_src *src)
517{
518 struct net_bridge_mdb_entry *star_mp;
519 struct net_bridge_mcast_port *pmctx;
520 struct net_bridge_port_group *sg;
521 struct net_bridge_mcast *brmctx;
522 struct br_ip sg_ip;
523
524 if (src->flags & BR_SGRP_F_INSTALLED)
525 return;
526
527 memset(&sg_ip, 0, sizeof(sg_ip));
528 pmctx = br_multicast_pg_to_port_ctx(pg: src->pg);
529 if (!pmctx)
530 return;
531 brmctx = br_multicast_port_ctx_get_global(pmctx);
532 sg_ip = src->pg->key.addr;
533 sg_ip.src = src->addr.src;
534
535 sg = __br_multicast_add_group(brmctx, pmctx, group: &sg_ip,
536 src: src->pg->eth_addr, MCAST_INCLUDE, igmpv2_mldv1: false,
537 blocked: !timer_pending(timer: &src->timer));
538 if (IS_ERR_OR_NULL(ptr: sg))
539 return;
540 src->flags |= BR_SGRP_F_INSTALLED;
541 sg->flags &= ~MDB_PG_FLAGS_STAR_EXCL;
542
543 /* if it was added by user-space as perm we can skip next steps */
544 if (sg->rt_protocol != RTPROT_KERNEL &&
545 (sg->flags & MDB_PG_FLAGS_PERMANENT))
546 return;
547
548 /* the kernel is now responsible for removing this S,G */
549 timer_delete(timer: &sg->timer);
550 star_mp = br_mdb_ip_get(br: src->br, dst: &src->pg->key.addr);
551 if (!star_mp)
552 return;
553
554 br_multicast_sg_add_exclude_ports(star_mp, sg);
555}
556
557static void br_multicast_fwd_src_remove(struct net_bridge_group_src *src,
558 bool fastleave)
559{
560 struct net_bridge_port_group *p, *pg = src->pg;
561 struct net_bridge_port_group __rcu **pp;
562 struct net_bridge_mdb_entry *mp;
563 struct br_ip sg_ip;
564
565 memset(&sg_ip, 0, sizeof(sg_ip));
566 sg_ip = pg->key.addr;
567 sg_ip.src = src->addr.src;
568
569 mp = br_mdb_ip_get(br: src->br, dst: &sg_ip);
570 if (!mp)
571 return;
572
573 for (pp = &mp->ports;
574 (p = mlock_dereference(*pp, src->br)) != NULL;
575 pp = &p->next) {
576 if (!br_port_group_equal(p, port: pg->key.port, src: pg->eth_addr))
577 continue;
578
579 if (p->rt_protocol != RTPROT_KERNEL &&
580 (p->flags & MDB_PG_FLAGS_PERMANENT) &&
581 !(src->flags & BR_SGRP_F_USER_ADDED))
582 break;
583
584 if (fastleave)
585 p->flags |= MDB_PG_FLAGS_FAST_LEAVE;
586 br_multicast_del_pg(mp, pg: p, pp);
587 break;
588 }
589 src->flags &= ~BR_SGRP_F_INSTALLED;
590}
591
592/* install S,G and based on src's timer enable or disable forwarding */
593static void br_multicast_fwd_src_handle(struct net_bridge_group_src *src)
594{
595 struct net_bridge_port_group_sg_key sg_key;
596 struct net_bridge_port_group *sg;
597 u8 old_flags;
598
599 br_multicast_fwd_src_add(src);
600
601 memset(&sg_key, 0, sizeof(sg_key));
602 sg_key.addr = src->pg->key.addr;
603 sg_key.addr.src = src->addr.src;
604 sg_key.port = src->pg->key.port;
605
606 sg = br_sg_port_find(br: src->br, sg_p: &sg_key);
607 if (!sg || (sg->flags & MDB_PG_FLAGS_PERMANENT))
608 return;
609
610 old_flags = sg->flags;
611 if (timer_pending(timer: &src->timer))
612 sg->flags &= ~MDB_PG_FLAGS_BLOCKED;
613 else
614 sg->flags |= MDB_PG_FLAGS_BLOCKED;
615
616 if (old_flags != sg->flags) {
617 struct net_bridge_mdb_entry *sg_mp;
618
619 sg_mp = br_mdb_ip_get(br: src->br, dst: &sg_key.addr);
620 if (!sg_mp)
621 return;
622 br_mdb_notify(dev: src->br->dev, mp: sg_mp, pg: sg, RTM_NEWMDB);
623 }
624}
625
626static void br_multicast_destroy_mdb_entry(struct net_bridge_mcast_gc *gc)
627{
628 struct net_bridge_mdb_entry *mp;
629
630 mp = container_of(gc, struct net_bridge_mdb_entry, mcast_gc);
631 WARN_ON(!hlist_unhashed(&mp->mdb_node));
632 WARN_ON(mp->ports);
633
634 timer_shutdown_sync(timer: &mp->timer);
635 kfree_rcu(mp, rcu);
636}
637
638static void br_multicast_del_mdb_entry(struct net_bridge_mdb_entry *mp)
639{
640 struct net_bridge *br = mp->br;
641
642 rhashtable_remove_fast(ht: &br->mdb_hash_tbl, obj: &mp->rhnode,
643 params: br_mdb_rht_params);
644 hlist_del_init_rcu(n: &mp->mdb_node);
645 hlist_add_head(n: &mp->mcast_gc.gc_node, h: &br->mcast_gc_list);
646 queue_work(wq: system_long_wq, work: &br->mcast_gc_work);
647}
648
649static void br_multicast_group_expired(struct timer_list *t)
650{
651 struct net_bridge_mdb_entry *mp = timer_container_of(mp, t, timer);
652 struct net_bridge *br = mp->br;
653
654 spin_lock(lock: &br->multicast_lock);
655 if (hlist_unhashed(h: &mp->mdb_node) || !netif_running(dev: br->dev) ||
656 timer_pending(timer: &mp->timer))
657 goto out;
658
659 br_multicast_host_leave(mp, notify: true);
660
661 if (mp->ports)
662 goto out;
663 br_multicast_del_mdb_entry(mp);
664out:
665 spin_unlock(lock: &br->multicast_lock);
666}
667
668static void br_multicast_destroy_group_src(struct net_bridge_mcast_gc *gc)
669{
670 struct net_bridge_group_src *src;
671
672 src = container_of(gc, struct net_bridge_group_src, mcast_gc);
673 WARN_ON(!hlist_unhashed(&src->node));
674
675 timer_shutdown_sync(timer: &src->timer);
676 kfree_rcu(src, rcu);
677}
678
679void __br_multicast_del_group_src(struct net_bridge_group_src *src)
680{
681 struct net_bridge *br = src->pg->key.port->br;
682
683 hlist_del_init_rcu(n: &src->node);
684 src->pg->src_ents--;
685 hlist_add_head(n: &src->mcast_gc.gc_node, h: &br->mcast_gc_list);
686 queue_work(wq: system_long_wq, work: &br->mcast_gc_work);
687}
688
689void br_multicast_del_group_src(struct net_bridge_group_src *src,
690 bool fastleave)
691{
692 br_multicast_fwd_src_remove(src, fastleave);
693 __br_multicast_del_group_src(src);
694}
695
696static int
697br_multicast_port_ngroups_inc_one(struct net_bridge_mcast_port *pmctx,
698 struct netlink_ext_ack *extack,
699 const char *what)
700{
701 u32 max = READ_ONCE(pmctx->mdb_max_entries);
702 u32 n = READ_ONCE(pmctx->mdb_n_entries);
703
704 if (max && n >= max) {
705 NL_SET_ERR_MSG_FMT_MOD(extack, "%s is already in %u groups, and mcast_max_groups=%u",
706 what, n, max);
707 return -E2BIG;
708 }
709
710 WRITE_ONCE(pmctx->mdb_n_entries, n + 1);
711 return 0;
712}
713
714static void br_multicast_port_ngroups_dec_one(struct net_bridge_mcast_port *pmctx)
715{
716 u32 n = READ_ONCE(pmctx->mdb_n_entries);
717
718 WARN_ON_ONCE(n == 0);
719 WRITE_ONCE(pmctx->mdb_n_entries, n - 1);
720}
721
722static int br_multicast_port_ngroups_inc(struct net_bridge_port *port,
723 const struct br_ip *group,
724 struct netlink_ext_ack *extack)
725{
726 struct net_bridge_mcast_port *pmctx;
727 int err;
728
729 lockdep_assert_held_once(&port->br->multicast_lock);
730
731 /* Always count on the port context. */
732 err = br_multicast_port_ngroups_inc_one(pmctx: &port->multicast_ctx, extack,
733 what: "Port");
734 if (err) {
735 trace_br_mdb_full(dev: port->dev, group);
736 return err;
737 }
738
739 /* Only count on the VLAN context if VID is given, and if snooping on
740 * that VLAN is enabled.
741 */
742 if (!group->vid)
743 return 0;
744
745 pmctx = br_multicast_port_vid_to_port_ctx(port, vid: group->vid);
746 if (!pmctx)
747 return 0;
748
749 err = br_multicast_port_ngroups_inc_one(pmctx, extack, what: "Port-VLAN");
750 if (err) {
751 trace_br_mdb_full(dev: port->dev, group);
752 goto dec_one_out;
753 }
754
755 return 0;
756
757dec_one_out:
758 br_multicast_port_ngroups_dec_one(pmctx: &port->multicast_ctx);
759 return err;
760}
761
762static void br_multicast_port_ngroups_dec(struct net_bridge_port *port, u16 vid)
763{
764 struct net_bridge_mcast_port *pmctx;
765
766 lockdep_assert_held_once(&port->br->multicast_lock);
767
768 if (vid) {
769 pmctx = br_multicast_port_vid_to_port_ctx(port, vid);
770 if (pmctx)
771 br_multicast_port_ngroups_dec_one(pmctx);
772 }
773 br_multicast_port_ngroups_dec_one(pmctx: &port->multicast_ctx);
774}
775
776u32 br_multicast_ngroups_get(const struct net_bridge_mcast_port *pmctx)
777{
778 return READ_ONCE(pmctx->mdb_n_entries);
779}
780
781void br_multicast_ngroups_set_max(struct net_bridge_mcast_port *pmctx, u32 max)
782{
783 WRITE_ONCE(pmctx->mdb_max_entries, max);
784}
785
786u32 br_multicast_ngroups_get_max(const struct net_bridge_mcast_port *pmctx)
787{
788 return READ_ONCE(pmctx->mdb_max_entries);
789}
790
791static void br_multicast_destroy_port_group(struct net_bridge_mcast_gc *gc)
792{
793 struct net_bridge_port_group *pg;
794
795 pg = container_of(gc, struct net_bridge_port_group, mcast_gc);
796 WARN_ON(!hlist_unhashed(&pg->mglist));
797 WARN_ON(!hlist_empty(&pg->src_list));
798
799 timer_shutdown_sync(timer: &pg->rexmit_timer);
800 timer_shutdown_sync(timer: &pg->timer);
801 kfree_rcu(pg, rcu);
802}
803
804void br_multicast_del_pg(struct net_bridge_mdb_entry *mp,
805 struct net_bridge_port_group *pg,
806 struct net_bridge_port_group __rcu **pp)
807{
808 struct net_bridge *br = pg->key.port->br;
809 struct net_bridge_group_src *ent;
810 struct hlist_node *tmp;
811
812 rcu_assign_pointer(*pp, pg->next);
813 hlist_del_init(n: &pg->mglist);
814 br_multicast_eht_clean_sets(pg);
815 hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node)
816 br_multicast_del_group_src(src: ent, fastleave: false);
817 br_mdb_notify(dev: br->dev, mp, pg, RTM_DELMDB);
818 if (!br_multicast_is_star_g(ip: &mp->addr)) {
819 rhashtable_remove_fast(ht: &br->sg_port_tbl, obj: &pg->rhnode,
820 params: br_sg_port_rht_params);
821 br_multicast_sg_del_exclude_ports(sgmp: mp);
822 } else {
823 br_multicast_star_g_handle_mode(pg, MCAST_INCLUDE);
824 }
825 br_multicast_port_ngroups_dec(port: pg->key.port, vid: pg->key.addr.vid);
826 hlist_add_head(n: &pg->mcast_gc.gc_node, h: &br->mcast_gc_list);
827 queue_work(wq: system_long_wq, work: &br->mcast_gc_work);
828
829 if (!mp->ports && !mp->host_joined && netif_running(dev: br->dev))
830 mod_timer(timer: &mp->timer, expires: jiffies);
831}
832
833static void br_multicast_find_del_pg(struct net_bridge *br,
834 struct net_bridge_port_group *pg)
835{
836 struct net_bridge_port_group __rcu **pp;
837 struct net_bridge_mdb_entry *mp;
838 struct net_bridge_port_group *p;
839
840 mp = br_mdb_ip_get(br, dst: &pg->key.addr);
841 if (WARN_ON(!mp))
842 return;
843
844 for (pp = &mp->ports;
845 (p = mlock_dereference(*pp, br)) != NULL;
846 pp = &p->next) {
847 if (p != pg)
848 continue;
849
850 br_multicast_del_pg(mp, pg, pp);
851 return;
852 }
853
854 WARN_ON(1);
855}
856
857static void br_multicast_port_group_expired(struct timer_list *t)
858{
859 struct net_bridge_port_group *pg = timer_container_of(pg, t, timer);
860 struct net_bridge_group_src *src_ent;
861 struct net_bridge *br = pg->key.port->br;
862 struct hlist_node *tmp;
863 bool changed;
864
865 spin_lock(lock: &br->multicast_lock);
866 if (!netif_running(dev: br->dev) || timer_pending(timer: &pg->timer) ||
867 hlist_unhashed(h: &pg->mglist) || pg->flags & MDB_PG_FLAGS_PERMANENT)
868 goto out;
869
870 changed = !!(pg->filter_mode == MCAST_EXCLUDE);
871 pg->filter_mode = MCAST_INCLUDE;
872 hlist_for_each_entry_safe(src_ent, tmp, &pg->src_list, node) {
873 if (!timer_pending(timer: &src_ent->timer)) {
874 br_multicast_del_group_src(src: src_ent, fastleave: false);
875 changed = true;
876 }
877 }
878
879 if (hlist_empty(h: &pg->src_list)) {
880 br_multicast_find_del_pg(br, pg);
881 } else if (changed) {
882 struct net_bridge_mdb_entry *mp = br_mdb_ip_get(br, dst: &pg->key.addr);
883
884 if (changed && br_multicast_is_star_g(ip: &pg->key.addr))
885 br_multicast_star_g_handle_mode(pg, MCAST_INCLUDE);
886
887 if (WARN_ON(!mp))
888 goto out;
889 br_mdb_notify(dev: br->dev, mp, pg, RTM_NEWMDB);
890 }
891out:
892 spin_unlock(lock: &br->multicast_lock);
893}
894
895static void br_multicast_gc(struct hlist_head *head)
896{
897 struct net_bridge_mcast_gc *gcent;
898 struct hlist_node *tmp;
899
900 hlist_for_each_entry_safe(gcent, tmp, head, gc_node) {
901 hlist_del_init(n: &gcent->gc_node);
902 gcent->destroy(gcent);
903 }
904}
905
906static void __br_multicast_query_handle_vlan(struct net_bridge_mcast *brmctx,
907 struct net_bridge_mcast_port *pmctx,
908 struct sk_buff *skb)
909{
910 struct net_bridge_vlan *vlan = NULL;
911
912 if (pmctx && br_multicast_port_ctx_is_vlan(pmctx))
913 vlan = pmctx->vlan;
914 else if (br_multicast_ctx_is_vlan(brmctx))
915 vlan = brmctx->vlan;
916
917 if (vlan && !(vlan->flags & BRIDGE_VLAN_INFO_UNTAGGED)) {
918 u16 vlan_proto;
919
920 if (br_vlan_get_proto(dev: brmctx->br->dev, p_proto: &vlan_proto) != 0)
921 return;
922 __vlan_hwaccel_put_tag(skb, htons(vlan_proto), vlan_tci: vlan->vid);
923 }
924}
925
926static struct sk_buff *br_ip4_multicast_alloc_query(struct net_bridge_mcast *brmctx,
927 struct net_bridge_mcast_port *pmctx,
928 struct net_bridge_port_group *pg,
929 __be32 ip_dst, __be32 group,
930 bool with_srcs, bool over_lmqt,
931 u8 sflag, u8 *igmp_type,
932 bool *need_rexmit)
933{
934 struct net_bridge_port *p = pg ? pg->key.port : NULL;
935 struct net_bridge_group_src *ent;
936 size_t pkt_size, igmp_hdr_size;
937 unsigned long now = jiffies;
938 struct igmpv3_query *ihv3;
939 void *csum_start = NULL;
940 __sum16 *csum = NULL;
941 struct sk_buff *skb;
942 struct igmphdr *ih;
943 struct ethhdr *eth;
944 unsigned long lmqt;
945 struct iphdr *iph;
946 u16 lmqt_srcs = 0;
947
948 igmp_hdr_size = sizeof(*ih);
949 if (brmctx->multicast_igmp_version == 3) {
950 igmp_hdr_size = sizeof(*ihv3);
951 if (pg && with_srcs) {
952 lmqt = now + (brmctx->multicast_last_member_interval *
953 brmctx->multicast_last_member_count);
954 hlist_for_each_entry(ent, &pg->src_list, node) {
955 if (over_lmqt == time_after(ent->timer.expires,
956 lmqt) &&
957 ent->src_query_rexmit_cnt > 0)
958 lmqt_srcs++;
959 }
960
961 if (!lmqt_srcs)
962 return NULL;
963 igmp_hdr_size += lmqt_srcs * sizeof(__be32);
964 }
965 }
966
967 pkt_size = sizeof(*eth) + sizeof(*iph) + 4 + igmp_hdr_size;
968 if ((p && pkt_size > p->dev->mtu) ||
969 pkt_size > brmctx->br->dev->mtu)
970 return NULL;
971
972 skb = netdev_alloc_skb_ip_align(dev: brmctx->br->dev, length: pkt_size);
973 if (!skb)
974 goto out;
975
976 __br_multicast_query_handle_vlan(brmctx, pmctx, skb);
977 skb->protocol = htons(ETH_P_IP);
978
979 skb_reset_mac_header(skb);
980 eth = eth_hdr(skb);
981
982 ether_addr_copy(dst: eth->h_source, src: brmctx->br->dev->dev_addr);
983 ip_eth_mc_map(naddr: ip_dst, buf: eth->h_dest);
984 eth->h_proto = htons(ETH_P_IP);
985 skb_put(skb, len: sizeof(*eth));
986
987 skb_set_network_header(skb, offset: skb->len);
988 iph = ip_hdr(skb);
989 iph->tot_len = htons(pkt_size - sizeof(*eth));
990
991 iph->version = 4;
992 iph->ihl = 6;
993 iph->tos = 0xc0;
994 iph->id = 0;
995 iph->frag_off = htons(IP_DF);
996 iph->ttl = 1;
997 iph->protocol = IPPROTO_IGMP;
998 iph->saddr = br_opt_get(br: brmctx->br, opt: BROPT_MULTICAST_QUERY_USE_IFADDR) ?
999 inet_select_addr(dev: brmctx->br->dev, dst: 0, scope: RT_SCOPE_LINK) : 0;
1000 iph->daddr = ip_dst;
1001 ((u8 *)&iph[1])[0] = IPOPT_RA;
1002 ((u8 *)&iph[1])[1] = 4;
1003 ((u8 *)&iph[1])[2] = 0;
1004 ((u8 *)&iph[1])[3] = 0;
1005 ip_send_check(ip: iph);
1006 skb_put(skb, len: 24);
1007
1008 skb_set_transport_header(skb, offset: skb->len);
1009 *igmp_type = IGMP_HOST_MEMBERSHIP_QUERY;
1010
1011 switch (brmctx->multicast_igmp_version) {
1012 case 2:
1013 ih = igmp_hdr(skb);
1014 ih->type = IGMP_HOST_MEMBERSHIP_QUERY;
1015 ih->code = (group ? brmctx->multicast_last_member_interval :
1016 brmctx->multicast_query_response_interval) /
1017 (HZ / IGMP_TIMER_SCALE);
1018 ih->group = group;
1019 ih->csum = 0;
1020 csum = &ih->csum;
1021 csum_start = (void *)ih;
1022 break;
1023 case 3:
1024 ihv3 = igmpv3_query_hdr(skb);
1025 ihv3->type = IGMP_HOST_MEMBERSHIP_QUERY;
1026 ihv3->code = (group ? brmctx->multicast_last_member_interval :
1027 brmctx->multicast_query_response_interval) /
1028 (HZ / IGMP_TIMER_SCALE);
1029 ihv3->group = group;
1030 ihv3->qqic = brmctx->multicast_query_interval / HZ;
1031 ihv3->nsrcs = htons(lmqt_srcs);
1032 ihv3->resv = 0;
1033 ihv3->suppress = sflag;
1034 ihv3->qrv = 2;
1035 ihv3->csum = 0;
1036 csum = &ihv3->csum;
1037 csum_start = (void *)ihv3;
1038 if (!pg || !with_srcs)
1039 break;
1040
1041 lmqt_srcs = 0;
1042 hlist_for_each_entry(ent, &pg->src_list, node) {
1043 if (over_lmqt == time_after(ent->timer.expires,
1044 lmqt) &&
1045 ent->src_query_rexmit_cnt > 0) {
1046 ihv3->srcs[lmqt_srcs++] = ent->addr.src.ip4;
1047 ent->src_query_rexmit_cnt--;
1048 if (need_rexmit && ent->src_query_rexmit_cnt)
1049 *need_rexmit = true;
1050 }
1051 }
1052 if (WARN_ON(lmqt_srcs != ntohs(ihv3->nsrcs))) {
1053 kfree_skb(skb);
1054 return NULL;
1055 }
1056 break;
1057 }
1058
1059 if (WARN_ON(!csum || !csum_start)) {
1060 kfree_skb(skb);
1061 return NULL;
1062 }
1063
1064 *csum = ip_compute_csum(buff: csum_start, len: igmp_hdr_size);
1065 skb_put(skb, len: igmp_hdr_size);
1066 __skb_pull(skb, len: sizeof(*eth));
1067
1068out:
1069 return skb;
1070}
1071
1072#if IS_ENABLED(CONFIG_IPV6)
1073static struct sk_buff *br_ip6_multicast_alloc_query(struct net_bridge_mcast *brmctx,
1074 struct net_bridge_mcast_port *pmctx,
1075 struct net_bridge_port_group *pg,
1076 const struct in6_addr *ip6_dst,
1077 const struct in6_addr *group,
1078 bool with_srcs, bool over_llqt,
1079 u8 sflag, u8 *igmp_type,
1080 bool *need_rexmit)
1081{
1082 struct net_bridge_port *p = pg ? pg->key.port : NULL;
1083 struct net_bridge_group_src *ent;
1084 size_t pkt_size, mld_hdr_size;
1085 unsigned long now = jiffies;
1086 struct mld2_query *mld2q;
1087 void *csum_start = NULL;
1088 unsigned long interval;
1089 __sum16 *csum = NULL;
1090 struct ipv6hdr *ip6h;
1091 struct mld_msg *mldq;
1092 struct sk_buff *skb;
1093 unsigned long llqt;
1094 struct ethhdr *eth;
1095 u16 llqt_srcs = 0;
1096 u8 *hopopt;
1097
1098 mld_hdr_size = sizeof(*mldq);
1099 if (brmctx->multicast_mld_version == 2) {
1100 mld_hdr_size = sizeof(*mld2q);
1101 if (pg && with_srcs) {
1102 llqt = now + (brmctx->multicast_last_member_interval *
1103 brmctx->multicast_last_member_count);
1104 hlist_for_each_entry(ent, &pg->src_list, node) {
1105 if (over_llqt == time_after(ent->timer.expires,
1106 llqt) &&
1107 ent->src_query_rexmit_cnt > 0)
1108 llqt_srcs++;
1109 }
1110
1111 if (!llqt_srcs)
1112 return NULL;
1113 mld_hdr_size += llqt_srcs * sizeof(struct in6_addr);
1114 }
1115 }
1116
1117 pkt_size = sizeof(*eth) + sizeof(*ip6h) + 8 + mld_hdr_size;
1118 if ((p && pkt_size > p->dev->mtu) ||
1119 pkt_size > brmctx->br->dev->mtu)
1120 return NULL;
1121
1122 skb = netdev_alloc_skb_ip_align(dev: brmctx->br->dev, length: pkt_size);
1123 if (!skb)
1124 goto out;
1125
1126 __br_multicast_query_handle_vlan(brmctx, pmctx, skb);
1127 skb->protocol = htons(ETH_P_IPV6);
1128
1129 /* Ethernet header */
1130 skb_reset_mac_header(skb);
1131 eth = eth_hdr(skb);
1132
1133 ether_addr_copy(dst: eth->h_source, src: brmctx->br->dev->dev_addr);
1134 eth->h_proto = htons(ETH_P_IPV6);
1135 skb_put(skb, len: sizeof(*eth));
1136
1137 /* IPv6 header + HbH option */
1138 skb_set_network_header(skb, offset: skb->len);
1139 ip6h = ipv6_hdr(skb);
1140
1141 *(__force __be32 *)ip6h = htonl(0x60000000);
1142 ip6h->payload_len = htons(8 + mld_hdr_size);
1143 ip6h->nexthdr = IPPROTO_HOPOPTS;
1144 ip6h->hop_limit = 1;
1145 ip6h->daddr = *ip6_dst;
1146 if (ipv6_dev_get_saddr(net: dev_net(dev: brmctx->br->dev), dev: brmctx->br->dev,
1147 daddr: &ip6h->daddr, srcprefs: 0, saddr: &ip6h->saddr)) {
1148 kfree_skb(skb);
1149 br_opt_toggle(br: brmctx->br, opt: BROPT_HAS_IPV6_ADDR, on: false);
1150 return NULL;
1151 }
1152
1153 br_opt_toggle(br: brmctx->br, opt: BROPT_HAS_IPV6_ADDR, on: true);
1154 ipv6_eth_mc_map(addr: &ip6h->daddr, buf: eth->h_dest);
1155
1156 hopopt = (u8 *)(ip6h + 1);
1157 hopopt[0] = IPPROTO_ICMPV6; /* next hdr */
1158 hopopt[1] = 0; /* length of HbH */
1159 hopopt[2] = IPV6_TLV_ROUTERALERT; /* Router Alert */
1160 hopopt[3] = 2; /* Length of RA Option */
1161 hopopt[4] = 0; /* Type = 0x0000 (MLD) */
1162 hopopt[5] = 0;
1163 hopopt[6] = IPV6_TLV_PAD1; /* Pad1 */
1164 hopopt[7] = IPV6_TLV_PAD1; /* Pad1 */
1165
1166 skb_put(skb, len: sizeof(*ip6h) + 8);
1167
1168 /* ICMPv6 */
1169 skb_set_transport_header(skb, offset: skb->len);
1170 interval = ipv6_addr_any(a: group) ?
1171 brmctx->multicast_query_response_interval :
1172 brmctx->multicast_last_member_interval;
1173 *igmp_type = ICMPV6_MGM_QUERY;
1174 switch (brmctx->multicast_mld_version) {
1175 case 1:
1176 mldq = (struct mld_msg *)icmp6_hdr(skb);
1177 mldq->mld_type = ICMPV6_MGM_QUERY;
1178 mldq->mld_code = 0;
1179 mldq->mld_cksum = 0;
1180 mldq->mld_maxdelay = htons((u16)jiffies_to_msecs(interval));
1181 mldq->mld_reserved = 0;
1182 mldq->mld_mca = *group;
1183 csum = &mldq->mld_cksum;
1184 csum_start = (void *)mldq;
1185 break;
1186 case 2:
1187 mld2q = (struct mld2_query *)icmp6_hdr(skb);
1188 mld2q->mld2q_mrc = htons((u16)jiffies_to_msecs(interval));
1189 mld2q->mld2q_type = ICMPV6_MGM_QUERY;
1190 mld2q->mld2q_code = 0;
1191 mld2q->mld2q_cksum = 0;
1192 mld2q->mld2q_resv1 = 0;
1193 mld2q->mld2q_resv2 = 0;
1194 mld2q->mld2q_suppress = sflag;
1195 mld2q->mld2q_qrv = 2;
1196 mld2q->mld2q_nsrcs = htons(llqt_srcs);
1197 mld2q->mld2q_qqic = brmctx->multicast_query_interval / HZ;
1198 mld2q->mld2q_mca = *group;
1199 csum = &mld2q->mld2q_cksum;
1200 csum_start = (void *)mld2q;
1201 if (!pg || !with_srcs)
1202 break;
1203
1204 llqt_srcs = 0;
1205 hlist_for_each_entry(ent, &pg->src_list, node) {
1206 if (over_llqt == time_after(ent->timer.expires,
1207 llqt) &&
1208 ent->src_query_rexmit_cnt > 0) {
1209 mld2q->mld2q_srcs[llqt_srcs++] = ent->addr.src.ip6;
1210 ent->src_query_rexmit_cnt--;
1211 if (need_rexmit && ent->src_query_rexmit_cnt)
1212 *need_rexmit = true;
1213 }
1214 }
1215 if (WARN_ON(llqt_srcs != ntohs(mld2q->mld2q_nsrcs))) {
1216 kfree_skb(skb);
1217 return NULL;
1218 }
1219 break;
1220 }
1221
1222 if (WARN_ON(!csum || !csum_start)) {
1223 kfree_skb(skb);
1224 return NULL;
1225 }
1226
1227 *csum = csum_ipv6_magic(saddr: &ip6h->saddr, daddr: &ip6h->daddr, len: mld_hdr_size,
1228 IPPROTO_ICMPV6,
1229 csum: csum_partial(buff: csum_start, len: mld_hdr_size, sum: 0));
1230 skb_put(skb, len: mld_hdr_size);
1231 __skb_pull(skb, len: sizeof(*eth));
1232
1233out:
1234 return skb;
1235}
1236#endif
1237
1238static struct sk_buff *br_multicast_alloc_query(struct net_bridge_mcast *brmctx,
1239 struct net_bridge_mcast_port *pmctx,
1240 struct net_bridge_port_group *pg,
1241 struct br_ip *ip_dst,
1242 struct br_ip *group,
1243 bool with_srcs, bool over_lmqt,
1244 u8 sflag, u8 *igmp_type,
1245 bool *need_rexmit)
1246{
1247 __be32 ip4_dst;
1248
1249 switch (group->proto) {
1250 case htons(ETH_P_IP):
1251 ip4_dst = ip_dst ? ip_dst->dst.ip4 : htonl(INADDR_ALLHOSTS_GROUP);
1252 return br_ip4_multicast_alloc_query(brmctx, pmctx, pg,
1253 ip_dst: ip4_dst, group: group->dst.ip4,
1254 with_srcs, over_lmqt,
1255 sflag, igmp_type,
1256 need_rexmit);
1257#if IS_ENABLED(CONFIG_IPV6)
1258 case htons(ETH_P_IPV6): {
1259 struct in6_addr ip6_dst;
1260
1261 if (ip_dst)
1262 ip6_dst = ip_dst->dst.ip6;
1263 else
1264 ipv6_addr_set(addr: &ip6_dst, htonl(0xff020000), w2: 0, w3: 0,
1265 htonl(1));
1266
1267 return br_ip6_multicast_alloc_query(brmctx, pmctx, pg,
1268 ip6_dst: &ip6_dst, group: &group->dst.ip6,
1269 with_srcs, over_llqt: over_lmqt,
1270 sflag, igmp_type,
1271 need_rexmit);
1272 }
1273#endif
1274 }
1275 return NULL;
1276}
1277
1278struct net_bridge_mdb_entry *br_multicast_new_group(struct net_bridge *br,
1279 struct br_ip *group)
1280{
1281 struct net_bridge_mdb_entry *mp;
1282 int err;
1283
1284 mp = br_mdb_ip_get(br, dst: group);
1285 if (mp)
1286 return mp;
1287
1288 if (atomic_read(v: &br->mdb_hash_tbl.nelems) >= br->hash_max) {
1289 trace_br_mdb_full(dev: br->dev, group);
1290 br_mc_disabled_update(dev: br->dev, value: false, NULL);
1291 br_opt_toggle(br, opt: BROPT_MULTICAST_ENABLED, on: false);
1292 return ERR_PTR(error: -E2BIG);
1293 }
1294
1295 mp = kzalloc(sizeof(*mp), GFP_ATOMIC);
1296 if (unlikely(!mp))
1297 return ERR_PTR(error: -ENOMEM);
1298
1299 mp->br = br;
1300 mp->addr = *group;
1301 mp->mcast_gc.destroy = br_multicast_destroy_mdb_entry;
1302 timer_setup(&mp->timer, br_multicast_group_expired, 0);
1303 err = rhashtable_lookup_insert_fast(ht: &br->mdb_hash_tbl, obj: &mp->rhnode,
1304 params: br_mdb_rht_params);
1305 if (err) {
1306 kfree(objp: mp);
1307 mp = ERR_PTR(error: err);
1308 } else {
1309 hlist_add_head_rcu(n: &mp->mdb_node, h: &br->mdb_list);
1310 }
1311
1312 return mp;
1313}
1314
1315static void br_multicast_group_src_expired(struct timer_list *t)
1316{
1317 struct net_bridge_group_src *src = timer_container_of(src, t, timer);
1318 struct net_bridge_port_group *pg;
1319 struct net_bridge *br = src->br;
1320
1321 spin_lock(lock: &br->multicast_lock);
1322 if (hlist_unhashed(h: &src->node) || !netif_running(dev: br->dev) ||
1323 timer_pending(timer: &src->timer))
1324 goto out;
1325
1326 pg = src->pg;
1327 if (pg->filter_mode == MCAST_INCLUDE) {
1328 br_multicast_del_group_src(src, fastleave: false);
1329 if (!hlist_empty(h: &pg->src_list))
1330 goto out;
1331 br_multicast_find_del_pg(br, pg);
1332 } else {
1333 br_multicast_fwd_src_handle(src);
1334 }
1335
1336out:
1337 spin_unlock(lock: &br->multicast_lock);
1338}
1339
1340struct net_bridge_group_src *
1341br_multicast_find_group_src(struct net_bridge_port_group *pg, struct br_ip *ip)
1342{
1343 struct net_bridge_group_src *ent;
1344
1345 switch (ip->proto) {
1346 case htons(ETH_P_IP):
1347 hlist_for_each_entry(ent, &pg->src_list, node)
1348 if (ip->src.ip4 == ent->addr.src.ip4)
1349 return ent;
1350 break;
1351#if IS_ENABLED(CONFIG_IPV6)
1352 case htons(ETH_P_IPV6):
1353 hlist_for_each_entry(ent, &pg->src_list, node)
1354 if (!ipv6_addr_cmp(a1: &ent->addr.src.ip6, a2: &ip->src.ip6))
1355 return ent;
1356 break;
1357#endif
1358 }
1359
1360 return NULL;
1361}
1362
1363struct net_bridge_group_src *
1364br_multicast_new_group_src(struct net_bridge_port_group *pg, struct br_ip *src_ip)
1365{
1366 struct net_bridge_group_src *grp_src;
1367
1368 if (unlikely(pg->src_ents >= PG_SRC_ENT_LIMIT))
1369 return NULL;
1370
1371 switch (src_ip->proto) {
1372 case htons(ETH_P_IP):
1373 if (ipv4_is_zeronet(addr: src_ip->src.ip4) ||
1374 ipv4_is_multicast(addr: src_ip->src.ip4))
1375 return NULL;
1376 break;
1377#if IS_ENABLED(CONFIG_IPV6)
1378 case htons(ETH_P_IPV6):
1379 if (ipv6_addr_any(a: &src_ip->src.ip6) ||
1380 ipv6_addr_is_multicast(addr: &src_ip->src.ip6))
1381 return NULL;
1382 break;
1383#endif
1384 }
1385
1386 grp_src = kzalloc(sizeof(*grp_src), GFP_ATOMIC);
1387 if (unlikely(!grp_src))
1388 return NULL;
1389
1390 grp_src->pg = pg;
1391 grp_src->br = pg->key.port->br;
1392 grp_src->addr = *src_ip;
1393 grp_src->mcast_gc.destroy = br_multicast_destroy_group_src;
1394 timer_setup(&grp_src->timer, br_multicast_group_src_expired, 0);
1395
1396 hlist_add_head_rcu(n: &grp_src->node, h: &pg->src_list);
1397 pg->src_ents++;
1398
1399 return grp_src;
1400}
1401
1402struct net_bridge_port_group *br_multicast_new_port_group(
1403 struct net_bridge_port *port,
1404 const struct br_ip *group,
1405 struct net_bridge_port_group __rcu *next,
1406 unsigned char flags,
1407 const unsigned char *src,
1408 u8 filter_mode,
1409 u8 rt_protocol,
1410 struct netlink_ext_ack *extack)
1411{
1412 struct net_bridge_port_group *p;
1413 int err;
1414
1415 err = br_multicast_port_ngroups_inc(port, group, extack);
1416 if (err)
1417 return NULL;
1418
1419 p = kzalloc(sizeof(*p), GFP_ATOMIC);
1420 if (unlikely(!p)) {
1421 NL_SET_ERR_MSG_MOD(extack, "Couldn't allocate new port group");
1422 goto dec_out;
1423 }
1424
1425 p->key.addr = *group;
1426 p->key.port = port;
1427 p->flags = flags;
1428 p->filter_mode = filter_mode;
1429 p->rt_protocol = rt_protocol;
1430 p->eht_host_tree = RB_ROOT;
1431 p->eht_set_tree = RB_ROOT;
1432 p->mcast_gc.destroy = br_multicast_destroy_port_group;
1433 INIT_HLIST_HEAD(&p->src_list);
1434
1435 if (!br_multicast_is_star_g(ip: group) &&
1436 rhashtable_lookup_insert_fast(ht: &port->br->sg_port_tbl, obj: &p->rhnode,
1437 params: br_sg_port_rht_params)) {
1438 NL_SET_ERR_MSG_MOD(extack, "Couldn't insert new port group");
1439 goto free_out;
1440 }
1441
1442 rcu_assign_pointer(p->next, next);
1443 timer_setup(&p->timer, br_multicast_port_group_expired, 0);
1444 timer_setup(&p->rexmit_timer, br_multicast_port_group_rexmit, 0);
1445 hlist_add_head(n: &p->mglist, h: &port->mglist);
1446
1447 if (src)
1448 memcpy(p->eth_addr, src, ETH_ALEN);
1449 else
1450 eth_broadcast_addr(addr: p->eth_addr);
1451
1452 return p;
1453
1454free_out:
1455 kfree(objp: p);
1456dec_out:
1457 br_multicast_port_ngroups_dec(port, vid: group->vid);
1458 return NULL;
1459}
1460
1461void br_multicast_del_port_group(struct net_bridge_port_group *p)
1462{
1463 struct net_bridge_port *port = p->key.port;
1464 __u16 vid = p->key.addr.vid;
1465
1466 hlist_del_init(n: &p->mglist);
1467 if (!br_multicast_is_star_g(ip: &p->key.addr))
1468 rhashtable_remove_fast(ht: &port->br->sg_port_tbl, obj: &p->rhnode,
1469 params: br_sg_port_rht_params);
1470 kfree(objp: p);
1471 br_multicast_port_ngroups_dec(port, vid);
1472}
1473
1474void br_multicast_host_join(const struct net_bridge_mcast *brmctx,
1475 struct net_bridge_mdb_entry *mp, bool notify)
1476{
1477 if (!mp->host_joined) {
1478 mp->host_joined = true;
1479 if (br_multicast_is_star_g(ip: &mp->addr))
1480 br_multicast_star_g_host_state(star_mp: mp);
1481 if (notify)
1482 br_mdb_notify(dev: mp->br->dev, mp, NULL, RTM_NEWMDB);
1483 }
1484
1485 if (br_group_is_l2(group: &mp->addr))
1486 return;
1487
1488 mod_timer(timer: &mp->timer, expires: jiffies + brmctx->multicast_membership_interval);
1489}
1490
1491void br_multicast_host_leave(struct net_bridge_mdb_entry *mp, bool notify)
1492{
1493 if (!mp->host_joined)
1494 return;
1495
1496 mp->host_joined = false;
1497 if (br_multicast_is_star_g(ip: &mp->addr))
1498 br_multicast_star_g_host_state(star_mp: mp);
1499 if (notify)
1500 br_mdb_notify(dev: mp->br->dev, mp, NULL, RTM_DELMDB);
1501}
1502
1503static struct net_bridge_port_group *
1504__br_multicast_add_group(struct net_bridge_mcast *brmctx,
1505 struct net_bridge_mcast_port *pmctx,
1506 struct br_ip *group,
1507 const unsigned char *src,
1508 u8 filter_mode,
1509 bool igmpv2_mldv1,
1510 bool blocked)
1511{
1512 struct net_bridge_port_group __rcu **pp;
1513 struct net_bridge_port_group *p = NULL;
1514 struct net_bridge_mdb_entry *mp;
1515 unsigned long now = jiffies;
1516
1517 if (!br_multicast_ctx_should_use(brmctx, pmctx))
1518 goto out;
1519
1520 mp = br_multicast_new_group(br: brmctx->br, group);
1521 if (IS_ERR(ptr: mp))
1522 return ERR_CAST(ptr: mp);
1523
1524 if (!pmctx) {
1525 br_multicast_host_join(brmctx, mp, notify: true);
1526 goto out;
1527 }
1528
1529 for (pp = &mp->ports;
1530 (p = mlock_dereference(*pp, brmctx->br)) != NULL;
1531 pp = &p->next) {
1532 if (br_port_group_equal(p, port: pmctx->port, src))
1533 goto found;
1534 if ((unsigned long)p->key.port < (unsigned long)pmctx->port)
1535 break;
1536 }
1537
1538 p = br_multicast_new_port_group(port: pmctx->port, group, next: *pp, flags: 0, src,
1539 filter_mode, RTPROT_KERNEL, NULL);
1540 if (unlikely(!p)) {
1541 p = ERR_PTR(error: -ENOMEM);
1542 goto out;
1543 }
1544 rcu_assign_pointer(*pp, p);
1545 if (blocked)
1546 p->flags |= MDB_PG_FLAGS_BLOCKED;
1547 br_mdb_notify(dev: brmctx->br->dev, mp, pg: p, RTM_NEWMDB);
1548
1549found:
1550 if (igmpv2_mldv1)
1551 mod_timer(timer: &p->timer,
1552 expires: now + brmctx->multicast_membership_interval);
1553
1554out:
1555 return p;
1556}
1557
1558static int br_multicast_add_group(struct net_bridge_mcast *brmctx,
1559 struct net_bridge_mcast_port *pmctx,
1560 struct br_ip *group,
1561 const unsigned char *src,
1562 u8 filter_mode,
1563 bool igmpv2_mldv1)
1564{
1565 struct net_bridge_port_group *pg;
1566 int err;
1567
1568 spin_lock(lock: &brmctx->br->multicast_lock);
1569 pg = __br_multicast_add_group(brmctx, pmctx, group, src, filter_mode,
1570 igmpv2_mldv1, blocked: false);
1571 /* NULL is considered valid for host joined groups */
1572 err = PTR_ERR_OR_ZERO(ptr: pg);
1573 spin_unlock(lock: &brmctx->br->multicast_lock);
1574
1575 return err;
1576}
1577
1578static int br_ip4_multicast_add_group(struct net_bridge_mcast *brmctx,
1579 struct net_bridge_mcast_port *pmctx,
1580 __be32 group,
1581 __u16 vid,
1582 const unsigned char *src,
1583 bool igmpv2)
1584{
1585 struct br_ip br_group;
1586 u8 filter_mode;
1587
1588 if (ipv4_is_local_multicast(addr: group))
1589 return 0;
1590
1591 memset(&br_group, 0, sizeof(br_group));
1592 br_group.dst.ip4 = group;
1593 br_group.proto = htons(ETH_P_IP);
1594 br_group.vid = vid;
1595 filter_mode = igmpv2 ? MCAST_EXCLUDE : MCAST_INCLUDE;
1596
1597 return br_multicast_add_group(brmctx, pmctx, group: &br_group, src,
1598 filter_mode, igmpv2_mldv1: igmpv2);
1599}
1600
1601#if IS_ENABLED(CONFIG_IPV6)
1602static int br_ip6_multicast_add_group(struct net_bridge_mcast *brmctx,
1603 struct net_bridge_mcast_port *pmctx,
1604 const struct in6_addr *group,
1605 __u16 vid,
1606 const unsigned char *src,
1607 bool mldv1)
1608{
1609 struct br_ip br_group;
1610 u8 filter_mode;
1611
1612 if (ipv6_addr_is_ll_all_nodes(addr: group))
1613 return 0;
1614
1615 memset(&br_group, 0, sizeof(br_group));
1616 br_group.dst.ip6 = *group;
1617 br_group.proto = htons(ETH_P_IPV6);
1618 br_group.vid = vid;
1619 filter_mode = mldv1 ? MCAST_EXCLUDE : MCAST_INCLUDE;
1620
1621 return br_multicast_add_group(brmctx, pmctx, group: &br_group, src,
1622 filter_mode, igmpv2_mldv1: mldv1);
1623}
1624#endif
1625
1626static bool br_multicast_rport_del(struct hlist_node *rlist)
1627{
1628 if (hlist_unhashed(h: rlist))
1629 return false;
1630
1631 hlist_del_init_rcu(n: rlist);
1632 return true;
1633}
1634
1635static bool br_ip4_multicast_rport_del(struct net_bridge_mcast_port *pmctx)
1636{
1637 return br_multicast_rport_del(rlist: &pmctx->ip4_rlist);
1638}
1639
1640static bool br_ip6_multicast_rport_del(struct net_bridge_mcast_port *pmctx)
1641{
1642#if IS_ENABLED(CONFIG_IPV6)
1643 return br_multicast_rport_del(rlist: &pmctx->ip6_rlist);
1644#else
1645 return false;
1646#endif
1647}
1648
1649static void br_multicast_router_expired(struct net_bridge_mcast_port *pmctx,
1650 struct timer_list *t,
1651 struct hlist_node *rlist)
1652{
1653 struct net_bridge *br = pmctx->port->br;
1654 bool del;
1655
1656 spin_lock(lock: &br->multicast_lock);
1657 if (pmctx->multicast_router == MDB_RTR_TYPE_DISABLED ||
1658 pmctx->multicast_router == MDB_RTR_TYPE_PERM ||
1659 timer_pending(timer: t))
1660 goto out;
1661
1662 del = br_multicast_rport_del(rlist);
1663 br_multicast_rport_del_notify(pmctx, deleted: del);
1664out:
1665 spin_unlock(lock: &br->multicast_lock);
1666}
1667
1668static void br_ip4_multicast_router_expired(struct timer_list *t)
1669{
1670 struct net_bridge_mcast_port *pmctx = timer_container_of(pmctx, t,
1671 ip4_mc_router_timer);
1672
1673 br_multicast_router_expired(pmctx, t, rlist: &pmctx->ip4_rlist);
1674}
1675
1676#if IS_ENABLED(CONFIG_IPV6)
1677static void br_ip6_multicast_router_expired(struct timer_list *t)
1678{
1679 struct net_bridge_mcast_port *pmctx = timer_container_of(pmctx, t,
1680 ip6_mc_router_timer);
1681
1682 br_multicast_router_expired(pmctx, t, rlist: &pmctx->ip6_rlist);
1683}
1684#endif
1685
1686static void br_mc_router_state_change(struct net_bridge *p,
1687 bool is_mc_router)
1688{
1689 struct switchdev_attr attr = {
1690 .orig_dev = p->dev,
1691 .id = SWITCHDEV_ATTR_ID_BRIDGE_MROUTER,
1692 .flags = SWITCHDEV_F_DEFER,
1693 .u.mrouter = is_mc_router,
1694 };
1695
1696 switchdev_port_attr_set(dev: p->dev, attr: &attr, NULL);
1697}
1698
1699static void br_multicast_local_router_expired(struct net_bridge_mcast *brmctx,
1700 struct timer_list *timer)
1701{
1702 spin_lock(lock: &brmctx->br->multicast_lock);
1703 if (brmctx->multicast_router == MDB_RTR_TYPE_DISABLED ||
1704 brmctx->multicast_router == MDB_RTR_TYPE_PERM ||
1705 br_ip4_multicast_is_router(brmctx) ||
1706 br_ip6_multicast_is_router(brmctx))
1707 goto out;
1708
1709 br_mc_router_state_change(p: brmctx->br, is_mc_router: false);
1710out:
1711 spin_unlock(lock: &brmctx->br->multicast_lock);
1712}
1713
1714static void br_ip4_multicast_local_router_expired(struct timer_list *t)
1715{
1716 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t,
1717 ip4_mc_router_timer);
1718
1719 br_multicast_local_router_expired(brmctx, timer: t);
1720}
1721
1722#if IS_ENABLED(CONFIG_IPV6)
1723static void br_ip6_multicast_local_router_expired(struct timer_list *t)
1724{
1725 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t,
1726 ip6_mc_router_timer);
1727
1728 br_multicast_local_router_expired(brmctx, timer: t);
1729}
1730#endif
1731
1732static void br_multicast_querier_expired(struct net_bridge_mcast *brmctx,
1733 struct bridge_mcast_own_query *query)
1734{
1735 spin_lock(lock: &brmctx->br->multicast_lock);
1736 if (!netif_running(dev: brmctx->br->dev) ||
1737 br_multicast_ctx_vlan_global_disabled(brmctx) ||
1738 !br_opt_get(br: brmctx->br, opt: BROPT_MULTICAST_ENABLED))
1739 goto out;
1740
1741 br_multicast_start_querier(brmctx, query);
1742
1743out:
1744 spin_unlock(lock: &brmctx->br->multicast_lock);
1745}
1746
1747static void br_ip4_multicast_querier_expired(struct timer_list *t)
1748{
1749 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t,
1750 ip4_other_query.timer);
1751
1752 br_multicast_querier_expired(brmctx, query: &brmctx->ip4_own_query);
1753}
1754
1755#if IS_ENABLED(CONFIG_IPV6)
1756static void br_ip6_multicast_querier_expired(struct timer_list *t)
1757{
1758 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t,
1759 ip6_other_query.timer);
1760
1761 br_multicast_querier_expired(brmctx, query: &brmctx->ip6_own_query);
1762}
1763#endif
1764
1765static void br_multicast_query_delay_expired(struct timer_list *t)
1766{
1767}
1768
1769static void br_multicast_select_own_querier(struct net_bridge_mcast *brmctx,
1770 struct br_ip *ip,
1771 struct sk_buff *skb)
1772{
1773 if (ip->proto == htons(ETH_P_IP))
1774 brmctx->ip4_querier.addr.src.ip4 = ip_hdr(skb)->saddr;
1775#if IS_ENABLED(CONFIG_IPV6)
1776 else
1777 brmctx->ip6_querier.addr.src.ip6 = ipv6_hdr(skb)->saddr;
1778#endif
1779}
1780
1781static void __br_multicast_send_query(struct net_bridge_mcast *brmctx,
1782 struct net_bridge_mcast_port *pmctx,
1783 struct net_bridge_port_group *pg,
1784 struct br_ip *ip_dst,
1785 struct br_ip *group,
1786 bool with_srcs,
1787 u8 sflag,
1788 bool *need_rexmit)
1789{
1790 bool over_lmqt = !!sflag;
1791 struct sk_buff *skb;
1792 u8 igmp_type;
1793
1794 if (!br_multicast_ctx_should_use(brmctx, pmctx) ||
1795 !br_multicast_ctx_matches_vlan_snooping(brmctx))
1796 return;
1797
1798again_under_lmqt:
1799 skb = br_multicast_alloc_query(brmctx, pmctx, pg, ip_dst, group,
1800 with_srcs, over_lmqt, sflag, igmp_type: &igmp_type,
1801 need_rexmit);
1802 if (!skb)
1803 return;
1804
1805 if (pmctx) {
1806 skb->dev = pmctx->port->dev;
1807 br_multicast_count(br: brmctx->br, p: pmctx->port, skb, type: igmp_type,
1808 dir: BR_MCAST_DIR_TX);
1809 NF_HOOK(pf: NFPROTO_BRIDGE, NF_BR_LOCAL_OUT,
1810 net: dev_net(dev: pmctx->port->dev), NULL, skb, NULL, out: skb->dev,
1811 okfn: br_dev_queue_push_xmit);
1812
1813 if (over_lmqt && with_srcs && sflag) {
1814 over_lmqt = false;
1815 goto again_under_lmqt;
1816 }
1817 } else {
1818 br_multicast_select_own_querier(brmctx, ip: group, skb);
1819 br_multicast_count(br: brmctx->br, NULL, skb, type: igmp_type,
1820 dir: BR_MCAST_DIR_RX);
1821 netif_rx(skb);
1822 }
1823}
1824
1825static void br_multicast_read_querier(const struct bridge_mcast_querier *querier,
1826 struct bridge_mcast_querier *dest)
1827{
1828 unsigned int seq;
1829
1830 memset(dest, 0, sizeof(*dest));
1831 do {
1832 seq = read_seqcount_begin(&querier->seq);
1833 dest->port_ifidx = querier->port_ifidx;
1834 memcpy(&dest->addr, &querier->addr, sizeof(struct br_ip));
1835 } while (read_seqcount_retry(&querier->seq, seq));
1836}
1837
1838static void br_multicast_update_querier(struct net_bridge_mcast *brmctx,
1839 struct bridge_mcast_querier *querier,
1840 int ifindex,
1841 struct br_ip *saddr)
1842{
1843 write_seqcount_begin(&querier->seq);
1844 querier->port_ifidx = ifindex;
1845 memcpy(&querier->addr, saddr, sizeof(*saddr));
1846 write_seqcount_end(&querier->seq);
1847}
1848
1849static void br_multicast_send_query(struct net_bridge_mcast *brmctx,
1850 struct net_bridge_mcast_port *pmctx,
1851 struct bridge_mcast_own_query *own_query)
1852{
1853 struct bridge_mcast_other_query *other_query = NULL;
1854 struct bridge_mcast_querier *querier;
1855 struct br_ip br_group;
1856 unsigned long time;
1857
1858 if (!br_multicast_ctx_should_use(brmctx, pmctx) ||
1859 !br_opt_get(br: brmctx->br, opt: BROPT_MULTICAST_ENABLED) ||
1860 !brmctx->multicast_querier)
1861 return;
1862
1863 memset(&br_group.dst, 0, sizeof(br_group.dst));
1864
1865 if (pmctx ? (own_query == &pmctx->ip4_own_query) :
1866 (own_query == &brmctx->ip4_own_query)) {
1867 querier = &brmctx->ip4_querier;
1868 other_query = &brmctx->ip4_other_query;
1869 br_group.proto = htons(ETH_P_IP);
1870#if IS_ENABLED(CONFIG_IPV6)
1871 } else {
1872 querier = &brmctx->ip6_querier;
1873 other_query = &brmctx->ip6_other_query;
1874 br_group.proto = htons(ETH_P_IPV6);
1875#endif
1876 }
1877
1878 if (!other_query || timer_pending(timer: &other_query->timer))
1879 return;
1880
1881 /* we're about to select ourselves as querier */
1882 if (!pmctx && querier->port_ifidx) {
1883 struct br_ip zeroip = {};
1884
1885 br_multicast_update_querier(brmctx, querier, ifindex: 0, saddr: &zeroip);
1886 }
1887
1888 __br_multicast_send_query(brmctx, pmctx, NULL, NULL, group: &br_group, with_srcs: false,
1889 sflag: 0, NULL);
1890
1891 time = jiffies;
1892 time += own_query->startup_sent < brmctx->multicast_startup_query_count ?
1893 brmctx->multicast_startup_query_interval :
1894 brmctx->multicast_query_interval;
1895 mod_timer(timer: &own_query->timer, expires: time);
1896}
1897
1898static void
1899br_multicast_port_query_expired(struct net_bridge_mcast_port *pmctx,
1900 struct bridge_mcast_own_query *query)
1901{
1902 struct net_bridge *br = pmctx->port->br;
1903 struct net_bridge_mcast *brmctx;
1904
1905 spin_lock(lock: &br->multicast_lock);
1906 if (br_multicast_port_ctx_state_stopped(pmctx))
1907 goto out;
1908
1909 brmctx = br_multicast_port_ctx_get_global(pmctx);
1910 if (query->startup_sent < brmctx->multicast_startup_query_count)
1911 query->startup_sent++;
1912
1913 br_multicast_send_query(brmctx, pmctx, own_query: query);
1914
1915out:
1916 spin_unlock(lock: &br->multicast_lock);
1917}
1918
1919static void br_ip4_multicast_port_query_expired(struct timer_list *t)
1920{
1921 struct net_bridge_mcast_port *pmctx = timer_container_of(pmctx, t,
1922 ip4_own_query.timer);
1923
1924 br_multicast_port_query_expired(pmctx, query: &pmctx->ip4_own_query);
1925}
1926
1927#if IS_ENABLED(CONFIG_IPV6)
1928static void br_ip6_multicast_port_query_expired(struct timer_list *t)
1929{
1930 struct net_bridge_mcast_port *pmctx = timer_container_of(pmctx, t,
1931 ip6_own_query.timer);
1932
1933 br_multicast_port_query_expired(pmctx, query: &pmctx->ip6_own_query);
1934}
1935#endif
1936
1937static void br_multicast_port_group_rexmit(struct timer_list *t)
1938{
1939 struct net_bridge_port_group *pg = timer_container_of(pg, t,
1940 rexmit_timer);
1941 struct bridge_mcast_other_query *other_query = NULL;
1942 struct net_bridge *br = pg->key.port->br;
1943 struct net_bridge_mcast_port *pmctx;
1944 struct net_bridge_mcast *brmctx;
1945 bool need_rexmit = false;
1946
1947 spin_lock(lock: &br->multicast_lock);
1948 if (!netif_running(dev: br->dev) || hlist_unhashed(h: &pg->mglist) ||
1949 !br_opt_get(br, opt: BROPT_MULTICAST_ENABLED))
1950 goto out;
1951
1952 pmctx = br_multicast_pg_to_port_ctx(pg);
1953 if (!pmctx)
1954 goto out;
1955 brmctx = br_multicast_port_ctx_get_global(pmctx);
1956 if (!brmctx->multicast_querier)
1957 goto out;
1958
1959 if (pg->key.addr.proto == htons(ETH_P_IP))
1960 other_query = &brmctx->ip4_other_query;
1961#if IS_ENABLED(CONFIG_IPV6)
1962 else
1963 other_query = &brmctx->ip6_other_query;
1964#endif
1965
1966 if (!other_query || timer_pending(timer: &other_query->timer))
1967 goto out;
1968
1969 if (pg->grp_query_rexmit_cnt) {
1970 pg->grp_query_rexmit_cnt--;
1971 __br_multicast_send_query(brmctx, pmctx, pg, ip_dst: &pg->key.addr,
1972 group: &pg->key.addr, with_srcs: false, sflag: 1, NULL);
1973 }
1974 __br_multicast_send_query(brmctx, pmctx, pg, ip_dst: &pg->key.addr,
1975 group: &pg->key.addr, with_srcs: true, sflag: 0, need_rexmit: &need_rexmit);
1976
1977 if (pg->grp_query_rexmit_cnt || need_rexmit)
1978 mod_timer(timer: &pg->rexmit_timer, expires: jiffies +
1979 brmctx->multicast_last_member_interval);
1980out:
1981 spin_unlock(lock: &br->multicast_lock);
1982}
1983
1984static int br_mc_disabled_update(struct net_device *dev, bool value,
1985 struct netlink_ext_ack *extack)
1986{
1987 struct switchdev_attr attr = {
1988 .orig_dev = dev,
1989 .id = SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED,
1990 .flags = SWITCHDEV_F_DEFER,
1991 .u.mc_disabled = !value,
1992 };
1993
1994 return switchdev_port_attr_set(dev, attr: &attr, extack);
1995}
1996
1997void br_multicast_port_ctx_init(struct net_bridge_port *port,
1998 struct net_bridge_vlan *vlan,
1999 struct net_bridge_mcast_port *pmctx)
2000{
2001 pmctx->port = port;
2002 pmctx->vlan = vlan;
2003 pmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY;
2004 timer_setup(&pmctx->ip4_mc_router_timer,
2005 br_ip4_multicast_router_expired, 0);
2006 timer_setup(&pmctx->ip4_own_query.timer,
2007 br_ip4_multicast_port_query_expired, 0);
2008#if IS_ENABLED(CONFIG_IPV6)
2009 timer_setup(&pmctx->ip6_mc_router_timer,
2010 br_ip6_multicast_router_expired, 0);
2011 timer_setup(&pmctx->ip6_own_query.timer,
2012 br_ip6_multicast_port_query_expired, 0);
2013#endif
2014}
2015
2016void br_multicast_port_ctx_deinit(struct net_bridge_mcast_port *pmctx)
2017{
2018#if IS_ENABLED(CONFIG_IPV6)
2019 timer_delete_sync(timer: &pmctx->ip6_mc_router_timer);
2020#endif
2021 timer_delete_sync(timer: &pmctx->ip4_mc_router_timer);
2022}
2023
2024int br_multicast_add_port(struct net_bridge_port *port)
2025{
2026 int err;
2027
2028 port->multicast_eht_hosts_limit = BR_MCAST_DEFAULT_EHT_HOSTS_LIMIT;
2029 br_multicast_port_ctx_init(port, NULL, pmctx: &port->multicast_ctx);
2030
2031 err = br_mc_disabled_update(dev: port->dev,
2032 value: br_opt_get(br: port->br,
2033 opt: BROPT_MULTICAST_ENABLED),
2034 NULL);
2035 if (err && err != -EOPNOTSUPP)
2036 return err;
2037
2038 port->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats);
2039 if (!port->mcast_stats)
2040 return -ENOMEM;
2041
2042 return 0;
2043}
2044
2045void br_multicast_del_port(struct net_bridge_port *port)
2046{
2047 struct net_bridge *br = port->br;
2048 struct net_bridge_port_group *pg;
2049 struct hlist_node *n;
2050
2051 /* Take care of the remaining groups, only perm ones should be left */
2052 spin_lock_bh(lock: &br->multicast_lock);
2053 hlist_for_each_entry_safe(pg, n, &port->mglist, mglist)
2054 br_multicast_find_del_pg(br, pg);
2055 spin_unlock_bh(lock: &br->multicast_lock);
2056 flush_work(work: &br->mcast_gc_work);
2057 br_multicast_port_ctx_deinit(pmctx: &port->multicast_ctx);
2058 free_percpu(pdata: port->mcast_stats);
2059}
2060
2061static void br_multicast_enable(struct bridge_mcast_own_query *query)
2062{
2063 query->startup_sent = 0;
2064
2065 if (timer_delete_sync_try(timer: &query->timer) >= 0 ||
2066 timer_delete(timer: &query->timer))
2067 mod_timer(timer: &query->timer, expires: jiffies);
2068}
2069
2070static void __br_multicast_enable_port_ctx(struct net_bridge_mcast_port *pmctx)
2071{
2072 struct net_bridge *br = pmctx->port->br;
2073 struct net_bridge_mcast *brmctx;
2074
2075 brmctx = br_multicast_port_ctx_get_global(pmctx);
2076 if (!br_opt_get(br, opt: BROPT_MULTICAST_ENABLED) ||
2077 !netif_running(dev: br->dev))
2078 return;
2079
2080 br_multicast_enable(query: &pmctx->ip4_own_query);
2081#if IS_ENABLED(CONFIG_IPV6)
2082 br_multicast_enable(query: &pmctx->ip6_own_query);
2083#endif
2084 if (pmctx->multicast_router == MDB_RTR_TYPE_PERM) {
2085 br_ip4_multicast_add_router(brmctx, pmctx);
2086 br_ip6_multicast_add_router(brmctx, pmctx);
2087 }
2088
2089 if (br_multicast_port_ctx_is_vlan(pmctx)) {
2090 struct net_bridge_port_group *pg;
2091 u32 n = 0;
2092
2093 /* The mcast_n_groups counter might be wrong. First,
2094 * BR_VLFLAG_MCAST_ENABLED is toggled before temporary entries
2095 * are flushed, thus mcast_n_groups after the toggle does not
2096 * reflect the true values. And second, permanent entries added
2097 * while BR_VLFLAG_MCAST_ENABLED was disabled, are not reflected
2098 * either. Thus we have to refresh the counter.
2099 */
2100
2101 hlist_for_each_entry(pg, &pmctx->port->mglist, mglist) {
2102 if (pg->key.addr.vid == pmctx->vlan->vid)
2103 n++;
2104 }
2105 WRITE_ONCE(pmctx->mdb_n_entries, n);
2106 }
2107}
2108
2109static void br_multicast_enable_port_ctx(struct net_bridge_mcast_port *pmctx)
2110{
2111 struct net_bridge *br = pmctx->port->br;
2112
2113 spin_lock_bh(lock: &br->multicast_lock);
2114 if (br_multicast_port_ctx_is_vlan(pmctx) &&
2115 !(pmctx->vlan->priv_flags & BR_VLFLAG_MCAST_ENABLED)) {
2116 spin_unlock_bh(lock: &br->multicast_lock);
2117 return;
2118 }
2119 __br_multicast_enable_port_ctx(pmctx);
2120 spin_unlock_bh(lock: &br->multicast_lock);
2121}
2122
2123static void __br_multicast_disable_port_ctx(struct net_bridge_mcast_port *pmctx)
2124{
2125 struct net_bridge_port_group *pg;
2126 struct hlist_node *n;
2127 bool del = false;
2128
2129 hlist_for_each_entry_safe(pg, n, &pmctx->port->mglist, mglist)
2130 if (!(pg->flags & MDB_PG_FLAGS_PERMANENT) &&
2131 (!br_multicast_port_ctx_is_vlan(pmctx) ||
2132 pg->key.addr.vid == pmctx->vlan->vid))
2133 br_multicast_find_del_pg(br: pmctx->port->br, pg);
2134
2135 del |= br_ip4_multicast_rport_del(pmctx);
2136 timer_delete(timer: &pmctx->ip4_mc_router_timer);
2137 timer_delete(timer: &pmctx->ip4_own_query.timer);
2138 del |= br_ip6_multicast_rport_del(pmctx);
2139#if IS_ENABLED(CONFIG_IPV6)
2140 timer_delete(timer: &pmctx->ip6_mc_router_timer);
2141 timer_delete(timer: &pmctx->ip6_own_query.timer);
2142#endif
2143 br_multicast_rport_del_notify(pmctx, deleted: del);
2144}
2145
2146static void br_multicast_disable_port_ctx(struct net_bridge_mcast_port *pmctx)
2147{
2148 struct net_bridge *br = pmctx->port->br;
2149
2150 spin_lock_bh(lock: &br->multicast_lock);
2151 if (br_multicast_port_ctx_is_vlan(pmctx) &&
2152 !(pmctx->vlan->priv_flags & BR_VLFLAG_MCAST_ENABLED)) {
2153 spin_unlock_bh(lock: &br->multicast_lock);
2154 return;
2155 }
2156
2157 __br_multicast_disable_port_ctx(pmctx);
2158 spin_unlock_bh(lock: &br->multicast_lock);
2159}
2160
2161static void br_multicast_toggle_port(struct net_bridge_port *port, bool on)
2162{
2163#if IS_ENABLED(CONFIG_BRIDGE_VLAN_FILTERING)
2164 if (br_opt_get(br: port->br, opt: BROPT_MCAST_VLAN_SNOOPING_ENABLED)) {
2165 struct net_bridge_vlan_group *vg;
2166 struct net_bridge_vlan *vlan;
2167
2168 rcu_read_lock();
2169 vg = nbp_vlan_group_rcu(p: port);
2170 if (!vg) {
2171 rcu_read_unlock();
2172 return;
2173 }
2174
2175 /* iterate each vlan, toggle vlan multicast context */
2176 list_for_each_entry_rcu(vlan, &vg->vlan_list, vlist) {
2177 struct net_bridge_mcast_port *pmctx =
2178 &vlan->port_mcast_ctx;
2179 u8 state = br_vlan_get_state(v: vlan);
2180 /* enable vlan multicast context when state is
2181 * LEARNING or FORWARDING
2182 */
2183 if (on && br_vlan_state_allowed(state, learn_allow: true))
2184 br_multicast_enable_port_ctx(pmctx);
2185 else
2186 br_multicast_disable_port_ctx(pmctx);
2187 }
2188 rcu_read_unlock();
2189 return;
2190 }
2191#endif
2192 /* toggle port multicast context when vlan snooping is disabled */
2193 if (on)
2194 br_multicast_enable_port_ctx(pmctx: &port->multicast_ctx);
2195 else
2196 br_multicast_disable_port_ctx(pmctx: &port->multicast_ctx);
2197}
2198
2199void br_multicast_enable_port(struct net_bridge_port *port)
2200{
2201 br_multicast_toggle_port(port, on: true);
2202}
2203
2204void br_multicast_disable_port(struct net_bridge_port *port)
2205{
2206 br_multicast_toggle_port(port, on: false);
2207}
2208
2209static int __grp_src_delete_marked(struct net_bridge_port_group *pg)
2210{
2211 struct net_bridge_group_src *ent;
2212 struct hlist_node *tmp;
2213 int deleted = 0;
2214
2215 hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node)
2216 if (ent->flags & BR_SGRP_F_DELETE) {
2217 br_multicast_del_group_src(src: ent, fastleave: false);
2218 deleted++;
2219 }
2220
2221 return deleted;
2222}
2223
2224static void __grp_src_mod_timer(struct net_bridge_group_src *src,
2225 unsigned long expires)
2226{
2227 mod_timer(timer: &src->timer, expires);
2228 br_multicast_fwd_src_handle(src);
2229}
2230
2231static void __grp_src_query_marked_and_rexmit(struct net_bridge_mcast *brmctx,
2232 struct net_bridge_mcast_port *pmctx,
2233 struct net_bridge_port_group *pg)
2234{
2235 struct bridge_mcast_other_query *other_query = NULL;
2236 u32 lmqc = brmctx->multicast_last_member_count;
2237 unsigned long lmqt, lmi, now = jiffies;
2238 struct net_bridge_group_src *ent;
2239
2240 if (!netif_running(dev: brmctx->br->dev) ||
2241 !br_opt_get(br: brmctx->br, opt: BROPT_MULTICAST_ENABLED))
2242 return;
2243
2244 if (pg->key.addr.proto == htons(ETH_P_IP))
2245 other_query = &brmctx->ip4_other_query;
2246#if IS_ENABLED(CONFIG_IPV6)
2247 else
2248 other_query = &brmctx->ip6_other_query;
2249#endif
2250
2251 lmqt = now + br_multicast_lmqt(brmctx);
2252 hlist_for_each_entry(ent, &pg->src_list, node) {
2253 if (ent->flags & BR_SGRP_F_SEND) {
2254 ent->flags &= ~BR_SGRP_F_SEND;
2255 if (ent->timer.expires > lmqt) {
2256 if (brmctx->multicast_querier &&
2257 other_query &&
2258 !timer_pending(timer: &other_query->timer))
2259 ent->src_query_rexmit_cnt = lmqc;
2260 __grp_src_mod_timer(src: ent, expires: lmqt);
2261 }
2262 }
2263 }
2264
2265 if (!brmctx->multicast_querier ||
2266 !other_query || timer_pending(timer: &other_query->timer))
2267 return;
2268
2269 __br_multicast_send_query(brmctx, pmctx, pg, ip_dst: &pg->key.addr,
2270 group: &pg->key.addr, with_srcs: true, sflag: 1, NULL);
2271
2272 lmi = now + brmctx->multicast_last_member_interval;
2273 if (!timer_pending(timer: &pg->rexmit_timer) ||
2274 time_after(pg->rexmit_timer.expires, lmi))
2275 mod_timer(timer: &pg->rexmit_timer, expires: lmi);
2276}
2277
2278static void __grp_send_query_and_rexmit(struct net_bridge_mcast *brmctx,
2279 struct net_bridge_mcast_port *pmctx,
2280 struct net_bridge_port_group *pg)
2281{
2282 struct bridge_mcast_other_query *other_query = NULL;
2283 unsigned long now = jiffies, lmi;
2284
2285 if (!netif_running(dev: brmctx->br->dev) ||
2286 !br_opt_get(br: brmctx->br, opt: BROPT_MULTICAST_ENABLED))
2287 return;
2288
2289 if (pg->key.addr.proto == htons(ETH_P_IP))
2290 other_query = &brmctx->ip4_other_query;
2291#if IS_ENABLED(CONFIG_IPV6)
2292 else
2293 other_query = &brmctx->ip6_other_query;
2294#endif
2295
2296 if (brmctx->multicast_querier &&
2297 other_query && !timer_pending(timer: &other_query->timer)) {
2298 lmi = now + brmctx->multicast_last_member_interval;
2299 pg->grp_query_rexmit_cnt = brmctx->multicast_last_member_count - 1;
2300 __br_multicast_send_query(brmctx, pmctx, pg, ip_dst: &pg->key.addr,
2301 group: &pg->key.addr, with_srcs: false, sflag: 0, NULL);
2302 if (!timer_pending(timer: &pg->rexmit_timer) ||
2303 time_after(pg->rexmit_timer.expires, lmi))
2304 mod_timer(timer: &pg->rexmit_timer, expires: lmi);
2305 }
2306
2307 if (pg->filter_mode == MCAST_EXCLUDE &&
2308 (!timer_pending(timer: &pg->timer) ||
2309 time_after(pg->timer.expires, now + br_multicast_lmqt(brmctx))))
2310 mod_timer(timer: &pg->timer, expires: now + br_multicast_lmqt(brmctx));
2311}
2312
2313/* State Msg type New state Actions
2314 * INCLUDE (A) IS_IN (B) INCLUDE (A+B) (B)=GMI
2315 * INCLUDE (A) ALLOW (B) INCLUDE (A+B) (B)=GMI
2316 * EXCLUDE (X,Y) ALLOW (A) EXCLUDE (X+A,Y-A) (A)=GMI
2317 */
2318static bool br_multicast_isinc_allow(const struct net_bridge_mcast *brmctx,
2319 struct net_bridge_port_group *pg, void *h_addr,
2320 void *srcs, u32 nsrcs, size_t addr_size,
2321 int grec_type)
2322{
2323 struct net_bridge_group_src *ent;
2324 unsigned long now = jiffies;
2325 bool changed = false;
2326 struct br_ip src_ip;
2327 u32 src_idx;
2328
2329 memset(&src_ip, 0, sizeof(src_ip));
2330 src_ip.proto = pg->key.addr.proto;
2331 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2332 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2333 ent = br_multicast_find_group_src(pg, ip: &src_ip);
2334 if (!ent) {
2335 ent = br_multicast_new_group_src(pg, src_ip: &src_ip);
2336 if (ent)
2337 changed = true;
2338 }
2339
2340 if (ent)
2341 __grp_src_mod_timer(src: ent, expires: now + br_multicast_gmi(brmctx));
2342 }
2343
2344 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2345 grec_type))
2346 changed = true;
2347
2348 return changed;
2349}
2350
2351/* State Msg type New state Actions
2352 * INCLUDE (A) IS_EX (B) EXCLUDE (A*B,B-A) (B-A)=0
2353 * Delete (A-B)
2354 * Group Timer=GMI
2355 */
2356static void __grp_src_isexc_incl(const struct net_bridge_mcast *brmctx,
2357 struct net_bridge_port_group *pg, void *h_addr,
2358 void *srcs, u32 nsrcs, size_t addr_size,
2359 int grec_type)
2360{
2361 struct net_bridge_group_src *ent;
2362 struct br_ip src_ip;
2363 u32 src_idx;
2364
2365 hlist_for_each_entry(ent, &pg->src_list, node)
2366 ent->flags |= BR_SGRP_F_DELETE;
2367
2368 memset(&src_ip, 0, sizeof(src_ip));
2369 src_ip.proto = pg->key.addr.proto;
2370 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2371 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2372 ent = br_multicast_find_group_src(pg, ip: &src_ip);
2373 if (ent)
2374 ent->flags &= ~BR_SGRP_F_DELETE;
2375 else
2376 ent = br_multicast_new_group_src(pg, src_ip: &src_ip);
2377 if (ent)
2378 br_multicast_fwd_src_handle(src: ent);
2379 }
2380
2381 br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2382 grec_type);
2383
2384 __grp_src_delete_marked(pg);
2385}
2386
2387/* State Msg type New state Actions
2388 * EXCLUDE (X,Y) IS_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=GMI
2389 * Delete (X-A)
2390 * Delete (Y-A)
2391 * Group Timer=GMI
2392 */
2393static bool __grp_src_isexc_excl(const struct net_bridge_mcast *brmctx,
2394 struct net_bridge_port_group *pg, void *h_addr,
2395 void *srcs, u32 nsrcs, size_t addr_size,
2396 int grec_type)
2397{
2398 struct net_bridge_group_src *ent;
2399 unsigned long now = jiffies;
2400 bool changed = false;
2401 struct br_ip src_ip;
2402 u32 src_idx;
2403
2404 hlist_for_each_entry(ent, &pg->src_list, node)
2405 ent->flags |= BR_SGRP_F_DELETE;
2406
2407 memset(&src_ip, 0, sizeof(src_ip));
2408 src_ip.proto = pg->key.addr.proto;
2409 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2410 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2411 ent = br_multicast_find_group_src(pg, ip: &src_ip);
2412 if (ent) {
2413 ent->flags &= ~BR_SGRP_F_DELETE;
2414 } else {
2415 ent = br_multicast_new_group_src(pg, src_ip: &src_ip);
2416 if (ent) {
2417 __grp_src_mod_timer(src: ent,
2418 expires: now + br_multicast_gmi(brmctx));
2419 changed = true;
2420 }
2421 }
2422 }
2423
2424 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2425 grec_type))
2426 changed = true;
2427
2428 if (__grp_src_delete_marked(pg))
2429 changed = true;
2430
2431 return changed;
2432}
2433
2434static bool br_multicast_isexc(const struct net_bridge_mcast *brmctx,
2435 struct net_bridge_port_group *pg, void *h_addr,
2436 void *srcs, u32 nsrcs, size_t addr_size,
2437 int grec_type)
2438{
2439 bool changed = false;
2440
2441 switch (pg->filter_mode) {
2442 case MCAST_INCLUDE:
2443 __grp_src_isexc_incl(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2444 grec_type);
2445 br_multicast_star_g_handle_mode(pg, MCAST_EXCLUDE);
2446 changed = true;
2447 break;
2448 case MCAST_EXCLUDE:
2449 changed = __grp_src_isexc_excl(brmctx, pg, h_addr, srcs, nsrcs,
2450 addr_size, grec_type);
2451 break;
2452 }
2453
2454 pg->filter_mode = MCAST_EXCLUDE;
2455 mod_timer(timer: &pg->timer, expires: jiffies + br_multicast_gmi(brmctx));
2456
2457 return changed;
2458}
2459
2460/* State Msg type New state Actions
2461 * INCLUDE (A) TO_IN (B) INCLUDE (A+B) (B)=GMI
2462 * Send Q(G,A-B)
2463 */
2464static bool __grp_src_toin_incl(struct net_bridge_mcast *brmctx,
2465 struct net_bridge_mcast_port *pmctx,
2466 struct net_bridge_port_group *pg, void *h_addr,
2467 void *srcs, u32 nsrcs, size_t addr_size,
2468 int grec_type)
2469{
2470 u32 src_idx, to_send = pg->src_ents;
2471 struct net_bridge_group_src *ent;
2472 unsigned long now = jiffies;
2473 bool changed = false;
2474 struct br_ip src_ip;
2475
2476 hlist_for_each_entry(ent, &pg->src_list, node)
2477 ent->flags |= BR_SGRP_F_SEND;
2478
2479 memset(&src_ip, 0, sizeof(src_ip));
2480 src_ip.proto = pg->key.addr.proto;
2481 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2482 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2483 ent = br_multicast_find_group_src(pg, ip: &src_ip);
2484 if (ent) {
2485 ent->flags &= ~BR_SGRP_F_SEND;
2486 to_send--;
2487 } else {
2488 ent = br_multicast_new_group_src(pg, src_ip: &src_ip);
2489 if (ent)
2490 changed = true;
2491 }
2492 if (ent)
2493 __grp_src_mod_timer(src: ent, expires: now + br_multicast_gmi(brmctx));
2494 }
2495
2496 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2497 grec_type))
2498 changed = true;
2499
2500 if (to_send)
2501 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2502
2503 return changed;
2504}
2505
2506/* State Msg type New state Actions
2507 * EXCLUDE (X,Y) TO_IN (A) EXCLUDE (X+A,Y-A) (A)=GMI
2508 * Send Q(G,X-A)
2509 * Send Q(G)
2510 */
2511static bool __grp_src_toin_excl(struct net_bridge_mcast *brmctx,
2512 struct net_bridge_mcast_port *pmctx,
2513 struct net_bridge_port_group *pg, void *h_addr,
2514 void *srcs, u32 nsrcs, size_t addr_size,
2515 int grec_type)
2516{
2517 u32 src_idx, to_send = pg->src_ents;
2518 struct net_bridge_group_src *ent;
2519 unsigned long now = jiffies;
2520 bool changed = false;
2521 struct br_ip src_ip;
2522
2523 hlist_for_each_entry(ent, &pg->src_list, node)
2524 if (timer_pending(timer: &ent->timer))
2525 ent->flags |= BR_SGRP_F_SEND;
2526
2527 memset(&src_ip, 0, sizeof(src_ip));
2528 src_ip.proto = pg->key.addr.proto;
2529 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2530 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2531 ent = br_multicast_find_group_src(pg, ip: &src_ip);
2532 if (ent) {
2533 if (timer_pending(timer: &ent->timer)) {
2534 ent->flags &= ~BR_SGRP_F_SEND;
2535 to_send--;
2536 }
2537 } else {
2538 ent = br_multicast_new_group_src(pg, src_ip: &src_ip);
2539 if (ent)
2540 changed = true;
2541 }
2542 if (ent)
2543 __grp_src_mod_timer(src: ent, expires: now + br_multicast_gmi(brmctx));
2544 }
2545
2546 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2547 grec_type))
2548 changed = true;
2549
2550 if (to_send)
2551 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2552
2553 __grp_send_query_and_rexmit(brmctx, pmctx, pg);
2554
2555 return changed;
2556}
2557
2558static bool br_multicast_toin(struct net_bridge_mcast *brmctx,
2559 struct net_bridge_mcast_port *pmctx,
2560 struct net_bridge_port_group *pg, void *h_addr,
2561 void *srcs, u32 nsrcs, size_t addr_size,
2562 int grec_type)
2563{
2564 bool changed = false;
2565
2566 switch (pg->filter_mode) {
2567 case MCAST_INCLUDE:
2568 changed = __grp_src_toin_incl(brmctx, pmctx, pg, h_addr, srcs,
2569 nsrcs, addr_size, grec_type);
2570 break;
2571 case MCAST_EXCLUDE:
2572 changed = __grp_src_toin_excl(brmctx, pmctx, pg, h_addr, srcs,
2573 nsrcs, addr_size, grec_type);
2574 break;
2575 }
2576
2577 if (br_multicast_eht_should_del_pg(pg)) {
2578 pg->flags |= MDB_PG_FLAGS_FAST_LEAVE;
2579 br_multicast_find_del_pg(br: pg->key.port->br, pg);
2580 /* a notification has already been sent and we shouldn't
2581 * access pg after the delete so we have to return false
2582 */
2583 changed = false;
2584 }
2585
2586 return changed;
2587}
2588
2589/* State Msg type New state Actions
2590 * INCLUDE (A) TO_EX (B) EXCLUDE (A*B,B-A) (B-A)=0
2591 * Delete (A-B)
2592 * Send Q(G,A*B)
2593 * Group Timer=GMI
2594 */
2595static void __grp_src_toex_incl(struct net_bridge_mcast *brmctx,
2596 struct net_bridge_mcast_port *pmctx,
2597 struct net_bridge_port_group *pg, void *h_addr,
2598 void *srcs, u32 nsrcs, size_t addr_size,
2599 int grec_type)
2600{
2601 struct net_bridge_group_src *ent;
2602 u32 src_idx, to_send = 0;
2603 struct br_ip src_ip;
2604
2605 hlist_for_each_entry(ent, &pg->src_list, node)
2606 ent->flags = (ent->flags & ~BR_SGRP_F_SEND) | BR_SGRP_F_DELETE;
2607
2608 memset(&src_ip, 0, sizeof(src_ip));
2609 src_ip.proto = pg->key.addr.proto;
2610 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2611 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2612 ent = br_multicast_find_group_src(pg, ip: &src_ip);
2613 if (ent) {
2614 ent->flags = (ent->flags & ~BR_SGRP_F_DELETE) |
2615 BR_SGRP_F_SEND;
2616 to_send++;
2617 } else {
2618 ent = br_multicast_new_group_src(pg, src_ip: &src_ip);
2619 }
2620 if (ent)
2621 br_multicast_fwd_src_handle(src: ent);
2622 }
2623
2624 br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2625 grec_type);
2626
2627 __grp_src_delete_marked(pg);
2628 if (to_send)
2629 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2630}
2631
2632/* State Msg type New state Actions
2633 * EXCLUDE (X,Y) TO_EX (A) EXCLUDE (A-Y,Y*A) (A-X-Y)=Group Timer
2634 * Delete (X-A)
2635 * Delete (Y-A)
2636 * Send Q(G,A-Y)
2637 * Group Timer=GMI
2638 */
2639static bool __grp_src_toex_excl(struct net_bridge_mcast *brmctx,
2640 struct net_bridge_mcast_port *pmctx,
2641 struct net_bridge_port_group *pg, void *h_addr,
2642 void *srcs, u32 nsrcs, size_t addr_size,
2643 int grec_type)
2644{
2645 struct net_bridge_group_src *ent;
2646 u32 src_idx, to_send = 0;
2647 bool changed = false;
2648 struct br_ip src_ip;
2649
2650 hlist_for_each_entry(ent, &pg->src_list, node)
2651 ent->flags = (ent->flags & ~BR_SGRP_F_SEND) | BR_SGRP_F_DELETE;
2652
2653 memset(&src_ip, 0, sizeof(src_ip));
2654 src_ip.proto = pg->key.addr.proto;
2655 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2656 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2657 ent = br_multicast_find_group_src(pg, ip: &src_ip);
2658 if (ent) {
2659 ent->flags &= ~BR_SGRP_F_DELETE;
2660 } else {
2661 ent = br_multicast_new_group_src(pg, src_ip: &src_ip);
2662 if (ent) {
2663 __grp_src_mod_timer(src: ent, expires: pg->timer.expires);
2664 changed = true;
2665 }
2666 }
2667 if (ent && timer_pending(timer: &ent->timer)) {
2668 ent->flags |= BR_SGRP_F_SEND;
2669 to_send++;
2670 }
2671 }
2672
2673 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2674 grec_type))
2675 changed = true;
2676
2677 if (__grp_src_delete_marked(pg))
2678 changed = true;
2679 if (to_send)
2680 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2681
2682 return changed;
2683}
2684
2685static bool br_multicast_toex(struct net_bridge_mcast *brmctx,
2686 struct net_bridge_mcast_port *pmctx,
2687 struct net_bridge_port_group *pg, void *h_addr,
2688 void *srcs, u32 nsrcs, size_t addr_size,
2689 int grec_type)
2690{
2691 bool changed = false;
2692
2693 switch (pg->filter_mode) {
2694 case MCAST_INCLUDE:
2695 __grp_src_toex_incl(brmctx, pmctx, pg, h_addr, srcs, nsrcs,
2696 addr_size, grec_type);
2697 br_multicast_star_g_handle_mode(pg, MCAST_EXCLUDE);
2698 changed = true;
2699 break;
2700 case MCAST_EXCLUDE:
2701 changed = __grp_src_toex_excl(brmctx, pmctx, pg, h_addr, srcs,
2702 nsrcs, addr_size, grec_type);
2703 break;
2704 }
2705
2706 pg->filter_mode = MCAST_EXCLUDE;
2707 mod_timer(timer: &pg->timer, expires: jiffies + br_multicast_gmi(brmctx));
2708
2709 return changed;
2710}
2711
2712/* State Msg type New state Actions
2713 * INCLUDE (A) BLOCK (B) INCLUDE (A) Send Q(G,A*B)
2714 */
2715static bool __grp_src_block_incl(struct net_bridge_mcast *brmctx,
2716 struct net_bridge_mcast_port *pmctx,
2717 struct net_bridge_port_group *pg, void *h_addr,
2718 void *srcs, u32 nsrcs, size_t addr_size, int grec_type)
2719{
2720 struct net_bridge_group_src *ent;
2721 u32 src_idx, to_send = 0;
2722 bool changed = false;
2723 struct br_ip src_ip;
2724
2725 hlist_for_each_entry(ent, &pg->src_list, node)
2726 ent->flags &= ~BR_SGRP_F_SEND;
2727
2728 memset(&src_ip, 0, sizeof(src_ip));
2729 src_ip.proto = pg->key.addr.proto;
2730 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2731 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2732 ent = br_multicast_find_group_src(pg, ip: &src_ip);
2733 if (ent) {
2734 ent->flags |= BR_SGRP_F_SEND;
2735 to_send++;
2736 }
2737 }
2738
2739 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2740 grec_type))
2741 changed = true;
2742
2743 if (to_send)
2744 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2745
2746 return changed;
2747}
2748
2749/* State Msg type New state Actions
2750 * EXCLUDE (X,Y) BLOCK (A) EXCLUDE (X+(A-Y),Y) (A-X-Y)=Group Timer
2751 * Send Q(G,A-Y)
2752 */
2753static bool __grp_src_block_excl(struct net_bridge_mcast *brmctx,
2754 struct net_bridge_mcast_port *pmctx,
2755 struct net_bridge_port_group *pg, void *h_addr,
2756 void *srcs, u32 nsrcs, size_t addr_size, int grec_type)
2757{
2758 struct net_bridge_group_src *ent;
2759 u32 src_idx, to_send = 0;
2760 bool changed = false;
2761 struct br_ip src_ip;
2762
2763 hlist_for_each_entry(ent, &pg->src_list, node)
2764 ent->flags &= ~BR_SGRP_F_SEND;
2765
2766 memset(&src_ip, 0, sizeof(src_ip));
2767 src_ip.proto = pg->key.addr.proto;
2768 for (src_idx = 0; src_idx < nsrcs; src_idx++) {
2769 memcpy(&src_ip.src, srcs + (src_idx * addr_size), addr_size);
2770 ent = br_multicast_find_group_src(pg, ip: &src_ip);
2771 if (!ent) {
2772 ent = br_multicast_new_group_src(pg, src_ip: &src_ip);
2773 if (ent) {
2774 __grp_src_mod_timer(src: ent, expires: pg->timer.expires);
2775 changed = true;
2776 }
2777 }
2778 if (ent && timer_pending(timer: &ent->timer)) {
2779 ent->flags |= BR_SGRP_F_SEND;
2780 to_send++;
2781 }
2782 }
2783
2784 if (br_multicast_eht_handle(brmctx, pg, h_addr, srcs, nsrcs, addr_size,
2785 grec_type))
2786 changed = true;
2787
2788 if (to_send)
2789 __grp_src_query_marked_and_rexmit(brmctx, pmctx, pg);
2790
2791 return changed;
2792}
2793
2794static bool br_multicast_block(struct net_bridge_mcast *brmctx,
2795 struct net_bridge_mcast_port *pmctx,
2796 struct net_bridge_port_group *pg, void *h_addr,
2797 void *srcs, u32 nsrcs, size_t addr_size, int grec_type)
2798{
2799 bool changed = false;
2800
2801 switch (pg->filter_mode) {
2802 case MCAST_INCLUDE:
2803 changed = __grp_src_block_incl(brmctx, pmctx, pg, h_addr, srcs,
2804 nsrcs, addr_size, grec_type);
2805 break;
2806 case MCAST_EXCLUDE:
2807 changed = __grp_src_block_excl(brmctx, pmctx, pg, h_addr, srcs,
2808 nsrcs, addr_size, grec_type);
2809 break;
2810 }
2811
2812 if ((pg->filter_mode == MCAST_INCLUDE && hlist_empty(h: &pg->src_list)) ||
2813 br_multicast_eht_should_del_pg(pg)) {
2814 if (br_multicast_eht_should_del_pg(pg))
2815 pg->flags |= MDB_PG_FLAGS_FAST_LEAVE;
2816 br_multicast_find_del_pg(br: pg->key.port->br, pg);
2817 /* a notification has already been sent and we shouldn't
2818 * access pg after the delete so we have to return false
2819 */
2820 changed = false;
2821 }
2822
2823 return changed;
2824}
2825
2826static struct net_bridge_port_group *
2827br_multicast_find_port(struct net_bridge_mdb_entry *mp,
2828 struct net_bridge_port *p,
2829 const unsigned char *src)
2830{
2831 struct net_bridge *br __maybe_unused = mp->br;
2832 struct net_bridge_port_group *pg;
2833
2834 for (pg = mlock_dereference(mp->ports, br);
2835 pg;
2836 pg = mlock_dereference(pg->next, br))
2837 if (br_port_group_equal(p: pg, port: p, src))
2838 return pg;
2839
2840 return NULL;
2841}
2842
2843static int br_ip4_multicast_igmp3_report(struct net_bridge_mcast *brmctx,
2844 struct net_bridge_mcast_port *pmctx,
2845 struct sk_buff *skb,
2846 u16 vid)
2847{
2848 bool igmpv2 = brmctx->multicast_igmp_version == 2;
2849 struct net_bridge_mdb_entry *mdst;
2850 struct net_bridge_port_group *pg;
2851 const unsigned char *src;
2852 struct igmpv3_report *ih;
2853 struct igmpv3_grec *grec;
2854 int i, len, num, type;
2855 __be32 group, *h_addr;
2856 bool changed = false;
2857 int err = 0;
2858 u16 nsrcs;
2859
2860 ih = igmpv3_report_hdr(skb);
2861 num = ntohs(ih->ngrec);
2862 len = skb_transport_offset(skb) + sizeof(*ih);
2863
2864 for (i = 0; i < num; i++) {
2865 len += sizeof(*grec);
2866 if (!ip_mc_may_pull(skb, len))
2867 return -EINVAL;
2868
2869 grec = (void *)(skb->data + len - sizeof(*grec));
2870 group = grec->grec_mca;
2871 type = grec->grec_type;
2872 nsrcs = ntohs(grec->grec_nsrcs);
2873
2874 len += nsrcs * 4;
2875 if (!ip_mc_may_pull(skb, len))
2876 return -EINVAL;
2877
2878 switch (type) {
2879 case IGMPV3_MODE_IS_INCLUDE:
2880 case IGMPV3_MODE_IS_EXCLUDE:
2881 case IGMPV3_CHANGE_TO_INCLUDE:
2882 case IGMPV3_CHANGE_TO_EXCLUDE:
2883 case IGMPV3_ALLOW_NEW_SOURCES:
2884 case IGMPV3_BLOCK_OLD_SOURCES:
2885 break;
2886
2887 default:
2888 continue;
2889 }
2890
2891 src = eth_hdr(skb)->h_source;
2892 if (nsrcs == 0 &&
2893 (type == IGMPV3_CHANGE_TO_INCLUDE ||
2894 type == IGMPV3_MODE_IS_INCLUDE)) {
2895 if (!pmctx || igmpv2) {
2896 br_ip4_multicast_leave_group(brmctx, pmctx,
2897 group, vid, src);
2898 continue;
2899 }
2900 } else {
2901 err = br_ip4_multicast_add_group(brmctx, pmctx, group,
2902 vid, src, igmpv2);
2903 if (err)
2904 break;
2905 }
2906
2907 if (!pmctx || igmpv2)
2908 continue;
2909
2910 spin_lock(lock: &brmctx->br->multicast_lock);
2911 if (!br_multicast_ctx_should_use(brmctx, pmctx))
2912 goto unlock_continue;
2913
2914 mdst = br_mdb_ip4_get(br: brmctx->br, dst: group, vid);
2915 if (!mdst)
2916 goto unlock_continue;
2917 pg = br_multicast_find_port(mp: mdst, p: pmctx->port, src);
2918 if (!pg || (pg->flags & MDB_PG_FLAGS_PERMANENT))
2919 goto unlock_continue;
2920 /* reload grec and host addr */
2921 grec = (void *)(skb->data + len - sizeof(*grec) - (nsrcs * 4));
2922 h_addr = &ip_hdr(skb)->saddr;
2923 switch (type) {
2924 case IGMPV3_ALLOW_NEW_SOURCES:
2925 changed = br_multicast_isinc_allow(brmctx, pg, h_addr,
2926 srcs: grec->grec_src,
2927 nsrcs, addr_size: sizeof(__be32), grec_type: type);
2928 break;
2929 case IGMPV3_MODE_IS_INCLUDE:
2930 changed = br_multicast_isinc_allow(brmctx, pg, h_addr,
2931 srcs: grec->grec_src,
2932 nsrcs, addr_size: sizeof(__be32), grec_type: type);
2933 break;
2934 case IGMPV3_MODE_IS_EXCLUDE:
2935 changed = br_multicast_isexc(brmctx, pg, h_addr,
2936 srcs: grec->grec_src,
2937 nsrcs, addr_size: sizeof(__be32), grec_type: type);
2938 break;
2939 case IGMPV3_CHANGE_TO_INCLUDE:
2940 changed = br_multicast_toin(brmctx, pmctx, pg, h_addr,
2941 srcs: grec->grec_src,
2942 nsrcs, addr_size: sizeof(__be32), grec_type: type);
2943 break;
2944 case IGMPV3_CHANGE_TO_EXCLUDE:
2945 changed = br_multicast_toex(brmctx, pmctx, pg, h_addr,
2946 srcs: grec->grec_src,
2947 nsrcs, addr_size: sizeof(__be32), grec_type: type);
2948 break;
2949 case IGMPV3_BLOCK_OLD_SOURCES:
2950 changed = br_multicast_block(brmctx, pmctx, pg, h_addr,
2951 srcs: grec->grec_src,
2952 nsrcs, addr_size: sizeof(__be32), grec_type: type);
2953 break;
2954 }
2955 if (changed)
2956 br_mdb_notify(dev: brmctx->br->dev, mp: mdst, pg, RTM_NEWMDB);
2957unlock_continue:
2958 spin_unlock(lock: &brmctx->br->multicast_lock);
2959 }
2960
2961 return err;
2962}
2963
2964#if IS_ENABLED(CONFIG_IPV6)
2965static int br_ip6_multicast_mld2_report(struct net_bridge_mcast *brmctx,
2966 struct net_bridge_mcast_port *pmctx,
2967 struct sk_buff *skb,
2968 u16 vid)
2969{
2970 bool mldv1 = brmctx->multicast_mld_version == 1;
2971 struct net_bridge_mdb_entry *mdst;
2972 struct net_bridge_port_group *pg;
2973 unsigned int nsrcs_offset;
2974 struct mld2_report *mld2r;
2975 const unsigned char *src;
2976 struct in6_addr *h_addr;
2977 struct mld2_grec *grec;
2978 unsigned int grec_len;
2979 bool changed = false;
2980 int i, len, num;
2981 int err = 0;
2982
2983 if (!ipv6_mc_may_pull(skb, len: sizeof(*mld2r)))
2984 return -EINVAL;
2985
2986 mld2r = (struct mld2_report *)icmp6_hdr(skb);
2987 num = ntohs(mld2r->mld2r_ngrec);
2988 len = skb_transport_offset(skb) + sizeof(*mld2r);
2989
2990 for (i = 0; i < num; i++) {
2991 __be16 *_nsrcs, __nsrcs;
2992 u16 nsrcs;
2993
2994 nsrcs_offset = len + offsetof(struct mld2_grec, grec_nsrcs);
2995
2996 if (skb_transport_offset(skb) + ipv6_transport_len(skb) <
2997 nsrcs_offset + sizeof(__nsrcs))
2998 return -EINVAL;
2999
3000 _nsrcs = skb_header_pointer(skb, offset: nsrcs_offset,
3001 len: sizeof(__nsrcs), buffer: &__nsrcs);
3002 if (!_nsrcs)
3003 return -EINVAL;
3004
3005 nsrcs = ntohs(*_nsrcs);
3006 grec_len = struct_size(grec, grec_src, nsrcs);
3007
3008 if (!ipv6_mc_may_pull(skb, len: len + grec_len))
3009 return -EINVAL;
3010
3011 grec = (struct mld2_grec *)(skb->data + len);
3012 len += grec_len;
3013
3014 switch (grec->grec_type) {
3015 case MLD2_MODE_IS_INCLUDE:
3016 case MLD2_MODE_IS_EXCLUDE:
3017 case MLD2_CHANGE_TO_INCLUDE:
3018 case MLD2_CHANGE_TO_EXCLUDE:
3019 case MLD2_ALLOW_NEW_SOURCES:
3020 case MLD2_BLOCK_OLD_SOURCES:
3021 break;
3022
3023 default:
3024 continue;
3025 }
3026
3027 src = eth_hdr(skb)->h_source;
3028 if ((grec->grec_type == MLD2_CHANGE_TO_INCLUDE ||
3029 grec->grec_type == MLD2_MODE_IS_INCLUDE) &&
3030 nsrcs == 0) {
3031 if (!pmctx || mldv1) {
3032 br_ip6_multicast_leave_group(brmctx, pmctx,
3033 group: &grec->grec_mca,
3034 vid, src);
3035 continue;
3036 }
3037 } else {
3038 err = br_ip6_multicast_add_group(brmctx, pmctx,
3039 group: &grec->grec_mca, vid,
3040 src, mldv1);
3041 if (err)
3042 break;
3043 }
3044
3045 if (!pmctx || mldv1)
3046 continue;
3047
3048 spin_lock(lock: &brmctx->br->multicast_lock);
3049 if (!br_multicast_ctx_should_use(brmctx, pmctx))
3050 goto unlock_continue;
3051
3052 mdst = br_mdb_ip6_get(br: brmctx->br, dst: &grec->grec_mca, vid);
3053 if (!mdst)
3054 goto unlock_continue;
3055 pg = br_multicast_find_port(mp: mdst, p: pmctx->port, src);
3056 if (!pg || (pg->flags & MDB_PG_FLAGS_PERMANENT))
3057 goto unlock_continue;
3058 h_addr = &ipv6_hdr(skb)->saddr;
3059 switch (grec->grec_type) {
3060 case MLD2_ALLOW_NEW_SOURCES:
3061 changed = br_multicast_isinc_allow(brmctx, pg, h_addr,
3062 srcs: grec->grec_src, nsrcs,
3063 addr_size: sizeof(struct in6_addr),
3064 grec_type: grec->grec_type);
3065 break;
3066 case MLD2_MODE_IS_INCLUDE:
3067 changed = br_multicast_isinc_allow(brmctx, pg, h_addr,
3068 srcs: grec->grec_src, nsrcs,
3069 addr_size: sizeof(struct in6_addr),
3070 grec_type: grec->grec_type);
3071 break;
3072 case MLD2_MODE_IS_EXCLUDE:
3073 changed = br_multicast_isexc(brmctx, pg, h_addr,
3074 srcs: grec->grec_src, nsrcs,
3075 addr_size: sizeof(struct in6_addr),
3076 grec_type: grec->grec_type);
3077 break;
3078 case MLD2_CHANGE_TO_INCLUDE:
3079 changed = br_multicast_toin(brmctx, pmctx, pg, h_addr,
3080 srcs: grec->grec_src, nsrcs,
3081 addr_size: sizeof(struct in6_addr),
3082 grec_type: grec->grec_type);
3083 break;
3084 case MLD2_CHANGE_TO_EXCLUDE:
3085 changed = br_multicast_toex(brmctx, pmctx, pg, h_addr,
3086 srcs: grec->grec_src, nsrcs,
3087 addr_size: sizeof(struct in6_addr),
3088 grec_type: grec->grec_type);
3089 break;
3090 case MLD2_BLOCK_OLD_SOURCES:
3091 changed = br_multicast_block(brmctx, pmctx, pg, h_addr,
3092 srcs: grec->grec_src, nsrcs,
3093 addr_size: sizeof(struct in6_addr),
3094 grec_type: grec->grec_type);
3095 break;
3096 }
3097 if (changed)
3098 br_mdb_notify(dev: brmctx->br->dev, mp: mdst, pg, RTM_NEWMDB);
3099unlock_continue:
3100 spin_unlock(lock: &brmctx->br->multicast_lock);
3101 }
3102
3103 return err;
3104}
3105#endif
3106
3107static bool br_multicast_select_querier(struct net_bridge_mcast *brmctx,
3108 struct net_bridge_mcast_port *pmctx,
3109 struct br_ip *saddr)
3110{
3111 int port_ifidx = pmctx ? pmctx->port->dev->ifindex : 0;
3112 struct timer_list *own_timer, *other_timer;
3113 struct bridge_mcast_querier *querier;
3114
3115 switch (saddr->proto) {
3116 case htons(ETH_P_IP):
3117 querier = &brmctx->ip4_querier;
3118 own_timer = &brmctx->ip4_own_query.timer;
3119 other_timer = &brmctx->ip4_other_query.timer;
3120 if (!querier->addr.src.ip4 ||
3121 ntohl(saddr->src.ip4) <= ntohl(querier->addr.src.ip4))
3122 goto update;
3123 break;
3124#if IS_ENABLED(CONFIG_IPV6)
3125 case htons(ETH_P_IPV6):
3126 querier = &brmctx->ip6_querier;
3127 own_timer = &brmctx->ip6_own_query.timer;
3128 other_timer = &brmctx->ip6_other_query.timer;
3129 if (ipv6_addr_cmp(a1: &saddr->src.ip6, a2: &querier->addr.src.ip6) <= 0)
3130 goto update;
3131 break;
3132#endif
3133 default:
3134 return false;
3135 }
3136
3137 if (!timer_pending(timer: own_timer) && !timer_pending(timer: other_timer))
3138 goto update;
3139
3140 return false;
3141
3142update:
3143 br_multicast_update_querier(brmctx, querier, ifindex: port_ifidx, saddr);
3144
3145 return true;
3146}
3147
3148static struct net_bridge_port *
3149__br_multicast_get_querier_port(struct net_bridge *br,
3150 const struct bridge_mcast_querier *querier)
3151{
3152 int port_ifidx = READ_ONCE(querier->port_ifidx);
3153 struct net_bridge_port *p;
3154 struct net_device *dev;
3155
3156 if (port_ifidx == 0)
3157 return NULL;
3158
3159 dev = dev_get_by_index_rcu(net: dev_net(dev: br->dev), ifindex: port_ifidx);
3160 if (!dev)
3161 return NULL;
3162 p = br_port_get_rtnl_rcu(dev);
3163 if (!p || p->br != br)
3164 return NULL;
3165
3166 return p;
3167}
3168
3169size_t br_multicast_querier_state_size(void)
3170{
3171 return nla_total_size(payload: 0) + /* nest attribute */
3172 nla_total_size(payload: sizeof(__be32)) + /* BRIDGE_QUERIER_IP_ADDRESS */
3173 nla_total_size(payload: sizeof(int)) + /* BRIDGE_QUERIER_IP_PORT */
3174 nla_total_size_64bit(payload: sizeof(u64)) + /* BRIDGE_QUERIER_IP_OTHER_TIMER */
3175#if IS_ENABLED(CONFIG_IPV6)
3176 nla_total_size(payload: sizeof(struct in6_addr)) + /* BRIDGE_QUERIER_IPV6_ADDRESS */
3177 nla_total_size(payload: sizeof(int)) + /* BRIDGE_QUERIER_IPV6_PORT */
3178 nla_total_size_64bit(payload: sizeof(u64)) + /* BRIDGE_QUERIER_IPV6_OTHER_TIMER */
3179#endif
3180 0;
3181}
3182
3183/* protected by rtnl or rcu */
3184int br_multicast_dump_querier_state(struct sk_buff *skb,
3185 const struct net_bridge_mcast *brmctx,
3186 int nest_attr)
3187{
3188 struct bridge_mcast_querier querier = {};
3189 struct net_bridge_port *p;
3190 struct nlattr *nest;
3191
3192 if (!br_opt_get(br: brmctx->br, opt: BROPT_MULTICAST_ENABLED) ||
3193 br_multicast_ctx_vlan_global_disabled(brmctx))
3194 return 0;
3195
3196 nest = nla_nest_start(skb, attrtype: nest_attr);
3197 if (!nest)
3198 return -EMSGSIZE;
3199
3200 rcu_read_lock();
3201 if (!brmctx->multicast_querier &&
3202 !timer_pending(timer: &brmctx->ip4_other_query.timer))
3203 goto out_v6;
3204
3205 br_multicast_read_querier(querier: &brmctx->ip4_querier, dest: &querier);
3206 if (nla_put_in_addr(skb, attrtype: BRIDGE_QUERIER_IP_ADDRESS,
3207 addr: querier.addr.src.ip4)) {
3208 rcu_read_unlock();
3209 goto out_err;
3210 }
3211
3212 p = __br_multicast_get_querier_port(br: brmctx->br, querier: &querier);
3213 if (timer_pending(timer: &brmctx->ip4_other_query.timer) &&
3214 (nla_put_u64_64bit(skb, attrtype: BRIDGE_QUERIER_IP_OTHER_TIMER,
3215 value: br_timer_value(timer: &brmctx->ip4_other_query.timer),
3216 padattr: BRIDGE_QUERIER_PAD) ||
3217 (p && nla_put_u32(skb, attrtype: BRIDGE_QUERIER_IP_PORT, value: p->dev->ifindex)))) {
3218 rcu_read_unlock();
3219 goto out_err;
3220 }
3221
3222out_v6:
3223#if IS_ENABLED(CONFIG_IPV6)
3224 if (!brmctx->multicast_querier &&
3225 !timer_pending(timer: &brmctx->ip6_other_query.timer))
3226 goto out;
3227
3228 br_multicast_read_querier(querier: &brmctx->ip6_querier, dest: &querier);
3229 if (nla_put_in6_addr(skb, attrtype: BRIDGE_QUERIER_IPV6_ADDRESS,
3230 addr: &querier.addr.src.ip6)) {
3231 rcu_read_unlock();
3232 goto out_err;
3233 }
3234
3235 p = __br_multicast_get_querier_port(br: brmctx->br, querier: &querier);
3236 if (timer_pending(timer: &brmctx->ip6_other_query.timer) &&
3237 (nla_put_u64_64bit(skb, attrtype: BRIDGE_QUERIER_IPV6_OTHER_TIMER,
3238 value: br_timer_value(timer: &brmctx->ip6_other_query.timer),
3239 padattr: BRIDGE_QUERIER_PAD) ||
3240 (p && nla_put_u32(skb, attrtype: BRIDGE_QUERIER_IPV6_PORT,
3241 value: p->dev->ifindex)))) {
3242 rcu_read_unlock();
3243 goto out_err;
3244 }
3245out:
3246#endif
3247 rcu_read_unlock();
3248 nla_nest_end(skb, start: nest);
3249 if (!nla_len(nla: nest))
3250 nla_nest_cancel(skb, start: nest);
3251
3252 return 0;
3253
3254out_err:
3255 nla_nest_cancel(skb, start: nest);
3256 return -EMSGSIZE;
3257}
3258
3259static void
3260br_multicast_update_query_timer(struct net_bridge_mcast *brmctx,
3261 struct bridge_mcast_other_query *query,
3262 unsigned long max_delay)
3263{
3264 if (!timer_pending(timer: &query->timer))
3265 mod_timer(timer: &query->delay_timer, expires: jiffies + max_delay);
3266
3267 mod_timer(timer: &query->timer, expires: jiffies + brmctx->multicast_querier_interval);
3268}
3269
3270static void br_port_mc_router_state_change(struct net_bridge_port *p,
3271 bool is_mc_router)
3272{
3273 struct switchdev_attr attr = {
3274 .orig_dev = p->dev,
3275 .id = SWITCHDEV_ATTR_ID_PORT_MROUTER,
3276 .flags = SWITCHDEV_F_DEFER,
3277 .u.mrouter = is_mc_router,
3278 };
3279
3280 switchdev_port_attr_set(dev: p->dev, attr: &attr, NULL);
3281}
3282
3283static struct net_bridge_port *
3284br_multicast_rport_from_node(struct net_bridge_mcast *brmctx,
3285 struct hlist_head *mc_router_list,
3286 struct hlist_node *rlist)
3287{
3288 struct net_bridge_mcast_port *pmctx;
3289
3290#if IS_ENABLED(CONFIG_IPV6)
3291 if (mc_router_list == &brmctx->ip6_mc_router_list)
3292 pmctx = hlist_entry(rlist, struct net_bridge_mcast_port,
3293 ip6_rlist);
3294 else
3295#endif
3296 pmctx = hlist_entry(rlist, struct net_bridge_mcast_port,
3297 ip4_rlist);
3298
3299 return pmctx->port;
3300}
3301
3302static struct hlist_node *
3303br_multicast_get_rport_slot(struct net_bridge_mcast *brmctx,
3304 struct net_bridge_port *port,
3305 struct hlist_head *mc_router_list)
3306
3307{
3308 struct hlist_node *slot = NULL;
3309 struct net_bridge_port *p;
3310 struct hlist_node *rlist;
3311
3312 hlist_for_each(rlist, mc_router_list) {
3313 p = br_multicast_rport_from_node(brmctx, mc_router_list, rlist);
3314
3315 if ((unsigned long)port >= (unsigned long)p)
3316 break;
3317
3318 slot = rlist;
3319 }
3320
3321 return slot;
3322}
3323
3324static bool br_multicast_no_router_otherpf(struct net_bridge_mcast_port *pmctx,
3325 struct hlist_node *rnode)
3326{
3327#if IS_ENABLED(CONFIG_IPV6)
3328 if (rnode != &pmctx->ip6_rlist)
3329 return hlist_unhashed(h: &pmctx->ip6_rlist);
3330 else
3331 return hlist_unhashed(h: &pmctx->ip4_rlist);
3332#else
3333 return true;
3334#endif
3335}
3336
3337/* Add port to router_list
3338 * list is maintained ordered by pointer value
3339 * and locked by br->multicast_lock and RCU
3340 */
3341static void br_multicast_add_router(struct net_bridge_mcast *brmctx,
3342 struct net_bridge_mcast_port *pmctx,
3343 struct hlist_node *rlist,
3344 struct hlist_head *mc_router_list)
3345{
3346 struct hlist_node *slot;
3347
3348 if (!hlist_unhashed(h: rlist))
3349 return;
3350
3351 slot = br_multicast_get_rport_slot(brmctx, port: pmctx->port, mc_router_list);
3352
3353 if (slot)
3354 hlist_add_behind_rcu(n: rlist, prev: slot);
3355 else
3356 hlist_add_head_rcu(n: rlist, h: mc_router_list);
3357
3358 /* For backwards compatibility for now, only notify if we
3359 * switched from no IPv4/IPv6 multicast router to a new
3360 * IPv4 or IPv6 multicast router.
3361 */
3362 if (br_multicast_no_router_otherpf(pmctx, rnode: rlist)) {
3363 br_rtr_notify(dev: pmctx->port->br->dev, pmctx, RTM_NEWMDB);
3364 br_port_mc_router_state_change(p: pmctx->port, is_mc_router: true);
3365 }
3366}
3367
3368/* Add port to router_list
3369 * list is maintained ordered by pointer value
3370 * and locked by br->multicast_lock and RCU
3371 */
3372static void br_ip4_multicast_add_router(struct net_bridge_mcast *brmctx,
3373 struct net_bridge_mcast_port *pmctx)
3374{
3375 br_multicast_add_router(brmctx, pmctx, rlist: &pmctx->ip4_rlist,
3376 mc_router_list: &brmctx->ip4_mc_router_list);
3377}
3378
3379/* Add port to router_list
3380 * list is maintained ordered by pointer value
3381 * and locked by br->multicast_lock and RCU
3382 */
3383static void br_ip6_multicast_add_router(struct net_bridge_mcast *brmctx,
3384 struct net_bridge_mcast_port *pmctx)
3385{
3386#if IS_ENABLED(CONFIG_IPV6)
3387 br_multicast_add_router(brmctx, pmctx, rlist: &pmctx->ip6_rlist,
3388 mc_router_list: &brmctx->ip6_mc_router_list);
3389#endif
3390}
3391
3392static void br_multicast_mark_router(struct net_bridge_mcast *brmctx,
3393 struct net_bridge_mcast_port *pmctx,
3394 struct timer_list *timer,
3395 struct hlist_node *rlist,
3396 struct hlist_head *mc_router_list)
3397{
3398 unsigned long now = jiffies;
3399
3400 if (!br_multicast_ctx_should_use(brmctx, pmctx))
3401 return;
3402
3403 if (!pmctx) {
3404 if (brmctx->multicast_router == MDB_RTR_TYPE_TEMP_QUERY) {
3405 if (!br_ip4_multicast_is_router(brmctx) &&
3406 !br_ip6_multicast_is_router(brmctx))
3407 br_mc_router_state_change(p: brmctx->br, is_mc_router: true);
3408 mod_timer(timer, expires: now + brmctx->multicast_querier_interval);
3409 }
3410 return;
3411 }
3412
3413 if (pmctx->multicast_router == MDB_RTR_TYPE_DISABLED ||
3414 pmctx->multicast_router == MDB_RTR_TYPE_PERM)
3415 return;
3416
3417 br_multicast_add_router(brmctx, pmctx, rlist, mc_router_list);
3418 mod_timer(timer, expires: now + brmctx->multicast_querier_interval);
3419}
3420
3421static void br_ip4_multicast_mark_router(struct net_bridge_mcast *brmctx,
3422 struct net_bridge_mcast_port *pmctx)
3423{
3424 struct timer_list *timer = &brmctx->ip4_mc_router_timer;
3425 struct hlist_node *rlist = NULL;
3426
3427 if (pmctx) {
3428 timer = &pmctx->ip4_mc_router_timer;
3429 rlist = &pmctx->ip4_rlist;
3430 }
3431
3432 br_multicast_mark_router(brmctx, pmctx, timer, rlist,
3433 mc_router_list: &brmctx->ip4_mc_router_list);
3434}
3435
3436static void br_ip6_multicast_mark_router(struct net_bridge_mcast *brmctx,
3437 struct net_bridge_mcast_port *pmctx)
3438{
3439#if IS_ENABLED(CONFIG_IPV6)
3440 struct timer_list *timer = &brmctx->ip6_mc_router_timer;
3441 struct hlist_node *rlist = NULL;
3442
3443 if (pmctx) {
3444 timer = &pmctx->ip6_mc_router_timer;
3445 rlist = &pmctx->ip6_rlist;
3446 }
3447
3448 br_multicast_mark_router(brmctx, pmctx, timer, rlist,
3449 mc_router_list: &brmctx->ip6_mc_router_list);
3450#endif
3451}
3452
3453static void
3454br_ip4_multicast_query_received(struct net_bridge_mcast *brmctx,
3455 struct net_bridge_mcast_port *pmctx,
3456 struct bridge_mcast_other_query *query,
3457 struct br_ip *saddr,
3458 unsigned long max_delay)
3459{
3460 if (!br_multicast_select_querier(brmctx, pmctx, saddr))
3461 return;
3462
3463 br_multicast_update_query_timer(brmctx, query, max_delay);
3464 br_ip4_multicast_mark_router(brmctx, pmctx);
3465}
3466
3467#if IS_ENABLED(CONFIG_IPV6)
3468static void
3469br_ip6_multicast_query_received(struct net_bridge_mcast *brmctx,
3470 struct net_bridge_mcast_port *pmctx,
3471 struct bridge_mcast_other_query *query,
3472 struct br_ip *saddr,
3473 unsigned long max_delay)
3474{
3475 if (!br_multicast_select_querier(brmctx, pmctx, saddr))
3476 return;
3477
3478 br_multicast_update_query_timer(brmctx, query, max_delay);
3479 br_ip6_multicast_mark_router(brmctx, pmctx);
3480}
3481#endif
3482
3483static void br_ip4_multicast_query(struct net_bridge_mcast *brmctx,
3484 struct net_bridge_mcast_port *pmctx,
3485 struct sk_buff *skb,
3486 u16 vid)
3487{
3488 unsigned int transport_len = ip_transport_len(skb);
3489 const struct iphdr *iph = ip_hdr(skb);
3490 struct igmphdr *ih = igmp_hdr(skb);
3491 struct net_bridge_mdb_entry *mp;
3492 struct igmpv3_query *ih3;
3493 struct net_bridge_port_group *p;
3494 struct net_bridge_port_group __rcu **pp;
3495 struct br_ip saddr = {};
3496 unsigned long max_delay;
3497 unsigned long now = jiffies;
3498 __be32 group;
3499
3500 spin_lock(lock: &brmctx->br->multicast_lock);
3501 if (!br_multicast_ctx_should_use(brmctx, pmctx))
3502 goto out;
3503
3504 group = ih->group;
3505
3506 if (transport_len == sizeof(*ih)) {
3507 max_delay = ih->code * (HZ / IGMP_TIMER_SCALE);
3508
3509 if (!max_delay) {
3510 max_delay = 10 * HZ;
3511 group = 0;
3512 }
3513 } else if (transport_len >= sizeof(*ih3)) {
3514 ih3 = igmpv3_query_hdr(skb);
3515 if (ih3->nsrcs ||
3516 (brmctx->multicast_igmp_version == 3 && group &&
3517 ih3->suppress))
3518 goto out;
3519
3520 max_delay = ih3->code ?
3521 IGMPV3_MRC(ih3->code) * (HZ / IGMP_TIMER_SCALE) : 1;
3522 } else {
3523 goto out;
3524 }
3525
3526 if (!group) {
3527 saddr.proto = htons(ETH_P_IP);
3528 saddr.src.ip4 = iph->saddr;
3529
3530 br_ip4_multicast_query_received(brmctx, pmctx,
3531 query: &brmctx->ip4_other_query,
3532 saddr: &saddr, max_delay);
3533 goto out;
3534 }
3535
3536 mp = br_mdb_ip4_get(br: brmctx->br, dst: group, vid);
3537 if (!mp)
3538 goto out;
3539
3540 max_delay *= brmctx->multicast_last_member_count;
3541
3542 if (mp->host_joined &&
3543 (timer_pending(timer: &mp->timer) ?
3544 time_after(mp->timer.expires, now + max_delay) :
3545 timer_delete_sync_try(timer: &mp->timer) >= 0))
3546 mod_timer(timer: &mp->timer, expires: now + max_delay);
3547
3548 for (pp = &mp->ports;
3549 (p = mlock_dereference(*pp, brmctx->br)) != NULL;
3550 pp = &p->next) {
3551 if (timer_pending(timer: &p->timer) ?
3552 time_after(p->timer.expires, now + max_delay) :
3553 timer_delete_sync_try(timer: &p->timer) >= 0 &&
3554 (brmctx->multicast_igmp_version == 2 ||
3555 p->filter_mode == MCAST_EXCLUDE))
3556 mod_timer(timer: &p->timer, expires: now + max_delay);
3557 }
3558
3559out:
3560 spin_unlock(lock: &brmctx->br->multicast_lock);
3561}
3562
3563#if IS_ENABLED(CONFIG_IPV6)
3564static int br_ip6_multicast_query(struct net_bridge_mcast *brmctx,
3565 struct net_bridge_mcast_port *pmctx,
3566 struct sk_buff *skb,
3567 u16 vid)
3568{
3569 unsigned int transport_len = ipv6_transport_len(skb);
3570 struct mld_msg *mld;
3571 struct net_bridge_mdb_entry *mp;
3572 struct mld2_query *mld2q;
3573 struct net_bridge_port_group *p;
3574 struct net_bridge_port_group __rcu **pp;
3575 struct br_ip saddr = {};
3576 unsigned long max_delay;
3577 unsigned long now = jiffies;
3578 unsigned int offset = skb_transport_offset(skb);
3579 const struct in6_addr *group = NULL;
3580 bool is_general_query;
3581 int err = 0;
3582
3583 spin_lock(lock: &brmctx->br->multicast_lock);
3584 if (!br_multicast_ctx_should_use(brmctx, pmctx))
3585 goto out;
3586
3587 if (transport_len == sizeof(*mld)) {
3588 if (!pskb_may_pull(skb, len: offset + sizeof(*mld))) {
3589 err = -EINVAL;
3590 goto out;
3591 }
3592 mld = (struct mld_msg *) icmp6_hdr(skb);
3593 max_delay = msecs_to_jiffies(ntohs(mld->mld_maxdelay));
3594 if (max_delay)
3595 group = &mld->mld_mca;
3596 } else {
3597 if (!pskb_may_pull(skb, len: offset + sizeof(*mld2q))) {
3598 err = -EINVAL;
3599 goto out;
3600 }
3601 mld2q = (struct mld2_query *)icmp6_hdr(skb);
3602 if (!mld2q->mld2q_nsrcs)
3603 group = &mld2q->mld2q_mca;
3604 if (brmctx->multicast_mld_version == 2 &&
3605 !ipv6_addr_any(a: &mld2q->mld2q_mca) &&
3606 mld2q->mld2q_suppress)
3607 goto out;
3608
3609 max_delay = max(msecs_to_jiffies(mldv2_mrc(mld2q)), 1UL);
3610 }
3611
3612 is_general_query = group && ipv6_addr_any(a: group);
3613
3614 if (is_general_query) {
3615 saddr.proto = htons(ETH_P_IPV6);
3616 saddr.src.ip6 = ipv6_hdr(skb)->saddr;
3617
3618 br_ip6_multicast_query_received(brmctx, pmctx,
3619 query: &brmctx->ip6_other_query,
3620 saddr: &saddr, max_delay);
3621 goto out;
3622 } else if (!group) {
3623 goto out;
3624 }
3625
3626 mp = br_mdb_ip6_get(br: brmctx->br, dst: group, vid);
3627 if (!mp)
3628 goto out;
3629
3630 max_delay *= brmctx->multicast_last_member_count;
3631 if (mp->host_joined &&
3632 (timer_pending(timer: &mp->timer) ?
3633 time_after(mp->timer.expires, now + max_delay) :
3634 timer_delete_sync_try(timer: &mp->timer) >= 0))
3635 mod_timer(timer: &mp->timer, expires: now + max_delay);
3636
3637 for (pp = &mp->ports;
3638 (p = mlock_dereference(*pp, brmctx->br)) != NULL;
3639 pp = &p->next) {
3640 if (timer_pending(timer: &p->timer) ?
3641 time_after(p->timer.expires, now + max_delay) :
3642 timer_delete_sync_try(timer: &p->timer) >= 0 &&
3643 (brmctx->multicast_mld_version == 1 ||
3644 p->filter_mode == MCAST_EXCLUDE))
3645 mod_timer(timer: &p->timer, expires: now + max_delay);
3646 }
3647
3648out:
3649 spin_unlock(lock: &brmctx->br->multicast_lock);
3650 return err;
3651}
3652#endif
3653
3654static void
3655br_multicast_leave_group(struct net_bridge_mcast *brmctx,
3656 struct net_bridge_mcast_port *pmctx,
3657 struct br_ip *group,
3658 struct bridge_mcast_other_query *other_query,
3659 struct bridge_mcast_own_query *own_query,
3660 const unsigned char *src)
3661{
3662 struct net_bridge_mdb_entry *mp;
3663 struct net_bridge_port_group *p;
3664 unsigned long now;
3665 unsigned long time;
3666
3667 spin_lock(lock: &brmctx->br->multicast_lock);
3668 if (!br_multicast_ctx_should_use(brmctx, pmctx))
3669 goto out;
3670
3671 mp = br_mdb_ip_get(br: brmctx->br, dst: group);
3672 if (!mp)
3673 goto out;
3674
3675 if (pmctx && (pmctx->port->flags & BR_MULTICAST_FAST_LEAVE)) {
3676 struct net_bridge_port_group __rcu **pp;
3677
3678 for (pp = &mp->ports;
3679 (p = mlock_dereference(*pp, brmctx->br)) != NULL;
3680 pp = &p->next) {
3681 if (!br_port_group_equal(p, port: pmctx->port, src))
3682 continue;
3683
3684 if (p->flags & MDB_PG_FLAGS_PERMANENT)
3685 break;
3686
3687 p->flags |= MDB_PG_FLAGS_FAST_LEAVE;
3688 br_multicast_del_pg(mp, pg: p, pp);
3689 }
3690 goto out;
3691 }
3692
3693 if (timer_pending(timer: &other_query->timer))
3694 goto out;
3695
3696 if (brmctx->multicast_querier) {
3697 __br_multicast_send_query(brmctx, pmctx, NULL, NULL, group: &mp->addr,
3698 with_srcs: false, sflag: 0, NULL);
3699
3700 time = jiffies + brmctx->multicast_last_member_count *
3701 brmctx->multicast_last_member_interval;
3702
3703 mod_timer(timer: &own_query->timer, expires: time);
3704
3705 for (p = mlock_dereference(mp->ports, brmctx->br);
3706 p != NULL && pmctx != NULL;
3707 p = mlock_dereference(p->next, brmctx->br)) {
3708 if (!br_port_group_equal(p, port: pmctx->port, src))
3709 continue;
3710
3711 if (!hlist_unhashed(h: &p->mglist) &&
3712 (timer_pending(timer: &p->timer) ?
3713 time_after(p->timer.expires, time) :
3714 timer_delete_sync_try(timer: &p->timer) >= 0)) {
3715 mod_timer(timer: &p->timer, expires: time);
3716 }
3717
3718 break;
3719 }
3720 }
3721
3722 now = jiffies;
3723 time = now + brmctx->multicast_last_member_count *
3724 brmctx->multicast_last_member_interval;
3725
3726 if (!pmctx) {
3727 if (mp->host_joined &&
3728 (timer_pending(timer: &mp->timer) ?
3729 time_after(mp->timer.expires, time) :
3730 timer_delete_sync_try(timer: &mp->timer) >= 0)) {
3731 mod_timer(timer: &mp->timer, expires: time);
3732 }
3733
3734 goto out;
3735 }
3736
3737 for (p = mlock_dereference(mp->ports, brmctx->br);
3738 p != NULL;
3739 p = mlock_dereference(p->next, brmctx->br)) {
3740 if (p->key.port != pmctx->port)
3741 continue;
3742
3743 if (!hlist_unhashed(h: &p->mglist) &&
3744 (timer_pending(timer: &p->timer) ?
3745 time_after(p->timer.expires, time) :
3746 timer_delete_sync_try(timer: &p->timer) >= 0)) {
3747 mod_timer(timer: &p->timer, expires: time);
3748 }
3749
3750 break;
3751 }
3752out:
3753 spin_unlock(lock: &brmctx->br->multicast_lock);
3754}
3755
3756static void br_ip4_multicast_leave_group(struct net_bridge_mcast *brmctx,
3757 struct net_bridge_mcast_port *pmctx,
3758 __be32 group,
3759 __u16 vid,
3760 const unsigned char *src)
3761{
3762 struct br_ip br_group;
3763 struct bridge_mcast_own_query *own_query;
3764
3765 if (ipv4_is_local_multicast(addr: group))
3766 return;
3767
3768 own_query = pmctx ? &pmctx->ip4_own_query : &brmctx->ip4_own_query;
3769
3770 memset(&br_group, 0, sizeof(br_group));
3771 br_group.dst.ip4 = group;
3772 br_group.proto = htons(ETH_P_IP);
3773 br_group.vid = vid;
3774
3775 br_multicast_leave_group(brmctx, pmctx, group: &br_group,
3776 other_query: &brmctx->ip4_other_query,
3777 own_query, src);
3778}
3779
3780#if IS_ENABLED(CONFIG_IPV6)
3781static void br_ip6_multicast_leave_group(struct net_bridge_mcast *brmctx,
3782 struct net_bridge_mcast_port *pmctx,
3783 const struct in6_addr *group,
3784 __u16 vid,
3785 const unsigned char *src)
3786{
3787 struct br_ip br_group;
3788 struct bridge_mcast_own_query *own_query;
3789
3790 if (ipv6_addr_is_ll_all_nodes(addr: group))
3791 return;
3792
3793 own_query = pmctx ? &pmctx->ip6_own_query : &brmctx->ip6_own_query;
3794
3795 memset(&br_group, 0, sizeof(br_group));
3796 br_group.dst.ip6 = *group;
3797 br_group.proto = htons(ETH_P_IPV6);
3798 br_group.vid = vid;
3799
3800 br_multicast_leave_group(brmctx, pmctx, group: &br_group,
3801 other_query: &brmctx->ip6_other_query,
3802 own_query, src);
3803}
3804#endif
3805
3806static void br_multicast_err_count(const struct net_bridge *br,
3807 const struct net_bridge_port *p,
3808 __be16 proto)
3809{
3810 struct bridge_mcast_stats __percpu *stats;
3811 struct bridge_mcast_stats *pstats;
3812
3813 if (!br_opt_get(br, opt: BROPT_MULTICAST_STATS_ENABLED))
3814 return;
3815
3816 if (p)
3817 stats = p->mcast_stats;
3818 else
3819 stats = br->mcast_stats;
3820 if (WARN_ON(!stats))
3821 return;
3822
3823 pstats = this_cpu_ptr(stats);
3824
3825 u64_stats_update_begin(syncp: &pstats->syncp);
3826 switch (proto) {
3827 case htons(ETH_P_IP):
3828 pstats->mstats.igmp_parse_errors++;
3829 break;
3830#if IS_ENABLED(CONFIG_IPV6)
3831 case htons(ETH_P_IPV6):
3832 pstats->mstats.mld_parse_errors++;
3833 break;
3834#endif
3835 }
3836 u64_stats_update_end(syncp: &pstats->syncp);
3837}
3838
3839static void br_multicast_pim(struct net_bridge_mcast *brmctx,
3840 struct net_bridge_mcast_port *pmctx,
3841 const struct sk_buff *skb)
3842{
3843 unsigned int offset = skb_transport_offset(skb);
3844 struct pimhdr *pimhdr, _pimhdr;
3845
3846 pimhdr = skb_header_pointer(skb, offset, len: sizeof(_pimhdr), buffer: &_pimhdr);
3847 if (!pimhdr || pim_hdr_version(pimhdr) != PIM_VERSION ||
3848 pim_hdr_type(pimhdr) != PIM_TYPE_HELLO)
3849 return;
3850
3851 spin_lock(lock: &brmctx->br->multicast_lock);
3852 br_ip4_multicast_mark_router(brmctx, pmctx);
3853 spin_unlock(lock: &brmctx->br->multicast_lock);
3854}
3855
3856static int br_ip4_multicast_mrd_rcv(struct net_bridge_mcast *brmctx,
3857 struct net_bridge_mcast_port *pmctx,
3858 struct sk_buff *skb)
3859{
3860 if (ip_hdr(skb)->protocol != IPPROTO_IGMP ||
3861 igmp_hdr(skb)->type != IGMP_MRDISC_ADV)
3862 return -ENOMSG;
3863
3864 spin_lock(lock: &brmctx->br->multicast_lock);
3865 br_ip4_multicast_mark_router(brmctx, pmctx);
3866 spin_unlock(lock: &brmctx->br->multicast_lock);
3867
3868 return 0;
3869}
3870
3871static int br_multicast_ipv4_rcv(struct net_bridge_mcast *brmctx,
3872 struct net_bridge_mcast_port *pmctx,
3873 struct sk_buff *skb,
3874 u16 vid)
3875{
3876 struct net_bridge_port *p = pmctx ? pmctx->port : NULL;
3877 const unsigned char *src;
3878 struct igmphdr *ih;
3879 int err;
3880
3881 err = ip_mc_check_igmp(skb);
3882
3883 if (err == -ENOMSG) {
3884 if (!ipv4_is_local_multicast(addr: ip_hdr(skb)->daddr)) {
3885 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
3886 } else if (pim_ipv4_all_pim_routers(addr: ip_hdr(skb)->daddr)) {
3887 if (ip_hdr(skb)->protocol == IPPROTO_PIM)
3888 br_multicast_pim(brmctx, pmctx, skb);
3889 } else if (ipv4_is_all_snoopers(addr: ip_hdr(skb)->daddr)) {
3890 br_ip4_multicast_mrd_rcv(brmctx, pmctx, skb);
3891 }
3892
3893 return 0;
3894 } else if (err < 0) {
3895 br_multicast_err_count(br: brmctx->br, p, proto: skb->protocol);
3896 return err;
3897 }
3898
3899 ih = igmp_hdr(skb);
3900 src = eth_hdr(skb)->h_source;
3901 BR_INPUT_SKB_CB(skb)->igmp = ih->type;
3902
3903 switch (ih->type) {
3904 case IGMP_HOST_MEMBERSHIP_REPORT:
3905 case IGMPV2_HOST_MEMBERSHIP_REPORT:
3906 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
3907 err = br_ip4_multicast_add_group(brmctx, pmctx, group: ih->group, vid,
3908 src, igmpv2: true);
3909 break;
3910 case IGMPV3_HOST_MEMBERSHIP_REPORT:
3911 err = br_ip4_multicast_igmp3_report(brmctx, pmctx, skb, vid);
3912 break;
3913 case IGMP_HOST_MEMBERSHIP_QUERY:
3914 br_ip4_multicast_query(brmctx, pmctx, skb, vid);
3915 break;
3916 case IGMP_HOST_LEAVE_MESSAGE:
3917 br_ip4_multicast_leave_group(brmctx, pmctx, group: ih->group, vid, src);
3918 break;
3919 }
3920
3921 br_multicast_count(br: brmctx->br, p, skb, BR_INPUT_SKB_CB(skb)->igmp,
3922 dir: BR_MCAST_DIR_RX);
3923
3924 return err;
3925}
3926
3927#if IS_ENABLED(CONFIG_IPV6)
3928static void br_ip6_multicast_mrd_rcv(struct net_bridge_mcast *brmctx,
3929 struct net_bridge_mcast_port *pmctx,
3930 struct sk_buff *skb)
3931{
3932 if (icmp6_hdr(skb)->icmp6_type != ICMPV6_MRDISC_ADV)
3933 return;
3934
3935 spin_lock(lock: &brmctx->br->multicast_lock);
3936 br_ip6_multicast_mark_router(brmctx, pmctx);
3937 spin_unlock(lock: &brmctx->br->multicast_lock);
3938}
3939
3940static int br_multicast_ipv6_rcv(struct net_bridge_mcast *brmctx,
3941 struct net_bridge_mcast_port *pmctx,
3942 struct sk_buff *skb,
3943 u16 vid)
3944{
3945 struct net_bridge_port *p = pmctx ? pmctx->port : NULL;
3946 const unsigned char *src;
3947 struct mld_msg *mld;
3948 int err;
3949
3950 err = ipv6_mc_check_mld(skb);
3951
3952 if (err == -ENOMSG || err == -ENODATA) {
3953 if (!ipv6_addr_is_ll_all_nodes(addr: &ipv6_hdr(skb)->daddr))
3954 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
3955 if (err == -ENODATA &&
3956 ipv6_addr_is_all_snoopers(addr: &ipv6_hdr(skb)->daddr))
3957 br_ip6_multicast_mrd_rcv(brmctx, pmctx, skb);
3958
3959 return 0;
3960 } else if (err < 0) {
3961 br_multicast_err_count(br: brmctx->br, p, proto: skb->protocol);
3962 return err;
3963 }
3964
3965 mld = (struct mld_msg *)skb_transport_header(skb);
3966 BR_INPUT_SKB_CB(skb)->igmp = mld->mld_type;
3967
3968 switch (mld->mld_type) {
3969 case ICMPV6_MGM_REPORT:
3970 src = eth_hdr(skb)->h_source;
3971 BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
3972 err = br_ip6_multicast_add_group(brmctx, pmctx, group: &mld->mld_mca,
3973 vid, src, mldv1: true);
3974 break;
3975 case ICMPV6_MLD2_REPORT:
3976 err = br_ip6_multicast_mld2_report(brmctx, pmctx, skb, vid);
3977 break;
3978 case ICMPV6_MGM_QUERY:
3979 err = br_ip6_multicast_query(brmctx, pmctx, skb, vid);
3980 break;
3981 case ICMPV6_MGM_REDUCTION:
3982 src = eth_hdr(skb)->h_source;
3983 br_ip6_multicast_leave_group(brmctx, pmctx, group: &mld->mld_mca, vid,
3984 src);
3985 break;
3986 }
3987
3988 br_multicast_count(br: brmctx->br, p, skb, BR_INPUT_SKB_CB(skb)->igmp,
3989 dir: BR_MCAST_DIR_RX);
3990
3991 return err;
3992}
3993#endif
3994
3995int br_multicast_rcv(struct net_bridge_mcast **brmctx,
3996 struct net_bridge_mcast_port **pmctx,
3997 struct net_bridge_vlan *vlan,
3998 struct sk_buff *skb, u16 vid)
3999{
4000 int ret = 0;
4001
4002 BR_INPUT_SKB_CB(skb)->igmp = 0;
4003 BR_INPUT_SKB_CB(skb)->mrouters_only = 0;
4004
4005 if (!br_opt_get(br: (*brmctx)->br, opt: BROPT_MULTICAST_ENABLED))
4006 return 0;
4007
4008 if (br_opt_get(br: (*brmctx)->br, opt: BROPT_MCAST_VLAN_SNOOPING_ENABLED) && vlan) {
4009 const struct net_bridge_vlan *masterv;
4010
4011 /* the vlan has the master flag set only when transmitting
4012 * through the bridge device
4013 */
4014 if (br_vlan_is_master(v: vlan)) {
4015 masterv = vlan;
4016 *brmctx = &vlan->br_mcast_ctx;
4017 *pmctx = NULL;
4018 } else {
4019 masterv = vlan->brvlan;
4020 *brmctx = &vlan->brvlan->br_mcast_ctx;
4021 *pmctx = &vlan->port_mcast_ctx;
4022 }
4023
4024 if (!(masterv->priv_flags & BR_VLFLAG_GLOBAL_MCAST_ENABLED))
4025 return 0;
4026 }
4027
4028 switch (skb->protocol) {
4029 case htons(ETH_P_IP):
4030 ret = br_multicast_ipv4_rcv(brmctx: *brmctx, pmctx: *pmctx, skb, vid);
4031 break;
4032#if IS_ENABLED(CONFIG_IPV6)
4033 case htons(ETH_P_IPV6):
4034 ret = br_multicast_ipv6_rcv(brmctx: *brmctx, pmctx: *pmctx, skb, vid);
4035 break;
4036#endif
4037 }
4038
4039 return ret;
4040}
4041
4042static void br_multicast_query_expired(struct net_bridge_mcast *brmctx,
4043 struct bridge_mcast_own_query *query,
4044 struct bridge_mcast_querier *querier)
4045{
4046 spin_lock(lock: &brmctx->br->multicast_lock);
4047 if (br_multicast_ctx_vlan_disabled(brmctx))
4048 goto out;
4049
4050 if (query->startup_sent < brmctx->multicast_startup_query_count)
4051 query->startup_sent++;
4052
4053 br_multicast_send_query(brmctx, NULL, own_query: query);
4054out:
4055 spin_unlock(lock: &brmctx->br->multicast_lock);
4056}
4057
4058static void br_ip4_multicast_query_expired(struct timer_list *t)
4059{
4060 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t,
4061 ip4_own_query.timer);
4062
4063 br_multicast_query_expired(brmctx, query: &brmctx->ip4_own_query,
4064 querier: &brmctx->ip4_querier);
4065}
4066
4067#if IS_ENABLED(CONFIG_IPV6)
4068static void br_ip6_multicast_query_expired(struct timer_list *t)
4069{
4070 struct net_bridge_mcast *brmctx = timer_container_of(brmctx, t,
4071 ip6_own_query.timer);
4072
4073 br_multicast_query_expired(brmctx, query: &brmctx->ip6_own_query,
4074 querier: &brmctx->ip6_querier);
4075}
4076#endif
4077
4078static void br_multicast_gc_work(struct work_struct *work)
4079{
4080 struct net_bridge *br = container_of(work, struct net_bridge,
4081 mcast_gc_work);
4082 HLIST_HEAD(deleted_head);
4083
4084 spin_lock_bh(lock: &br->multicast_lock);
4085 hlist_move_list(old: &br->mcast_gc_list, new: &deleted_head);
4086 spin_unlock_bh(lock: &br->multicast_lock);
4087
4088 br_multicast_gc(head: &deleted_head);
4089}
4090
4091void br_multicast_ctx_init(struct net_bridge *br,
4092 struct net_bridge_vlan *vlan,
4093 struct net_bridge_mcast *brmctx)
4094{
4095 brmctx->br = br;
4096 brmctx->vlan = vlan;
4097 brmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY;
4098 brmctx->multicast_last_member_count = 2;
4099 brmctx->multicast_startup_query_count = 2;
4100
4101 brmctx->multicast_last_member_interval = HZ;
4102 brmctx->multicast_query_response_interval = 10 * HZ;
4103 brmctx->multicast_startup_query_interval = 125 * HZ / 4;
4104 brmctx->multicast_query_interval = 125 * HZ;
4105 brmctx->multicast_querier_interval = 255 * HZ;
4106 brmctx->multicast_membership_interval = 260 * HZ;
4107
4108 brmctx->ip4_querier.port_ifidx = 0;
4109 seqcount_spinlock_init(&brmctx->ip4_querier.seq, &br->multicast_lock);
4110 brmctx->multicast_igmp_version = 2;
4111#if IS_ENABLED(CONFIG_IPV6)
4112 brmctx->multicast_mld_version = 1;
4113 brmctx->ip6_querier.port_ifidx = 0;
4114 seqcount_spinlock_init(&brmctx->ip6_querier.seq, &br->multicast_lock);
4115#endif
4116
4117 timer_setup(&brmctx->ip4_mc_router_timer,
4118 br_ip4_multicast_local_router_expired, 0);
4119 timer_setup(&brmctx->ip4_other_query.timer,
4120 br_ip4_multicast_querier_expired, 0);
4121 timer_setup(&brmctx->ip4_other_query.delay_timer,
4122 br_multicast_query_delay_expired, 0);
4123 timer_setup(&brmctx->ip4_own_query.timer,
4124 br_ip4_multicast_query_expired, 0);
4125#if IS_ENABLED(CONFIG_IPV6)
4126 timer_setup(&brmctx->ip6_mc_router_timer,
4127 br_ip6_multicast_local_router_expired, 0);
4128 timer_setup(&brmctx->ip6_other_query.timer,
4129 br_ip6_multicast_querier_expired, 0);
4130 timer_setup(&brmctx->ip6_other_query.delay_timer,
4131 br_multicast_query_delay_expired, 0);
4132 timer_setup(&brmctx->ip6_own_query.timer,
4133 br_ip6_multicast_query_expired, 0);
4134#endif
4135}
4136
4137void br_multicast_ctx_deinit(struct net_bridge_mcast *brmctx)
4138{
4139 __br_multicast_stop(brmctx);
4140}
4141
4142void br_multicast_init(struct net_bridge *br)
4143{
4144 br->hash_max = BR_MULTICAST_DEFAULT_HASH_MAX;
4145
4146 br_multicast_ctx_init(br, NULL, brmctx: &br->multicast_ctx);
4147
4148 br_opt_toggle(br, opt: BROPT_MULTICAST_ENABLED, on: true);
4149 br_opt_toggle(br, opt: BROPT_HAS_IPV6_ADDR, on: true);
4150
4151 spin_lock_init(&br->multicast_lock);
4152 INIT_HLIST_HEAD(&br->mdb_list);
4153 INIT_HLIST_HEAD(&br->mcast_gc_list);
4154 INIT_WORK(&br->mcast_gc_work, br_multicast_gc_work);
4155}
4156
4157static void br_ip4_multicast_join_snoopers(struct net_bridge *br)
4158{
4159 struct in_device *in_dev = in_dev_get(dev: br->dev);
4160
4161 if (!in_dev)
4162 return;
4163
4164 __ip_mc_inc_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC);
4165 in_dev_put(idev: in_dev);
4166}
4167
4168#if IS_ENABLED(CONFIG_IPV6)
4169static void br_ip6_multicast_join_snoopers(struct net_bridge *br)
4170{
4171 struct in6_addr addr;
4172
4173 ipv6_addr_set(addr: &addr, htonl(0xff020000), w2: 0, w3: 0, htonl(0x6a));
4174 ipv6_dev_mc_inc(dev: br->dev, addr: &addr);
4175}
4176#else
4177static inline void br_ip6_multicast_join_snoopers(struct net_bridge *br)
4178{
4179}
4180#endif
4181
4182void br_multicast_join_snoopers(struct net_bridge *br)
4183{
4184 br_ip4_multicast_join_snoopers(br);
4185 br_ip6_multicast_join_snoopers(br);
4186}
4187
4188static void br_ip4_multicast_leave_snoopers(struct net_bridge *br)
4189{
4190 struct in_device *in_dev = in_dev_get(dev: br->dev);
4191
4192 if (WARN_ON(!in_dev))
4193 return;
4194
4195 __ip_mc_dec_group(in_dev, htonl(INADDR_ALLSNOOPERS_GROUP), GFP_ATOMIC);
4196 in_dev_put(idev: in_dev);
4197}
4198
4199#if IS_ENABLED(CONFIG_IPV6)
4200static void br_ip6_multicast_leave_snoopers(struct net_bridge *br)
4201{
4202 struct in6_addr addr;
4203
4204 ipv6_addr_set(addr: &addr, htonl(0xff020000), w2: 0, w3: 0, htonl(0x6a));
4205 ipv6_dev_mc_dec(dev: br->dev, addr: &addr);
4206}
4207#else
4208static inline void br_ip6_multicast_leave_snoopers(struct net_bridge *br)
4209{
4210}
4211#endif
4212
4213void br_multicast_leave_snoopers(struct net_bridge *br)
4214{
4215 br_ip4_multicast_leave_snoopers(br);
4216 br_ip6_multicast_leave_snoopers(br);
4217}
4218
4219static void __br_multicast_open_query(struct net_bridge *br,
4220 struct bridge_mcast_own_query *query)
4221{
4222 query->startup_sent = 0;
4223
4224 if (!br_opt_get(br, opt: BROPT_MULTICAST_ENABLED))
4225 return;
4226
4227 mod_timer(timer: &query->timer, expires: jiffies);
4228}
4229
4230static void __br_multicast_open(struct net_bridge_mcast *brmctx)
4231{
4232 __br_multicast_open_query(br: brmctx->br, query: &brmctx->ip4_own_query);
4233#if IS_ENABLED(CONFIG_IPV6)
4234 __br_multicast_open_query(br: brmctx->br, query: &brmctx->ip6_own_query);
4235#endif
4236}
4237
4238void br_multicast_open(struct net_bridge *br)
4239{
4240 ASSERT_RTNL();
4241
4242 if (br_opt_get(br, opt: BROPT_MCAST_VLAN_SNOOPING_ENABLED)) {
4243 struct net_bridge_vlan_group *vg;
4244 struct net_bridge_vlan *vlan;
4245
4246 vg = br_vlan_group(br);
4247 if (vg) {
4248 list_for_each_entry(vlan, &vg->vlan_list, vlist) {
4249 struct net_bridge_mcast *brmctx;
4250
4251 brmctx = &vlan->br_mcast_ctx;
4252 if (br_vlan_is_brentry(v: vlan) &&
4253 !br_multicast_ctx_vlan_disabled(brmctx))
4254 __br_multicast_open(brmctx: &vlan->br_mcast_ctx);
4255 }
4256 }
4257 } else {
4258 __br_multicast_open(brmctx: &br->multicast_ctx);
4259 }
4260}
4261
4262static void __br_multicast_stop(struct net_bridge_mcast *brmctx)
4263{
4264 timer_delete_sync(timer: &brmctx->ip4_mc_router_timer);
4265 timer_delete_sync(timer: &brmctx->ip4_other_query.timer);
4266 timer_delete_sync(timer: &brmctx->ip4_other_query.delay_timer);
4267 timer_delete_sync(timer: &brmctx->ip4_own_query.timer);
4268#if IS_ENABLED(CONFIG_IPV6)
4269 timer_delete_sync(timer: &brmctx->ip6_mc_router_timer);
4270 timer_delete_sync(timer: &brmctx->ip6_other_query.timer);
4271 timer_delete_sync(timer: &brmctx->ip6_other_query.delay_timer);
4272 timer_delete_sync(timer: &brmctx->ip6_own_query.timer);
4273#endif
4274}
4275
4276void br_multicast_update_vlan_mcast_ctx(struct net_bridge_vlan *v, u8 state)
4277{
4278#if IS_ENABLED(CONFIG_BRIDGE_VLAN_FILTERING)
4279 struct net_bridge *br;
4280
4281 if (!br_vlan_should_use(v))
4282 return;
4283
4284 if (br_vlan_is_master(v))
4285 return;
4286
4287 br = v->port->br;
4288
4289 if (!br_opt_get(br, opt: BROPT_MCAST_VLAN_SNOOPING_ENABLED))
4290 return;
4291
4292 if (br_vlan_state_allowed(state, learn_allow: true))
4293 br_multicast_enable_port_ctx(pmctx: &v->port_mcast_ctx);
4294
4295 /* Multicast is not disabled for the vlan when it goes in
4296 * blocking state because the timers will expire and stop by
4297 * themselves without sending more queries.
4298 */
4299#endif
4300}
4301
4302void br_multicast_toggle_one_vlan(struct net_bridge_vlan *vlan, bool on)
4303{
4304 struct net_bridge *br;
4305
4306 /* it's okay to check for the flag without the multicast lock because it
4307 * can only change under RTNL -> multicast_lock, we need the latter to
4308 * sync with timers and packets
4309 */
4310 if (on == !!(vlan->priv_flags & BR_VLFLAG_MCAST_ENABLED))
4311 return;
4312
4313 if (br_vlan_is_master(v: vlan)) {
4314 br = vlan->br;
4315
4316 if (!br_vlan_is_brentry(v: vlan) ||
4317 (on &&
4318 br_multicast_ctx_vlan_global_disabled(brmctx: &vlan->br_mcast_ctx)))
4319 return;
4320
4321 spin_lock_bh(lock: &br->multicast_lock);
4322 vlan->priv_flags ^= BR_VLFLAG_MCAST_ENABLED;
4323 spin_unlock_bh(lock: &br->multicast_lock);
4324
4325 if (on)
4326 __br_multicast_open(brmctx: &vlan->br_mcast_ctx);
4327 else
4328 __br_multicast_stop(brmctx: &vlan->br_mcast_ctx);
4329 } else {
4330 struct net_bridge_mcast *brmctx;
4331
4332 brmctx = br_multicast_port_ctx_get_global(pmctx: &vlan->port_mcast_ctx);
4333 if (on && br_multicast_ctx_vlan_global_disabled(brmctx))
4334 return;
4335
4336 br = vlan->port->br;
4337 spin_lock_bh(lock: &br->multicast_lock);
4338 vlan->priv_flags ^= BR_VLFLAG_MCAST_ENABLED;
4339 if (on)
4340 __br_multicast_enable_port_ctx(pmctx: &vlan->port_mcast_ctx);
4341 else
4342 __br_multicast_disable_port_ctx(pmctx: &vlan->port_mcast_ctx);
4343 spin_unlock_bh(lock: &br->multicast_lock);
4344 }
4345}
4346
4347static void br_multicast_toggle_vlan(struct net_bridge_vlan *vlan, bool on)
4348{
4349 struct net_bridge_port *p;
4350
4351 if (WARN_ON_ONCE(!br_vlan_is_master(vlan)))
4352 return;
4353
4354 list_for_each_entry(p, &vlan->br->port_list, list) {
4355 struct net_bridge_vlan *vport;
4356
4357 vport = br_vlan_find(vg: nbp_vlan_group(p), vid: vlan->vid);
4358 if (!vport)
4359 continue;
4360 br_multicast_toggle_one_vlan(vlan: vport, on);
4361 }
4362
4363 if (br_vlan_is_brentry(v: vlan))
4364 br_multicast_toggle_one_vlan(vlan, on);
4365}
4366
4367int br_multicast_toggle_vlan_snooping(struct net_bridge *br, bool on,
4368 struct netlink_ext_ack *extack)
4369{
4370 struct net_bridge_vlan_group *vg;
4371 struct net_bridge_vlan *vlan;
4372 struct net_bridge_port *p;
4373
4374 if (br_opt_get(br, opt: BROPT_MCAST_VLAN_SNOOPING_ENABLED) == on)
4375 return 0;
4376
4377 if (on && !br_opt_get(br, opt: BROPT_VLAN_ENABLED)) {
4378 NL_SET_ERR_MSG_MOD(extack, "Cannot enable multicast vlan snooping with vlan filtering disabled");
4379 return -EINVAL;
4380 }
4381
4382 vg = br_vlan_group(br);
4383 if (!vg)
4384 return 0;
4385
4386 br_opt_toggle(br, opt: BROPT_MCAST_VLAN_SNOOPING_ENABLED, on);
4387
4388 /* disable/enable non-vlan mcast contexts based on vlan snooping */
4389 if (on)
4390 __br_multicast_stop(brmctx: &br->multicast_ctx);
4391 else
4392 __br_multicast_open(brmctx: &br->multicast_ctx);
4393 list_for_each_entry(p, &br->port_list, list) {
4394 if (on)
4395 br_multicast_disable_port_ctx(pmctx: &p->multicast_ctx);
4396 else
4397 br_multicast_enable_port_ctx(pmctx: &p->multicast_ctx);
4398 }
4399
4400 list_for_each_entry(vlan, &vg->vlan_list, vlist)
4401 br_multicast_toggle_vlan(vlan, on);
4402
4403 return 0;
4404}
4405
4406bool br_multicast_toggle_global_vlan(struct net_bridge_vlan *vlan, bool on)
4407{
4408 ASSERT_RTNL();
4409
4410 /* BR_VLFLAG_GLOBAL_MCAST_ENABLED relies on eventual consistency and
4411 * requires only RTNL to change
4412 */
4413 if (on == !!(vlan->priv_flags & BR_VLFLAG_GLOBAL_MCAST_ENABLED))
4414 return false;
4415
4416 vlan->priv_flags ^= BR_VLFLAG_GLOBAL_MCAST_ENABLED;
4417 br_multicast_toggle_vlan(vlan, on);
4418
4419 return true;
4420}
4421
4422void br_multicast_stop(struct net_bridge *br)
4423{
4424 ASSERT_RTNL();
4425
4426 if (br_opt_get(br, opt: BROPT_MCAST_VLAN_SNOOPING_ENABLED)) {
4427 struct net_bridge_vlan_group *vg;
4428 struct net_bridge_vlan *vlan;
4429
4430 vg = br_vlan_group(br);
4431 if (vg) {
4432 list_for_each_entry(vlan, &vg->vlan_list, vlist) {
4433 struct net_bridge_mcast *brmctx;
4434
4435 brmctx = &vlan->br_mcast_ctx;
4436 if (br_vlan_is_brentry(v: vlan) &&
4437 !br_multicast_ctx_vlan_disabled(brmctx))
4438 __br_multicast_stop(brmctx: &vlan->br_mcast_ctx);
4439 }
4440 }
4441 } else {
4442 __br_multicast_stop(brmctx: &br->multicast_ctx);
4443 }
4444}
4445
4446void br_multicast_dev_del(struct net_bridge *br)
4447{
4448 struct net_bridge_mdb_entry *mp;
4449 HLIST_HEAD(deleted_head);
4450 struct hlist_node *tmp;
4451
4452 spin_lock_bh(lock: &br->multicast_lock);
4453 hlist_for_each_entry_safe(mp, tmp, &br->mdb_list, mdb_node)
4454 br_multicast_del_mdb_entry(mp);
4455 hlist_move_list(old: &br->mcast_gc_list, new: &deleted_head);
4456 spin_unlock_bh(lock: &br->multicast_lock);
4457
4458 br_multicast_ctx_deinit(brmctx: &br->multicast_ctx);
4459 br_multicast_gc(head: &deleted_head);
4460 cancel_work_sync(work: &br->mcast_gc_work);
4461
4462 rcu_barrier();
4463}
4464
4465int br_multicast_set_router(struct net_bridge_mcast *brmctx, unsigned long val)
4466{
4467 int err = -EINVAL;
4468
4469 spin_lock_bh(lock: &brmctx->br->multicast_lock);
4470
4471 switch (val) {
4472 case MDB_RTR_TYPE_DISABLED:
4473 case MDB_RTR_TYPE_PERM:
4474 br_mc_router_state_change(p: brmctx->br, is_mc_router: val == MDB_RTR_TYPE_PERM);
4475 timer_delete(timer: &brmctx->ip4_mc_router_timer);
4476#if IS_ENABLED(CONFIG_IPV6)
4477 timer_delete(timer: &brmctx->ip6_mc_router_timer);
4478#endif
4479 brmctx->multicast_router = val;
4480 err = 0;
4481 break;
4482 case MDB_RTR_TYPE_TEMP_QUERY:
4483 if (brmctx->multicast_router != MDB_RTR_TYPE_TEMP_QUERY)
4484 br_mc_router_state_change(p: brmctx->br, is_mc_router: false);
4485 brmctx->multicast_router = val;
4486 err = 0;
4487 break;
4488 }
4489
4490 spin_unlock_bh(lock: &brmctx->br->multicast_lock);
4491
4492 return err;
4493}
4494
4495static void
4496br_multicast_rport_del_notify(struct net_bridge_mcast_port *pmctx, bool deleted)
4497{
4498 if (!deleted)
4499 return;
4500
4501 /* For backwards compatibility for now, only notify if there is
4502 * no multicast router anymore for both IPv4 and IPv6.
4503 */
4504 if (!hlist_unhashed(h: &pmctx->ip4_rlist))
4505 return;
4506#if IS_ENABLED(CONFIG_IPV6)
4507 if (!hlist_unhashed(h: &pmctx->ip6_rlist))
4508 return;
4509#endif
4510
4511 br_rtr_notify(dev: pmctx->port->br->dev, pmctx, RTM_DELMDB);
4512 br_port_mc_router_state_change(p: pmctx->port, is_mc_router: false);
4513
4514 /* don't allow timer refresh */
4515 if (pmctx->multicast_router == MDB_RTR_TYPE_TEMP)
4516 pmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY;
4517}
4518
4519int br_multicast_set_port_router(struct net_bridge_mcast_port *pmctx,
4520 unsigned long val)
4521{
4522 struct net_bridge_mcast *brmctx;
4523 unsigned long now = jiffies;
4524 int err = -EINVAL;
4525 bool del = false;
4526
4527 brmctx = br_multicast_port_ctx_get_global(pmctx);
4528 spin_lock_bh(lock: &brmctx->br->multicast_lock);
4529 if (pmctx->multicast_router == val) {
4530 /* Refresh the temp router port timer */
4531 if (pmctx->multicast_router == MDB_RTR_TYPE_TEMP) {
4532 mod_timer(timer: &pmctx->ip4_mc_router_timer,
4533 expires: now + brmctx->multicast_querier_interval);
4534#if IS_ENABLED(CONFIG_IPV6)
4535 mod_timer(timer: &pmctx->ip6_mc_router_timer,
4536 expires: now + brmctx->multicast_querier_interval);
4537#endif
4538 }
4539 err = 0;
4540 goto unlock;
4541 }
4542 switch (val) {
4543 case MDB_RTR_TYPE_DISABLED:
4544 pmctx->multicast_router = MDB_RTR_TYPE_DISABLED;
4545 del |= br_ip4_multicast_rport_del(pmctx);
4546 timer_delete(timer: &pmctx->ip4_mc_router_timer);
4547 del |= br_ip6_multicast_rport_del(pmctx);
4548#if IS_ENABLED(CONFIG_IPV6)
4549 timer_delete(timer: &pmctx->ip6_mc_router_timer);
4550#endif
4551 br_multicast_rport_del_notify(pmctx, deleted: del);
4552 break;
4553 case MDB_RTR_TYPE_TEMP_QUERY:
4554 pmctx->multicast_router = MDB_RTR_TYPE_TEMP_QUERY;
4555 del |= br_ip4_multicast_rport_del(pmctx);
4556 del |= br_ip6_multicast_rport_del(pmctx);
4557 br_multicast_rport_del_notify(pmctx, deleted: del);
4558 break;
4559 case MDB_RTR_TYPE_PERM:
4560 pmctx->multicast_router = MDB_RTR_TYPE_PERM;
4561 timer_delete(timer: &pmctx->ip4_mc_router_timer);
4562 br_ip4_multicast_add_router(brmctx, pmctx);
4563#if IS_ENABLED(CONFIG_IPV6)
4564 timer_delete(timer: &pmctx->ip6_mc_router_timer);
4565#endif
4566 br_ip6_multicast_add_router(brmctx, pmctx);
4567 break;
4568 case MDB_RTR_TYPE_TEMP:
4569 pmctx->multicast_router = MDB_RTR_TYPE_TEMP;
4570 br_ip4_multicast_mark_router(brmctx, pmctx);
4571 br_ip6_multicast_mark_router(brmctx, pmctx);
4572 break;
4573 default:
4574 goto unlock;
4575 }
4576 err = 0;
4577unlock:
4578 spin_unlock_bh(lock: &brmctx->br->multicast_lock);
4579
4580 return err;
4581}
4582
4583int br_multicast_set_vlan_router(struct net_bridge_vlan *v, u8 mcast_router)
4584{
4585 int err;
4586
4587 if (br_vlan_is_master(v))
4588 err = br_multicast_set_router(brmctx: &v->br_mcast_ctx, val: mcast_router);
4589 else
4590 err = br_multicast_set_port_router(pmctx: &v->port_mcast_ctx,
4591 val: mcast_router);
4592
4593 return err;
4594}
4595
4596static void br_multicast_start_querier(struct net_bridge_mcast *brmctx,
4597 struct bridge_mcast_own_query *query)
4598{
4599 struct net_bridge_port *port;
4600
4601 if (!br_multicast_ctx_matches_vlan_snooping(brmctx))
4602 return;
4603
4604 __br_multicast_open_query(br: brmctx->br, query);
4605
4606 rcu_read_lock();
4607 list_for_each_entry_rcu(port, &brmctx->br->port_list, list) {
4608 struct bridge_mcast_own_query *ip4_own_query;
4609#if IS_ENABLED(CONFIG_IPV6)
4610 struct bridge_mcast_own_query *ip6_own_query;
4611#endif
4612
4613 if (br_multicast_port_ctx_state_stopped(pmctx: &port->multicast_ctx))
4614 continue;
4615
4616 if (br_multicast_ctx_is_vlan(brmctx)) {
4617 struct net_bridge_vlan *vlan;
4618
4619 vlan = br_vlan_find(vg: nbp_vlan_group_rcu(p: port),
4620 vid: brmctx->vlan->vid);
4621 if (!vlan ||
4622 br_multicast_port_ctx_state_stopped(pmctx: &vlan->port_mcast_ctx))
4623 continue;
4624
4625 ip4_own_query = &vlan->port_mcast_ctx.ip4_own_query;
4626#if IS_ENABLED(CONFIG_IPV6)
4627 ip6_own_query = &vlan->port_mcast_ctx.ip6_own_query;
4628#endif
4629 } else {
4630 ip4_own_query = &port->multicast_ctx.ip4_own_query;
4631#if IS_ENABLED(CONFIG_IPV6)
4632 ip6_own_query = &port->multicast_ctx.ip6_own_query;
4633#endif
4634 }
4635
4636 if (query == &brmctx->ip4_own_query)
4637 br_multicast_enable(query: ip4_own_query);
4638#if IS_ENABLED(CONFIG_IPV6)
4639 else
4640 br_multicast_enable(query: ip6_own_query);
4641#endif
4642 }
4643 rcu_read_unlock();
4644}
4645
4646int br_multicast_toggle(struct net_bridge *br, unsigned long val,
4647 struct netlink_ext_ack *extack)
4648{
4649 struct net_bridge_port *port;
4650 bool change_snoopers = false;
4651 int err = 0;
4652
4653 spin_lock_bh(lock: &br->multicast_lock);
4654 if (!!br_opt_get(br, opt: BROPT_MULTICAST_ENABLED) == !!val)
4655 goto unlock;
4656
4657 err = br_mc_disabled_update(dev: br->dev, value: val, extack);
4658 if (err == -EOPNOTSUPP)
4659 err = 0;
4660 if (err)
4661 goto unlock;
4662
4663 br_opt_toggle(br, opt: BROPT_MULTICAST_ENABLED, on: !!val);
4664 if (!br_opt_get(br, opt: BROPT_MULTICAST_ENABLED)) {
4665 change_snoopers = true;
4666 goto unlock;
4667 }
4668
4669 if (!netif_running(dev: br->dev))
4670 goto unlock;
4671
4672 br_multicast_open(br);
4673 list_for_each_entry(port, &br->port_list, list)
4674 __br_multicast_enable_port_ctx(pmctx: &port->multicast_ctx);
4675
4676 change_snoopers = true;
4677
4678unlock:
4679 spin_unlock_bh(lock: &br->multicast_lock);
4680
4681 /* br_multicast_join_snoopers has the potential to cause
4682 * an MLD Report/Leave to be delivered to br_multicast_rcv,
4683 * which would in turn call br_multicast_add_group, which would
4684 * attempt to acquire multicast_lock. This function should be
4685 * called after the lock has been released to avoid deadlocks on
4686 * multicast_lock.
4687 *
4688 * br_multicast_leave_snoopers does not have the problem since
4689 * br_multicast_rcv first checks BROPT_MULTICAST_ENABLED, and
4690 * returns without calling br_multicast_ipv4/6_rcv if it's not
4691 * enabled. Moved both functions out just for symmetry.
4692 */
4693 if (change_snoopers) {
4694 if (br_opt_get(br, opt: BROPT_MULTICAST_ENABLED))
4695 br_multicast_join_snoopers(br);
4696 else
4697 br_multicast_leave_snoopers(br);
4698 }
4699
4700 return err;
4701}
4702
4703bool br_multicast_enabled(const struct net_device *dev)
4704{
4705 struct net_bridge *br = netdev_priv(dev);
4706
4707 return !!br_opt_get(br, opt: BROPT_MULTICAST_ENABLED);
4708}
4709EXPORT_SYMBOL_GPL(br_multicast_enabled);
4710
4711bool br_multicast_router(const struct net_device *dev)
4712{
4713 struct net_bridge *br = netdev_priv(dev);
4714 bool is_router;
4715
4716 spin_lock_bh(lock: &br->multicast_lock);
4717 is_router = br_multicast_is_router(brmctx: &br->multicast_ctx, NULL);
4718 spin_unlock_bh(lock: &br->multicast_lock);
4719 return is_router;
4720}
4721EXPORT_SYMBOL_GPL(br_multicast_router);
4722
4723int br_multicast_set_querier(struct net_bridge_mcast *brmctx, unsigned long val)
4724{
4725 unsigned long max_delay;
4726
4727 val = !!val;
4728
4729 spin_lock_bh(lock: &brmctx->br->multicast_lock);
4730 if (brmctx->multicast_querier == val)
4731 goto unlock;
4732
4733 WRITE_ONCE(brmctx->multicast_querier, val);
4734 if (!val)
4735 goto unlock;
4736
4737 max_delay = brmctx->multicast_query_response_interval;
4738
4739 if (!timer_pending(timer: &brmctx->ip4_other_query.timer))
4740 mod_timer(timer: &brmctx->ip4_other_query.delay_timer,
4741 expires: jiffies + max_delay);
4742
4743 br_multicast_start_querier(brmctx, query: &brmctx->ip4_own_query);
4744
4745#if IS_ENABLED(CONFIG_IPV6)
4746 if (!timer_pending(timer: &brmctx->ip6_other_query.timer))
4747 mod_timer(timer: &brmctx->ip6_other_query.delay_timer,
4748 expires: jiffies + max_delay);
4749
4750 br_multicast_start_querier(brmctx, query: &brmctx->ip6_own_query);
4751#endif
4752
4753unlock:
4754 spin_unlock_bh(lock: &brmctx->br->multicast_lock);
4755
4756 return 0;
4757}
4758
4759int br_multicast_set_igmp_version(struct net_bridge_mcast *brmctx,
4760 unsigned long val)
4761{
4762 /* Currently we support only version 2 and 3 */
4763 switch (val) {
4764 case 2:
4765 case 3:
4766 break;
4767 default:
4768 return -EINVAL;
4769 }
4770
4771 spin_lock_bh(lock: &brmctx->br->multicast_lock);
4772 brmctx->multicast_igmp_version = val;
4773 spin_unlock_bh(lock: &brmctx->br->multicast_lock);
4774
4775 return 0;
4776}
4777
4778#if IS_ENABLED(CONFIG_IPV6)
4779int br_multicast_set_mld_version(struct net_bridge_mcast *brmctx,
4780 unsigned long val)
4781{
4782 /* Currently we support version 1 and 2 */
4783 switch (val) {
4784 case 1:
4785 case 2:
4786 break;
4787 default:
4788 return -EINVAL;
4789 }
4790
4791 spin_lock_bh(lock: &brmctx->br->multicast_lock);
4792 brmctx->multicast_mld_version = val;
4793 spin_unlock_bh(lock: &brmctx->br->multicast_lock);
4794
4795 return 0;
4796}
4797#endif
4798
4799void br_multicast_set_query_intvl(struct net_bridge_mcast *brmctx,
4800 unsigned long val)
4801{
4802 unsigned long intvl_jiffies = clock_t_to_jiffies(x: val);
4803
4804 if (intvl_jiffies < BR_MULTICAST_QUERY_INTVL_MIN) {
4805 br_info(brmctx->br,
4806 "trying to set multicast query interval below minimum, setting to %lu (%ums)\n",
4807 jiffies_to_clock_t(BR_MULTICAST_QUERY_INTVL_MIN),
4808 jiffies_to_msecs(BR_MULTICAST_QUERY_INTVL_MIN));
4809 intvl_jiffies = BR_MULTICAST_QUERY_INTVL_MIN;
4810 }
4811
4812 brmctx->multicast_query_interval = intvl_jiffies;
4813}
4814
4815void br_multicast_set_startup_query_intvl(struct net_bridge_mcast *brmctx,
4816 unsigned long val)
4817{
4818 unsigned long intvl_jiffies = clock_t_to_jiffies(x: val);
4819
4820 if (intvl_jiffies < BR_MULTICAST_STARTUP_QUERY_INTVL_MIN) {
4821 br_info(brmctx->br,
4822 "trying to set multicast startup query interval below minimum, setting to %lu (%ums)\n",
4823 jiffies_to_clock_t(BR_MULTICAST_STARTUP_QUERY_INTVL_MIN),
4824 jiffies_to_msecs(BR_MULTICAST_STARTUP_QUERY_INTVL_MIN));
4825 intvl_jiffies = BR_MULTICAST_STARTUP_QUERY_INTVL_MIN;
4826 }
4827
4828 brmctx->multicast_startup_query_interval = intvl_jiffies;
4829}
4830
4831/**
4832 * br_multicast_list_adjacent - Returns snooped multicast addresses
4833 * @dev: The bridge port adjacent to which to retrieve addresses
4834 * @br_ip_list: The list to store found, snooped multicast IP addresses in
4835 *
4836 * Creates a list of IP addresses (struct br_ip_list) sensed by the multicast
4837 * snooping feature on all bridge ports of dev's bridge device, excluding
4838 * the addresses from dev itself.
4839 *
4840 * Returns the number of items added to br_ip_list.
4841 *
4842 * Notes:
4843 * - br_ip_list needs to be initialized by caller
4844 * - br_ip_list might contain duplicates in the end
4845 * (needs to be taken care of by caller)
4846 * - br_ip_list needs to be freed by caller
4847 */
4848int br_multicast_list_adjacent(struct net_device *dev,
4849 struct list_head *br_ip_list)
4850{
4851 struct net_bridge *br;
4852 struct net_bridge_port *port;
4853 struct net_bridge_port_group *group;
4854 struct br_ip_list *entry;
4855 int count = 0;
4856
4857 rcu_read_lock();
4858 if (!br_ip_list || !netif_is_bridge_port(dev))
4859 goto unlock;
4860
4861 port = br_port_get_rcu(dev);
4862 if (!port || !port->br)
4863 goto unlock;
4864
4865 br = port->br;
4866
4867 list_for_each_entry_rcu(port, &br->port_list, list) {
4868 if (!port->dev || port->dev == dev)
4869 continue;
4870
4871 hlist_for_each_entry_rcu(group, &port->mglist, mglist) {
4872 entry = kmalloc(sizeof(*entry), GFP_ATOMIC);
4873 if (!entry)
4874 goto unlock;
4875
4876 entry->addr = group->key.addr;
4877 list_add(new: &entry->list, head: br_ip_list);
4878 count++;
4879 }
4880 }
4881
4882unlock:
4883 rcu_read_unlock();
4884 return count;
4885}
4886EXPORT_SYMBOL_GPL(br_multicast_list_adjacent);
4887
4888/**
4889 * br_multicast_has_querier_anywhere - Checks for a querier on a bridge
4890 * @dev: The bridge port providing the bridge on which to check for a querier
4891 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6
4892 *
4893 * Checks whether the given interface has a bridge on top and if so returns
4894 * true if a valid querier exists anywhere on the bridged link layer.
4895 * Otherwise returns false.
4896 */
4897bool br_multicast_has_querier_anywhere(struct net_device *dev, int proto)
4898{
4899 struct net_bridge *br;
4900 struct net_bridge_port *port;
4901 struct ethhdr eth;
4902 bool ret = false;
4903
4904 rcu_read_lock();
4905 if (!netif_is_bridge_port(dev))
4906 goto unlock;
4907
4908 port = br_port_get_rcu(dev);
4909 if (!port || !port->br)
4910 goto unlock;
4911
4912 br = port->br;
4913
4914 memset(&eth, 0, sizeof(eth));
4915 eth.h_proto = htons(proto);
4916
4917 ret = br_multicast_querier_exists(brmctx: &br->multicast_ctx, eth: &eth, NULL);
4918
4919unlock:
4920 rcu_read_unlock();
4921 return ret;
4922}
4923EXPORT_SYMBOL_GPL(br_multicast_has_querier_anywhere);
4924
4925/**
4926 * br_multicast_has_querier_adjacent - Checks for a querier behind a bridge port
4927 * @dev: The bridge port adjacent to which to check for a querier
4928 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6
4929 *
4930 * Checks whether the given interface has a bridge on top and if so returns
4931 * true if a selected querier is behind one of the other ports of this
4932 * bridge. Otherwise returns false.
4933 */
4934bool br_multicast_has_querier_adjacent(struct net_device *dev, int proto)
4935{
4936 struct net_bridge_mcast *brmctx;
4937 struct net_bridge *br;
4938 struct net_bridge_port *port;
4939 bool ret = false;
4940 int port_ifidx;
4941
4942 rcu_read_lock();
4943 if (!netif_is_bridge_port(dev))
4944 goto unlock;
4945
4946 port = br_port_get_rcu(dev);
4947 if (!port || !port->br)
4948 goto unlock;
4949
4950 br = port->br;
4951 brmctx = &br->multicast_ctx;
4952
4953 switch (proto) {
4954 case ETH_P_IP:
4955 port_ifidx = brmctx->ip4_querier.port_ifidx;
4956 if (!timer_pending(timer: &brmctx->ip4_other_query.timer) ||
4957 port_ifidx == port->dev->ifindex)
4958 goto unlock;
4959 break;
4960#if IS_ENABLED(CONFIG_IPV6)
4961 case ETH_P_IPV6:
4962 port_ifidx = brmctx->ip6_querier.port_ifidx;
4963 if (!timer_pending(timer: &brmctx->ip6_other_query.timer) ||
4964 port_ifidx == port->dev->ifindex)
4965 goto unlock;
4966 break;
4967#endif
4968 default:
4969 goto unlock;
4970 }
4971
4972 ret = true;
4973unlock:
4974 rcu_read_unlock();
4975 return ret;
4976}
4977EXPORT_SYMBOL_GPL(br_multicast_has_querier_adjacent);
4978
4979/**
4980 * br_multicast_has_router_adjacent - Checks for a router behind a bridge port
4981 * @dev: The bridge port adjacent to which to check for a multicast router
4982 * @proto: The protocol family to check for: IGMP -> ETH_P_IP, MLD -> ETH_P_IPV6
4983 *
4984 * Checks whether the given interface has a bridge on top and if so returns
4985 * true if a multicast router is behind one of the other ports of this
4986 * bridge. Otherwise returns false.
4987 */
4988bool br_multicast_has_router_adjacent(struct net_device *dev, int proto)
4989{
4990 struct net_bridge_mcast_port *pmctx;
4991 struct net_bridge_mcast *brmctx;
4992 struct net_bridge_port *port;
4993 bool ret = false;
4994
4995 rcu_read_lock();
4996 port = br_port_get_check_rcu(dev);
4997 if (!port)
4998 goto unlock;
4999
5000 brmctx = &port->br->multicast_ctx;
5001 switch (proto) {
5002 case ETH_P_IP:
5003 hlist_for_each_entry_rcu(pmctx, &brmctx->ip4_mc_router_list,
5004 ip4_rlist) {
5005 if (pmctx->port == port)
5006 continue;
5007
5008 ret = true;
5009 goto unlock;
5010 }
5011 break;
5012#if IS_ENABLED(CONFIG_IPV6)
5013 case ETH_P_IPV6:
5014 hlist_for_each_entry_rcu(pmctx, &brmctx->ip6_mc_router_list,
5015 ip6_rlist) {
5016 if (pmctx->port == port)
5017 continue;
5018
5019 ret = true;
5020 goto unlock;
5021 }
5022 break;
5023#endif
5024 default:
5025 /* when compiled without IPv6 support, be conservative and
5026 * always assume presence of an IPv6 multicast router
5027 */
5028 ret = true;
5029 }
5030
5031unlock:
5032 rcu_read_unlock();
5033 return ret;
5034}
5035EXPORT_SYMBOL_GPL(br_multicast_has_router_adjacent);
5036
5037static void br_mcast_stats_add(struct bridge_mcast_stats __percpu *stats,
5038 const struct sk_buff *skb, u8 type, u8 dir)
5039{
5040 struct bridge_mcast_stats *pstats = this_cpu_ptr(stats);
5041 __be16 proto = skb->protocol;
5042 unsigned int t_len;
5043
5044 u64_stats_update_begin(syncp: &pstats->syncp);
5045 switch (proto) {
5046 case htons(ETH_P_IP):
5047 t_len = ntohs(ip_hdr(skb)->tot_len) - ip_hdrlen(skb);
5048 switch (type) {
5049 case IGMP_HOST_MEMBERSHIP_REPORT:
5050 pstats->mstats.igmp_v1reports[dir]++;
5051 break;
5052 case IGMPV2_HOST_MEMBERSHIP_REPORT:
5053 pstats->mstats.igmp_v2reports[dir]++;
5054 break;
5055 case IGMPV3_HOST_MEMBERSHIP_REPORT:
5056 pstats->mstats.igmp_v3reports[dir]++;
5057 break;
5058 case IGMP_HOST_MEMBERSHIP_QUERY:
5059 if (t_len != sizeof(struct igmphdr)) {
5060 pstats->mstats.igmp_v3queries[dir]++;
5061 } else {
5062 unsigned int offset = skb_transport_offset(skb);
5063 struct igmphdr *ih, _ihdr;
5064
5065 ih = skb_header_pointer(skb, offset,
5066 len: sizeof(_ihdr), buffer: &_ihdr);
5067 if (!ih)
5068 break;
5069 if (!ih->code)
5070 pstats->mstats.igmp_v1queries[dir]++;
5071 else
5072 pstats->mstats.igmp_v2queries[dir]++;
5073 }
5074 break;
5075 case IGMP_HOST_LEAVE_MESSAGE:
5076 pstats->mstats.igmp_leaves[dir]++;
5077 break;
5078 }
5079 break;
5080#if IS_ENABLED(CONFIG_IPV6)
5081 case htons(ETH_P_IPV6):
5082 t_len = ntohs(ipv6_hdr(skb)->payload_len) +
5083 sizeof(struct ipv6hdr);
5084 t_len -= skb_network_header_len(skb);
5085 switch (type) {
5086 case ICMPV6_MGM_REPORT:
5087 pstats->mstats.mld_v1reports[dir]++;
5088 break;
5089 case ICMPV6_MLD2_REPORT:
5090 pstats->mstats.mld_v2reports[dir]++;
5091 break;
5092 case ICMPV6_MGM_QUERY:
5093 if (t_len != sizeof(struct mld_msg))
5094 pstats->mstats.mld_v2queries[dir]++;
5095 else
5096 pstats->mstats.mld_v1queries[dir]++;
5097 break;
5098 case ICMPV6_MGM_REDUCTION:
5099 pstats->mstats.mld_leaves[dir]++;
5100 break;
5101 }
5102 break;
5103#endif /* CONFIG_IPV6 */
5104 }
5105 u64_stats_update_end(syncp: &pstats->syncp);
5106}
5107
5108void br_multicast_count(struct net_bridge *br,
5109 const struct net_bridge_port *p,
5110 const struct sk_buff *skb, u8 type, u8 dir)
5111{
5112 struct bridge_mcast_stats __percpu *stats;
5113
5114 /* if multicast_disabled is true then igmp type can't be set */
5115 if (!type || !br_opt_get(br, opt: BROPT_MULTICAST_STATS_ENABLED))
5116 return;
5117
5118 if (p)
5119 stats = p->mcast_stats;
5120 else
5121 stats = br->mcast_stats;
5122 if (WARN_ON(!stats))
5123 return;
5124
5125 br_mcast_stats_add(stats, skb, type, dir);
5126}
5127
5128int br_multicast_init_stats(struct net_bridge *br)
5129{
5130 br->mcast_stats = netdev_alloc_pcpu_stats(struct bridge_mcast_stats);
5131 if (!br->mcast_stats)
5132 return -ENOMEM;
5133
5134 return 0;
5135}
5136
5137void br_multicast_uninit_stats(struct net_bridge *br)
5138{
5139 free_percpu(pdata: br->mcast_stats);
5140}
5141
5142/* noinline for https://llvm.org/pr45802#c9 */
5143static noinline_for_stack void mcast_stats_add_dir(u64 *dst, u64 *src)
5144{
5145 dst[BR_MCAST_DIR_RX] += src[BR_MCAST_DIR_RX];
5146 dst[BR_MCAST_DIR_TX] += src[BR_MCAST_DIR_TX];
5147}
5148
5149void br_multicast_get_stats(const struct net_bridge *br,
5150 const struct net_bridge_port *p,
5151 struct br_mcast_stats *dest)
5152{
5153 struct bridge_mcast_stats __percpu *stats;
5154 struct br_mcast_stats tdst;
5155 int i;
5156
5157 memset(dest, 0, sizeof(*dest));
5158 if (p)
5159 stats = p->mcast_stats;
5160 else
5161 stats = br->mcast_stats;
5162 if (WARN_ON(!stats))
5163 return;
5164
5165 memset(&tdst, 0, sizeof(tdst));
5166 for_each_possible_cpu(i) {
5167 struct bridge_mcast_stats *cpu_stats = per_cpu_ptr(stats, i);
5168 struct br_mcast_stats temp;
5169 unsigned int start;
5170
5171 do {
5172 start = u64_stats_fetch_begin(syncp: &cpu_stats->syncp);
5173 memcpy(&temp, &cpu_stats->mstats, sizeof(temp));
5174 } while (u64_stats_fetch_retry(syncp: &cpu_stats->syncp, start));
5175
5176 mcast_stats_add_dir(dst: tdst.igmp_v1queries, src: temp.igmp_v1queries);
5177 mcast_stats_add_dir(dst: tdst.igmp_v2queries, src: temp.igmp_v2queries);
5178 mcast_stats_add_dir(dst: tdst.igmp_v3queries, src: temp.igmp_v3queries);
5179 mcast_stats_add_dir(dst: tdst.igmp_leaves, src: temp.igmp_leaves);
5180 mcast_stats_add_dir(dst: tdst.igmp_v1reports, src: temp.igmp_v1reports);
5181 mcast_stats_add_dir(dst: tdst.igmp_v2reports, src: temp.igmp_v2reports);
5182 mcast_stats_add_dir(dst: tdst.igmp_v3reports, src: temp.igmp_v3reports);
5183 tdst.igmp_parse_errors += temp.igmp_parse_errors;
5184
5185 mcast_stats_add_dir(dst: tdst.mld_v1queries, src: temp.mld_v1queries);
5186 mcast_stats_add_dir(dst: tdst.mld_v2queries, src: temp.mld_v2queries);
5187 mcast_stats_add_dir(dst: tdst.mld_leaves, src: temp.mld_leaves);
5188 mcast_stats_add_dir(dst: tdst.mld_v1reports, src: temp.mld_v1reports);
5189 mcast_stats_add_dir(dst: tdst.mld_v2reports, src: temp.mld_v2reports);
5190 tdst.mld_parse_errors += temp.mld_parse_errors;
5191 }
5192 memcpy(dest, &tdst, sizeof(*dest));
5193}
5194
5195int br_mdb_hash_init(struct net_bridge *br)
5196{
5197 int err;
5198
5199 err = rhashtable_init(&br->sg_port_tbl, &br_sg_port_rht_params);
5200 if (err)
5201 return err;
5202
5203 err = rhashtable_init(&br->mdb_hash_tbl, &br_mdb_rht_params);
5204 if (err) {
5205 rhashtable_destroy(ht: &br->sg_port_tbl);
5206 return err;
5207 }
5208
5209 return 0;
5210}
5211
5212void br_mdb_hash_fini(struct net_bridge *br)
5213{
5214 rhashtable_destroy(ht: &br->sg_port_tbl);
5215 rhashtable_destroy(ht: &br->mdb_hash_tbl);
5216}
5217

Provided by KDAB

Privacy Policy
Improve your Profiling and Debugging skills
Find out more

source code of linux/net/bridge/br_multicast.c