1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 2007-2009 Bruce Simpson.
5 * Copyright (c) 2005 Robert N. M. Watson.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote
17 * products derived from this software without specific prior written
18 * permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 /*
34 * IPv4 multicast socket, group, and socket option processing module.
35 */
36
37 #include <sys/cdefs.h>
38 #include <sys/param.h>
39 #include <sys/systm.h>
40 #include <sys/kernel.h>
41 #include <sys/lock.h>
42 #include <sys/malloc.h>
43 #include <sys/mbuf.h>
44 #include <sys/protosw.h>
45 #include <sys/rmlock.h>
46 #include <sys/socket.h>
47 #include <sys/socketvar.h>
48 #include <sys/protosw.h>
49 #include <sys/sysctl.h>
50 #include <sys/ktr.h>
51 #include <sys/taskqueue.h>
52 #include <sys/tree.h>
53
54 #include <net/if.h>
55 #include <net/if_var.h>
56 #include <net/if_dl.h>
57 #include <net/route.h>
58 #include <net/route/nhop.h>
59 #include <net/vnet.h>
60
61 #include <net/ethernet.h>
62
63 #include <netinet/in.h>
64 #include <netinet/in_systm.h>
65 #include <netinet/in_fib.h>
66 #include <netinet/in_pcb.h>
67 #include <netinet/in_var.h>
68 #include <netinet/ip_var.h>
69 #include <netinet/igmp_var.h>
70
71 #ifndef KTR_IGMPV3
72 #define KTR_IGMPV3 KTR_INET
73 #endif
74
75 #ifndef __SOCKUNION_DECLARED
76 union sockunion {
77 struct sockaddr_storage ss;
78 struct sockaddr sa;
79 struct sockaddr_dl sdl;
80 struct sockaddr_in sin;
81 };
82 typedef union sockunion sockunion_t;
83 #define __SOCKUNION_DECLARED
84 #endif /* __SOCKUNION_DECLARED */
85
86 static MALLOC_DEFINE(M_INMFILTER, "in_mfilter",
87 "IPv4 multicast PCB-layer source filter");
88 static MALLOC_DEFINE(M_IPMADDR, "in_multi", "IPv4 multicast group");
89 static MALLOC_DEFINE(M_IPMOPTS, "ip_moptions", "IPv4 multicast options");
90 static MALLOC_DEFINE(M_IPMSOURCE, "ip_msource",
91 "IPv4 multicast IGMP-layer source filter");
92
93 /*
94 * Locking:
95 *
96 * - Lock order is: Giant, IN_MULTI_LOCK, INP_WLOCK,
97 * IN_MULTI_LIST_LOCK, IGMP_LOCK, IF_ADDR_LOCK.
98 * - The IF_ADDR_LOCK is implicitly taken by inm_lookup() earlier, however
99 * it can be taken by code in net/if.c also.
100 * - ip_moptions and in_mfilter are covered by the INP_WLOCK.
101 *
102 * struct in_multi is covered by IN_MULTI_LIST_LOCK. There isn't strictly
103 * any need for in_multi itself to be virtualized -- it is bound to an ifp
104 * anyway no matter what happens.
105 */
106 struct mtx in_multi_list_mtx;
107 MTX_SYSINIT(in_multi_mtx, &in_multi_list_mtx, "in_multi_list_mtx", MTX_DEF);
108
109 struct mtx in_multi_free_mtx;
110 MTX_SYSINIT(in_multi_free_mtx, &in_multi_free_mtx, "in_multi_free_mtx", MTX_DEF);
111
112 struct sx in_multi_sx;
113 SX_SYSINIT(in_multi_sx, &in_multi_sx, "in_multi_sx");
114
115 /*
116 * Functions with non-static linkage defined in this file should be
117 * declared in in_var.h:
118 * imo_multi_filter()
119 * in_addmulti()
120 * in_delmulti()
121 * in_joingroup()
122 * in_joingroup_locked()
123 * in_leavegroup()
124 * in_leavegroup_locked()
125 * and ip_var.h:
126 * inp_freemoptions()
127 * inp_getmoptions()
128 * inp_setmoptions()
129 *
130 * XXX: Both carp and pf need to use the legacy (*,G) KPIs in_addmulti()
131 * and in_delmulti().
132 */
133 static void imf_commit(struct in_mfilter *);
134 static int imf_get_source(struct in_mfilter *imf,
135 const struct sockaddr_in *psin,
136 struct in_msource **);
137 static struct in_msource *
138 imf_graft(struct in_mfilter *, const uint8_t,
139 const struct sockaddr_in *);
140 static void imf_leave(struct in_mfilter *);
141 static int imf_prune(struct in_mfilter *, const struct sockaddr_in *);
142 static void imf_purge(struct in_mfilter *);
143 static void imf_rollback(struct in_mfilter *);
144 static void imf_reap(struct in_mfilter *);
145 static struct in_mfilter *
146 imo_match_group(const struct ip_moptions *,
147 const struct ifnet *, const struct sockaddr *);
148 static struct in_msource *
149 imo_match_source(struct in_mfilter *, const struct sockaddr *);
150 static void ims_merge(struct ip_msource *ims,
151 const struct in_msource *lims, const int rollback);
152 static int in_getmulti(struct ifnet *, const struct in_addr *,
153 struct in_multi **);
154 static int inm_get_source(struct in_multi *inm, const in_addr_t haddr,
155 const int noalloc, struct ip_msource **pims);
156 #ifdef KTR
157 static int inm_is_ifp_detached(const struct in_multi *);
158 #endif
159 static int inm_merge(struct in_multi *, /*const*/ struct in_mfilter *);
160 static void inm_purge(struct in_multi *);
161 static void inm_reap(struct in_multi *);
162 static void inm_release(struct in_multi *);
163 static struct ip_moptions *
164 inp_findmoptions(struct inpcb *);
165 static int inp_get_source_filters(struct inpcb *, struct sockopt *);
166 static int inp_join_group(struct inpcb *, struct sockopt *);
167 static int inp_leave_group(struct inpcb *, struct sockopt *);
168 static struct ifnet *
169 inp_lookup_mcast_ifp(const struct inpcb *,
170 const struct sockaddr_in *, const struct in_addr);
171 static int inp_block_unblock_source(struct inpcb *, struct sockopt *);
172 static int inp_set_multicast_if(struct inpcb *, struct sockopt *);
173 static int inp_set_source_filters(struct inpcb *, struct sockopt *);
174 static int sysctl_ip_mcast_filters(SYSCTL_HANDLER_ARGS);
175
176 static SYSCTL_NODE(_net_inet_ip, OID_AUTO, mcast,
177 CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
178 "IPv4 multicast");
179
180 static u_long in_mcast_maxgrpsrc = IP_MAX_GROUP_SRC_FILTER;
181 SYSCTL_ULONG(_net_inet_ip_mcast, OID_AUTO, maxgrpsrc,
182 CTLFLAG_RWTUN, &in_mcast_maxgrpsrc, 0,
183 "Max source filters per group");
184
185 static u_long in_mcast_maxsocksrc = IP_MAX_SOCK_SRC_FILTER;
186 SYSCTL_ULONG(_net_inet_ip_mcast, OID_AUTO, maxsocksrc,
187 CTLFLAG_RWTUN, &in_mcast_maxsocksrc, 0,
188 "Max source filters per socket");
189
190 int in_mcast_loop = IP_DEFAULT_MULTICAST_LOOP;
191 SYSCTL_INT(_net_inet_ip_mcast, OID_AUTO, loop, CTLFLAG_RWTUN,
192 &in_mcast_loop, 0, "Loopback multicast datagrams by default");
193
194 static SYSCTL_NODE(_net_inet_ip_mcast, OID_AUTO, filters,
195 CTLFLAG_RD | CTLFLAG_MPSAFE, sysctl_ip_mcast_filters,
196 "Per-interface stack-wide source filters");
197
198 #ifdef KTR
199 /*
200 * Inline function which wraps assertions for a valid ifp.
201 * The ifnet layer will set the ifma's ifp pointer to NULL if the ifp
202 * is detached.
203 */
204 static int __inline
inm_is_ifp_detached(const struct in_multi * inm)205 inm_is_ifp_detached(const struct in_multi *inm)
206 {
207 struct ifnet *ifp;
208
209 KASSERT(inm->inm_ifma != NULL, ("%s: no ifma", __func__));
210 ifp = inm->inm_ifma->ifma_ifp;
211 if (ifp != NULL) {
212 /*
213 * Sanity check that netinet's notion of ifp is the
214 * same as net's.
215 */
216 KASSERT(inm->inm_ifp == ifp, ("%s: bad ifp", __func__));
217 }
218
219 return (ifp == NULL);
220 }
221 #endif
222
223 /*
224 * Interface detach can happen in a taskqueue thread context, so we must use a
225 * dedicated thread to avoid deadlocks when draining inm_release tasks.
226 */
227 TASKQUEUE_DEFINE_THREAD(inm_free);
228 static struct in_multi_head inm_free_list = SLIST_HEAD_INITIALIZER();
229 static void inm_release_task(void *arg __unused, int pending __unused);
230 static struct task inm_free_task = TASK_INITIALIZER(0, inm_release_task, NULL);
231
232 void
inm_release_wait(void * arg __unused)233 inm_release_wait(void *arg __unused)
234 {
235
236 /*
237 * Make sure all pending multicast addresses are freed before
238 * the VNET or network device is destroyed:
239 */
240 taskqueue_drain(taskqueue_inm_free, &inm_free_task);
241 }
242 #ifdef VIMAGE
243 /* XXX-BZ FIXME, see D24914. */
244 VNET_SYSUNINIT(inm_release_wait, SI_SUB_PROTO_DOMAIN, SI_ORDER_FIRST, inm_release_wait, NULL);
245 #endif
246
247 void
inm_release_list_deferred(struct in_multi_head * inmh)248 inm_release_list_deferred(struct in_multi_head *inmh)
249 {
250
251 if (SLIST_EMPTY(inmh))
252 return;
253 mtx_lock(&in_multi_free_mtx);
254 SLIST_CONCAT(&inm_free_list, inmh, in_multi, inm_nrele);
255 mtx_unlock(&in_multi_free_mtx);
256 taskqueue_enqueue(taskqueue_inm_free, &inm_free_task);
257 }
258
259 void
inm_disconnect(struct in_multi * inm)260 inm_disconnect(struct in_multi *inm)
261 {
262 struct ifnet *ifp;
263 struct ifmultiaddr *ifma, *ll_ifma;
264
265 ifp = inm->inm_ifp;
266 IF_ADDR_WLOCK_ASSERT(ifp);
267 ifma = inm->inm_ifma;
268
269 if_ref(ifp);
270 if (ifma->ifma_flags & IFMA_F_ENQUEUED) {
271 CK_STAILQ_REMOVE(&ifp->if_multiaddrs, ifma, ifmultiaddr, ifma_link);
272 ifma->ifma_flags &= ~IFMA_F_ENQUEUED;
273 }
274 MCDPRINTF("removed ifma: %p from %s\n", ifma, ifp->if_xname);
275 if ((ll_ifma = ifma->ifma_llifma) != NULL) {
276 MPASS(ifma != ll_ifma);
277 ifma->ifma_llifma = NULL;
278 MPASS(ll_ifma->ifma_llifma == NULL);
279 MPASS(ll_ifma->ifma_ifp == ifp);
280 if (--ll_ifma->ifma_refcount == 0) {
281 if (ll_ifma->ifma_flags & IFMA_F_ENQUEUED) {
282 CK_STAILQ_REMOVE(&ifp->if_multiaddrs, ll_ifma, ifmultiaddr, ifma_link);
283 ll_ifma->ifma_flags &= ~IFMA_F_ENQUEUED;
284 }
285 MCDPRINTF("removed ll_ifma: %p from %s\n", ll_ifma, ifp->if_xname);
286 if_freemulti(ll_ifma);
287 }
288 }
289 }
290
291 void
inm_release_deferred(struct in_multi * inm)292 inm_release_deferred(struct in_multi *inm)
293 {
294 struct in_multi_head tmp;
295
296 IN_MULTI_LIST_LOCK_ASSERT();
297 MPASS(inm->inm_refcount > 0);
298 if (--inm->inm_refcount == 0) {
299 SLIST_INIT(&tmp);
300 inm_disconnect(inm);
301 inm->inm_ifma->ifma_protospec = NULL;
302 SLIST_INSERT_HEAD(&tmp, inm, inm_nrele);
303 inm_release_list_deferred(&tmp);
304 }
305 }
306
307 static void
inm_release_task(void * arg __unused,int pending __unused)308 inm_release_task(void *arg __unused, int pending __unused)
309 {
310 struct in_multi_head inm_free_tmp;
311 struct in_multi *inm, *tinm;
312
313 SLIST_INIT(&inm_free_tmp);
314 mtx_lock(&in_multi_free_mtx);
315 SLIST_CONCAT(&inm_free_tmp, &inm_free_list, in_multi, inm_nrele);
316 mtx_unlock(&in_multi_free_mtx);
317 IN_MULTI_LOCK();
318 SLIST_FOREACH_SAFE(inm, &inm_free_tmp, inm_nrele, tinm) {
319 SLIST_REMOVE_HEAD(&inm_free_tmp, inm_nrele);
320 MPASS(inm);
321 inm_release(inm);
322 }
323 IN_MULTI_UNLOCK();
324 }
325
326 /*
327 * Initialize an in_mfilter structure to a known state at t0, t1
328 * with an empty source filter list.
329 */
330 static __inline void
imf_init(struct in_mfilter * imf,const int st0,const int st1)331 imf_init(struct in_mfilter *imf, const int st0, const int st1)
332 {
333 memset(imf, 0, sizeof(struct in_mfilter));
334 RB_INIT(&imf->imf_sources);
335 imf->imf_st[0] = st0;
336 imf->imf_st[1] = st1;
337 }
338
339 struct in_mfilter *
ip_mfilter_alloc(const int mflags,const int st0,const int st1)340 ip_mfilter_alloc(const int mflags, const int st0, const int st1)
341 {
342 struct in_mfilter *imf;
343
344 imf = malloc(sizeof(*imf), M_INMFILTER, mflags);
345 if (imf != NULL)
346 imf_init(imf, st0, st1);
347
348 return (imf);
349 }
350
351 void
ip_mfilter_free(struct in_mfilter * imf)352 ip_mfilter_free(struct in_mfilter *imf)
353 {
354
355 imf_purge(imf);
356 free(imf, M_INMFILTER);
357 }
358
359 /*
360 * Function for looking up an in_multi record for an IPv4 multicast address
361 * on a given interface. ifp must be valid. If no record found, return NULL.
362 * The IN_MULTI_LIST_LOCK and IF_ADDR_LOCK on ifp must be held.
363 */
364 struct in_multi *
inm_lookup_locked(struct ifnet * ifp,const struct in_addr ina)365 inm_lookup_locked(struct ifnet *ifp, const struct in_addr ina)
366 {
367 struct ifmultiaddr *ifma;
368 struct in_multi *inm;
369
370 IN_MULTI_LIST_LOCK_ASSERT();
371 IF_ADDR_LOCK_ASSERT(ifp);
372
373 CK_STAILQ_FOREACH(ifma, &((ifp)->if_multiaddrs), ifma_link) {
374 inm = inm_ifmultiaddr_get_inm(ifma);
375 if (inm == NULL)
376 continue;
377 if (inm->inm_addr.s_addr == ina.s_addr)
378 return (inm);
379 }
380 return (NULL);
381 }
382
383 /*
384 * Wrapper for inm_lookup_locked().
385 * The IF_ADDR_LOCK will be taken on ifp and released on return.
386 */
387 struct in_multi *
inm_lookup(struct ifnet * ifp,const struct in_addr ina)388 inm_lookup(struct ifnet *ifp, const struct in_addr ina)
389 {
390 struct epoch_tracker et;
391 struct in_multi *inm;
392
393 IN_MULTI_LIST_LOCK_ASSERT();
394 NET_EPOCH_ENTER(et);
395
396 inm = inm_lookup_locked(ifp, ina);
397 NET_EPOCH_EXIT(et);
398
399 return (inm);
400 }
401
402 /*
403 * Find an IPv4 multicast group entry for this ip_moptions instance
404 * which matches the specified group, and optionally an interface.
405 * Return its index into the array, or -1 if not found.
406 */
407 static struct in_mfilter *
imo_match_group(const struct ip_moptions * imo,const struct ifnet * ifp,const struct sockaddr * group)408 imo_match_group(const struct ip_moptions *imo, const struct ifnet *ifp,
409 const struct sockaddr *group)
410 {
411 const struct sockaddr_in *gsin;
412 struct in_mfilter *imf;
413 struct in_multi *inm;
414
415 gsin = (const struct sockaddr_in *)group;
416
417 IP_MFILTER_FOREACH(imf, &imo->imo_head) {
418 inm = imf->imf_inm;
419 if (inm == NULL)
420 continue;
421 if ((ifp == NULL || (inm->inm_ifp == ifp)) &&
422 in_hosteq(inm->inm_addr, gsin->sin_addr)) {
423 break;
424 }
425 }
426 return (imf);
427 }
428
429 /*
430 * Find an IPv4 multicast source entry for this imo which matches
431 * the given group index for this socket, and source address.
432 *
433 * NOTE: This does not check if the entry is in-mode, merely if
434 * it exists, which may not be the desired behaviour.
435 */
436 static struct in_msource *
imo_match_source(struct in_mfilter * imf,const struct sockaddr * src)437 imo_match_source(struct in_mfilter *imf, const struct sockaddr *src)
438 {
439 struct ip_msource find;
440 struct ip_msource *ims;
441 const sockunion_t *psa;
442
443 KASSERT(src->sa_family == AF_INET, ("%s: !AF_INET", __func__));
444
445 /* Source trees are keyed in host byte order. */
446 psa = (const sockunion_t *)src;
447 find.ims_haddr = ntohl(psa->sin.sin_addr.s_addr);
448 ims = RB_FIND(ip_msource_tree, &imf->imf_sources, &find);
449
450 return ((struct in_msource *)ims);
451 }
452
453 /*
454 * Perform filtering for multicast datagrams on a socket by group and source.
455 *
456 * Returns 0 if a datagram should be allowed through, or various error codes
457 * if the socket was not a member of the group, or the source was muted, etc.
458 */
459 int
imo_multi_filter(const struct ip_moptions * imo,const struct ifnet * ifp,const struct sockaddr * group,const struct sockaddr * src)460 imo_multi_filter(const struct ip_moptions *imo, const struct ifnet *ifp,
461 const struct sockaddr *group, const struct sockaddr *src)
462 {
463 struct in_mfilter *imf;
464 struct in_msource *ims;
465 int mode;
466
467 KASSERT(ifp != NULL, ("%s: null ifp", __func__));
468
469 imf = imo_match_group(imo, ifp, group);
470 if (imf == NULL)
471 return (MCAST_NOTGMEMBER);
472
473 /*
474 * Check if the source was included in an (S,G) join.
475 * Allow reception on exclusive memberships by default,
476 * reject reception on inclusive memberships by default.
477 * Exclude source only if an in-mode exclude filter exists.
478 * Include source only if an in-mode include filter exists.
479 * NOTE: We are comparing group state here at IGMP t1 (now)
480 * with socket-layer t0 (since last downcall).
481 */
482 mode = imf->imf_st[1];
483 ims = imo_match_source(imf, src);
484
485 if ((ims == NULL && mode == MCAST_INCLUDE) ||
486 (ims != NULL && ims->imsl_st[0] != mode))
487 return (MCAST_NOTSMEMBER);
488
489 return (MCAST_PASS);
490 }
491
492 /*
493 * Find and return a reference to an in_multi record for (ifp, group),
494 * and bump its reference count.
495 * If one does not exist, try to allocate it, and update link-layer multicast
496 * filters on ifp to listen for group.
497 * Assumes the IN_MULTI lock is held across the call.
498 * Return 0 if successful, otherwise return an appropriate error code.
499 */
500 static int
in_getmulti(struct ifnet * ifp,const struct in_addr * group,struct in_multi ** pinm)501 in_getmulti(struct ifnet *ifp, const struct in_addr *group,
502 struct in_multi **pinm)
503 {
504 struct sockaddr_in gsin;
505 struct ifmultiaddr *ifma;
506 struct in_ifinfo *ii;
507 struct in_multi *inm;
508 int error;
509
510 IN_MULTI_LOCK_ASSERT();
511
512 ii = (struct in_ifinfo *)ifp->if_afdata[AF_INET];
513 IN_MULTI_LIST_LOCK();
514 inm = inm_lookup(ifp, *group);
515 if (inm != NULL) {
516 /*
517 * If we already joined this group, just bump the
518 * refcount and return it.
519 */
520 KASSERT(inm->inm_refcount >= 1,
521 ("%s: bad refcount %d", __func__, inm->inm_refcount));
522 inm_acquire_locked(inm);
523 *pinm = inm;
524 }
525 IN_MULTI_LIST_UNLOCK();
526 if (inm != NULL)
527 return (0);
528
529 memset(&gsin, 0, sizeof(gsin));
530 gsin.sin_family = AF_INET;
531 gsin.sin_len = sizeof(struct sockaddr_in);
532 gsin.sin_addr = *group;
533
534 /*
535 * Check if a link-layer group is already associated
536 * with this network-layer group on the given ifnet.
537 */
538 error = if_addmulti(ifp, (struct sockaddr *)&gsin, &ifma);
539 if (error != 0)
540 return (error);
541
542 /* XXX ifma_protospec must be covered by IF_ADDR_LOCK */
543 IN_MULTI_LIST_LOCK();
544 IF_ADDR_WLOCK(ifp);
545
546 /*
547 * If something other than netinet is occupying the link-layer
548 * group, print a meaningful error message and back out of
549 * the allocation.
550 * Otherwise, bump the refcount on the existing network-layer
551 * group association and return it.
552 */
553 if (ifma->ifma_protospec != NULL) {
554 inm = (struct in_multi *)ifma->ifma_protospec;
555 #ifdef INVARIANTS
556 KASSERT(ifma->ifma_addr != NULL, ("%s: no ifma_addr",
557 __func__));
558 KASSERT(ifma->ifma_addr->sa_family == AF_INET,
559 ("%s: ifma not AF_INET", __func__));
560 KASSERT(inm != NULL, ("%s: no ifma_protospec", __func__));
561 if (inm->inm_ifma != ifma || inm->inm_ifp != ifp ||
562 !in_hosteq(inm->inm_addr, *group)) {
563 char addrbuf[INET_ADDRSTRLEN];
564
565 panic("%s: ifma %p is inconsistent with %p (%s)",
566 __func__, ifma, inm, inet_ntoa_r(*group, addrbuf));
567 }
568 #endif
569 inm_acquire_locked(inm);
570 *pinm = inm;
571 goto out_locked;
572 }
573
574 IF_ADDR_WLOCK_ASSERT(ifp);
575
576 /*
577 * A new in_multi record is needed; allocate and initialize it.
578 * We DO NOT perform an IGMP join as the in_ layer may need to
579 * push an initial source list down to IGMP to support SSM.
580 *
581 * The initial source filter state is INCLUDE, {} as per the RFC.
582 */
583 inm = malloc(sizeof(*inm), M_IPMADDR, M_NOWAIT | M_ZERO);
584 if (inm == NULL) {
585 IF_ADDR_WUNLOCK(ifp);
586 IN_MULTI_LIST_UNLOCK();
587 if_delmulti_ifma(ifma);
588 return (ENOMEM);
589 }
590 inm->inm_addr = *group;
591 inm->inm_ifp = ifp;
592 inm->inm_igi = ii->ii_igmp;
593 inm->inm_ifma = ifma;
594 inm->inm_refcount = 1;
595 inm->inm_state = IGMP_NOT_MEMBER;
596 mbufq_init(&inm->inm_scq, IGMP_MAX_STATE_CHANGES);
597 inm->inm_st[0].iss_fmode = MCAST_UNDEFINED;
598 inm->inm_st[1].iss_fmode = MCAST_UNDEFINED;
599 RB_INIT(&inm->inm_srcs);
600
601 ifma->ifma_protospec = inm;
602
603 *pinm = inm;
604 out_locked:
605 IF_ADDR_WUNLOCK(ifp);
606 IN_MULTI_LIST_UNLOCK();
607 return (0);
608 }
609
610 /*
611 * Drop a reference to an in_multi record.
612 *
613 * If the refcount drops to 0, free the in_multi record and
614 * delete the underlying link-layer membership.
615 */
616 static void
inm_release(struct in_multi * inm)617 inm_release(struct in_multi *inm)
618 {
619 struct ifmultiaddr *ifma;
620 struct ifnet *ifp;
621
622 CTR2(KTR_IGMPV3, "%s: refcount is %d", __func__, inm->inm_refcount);
623 MPASS(inm->inm_refcount == 0);
624 CTR2(KTR_IGMPV3, "%s: freeing inm %p", __func__, inm);
625
626 ifma = inm->inm_ifma;
627 ifp = inm->inm_ifp;
628
629 /* XXX this access is not covered by IF_ADDR_LOCK */
630 CTR2(KTR_IGMPV3, "%s: purging ifma %p", __func__, ifma);
631 if (ifp != NULL) {
632 CURVNET_SET(ifp->if_vnet);
633 inm_purge(inm);
634 free(inm, M_IPMADDR);
635 if_delmulti_ifma_flags(ifma, 1);
636 CURVNET_RESTORE();
637 if_rele(ifp);
638 } else {
639 inm_purge(inm);
640 free(inm, M_IPMADDR);
641 if_delmulti_ifma_flags(ifma, 1);
642 }
643 }
644
645 /*
646 * Clear recorded source entries for a group.
647 * Used by the IGMP code. Caller must hold the IN_MULTI lock.
648 * FIXME: Should reap.
649 */
650 void
inm_clear_recorded(struct in_multi * inm)651 inm_clear_recorded(struct in_multi *inm)
652 {
653 struct ip_msource *ims;
654
655 IN_MULTI_LIST_LOCK_ASSERT();
656
657 RB_FOREACH(ims, ip_msource_tree, &inm->inm_srcs) {
658 if (ims->ims_stp) {
659 ims->ims_stp = 0;
660 --inm->inm_st[1].iss_rec;
661 }
662 }
663 KASSERT(inm->inm_st[1].iss_rec == 0,
664 ("%s: iss_rec %d not 0", __func__, inm->inm_st[1].iss_rec));
665 }
666
667 /*
668 * Record a source as pending for a Source-Group IGMPv3 query.
669 * This lives here as it modifies the shared tree.
670 *
671 * inm is the group descriptor.
672 * naddr is the address of the source to record in network-byte order.
673 *
674 * If the net.inet.igmp.sgalloc sysctl is non-zero, we will
675 * lazy-allocate a source node in response to an SG query.
676 * Otherwise, no allocation is performed. This saves some memory
677 * with the trade-off that the source will not be reported to the
678 * router if joined in the window between the query response and
679 * the group actually being joined on the local host.
680 *
681 * VIMAGE: XXX: Currently the igmp_sgalloc feature has been removed.
682 * This turns off the allocation of a recorded source entry if
683 * the group has not been joined.
684 *
685 * Return 0 if the source didn't exist or was already marked as recorded.
686 * Return 1 if the source was marked as recorded by this function.
687 * Return <0 if any error occurred (negated errno code).
688 */
689 int
inm_record_source(struct in_multi * inm,const in_addr_t naddr)690 inm_record_source(struct in_multi *inm, const in_addr_t naddr)
691 {
692 struct ip_msource find;
693 struct ip_msource *ims, *nims;
694
695 IN_MULTI_LIST_LOCK_ASSERT();
696
697 find.ims_haddr = ntohl(naddr);
698 ims = RB_FIND(ip_msource_tree, &inm->inm_srcs, &find);
699 if (ims && ims->ims_stp)
700 return (0);
701 if (ims == NULL) {
702 if (inm->inm_nsrc == in_mcast_maxgrpsrc)
703 return (-ENOSPC);
704 nims = malloc(sizeof(struct ip_msource), M_IPMSOURCE,
705 M_NOWAIT | M_ZERO);
706 if (nims == NULL)
707 return (-ENOMEM);
708 nims->ims_haddr = find.ims_haddr;
709 RB_INSERT(ip_msource_tree, &inm->inm_srcs, nims);
710 ++inm->inm_nsrc;
711 ims = nims;
712 }
713
714 /*
715 * Mark the source as recorded and update the recorded
716 * source count.
717 */
718 ++ims->ims_stp;
719 ++inm->inm_st[1].iss_rec;
720
721 return (1);
722 }
723
724 /*
725 * Return a pointer to an in_msource owned by an in_mfilter,
726 * given its source address.
727 * Lazy-allocate if needed. If this is a new entry its filter state is
728 * undefined at t0.
729 *
730 * imf is the filter set being modified.
731 * haddr is the source address in *host* byte-order.
732 *
733 * SMPng: May be called with locks held; malloc must not block.
734 */
735 static int
imf_get_source(struct in_mfilter * imf,const struct sockaddr_in * psin,struct in_msource ** plims)736 imf_get_source(struct in_mfilter *imf, const struct sockaddr_in *psin,
737 struct in_msource **plims)
738 {
739 struct ip_msource find;
740 struct ip_msource *ims, *nims;
741 struct in_msource *lims;
742 int error;
743
744 error = 0;
745 ims = NULL;
746 lims = NULL;
747
748 /* key is host byte order */
749 find.ims_haddr = ntohl(psin->sin_addr.s_addr);
750 ims = RB_FIND(ip_msource_tree, &imf->imf_sources, &find);
751 lims = (struct in_msource *)ims;
752 if (lims == NULL) {
753 if (imf->imf_nsrc == in_mcast_maxsocksrc)
754 return (ENOSPC);
755 nims = malloc(sizeof(struct in_msource), M_INMFILTER,
756 M_NOWAIT | M_ZERO);
757 if (nims == NULL)
758 return (ENOMEM);
759 lims = (struct in_msource *)nims;
760 lims->ims_haddr = find.ims_haddr;
761 lims->imsl_st[0] = MCAST_UNDEFINED;
762 RB_INSERT(ip_msource_tree, &imf->imf_sources, nims);
763 ++imf->imf_nsrc;
764 }
765
766 *plims = lims;
767
768 return (error);
769 }
770
771 /*
772 * Graft a source entry into an existing socket-layer filter set,
773 * maintaining any required invariants and checking allocations.
774 *
775 * The source is marked as being in the new filter mode at t1.
776 *
777 * Return the pointer to the new node, otherwise return NULL.
778 */
779 static struct in_msource *
imf_graft(struct in_mfilter * imf,const uint8_t st1,const struct sockaddr_in * psin)780 imf_graft(struct in_mfilter *imf, const uint8_t st1,
781 const struct sockaddr_in *psin)
782 {
783 struct ip_msource *nims;
784 struct in_msource *lims;
785
786 nims = malloc(sizeof(struct in_msource), M_INMFILTER,
787 M_NOWAIT | M_ZERO);
788 if (nims == NULL)
789 return (NULL);
790 lims = (struct in_msource *)nims;
791 lims->ims_haddr = ntohl(psin->sin_addr.s_addr);
792 lims->imsl_st[0] = MCAST_UNDEFINED;
793 lims->imsl_st[1] = st1;
794 RB_INSERT(ip_msource_tree, &imf->imf_sources, nims);
795 ++imf->imf_nsrc;
796
797 return (lims);
798 }
799
800 /*
801 * Prune a source entry from an existing socket-layer filter set,
802 * maintaining any required invariants and checking allocations.
803 *
804 * The source is marked as being left at t1, it is not freed.
805 *
806 * Return 0 if no error occurred, otherwise return an errno value.
807 */
808 static int
imf_prune(struct in_mfilter * imf,const struct sockaddr_in * psin)809 imf_prune(struct in_mfilter *imf, const struct sockaddr_in *psin)
810 {
811 struct ip_msource find;
812 struct ip_msource *ims;
813 struct in_msource *lims;
814
815 /* key is host byte order */
816 find.ims_haddr = ntohl(psin->sin_addr.s_addr);
817 ims = RB_FIND(ip_msource_tree, &imf->imf_sources, &find);
818 if (ims == NULL)
819 return (ENOENT);
820 lims = (struct in_msource *)ims;
821 lims->imsl_st[1] = MCAST_UNDEFINED;
822 return (0);
823 }
824
825 /*
826 * Revert socket-layer filter set deltas at t1 to t0 state.
827 */
828 static void
imf_rollback(struct in_mfilter * imf)829 imf_rollback(struct in_mfilter *imf)
830 {
831 struct ip_msource *ims, *tims;
832 struct in_msource *lims;
833
834 RB_FOREACH_SAFE(ims, ip_msource_tree, &imf->imf_sources, tims) {
835 lims = (struct in_msource *)ims;
836 if (lims->imsl_st[0] == lims->imsl_st[1]) {
837 /* no change at t1 */
838 continue;
839 } else if (lims->imsl_st[0] != MCAST_UNDEFINED) {
840 /* revert change to existing source at t1 */
841 lims->imsl_st[1] = lims->imsl_st[0];
842 } else {
843 /* revert source added t1 */
844 CTR2(KTR_IGMPV3, "%s: free ims %p", __func__, ims);
845 RB_REMOVE(ip_msource_tree, &imf->imf_sources, ims);
846 free(ims, M_INMFILTER);
847 imf->imf_nsrc--;
848 }
849 }
850 imf->imf_st[1] = imf->imf_st[0];
851 }
852
853 /*
854 * Mark socket-layer filter set as INCLUDE {} at t1.
855 */
856 static void
imf_leave(struct in_mfilter * imf)857 imf_leave(struct in_mfilter *imf)
858 {
859 struct ip_msource *ims;
860 struct in_msource *lims;
861
862 RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources) {
863 lims = (struct in_msource *)ims;
864 lims->imsl_st[1] = MCAST_UNDEFINED;
865 }
866 imf->imf_st[1] = MCAST_INCLUDE;
867 }
868
869 /*
870 * Mark socket-layer filter set deltas as committed.
871 */
872 static void
imf_commit(struct in_mfilter * imf)873 imf_commit(struct in_mfilter *imf)
874 {
875 struct ip_msource *ims;
876 struct in_msource *lims;
877
878 RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources) {
879 lims = (struct in_msource *)ims;
880 lims->imsl_st[0] = lims->imsl_st[1];
881 }
882 imf->imf_st[0] = imf->imf_st[1];
883 }
884
885 /*
886 * Reap unreferenced sources from socket-layer filter set.
887 */
888 static void
imf_reap(struct in_mfilter * imf)889 imf_reap(struct in_mfilter *imf)
890 {
891 struct ip_msource *ims, *tims;
892 struct in_msource *lims;
893
894 RB_FOREACH_SAFE(ims, ip_msource_tree, &imf->imf_sources, tims) {
895 lims = (struct in_msource *)ims;
896 if ((lims->imsl_st[0] == MCAST_UNDEFINED) &&
897 (lims->imsl_st[1] == MCAST_UNDEFINED)) {
898 CTR2(KTR_IGMPV3, "%s: free lims %p", __func__, ims);
899 RB_REMOVE(ip_msource_tree, &imf->imf_sources, ims);
900 free(ims, M_INMFILTER);
901 imf->imf_nsrc--;
902 }
903 }
904 }
905
906 /*
907 * Purge socket-layer filter set.
908 */
909 static void
imf_purge(struct in_mfilter * imf)910 imf_purge(struct in_mfilter *imf)
911 {
912 struct ip_msource *ims, *tims;
913
914 RB_FOREACH_SAFE(ims, ip_msource_tree, &imf->imf_sources, tims) {
915 CTR2(KTR_IGMPV3, "%s: free ims %p", __func__, ims);
916 RB_REMOVE(ip_msource_tree, &imf->imf_sources, ims);
917 free(ims, M_INMFILTER);
918 imf->imf_nsrc--;
919 }
920 imf->imf_st[0] = imf->imf_st[1] = MCAST_UNDEFINED;
921 KASSERT(RB_EMPTY(&imf->imf_sources),
922 ("%s: imf_sources not empty", __func__));
923 if (imf->imf_inm != NULL)
924 mbufq_drain(&imf->imf_inm->inm_scq);
925 }
926
927 /*
928 * Look up a source filter entry for a multicast group.
929 *
930 * inm is the group descriptor to work with.
931 * haddr is the host-byte-order IPv4 address to look up.
932 * noalloc may be non-zero to suppress allocation of sources.
933 * *pims will be set to the address of the retrieved or allocated source.
934 *
935 * SMPng: NOTE: may be called with locks held.
936 * Return 0 if successful, otherwise return a non-zero error code.
937 */
938 static int
inm_get_source(struct in_multi * inm,const in_addr_t haddr,const int noalloc,struct ip_msource ** pims)939 inm_get_source(struct in_multi *inm, const in_addr_t haddr,
940 const int noalloc, struct ip_msource **pims)
941 {
942 struct ip_msource find;
943 struct ip_msource *ims, *nims;
944
945 find.ims_haddr = haddr;
946 ims = RB_FIND(ip_msource_tree, &inm->inm_srcs, &find);
947 if (ims == NULL && !noalloc) {
948 if (inm->inm_nsrc == in_mcast_maxgrpsrc)
949 return (ENOSPC);
950 nims = malloc(sizeof(struct ip_msource), M_IPMSOURCE,
951 M_NOWAIT | M_ZERO);
952 if (nims == NULL)
953 return (ENOMEM);
954 nims->ims_haddr = haddr;
955 RB_INSERT(ip_msource_tree, &inm->inm_srcs, nims);
956 ++inm->inm_nsrc;
957 ims = nims;
958 #ifdef KTR
959 CTR3(KTR_IGMPV3, "%s: allocated 0x%08x as %p", __func__,
960 haddr, ims);
961 #endif
962 }
963
964 *pims = ims;
965 return (0);
966 }
967
968 /*
969 * Merge socket-layer source into IGMP-layer source.
970 * If rollback is non-zero, perform the inverse of the merge.
971 */
972 static void
ims_merge(struct ip_msource * ims,const struct in_msource * lims,const int rollback)973 ims_merge(struct ip_msource *ims, const struct in_msource *lims,
974 const int rollback)
975 {
976 int n = rollback ? -1 : 1;
977
978 if (lims->imsl_st[0] == MCAST_EXCLUDE) {
979 CTR3(KTR_IGMPV3, "%s: t1 ex -= %d on 0x%08x",
980 __func__, n, ims->ims_haddr);
981 ims->ims_st[1].ex -= n;
982 } else if (lims->imsl_st[0] == MCAST_INCLUDE) {
983 CTR3(KTR_IGMPV3, "%s: t1 in -= %d on 0x%08x",
984 __func__, n, ims->ims_haddr);
985 ims->ims_st[1].in -= n;
986 }
987
988 if (lims->imsl_st[1] == MCAST_EXCLUDE) {
989 CTR3(KTR_IGMPV3, "%s: t1 ex += %d on 0x%08x",
990 __func__, n, ims->ims_haddr);
991 ims->ims_st[1].ex += n;
992 } else if (lims->imsl_st[1] == MCAST_INCLUDE) {
993 CTR3(KTR_IGMPV3, "%s: t1 in += %d on 0x%08x",
994 __func__, n, ims->ims_haddr);
995 ims->ims_st[1].in += n;
996 }
997 }
998
999 /*
1000 * Atomically update the global in_multi state, when a membership's
1001 * filter list is being updated in any way.
1002 *
1003 * imf is the per-inpcb-membership group filter pointer.
1004 * A fake imf may be passed for in-kernel consumers.
1005 *
1006 * XXX This is a candidate for a set-symmetric-difference style loop
1007 * which would eliminate the repeated lookup from root of ims nodes,
1008 * as they share the same key space.
1009 *
1010 * If any error occurred this function will back out of refcounts
1011 * and return a non-zero value.
1012 */
1013 static int
inm_merge(struct in_multi * inm,struct in_mfilter * imf)1014 inm_merge(struct in_multi *inm, /*const*/ struct in_mfilter *imf)
1015 {
1016 struct ip_msource *ims, *nims;
1017 struct in_msource *lims;
1018 int schanged, error;
1019 int nsrc0, nsrc1;
1020
1021 schanged = 0;
1022 error = 0;
1023 nsrc1 = nsrc0 = 0;
1024 IN_MULTI_LIST_LOCK_ASSERT();
1025
1026 /*
1027 * Update the source filters first, as this may fail.
1028 * Maintain count of in-mode filters at t0, t1. These are
1029 * used to work out if we transition into ASM mode or not.
1030 * Maintain a count of source filters whose state was
1031 * actually modified by this operation.
1032 */
1033 RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources) {
1034 lims = (struct in_msource *)ims;
1035 if (lims->imsl_st[0] == imf->imf_st[0]) nsrc0++;
1036 if (lims->imsl_st[1] == imf->imf_st[1]) nsrc1++;
1037 if (lims->imsl_st[0] == lims->imsl_st[1]) continue;
1038 error = inm_get_source(inm, lims->ims_haddr, 0, &nims);
1039 ++schanged;
1040 if (error)
1041 break;
1042 ims_merge(nims, lims, 0);
1043 }
1044 if (error) {
1045 struct ip_msource *bims;
1046
1047 RB_FOREACH_REVERSE_FROM(ims, ip_msource_tree, nims) {
1048 lims = (struct in_msource *)ims;
1049 if (lims->imsl_st[0] == lims->imsl_st[1])
1050 continue;
1051 (void)inm_get_source(inm, lims->ims_haddr, 1, &bims);
1052 if (bims == NULL)
1053 continue;
1054 ims_merge(bims, lims, 1);
1055 }
1056 goto out_reap;
1057 }
1058
1059 CTR3(KTR_IGMPV3, "%s: imf filters in-mode: %d at t0, %d at t1",
1060 __func__, nsrc0, nsrc1);
1061
1062 /* Handle transition between INCLUDE {n} and INCLUDE {} on socket. */
1063 if (imf->imf_st[0] == imf->imf_st[1] &&
1064 imf->imf_st[1] == MCAST_INCLUDE) {
1065 if (nsrc1 == 0) {
1066 CTR1(KTR_IGMPV3, "%s: --in on inm at t1", __func__);
1067 --inm->inm_st[1].iss_in;
1068 }
1069 }
1070
1071 /* Handle filter mode transition on socket. */
1072 if (imf->imf_st[0] != imf->imf_st[1]) {
1073 CTR3(KTR_IGMPV3, "%s: imf transition %d to %d",
1074 __func__, imf->imf_st[0], imf->imf_st[1]);
1075
1076 if (imf->imf_st[0] == MCAST_EXCLUDE) {
1077 CTR1(KTR_IGMPV3, "%s: --ex on inm at t1", __func__);
1078 --inm->inm_st[1].iss_ex;
1079 } else if (imf->imf_st[0] == MCAST_INCLUDE) {
1080 CTR1(KTR_IGMPV3, "%s: --in on inm at t1", __func__);
1081 --inm->inm_st[1].iss_in;
1082 }
1083
1084 if (imf->imf_st[1] == MCAST_EXCLUDE) {
1085 CTR1(KTR_IGMPV3, "%s: ex++ on inm at t1", __func__);
1086 inm->inm_st[1].iss_ex++;
1087 } else if (imf->imf_st[1] == MCAST_INCLUDE && nsrc1 > 0) {
1088 CTR1(KTR_IGMPV3, "%s: in++ on inm at t1", __func__);
1089 inm->inm_st[1].iss_in++;
1090 }
1091 }
1092
1093 /*
1094 * Track inm filter state in terms of listener counts.
1095 * If there are any exclusive listeners, stack-wide
1096 * membership is exclusive.
1097 * Otherwise, if only inclusive listeners, stack-wide is inclusive.
1098 * If no listeners remain, state is undefined at t1,
1099 * and the IGMP lifecycle for this group should finish.
1100 */
1101 if (inm->inm_st[1].iss_ex > 0) {
1102 CTR1(KTR_IGMPV3, "%s: transition to EX", __func__);
1103 inm->inm_st[1].iss_fmode = MCAST_EXCLUDE;
1104 } else if (inm->inm_st[1].iss_in > 0) {
1105 CTR1(KTR_IGMPV3, "%s: transition to IN", __func__);
1106 inm->inm_st[1].iss_fmode = MCAST_INCLUDE;
1107 } else {
1108 CTR1(KTR_IGMPV3, "%s: transition to UNDEF", __func__);
1109 inm->inm_st[1].iss_fmode = MCAST_UNDEFINED;
1110 }
1111
1112 /* Decrement ASM listener count on transition out of ASM mode. */
1113 if (imf->imf_st[0] == MCAST_EXCLUDE && nsrc0 == 0) {
1114 if ((imf->imf_st[1] != MCAST_EXCLUDE) ||
1115 (imf->imf_st[1] == MCAST_EXCLUDE && nsrc1 > 0)) {
1116 CTR1(KTR_IGMPV3, "%s: --asm on inm at t1", __func__);
1117 --inm->inm_st[1].iss_asm;
1118 }
1119 }
1120
1121 /* Increment ASM listener count on transition to ASM mode. */
1122 if (imf->imf_st[1] == MCAST_EXCLUDE && nsrc1 == 0) {
1123 CTR1(KTR_IGMPV3, "%s: asm++ on inm at t1", __func__);
1124 inm->inm_st[1].iss_asm++;
1125 }
1126
1127 CTR3(KTR_IGMPV3, "%s: merged imf %p to inm %p", __func__, imf, inm);
1128 inm_print(inm);
1129
1130 out_reap:
1131 if (schanged > 0) {
1132 CTR1(KTR_IGMPV3, "%s: sources changed; reaping", __func__);
1133 inm_reap(inm);
1134 }
1135 return (error);
1136 }
1137
1138 /*
1139 * Mark an in_multi's filter set deltas as committed.
1140 * Called by IGMP after a state change has been enqueued.
1141 */
1142 void
inm_commit(struct in_multi * inm)1143 inm_commit(struct in_multi *inm)
1144 {
1145 struct ip_msource *ims;
1146
1147 CTR2(KTR_IGMPV3, "%s: commit inm %p", __func__, inm);
1148 CTR1(KTR_IGMPV3, "%s: pre commit:", __func__);
1149 inm_print(inm);
1150
1151 RB_FOREACH(ims, ip_msource_tree, &inm->inm_srcs) {
1152 ims->ims_st[0] = ims->ims_st[1];
1153 }
1154 inm->inm_st[0] = inm->inm_st[1];
1155 }
1156
1157 /*
1158 * Reap unreferenced nodes from an in_multi's filter set.
1159 */
1160 static void
inm_reap(struct in_multi * inm)1161 inm_reap(struct in_multi *inm)
1162 {
1163 struct ip_msource *ims, *tims;
1164
1165 RB_FOREACH_SAFE(ims, ip_msource_tree, &inm->inm_srcs, tims) {
1166 if (ims->ims_st[0].ex > 0 || ims->ims_st[0].in > 0 ||
1167 ims->ims_st[1].ex > 0 || ims->ims_st[1].in > 0 ||
1168 ims->ims_stp != 0)
1169 continue;
1170 CTR2(KTR_IGMPV3, "%s: free ims %p", __func__, ims);
1171 RB_REMOVE(ip_msource_tree, &inm->inm_srcs, ims);
1172 free(ims, M_IPMSOURCE);
1173 inm->inm_nsrc--;
1174 }
1175 }
1176
1177 /*
1178 * Purge all source nodes from an in_multi's filter set.
1179 */
1180 static void
inm_purge(struct in_multi * inm)1181 inm_purge(struct in_multi *inm)
1182 {
1183 struct ip_msource *ims, *tims;
1184
1185 RB_FOREACH_SAFE(ims, ip_msource_tree, &inm->inm_srcs, tims) {
1186 CTR2(KTR_IGMPV3, "%s: free ims %p", __func__, ims);
1187 RB_REMOVE(ip_msource_tree, &inm->inm_srcs, ims);
1188 free(ims, M_IPMSOURCE);
1189 inm->inm_nsrc--;
1190 }
1191 }
1192
1193 /*
1194 * Join a multicast group; unlocked entry point.
1195 *
1196 * SMPng: XXX: in_joingroup() is called from in_control() when Giant
1197 * is not held. Fortunately, ifp is unlikely to have been detached
1198 * at this point, so we assume it's OK to recurse.
1199 */
1200 int
in_joingroup(struct ifnet * ifp,const struct in_addr * gina,struct in_mfilter * imf,struct in_multi ** pinm)1201 in_joingroup(struct ifnet *ifp, const struct in_addr *gina,
1202 /*const*/ struct in_mfilter *imf, struct in_multi **pinm)
1203 {
1204 int error;
1205
1206 IN_MULTI_LOCK();
1207 error = in_joingroup_locked(ifp, gina, imf, pinm);
1208 IN_MULTI_UNLOCK();
1209
1210 return (error);
1211 }
1212
1213 /*
1214 * Join a multicast group; real entry point.
1215 *
1216 * Only preserves atomicity at inm level.
1217 * NOTE: imf argument cannot be const due to sys/tree.h limitations.
1218 *
1219 * If the IGMP downcall fails, the group is not joined, and an error
1220 * code is returned.
1221 */
1222 int
in_joingroup_locked(struct ifnet * ifp,const struct in_addr * gina,struct in_mfilter * imf,struct in_multi ** pinm)1223 in_joingroup_locked(struct ifnet *ifp, const struct in_addr *gina,
1224 /*const*/ struct in_mfilter *imf, struct in_multi **pinm)
1225 {
1226 struct in_mfilter timf;
1227 struct in_multi *inm;
1228 int error;
1229
1230 IN_MULTI_LOCK_ASSERT();
1231 IN_MULTI_LIST_UNLOCK_ASSERT();
1232
1233 CTR4(KTR_IGMPV3, "%s: join 0x%08x on %p(%s))", __func__,
1234 ntohl(gina->s_addr), ifp, ifp->if_xname);
1235
1236 error = 0;
1237 inm = NULL;
1238
1239 /*
1240 * If no imf was specified (i.e. kernel consumer),
1241 * fake one up and assume it is an ASM join.
1242 */
1243 if (imf == NULL) {
1244 imf_init(&timf, MCAST_UNDEFINED, MCAST_EXCLUDE);
1245 imf = &timf;
1246 }
1247
1248 error = in_getmulti(ifp, gina, &inm);
1249 if (error) {
1250 CTR1(KTR_IGMPV3, "%s: in_getmulti() failure", __func__);
1251 return (error);
1252 }
1253 IN_MULTI_LIST_LOCK();
1254 CTR1(KTR_IGMPV3, "%s: merge inm state", __func__);
1255 error = inm_merge(inm, imf);
1256 if (error) {
1257 CTR1(KTR_IGMPV3, "%s: failed to merge inm state", __func__);
1258 goto out_inm_release;
1259 }
1260
1261 CTR1(KTR_IGMPV3, "%s: doing igmp downcall", __func__);
1262 error = igmp_change_state(inm);
1263 if (error) {
1264 CTR1(KTR_IGMPV3, "%s: failed to update source", __func__);
1265 goto out_inm_release;
1266 }
1267
1268 out_inm_release:
1269 if (error) {
1270 CTR2(KTR_IGMPV3, "%s: dropping ref on %p", __func__, inm);
1271 IF_ADDR_WLOCK(ifp);
1272 inm_release_deferred(inm);
1273 IF_ADDR_WUNLOCK(ifp);
1274 } else {
1275 *pinm = inm;
1276 }
1277 IN_MULTI_LIST_UNLOCK();
1278
1279 return (error);
1280 }
1281
1282 /*
1283 * Leave a multicast group; unlocked entry point.
1284 */
1285 int
in_leavegroup(struct in_multi * inm,struct in_mfilter * imf)1286 in_leavegroup(struct in_multi *inm, /*const*/ struct in_mfilter *imf)
1287 {
1288 int error;
1289
1290 IN_MULTI_LOCK();
1291 error = in_leavegroup_locked(inm, imf);
1292 IN_MULTI_UNLOCK();
1293
1294 return (error);
1295 }
1296
1297 /*
1298 * Leave a multicast group; real entry point.
1299 * All source filters will be expunged.
1300 *
1301 * Only preserves atomicity at inm level.
1302 *
1303 * Holding the write lock for the INP which contains imf
1304 * is highly advisable. We can't assert for it as imf does not
1305 * contain a back-pointer to the owning inp.
1306 *
1307 * Note: This is not the same as inm_release(*) as this function also
1308 * makes a state change downcall into IGMP.
1309 */
1310 int
in_leavegroup_locked(struct in_multi * inm,struct in_mfilter * imf)1311 in_leavegroup_locked(struct in_multi *inm, /*const*/ struct in_mfilter *imf)
1312 {
1313 struct in_mfilter timf;
1314 int error;
1315
1316 IN_MULTI_LOCK_ASSERT();
1317 IN_MULTI_LIST_UNLOCK_ASSERT();
1318
1319 error = 0;
1320
1321 CTR5(KTR_IGMPV3, "%s: leave inm %p, 0x%08x/%s, imf %p", __func__,
1322 inm, ntohl(inm->inm_addr.s_addr),
1323 (inm_is_ifp_detached(inm) ? "null" : inm->inm_ifp->if_xname),
1324 imf);
1325
1326 /*
1327 * If no imf was specified (i.e. kernel consumer),
1328 * fake one up and assume it is an ASM join.
1329 */
1330 if (imf == NULL) {
1331 imf_init(&timf, MCAST_EXCLUDE, MCAST_UNDEFINED);
1332 imf = &timf;
1333 }
1334
1335 /*
1336 * Begin state merge transaction at IGMP layer.
1337 *
1338 * As this particular invocation should not cause any memory
1339 * to be allocated, and there is no opportunity to roll back
1340 * the transaction, it MUST NOT fail.
1341 */
1342 CTR1(KTR_IGMPV3, "%s: merge inm state", __func__);
1343 IN_MULTI_LIST_LOCK();
1344 error = inm_merge(inm, imf);
1345 KASSERT(error == 0, ("%s: failed to merge inm state", __func__));
1346
1347 CTR1(KTR_IGMPV3, "%s: doing igmp downcall", __func__);
1348 CURVNET_SET(inm->inm_ifp->if_vnet);
1349 error = igmp_change_state(inm);
1350 IF_ADDR_WLOCK(inm->inm_ifp);
1351 inm_release_deferred(inm);
1352 IF_ADDR_WUNLOCK(inm->inm_ifp);
1353 IN_MULTI_LIST_UNLOCK();
1354 CURVNET_RESTORE();
1355 if (error)
1356 CTR1(KTR_IGMPV3, "%s: failed igmp downcall", __func__);
1357
1358 CTR2(KTR_IGMPV3, "%s: dropping ref on %p", __func__, inm);
1359
1360 return (error);
1361 }
1362
1363 /*#ifndef BURN_BRIDGES*/
1364 /*
1365 * Join an IPv4 multicast group in (*,G) exclusive mode.
1366 * The group must be a 224.0.0.0/24 link-scope group.
1367 * This KPI is for legacy kernel consumers only.
1368 */
1369 struct in_multi *
in_addmulti(struct in_addr * ap,struct ifnet * ifp)1370 in_addmulti(struct in_addr *ap, struct ifnet *ifp)
1371 {
1372 struct in_multi *pinm;
1373 int error;
1374 #ifdef INVARIANTS
1375 char addrbuf[INET_ADDRSTRLEN];
1376 #endif
1377
1378 KASSERT(IN_LOCAL_GROUP(ntohl(ap->s_addr)),
1379 ("%s: %s not in 224.0.0.0/24", __func__,
1380 inet_ntoa_r(*ap, addrbuf)));
1381
1382 error = in_joingroup(ifp, ap, NULL, &pinm);
1383 if (error != 0)
1384 pinm = NULL;
1385
1386 return (pinm);
1387 }
1388
1389 /*
1390 * Block or unblock an ASM multicast source on an inpcb.
1391 * This implements the delta-based API described in RFC 3678.
1392 *
1393 * The delta-based API applies only to exclusive-mode memberships.
1394 * An IGMP downcall will be performed.
1395 *
1396 * SMPng: NOTE: Must take Giant as a join may create a new ifma.
1397 *
1398 * Return 0 if successful, otherwise return an appropriate error code.
1399 */
1400 static int
inp_block_unblock_source(struct inpcb * inp,struct sockopt * sopt)1401 inp_block_unblock_source(struct inpcb *inp, struct sockopt *sopt)
1402 {
1403 struct group_source_req gsr;
1404 struct rm_priotracker in_ifa_tracker;
1405 sockunion_t *gsa, *ssa;
1406 struct ifnet *ifp;
1407 struct in_mfilter *imf;
1408 struct ip_moptions *imo;
1409 struct in_msource *ims;
1410 struct in_multi *inm;
1411 uint16_t fmode;
1412 int error, doblock;
1413
1414 ifp = NULL;
1415 error = 0;
1416 doblock = 0;
1417
1418 memset(&gsr, 0, sizeof(struct group_source_req));
1419 gsa = (sockunion_t *)&gsr.gsr_group;
1420 ssa = (sockunion_t *)&gsr.gsr_source;
1421
1422 switch (sopt->sopt_name) {
1423 case IP_BLOCK_SOURCE:
1424 case IP_UNBLOCK_SOURCE: {
1425 struct ip_mreq_source mreqs;
1426
1427 error = sooptcopyin(sopt, &mreqs,
1428 sizeof(struct ip_mreq_source),
1429 sizeof(struct ip_mreq_source));
1430 if (error)
1431 return (error);
1432
1433 gsa->sin.sin_family = AF_INET;
1434 gsa->sin.sin_len = sizeof(struct sockaddr_in);
1435 gsa->sin.sin_addr = mreqs.imr_multiaddr;
1436
1437 ssa->sin.sin_family = AF_INET;
1438 ssa->sin.sin_len = sizeof(struct sockaddr_in);
1439 ssa->sin.sin_addr = mreqs.imr_sourceaddr;
1440
1441 if (!in_nullhost(mreqs.imr_interface)) {
1442 IN_IFADDR_RLOCK(&in_ifa_tracker);
1443 INADDR_TO_IFP(mreqs.imr_interface, ifp);
1444 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
1445 }
1446 if (sopt->sopt_name == IP_BLOCK_SOURCE)
1447 doblock = 1;
1448
1449 CTR3(KTR_IGMPV3, "%s: imr_interface = 0x%08x, ifp = %p",
1450 __func__, ntohl(mreqs.imr_interface.s_addr), ifp);
1451 break;
1452 }
1453
1454 case MCAST_BLOCK_SOURCE:
1455 case MCAST_UNBLOCK_SOURCE:
1456 error = sooptcopyin(sopt, &gsr,
1457 sizeof(struct group_source_req),
1458 sizeof(struct group_source_req));
1459 if (error)
1460 return (error);
1461
1462 if (gsa->sin.sin_family != AF_INET ||
1463 gsa->sin.sin_len != sizeof(struct sockaddr_in))
1464 return (EINVAL);
1465
1466 if (ssa->sin.sin_family != AF_INET ||
1467 ssa->sin.sin_len != sizeof(struct sockaddr_in))
1468 return (EINVAL);
1469
1470 if (gsr.gsr_interface == 0 || V_if_index < gsr.gsr_interface)
1471 return (EADDRNOTAVAIL);
1472
1473 ifp = ifnet_byindex(gsr.gsr_interface);
1474
1475 if (sopt->sopt_name == MCAST_BLOCK_SOURCE)
1476 doblock = 1;
1477 break;
1478
1479 default:
1480 CTR2(KTR_IGMPV3, "%s: unknown sopt_name %d",
1481 __func__, sopt->sopt_name);
1482 return (EOPNOTSUPP);
1483 break;
1484 }
1485
1486 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
1487 return (EINVAL);
1488
1489 IN_MULTI_LOCK();
1490
1491 /*
1492 * Check if we are actually a member of this group.
1493 */
1494 imo = inp_findmoptions(inp);
1495 imf = imo_match_group(imo, ifp, &gsa->sa);
1496 if (imf == NULL) {
1497 error = EADDRNOTAVAIL;
1498 goto out_inp_locked;
1499 }
1500 inm = imf->imf_inm;
1501
1502 /*
1503 * Attempting to use the delta-based API on an
1504 * non exclusive-mode membership is an error.
1505 */
1506 fmode = imf->imf_st[0];
1507 if (fmode != MCAST_EXCLUDE) {
1508 error = EINVAL;
1509 goto out_inp_locked;
1510 }
1511
1512 /*
1513 * Deal with error cases up-front:
1514 * Asked to block, but already blocked; or
1515 * Asked to unblock, but nothing to unblock.
1516 * If adding a new block entry, allocate it.
1517 */
1518 ims = imo_match_source(imf, &ssa->sa);
1519 if ((ims != NULL && doblock) || (ims == NULL && !doblock)) {
1520 CTR3(KTR_IGMPV3, "%s: source 0x%08x %spresent", __func__,
1521 ntohl(ssa->sin.sin_addr.s_addr), doblock ? "" : "not ");
1522 error = EADDRNOTAVAIL;
1523 goto out_inp_locked;
1524 }
1525
1526 INP_WLOCK_ASSERT(inp);
1527
1528 /*
1529 * Begin state merge transaction at socket layer.
1530 */
1531 if (doblock) {
1532 CTR2(KTR_IGMPV3, "%s: %s source", __func__, "block");
1533 ims = imf_graft(imf, fmode, &ssa->sin);
1534 if (ims == NULL)
1535 error = ENOMEM;
1536 } else {
1537 CTR2(KTR_IGMPV3, "%s: %s source", __func__, "allow");
1538 error = imf_prune(imf, &ssa->sin);
1539 }
1540
1541 if (error) {
1542 CTR1(KTR_IGMPV3, "%s: merge imf state failed", __func__);
1543 goto out_imf_rollback;
1544 }
1545
1546 /*
1547 * Begin state merge transaction at IGMP layer.
1548 */
1549 CTR1(KTR_IGMPV3, "%s: merge inm state", __func__);
1550 IN_MULTI_LIST_LOCK();
1551 error = inm_merge(inm, imf);
1552 if (error) {
1553 CTR1(KTR_IGMPV3, "%s: failed to merge inm state", __func__);
1554 IN_MULTI_LIST_UNLOCK();
1555 goto out_imf_rollback;
1556 }
1557
1558 CTR1(KTR_IGMPV3, "%s: doing igmp downcall", __func__);
1559 error = igmp_change_state(inm);
1560 IN_MULTI_LIST_UNLOCK();
1561 if (error)
1562 CTR1(KTR_IGMPV3, "%s: failed igmp downcall", __func__);
1563
1564 out_imf_rollback:
1565 if (error)
1566 imf_rollback(imf);
1567 else
1568 imf_commit(imf);
1569
1570 imf_reap(imf);
1571
1572 out_inp_locked:
1573 INP_WUNLOCK(inp);
1574 IN_MULTI_UNLOCK();
1575 return (error);
1576 }
1577
1578 /*
1579 * Given an inpcb, return its multicast options structure pointer. Accepts
1580 * an unlocked inpcb pointer, but will return it locked. May sleep.
1581 *
1582 * SMPng: NOTE: Potentially calls malloc(M_WAITOK) with Giant held.
1583 * SMPng: NOTE: Returns with the INP write lock held.
1584 */
1585 static struct ip_moptions *
inp_findmoptions(struct inpcb * inp)1586 inp_findmoptions(struct inpcb *inp)
1587 {
1588 struct ip_moptions *imo;
1589
1590 INP_WLOCK(inp);
1591 if (inp->inp_moptions != NULL)
1592 return (inp->inp_moptions);
1593
1594 INP_WUNLOCK(inp);
1595
1596 imo = malloc(sizeof(*imo), M_IPMOPTS, M_WAITOK);
1597
1598 imo->imo_multicast_ifp = NULL;
1599 imo->imo_multicast_addr.s_addr = INADDR_ANY;
1600 imo->imo_multicast_vif = -1;
1601 imo->imo_multicast_ttl = IP_DEFAULT_MULTICAST_TTL;
1602 imo->imo_multicast_loop = in_mcast_loop;
1603 STAILQ_INIT(&imo->imo_head);
1604
1605 INP_WLOCK(inp);
1606 if (inp->inp_moptions != NULL) {
1607 free(imo, M_IPMOPTS);
1608 return (inp->inp_moptions);
1609 }
1610 inp->inp_moptions = imo;
1611 return (imo);
1612 }
1613
1614 static void
inp_gcmoptions(struct ip_moptions * imo)1615 inp_gcmoptions(struct ip_moptions *imo)
1616 {
1617 struct in_mfilter *imf;
1618 struct in_multi *inm;
1619 struct ifnet *ifp;
1620
1621 while ((imf = ip_mfilter_first(&imo->imo_head)) != NULL) {
1622 ip_mfilter_remove(&imo->imo_head, imf);
1623
1624 imf_leave(imf);
1625 if ((inm = imf->imf_inm) != NULL) {
1626 if ((ifp = inm->inm_ifp) != NULL) {
1627 CURVNET_SET(ifp->if_vnet);
1628 (void)in_leavegroup(inm, imf);
1629 CURVNET_RESTORE();
1630 } else {
1631 (void)in_leavegroup(inm, imf);
1632 }
1633 }
1634 ip_mfilter_free(imf);
1635 }
1636 free(imo, M_IPMOPTS);
1637 }
1638
1639 /*
1640 * Discard the IP multicast options (and source filters). To minimize
1641 * the amount of work done while holding locks such as the INP's
1642 * pcbinfo lock (which is used in the receive path), the free
1643 * operation is deferred to the epoch callback task.
1644 */
1645 void
inp_freemoptions(struct ip_moptions * imo)1646 inp_freemoptions(struct ip_moptions *imo)
1647 {
1648 if (imo == NULL)
1649 return;
1650 inp_gcmoptions(imo);
1651 }
1652
1653 /*
1654 * Atomically get source filters on a socket for an IPv4 multicast group.
1655 * Called with INP lock held; returns with lock released.
1656 */
1657 static int
inp_get_source_filters(struct inpcb * inp,struct sockopt * sopt)1658 inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt)
1659 {
1660 struct __msfilterreq msfr;
1661 sockunion_t *gsa;
1662 struct ifnet *ifp;
1663 struct ip_moptions *imo;
1664 struct in_mfilter *imf;
1665 struct ip_msource *ims;
1666 struct in_msource *lims;
1667 struct sockaddr_in *psin;
1668 struct sockaddr_storage *ptss;
1669 struct sockaddr_storage *tss;
1670 int error;
1671 size_t nsrcs, ncsrcs;
1672
1673 INP_WLOCK_ASSERT(inp);
1674
1675 imo = inp->inp_moptions;
1676 KASSERT(imo != NULL, ("%s: null ip_moptions", __func__));
1677
1678 INP_WUNLOCK(inp);
1679
1680 error = sooptcopyin(sopt, &msfr, sizeof(struct __msfilterreq),
1681 sizeof(struct __msfilterreq));
1682 if (error)
1683 return (error);
1684
1685 if (msfr.msfr_ifindex == 0 || V_if_index < msfr.msfr_ifindex)
1686 return (EINVAL);
1687
1688 ifp = ifnet_byindex(msfr.msfr_ifindex);
1689 if (ifp == NULL)
1690 return (EINVAL);
1691
1692 INP_WLOCK(inp);
1693
1694 /*
1695 * Lookup group on the socket.
1696 */
1697 gsa = (sockunion_t *)&msfr.msfr_group;
1698 imf = imo_match_group(imo, ifp, &gsa->sa);
1699 if (imf == NULL) {
1700 INP_WUNLOCK(inp);
1701 return (EADDRNOTAVAIL);
1702 }
1703
1704 /*
1705 * Ignore memberships which are in limbo.
1706 */
1707 if (imf->imf_st[1] == MCAST_UNDEFINED) {
1708 INP_WUNLOCK(inp);
1709 return (EAGAIN);
1710 }
1711 msfr.msfr_fmode = imf->imf_st[1];
1712
1713 /*
1714 * If the user specified a buffer, copy out the source filter
1715 * entries to userland gracefully.
1716 * We only copy out the number of entries which userland
1717 * has asked for, but we always tell userland how big the
1718 * buffer really needs to be.
1719 */
1720 if (msfr.msfr_nsrcs > in_mcast_maxsocksrc)
1721 msfr.msfr_nsrcs = in_mcast_maxsocksrc;
1722 tss = NULL;
1723 if (msfr.msfr_srcs != NULL && msfr.msfr_nsrcs > 0) {
1724 tss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs,
1725 M_TEMP, M_NOWAIT | M_ZERO);
1726 if (tss == NULL) {
1727 INP_WUNLOCK(inp);
1728 return (ENOBUFS);
1729 }
1730 }
1731
1732 /*
1733 * Count number of sources in-mode at t0.
1734 * If buffer space exists and remains, copy out source entries.
1735 */
1736 nsrcs = msfr.msfr_nsrcs;
1737 ncsrcs = 0;
1738 ptss = tss;
1739 RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources) {
1740 lims = (struct in_msource *)ims;
1741 if (lims->imsl_st[0] == MCAST_UNDEFINED ||
1742 lims->imsl_st[0] != imf->imf_st[0])
1743 continue;
1744 ++ncsrcs;
1745 if (tss != NULL && nsrcs > 0) {
1746 psin = (struct sockaddr_in *)ptss;
1747 psin->sin_family = AF_INET;
1748 psin->sin_len = sizeof(struct sockaddr_in);
1749 psin->sin_addr.s_addr = htonl(lims->ims_haddr);
1750 psin->sin_port = 0;
1751 ++ptss;
1752 --nsrcs;
1753 }
1754 }
1755
1756 INP_WUNLOCK(inp);
1757
1758 if (tss != NULL) {
1759 error = copyout(tss, msfr.msfr_srcs,
1760 sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs);
1761 free(tss, M_TEMP);
1762 if (error)
1763 return (error);
1764 }
1765
1766 msfr.msfr_nsrcs = ncsrcs;
1767 error = sooptcopyout(sopt, &msfr, sizeof(struct __msfilterreq));
1768
1769 return (error);
1770 }
1771
1772 /*
1773 * Return the IP multicast options in response to user getsockopt().
1774 */
1775 int
inp_getmoptions(struct inpcb * inp,struct sockopt * sopt)1776 inp_getmoptions(struct inpcb *inp, struct sockopt *sopt)
1777 {
1778 struct rm_priotracker in_ifa_tracker;
1779 struct ip_mreqn mreqn;
1780 struct ip_moptions *imo;
1781 struct ifnet *ifp;
1782 struct in_ifaddr *ia;
1783 int error, optval;
1784 u_char coptval;
1785
1786 INP_WLOCK(inp);
1787 imo = inp->inp_moptions;
1788 /*
1789 * If socket is neither of type SOCK_RAW or SOCK_DGRAM,
1790 * or is a divert socket, reject it.
1791 */
1792 if (inp->inp_socket->so_proto->pr_protocol == IPPROTO_DIVERT ||
1793 (inp->inp_socket->so_proto->pr_type != SOCK_RAW &&
1794 inp->inp_socket->so_proto->pr_type != SOCK_DGRAM)) {
1795 INP_WUNLOCK(inp);
1796 return (EOPNOTSUPP);
1797 }
1798
1799 error = 0;
1800 switch (sopt->sopt_name) {
1801 case IP_MULTICAST_VIF:
1802 if (imo != NULL)
1803 optval = imo->imo_multicast_vif;
1804 else
1805 optval = -1;
1806 INP_WUNLOCK(inp);
1807 error = sooptcopyout(sopt, &optval, sizeof(int));
1808 break;
1809
1810 case IP_MULTICAST_IF:
1811 memset(&mreqn, 0, sizeof(struct ip_mreqn));
1812 if (imo != NULL) {
1813 ifp = imo->imo_multicast_ifp;
1814 if (!in_nullhost(imo->imo_multicast_addr)) {
1815 mreqn.imr_address = imo->imo_multicast_addr;
1816 } else if (ifp != NULL) {
1817 struct epoch_tracker et;
1818
1819 mreqn.imr_ifindex = ifp->if_index;
1820 NET_EPOCH_ENTER(et);
1821 IFP_TO_IA(ifp, ia, &in_ifa_tracker);
1822 if (ia != NULL)
1823 mreqn.imr_address =
1824 IA_SIN(ia)->sin_addr;
1825 NET_EPOCH_EXIT(et);
1826 }
1827 }
1828 INP_WUNLOCK(inp);
1829 if (sopt->sopt_valsize == sizeof(struct ip_mreqn)) {
1830 error = sooptcopyout(sopt, &mreqn,
1831 sizeof(struct ip_mreqn));
1832 } else {
1833 error = sooptcopyout(sopt, &mreqn.imr_address,
1834 sizeof(struct in_addr));
1835 }
1836 break;
1837
1838 case IP_MULTICAST_TTL:
1839 if (imo == NULL)
1840 optval = coptval = IP_DEFAULT_MULTICAST_TTL;
1841 else
1842 optval = coptval = imo->imo_multicast_ttl;
1843 INP_WUNLOCK(inp);
1844 if (sopt->sopt_valsize == sizeof(u_char))
1845 error = sooptcopyout(sopt, &coptval, sizeof(u_char));
1846 else
1847 error = sooptcopyout(sopt, &optval, sizeof(int));
1848 break;
1849
1850 case IP_MULTICAST_LOOP:
1851 if (imo == NULL)
1852 optval = coptval = IP_DEFAULT_MULTICAST_LOOP;
1853 else
1854 optval = coptval = imo->imo_multicast_loop;
1855 INP_WUNLOCK(inp);
1856 if (sopt->sopt_valsize == sizeof(u_char))
1857 error = sooptcopyout(sopt, &coptval, sizeof(u_char));
1858 else
1859 error = sooptcopyout(sopt, &optval, sizeof(int));
1860 break;
1861
1862 case IP_MSFILTER:
1863 if (imo == NULL) {
1864 error = EADDRNOTAVAIL;
1865 INP_WUNLOCK(inp);
1866 } else {
1867 error = inp_get_source_filters(inp, sopt);
1868 }
1869 break;
1870
1871 default:
1872 INP_WUNLOCK(inp);
1873 error = ENOPROTOOPT;
1874 break;
1875 }
1876
1877 INP_UNLOCK_ASSERT(inp);
1878
1879 return (error);
1880 }
1881
1882 /*
1883 * Look up the ifnet to use for a multicast group membership,
1884 * given the IPv4 address of an interface, and the IPv4 group address.
1885 *
1886 * This routine exists to support legacy multicast applications
1887 * which do not understand that multicast memberships are scoped to
1888 * specific physical links in the networking stack, or which need
1889 * to join link-scope groups before IPv4 addresses are configured.
1890 *
1891 * Use this socket's current FIB number for any required FIB lookup.
1892 * If ina is INADDR_ANY, look up the group address in the unicast FIB,
1893 * and use its ifp; usually, this points to the default next-hop.
1894 *
1895 * If the FIB lookup fails, attempt to use the first non-loopback
1896 * interface with multicast capability in the system as a
1897 * last resort. The legacy IPv4 ASM API requires that we do
1898 * this in order to allow groups to be joined when the routing
1899 * table has not yet been populated during boot.
1900 *
1901 * Returns NULL if no ifp could be found, otherwise return referenced ifp.
1902 *
1903 * FUTURE: Implement IPv4 source-address selection.
1904 */
1905 static struct ifnet *
inp_lookup_mcast_ifp(const struct inpcb * inp,const struct sockaddr_in * gsin,const struct in_addr ina)1906 inp_lookup_mcast_ifp(const struct inpcb *inp,
1907 const struct sockaddr_in *gsin, const struct in_addr ina)
1908 {
1909 struct rm_priotracker in_ifa_tracker;
1910 struct ifnet *ifp;
1911 struct nhop_object *nh;
1912
1913 KASSERT(inp != NULL, ("%s: inp must not be NULL", __func__));
1914 KASSERT(gsin->sin_family == AF_INET, ("%s: not AF_INET", __func__));
1915 KASSERT(IN_MULTICAST(ntohl(gsin->sin_addr.s_addr)),
1916 ("%s: not multicast", __func__));
1917
1918 ifp = NULL;
1919 if (!in_nullhost(ina)) {
1920 IN_IFADDR_RLOCK(&in_ifa_tracker);
1921 INADDR_TO_IFP(ina, ifp);
1922 if (ifp != NULL)
1923 if_ref(ifp);
1924 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
1925 } else {
1926 nh = fib4_lookup(inp->inp_inc.inc_fibnum, gsin->sin_addr, 0, NHR_NONE, 0);
1927 if (nh != NULL) {
1928 ifp = nh->nh_ifp;
1929 if_ref(ifp);
1930 } else {
1931 struct in_ifaddr *ia;
1932 struct ifnet *mifp;
1933
1934 mifp = NULL;
1935 IN_IFADDR_RLOCK(&in_ifa_tracker);
1936 CK_STAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) {
1937 mifp = ia->ia_ifp;
1938 if (!(mifp->if_flags & IFF_LOOPBACK) &&
1939 (mifp->if_flags & IFF_MULTICAST)) {
1940 ifp = mifp;
1941 if_ref(ifp);
1942 break;
1943 }
1944 }
1945 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
1946 }
1947 }
1948
1949 return (ifp);
1950 }
1951
1952 /*
1953 * Join an IPv4 multicast group, possibly with a source.
1954 */
1955 static int
inp_join_group(struct inpcb * inp,struct sockopt * sopt)1956 inp_join_group(struct inpcb *inp, struct sockopt *sopt)
1957 {
1958 struct group_source_req gsr;
1959 sockunion_t *gsa, *ssa;
1960 struct ifnet *ifp;
1961 struct in_mfilter *imf;
1962 struct ip_moptions *imo;
1963 struct in_multi *inm;
1964 struct in_msource *lims;
1965 struct epoch_tracker et;
1966 int error, is_new;
1967
1968 ifp = NULL;
1969 lims = NULL;
1970 error = 0;
1971
1972 memset(&gsr, 0, sizeof(struct group_source_req));
1973 gsa = (sockunion_t *)&gsr.gsr_group;
1974 gsa->ss.ss_family = AF_UNSPEC;
1975 ssa = (sockunion_t *)&gsr.gsr_source;
1976 ssa->ss.ss_family = AF_UNSPEC;
1977
1978 switch (sopt->sopt_name) {
1979 case IP_ADD_MEMBERSHIP: {
1980 struct ip_mreqn mreqn;
1981
1982 if (sopt->sopt_valsize == sizeof(struct ip_mreqn))
1983 error = sooptcopyin(sopt, &mreqn,
1984 sizeof(struct ip_mreqn), sizeof(struct ip_mreqn));
1985 else
1986 error = sooptcopyin(sopt, &mreqn,
1987 sizeof(struct ip_mreq), sizeof(struct ip_mreq));
1988 if (error)
1989 return (error);
1990
1991 gsa->sin.sin_family = AF_INET;
1992 gsa->sin.sin_len = sizeof(struct sockaddr_in);
1993 gsa->sin.sin_addr = mreqn.imr_multiaddr;
1994 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
1995 return (EINVAL);
1996
1997 NET_EPOCH_ENTER(et);
1998 if (sopt->sopt_valsize == sizeof(struct ip_mreqn) &&
1999 mreqn.imr_ifindex != 0)
2000 ifp = ifnet_byindex_ref(mreqn.imr_ifindex);
2001 else
2002 ifp = inp_lookup_mcast_ifp(inp, &gsa->sin,
2003 mreqn.imr_address);
2004 NET_EPOCH_EXIT(et);
2005 break;
2006 }
2007 case IP_ADD_SOURCE_MEMBERSHIP: {
2008 struct ip_mreq_source mreqs;
2009
2010 error = sooptcopyin(sopt, &mreqs, sizeof(struct ip_mreq_source),
2011 sizeof(struct ip_mreq_source));
2012 if (error)
2013 return (error);
2014
2015 gsa->sin.sin_family = ssa->sin.sin_family = AF_INET;
2016 gsa->sin.sin_len = ssa->sin.sin_len =
2017 sizeof(struct sockaddr_in);
2018
2019 gsa->sin.sin_addr = mreqs.imr_multiaddr;
2020 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
2021 return (EINVAL);
2022
2023 ssa->sin.sin_addr = mreqs.imr_sourceaddr;
2024
2025 NET_EPOCH_ENTER(et);
2026 ifp = inp_lookup_mcast_ifp(inp, &gsa->sin,
2027 mreqs.imr_interface);
2028 NET_EPOCH_EXIT(et);
2029 CTR3(KTR_IGMPV3, "%s: imr_interface = 0x%08x, ifp = %p",
2030 __func__, ntohl(mreqs.imr_interface.s_addr), ifp);
2031 break;
2032 }
2033
2034 case MCAST_JOIN_GROUP:
2035 case MCAST_JOIN_SOURCE_GROUP:
2036 if (sopt->sopt_name == MCAST_JOIN_GROUP) {
2037 error = sooptcopyin(sopt, &gsr,
2038 sizeof(struct group_req),
2039 sizeof(struct group_req));
2040 } else if (sopt->sopt_name == MCAST_JOIN_SOURCE_GROUP) {
2041 error = sooptcopyin(sopt, &gsr,
2042 sizeof(struct group_source_req),
2043 sizeof(struct group_source_req));
2044 }
2045 if (error)
2046 return (error);
2047
2048 if (gsa->sin.sin_family != AF_INET ||
2049 gsa->sin.sin_len != sizeof(struct sockaddr_in))
2050 return (EINVAL);
2051
2052 /*
2053 * Overwrite the port field if present, as the sockaddr
2054 * being copied in may be matched with a binary comparison.
2055 */
2056 gsa->sin.sin_port = 0;
2057 if (sopt->sopt_name == MCAST_JOIN_SOURCE_GROUP) {
2058 if (ssa->sin.sin_family != AF_INET ||
2059 ssa->sin.sin_len != sizeof(struct sockaddr_in))
2060 return (EINVAL);
2061 ssa->sin.sin_port = 0;
2062 }
2063
2064 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
2065 return (EINVAL);
2066
2067 if (gsr.gsr_interface == 0 || V_if_index < gsr.gsr_interface)
2068 return (EADDRNOTAVAIL);
2069 NET_EPOCH_ENTER(et);
2070 ifp = ifnet_byindex_ref(gsr.gsr_interface);
2071 NET_EPOCH_EXIT(et);
2072 break;
2073
2074 default:
2075 CTR2(KTR_IGMPV3, "%s: unknown sopt_name %d",
2076 __func__, sopt->sopt_name);
2077 return (EOPNOTSUPP);
2078 break;
2079 }
2080
2081 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) {
2082 if (ifp != NULL)
2083 if_rele(ifp);
2084 return (EADDRNOTAVAIL);
2085 }
2086
2087 IN_MULTI_LOCK();
2088
2089 /*
2090 * Find the membership in the membership list.
2091 */
2092 imo = inp_findmoptions(inp);
2093 imf = imo_match_group(imo, ifp, &gsa->sa);
2094 if (imf == NULL) {
2095 is_new = 1;
2096 inm = NULL;
2097
2098 if (ip_mfilter_count(&imo->imo_head) >= IP_MAX_MEMBERSHIPS) {
2099 error = ENOMEM;
2100 goto out_inp_locked;
2101 }
2102 } else {
2103 is_new = 0;
2104 inm = imf->imf_inm;
2105
2106 if (ssa->ss.ss_family != AF_UNSPEC) {
2107 /*
2108 * MCAST_JOIN_SOURCE_GROUP on an exclusive membership
2109 * is an error. On an existing inclusive membership,
2110 * it just adds the source to the filter list.
2111 */
2112 if (imf->imf_st[1] != MCAST_INCLUDE) {
2113 error = EINVAL;
2114 goto out_inp_locked;
2115 }
2116 /*
2117 * Throw out duplicates.
2118 *
2119 * XXX FIXME: This makes a naive assumption that
2120 * even if entries exist for *ssa in this imf,
2121 * they will be rejected as dupes, even if they
2122 * are not valid in the current mode (in-mode).
2123 *
2124 * in_msource is transactioned just as for anything
2125 * else in SSM -- but note naive use of inm_graft()
2126 * below for allocating new filter entries.
2127 *
2128 * This is only an issue if someone mixes the
2129 * full-state SSM API with the delta-based API,
2130 * which is discouraged in the relevant RFCs.
2131 */
2132 lims = imo_match_source(imf, &ssa->sa);
2133 if (lims != NULL /*&&
2134 lims->imsl_st[1] == MCAST_INCLUDE*/) {
2135 error = EADDRNOTAVAIL;
2136 goto out_inp_locked;
2137 }
2138 } else {
2139 /*
2140 * MCAST_JOIN_GROUP on an existing exclusive
2141 * membership is an error; return EADDRINUSE
2142 * to preserve 4.4BSD API idempotence, and
2143 * avoid tedious detour to code below.
2144 * NOTE: This is bending RFC 3678 a bit.
2145 *
2146 * On an existing inclusive membership, this is also
2147 * an error; if you want to change filter mode,
2148 * you must use the userland API setsourcefilter().
2149 * XXX We don't reject this for imf in UNDEFINED
2150 * state at t1, because allocation of a filter
2151 * is atomic with allocation of a membership.
2152 */
2153 error = EINVAL;
2154 if (imf->imf_st[1] == MCAST_EXCLUDE)
2155 error = EADDRINUSE;
2156 goto out_inp_locked;
2157 }
2158 }
2159
2160 /*
2161 * Begin state merge transaction at socket layer.
2162 */
2163 INP_WLOCK_ASSERT(inp);
2164
2165 /*
2166 * Graft new source into filter list for this inpcb's
2167 * membership of the group. The in_multi may not have
2168 * been allocated yet if this is a new membership, however,
2169 * the in_mfilter slot will be allocated and must be initialized.
2170 *
2171 * Note: Grafting of exclusive mode filters doesn't happen
2172 * in this path.
2173 * XXX: Should check for non-NULL lims (node exists but may
2174 * not be in-mode) for interop with full-state API.
2175 */
2176 if (ssa->ss.ss_family != AF_UNSPEC) {
2177 /* Membership starts in IN mode */
2178 if (is_new) {
2179 CTR1(KTR_IGMPV3, "%s: new join w/source", __func__);
2180 imf = ip_mfilter_alloc(M_NOWAIT, MCAST_UNDEFINED, MCAST_INCLUDE);
2181 if (imf == NULL) {
2182 error = ENOMEM;
2183 goto out_inp_locked;
2184 }
2185 } else {
2186 CTR2(KTR_IGMPV3, "%s: %s source", __func__, "allow");
2187 }
2188 lims = imf_graft(imf, MCAST_INCLUDE, &ssa->sin);
2189 if (lims == NULL) {
2190 CTR1(KTR_IGMPV3, "%s: merge imf state failed",
2191 __func__);
2192 error = ENOMEM;
2193 goto out_inp_locked;
2194 }
2195 } else {
2196 /* No address specified; Membership starts in EX mode */
2197 if (is_new) {
2198 CTR1(KTR_IGMPV3, "%s: new join w/o source", __func__);
2199 imf = ip_mfilter_alloc(M_NOWAIT, MCAST_UNDEFINED, MCAST_EXCLUDE);
2200 if (imf == NULL) {
2201 error = ENOMEM;
2202 goto out_inp_locked;
2203 }
2204 }
2205 }
2206
2207 /*
2208 * Begin state merge transaction at IGMP layer.
2209 */
2210 if (is_new) {
2211 in_pcbref(inp);
2212 INP_WUNLOCK(inp);
2213
2214 error = in_joingroup_locked(ifp, &gsa->sin.sin_addr, imf,
2215 &imf->imf_inm);
2216
2217 INP_WLOCK(inp);
2218 if (in_pcbrele_wlocked(inp)) {
2219 error = ENXIO;
2220 goto out_inp_unlocked;
2221 }
2222 if (error) {
2223 CTR1(KTR_IGMPV3, "%s: in_joingroup_locked failed",
2224 __func__);
2225 goto out_inp_locked;
2226 }
2227 /*
2228 * NOTE: Refcount from in_joingroup_locked()
2229 * is protecting membership.
2230 */
2231 ip_mfilter_insert(&imo->imo_head, imf);
2232 } else {
2233 CTR1(KTR_IGMPV3, "%s: merge inm state", __func__);
2234 IN_MULTI_LIST_LOCK();
2235 error = inm_merge(inm, imf);
2236 if (error) {
2237 CTR1(KTR_IGMPV3, "%s: failed to merge inm state",
2238 __func__);
2239 IN_MULTI_LIST_UNLOCK();
2240 imf_rollback(imf);
2241 imf_reap(imf);
2242 goto out_inp_locked;
2243 }
2244 CTR1(KTR_IGMPV3, "%s: doing igmp downcall", __func__);
2245 error = igmp_change_state(inm);
2246 IN_MULTI_LIST_UNLOCK();
2247 if (error) {
2248 CTR1(KTR_IGMPV3, "%s: failed igmp downcall",
2249 __func__);
2250 imf_rollback(imf);
2251 imf_reap(imf);
2252 goto out_inp_locked;
2253 }
2254 }
2255
2256 imf_commit(imf);
2257 imf = NULL;
2258
2259 out_inp_locked:
2260 INP_WUNLOCK(inp);
2261 out_inp_unlocked:
2262 IN_MULTI_UNLOCK();
2263
2264 if (is_new && imf) {
2265 if (imf->imf_inm != NULL) {
2266 IN_MULTI_LIST_LOCK();
2267 IF_ADDR_WLOCK(ifp);
2268 inm_release_deferred(imf->imf_inm);
2269 IF_ADDR_WUNLOCK(ifp);
2270 IN_MULTI_LIST_UNLOCK();
2271 }
2272 ip_mfilter_free(imf);
2273 }
2274 if_rele(ifp);
2275 return (error);
2276 }
2277
2278 /*
2279 * Leave an IPv4 multicast group on an inpcb, possibly with a source.
2280 */
2281 static int
inp_leave_group(struct inpcb * inp,struct sockopt * sopt)2282 inp_leave_group(struct inpcb *inp, struct sockopt *sopt)
2283 {
2284 struct group_source_req gsr;
2285 struct ip_mreq_source mreqs;
2286 struct rm_priotracker in_ifa_tracker;
2287 sockunion_t *gsa, *ssa;
2288 struct ifnet *ifp;
2289 struct in_mfilter *imf;
2290 struct ip_moptions *imo;
2291 struct in_msource *ims;
2292 struct in_multi *inm;
2293 int error;
2294 bool is_final;
2295
2296 ifp = NULL;
2297 error = 0;
2298 is_final = true;
2299
2300 memset(&gsr, 0, sizeof(struct group_source_req));
2301 gsa = (sockunion_t *)&gsr.gsr_group;
2302 gsa->ss.ss_family = AF_UNSPEC;
2303 ssa = (sockunion_t *)&gsr.gsr_source;
2304 ssa->ss.ss_family = AF_UNSPEC;
2305
2306 switch (sopt->sopt_name) {
2307 case IP_DROP_MEMBERSHIP:
2308 case IP_DROP_SOURCE_MEMBERSHIP:
2309 if (sopt->sopt_name == IP_DROP_MEMBERSHIP) {
2310 error = sooptcopyin(sopt, &mreqs,
2311 sizeof(struct ip_mreq),
2312 sizeof(struct ip_mreq));
2313 /*
2314 * Swap interface and sourceaddr arguments,
2315 * as ip_mreq and ip_mreq_source are laid
2316 * out differently.
2317 */
2318 mreqs.imr_interface = mreqs.imr_sourceaddr;
2319 mreqs.imr_sourceaddr.s_addr = INADDR_ANY;
2320 } else if (sopt->sopt_name == IP_DROP_SOURCE_MEMBERSHIP) {
2321 error = sooptcopyin(sopt, &mreqs,
2322 sizeof(struct ip_mreq_source),
2323 sizeof(struct ip_mreq_source));
2324 }
2325 if (error)
2326 return (error);
2327
2328 gsa->sin.sin_family = AF_INET;
2329 gsa->sin.sin_len = sizeof(struct sockaddr_in);
2330 gsa->sin.sin_addr = mreqs.imr_multiaddr;
2331
2332 if (sopt->sopt_name == IP_DROP_SOURCE_MEMBERSHIP) {
2333 ssa->sin.sin_family = AF_INET;
2334 ssa->sin.sin_len = sizeof(struct sockaddr_in);
2335 ssa->sin.sin_addr = mreqs.imr_sourceaddr;
2336 }
2337
2338 /*
2339 * Attempt to look up hinted ifp from interface address.
2340 * Fallthrough with null ifp iff lookup fails, to
2341 * preserve 4.4BSD mcast API idempotence.
2342 * XXX NOTE WELL: The RFC 3678 API is preferred because
2343 * using an IPv4 address as a key is racy.
2344 */
2345 if (!in_nullhost(mreqs.imr_interface)) {
2346 IN_IFADDR_RLOCK(&in_ifa_tracker);
2347 INADDR_TO_IFP(mreqs.imr_interface, ifp);
2348 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
2349 }
2350 CTR3(KTR_IGMPV3, "%s: imr_interface = 0x%08x, ifp = %p",
2351 __func__, ntohl(mreqs.imr_interface.s_addr), ifp);
2352
2353 break;
2354
2355 case MCAST_LEAVE_GROUP:
2356 case MCAST_LEAVE_SOURCE_GROUP:
2357 if (sopt->sopt_name == MCAST_LEAVE_GROUP) {
2358 error = sooptcopyin(sopt, &gsr,
2359 sizeof(struct group_req),
2360 sizeof(struct group_req));
2361 } else if (sopt->sopt_name == MCAST_LEAVE_SOURCE_GROUP) {
2362 error = sooptcopyin(sopt, &gsr,
2363 sizeof(struct group_source_req),
2364 sizeof(struct group_source_req));
2365 }
2366 if (error)
2367 return (error);
2368
2369 if (gsa->sin.sin_family != AF_INET ||
2370 gsa->sin.sin_len != sizeof(struct sockaddr_in))
2371 return (EINVAL);
2372
2373 if (sopt->sopt_name == MCAST_LEAVE_SOURCE_GROUP) {
2374 if (ssa->sin.sin_family != AF_INET ||
2375 ssa->sin.sin_len != sizeof(struct sockaddr_in))
2376 return (EINVAL);
2377 }
2378
2379 if (gsr.gsr_interface == 0 || V_if_index < gsr.gsr_interface)
2380 return (EADDRNOTAVAIL);
2381
2382 ifp = ifnet_byindex(gsr.gsr_interface);
2383
2384 if (ifp == NULL)
2385 return (EADDRNOTAVAIL);
2386 break;
2387
2388 default:
2389 CTR2(KTR_IGMPV3, "%s: unknown sopt_name %d",
2390 __func__, sopt->sopt_name);
2391 return (EOPNOTSUPP);
2392 break;
2393 }
2394
2395 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
2396 return (EINVAL);
2397
2398 IN_MULTI_LOCK();
2399
2400 /*
2401 * Find the membership in the membership list.
2402 */
2403 imo = inp_findmoptions(inp);
2404 imf = imo_match_group(imo, ifp, &gsa->sa);
2405 if (imf == NULL) {
2406 error = EADDRNOTAVAIL;
2407 goto out_inp_locked;
2408 }
2409 inm = imf->imf_inm;
2410
2411 if (ssa->ss.ss_family != AF_UNSPEC)
2412 is_final = false;
2413
2414 /*
2415 * Begin state merge transaction at socket layer.
2416 */
2417 INP_WLOCK_ASSERT(inp);
2418
2419 /*
2420 * If we were instructed only to leave a given source, do so.
2421 * MCAST_LEAVE_SOURCE_GROUP is only valid for inclusive memberships.
2422 */
2423 if (is_final) {
2424 ip_mfilter_remove(&imo->imo_head, imf);
2425 imf_leave(imf);
2426
2427 /*
2428 * Give up the multicast address record to which
2429 * the membership points.
2430 */
2431 (void) in_leavegroup_locked(imf->imf_inm, imf);
2432 } else {
2433 if (imf->imf_st[0] == MCAST_EXCLUDE) {
2434 error = EADDRNOTAVAIL;
2435 goto out_inp_locked;
2436 }
2437 ims = imo_match_source(imf, &ssa->sa);
2438 if (ims == NULL) {
2439 CTR3(KTR_IGMPV3, "%s: source 0x%08x %spresent",
2440 __func__, ntohl(ssa->sin.sin_addr.s_addr), "not ");
2441 error = EADDRNOTAVAIL;
2442 goto out_inp_locked;
2443 }
2444 CTR2(KTR_IGMPV3, "%s: %s source", __func__, "block");
2445 error = imf_prune(imf, &ssa->sin);
2446 if (error) {
2447 CTR1(KTR_IGMPV3, "%s: merge imf state failed",
2448 __func__);
2449 goto out_inp_locked;
2450 }
2451 }
2452
2453 /*
2454 * Begin state merge transaction at IGMP layer.
2455 */
2456 if (!is_final) {
2457 CTR1(KTR_IGMPV3, "%s: merge inm state", __func__);
2458 IN_MULTI_LIST_LOCK();
2459 error = inm_merge(inm, imf);
2460 if (error) {
2461 CTR1(KTR_IGMPV3, "%s: failed to merge inm state",
2462 __func__);
2463 IN_MULTI_LIST_UNLOCK();
2464 imf_rollback(imf);
2465 imf_reap(imf);
2466 goto out_inp_locked;
2467 }
2468
2469 CTR1(KTR_IGMPV3, "%s: doing igmp downcall", __func__);
2470 error = igmp_change_state(inm);
2471 IN_MULTI_LIST_UNLOCK();
2472 if (error) {
2473 CTR1(KTR_IGMPV3, "%s: failed igmp downcall",
2474 __func__);
2475 imf_rollback(imf);
2476 imf_reap(imf);
2477 goto out_inp_locked;
2478 }
2479 }
2480 imf_commit(imf);
2481 imf_reap(imf);
2482
2483 out_inp_locked:
2484 INP_WUNLOCK(inp);
2485
2486 if (is_final && imf)
2487 ip_mfilter_free(imf);
2488
2489 IN_MULTI_UNLOCK();
2490 return (error);
2491 }
2492
2493 /*
2494 * Select the interface for transmitting IPv4 multicast datagrams.
2495 *
2496 * Either an instance of struct in_addr or an instance of struct ip_mreqn
2497 * may be passed to this socket option. An address of INADDR_ANY or an
2498 * interface index of 0 is used to remove a previous selection.
2499 * When no interface is selected, one is chosen for every send.
2500 */
2501 static int
inp_set_multicast_if(struct inpcb * inp,struct sockopt * sopt)2502 inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt)
2503 {
2504 struct rm_priotracker in_ifa_tracker;
2505 struct in_addr addr;
2506 struct ip_mreqn mreqn;
2507 struct ifnet *ifp;
2508 struct ip_moptions *imo;
2509 int error;
2510
2511 if (sopt->sopt_valsize == sizeof(struct ip_mreqn)) {
2512 /*
2513 * An interface index was specified using the
2514 * Linux-derived ip_mreqn structure.
2515 */
2516 error = sooptcopyin(sopt, &mreqn, sizeof(struct ip_mreqn),
2517 sizeof(struct ip_mreqn));
2518 if (error)
2519 return (error);
2520
2521 if (mreqn.imr_ifindex < 0 || V_if_index < mreqn.imr_ifindex)
2522 return (EINVAL);
2523
2524 if (mreqn.imr_ifindex == 0) {
2525 ifp = NULL;
2526 } else {
2527 ifp = ifnet_byindex(mreqn.imr_ifindex);
2528 if (ifp == NULL)
2529 return (EADDRNOTAVAIL);
2530 }
2531 } else {
2532 /*
2533 * An interface was specified by IPv4 address.
2534 * This is the traditional BSD usage.
2535 */
2536 error = sooptcopyin(sopt, &addr, sizeof(struct in_addr),
2537 sizeof(struct in_addr));
2538 if (error)
2539 return (error);
2540 if (in_nullhost(addr)) {
2541 ifp = NULL;
2542 } else {
2543 IN_IFADDR_RLOCK(&in_ifa_tracker);
2544 INADDR_TO_IFP(addr, ifp);
2545 IN_IFADDR_RUNLOCK(&in_ifa_tracker);
2546 if (ifp == NULL)
2547 return (EADDRNOTAVAIL);
2548 }
2549 CTR3(KTR_IGMPV3, "%s: ifp = %p, addr = 0x%08x", __func__, ifp,
2550 ntohl(addr.s_addr));
2551 }
2552
2553 /* Reject interfaces which do not support multicast. */
2554 if (ifp != NULL && (ifp->if_flags & IFF_MULTICAST) == 0)
2555 return (EOPNOTSUPP);
2556
2557 imo = inp_findmoptions(inp);
2558 imo->imo_multicast_ifp = ifp;
2559 imo->imo_multicast_addr.s_addr = INADDR_ANY;
2560 INP_WUNLOCK(inp);
2561
2562 return (0);
2563 }
2564
2565 /*
2566 * Atomically set source filters on a socket for an IPv4 multicast group.
2567 *
2568 * SMPng: NOTE: Potentially calls malloc(M_WAITOK) with Giant held.
2569 */
2570 static int
inp_set_source_filters(struct inpcb * inp,struct sockopt * sopt)2571 inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt)
2572 {
2573 struct __msfilterreq msfr;
2574 sockunion_t *gsa;
2575 struct ifnet *ifp;
2576 struct in_mfilter *imf;
2577 struct ip_moptions *imo;
2578 struct in_multi *inm;
2579 int error;
2580
2581 error = sooptcopyin(sopt, &msfr, sizeof(struct __msfilterreq),
2582 sizeof(struct __msfilterreq));
2583 if (error)
2584 return (error);
2585
2586 if (msfr.msfr_nsrcs > in_mcast_maxsocksrc)
2587 return (ENOBUFS);
2588
2589 if ((msfr.msfr_fmode != MCAST_EXCLUDE &&
2590 msfr.msfr_fmode != MCAST_INCLUDE))
2591 return (EINVAL);
2592
2593 if (msfr.msfr_group.ss_family != AF_INET ||
2594 msfr.msfr_group.ss_len != sizeof(struct sockaddr_in))
2595 return (EINVAL);
2596
2597 gsa = (sockunion_t *)&msfr.msfr_group;
2598 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
2599 return (EINVAL);
2600
2601 gsa->sin.sin_port = 0; /* ignore port */
2602
2603 if (msfr.msfr_ifindex == 0 || V_if_index < msfr.msfr_ifindex)
2604 return (EADDRNOTAVAIL);
2605
2606 ifp = ifnet_byindex(msfr.msfr_ifindex);
2607 if (ifp == NULL)
2608 return (EADDRNOTAVAIL);
2609
2610 IN_MULTI_LOCK();
2611
2612 /*
2613 * Take the INP write lock.
2614 * Check if this socket is a member of this group.
2615 */
2616 imo = inp_findmoptions(inp);
2617 imf = imo_match_group(imo, ifp, &gsa->sa);
2618 if (imf == NULL) {
2619 error = EADDRNOTAVAIL;
2620 goto out_inp_locked;
2621 }
2622 inm = imf->imf_inm;
2623
2624 /*
2625 * Begin state merge transaction at socket layer.
2626 */
2627 INP_WLOCK_ASSERT(inp);
2628
2629 imf->imf_st[1] = msfr.msfr_fmode;
2630
2631 /*
2632 * Apply any new source filters, if present.
2633 * Make a copy of the user-space source vector so
2634 * that we may copy them with a single copyin. This
2635 * allows us to deal with page faults up-front.
2636 */
2637 if (msfr.msfr_nsrcs > 0) {
2638 struct in_msource *lims;
2639 struct sockaddr_in *psin;
2640 struct sockaddr_storage *kss, *pkss;
2641 int i;
2642
2643 INP_WUNLOCK(inp);
2644
2645 CTR2(KTR_IGMPV3, "%s: loading %lu source list entries",
2646 __func__, (unsigned long)msfr.msfr_nsrcs);
2647 kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs,
2648 M_TEMP, M_WAITOK);
2649 error = copyin(msfr.msfr_srcs, kss,
2650 sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs);
2651 if (error) {
2652 free(kss, M_TEMP);
2653 return (error);
2654 }
2655
2656 INP_WLOCK(inp);
2657
2658 /*
2659 * Mark all source filters as UNDEFINED at t1.
2660 * Restore new group filter mode, as imf_leave()
2661 * will set it to INCLUDE.
2662 */
2663 imf_leave(imf);
2664 imf->imf_st[1] = msfr.msfr_fmode;
2665
2666 /*
2667 * Update socket layer filters at t1, lazy-allocating
2668 * new entries. This saves a bunch of memory at the
2669 * cost of one RB_FIND() per source entry; duplicate
2670 * entries in the msfr_nsrcs vector are ignored.
2671 * If we encounter an error, rollback transaction.
2672 *
2673 * XXX This too could be replaced with a set-symmetric
2674 * difference like loop to avoid walking from root
2675 * every time, as the key space is common.
2676 */
2677 for (i = 0, pkss = kss; i < msfr.msfr_nsrcs; i++, pkss++) {
2678 psin = (struct sockaddr_in *)pkss;
2679 if (psin->sin_family != AF_INET) {
2680 error = EAFNOSUPPORT;
2681 break;
2682 }
2683 if (psin->sin_len != sizeof(struct sockaddr_in)) {
2684 error = EINVAL;
2685 break;
2686 }
2687 error = imf_get_source(imf, psin, &lims);
2688 if (error)
2689 break;
2690 lims->imsl_st[1] = imf->imf_st[1];
2691 }
2692 free(kss, M_TEMP);
2693 }
2694
2695 if (error)
2696 goto out_imf_rollback;
2697
2698 INP_WLOCK_ASSERT(inp);
2699
2700 /*
2701 * Begin state merge transaction at IGMP layer.
2702 */
2703 CTR1(KTR_IGMPV3, "%s: merge inm state", __func__);
2704 IN_MULTI_LIST_LOCK();
2705 error = inm_merge(inm, imf);
2706 if (error) {
2707 CTR1(KTR_IGMPV3, "%s: failed to merge inm state", __func__);
2708 IN_MULTI_LIST_UNLOCK();
2709 goto out_imf_rollback;
2710 }
2711
2712 CTR1(KTR_IGMPV3, "%s: doing igmp downcall", __func__);
2713 error = igmp_change_state(inm);
2714 IN_MULTI_LIST_UNLOCK();
2715 if (error)
2716 CTR1(KTR_IGMPV3, "%s: failed igmp downcall", __func__);
2717
2718 out_imf_rollback:
2719 if (error)
2720 imf_rollback(imf);
2721 else
2722 imf_commit(imf);
2723
2724 imf_reap(imf);
2725
2726 out_inp_locked:
2727 INP_WUNLOCK(inp);
2728 IN_MULTI_UNLOCK();
2729 return (error);
2730 }
2731
2732 /*
2733 * Set the IP multicast options in response to user setsockopt().
2734 *
2735 * Many of the socket options handled in this function duplicate the
2736 * functionality of socket options in the regular unicast API. However,
2737 * it is not possible to merge the duplicate code, because the idempotence
2738 * of the IPv4 multicast part of the BSD Sockets API must be preserved;
2739 * the effects of these options must be treated as separate and distinct.
2740 *
2741 * SMPng: XXX: Unlocked read of inp_socket believed OK.
2742 * FUTURE: The IP_MULTICAST_VIF option may be eliminated if MROUTING
2743 * is refactored to no longer use vifs.
2744 */
2745 int
inp_setmoptions(struct inpcb * inp,struct sockopt * sopt)2746 inp_setmoptions(struct inpcb *inp, struct sockopt *sopt)
2747 {
2748 struct ip_moptions *imo;
2749 int error;
2750
2751 error = 0;
2752
2753 /*
2754 * If socket is neither of type SOCK_RAW or SOCK_DGRAM,
2755 * or is a divert socket, reject it.
2756 */
2757 if (inp->inp_socket->so_proto->pr_protocol == IPPROTO_DIVERT ||
2758 (inp->inp_socket->so_proto->pr_type != SOCK_RAW &&
2759 inp->inp_socket->so_proto->pr_type != SOCK_DGRAM))
2760 return (EOPNOTSUPP);
2761
2762 switch (sopt->sopt_name) {
2763 case IP_MULTICAST_VIF: {
2764 int vifi;
2765 /*
2766 * Select a multicast VIF for transmission.
2767 * Only useful if multicast forwarding is active.
2768 */
2769 if (legal_vif_num == NULL) {
2770 error = EOPNOTSUPP;
2771 break;
2772 }
2773 error = sooptcopyin(sopt, &vifi, sizeof(int), sizeof(int));
2774 if (error)
2775 break;
2776 if (!legal_vif_num(vifi) && (vifi != -1)) {
2777 error = EINVAL;
2778 break;
2779 }
2780 imo = inp_findmoptions(inp);
2781 imo->imo_multicast_vif = vifi;
2782 INP_WUNLOCK(inp);
2783 break;
2784 }
2785
2786 case IP_MULTICAST_IF:
2787 error = inp_set_multicast_if(inp, sopt);
2788 break;
2789
2790 case IP_MULTICAST_TTL: {
2791 u_char ttl;
2792
2793 /*
2794 * Set the IP time-to-live for outgoing multicast packets.
2795 * The original multicast API required a char argument,
2796 * which is inconsistent with the rest of the socket API.
2797 * We allow either a char or an int.
2798 */
2799 if (sopt->sopt_valsize == sizeof(u_char)) {
2800 error = sooptcopyin(sopt, &ttl, sizeof(u_char),
2801 sizeof(u_char));
2802 if (error)
2803 break;
2804 } else {
2805 u_int ittl;
2806
2807 error = sooptcopyin(sopt, &ittl, sizeof(u_int),
2808 sizeof(u_int));
2809 if (error)
2810 break;
2811 if (ittl > 255) {
2812 error = EINVAL;
2813 break;
2814 }
2815 ttl = (u_char)ittl;
2816 }
2817 imo = inp_findmoptions(inp);
2818 imo->imo_multicast_ttl = ttl;
2819 INP_WUNLOCK(inp);
2820 break;
2821 }
2822
2823 case IP_MULTICAST_LOOP: {
2824 u_char loop;
2825
2826 /*
2827 * Set the loopback flag for outgoing multicast packets.
2828 * Must be zero or one. The original multicast API required a
2829 * char argument, which is inconsistent with the rest
2830 * of the socket API. We allow either a char or an int.
2831 */
2832 if (sopt->sopt_valsize == sizeof(u_char)) {
2833 error = sooptcopyin(sopt, &loop, sizeof(u_char),
2834 sizeof(u_char));
2835 if (error)
2836 break;
2837 } else {
2838 u_int iloop;
2839
2840 error = sooptcopyin(sopt, &iloop, sizeof(u_int),
2841 sizeof(u_int));
2842 if (error)
2843 break;
2844 loop = (u_char)iloop;
2845 }
2846 imo = inp_findmoptions(inp);
2847 imo->imo_multicast_loop = !!loop;
2848 INP_WUNLOCK(inp);
2849 break;
2850 }
2851
2852 case IP_ADD_MEMBERSHIP:
2853 case IP_ADD_SOURCE_MEMBERSHIP:
2854 case MCAST_JOIN_GROUP:
2855 case MCAST_JOIN_SOURCE_GROUP:
2856 error = inp_join_group(inp, sopt);
2857 break;
2858
2859 case IP_DROP_MEMBERSHIP:
2860 case IP_DROP_SOURCE_MEMBERSHIP:
2861 case MCAST_LEAVE_GROUP:
2862 case MCAST_LEAVE_SOURCE_GROUP:
2863 error = inp_leave_group(inp, sopt);
2864 break;
2865
2866 case IP_BLOCK_SOURCE:
2867 case IP_UNBLOCK_SOURCE:
2868 case MCAST_BLOCK_SOURCE:
2869 case MCAST_UNBLOCK_SOURCE:
2870 error = inp_block_unblock_source(inp, sopt);
2871 break;
2872
2873 case IP_MSFILTER:
2874 error = inp_set_source_filters(inp, sopt);
2875 break;
2876
2877 default:
2878 error = EOPNOTSUPP;
2879 break;
2880 }
2881
2882 INP_UNLOCK_ASSERT(inp);
2883
2884 return (error);
2885 }
2886
2887 /*
2888 * Expose IGMP's multicast filter mode and source list(s) to userland,
2889 * keyed by (ifindex, group).
2890 * The filter mode is written out as a uint32_t, followed by
2891 * 0..n of struct in_addr.
2892 * For use by ifmcstat(8).
2893 * SMPng: NOTE: unlocked read of ifindex space.
2894 */
2895 static int
sysctl_ip_mcast_filters(SYSCTL_HANDLER_ARGS)2896 sysctl_ip_mcast_filters(SYSCTL_HANDLER_ARGS)
2897 {
2898 struct in_addr src, group;
2899 struct epoch_tracker et;
2900 struct ifnet *ifp;
2901 struct ifmultiaddr *ifma;
2902 struct in_multi *inm;
2903 struct ip_msource *ims;
2904 int *name;
2905 int retval;
2906 u_int namelen;
2907 uint32_t fmode, ifindex;
2908
2909 name = (int *)arg1;
2910 namelen = arg2;
2911
2912 if (req->newptr != NULL)
2913 return (EPERM);
2914
2915 if (namelen != 2)
2916 return (EINVAL);
2917
2918 ifindex = name[0];
2919 if (ifindex <= 0 || ifindex > V_if_index) {
2920 CTR2(KTR_IGMPV3, "%s: ifindex %u out of range",
2921 __func__, ifindex);
2922 return (ENOENT);
2923 }
2924
2925 group.s_addr = name[1];
2926 if (!IN_MULTICAST(ntohl(group.s_addr))) {
2927 CTR2(KTR_IGMPV3, "%s: group 0x%08x is not multicast",
2928 __func__, ntohl(group.s_addr));
2929 return (EINVAL);
2930 }
2931
2932 NET_EPOCH_ENTER(et);
2933 ifp = ifnet_byindex(ifindex);
2934 if (ifp == NULL) {
2935 NET_EPOCH_EXIT(et);
2936 CTR2(KTR_IGMPV3, "%s: no ifp for ifindex %u",
2937 __func__, ifindex);
2938 return (ENOENT);
2939 }
2940
2941 retval = sysctl_wire_old_buffer(req,
2942 sizeof(uint32_t) + (in_mcast_maxgrpsrc * sizeof(struct in_addr)));
2943 if (retval) {
2944 NET_EPOCH_EXIT(et);
2945 return (retval);
2946 }
2947
2948 IN_MULTI_LIST_LOCK();
2949
2950 CK_STAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) {
2951 inm = inm_ifmultiaddr_get_inm(ifma);
2952 if (inm == NULL)
2953 continue;
2954 if (!in_hosteq(inm->inm_addr, group))
2955 continue;
2956 fmode = inm->inm_st[1].iss_fmode;
2957 retval = SYSCTL_OUT(req, &fmode, sizeof(uint32_t));
2958 if (retval != 0)
2959 break;
2960 RB_FOREACH(ims, ip_msource_tree, &inm->inm_srcs) {
2961 CTR2(KTR_IGMPV3, "%s: visit node 0x%08x", __func__,
2962 ims->ims_haddr);
2963 /*
2964 * Only copy-out sources which are in-mode.
2965 */
2966 if (fmode != ims_get_mode(inm, ims, 1)) {
2967 CTR1(KTR_IGMPV3, "%s: skip non-in-mode",
2968 __func__);
2969 continue;
2970 }
2971 src.s_addr = htonl(ims->ims_haddr);
2972 retval = SYSCTL_OUT(req, &src, sizeof(struct in_addr));
2973 if (retval != 0)
2974 break;
2975 }
2976 }
2977
2978 IN_MULTI_LIST_UNLOCK();
2979 NET_EPOCH_EXIT(et);
2980
2981 return (retval);
2982 }
2983
2984 #if defined(KTR) && (KTR_COMPILE & KTR_IGMPV3)
2985
2986 static const char *inm_modestrs[] = {
2987 [MCAST_UNDEFINED] = "un",
2988 [MCAST_INCLUDE] = "in",
2989 [MCAST_EXCLUDE] = "ex",
2990 };
2991 _Static_assert(MCAST_UNDEFINED == 0 &&
2992 MCAST_EXCLUDE + 1 == nitems(inm_modestrs),
2993 "inm_modestrs: no longer matches #defines");
2994
2995 static const char *
inm_mode_str(const int mode)2996 inm_mode_str(const int mode)
2997 {
2998
2999 if (mode >= MCAST_UNDEFINED && mode <= MCAST_EXCLUDE)
3000 return (inm_modestrs[mode]);
3001 return ("??");
3002 }
3003
3004 static const char *inm_statestrs[] = {
3005 [IGMP_NOT_MEMBER] = "not-member",
3006 [IGMP_SILENT_MEMBER] = "silent",
3007 [IGMP_REPORTING_MEMBER] = "reporting",
3008 [IGMP_IDLE_MEMBER] = "idle",
3009 [IGMP_LAZY_MEMBER] = "lazy",
3010 [IGMP_SLEEPING_MEMBER] = "sleeping",
3011 [IGMP_AWAKENING_MEMBER] = "awakening",
3012 [IGMP_G_QUERY_PENDING_MEMBER] = "query-pending",
3013 [IGMP_SG_QUERY_PENDING_MEMBER] = "sg-query-pending",
3014 [IGMP_LEAVING_MEMBER] = "leaving",
3015 };
3016 _Static_assert(IGMP_NOT_MEMBER == 0 &&
3017 IGMP_LEAVING_MEMBER + 1 == nitems(inm_statestrs),
3018 "inm_statetrs: no longer matches #defines");
3019
3020 static const char *
inm_state_str(const int state)3021 inm_state_str(const int state)
3022 {
3023
3024 if (state >= IGMP_NOT_MEMBER && state <= IGMP_LEAVING_MEMBER)
3025 return (inm_statestrs[state]);
3026 return ("??");
3027 }
3028
3029 /*
3030 * Dump an in_multi structure to the console.
3031 */
3032 void
inm_print(const struct in_multi * inm)3033 inm_print(const struct in_multi *inm)
3034 {
3035 int t;
3036 char addrbuf[INET_ADDRSTRLEN];
3037
3038 if ((ktr_mask & KTR_IGMPV3) == 0)
3039 return;
3040
3041 printf("%s: --- begin inm %p ---\n", __func__, inm);
3042 printf("addr %s ifp %p(%s) ifma %p\n",
3043 inet_ntoa_r(inm->inm_addr, addrbuf),
3044 inm->inm_ifp,
3045 inm->inm_ifp->if_xname,
3046 inm->inm_ifma);
3047 printf("timer %u state %s refcount %u scq.len %u\n",
3048 inm->inm_timer,
3049 inm_state_str(inm->inm_state),
3050 inm->inm_refcount,
3051 inm->inm_scq.mq_len);
3052 printf("igi %p nsrc %lu sctimer %u scrv %u\n",
3053 inm->inm_igi,
3054 inm->inm_nsrc,
3055 inm->inm_sctimer,
3056 inm->inm_scrv);
3057 for (t = 0; t < 2; t++) {
3058 printf("t%d: fmode %s asm %u ex %u in %u rec %u\n", t,
3059 inm_mode_str(inm->inm_st[t].iss_fmode),
3060 inm->inm_st[t].iss_asm,
3061 inm->inm_st[t].iss_ex,
3062 inm->inm_st[t].iss_in,
3063 inm->inm_st[t].iss_rec);
3064 }
3065 printf("%s: --- end inm %p ---\n", __func__, inm);
3066 }
3067
3068 #else /* !KTR || !(KTR_COMPILE & KTR_IGMPV3) */
3069
3070 void
inm_print(const struct in_multi * inm)3071 inm_print(const struct in_multi *inm)
3072 {
3073
3074 }
3075
3076 #endif /* KTR && (KTR_COMPILE & KTR_IGMPV3) */
3077
3078 RB_GENERATE(ip_msource_tree, ip_msource, ims_link, ip_msource_cmp);
3079