]> git.saurik.com Git - apple/xnu.git/blame - bsd/netinet/in_mcast.c
xnu-3248.50.21.tar.gz
[apple/xnu.git] / bsd / netinet / in_mcast.c
CommitLineData
6d2010ae 1/*
39236c6e 2 * Copyright (c) 2010-2013 Apple Inc. All rights reserved.
6d2010ae
A
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*-
29 * Copyright (c) 2007-2009 Bruce Simpson.
30 * Copyright (c) 2005 Robert N. M. Watson.
31 * All rights reserved.
32 *
33 * Redistribution and use in source and binary forms, with or without
34 * modification, are permitted provided that the following conditions
35 * are met:
36 * 1. Redistributions of source code must retain the above copyright
37 * notice, this list of conditions and the following disclaimer.
38 * 2. Redistributions in binary form must reproduce the above copyright
39 * notice, this list of conditions and the following disclaimer in the
40 * documentation and/or other materials provided with the distribution.
41 * 3. The name of the author may not be used to endorse or promote
42 * products derived from this software without specific prior written
43 * permission.
44 *
45 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
48 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
55 * SUCH DAMAGE.
56 */
57
58/*
59 * IPv4 multicast socket, group, and socket option processing module.
60 */
61
62#include <sys/cdefs.h>
63
64#include <sys/param.h>
65#include <sys/systm.h>
66#include <sys/kernel.h>
67#include <sys/malloc.h>
68#include <sys/mbuf.h>
69#include <sys/protosw.h>
70#include <sys/socket.h>
71#include <sys/socketvar.h>
72#include <sys/protosw.h>
73#include <sys/sysctl.h>
74#include <sys/tree.h>
75#include <sys/mcache.h>
76
77#include <kern/zalloc.h>
78
79#include <pexpert/pexpert.h>
80
81#include <net/if.h>
82#include <net/if_dl.h>
83#include <net/route.h>
84
85#include <netinet/in.h>
86#include <netinet/in_systm.h>
87#include <netinet/in_pcb.h>
88#include <netinet/in_var.h>
89#include <netinet/ip_var.h>
90#include <netinet/igmp_var.h>
91
92#ifndef __SOCKUNION_DECLARED
93union sockunion {
94 struct sockaddr_storage ss;
95 struct sockaddr sa;
96 struct sockaddr_dl sdl;
97 struct sockaddr_in sin;
98};
99typedef union sockunion sockunion_t;
100#define __SOCKUNION_DECLARED
101#endif /* __SOCKUNION_DECLARED */
102
103/*
104 * Functions with non-static linkage defined in this file should be
105 * declared in in_var.h:
106 * imo_multi_filter()
107 * in_addmulti()
108 * in_delmulti()
109 * in_joingroup()
110 * in_leavegroup()
111 * and ip_var.h:
112 * inp_freemoptions()
113 * inp_getmoptions()
114 * inp_setmoptions()
115 *
116 * XXX: Both carp and pf need to use the legacy (*,G) KPIs in_addmulti()
117 * and in_delmulti().
118 */
119static void imf_commit(struct in_mfilter *);
120static int imf_get_source(struct in_mfilter *imf,
121 const struct sockaddr_in *psin,
122 struct in_msource **);
123static struct in_msource *
124 imf_graft(struct in_mfilter *, const uint8_t,
125 const struct sockaddr_in *);
126static int imf_prune(struct in_mfilter *, const struct sockaddr_in *);
127static void imf_rollback(struct in_mfilter *);
128static void imf_reap(struct in_mfilter *);
129static int imo_grow(struct ip_moptions *, size_t);
130static size_t imo_match_group(const struct ip_moptions *,
131 const struct ifnet *, const struct sockaddr *);
132static struct in_msource *
133 imo_match_source(const struct ip_moptions *, const size_t,
134 const struct sockaddr *);
135static void ims_merge(struct ip_msource *ims,
136 const struct in_msource *lims, const int rollback);
137static int in_getmulti(struct ifnet *, const struct in_addr *,
138 struct in_multi **);
139static int in_joingroup(struct ifnet *, const struct in_addr *,
140 struct in_mfilter *, struct in_multi **);
141static int inm_get_source(struct in_multi *inm, const in_addr_t haddr,
142 const int noalloc, struct ip_msource **pims);
143static int inm_is_ifp_detached(const struct in_multi *);
144static int inm_merge(struct in_multi *, /*const*/ struct in_mfilter *);
145static void inm_reap(struct in_multi *);
146static struct ip_moptions *
147 inp_findmoptions(struct inpcb *);
148static int inp_get_source_filters(struct inpcb *, struct sockopt *);
149static struct ifnet *
150 inp_lookup_mcast_ifp(const struct inpcb *,
151 const struct sockaddr_in *, const struct in_addr);
152static int inp_block_unblock_source(struct inpcb *, struct sockopt *);
153static int inp_set_multicast_if(struct inpcb *, struct sockopt *);
154static int inp_set_source_filters(struct inpcb *, struct sockopt *);
155static int sysctl_ip_mcast_filters SYSCTL_HANDLER_ARGS;
156static struct ifnet * ip_multicast_if(struct in_addr *, unsigned int *);
157static __inline__ int ip_msource_cmp(const struct ip_msource *,
158 const struct ip_msource *);
159
160SYSCTL_NODE(_net_inet_ip, OID_AUTO, mcast, CTLFLAG_RW | CTLFLAG_LOCKED, 0, "IPv4 multicast");
161
162static u_long in_mcast_maxgrpsrc = IP_MAX_GROUP_SRC_FILTER;
163SYSCTL_LONG(_net_inet_ip_mcast, OID_AUTO, maxgrpsrc,
164 CTLFLAG_RW | CTLFLAG_LOCKED, &in_mcast_maxgrpsrc, "Max source filters per group");
165
166static u_long in_mcast_maxsocksrc = IP_MAX_SOCK_SRC_FILTER;
167SYSCTL_LONG(_net_inet_ip_mcast, OID_AUTO, maxsocksrc,
168 CTLFLAG_RW | CTLFLAG_LOCKED, &in_mcast_maxsocksrc,
169 "Max source filters per socket");
170
171int in_mcast_loop = IP_DEFAULT_MULTICAST_LOOP;
172SYSCTL_INT(_net_inet_ip_mcast, OID_AUTO, loop, CTLFLAG_RW | CTLFLAG_LOCKED,
173 &in_mcast_loop, 0, "Loopback multicast datagrams by default");
174
175SYSCTL_NODE(_net_inet_ip_mcast, OID_AUTO, filters,
176 CTLFLAG_RD | CTLFLAG_LOCKED, sysctl_ip_mcast_filters,
177 "Per-interface stack-wide source filters");
178
179RB_GENERATE_PREV(ip_msource_tree, ip_msource, ims_link, ip_msource_cmp);
180
181#define INM_TRACE_HIST_SIZE 32 /* size of trace history */
182
183/* For gdb */
184__private_extern__ unsigned int inm_trace_hist_size = INM_TRACE_HIST_SIZE;
185
186struct in_multi_dbg {
187 struct in_multi inm; /* in_multi */
188 u_int16_t inm_refhold_cnt; /* # of ref */
189 u_int16_t inm_refrele_cnt; /* # of rele */
190 /*
191 * Circular lists of inm_addref and inm_remref callers.
192 */
193 ctrace_t inm_refhold[INM_TRACE_HIST_SIZE];
194 ctrace_t inm_refrele[INM_TRACE_HIST_SIZE];
195 /*
196 * Trash list linkage
197 */
198 TAILQ_ENTRY(in_multi_dbg) inm_trash_link;
199};
200
201/* List of trash in_multi entries protected by inm_trash_lock */
202static TAILQ_HEAD(, in_multi_dbg) inm_trash_head;
203static decl_lck_mtx_data(, inm_trash_lock);
204
205#define INM_ZONE_MAX 64 /* maximum elements in zone */
206#define INM_ZONE_NAME "in_multi" /* zone name */
207
208#if DEBUG
209static unsigned int inm_debug = 1; /* debugging (enabled) */
210#else
211static unsigned int inm_debug; /* debugging (disabled) */
212#endif /* !DEBUG */
213static unsigned int inm_size; /* size of zone element */
214static struct zone *inm_zone; /* zone for in_multi */
215
216#define IPMS_ZONE_MAX 64 /* maximum elements in zone */
217#define IPMS_ZONE_NAME "ip_msource" /* zone name */
218
219static unsigned int ipms_size; /* size of zone element */
220static struct zone *ipms_zone; /* zone for ip_msource */
221
222#define INMS_ZONE_MAX 64 /* maximum elements in zone */
223#define INMS_ZONE_NAME "in_msource" /* zone name */
224
225static unsigned int inms_size; /* size of zone element */
226static struct zone *inms_zone; /* zone for in_msource */
227
228/* Lock group and attribute for in_multihead_lock lock */
229static lck_attr_t *in_multihead_lock_attr;
230static lck_grp_t *in_multihead_lock_grp;
231static lck_grp_attr_t *in_multihead_lock_grp_attr;
232
233static decl_lck_rw_data(, in_multihead_lock);
234struct in_multihead in_multihead;
235
236static struct in_multi *in_multi_alloc(int);
237static void in_multi_free(struct in_multi *);
238static void in_multi_attach(struct in_multi *);
239static void inm_trace(struct in_multi *, int);
240
241static struct ip_msource *ipms_alloc(int);
242static void ipms_free(struct ip_msource *);
243static struct in_msource *inms_alloc(int);
244static void inms_free(struct in_msource *);
245
6d2010ae
A
246static __inline int
247ip_msource_cmp(const struct ip_msource *a, const struct ip_msource *b)
248{
249
250 if (a->ims_haddr < b->ims_haddr)
251 return (-1);
252 if (a->ims_haddr == b->ims_haddr)
253 return (0);
254 return (1);
255}
256
257/*
258 * Inline function which wraps assertions for a valid ifp.
259 */
260static __inline__ int
261inm_is_ifp_detached(const struct in_multi *inm)
262{
263 VERIFY(inm->inm_ifma != NULL);
264 VERIFY(inm->inm_ifp == inm->inm_ifma->ifma_ifp);
265
266 return (!ifnet_is_attached(inm->inm_ifp, 0));
267}
268
269/*
270 * Initialize an in_mfilter structure to a known state at t0, t1
271 * with an empty source filter list.
272 */
273static __inline__ void
274imf_init(struct in_mfilter *imf, const int st0, const int st1)
275{
276 memset(imf, 0, sizeof(struct in_mfilter));
277 RB_INIT(&imf->imf_sources);
278 imf->imf_st[0] = st0;
279 imf->imf_st[1] = st1;
280}
281
282/*
283 * Resize the ip_moptions vector to the next power-of-two minus 1.
284 */
285static int
286imo_grow(struct ip_moptions *imo, size_t newmax)
287{
288 struct in_multi **nmships;
289 struct in_multi **omships;
290 struct in_mfilter *nmfilters;
291 struct in_mfilter *omfilters;
292 size_t idx;
293 size_t oldmax;
294
295 IMO_LOCK_ASSERT_HELD(imo);
296
297 nmships = NULL;
298 nmfilters = NULL;
299 omships = imo->imo_membership;
300 omfilters = imo->imo_mfilters;
301 oldmax = imo->imo_max_memberships;
302 if (newmax == 0)
303 newmax = ((oldmax + 1) * 2) - 1;
304
305 if (newmax > IP_MAX_MEMBERSHIPS)
306 return (ETOOMANYREFS);
307
308 if ((nmships = (struct in_multi **)_REALLOC(omships,
309 sizeof (struct in_multi *) * newmax, M_IPMOPTS,
310 M_WAITOK | M_ZERO)) == NULL)
311 return (ENOMEM);
312
313 imo->imo_membership = nmships;
314
315 if ((nmfilters = (struct in_mfilter *)_REALLOC(omfilters,
316 sizeof (struct in_mfilter) * newmax, M_INMFILTER,
317 M_WAITOK | M_ZERO)) == NULL)
318 return (ENOMEM);
319
320 imo->imo_mfilters = nmfilters;
321
322 /* Initialize newly allocated source filter heads. */
323 for (idx = oldmax; idx < newmax; idx++)
324 imf_init(&nmfilters[idx], MCAST_UNDEFINED, MCAST_EXCLUDE);
325
326 imo->imo_max_memberships = newmax;
327
328 return (0);
329}
330
331/*
332 * Find an IPv4 multicast group entry for this ip_moptions instance
333 * which matches the specified group, and optionally an interface.
334 * Return its index into the array, or -1 if not found.
335 */
336static size_t
337imo_match_group(const struct ip_moptions *imo, const struct ifnet *ifp,
338 const struct sockaddr *group)
339{
340 const struct sockaddr_in *gsin;
341 struct in_multi *pinm;
342 int idx;
343 int nmships;
344
39236c6e 345 IMO_LOCK_ASSERT_HELD(__DECONST(struct ip_moptions *, imo));
6d2010ae 346
316670eb 347 gsin = (struct sockaddr_in *)(uintptr_t)(size_t)group;
6d2010ae
A
348
349 /* The imo_membership array may be lazy allocated. */
350 if (imo->imo_membership == NULL || imo->imo_num_memberships == 0)
351 return (-1);
352
353 nmships = imo->imo_num_memberships;
354 for (idx = 0; idx < nmships; idx++) {
355 pinm = imo->imo_membership[idx];
356 if (pinm == NULL)
357 continue;
358 INM_LOCK(pinm);
359 if ((ifp == NULL || (pinm->inm_ifp == ifp)) &&
360 in_hosteq(pinm->inm_addr, gsin->sin_addr)) {
361 INM_UNLOCK(pinm);
362 break;
363 }
364 INM_UNLOCK(pinm);
365 }
366 if (idx >= nmships)
367 idx = -1;
368
369 return (idx);
370}
371
372/*
373 * Find an IPv4 multicast source entry for this imo which matches
374 * the given group index for this socket, and source address.
375 *
376 * NOTE: This does not check if the entry is in-mode, merely if
377 * it exists, which may not be the desired behaviour.
378 */
379static struct in_msource *
380imo_match_source(const struct ip_moptions *imo, const size_t gidx,
381 const struct sockaddr *src)
382{
383 struct ip_msource find;
384 struct in_mfilter *imf;
385 struct ip_msource *ims;
386 const sockunion_t *psa;
387
39236c6e 388 IMO_LOCK_ASSERT_HELD(__DECONST(struct ip_moptions *, imo));
6d2010ae
A
389
390 VERIFY(src->sa_family == AF_INET);
391 VERIFY(gidx != (size_t)-1 && gidx < imo->imo_num_memberships);
392
393 /* The imo_mfilters array may be lazy allocated. */
394 if (imo->imo_mfilters == NULL)
395 return (NULL);
396 imf = &imo->imo_mfilters[gidx];
397
398 /* Source trees are keyed in host byte order. */
316670eb 399 psa = (sockunion_t *)(uintptr_t)(size_t)src;
6d2010ae
A
400 find.ims_haddr = ntohl(psa->sin.sin_addr.s_addr);
401 ims = RB_FIND(ip_msource_tree, &imf->imf_sources, &find);
402
403 return ((struct in_msource *)ims);
404}
405
406/*
407 * Perform filtering for multicast datagrams on a socket by group and source.
408 *
409 * Returns 0 if a datagram should be allowed through, or various error codes
410 * if the socket was not a member of the group, or the source was muted, etc.
411 */
412int
413imo_multi_filter(const struct ip_moptions *imo, const struct ifnet *ifp,
414 const struct sockaddr *group, const struct sockaddr *src)
415{
416 size_t gidx;
417 struct in_msource *ims;
418 int mode;
419
39236c6e 420 IMO_LOCK_ASSERT_HELD(__DECONST(struct ip_moptions *, imo));
6d2010ae
A
421 VERIFY(ifp != NULL);
422
423 gidx = imo_match_group(imo, ifp, group);
424 if (gidx == (size_t)-1)
425 return (MCAST_NOTGMEMBER);
426
427 /*
428 * Check if the source was included in an (S,G) join.
429 * Allow reception on exclusive memberships by default,
430 * reject reception on inclusive memberships by default.
431 * Exclude source only if an in-mode exclude filter exists.
432 * Include source only if an in-mode include filter exists.
433 * NOTE: We are comparing group state here at IGMP t1 (now)
434 * with socket-layer t0 (since last downcall).
435 */
436 mode = imo->imo_mfilters[gidx].imf_st[1];
437 ims = imo_match_source(imo, gidx, src);
438
439 if ((ims == NULL && mode == MCAST_INCLUDE) ||
440 (ims != NULL && ims->imsl_st[0] != mode)) {
441 return (MCAST_NOTSMEMBER);
442 }
443
444 return (MCAST_PASS);
445}
446
447int
316670eb 448imo_clone(struct inpcb *from_inp, struct inpcb *to_inp)
6d2010ae
A
449{
450 int i, err = 0;
316670eb
A
451 struct ip_moptions *from;
452 struct ip_moptions *to;
453
454 from = inp_findmoptions(from_inp);
455 if (from == NULL)
456 return (ENOMEM);
457
458 to = inp_findmoptions(to_inp);
459 if (to == NULL) {
460 IMO_REMREF(from);
461 return (ENOMEM);
462 }
6d2010ae
A
463
464 IMO_LOCK(from);
465 IMO_LOCK(to);
466
467 to->imo_multicast_ifp = from->imo_multicast_ifp;
468 to->imo_multicast_vif = from->imo_multicast_vif;
469 to->imo_multicast_ttl = from->imo_multicast_ttl;
470 to->imo_multicast_loop = from->imo_multicast_loop;
471
472 /*
473 * We're cloning, so drop any existing memberships and source
474 * filters on the destination ip_moptions.
475 */
476 for (i = 0; i < to->imo_num_memberships; ++i) {
477 struct in_mfilter *imf;
478
479 imf = to->imo_mfilters ? &to->imo_mfilters[i] : NULL;
480 if (imf != NULL)
481 imf_leave(imf);
482
483 (void) in_leavegroup(to->imo_membership[i], imf);
484
485 if (imf != NULL)
486 imf_purge(imf);
487
488 INM_REMREF(to->imo_membership[i]);
489 to->imo_membership[i] = NULL;
490 }
491 to->imo_num_memberships = 0;
492
493 VERIFY(to->imo_max_memberships != 0 && from->imo_max_memberships != 0);
494 if (to->imo_max_memberships < from->imo_max_memberships) {
495 /*
496 * Ensure source and destination ip_moptions memberships
497 * and source filters arrays are at least equal in size.
498 */
499 err = imo_grow(to, from->imo_max_memberships);
500 if (err != 0)
501 goto done;
502 }
503 VERIFY(to->imo_max_memberships >= from->imo_max_memberships);
504
505 /*
506 * Source filtering doesn't apply to OpenTransport socket,
507 * so simply hold additional reference count per membership.
508 */
316670eb
A
509 for (i = 0; i < from->imo_num_memberships; i++) {
510 to->imo_membership[i] =
511 in_addmulti(&from->imo_membership[i]->inm_addr,
512 from->imo_membership[i]->inm_ifp);
513 if (to->imo_membership[i] == NULL)
514 break;
6d2010ae
A
515 to->imo_num_memberships++;
516 }
517 VERIFY(to->imo_num_memberships == from->imo_num_memberships);
518
519done:
520 IMO_UNLOCK(to);
316670eb 521 IMO_REMREF(to);
6d2010ae 522 IMO_UNLOCK(from);
316670eb 523 IMO_REMREF(from);
6d2010ae
A
524
525 return (err);
526}
527
528/*
529 * Find and return a reference to an in_multi record for (ifp, group),
530 * and bump its reference count.
531 * If one does not exist, try to allocate it, and update link-layer multicast
532 * filters on ifp to listen for group.
533 * Return 0 if successful, otherwise return an appropriate error code.
534 */
535static int
536in_getmulti(struct ifnet *ifp, const struct in_addr *group,
537 struct in_multi **pinm)
538{
539 struct sockaddr_in gsin;
540 struct ifmultiaddr *ifma;
541 struct in_multi *inm;
542 int error;
543
544 in_multihead_lock_shared();
545 IN_LOOKUP_MULTI(group, ifp, inm);
546 if (inm != NULL) {
547 INM_LOCK(inm);
548 VERIFY(inm->inm_reqcnt >= 1);
549 inm->inm_reqcnt++;
550 VERIFY(inm->inm_reqcnt != 0);
551 *pinm = inm;
552 INM_UNLOCK(inm);
553 in_multihead_lock_done();
554 /*
555 * We already joined this group; return the inm
556 * with a refcount held (via lookup) for caller.
557 */
558 return (0);
559 }
560 in_multihead_lock_done();
561
562 bzero(&gsin, sizeof(gsin));
563 gsin.sin_family = AF_INET;
564 gsin.sin_len = sizeof(struct sockaddr_in);
565 gsin.sin_addr = *group;
566
567 /*
568 * Check if a link-layer group is already associated
569 * with this network-layer group on the given ifnet.
570 */
571 error = if_addmulti(ifp, (struct sockaddr *)&gsin, &ifma);
572 if (error != 0)
573 return (error);
574
575 /*
576 * See comments in inm_remref() for access to ifma_protospec.
577 */
578 in_multihead_lock_exclusive();
579 IFMA_LOCK(ifma);
580 if ((inm = ifma->ifma_protospec) != NULL) {
581 VERIFY(ifma->ifma_addr != NULL);
582 VERIFY(ifma->ifma_addr->sa_family == AF_INET);
583 INM_ADDREF(inm); /* for caller */
584 IFMA_UNLOCK(ifma);
585 INM_LOCK(inm);
586 VERIFY(inm->inm_ifma == ifma);
587 VERIFY(inm->inm_ifp == ifp);
588 VERIFY(in_hosteq(inm->inm_addr, *group));
589 if (inm->inm_debug & IFD_ATTACHED) {
590 VERIFY(inm->inm_reqcnt >= 1);
591 inm->inm_reqcnt++;
592 VERIFY(inm->inm_reqcnt != 0);
593 *pinm = inm;
594 INM_UNLOCK(inm);
595 in_multihead_lock_done();
596 IFMA_REMREF(ifma);
597 /*
598 * We lost the race with another thread doing
599 * in_getmulti(); since this group has already
600 * been joined; return the inm with a refcount
601 * held for caller.
602 */
603 return (0);
604 }
605 /*
606 * We lost the race with another thread doing in_delmulti();
607 * the inm referring to the ifma has been detached, thus we
608 * reattach it back to the in_multihead list and return the
609 * inm with a refcount held for the caller.
610 */
611 in_multi_attach(inm);
612 VERIFY((inm->inm_debug &
613 (IFD_ATTACHED | IFD_TRASHED)) == IFD_ATTACHED);
614 *pinm = inm;
615 INM_UNLOCK(inm);
616 in_multihead_lock_done();
617 IFMA_REMREF(ifma);
618 return (0);
619 }
620 IFMA_UNLOCK(ifma);
621
622 /*
623 * A new in_multi record is needed; allocate and initialize it.
624 * We DO NOT perform an IGMP join as the in_ layer may need to
625 * push an initial source list down to IGMP to support SSM.
626 *
627 * The initial source filter state is INCLUDE, {} as per the RFC.
628 */
629 inm = in_multi_alloc(M_WAITOK);
630 if (inm == NULL) {
631 in_multihead_lock_done();
632 IFMA_REMREF(ifma);
633 return (ENOMEM);
634 }
635 INM_LOCK(inm);
636 inm->inm_addr = *group;
637 inm->inm_ifp = ifp;
638 inm->inm_igi = IGMP_IFINFO(ifp);
639 VERIFY(inm->inm_igi != NULL);
640 IGI_ADDREF(inm->inm_igi);
641 inm->inm_ifma = ifma; /* keep refcount from if_addmulti() */
642 inm->inm_state = IGMP_NOT_MEMBER;
643 /*
644 * Pending state-changes per group are subject to a bounds check.
645 */
646 inm->inm_scq.ifq_maxlen = IGMP_MAX_STATE_CHANGES;
647 inm->inm_st[0].iss_fmode = MCAST_UNDEFINED;
648 inm->inm_st[1].iss_fmode = MCAST_UNDEFINED;
649 RB_INIT(&inm->inm_srcs);
650 *pinm = inm;
651 in_multi_attach(inm);
652 VERIFY((inm->inm_debug & (IFD_ATTACHED | IFD_TRASHED)) == IFD_ATTACHED);
653 INM_ADDREF_LOCKED(inm); /* for caller */
654 INM_UNLOCK(inm);
655
656 IFMA_LOCK(ifma);
657 VERIFY(ifma->ifma_protospec == NULL);
658 ifma->ifma_protospec = inm;
659 IFMA_UNLOCK(ifma);
660 in_multihead_lock_done();
661
662 return (0);
663}
664
665/*
666 * Clear recorded source entries for a group.
667 * Used by the IGMP code.
668 * FIXME: Should reap.
669 */
670void
671inm_clear_recorded(struct in_multi *inm)
672{
673 struct ip_msource *ims;
674
675 INM_LOCK_ASSERT_HELD(inm);
676
677 RB_FOREACH(ims, ip_msource_tree, &inm->inm_srcs) {
678 if (ims->ims_stp) {
679 ims->ims_stp = 0;
680 --inm->inm_st[1].iss_rec;
681 }
682 }
683 VERIFY(inm->inm_st[1].iss_rec == 0);
684}
685
686/*
687 * Record a source as pending for a Source-Group IGMPv3 query.
688 * This lives here as it modifies the shared tree.
689 *
690 * inm is the group descriptor.
691 * naddr is the address of the source to record in network-byte order.
692 *
693 * If the net.inet.igmp.sgalloc sysctl is non-zero, we will
694 * lazy-allocate a source node in response to an SG query.
695 * Otherwise, no allocation is performed. This saves some memory
696 * with the trade-off that the source will not be reported to the
697 * router if joined in the window between the query response and
698 * the group actually being joined on the local host.
699 *
700 * Return 0 if the source didn't exist or was already marked as recorded.
701 * Return 1 if the source was marked as recorded by this function.
702 * Return <0 if any error occured (negated errno code).
703 */
704int
705inm_record_source(struct in_multi *inm, const in_addr_t naddr)
706{
707 struct ip_msource find;
708 struct ip_msource *ims, *nims;
709
710 INM_LOCK_ASSERT_HELD(inm);
711
712 find.ims_haddr = ntohl(naddr);
713 ims = RB_FIND(ip_msource_tree, &inm->inm_srcs, &find);
714 if (ims && ims->ims_stp)
715 return (0);
716 if (ims == NULL) {
717 if (inm->inm_nsrc == in_mcast_maxgrpsrc)
718 return (-ENOSPC);
719 nims = ipms_alloc(M_WAITOK);
720 if (nims == NULL)
721 return (-ENOMEM);
722 nims->ims_haddr = find.ims_haddr;
723 RB_INSERT(ip_msource_tree, &inm->inm_srcs, nims);
724 ++inm->inm_nsrc;
725 ims = nims;
726 }
727
728 /*
729 * Mark the source as recorded and update the recorded
730 * source count.
731 */
732 ++ims->ims_stp;
733 ++inm->inm_st[1].iss_rec;
734
735 return (1);
736}
737
738/*
739 * Return a pointer to an in_msource owned by an in_mfilter,
740 * given its source address.
741 * Lazy-allocate if needed. If this is a new entry its filter state is
742 * undefined at t0.
743 *
744 * imf is the filter set being modified.
745 * haddr is the source address in *host* byte-order.
746 *
747 * Caller is expected to be holding imo_lock.
748 */
749static int
750imf_get_source(struct in_mfilter *imf, const struct sockaddr_in *psin,
751 struct in_msource **plims)
752{
753 struct ip_msource find;
754 struct ip_msource *ims;
755 struct in_msource *lims;
756 int error;
757
758 error = 0;
759 ims = NULL;
760 lims = NULL;
761
762 /* key is host byte order */
763 find.ims_haddr = ntohl(psin->sin_addr.s_addr);
764 ims = RB_FIND(ip_msource_tree, &imf->imf_sources, &find);
765 lims = (struct in_msource *)ims;
766 if (lims == NULL) {
767 if (imf->imf_nsrc == in_mcast_maxsocksrc)
768 return (ENOSPC);
769 lims = inms_alloc(M_WAITOK);
770 if (lims == NULL)
771 return (ENOMEM);
772 lims->ims_haddr = find.ims_haddr;
773 lims->imsl_st[0] = MCAST_UNDEFINED;
774 RB_INSERT(ip_msource_tree, &imf->imf_sources,
775 (struct ip_msource *)lims);
776 ++imf->imf_nsrc;
777 }
778
779 *plims = lims;
780
781 return (error);
782}
783
784/*
785 * Graft a source entry into an existing socket-layer filter set,
786 * maintaining any required invariants and checking allocations.
787 *
788 * The source is marked as being in the new filter mode at t1.
789 *
790 * Return the pointer to the new node, otherwise return NULL.
791 *
792 * Caller is expected to be holding imo_lock.
793 */
794static struct in_msource *
795imf_graft(struct in_mfilter *imf, const uint8_t st1,
796 const struct sockaddr_in *psin)
797{
798 struct in_msource *lims;
799
800 lims = inms_alloc(M_WAITOK);
801 if (lims == NULL)
802 return (NULL);
803 lims->ims_haddr = ntohl(psin->sin_addr.s_addr);
804 lims->imsl_st[0] = MCAST_UNDEFINED;
805 lims->imsl_st[1] = st1;
806 RB_INSERT(ip_msource_tree, &imf->imf_sources,
807 (struct ip_msource *)lims);
808 ++imf->imf_nsrc;
809
810 return (lims);
811}
812
813/*
814 * Prune a source entry from an existing socket-layer filter set,
815 * maintaining any required invariants and checking allocations.
816 *
817 * The source is marked as being left at t1, it is not freed.
818 *
819 * Return 0 if no error occurred, otherwise return an errno value.
820 *
821 * Caller is expected to be holding imo_lock.
822 */
823static int
824imf_prune(struct in_mfilter *imf, const struct sockaddr_in *psin)
825{
826 struct ip_msource find;
827 struct ip_msource *ims;
828 struct in_msource *lims;
829
830 /* key is host byte order */
831 find.ims_haddr = ntohl(psin->sin_addr.s_addr);
832 ims = RB_FIND(ip_msource_tree, &imf->imf_sources, &find);
833 if (ims == NULL)
834 return (ENOENT);
835 lims = (struct in_msource *)ims;
836 lims->imsl_st[1] = MCAST_UNDEFINED;
837 return (0);
838}
839
840/*
841 * Revert socket-layer filter set deltas at t1 to t0 state.
842 *
843 * Caller is expected to be holding imo_lock.
844 */
845static void
846imf_rollback(struct in_mfilter *imf)
847{
848 struct ip_msource *ims, *tims;
849 struct in_msource *lims;
850
851 RB_FOREACH_SAFE(ims, ip_msource_tree, &imf->imf_sources, tims) {
852 lims = (struct in_msource *)ims;
853 if (lims->imsl_st[0] == lims->imsl_st[1]) {
854 /* no change at t1 */
855 continue;
856 } else if (lims->imsl_st[0] != MCAST_UNDEFINED) {
857 /* revert change to existing source at t1 */
858 lims->imsl_st[1] = lims->imsl_st[0];
859 } else {
860 /* revert source added t1 */
39236c6e
A
861 IGMP_PRINTF(("%s: free inms 0x%llx\n", __func__,
862 (uint64_t)VM_KERNEL_ADDRPERM(lims)));
6d2010ae
A
863 RB_REMOVE(ip_msource_tree, &imf->imf_sources, ims);
864 inms_free(lims);
865 imf->imf_nsrc--;
866 }
867 }
868 imf->imf_st[1] = imf->imf_st[0];
869}
870
871/*
872 * Mark socket-layer filter set as INCLUDE {} at t1.
873 *
874 * Caller is expected to be holding imo_lock.
875 */
876void
877imf_leave(struct in_mfilter *imf)
878{
879 struct ip_msource *ims;
880 struct in_msource *lims;
881
882 RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources) {
883 lims = (struct in_msource *)ims;
884 lims->imsl_st[1] = MCAST_UNDEFINED;
885 }
886 imf->imf_st[1] = MCAST_INCLUDE;
887}
888
889/*
890 * Mark socket-layer filter set deltas as committed.
891 *
892 * Caller is expected to be holding imo_lock.
893 */
894static void
895imf_commit(struct in_mfilter *imf)
896{
897 struct ip_msource *ims;
898 struct in_msource *lims;
899
900 RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources) {
901 lims = (struct in_msource *)ims;
902 lims->imsl_st[0] = lims->imsl_st[1];
903 }
904 imf->imf_st[0] = imf->imf_st[1];
905}
906
907/*
908 * Reap unreferenced sources from socket-layer filter set.
909 *
910 * Caller is expected to be holding imo_lock.
911 */
912static void
913imf_reap(struct in_mfilter *imf)
914{
915 struct ip_msource *ims, *tims;
916 struct in_msource *lims;
917
918 RB_FOREACH_SAFE(ims, ip_msource_tree, &imf->imf_sources, tims) {
919 lims = (struct in_msource *)ims;
920 if ((lims->imsl_st[0] == MCAST_UNDEFINED) &&
921 (lims->imsl_st[1] == MCAST_UNDEFINED)) {
39236c6e
A
922 IGMP_PRINTF(("%s: free inms 0x%llx\n", __func__,
923 (uint64_t)VM_KERNEL_ADDRPERM(lims)));
6d2010ae
A
924 RB_REMOVE(ip_msource_tree, &imf->imf_sources, ims);
925 inms_free(lims);
926 imf->imf_nsrc--;
927 }
928 }
929}
930
931/*
932 * Purge socket-layer filter set.
933 *
934 * Caller is expected to be holding imo_lock.
935 */
936void
937imf_purge(struct in_mfilter *imf)
938{
939 struct ip_msource *ims, *tims;
940 struct in_msource *lims;
941
942 RB_FOREACH_SAFE(ims, ip_msource_tree, &imf->imf_sources, tims) {
943 lims = (struct in_msource *)ims;
39236c6e
A
944 IGMP_PRINTF(("%s: free inms 0x%llx\n", __func__,
945 (uint64_t)VM_KERNEL_ADDRPERM(lims)));
6d2010ae
A
946 RB_REMOVE(ip_msource_tree, &imf->imf_sources, ims);
947 inms_free(lims);
948 imf->imf_nsrc--;
949 }
950 imf->imf_st[0] = imf->imf_st[1] = MCAST_UNDEFINED;
951 VERIFY(RB_EMPTY(&imf->imf_sources));
952}
953
954/*
955 * Look up a source filter entry for a multicast group.
956 *
957 * inm is the group descriptor to work with.
958 * haddr is the host-byte-order IPv4 address to look up.
959 * noalloc may be non-zero to suppress allocation of sources.
960 * *pims will be set to the address of the retrieved or allocated source.
961 *
962 * Return 0 if successful, otherwise return a non-zero error code.
963 */
964static int
965inm_get_source(struct in_multi *inm, const in_addr_t haddr,
966 const int noalloc, struct ip_msource **pims)
967{
968 struct ip_msource find;
969 struct ip_msource *ims, *nims;
970#ifdef IGMP_DEBUG
971 struct in_addr ia;
39236c6e 972 char buf[MAX_IPv4_STR_LEN];
6d2010ae
A
973#endif
974 INM_LOCK_ASSERT_HELD(inm);
975
976 find.ims_haddr = haddr;
977 ims = RB_FIND(ip_msource_tree, &inm->inm_srcs, &find);
978 if (ims == NULL && !noalloc) {
979 if (inm->inm_nsrc == in_mcast_maxgrpsrc)
980 return (ENOSPC);
981 nims = ipms_alloc(M_WAITOK);
982 if (nims == NULL)
983 return (ENOMEM);
984 nims->ims_haddr = haddr;
985 RB_INSERT(ip_msource_tree, &inm->inm_srcs, nims);
986 ++inm->inm_nsrc;
987 ims = nims;
988#ifdef IGMP_DEBUG
989 ia.s_addr = htonl(haddr);
39236c6e
A
990 inet_ntop(AF_INET, &ia, buf, sizeof(buf));
991 IGMP_PRINTF(("%s: allocated %s as 0x%llx\n", __func__,
992 buf, (uint64_t)VM_KERNEL_ADDRPERM(ims)));
6d2010ae
A
993#endif
994 }
995
996 *pims = ims;
997 return (0);
998}
999
1000/*
1001 * Helper function to derive the filter mode on a source entry
1002 * from its internal counters. Predicates are:
1003 * A source is only excluded if all listeners exclude it.
1004 * A source is only included if no listeners exclude it,
1005 * and at least one listener includes it.
1006 * May be used by ifmcstat(8).
1007 */
1008uint8_t
1009ims_get_mode(const struct in_multi *inm, const struct ip_msource *ims,
1010 uint8_t t)
1011{
39236c6e 1012 INM_LOCK_ASSERT_HELD(__DECONST(struct in_multi *, inm));
6d2010ae
A
1013
1014 t = !!t;
1015 if (inm->inm_st[t].iss_ex > 0 &&
1016 inm->inm_st[t].iss_ex == ims->ims_st[t].ex)
1017 return (MCAST_EXCLUDE);
1018 else if (ims->ims_st[t].in > 0 && ims->ims_st[t].ex == 0)
1019 return (MCAST_INCLUDE);
1020 return (MCAST_UNDEFINED);
1021}
1022
1023/*
1024 * Merge socket-layer source into IGMP-layer source.
1025 * If rollback is non-zero, perform the inverse of the merge.
1026 */
1027static void
1028ims_merge(struct ip_msource *ims, const struct in_msource *lims,
1029 const int rollback)
1030{
1031 int n = rollback ? -1 : 1;
1032#ifdef IGMP_DEBUG
1033 struct in_addr ia;
1034
1035 ia.s_addr = htonl(ims->ims_haddr);
1036#endif
1037
1038 if (lims->imsl_st[0] == MCAST_EXCLUDE) {
39236c6e
A
1039 IGMP_INET_PRINTF(ia,
1040 ("%s: t1 ex -= %d on %s\n",
1041 __func__, n, _igmp_inet_buf));
6d2010ae
A
1042 ims->ims_st[1].ex -= n;
1043 } else if (lims->imsl_st[0] == MCAST_INCLUDE) {
39236c6e
A
1044 IGMP_INET_PRINTF(ia,
1045 ("%s: t1 in -= %d on %s\n",
1046 __func__, n, _igmp_inet_buf));
6d2010ae
A
1047 ims->ims_st[1].in -= n;
1048 }
1049
1050 if (lims->imsl_st[1] == MCAST_EXCLUDE) {
39236c6e
A
1051 IGMP_INET_PRINTF(ia,
1052 ("%s: t1 ex += %d on %s\n",
1053 __func__, n, _igmp_inet_buf));
6d2010ae
A
1054 ims->ims_st[1].ex += n;
1055 } else if (lims->imsl_st[1] == MCAST_INCLUDE) {
39236c6e
A
1056 IGMP_INET_PRINTF(ia,
1057 ("%s: t1 in += %d on %s\n",
1058 __func__, n, _igmp_inet_buf));
6d2010ae
A
1059 ims->ims_st[1].in += n;
1060 }
1061}
1062
1063/*
1064 * Atomically update the global in_multi state, when a membership's
1065 * filter list is being updated in any way.
1066 *
1067 * imf is the per-inpcb-membership group filter pointer.
1068 * A fake imf may be passed for in-kernel consumers.
1069 *
1070 * XXX This is a candidate for a set-symmetric-difference style loop
1071 * which would eliminate the repeated lookup from root of ims nodes,
1072 * as they share the same key space.
1073 *
1074 * If any error occurred this function will back out of refcounts
1075 * and return a non-zero value.
1076 */
1077static int
1078inm_merge(struct in_multi *inm, /*const*/ struct in_mfilter *imf)
1079{
1080 struct ip_msource *ims, *nims;
1081 struct in_msource *lims;
1082 int schanged, error;
1083 int nsrc0, nsrc1;
1084
1085 INM_LOCK_ASSERT_HELD(inm);
1086
1087 schanged = 0;
1088 error = 0;
1089 nsrc1 = nsrc0 = 0;
1090
1091 /*
1092 * Update the source filters first, as this may fail.
1093 * Maintain count of in-mode filters at t0, t1. These are
1094 * used to work out if we transition into ASM mode or not.
1095 * Maintain a count of source filters whose state was
1096 * actually modified by this operation.
1097 */
1098 RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources) {
1099 lims = (struct in_msource *)ims;
1100 if (lims->imsl_st[0] == imf->imf_st[0]) nsrc0++;
1101 if (lims->imsl_st[1] == imf->imf_st[1]) nsrc1++;
1102 if (lims->imsl_st[0] == lims->imsl_st[1]) continue;
1103 error = inm_get_source(inm, lims->ims_haddr, 0, &nims);
1104 ++schanged;
1105 if (error)
1106 break;
1107 ims_merge(nims, lims, 0);
1108 }
1109 if (error) {
1110 struct ip_msource *bims;
1111
1112 RB_FOREACH_REVERSE_FROM(ims, ip_msource_tree, nims) {
1113 lims = (struct in_msource *)ims;
1114 if (lims->imsl_st[0] == lims->imsl_st[1])
1115 continue;
1116 (void) inm_get_source(inm, lims->ims_haddr, 1, &bims);
1117 if (bims == NULL)
1118 continue;
1119 ims_merge(bims, lims, 1);
1120 }
1121 goto out_reap;
1122 }
1123
1124 IGMP_PRINTF(("%s: imf filters in-mode: %d at t0, %d at t1\n",
1125 __func__, nsrc0, nsrc1));
1126
1127 /* Handle transition between INCLUDE {n} and INCLUDE {} on socket. */
1128 if (imf->imf_st[0] == imf->imf_st[1] &&
1129 imf->imf_st[1] == MCAST_INCLUDE) {
1130 if (nsrc1 == 0) {
1131 IGMP_PRINTF(("%s: --in on inm at t1\n", __func__));
1132 --inm->inm_st[1].iss_in;
1133 }
1134 }
1135
1136 /* Handle filter mode transition on socket. */
1137 if (imf->imf_st[0] != imf->imf_st[1]) {
1138 IGMP_PRINTF(("%s: imf transition %d to %d\n",
1139 __func__, imf->imf_st[0], imf->imf_st[1]));
1140
1141 if (imf->imf_st[0] == MCAST_EXCLUDE) {
1142 IGMP_PRINTF(("%s: --ex on inm at t1\n", __func__));
1143 --inm->inm_st[1].iss_ex;
1144 } else if (imf->imf_st[0] == MCAST_INCLUDE) {
1145 IGMP_PRINTF(("%s: --in on inm at t1\n", __func__));
1146 --inm->inm_st[1].iss_in;
1147 }
1148
1149 if (imf->imf_st[1] == MCAST_EXCLUDE) {
1150 IGMP_PRINTF(("%s: ex++ on inm at t1\n", __func__));
1151 inm->inm_st[1].iss_ex++;
1152 } else if (imf->imf_st[1] == MCAST_INCLUDE && nsrc1 > 0) {
1153 IGMP_PRINTF(("%s: in++ on inm at t1\n", __func__));
1154 inm->inm_st[1].iss_in++;
1155 }
1156 }
1157
1158 /*
1159 * Track inm filter state in terms of listener counts.
1160 * If there are any exclusive listeners, stack-wide
1161 * membership is exclusive.
1162 * Otherwise, if only inclusive listeners, stack-wide is inclusive.
1163 * If no listeners remain, state is undefined at t1,
1164 * and the IGMP lifecycle for this group should finish.
1165 */
1166 if (inm->inm_st[1].iss_ex > 0) {
1167 IGMP_PRINTF(("%s: transition to EX\n", __func__));
1168 inm->inm_st[1].iss_fmode = MCAST_EXCLUDE;
1169 } else if (inm->inm_st[1].iss_in > 0) {
1170 IGMP_PRINTF(("%s: transition to IN\n", __func__));
1171 inm->inm_st[1].iss_fmode = MCAST_INCLUDE;
1172 } else {
1173 IGMP_PRINTF(("%s: transition to UNDEF\n", __func__));
1174 inm->inm_st[1].iss_fmode = MCAST_UNDEFINED;
1175 }
1176
1177 /* Decrement ASM listener count on transition out of ASM mode. */
1178 if (imf->imf_st[0] == MCAST_EXCLUDE && nsrc0 == 0) {
1179 if ((imf->imf_st[1] != MCAST_EXCLUDE) ||
1180 (imf->imf_st[1] == MCAST_EXCLUDE && nsrc1 > 0)) {
1181 IGMP_PRINTF(("%s: --asm on inm at t1\n", __func__));
1182 --inm->inm_st[1].iss_asm;
1183 }
1184 }
1185
1186 /* Increment ASM listener count on transition to ASM mode. */
1187 if (imf->imf_st[1] == MCAST_EXCLUDE && nsrc1 == 0) {
1188 IGMP_PRINTF(("%s: asm++ on inm at t1\n", __func__));
1189 inm->inm_st[1].iss_asm++;
1190 }
1191
39236c6e
A
1192 IGMP_PRINTF(("%s: merged imf 0x%llx to inm 0x%llx\n", __func__,
1193 (uint64_t)VM_KERNEL_ADDRPERM(imf),
1194 (uint64_t)VM_KERNEL_ADDRPERM(inm)));
6d2010ae
A
1195 inm_print(inm);
1196
1197out_reap:
1198 if (schanged > 0) {
1199 IGMP_PRINTF(("%s: sources changed; reaping\n", __func__));
1200 inm_reap(inm);
1201 }
1202 return (error);
1203}
1204
1205/*
1206 * Mark an in_multi's filter set deltas as committed.
1207 * Called by IGMP after a state change has been enqueued.
1208 */
1209void
1210inm_commit(struct in_multi *inm)
1211{
1212 struct ip_msource *ims;
1213
1214 INM_LOCK_ASSERT_HELD(inm);
1215
39236c6e
A
1216 IGMP_PRINTF(("%s: commit inm 0x%llx\n", __func__,
1217 (uint64_t)VM_KERNEL_ADDRPERM(inm)));
6d2010ae
A
1218 IGMP_PRINTF(("%s: pre commit:\n", __func__));
1219 inm_print(inm);
1220
1221 RB_FOREACH(ims, ip_msource_tree, &inm->inm_srcs) {
1222 ims->ims_st[0] = ims->ims_st[1];
1223 }
1224 inm->inm_st[0] = inm->inm_st[1];
1225}
1226
1227/*
1228 * Reap unreferenced nodes from an in_multi's filter set.
1229 */
1230static void
1231inm_reap(struct in_multi *inm)
1232{
1233 struct ip_msource *ims, *tims;
1234
1235 INM_LOCK_ASSERT_HELD(inm);
1236
1237 RB_FOREACH_SAFE(ims, ip_msource_tree, &inm->inm_srcs, tims) {
1238 if (ims->ims_st[0].ex > 0 || ims->ims_st[0].in > 0 ||
1239 ims->ims_st[1].ex > 0 || ims->ims_st[1].in > 0 ||
1240 ims->ims_stp != 0)
1241 continue;
39236c6e
A
1242 IGMP_PRINTF(("%s: free ims 0x%llx\n", __func__,
1243 (uint64_t)VM_KERNEL_ADDRPERM(ims)));
6d2010ae
A
1244 RB_REMOVE(ip_msource_tree, &inm->inm_srcs, ims);
1245 ipms_free(ims);
1246 inm->inm_nsrc--;
1247 }
1248}
1249
1250/*
1251 * Purge all source nodes from an in_multi's filter set.
1252 */
1253void
1254inm_purge(struct in_multi *inm)
1255{
1256 struct ip_msource *ims, *tims;
1257
1258 INM_LOCK_ASSERT_HELD(inm);
1259
1260 RB_FOREACH_SAFE(ims, ip_msource_tree, &inm->inm_srcs, tims) {
39236c6e
A
1261 IGMP_PRINTF(("%s: free ims 0x%llx\n", __func__,
1262 (uint64_t)VM_KERNEL_ADDRPERM(ims)));
6d2010ae
A
1263 RB_REMOVE(ip_msource_tree, &inm->inm_srcs, ims);
1264 ipms_free(ims);
1265 inm->inm_nsrc--;
1266 }
1267}
1268
1269/*
1270 * Join a multicast group; real entry point.
1271 *
1272 * Only preserves atomicity at inm level.
1273 * NOTE: imf argument cannot be const due to sys/tree.h limitations.
1274 *
1275 * If the IGMP downcall fails, the group is not joined, and an error
1276 * code is returned.
1277 */
1278static int
1279in_joingroup(struct ifnet *ifp, const struct in_addr *gina,
1280 /*const*/ struct in_mfilter *imf, struct in_multi **pinm)
1281{
1282 struct in_mfilter timf;
1283 struct in_multi *inm = NULL;
1284 int error = 0;
39236c6e 1285 struct igmp_tparams itp;
6d2010ae 1286
39236c6e
A
1287 IGMP_INET_PRINTF(*gina, ("%s: join %s on 0x%llx(%s))\n", __func__,
1288 _igmp_inet_buf, (uint64_t)VM_KERNEL_ADDRPERM(ifp), if_name(ifp)));
6d2010ae 1289
39236c6e 1290 bzero(&itp, sizeof (itp));
6d2010ae
A
1291 *pinm = NULL;
1292
1293 /*
1294 * If no imf was specified (i.e. kernel consumer),
1295 * fake one up and assume it is an ASM join.
1296 */
1297 if (imf == NULL) {
1298 imf_init(&timf, MCAST_UNDEFINED, MCAST_EXCLUDE);
1299 imf = &timf;
1300 }
1301
1302 error = in_getmulti(ifp, gina, &inm);
1303 if (error) {
1304 IGMP_PRINTF(("%s: in_getmulti() failure\n", __func__));
1305 return (error);
1306 }
1307
1308 IGMP_PRINTF(("%s: merge inm state\n", __func__));
1309
1310 INM_LOCK(inm);
1311 error = inm_merge(inm, imf);
1312 if (error) {
1313 IGMP_PRINTF(("%s: failed to merge inm state\n", __func__));
1314 goto out_inm_release;
1315 }
1316
1317 IGMP_PRINTF(("%s: doing igmp downcall\n", __func__));
39236c6e 1318 error = igmp_change_state(inm, &itp);
6d2010ae
A
1319 if (error) {
1320 IGMP_PRINTF(("%s: failed to update source\n", __func__));
39236c6e 1321 imf_rollback(imf);
6d2010ae
A
1322 goto out_inm_release;
1323 }
1324
1325out_inm_release:
1326 if (error) {
39236c6e
A
1327 IGMP_PRINTF(("%s: dropping ref on 0x%llx\n", __func__,
1328 (uint64_t)VM_KERNEL_ADDRPERM(inm)));
6d2010ae
A
1329 INM_UNLOCK(inm);
1330 INM_REMREF(inm);
1331 } else {
1332 INM_UNLOCK(inm);
1333 *pinm = inm; /* keep refcount from in_getmulti() */
1334 }
1335
39236c6e
A
1336 /* schedule timer now that we've dropped the lock(s) */
1337 igmp_set_timeout(&itp);
1338
6d2010ae
A
1339 return (error);
1340}
1341
1342/*
1343 * Leave a multicast group; real entry point.
1344 * All source filters will be expunged.
1345 *
1346 * Only preserves atomicity at inm level.
1347 *
1348 * Note: This is not the same as inm_release(*) as this function also
1349 * makes a state change downcall into IGMP.
1350 */
1351int
1352in_leavegroup(struct in_multi *inm, /*const*/ struct in_mfilter *imf)
1353{
1354 struct in_mfilter timf;
1355 int error, lastref;
39236c6e 1356 struct igmp_tparams itp;
6d2010ae 1357
39236c6e 1358 bzero(&itp, sizeof (itp));
6d2010ae
A
1359 error = 0;
1360
1361 INM_LOCK_ASSERT_NOTHELD(inm);
1362
1363 in_multihead_lock_exclusive();
1364 INM_LOCK(inm);
1365
39236c6e
A
1366 IGMP_INET_PRINTF(inm->inm_addr,
1367 ("%s: leave inm 0x%llx, %s/%s%d, imf 0x%llx\n", __func__,
1368 (uint64_t)VM_KERNEL_ADDRPERM(inm), _igmp_inet_buf,
6d2010ae 1369 (inm_is_ifp_detached(inm) ? "null" : inm->inm_ifp->if_name),
39236c6e 1370 inm->inm_ifp->if_unit, (uint64_t)VM_KERNEL_ADDRPERM(imf)));
6d2010ae
A
1371
1372 /*
1373 * If no imf was specified (i.e. kernel consumer),
1374 * fake one up and assume it is an ASM join.
1375 */
1376 if (imf == NULL) {
1377 imf_init(&timf, MCAST_EXCLUDE, MCAST_UNDEFINED);
1378 imf = &timf;
1379 }
1380
1381 /*
1382 * Begin state merge transaction at IGMP layer.
1383 *
1384 * As this particular invocation should not cause any memory
1385 * to be allocated, and there is no opportunity to roll back
1386 * the transaction, it MUST NOT fail.
1387 */
1388 IGMP_PRINTF(("%s: merge inm state\n", __func__));
1389
1390 error = inm_merge(inm, imf);
1391 KASSERT(error == 0, ("%s: failed to merge inm state\n", __func__));
1392
1393 IGMP_PRINTF(("%s: doing igmp downcall\n", __func__));
39236c6e 1394 error = igmp_change_state(inm, &itp);
6d2010ae
A
1395#if IGMP_DEBUG
1396 if (error)
1397 IGMP_PRINTF(("%s: failed igmp downcall\n", __func__));
1398#endif
1399 lastref = in_multi_detach(inm);
1400 VERIFY(!lastref || (!(inm->inm_debug & IFD_ATTACHED) &&
1401 inm->inm_reqcnt == 0));
1402 INM_UNLOCK(inm);
1403 in_multihead_lock_done();
1404
1405 if (lastref)
1406 INM_REMREF(inm); /* for in_multihead list */
1407
39236c6e
A
1408 /* schedule timer now that we've dropped the lock(s) */
1409 igmp_set_timeout(&itp);
1410
6d2010ae
A
1411 return (error);
1412}
1413
1414/*
1415 * Join an IPv4 multicast group in (*,G) exclusive mode.
1416 * The group must be a 224.0.0.0/24 link-scope group.
1417 * This KPI is for legacy kernel consumers only.
1418 */
1419struct in_multi *
1420in_addmulti(struct in_addr *ap, struct ifnet *ifp)
1421{
1422 struct in_multi *pinm = NULL;
1423 int error;
1424
1425 KASSERT(IN_LOCAL_GROUP(ntohl(ap->s_addr)),
1426 ("%s: %s not in 224.0.0.0/24\n", __func__, inet_ntoa(*ap)));
1427
1428 error = in_joingroup(ifp, ap, NULL, &pinm);
1429 VERIFY(pinm != NULL || error != 0);
1430
1431 return (pinm);
1432}
1433
1434/*
1435 * Leave an IPv4 multicast group, assumed to be in exclusive (*,G) mode.
1436 * This KPI is for legacy kernel consumers only.
1437 */
1438void
1439in_delmulti(struct in_multi *inm)
1440{
1441
1442 (void) in_leavegroup(inm, NULL);
1443}
1444
1445/*
1446 * Block or unblock an ASM multicast source on an inpcb.
1447 * This implements the delta-based API described in RFC 3678.
1448 *
1449 * The delta-based API applies only to exclusive-mode memberships.
1450 * An IGMP downcall will be performed.
1451 *
1452 * Return 0 if successful, otherwise return an appropriate error code.
1453 */
1454static int
1455inp_block_unblock_source(struct inpcb *inp, struct sockopt *sopt)
1456{
1457 struct group_source_req gsr;
1458 sockunion_t *gsa, *ssa;
1459 struct ifnet *ifp;
1460 struct in_mfilter *imf;
1461 struct ip_moptions *imo;
1462 struct in_msource *ims;
1463 struct in_multi *inm;
1464 size_t idx;
1465 uint16_t fmode;
1466 int error, doblock;
1467 unsigned int ifindex = 0;
39236c6e 1468 struct igmp_tparams itp;
6d2010ae 1469
39236c6e 1470 bzero(&itp, sizeof (itp));
6d2010ae
A
1471 ifp = NULL;
1472 error = 0;
1473 doblock = 0;
1474
1475 memset(&gsr, 0, sizeof(struct group_source_req));
1476 gsa = (sockunion_t *)&gsr.gsr_group;
1477 ssa = (sockunion_t *)&gsr.gsr_source;
1478
1479 switch (sopt->sopt_name) {
1480 case IP_BLOCK_SOURCE:
1481 case IP_UNBLOCK_SOURCE: {
1482 struct ip_mreq_source mreqs;
1483
1484 error = sooptcopyin(sopt, &mreqs,
1485 sizeof(struct ip_mreq_source),
1486 sizeof(struct ip_mreq_source));
1487 if (error)
1488 return (error);
1489
1490 gsa->sin.sin_family = AF_INET;
1491 gsa->sin.sin_len = sizeof(struct sockaddr_in);
1492 gsa->sin.sin_addr = mreqs.imr_multiaddr;
1493
1494 ssa->sin.sin_family = AF_INET;
1495 ssa->sin.sin_len = sizeof(struct sockaddr_in);
1496 ssa->sin.sin_addr = mreqs.imr_sourceaddr;
1497
1498 if (!in_nullhost(mreqs.imr_interface))
1499 ifp = ip_multicast_if(&mreqs.imr_interface, &ifindex);
1500
1501 if (sopt->sopt_name == IP_BLOCK_SOURCE)
1502 doblock = 1;
1503
39236c6e
A
1504 IGMP_INET_PRINTF(mreqs.imr_interface,
1505 ("%s: imr_interface = %s, ifp = 0x%llx\n", __func__,
1506 _igmp_inet_buf, (uint64_t)VM_KERNEL_ADDRPERM(ifp)));
6d2010ae
A
1507 break;
1508 }
1509
1510 case MCAST_BLOCK_SOURCE:
1511 case MCAST_UNBLOCK_SOURCE:
1512 error = sooptcopyin(sopt, &gsr,
1513 sizeof(struct group_source_req),
1514 sizeof(struct group_source_req));
1515 if (error)
1516 return (error);
1517
1518 if (gsa->sin.sin_family != AF_INET ||
1519 gsa->sin.sin_len != sizeof(struct sockaddr_in))
1520 return (EINVAL);
1521
1522 if (ssa->sin.sin_family != AF_INET ||
1523 ssa->sin.sin_len != sizeof(struct sockaddr_in))
1524 return (EINVAL);
1525
1526 ifnet_head_lock_shared();
1527 if (gsr.gsr_interface == 0 ||
1528 (u_int)if_index < gsr.gsr_interface) {
1529 ifnet_head_done();
1530 return (EADDRNOTAVAIL);
1531 }
1532
1533 ifp = ifindex2ifnet[gsr.gsr_interface];
1534 ifnet_head_done();
1535
1536 if (ifp == NULL)
1537 return (EADDRNOTAVAIL);
1538
1539 if (sopt->sopt_name == MCAST_BLOCK_SOURCE)
1540 doblock = 1;
1541 break;
1542
1543 default:
1544 IGMP_PRINTF(("%s: unknown sopt_name %d\n",
1545 __func__, sopt->sopt_name));
1546 return (EOPNOTSUPP);
1547 break;
1548 }
1549
1550 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
1551 return (EINVAL);
1552
1553 /*
1554 * Check if we are actually a member of this group.
1555 */
1556 imo = inp_findmoptions(inp);
1557 if (imo == NULL)
1558 return (ENOMEM);
1559
1560 IMO_LOCK(imo);
1561 idx = imo_match_group(imo, ifp, &gsa->sa);
1562 if (idx == (size_t)-1 || imo->imo_mfilters == NULL) {
1563 error = EADDRNOTAVAIL;
1564 goto out_imo_locked;
1565 }
1566
1567 VERIFY(imo->imo_mfilters != NULL);
1568 imf = &imo->imo_mfilters[idx];
1569 inm = imo->imo_membership[idx];
1570
1571 /*
1572 * Attempting to use the delta-based API on an
1573 * non exclusive-mode membership is an error.
1574 */
1575 fmode = imf->imf_st[0];
1576 if (fmode != MCAST_EXCLUDE) {
1577 error = EINVAL;
1578 goto out_imo_locked;
1579 }
1580
1581 /*
1582 * Deal with error cases up-front:
1583 * Asked to block, but already blocked; or
1584 * Asked to unblock, but nothing to unblock.
1585 * If adding a new block entry, allocate it.
1586 */
1587 ims = imo_match_source(imo, idx, &ssa->sa);
1588 if ((ims != NULL && doblock) || (ims == NULL && !doblock)) {
39236c6e
A
1589 IGMP_INET_PRINTF(ssa->sin.sin_addr,
1590 ("%s: source %s %spresent\n", __func__,
1591 _igmp_inet_buf, doblock ? "" : "not "));
6d2010ae
A
1592 error = EADDRNOTAVAIL;
1593 goto out_imo_locked;
1594 }
1595
1596 /*
1597 * Begin state merge transaction at socket layer.
1598 */
1599 if (doblock) {
1600 IGMP_PRINTF(("%s: %s source\n", __func__, "block"));
1601 ims = imf_graft(imf, fmode, &ssa->sin);
1602 if (ims == NULL)
1603 error = ENOMEM;
1604 } else {
1605 IGMP_PRINTF(("%s: %s source\n", __func__, "allow"));
1606 error = imf_prune(imf, &ssa->sin);
1607 }
1608
1609 if (error) {
1610 IGMP_PRINTF(("%s: merge imf state failed\n", __func__));
1611 goto out_imf_rollback;
1612 }
1613
1614 /*
1615 * Begin state merge transaction at IGMP layer.
1616 */
1617 INM_LOCK(inm);
1618 IGMP_PRINTF(("%s: merge inm state\n", __func__));
1619 error = inm_merge(inm, imf);
1620 if (error) {
1621 IGMP_PRINTF(("%s: failed to merge inm state\n", __func__));
1622 INM_UNLOCK(inm);
1623 goto out_imf_rollback;
1624 }
1625
1626 IGMP_PRINTF(("%s: doing igmp downcall\n", __func__));
39236c6e 1627 error = igmp_change_state(inm, &itp);
6d2010ae
A
1628 INM_UNLOCK(inm);
1629#if IGMP_DEBUG
1630 if (error)
1631 IGMP_PRINTF(("%s: failed igmp downcall\n", __func__));
1632#endif
1633
1634out_imf_rollback:
1635 if (error)
1636 imf_rollback(imf);
1637 else
1638 imf_commit(imf);
1639
1640 imf_reap(imf);
1641
1642out_imo_locked:
1643 IMO_UNLOCK(imo);
1644 IMO_REMREF(imo); /* from inp_findmoptions() */
39236c6e
A
1645
1646 /* schedule timer now that we've dropped the lock(s) */
1647 igmp_set_timeout(&itp);
1648
6d2010ae
A
1649 return (error);
1650}
1651
1652/*
1653 * Given an inpcb, return its multicast options structure pointer.
1654 *
1655 * Caller is responsible for locking the inpcb, and releasing the
1656 * extra reference held on the imo, upon a successful return.
1657 */
1658static struct ip_moptions *
1659inp_findmoptions(struct inpcb *inp)
1660{
1661 struct ip_moptions *imo;
1662 struct in_multi **immp;
1663 struct in_mfilter *imfp;
1664 size_t idx;
1665
1666 if ((imo = inp->inp_moptions) != NULL) {
1667 IMO_ADDREF(imo); /* for caller */
1668 return (imo);
1669 }
1670
1671 imo = ip_allocmoptions(M_WAITOK);
1672 if (imo == NULL)
1673 return (NULL);
1674
1675 immp = _MALLOC(sizeof (*immp) * IP_MIN_MEMBERSHIPS, M_IPMOPTS,
1676 M_WAITOK | M_ZERO);
1677 if (immp == NULL) {
1678 IMO_REMREF(imo);
1679 return (NULL);
1680 }
1681
1682 imfp = _MALLOC(sizeof (struct in_mfilter) * IP_MIN_MEMBERSHIPS,
1683 M_INMFILTER, M_WAITOK | M_ZERO);
1684 if (imfp == NULL) {
1685 _FREE(immp, M_IPMOPTS);
1686 IMO_REMREF(imo);
1687 return (NULL);
1688 }
1689
1690 imo->imo_multicast_ifp = NULL;
1691 imo->imo_multicast_addr.s_addr = INADDR_ANY;
1692 imo->imo_multicast_vif = -1;
1693 imo->imo_multicast_ttl = IP_DEFAULT_MULTICAST_TTL;
1694 imo->imo_multicast_loop = in_mcast_loop;
1695 imo->imo_num_memberships = 0;
1696 imo->imo_max_memberships = IP_MIN_MEMBERSHIPS;
1697 imo->imo_membership = immp;
1698
1699 /* Initialize per-group source filters. */
1700 for (idx = 0; idx < IP_MIN_MEMBERSHIPS; idx++)
1701 imf_init(&imfp[idx], MCAST_UNDEFINED, MCAST_EXCLUDE);
1702
1703 imo->imo_mfilters = imfp;
1704 inp->inp_moptions = imo; /* keep reference from ip_allocmoptions() */
1705 IMO_ADDREF(imo); /* for caller */
1706
1707 return (imo);
1708}
1709/*
1710 * Atomically get source filters on a socket for an IPv4 multicast group.
1711 */
1712static int
1713inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt)
1714{
1715 struct __msfilterreq64 msfr, msfr64;
1716 struct __msfilterreq32 msfr32;
1717 sockunion_t *gsa;
1718 struct ifnet *ifp;
1719 struct ip_moptions *imo;
1720 struct in_mfilter *imf;
1721 struct ip_msource *ims;
1722 struct in_msource *lims;
1723 struct sockaddr_in *psin;
1724 struct sockaddr_storage *ptss;
1725 struct sockaddr_storage *tss;
1726 int error;
1727 size_t idx, nsrcs, ncsrcs;
1728 user_addr_t tmp_ptr;
1729
1730 imo = inp->inp_moptions;
1731 VERIFY(imo != NULL);
1732
1733 if (IS_64BIT_PROCESS(current_proc())) {
1734 error = sooptcopyin(sopt, &msfr64,
1735 sizeof(struct __msfilterreq64),
1736 sizeof(struct __msfilterreq64));
1737 if (error)
1738 return (error);
1739 /* we never use msfr.msfr_srcs; */
3e170ce0 1740 memcpy(&msfr, &msfr64, sizeof(msfr64));
6d2010ae
A
1741 } else {
1742 error = sooptcopyin(sopt, &msfr32,
1743 sizeof(struct __msfilterreq32),
1744 sizeof(struct __msfilterreq32));
1745 if (error)
1746 return (error);
1747 /* we never use msfr.msfr_srcs; */
3e170ce0 1748 memcpy(&msfr, &msfr32, sizeof(msfr32));
6d2010ae
A
1749 }
1750
1751 ifnet_head_lock_shared();
1752 if (msfr.msfr_ifindex == 0 || (u_int)if_index < msfr.msfr_ifindex) {
1753 ifnet_head_done();
1754 return (EADDRNOTAVAIL);
1755 }
1756
1757 ifp = ifindex2ifnet[msfr.msfr_ifindex];
1758 ifnet_head_done();
1759
1760 if (ifp == NULL)
1761 return (EADDRNOTAVAIL);
316670eb
A
1762
1763 if ((size_t) msfr.msfr_nsrcs >
39236c6e
A
1764 UINT32_MAX / sizeof(struct sockaddr_storage))
1765 msfr.msfr_nsrcs = UINT32_MAX / sizeof(struct sockaddr_storage);
316670eb 1766
6d2010ae
A
1767 if (msfr.msfr_nsrcs > in_mcast_maxsocksrc)
1768 msfr.msfr_nsrcs = in_mcast_maxsocksrc;
1769
1770 IMO_LOCK(imo);
1771 /*
1772 * Lookup group on the socket.
1773 */
1774 gsa = (sockunion_t *)&msfr.msfr_group;
1775 idx = imo_match_group(imo, ifp, &gsa->sa);
1776 if (idx == (size_t)-1 || imo->imo_mfilters == NULL) {
1777 IMO_UNLOCK(imo);
1778 return (EADDRNOTAVAIL);
1779 }
1780 imf = &imo->imo_mfilters[idx];
1781
1782 /*
1783 * Ignore memberships which are in limbo.
1784 */
1785 if (imf->imf_st[1] == MCAST_UNDEFINED) {
1786 IMO_UNLOCK(imo);
1787 return (EAGAIN);
1788 }
1789 msfr.msfr_fmode = imf->imf_st[1];
1790
1791 /*
1792 * If the user specified a buffer, copy out the source filter
1793 * entries to userland gracefully.
1794 * We only copy out the number of entries which userland
1795 * has asked for, but we always tell userland how big the
1796 * buffer really needs to be.
1797 */
1798
1799 if (IS_64BIT_PROCESS(current_proc()))
1800 tmp_ptr = msfr64.msfr_srcs;
1801 else
1802 tmp_ptr = CAST_USER_ADDR_T(msfr32.msfr_srcs);
1803
1804 tss = NULL;
1805 if (tmp_ptr != USER_ADDR_NULL && msfr.msfr_nsrcs > 0) {
316670eb 1806 tss = _MALLOC((size_t) msfr.msfr_nsrcs * sizeof(*tss),
6d2010ae
A
1807 M_TEMP, M_WAITOK | M_ZERO);
1808 if (tss == NULL) {
1809 IMO_UNLOCK(imo);
1810 return (ENOBUFS);
1811 }
1812 }
1813
1814 /*
1815 * Count number of sources in-mode at t0.
1816 * If buffer space exists and remains, copy out source entries.
1817 */
1818 nsrcs = msfr.msfr_nsrcs;
1819 ncsrcs = 0;
1820 ptss = tss;
1821 RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources) {
1822 lims = (struct in_msource *)ims;
1823 if (lims->imsl_st[0] == MCAST_UNDEFINED ||
1824 lims->imsl_st[0] != imf->imf_st[0])
1825 continue;
1826 if (tss != NULL && nsrcs > 0) {
1827 psin = (struct sockaddr_in *)ptss;
1828 psin->sin_family = AF_INET;
1829 psin->sin_len = sizeof(struct sockaddr_in);
1830 psin->sin_addr.s_addr = htonl(lims->ims_haddr);
1831 psin->sin_port = 0;
1832 ++ptss;
1833 --nsrcs;
1834 ++ncsrcs;
1835 }
1836 }
1837
1838 IMO_UNLOCK(imo);
1839
1840 if (tss != NULL) {
316670eb 1841 error = copyout(tss, tmp_ptr, ncsrcs * sizeof(*tss));
6d2010ae
A
1842 FREE(tss, M_TEMP);
1843 if (error)
1844 return (error);
1845 }
1846
1847 msfr.msfr_nsrcs = ncsrcs;
1848 if (IS_64BIT_PROCESS(current_proc())) {
1849 msfr64.msfr_ifindex = msfr.msfr_ifindex;
1850 msfr64.msfr_fmode = msfr.msfr_fmode;
1851 msfr64.msfr_nsrcs = msfr.msfr_nsrcs;
1852 memcpy(&msfr64.msfr_group, &msfr.msfr_group,
1853 sizeof(struct sockaddr_storage));
1854 error = sooptcopyout(sopt, &msfr64,
1855 sizeof(struct __msfilterreq64));
1856 } else {
1857 msfr32.msfr_ifindex = msfr.msfr_ifindex;
1858 msfr32.msfr_fmode = msfr.msfr_fmode;
1859 msfr32.msfr_nsrcs = msfr.msfr_nsrcs;
3e170ce0 1860 memcpy(&msfr32.msfr_group, &msfr.msfr_group,
6d2010ae
A
1861 sizeof(struct sockaddr_storage));
1862 error = sooptcopyout(sopt, &msfr32,
1863 sizeof(struct __msfilterreq32));
1864 }
1865
1866 return (error);
1867}
1868
1869/*
1870 * Return the IP multicast options in response to user getsockopt().
1871 */
1872int
1873inp_getmoptions(struct inpcb *inp, struct sockopt *sopt)
1874{
1875 struct ip_mreqn mreqn;
1876 struct ip_moptions *imo;
1877 struct ifnet *ifp;
1878 struct in_ifaddr *ia;
1879 int error, optval;
1880 unsigned int ifindex;
1881 u_char coptval;
1882
1883 imo = inp->inp_moptions;
1884 /*
1885 * If socket is neither of type SOCK_RAW or SOCK_DGRAM,
1886 * or is a divert socket, reject it.
1887 */
39236c6e
A
1888 if (SOCK_PROTO(inp->inp_socket) == IPPROTO_DIVERT ||
1889 (SOCK_TYPE(inp->inp_socket) != SOCK_RAW &&
1890 SOCK_TYPE(inp->inp_socket) != SOCK_DGRAM)) {
6d2010ae
A
1891 return (EOPNOTSUPP);
1892 }
1893
1894 error = 0;
1895 switch (sopt->sopt_name) {
6d2010ae
A
1896 case IP_MULTICAST_IF:
1897 memset(&mreqn, 0, sizeof(struct ip_mreqn));
1898 if (imo != NULL) {
1899 IMO_LOCK(imo);
1900 ifp = imo->imo_multicast_ifp;
1901 if (!in_nullhost(imo->imo_multicast_addr)) {
1902 mreqn.imr_address = imo->imo_multicast_addr;
1903 } else if (ifp != NULL) {
1904 mreqn.imr_ifindex = ifp->if_index;
1905 IFP_TO_IA(ifp, ia);
1906 if (ia != NULL) {
1907 IFA_LOCK_SPIN(&ia->ia_ifa);
1908 mreqn.imr_address =
1909 IA_SIN(ia)->sin_addr;
1910 IFA_UNLOCK(&ia->ia_ifa);
1911 IFA_REMREF(&ia->ia_ifa);
1912 }
1913 }
1914 IMO_UNLOCK(imo);
1915 }
1916 if (sopt->sopt_valsize == sizeof(struct ip_mreqn)) {
1917 error = sooptcopyout(sopt, &mreqn,
1918 sizeof(struct ip_mreqn));
1919 } else {
1920 error = sooptcopyout(sopt, &mreqn.imr_address,
1921 sizeof(struct in_addr));
1922 }
1923 break;
1924
1925 case IP_MULTICAST_IFINDEX:
1926 if (imo != NULL)
1927 IMO_LOCK(imo);
1928 if (imo == NULL || imo->imo_multicast_ifp == NULL) {
1929 ifindex = 0;
1930 } else {
1931 ifindex = imo->imo_multicast_ifp->if_index;
1932 }
1933 if (imo != NULL)
1934 IMO_UNLOCK(imo);
1935 error = sooptcopyout(sopt, &ifindex, sizeof (ifindex));
1936 break;
1937
1938 case IP_MULTICAST_TTL:
1939 if (imo == NULL)
1940 optval = coptval = IP_DEFAULT_MULTICAST_TTL;
1941 else {
1942 IMO_LOCK(imo);
1943 optval = coptval = imo->imo_multicast_ttl;
1944 IMO_UNLOCK(imo);
1945 }
1946 if (sopt->sopt_valsize == sizeof(u_char))
1947 error = sooptcopyout(sopt, &coptval, sizeof(u_char));
1948 else
1949 error = sooptcopyout(sopt, &optval, sizeof(int));
1950 break;
1951
1952 case IP_MULTICAST_LOOP:
1953 if (imo == 0)
1954 optval = coptval = IP_DEFAULT_MULTICAST_LOOP;
1955 else {
1956 IMO_LOCK(imo);
1957 optval = coptval = imo->imo_multicast_loop;
1958 IMO_UNLOCK(imo);
1959 }
1960 if (sopt->sopt_valsize == sizeof(u_char))
1961 error = sooptcopyout(sopt, &coptval, sizeof(u_char));
1962 else
1963 error = sooptcopyout(sopt, &optval, sizeof(int));
1964 break;
1965
1966 case IP_MSFILTER:
1967 if (imo == NULL) {
1968 error = EADDRNOTAVAIL;
1969 } else {
1970 error = inp_get_source_filters(inp, sopt);
1971 }
1972 break;
1973
1974 default:
1975 error = ENOPROTOOPT;
1976 break;
1977 }
1978
1979 return (error);
1980}
1981
1982/*
1983 * Look up the ifnet to use for a multicast group membership,
1984 * given the IPv4 address of an interface, and the IPv4 group address.
1985 *
1986 * This routine exists to support legacy multicast applications
1987 * which do not understand that multicast memberships are scoped to
1988 * specific physical links in the networking stack, or which need
1989 * to join link-scope groups before IPv4 addresses are configured.
1990 *
1991 * If inp is non-NULL and is bound to an interface, use this socket's
1992 * inp_boundif for any required routing table lookup.
1993 *
1994 * If the route lookup fails, attempt to use the first non-loopback
1995 * interface with multicast capability in the system as a
1996 * last resort. The legacy IPv4 ASM API requires that we do
1997 * this in order to allow groups to be joined when the routing
1998 * table has not yet been populated during boot.
1999 *
2000 * Returns NULL if no ifp could be found.
2001 *
2002 */
2003static struct ifnet *
2004inp_lookup_mcast_ifp(const struct inpcb *inp,
2005 const struct sockaddr_in *gsin, const struct in_addr ina)
2006{
2007 struct ifnet *ifp;
2008 unsigned int ifindex = 0;
2009
2010 VERIFY(gsin->sin_family == AF_INET);
2011 VERIFY(IN_MULTICAST(ntohl(gsin->sin_addr.s_addr)));
2012
2013 ifp = NULL;
2014 if (!in_nullhost(ina)) {
2015 struct in_addr new_ina;
2016 memcpy(&new_ina, &ina, sizeof(struct in_addr));
2017 ifp = ip_multicast_if(&new_ina, &ifindex);
2018 } else {
2019 struct route ro;
2020 unsigned int ifscope = IFSCOPE_NONE;
2021
2022 if (inp != NULL && (inp->inp_flags & INP_BOUND_IF))
316670eb 2023 ifscope = inp->inp_boundifp->if_index;
6d2010ae
A
2024
2025 bzero(&ro, sizeof (ro));
2026 memcpy(&ro.ro_dst, gsin, sizeof(struct sockaddr_in));
2027 rtalloc_scoped_ign(&ro, 0, ifscope);
2028 if (ro.ro_rt != NULL) {
2029 ifp = ro.ro_rt->rt_ifp;
2030 VERIFY(ifp != NULL);
6d2010ae
A
2031 } else {
2032 struct in_ifaddr *ia;
2033 struct ifnet *mifp;
2034
2035 mifp = NULL;
2036 lck_rw_lock_shared(in_ifaddr_rwlock);
2037 TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) {
2038 IFA_LOCK_SPIN(&ia->ia_ifa);
2039 mifp = ia->ia_ifp;
2040 IFA_UNLOCK(&ia->ia_ifa);
2041 if (!(mifp->if_flags & IFF_LOOPBACK) &&
2042 (mifp->if_flags & IFF_MULTICAST)) {
2043 ifp = mifp;
2044 break;
2045 }
2046 }
2047 lck_rw_done(in_ifaddr_rwlock);
2048 }
39236c6e 2049 ROUTE_RELEASE(&ro);
6d2010ae
A
2050 }
2051
2052 return (ifp);
2053}
2054
2055/*
2056 * Join an IPv4 multicast group, possibly with a source.
2057 *
2058 * NB: sopt->sopt_val might point to the kernel address space. This means that
2059 * we were called by the IPv6 stack due to the presence of an IPv6 v4 mapped
2060 * address. In this scenario, sopt_p points to kernproc and sooptcopyin() will
2061 * just issue an in-kernel memcpy.
2062 */
2063int
2064inp_join_group(struct inpcb *inp, struct sockopt *sopt)
2065{
2066 struct group_source_req gsr;
2067 sockunion_t *gsa, *ssa;
2068 struct ifnet *ifp;
2069 struct in_mfilter *imf;
2070 struct ip_moptions *imo;
2071 struct in_multi *inm = NULL;
2072 struct in_msource *lims;
2073 size_t idx;
2074 int error, is_new;
39236c6e 2075 struct igmp_tparams itp;
6d2010ae 2076
39236c6e 2077 bzero(&itp, sizeof (itp));
6d2010ae
A
2078 ifp = NULL;
2079 imf = NULL;
2080 error = 0;
2081 is_new = 0;
2082
2083 memset(&gsr, 0, sizeof(struct group_source_req));
2084 gsa = (sockunion_t *)&gsr.gsr_group;
2085 gsa->ss.ss_family = AF_UNSPEC;
2086 ssa = (sockunion_t *)&gsr.gsr_source;
2087 ssa->ss.ss_family = AF_UNSPEC;
2088
2089 switch (sopt->sopt_name) {
2090 case IP_ADD_MEMBERSHIP:
2091 case IP_ADD_SOURCE_MEMBERSHIP: {
2092 struct ip_mreq_source mreqs;
2093
2094 if (sopt->sopt_name == IP_ADD_MEMBERSHIP) {
2095 error = sooptcopyin(sopt, &mreqs,
2096 sizeof(struct ip_mreq),
2097 sizeof(struct ip_mreq));
2098 /*
2099 * Do argument switcharoo from ip_mreq into
2100 * ip_mreq_source to avoid using two instances.
2101 */
2102 mreqs.imr_interface = mreqs.imr_sourceaddr;
2103 mreqs.imr_sourceaddr.s_addr = INADDR_ANY;
2104 } else if (sopt->sopt_name == IP_ADD_SOURCE_MEMBERSHIP) {
2105 error = sooptcopyin(sopt, &mreqs,
2106 sizeof(struct ip_mreq_source),
2107 sizeof(struct ip_mreq_source));
2108 }
2109 if (error) {
2110 IGMP_PRINTF(("%s: error copyin IP_ADD_MEMBERSHIP/"
2111 "IP_ADD_SOURCE_MEMBERSHIP %d err=%d\n",
2112 __func__, sopt->sopt_name, error));
2113 return (error);
2114 }
2115
2116 gsa->sin.sin_family = AF_INET;
2117 gsa->sin.sin_len = sizeof(struct sockaddr_in);
2118 gsa->sin.sin_addr = mreqs.imr_multiaddr;
2119
2120 if (sopt->sopt_name == IP_ADD_SOURCE_MEMBERSHIP) {
2121 ssa->sin.sin_family = AF_INET;
2122 ssa->sin.sin_len = sizeof(struct sockaddr_in);
2123 ssa->sin.sin_addr = mreqs.imr_sourceaddr;
2124 }
2125
2126 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
2127 return (EINVAL);
2128
2129 ifp = inp_lookup_mcast_ifp(inp, &gsa->sin,
2130 mreqs.imr_interface);
39236c6e
A
2131 IGMP_INET_PRINTF(mreqs.imr_interface,
2132 ("%s: imr_interface = %s, ifp = 0x%llx\n", __func__,
2133 _igmp_inet_buf, (uint64_t)VM_KERNEL_ADDRPERM(ifp)));
6d2010ae
A
2134 break;
2135 }
2136
2137 case MCAST_JOIN_GROUP:
2138 case MCAST_JOIN_SOURCE_GROUP:
2139 if (sopt->sopt_name == MCAST_JOIN_GROUP) {
2140 error = sooptcopyin(sopt, &gsr,
2141 sizeof(struct group_req),
2142 sizeof(struct group_req));
2143 } else if (sopt->sopt_name == MCAST_JOIN_SOURCE_GROUP) {
2144 error = sooptcopyin(sopt, &gsr,
2145 sizeof(struct group_source_req),
2146 sizeof(struct group_source_req));
2147 }
2148 if (error)
2149 return (error);
2150
2151 if (gsa->sin.sin_family != AF_INET ||
2152 gsa->sin.sin_len != sizeof(struct sockaddr_in))
2153 return (EINVAL);
2154
2155 /*
2156 * Overwrite the port field if present, as the sockaddr
2157 * being copied in may be matched with a binary comparison.
2158 */
2159 gsa->sin.sin_port = 0;
2160 if (sopt->sopt_name == MCAST_JOIN_SOURCE_GROUP) {
2161 if (ssa->sin.sin_family != AF_INET ||
2162 ssa->sin.sin_len != sizeof(struct sockaddr_in))
2163 return (EINVAL);
2164 ssa->sin.sin_port = 0;
2165 }
2166
2167 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
2168 return (EINVAL);
2169
2170 ifnet_head_lock_shared();
2171 if (gsr.gsr_interface == 0 ||
2172 (u_int)if_index < gsr.gsr_interface) {
2173 ifnet_head_done();
2174 return (EADDRNOTAVAIL);
2175 }
2176 ifp = ifindex2ifnet[gsr.gsr_interface];
2177 ifnet_head_done();
2178
2179 break;
2180
2181 default:
2182 IGMP_PRINTF(("%s: unknown sopt_name %d\n",
2183 __func__, sopt->sopt_name));
2184 return (EOPNOTSUPP);
2185 break;
2186 }
2187
2188 if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0)
2189 return (EADDRNOTAVAIL);
2190
2191 imo = inp_findmoptions(inp);
2192 if (imo == NULL)
2193 return (ENOMEM);
2194
2195 IMO_LOCK(imo);
2196 idx = imo_match_group(imo, ifp, &gsa->sa);
2197 if (idx == (size_t)-1) {
2198 is_new = 1;
2199 } else {
2200 inm = imo->imo_membership[idx];
2201 imf = &imo->imo_mfilters[idx];
2202 if (ssa->ss.ss_family != AF_UNSPEC) {
2203 /*
2204 * MCAST_JOIN_SOURCE_GROUP on an exclusive membership
2205 * is an error. On an existing inclusive membership,
2206 * it just adds the source to the filter list.
2207 */
2208 if (imf->imf_st[1] != MCAST_INCLUDE) {
2209 error = EINVAL;
2210 goto out_imo_locked;
2211 }
2212 /*
2213 * Throw out duplicates.
2214 *
2215 * XXX FIXME: This makes a naive assumption that
2216 * even if entries exist for *ssa in this imf,
2217 * they will be rejected as dupes, even if they
2218 * are not valid in the current mode (in-mode).
2219 *
2220 * in_msource is transactioned just as for anything
2221 * else in SSM -- but note naive use of inm_graft()
2222 * below for allocating new filter entries.
2223 *
2224 * This is only an issue if someone mixes the
2225 * full-state SSM API with the delta-based API,
2226 * which is discouraged in the relevant RFCs.
2227 */
2228 lims = imo_match_source(imo, idx, &ssa->sa);
2229 if (lims != NULL /*&&
2230 lims->imsl_st[1] == MCAST_INCLUDE*/) {
2231 error = EADDRNOTAVAIL;
2232 goto out_imo_locked;
2233 }
2234 } else {
2235 /*
2236 * MCAST_JOIN_GROUP on an existing exclusive
2237 * membership is an error; return EADDRINUSE
2238 * to preserve 4.4BSD API idempotence, and
2239 * avoid tedious detour to code below.
2240 * NOTE: This is bending RFC 3678 a bit.
2241 *
2242 * On an existing inclusive membership, this is also
2243 * an error; if you want to change filter mode,
2244 * you must use the userland API setsourcefilter().
2245 * XXX We don't reject this for imf in UNDEFINED
2246 * state at t1, because allocation of a filter
2247 * is atomic with allocation of a membership.
2248 */
2249 error = EINVAL;
2250 /* See comments above for EADDRINUSE */
2251 if (imf->imf_st[1] == MCAST_EXCLUDE)
2252 error = EADDRINUSE;
2253 goto out_imo_locked;
2254 }
2255 }
2256
2257 /*
2258 * Begin state merge transaction at socket layer.
2259 */
2260
2261 if (is_new) {
2262 if (imo->imo_num_memberships == imo->imo_max_memberships) {
2263 error = imo_grow(imo, 0);
2264 if (error)
2265 goto out_imo_locked;
2266 }
2267 /*
2268 * Allocate the new slot upfront so we can deal with
2269 * grafting the new source filter in same code path
2270 * as for join-source on existing membership.
2271 */
2272 idx = imo->imo_num_memberships;
2273 imo->imo_membership[idx] = NULL;
2274 imo->imo_num_memberships++;
2275 VERIFY(imo->imo_mfilters != NULL);
2276 imf = &imo->imo_mfilters[idx];
2277 VERIFY(RB_EMPTY(&imf->imf_sources));
2278 }
2279
2280 /*
2281 * Graft new source into filter list for this inpcb's
2282 * membership of the group. The in_multi may not have
2283 * been allocated yet if this is a new membership, however,
2284 * the in_mfilter slot will be allocated and must be initialized.
2285 */
2286 if (ssa->ss.ss_family != AF_UNSPEC) {
2287 /* Membership starts in IN mode */
2288 if (is_new) {
2289 IGMP_PRINTF(("%s: new join w/source\n", __func__));
2290 imf_init(imf, MCAST_UNDEFINED, MCAST_INCLUDE);
2291 } else {
2292 IGMP_PRINTF(("%s: %s source\n", __func__, "allow"));
2293 }
2294 lims = imf_graft(imf, MCAST_INCLUDE, &ssa->sin);
2295 if (lims == NULL) {
2296 IGMP_PRINTF(("%s: merge imf state failed\n",
2297 __func__));
2298 error = ENOMEM;
2299 goto out_imo_free;
2300 }
2301 } else {
2302 /* No address specified; Membership starts in EX mode */
2303 if (is_new) {
2304 IGMP_PRINTF(("%s: new join w/o source\n", __func__));
2305 imf_init(imf, MCAST_UNDEFINED, MCAST_EXCLUDE);
2306 }
2307 }
2308
2309 /*
2310 * Begin state merge transaction at IGMP layer.
2311 */
2312
2313 if (is_new) {
2314 VERIFY(inm == NULL);
2315 error = in_joingroup(ifp, &gsa->sin.sin_addr, imf, &inm);
2316 VERIFY(inm != NULL || error != 0);
2317 if (error)
2318 goto out_imo_free;
2319 imo->imo_membership[idx] = inm; /* from in_joingroup() */
2320 } else {
2321 IGMP_PRINTF(("%s: merge inm state\n", __func__));
2322 INM_LOCK(inm);
2323 error = inm_merge(inm, imf);
2324 if (error) {
2325 IGMP_PRINTF(("%s: failed to merge inm state\n",
2326 __func__));
2327 INM_UNLOCK(inm);
2328 goto out_imf_rollback;
2329 }
2330 IGMP_PRINTF(("%s: doing igmp downcall\n", __func__));
39236c6e 2331 error = igmp_change_state(inm, &itp);
6d2010ae
A
2332 INM_UNLOCK(inm);
2333 if (error) {
2334 IGMP_PRINTF(("%s: failed igmp downcall\n",
2335 __func__));
2336 goto out_imf_rollback;
2337 }
2338 }
2339
2340out_imf_rollback:
2341 if (error) {
2342 imf_rollback(imf);
2343 if (is_new)
2344 imf_purge(imf);
2345 else
2346 imf_reap(imf);
2347 } else {
2348 imf_commit(imf);
2349 }
2350
2351out_imo_free:
2352 if (error && is_new) {
2353 VERIFY(inm == NULL);
2354 imo->imo_membership[idx] = NULL;
2355 --imo->imo_num_memberships;
2356 }
2357
2358out_imo_locked:
2359 IMO_UNLOCK(imo);
2360 IMO_REMREF(imo); /* from inp_findmoptions() */
39236c6e
A
2361
2362 /* schedule timer now that we've dropped the lock(s) */
2363 igmp_set_timeout(&itp);
2364
6d2010ae
A
2365 return (error);
2366}
2367
2368/*
2369 * Leave an IPv4 multicast group on an inpcb, possibly with a source.
2370 *
2371 * NB: sopt->sopt_val might point to the kernel address space. Refer to the
2372 * block comment on top of inp_join_group() for more information.
2373 */
2374int
2375inp_leave_group(struct inpcb *inp, struct sockopt *sopt)
2376{
2377 struct group_source_req gsr;
2378 struct ip_mreq_source mreqs;
2379 sockunion_t *gsa, *ssa;
2380 struct ifnet *ifp;
2381 struct in_mfilter *imf;
2382 struct ip_moptions *imo;
2383 struct in_msource *ims;
2384 struct in_multi *inm = NULL;
2385 size_t idx;
2386 int error, is_final;
2387 unsigned int ifindex = 0;
39236c6e 2388 struct igmp_tparams itp;
6d2010ae 2389
39236c6e 2390 bzero(&itp, sizeof (itp));
6d2010ae
A
2391 ifp = NULL;
2392 error = 0;
2393 is_final = 1;
2394
2395 memset(&gsr, 0, sizeof(struct group_source_req));
2396 gsa = (sockunion_t *)&gsr.gsr_group;
2397 gsa->ss.ss_family = AF_UNSPEC;
2398 ssa = (sockunion_t *)&gsr.gsr_source;
2399 ssa->ss.ss_family = AF_UNSPEC;
2400
2401 switch (sopt->sopt_name) {
2402 case IP_DROP_MEMBERSHIP:
2403 case IP_DROP_SOURCE_MEMBERSHIP:
2404 if (sopt->sopt_name == IP_DROP_MEMBERSHIP) {
2405 error = sooptcopyin(sopt, &mreqs,
2406 sizeof(struct ip_mreq),
2407 sizeof(struct ip_mreq));
2408 /*
2409 * Swap interface and sourceaddr arguments,
2410 * as ip_mreq and ip_mreq_source are laid
2411 * out differently.
2412 */
2413 mreqs.imr_interface = mreqs.imr_sourceaddr;
2414 mreqs.imr_sourceaddr.s_addr = INADDR_ANY;
2415 } else if (sopt->sopt_name == IP_DROP_SOURCE_MEMBERSHIP) {
2416 error = sooptcopyin(sopt, &mreqs,
2417 sizeof(struct ip_mreq_source),
2418 sizeof(struct ip_mreq_source));
2419 }
2420 if (error)
2421 return (error);
2422
2423 gsa->sin.sin_family = AF_INET;
2424 gsa->sin.sin_len = sizeof(struct sockaddr_in);
2425 gsa->sin.sin_addr = mreqs.imr_multiaddr;
2426
2427 if (sopt->sopt_name == IP_DROP_SOURCE_MEMBERSHIP) {
2428 ssa->sin.sin_family = AF_INET;
2429 ssa->sin.sin_len = sizeof(struct sockaddr_in);
2430 ssa->sin.sin_addr = mreqs.imr_sourceaddr;
2431 }
2432 /*
2433 * Attempt to look up hinted ifp from interface address.
2434 * Fallthrough with null ifp iff lookup fails, to
2435 * preserve 4.4BSD mcast API idempotence.
2436 * XXX NOTE WELL: The RFC 3678 API is preferred because
2437 * using an IPv4 address as a key is racy.
2438 */
2439 if (!in_nullhost(mreqs.imr_interface))
2440 ifp = ip_multicast_if(&mreqs.imr_interface, &ifindex);
2441
39236c6e
A
2442 IGMP_INET_PRINTF(mreqs.imr_interface,
2443 ("%s: imr_interface = %s, ifp = 0x%llx\n", __func__,
2444 _igmp_inet_buf, (uint64_t)VM_KERNEL_ADDRPERM(ifp)));
6d2010ae
A
2445
2446 break;
2447
2448 case MCAST_LEAVE_GROUP:
2449 case MCAST_LEAVE_SOURCE_GROUP:
2450 if (sopt->sopt_name == MCAST_LEAVE_GROUP) {
2451 error = sooptcopyin(sopt, &gsr,
2452 sizeof(struct group_req),
2453 sizeof(struct group_req));
2454 } else if (sopt->sopt_name == MCAST_LEAVE_SOURCE_GROUP) {
2455 error = sooptcopyin(sopt, &gsr,
2456 sizeof(struct group_source_req),
2457 sizeof(struct group_source_req));
2458 }
2459 if (error)
2460 return (error);
2461
2462 if (gsa->sin.sin_family != AF_INET ||
2463 gsa->sin.sin_len != sizeof(struct sockaddr_in))
2464 return (EINVAL);
2465
2466 if (sopt->sopt_name == MCAST_LEAVE_SOURCE_GROUP) {
2467 if (ssa->sin.sin_family != AF_INET ||
2468 ssa->sin.sin_len != sizeof(struct sockaddr_in))
2469 return (EINVAL);
2470 }
2471
2472 ifnet_head_lock_shared();
2473 if (gsr.gsr_interface == 0 ||
2474 (u_int)if_index < gsr.gsr_interface) {
2475 ifnet_head_done();
2476 return (EADDRNOTAVAIL);
2477 }
2478
2479 ifp = ifindex2ifnet[gsr.gsr_interface];
2480 ifnet_head_done();
2481 break;
2482
2483 default:
2484 IGMP_PRINTF(("%s: unknown sopt_name %d\n",
2485 __func__, sopt->sopt_name));
2486 return (EOPNOTSUPP);
2487 break;
2488 }
2489
2490 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
2491 return (EINVAL);
2492
2493 /*
2494 * Find the membership in the membership array.
2495 */
2496 imo = inp_findmoptions(inp);
2497 if (imo == NULL)
2498 return (ENOMEM);
2499
2500 IMO_LOCK(imo);
2501 idx = imo_match_group(imo, ifp, &gsa->sa);
2502 if (idx == (size_t)-1) {
2503 error = EADDRNOTAVAIL;
2504 goto out_locked;
2505 }
2506 inm = imo->imo_membership[idx];
2507 imf = &imo->imo_mfilters[idx];
2508
2509 if (ssa->ss.ss_family != AF_UNSPEC) {
2510 IGMP_PRINTF(("%s: opt=%d is_final=0\n", __func__,
2511 sopt->sopt_name));
2512 is_final = 0;
2513 }
2514
2515 /*
2516 * Begin state merge transaction at socket layer.
2517 */
2518
2519 /*
2520 * If we were instructed only to leave a given source, do so.
2521 * MCAST_LEAVE_SOURCE_GROUP is only valid for inclusive memberships.
2522 */
2523 if (is_final) {
2524 imf_leave(imf);
2525 } else {
2526 if (imf->imf_st[0] == MCAST_EXCLUDE) {
2527 error = EADDRNOTAVAIL;
2528 goto out_locked;
2529 }
2530 ims = imo_match_source(imo, idx, &ssa->sa);
2531 if (ims == NULL) {
39236c6e
A
2532 IGMP_INET_PRINTF(ssa->sin.sin_addr,
2533 ("%s: source %s %spresent\n", __func__,
2534 _igmp_inet_buf, "not "));
6d2010ae
A
2535 error = EADDRNOTAVAIL;
2536 goto out_locked;
2537 }
2538 IGMP_PRINTF(("%s: %s source\n", __func__, "block"));
2539 error = imf_prune(imf, &ssa->sin);
2540 if (error) {
2541 IGMP_PRINTF(("%s: merge imf state failed\n",
2542 __func__));
2543 goto out_locked;
2544 }
2545 }
2546
2547 /*
2548 * Begin state merge transaction at IGMP layer.
2549 */
2550
2551 if (is_final) {
2552 /*
2553 * Give up the multicast address record to which
2554 * the membership points. Reference held in imo
2555 * will be released below.
2556 */
2557 (void) in_leavegroup(inm, imf);
2558 } else {
2559 IGMP_PRINTF(("%s: merge inm state\n", __func__));
2560 INM_LOCK(inm);
2561 error = inm_merge(inm, imf);
2562 if (error) {
2563 IGMP_PRINTF(("%s: failed to merge inm state\n",
2564 __func__));
2565 INM_UNLOCK(inm);
2566 goto out_imf_rollback;
2567 }
2568
2569 IGMP_PRINTF(("%s: doing igmp downcall\n", __func__));
39236c6e 2570 error = igmp_change_state(inm, &itp);
6d2010ae
A
2571 if (error) {
2572 IGMP_PRINTF(("%s: failed igmp downcall\n", __func__));
2573 }
2574 INM_UNLOCK(inm);
2575 }
2576
2577out_imf_rollback:
2578 if (error)
2579 imf_rollback(imf);
2580 else
2581 imf_commit(imf);
2582
2583 imf_reap(imf);
2584
2585 if (is_final) {
2586 /* Remove the gap in the membership and filter array. */
2587 VERIFY(inm == imo->imo_membership[idx]);
2588 imo->imo_membership[idx] = NULL;
2589 INM_REMREF(inm);
2590 for (++idx; idx < imo->imo_num_memberships; ++idx) {
2591 imo->imo_membership[idx-1] = imo->imo_membership[idx];
2592 imo->imo_mfilters[idx-1] = imo->imo_mfilters[idx];
2593 }
2594 imo->imo_num_memberships--;
2595 }
2596
2597out_locked:
2598 IMO_UNLOCK(imo);
2599 IMO_REMREF(imo); /* from inp_findmoptions() */
39236c6e
A
2600
2601 /* schedule timer now that we've dropped the lock(s) */
2602 igmp_set_timeout(&itp);
2603
6d2010ae
A
2604 return (error);
2605}
2606
2607/*
2608 * Select the interface for transmitting IPv4 multicast datagrams.
2609 *
2610 * Either an instance of struct in_addr or an instance of struct ip_mreqn
2611 * may be passed to this socket option. An address of INADDR_ANY or an
2612 * interface index of 0 is used to remove a previous selection.
2613 * When no interface is selected, one is chosen for every send.
2614 */
2615static int
2616inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt)
2617{
2618 struct in_addr addr;
2619 struct ip_mreqn mreqn;
2620 struct ifnet *ifp;
2621 struct ip_moptions *imo;
2622 int error = 0 ;
2623 unsigned int ifindex = 0;
2624
2625 if (sopt->sopt_valsize == sizeof(struct ip_mreqn)) {
2626 /*
2627 * An interface index was specified using the
2628 * Linux-derived ip_mreqn structure.
2629 */
2630 error = sooptcopyin(sopt, &mreqn, sizeof(struct ip_mreqn),
2631 sizeof(struct ip_mreqn));
2632 if (error)
2633 return (error);
2634
2635 ifnet_head_lock_shared();
2636 if (mreqn.imr_ifindex < 0 || if_index < mreqn.imr_ifindex) {
2637 ifnet_head_done();
2638 return (EINVAL);
2639 }
2640
2641 if (mreqn.imr_ifindex == 0) {
2642 ifp = NULL;
2643 } else {
2644 ifp = ifindex2ifnet[mreqn.imr_ifindex];
2645 if (ifp == NULL) {
2646 ifnet_head_done();
2647 return (EADDRNOTAVAIL);
2648 }
2649 }
2650 ifnet_head_done();
2651 } else {
2652 /*
2653 * An interface was specified by IPv4 address.
2654 * This is the traditional BSD usage.
2655 */
2656 error = sooptcopyin(sopt, &addr, sizeof(struct in_addr),
2657 sizeof(struct in_addr));
2658 if (error)
2659 return (error);
2660 if (in_nullhost(addr)) {
2661 ifp = NULL;
2662 } else {
2663 ifp = ip_multicast_if(&addr, &ifindex);
2664 if (ifp == NULL) {
39236c6e
A
2665 IGMP_INET_PRINTF(addr,
2666 ("%s: can't find ifp for addr=%s\n",
2667 __func__, _igmp_inet_buf));
6d2010ae
A
2668 return (EADDRNOTAVAIL);
2669 }
2670 }
39236c6e 2671 /* XXX remove? */
6d2010ae 2672#ifdef IGMP_DEBUG0
39236c6e
A
2673 IGMP_PRINTF(("%s: ifp = 0x%llx, addr = %s\n", __func__,
2674 (uint64_t)VM_KERNEL_ADDRPERM(ifp), inet_ntoa(addr)));
6d2010ae
A
2675#endif
2676 }
2677
2678 /* Reject interfaces which do not support multicast. */
2679 if (ifp != NULL && (ifp->if_flags & IFF_MULTICAST) == 0)
2680 return (EOPNOTSUPP);
2681
2682 imo = inp_findmoptions(inp);
2683 if (imo == NULL)
2684 return (ENOMEM);
2685
2686 IMO_LOCK(imo);
2687 imo->imo_multicast_ifp = ifp;
2688 if (ifindex)
2689 imo->imo_multicast_addr = addr;
2690 else
2691 imo->imo_multicast_addr.s_addr = INADDR_ANY;
2692 IMO_UNLOCK(imo);
2693 IMO_REMREF(imo); /* from inp_findmoptions() */
2694
2695 return (0);
2696}
2697
2698/*
2699 * Atomically set source filters on a socket for an IPv4 multicast group.
2700 */
2701static int
2702inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt)
2703{
2704 struct __msfilterreq64 msfr, msfr64;
2705 struct __msfilterreq32 msfr32;
2706 sockunion_t *gsa;
2707 struct ifnet *ifp;
2708 struct in_mfilter *imf;
2709 struct ip_moptions *imo;
2710 struct in_multi *inm;
39236c6e 2711 size_t idx;
6d2010ae 2712 int error;
39236c6e
A
2713 user_addr_t tmp_ptr;
2714 struct igmp_tparams itp;
2715
2716 bzero(&itp, sizeof (itp));
6d2010ae
A
2717
2718 if (IS_64BIT_PROCESS(current_proc())) {
2719 error = sooptcopyin(sopt, &msfr64,
2720 sizeof(struct __msfilterreq64),
2721 sizeof(struct __msfilterreq64));
2722 if (error)
2723 return (error);
2724 /* we never use msfr.msfr_srcs; */
3e170ce0 2725 memcpy(&msfr, &msfr64, sizeof(msfr64));
6d2010ae
A
2726 } else {
2727 error = sooptcopyin(sopt, &msfr32,
2728 sizeof(struct __msfilterreq32),
2729 sizeof(struct __msfilterreq32));
2730 if (error)
2731 return (error);
2732 /* we never use msfr.msfr_srcs; */
3e170ce0 2733 memcpy(&msfr, &msfr32, sizeof(msfr32));
6d2010ae
A
2734 }
2735
316670eb 2736 if ((size_t) msfr.msfr_nsrcs >
39236c6e
A
2737 UINT32_MAX / sizeof(struct sockaddr_storage))
2738 msfr.msfr_nsrcs = UINT32_MAX / sizeof(struct sockaddr_storage);
316670eb 2739
6d2010ae
A
2740 if (msfr.msfr_nsrcs > in_mcast_maxsocksrc)
2741 return (ENOBUFS);
2742
2743 if ((msfr.msfr_fmode != MCAST_EXCLUDE &&
2744 msfr.msfr_fmode != MCAST_INCLUDE))
2745 return (EINVAL);
2746
2747 if (msfr.msfr_group.ss_family != AF_INET ||
2748 msfr.msfr_group.ss_len != sizeof(struct sockaddr_in))
2749 return (EINVAL);
2750
2751 gsa = (sockunion_t *)&msfr.msfr_group;
2752 if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr)))
2753 return (EINVAL);
2754
2755 gsa->sin.sin_port = 0; /* ignore port */
2756
2757 ifnet_head_lock_shared();
2758 if (msfr.msfr_ifindex == 0 || (u_int)if_index < msfr.msfr_ifindex) {
2759 ifnet_head_done();
2760 return (EADDRNOTAVAIL);
2761 }
2762
2763 ifp = ifindex2ifnet[msfr.msfr_ifindex];
2764 ifnet_head_done();
2765 if (ifp == NULL)
2766 return (EADDRNOTAVAIL);
2767
2768 /*
2769 * Check if this socket is a member of this group.
2770 */
2771 imo = inp_findmoptions(inp);
2772 if (imo == NULL)
2773 return (ENOMEM);
2774
2775 IMO_LOCK(imo);
2776 idx = imo_match_group(imo, ifp, &gsa->sa);
2777 if (idx == (size_t)-1 || imo->imo_mfilters == NULL) {
2778 error = EADDRNOTAVAIL;
2779 goto out_imo_locked;
2780 }
2781 inm = imo->imo_membership[idx];
2782 imf = &imo->imo_mfilters[idx];
2783
2784 /*
2785 * Begin state merge transaction at socket layer.
2786 */
2787
2788 imf->imf_st[1] = msfr.msfr_fmode;
2789
2790 /*
2791 * Apply any new source filters, if present.
2792 * Make a copy of the user-space source vector so
2793 * that we may copy them with a single copyin. This
2794 * allows us to deal with page faults up-front.
2795 */
2796 if (msfr.msfr_nsrcs > 0) {
2797 struct in_msource *lims;
2798 struct sockaddr_in *psin;
2799 struct sockaddr_storage *kss, *pkss;
2800 int i;
2801
2802 if (IS_64BIT_PROCESS(current_proc()))
2803 tmp_ptr = msfr64.msfr_srcs;
2804 else
2805 tmp_ptr = CAST_USER_ADDR_T(msfr32.msfr_srcs);
2806
2807 IGMP_PRINTF(("%s: loading %lu source list entries\n",
2808 __func__, (unsigned long)msfr.msfr_nsrcs));
316670eb 2809 kss = _MALLOC((size_t) msfr.msfr_nsrcs * sizeof(*kss),
6d2010ae
A
2810 M_TEMP, M_WAITOK);
2811 if (kss == NULL) {
2812 error = ENOMEM;
2813 goto out_imo_locked;
2814 }
2815 error = copyin(tmp_ptr, kss,
316670eb 2816 (size_t) msfr.msfr_nsrcs * sizeof(*kss));
6d2010ae
A
2817 if (error) {
2818 FREE(kss, M_TEMP);
2819 goto out_imo_locked;
2820 }
2821
2822 /*
2823 * Mark all source filters as UNDEFINED at t1.
2824 * Restore new group filter mode, as imf_leave()
2825 * will set it to INCLUDE.
2826 */
2827 imf_leave(imf);
2828 imf->imf_st[1] = msfr.msfr_fmode;
2829
2830 /*
2831 * Update socket layer filters at t1, lazy-allocating
2832 * new entries. This saves a bunch of memory at the
2833 * cost of one RB_FIND() per source entry; duplicate
2834 * entries in the msfr_nsrcs vector are ignored.
2835 * If we encounter an error, rollback transaction.
2836 *
2837 * XXX This too could be replaced with a set-symmetric
2838 * difference like loop to avoid walking from root
2839 * every time, as the key space is common.
2840 */
2841 for (i = 0, pkss = kss; (u_int)i < msfr.msfr_nsrcs;
2842 i++, pkss++) {
2843 psin = (struct sockaddr_in *)pkss;
2844 if (psin->sin_family != AF_INET) {
2845 error = EAFNOSUPPORT;
2846 break;
2847 }
2848 if (psin->sin_len != sizeof(struct sockaddr_in)) {
2849 error = EINVAL;
2850 break;
2851 }
2852 error = imf_get_source(imf, psin, &lims);
2853 if (error)
2854 break;
2855 lims->imsl_st[1] = imf->imf_st[1];
2856 }
2857 FREE(kss, M_TEMP);
2858 }
2859
2860 if (error)
2861 goto out_imf_rollback;
2862
2863 /*
2864 * Begin state merge transaction at IGMP layer.
2865 */
2866 INM_LOCK(inm);
2867 IGMP_PRINTF(("%s: merge inm state\n", __func__));
2868 error = inm_merge(inm, imf);
2869 if (error) {
2870 IGMP_PRINTF(("%s: failed to merge inm state\n", __func__));
2871 INM_UNLOCK(inm);
2872 goto out_imf_rollback;
2873 }
2874
2875 IGMP_PRINTF(("%s: doing igmp downcall\n", __func__));
39236c6e 2876 error = igmp_change_state(inm, &itp);
6d2010ae
A
2877 INM_UNLOCK(inm);
2878#ifdef IGMP_DEBUG
2879 if (error)
2880 IGMP_PRINTF(("%s: failed igmp downcall\n", __func__));
2881#endif
2882
2883out_imf_rollback:
2884 if (error)
2885 imf_rollback(imf);
2886 else
2887 imf_commit(imf);
2888
2889 imf_reap(imf);
2890
2891out_imo_locked:
2892 IMO_UNLOCK(imo);
2893 IMO_REMREF(imo); /* from inp_findmoptions() */
2894
39236c6e
A
2895 /* schedule timer now that we've dropped the lock(s) */
2896 igmp_set_timeout(&itp);
2897
6d2010ae
A
2898 return (error);
2899}
2900
2901/*
2902 * Set the IP multicast options in response to user setsockopt().
2903 *
2904 * Many of the socket options handled in this function duplicate the
2905 * functionality of socket options in the regular unicast API. However,
2906 * it is not possible to merge the duplicate code, because the idempotence
2907 * of the IPv4 multicast part of the BSD Sockets API must be preserved;
2908 * the effects of these options must be treated as separate and distinct.
6d2010ae
A
2909 */
2910int
2911inp_setmoptions(struct inpcb *inp, struct sockopt *sopt)
2912{
2913 struct ip_moptions *imo;
2914 int error;
2915 unsigned int ifindex;
2916 struct ifnet *ifp;
2917
2918 error = 0;
2919
2920 /*
2921 * If socket is neither of type SOCK_RAW or SOCK_DGRAM,
2922 * or is a divert socket, reject it.
2923 */
39236c6e
A
2924 if (SOCK_PROTO(inp->inp_socket) == IPPROTO_DIVERT ||
2925 (SOCK_TYPE(inp->inp_socket) != SOCK_RAW &&
2926 SOCK_TYPE(inp->inp_socket) != SOCK_DGRAM))
6d2010ae
A
2927 return (EOPNOTSUPP);
2928
2929 switch (sopt->sopt_name) {
6d2010ae
A
2930 case IP_MULTICAST_IF:
2931 error = inp_set_multicast_if(inp, sopt);
2932 break;
2933
2934 case IP_MULTICAST_IFINDEX:
2935 /*
2936 * Select the interface for outgoing multicast packets.
2937 */
2938 error = sooptcopyin(sopt, &ifindex, sizeof (ifindex),
2939 sizeof (ifindex));
2940 if (error)
2941 break;
2942
2943 imo = inp_findmoptions(inp);
2944 if (imo == NULL) {
2945 error = ENOMEM;
2946 break;
2947 }
2948 /*
2949 * Index 0 is used to remove a previous selection.
2950 * When no interface is selected, a default one is
2951 * chosen every time a multicast packet is sent.
2952 */
2953 if (ifindex == 0) {
2954 IMO_LOCK(imo);
2955 imo->imo_multicast_ifp = NULL;
2956 IMO_UNLOCK(imo);
2957 IMO_REMREF(imo); /* from inp_findmoptions() */
2958 break;
2959 }
2960
2961 ifnet_head_lock_shared();
2962 /* Don't need to check is ifindex is < 0 since it's unsigned */
2963 if ((unsigned int)if_index < ifindex) {
2964 ifnet_head_done();
2965 IMO_REMREF(imo); /* from inp_findmoptions() */
2966 error = ENXIO; /* per IPV6_MULTICAST_IF */
2967 break;
2968 }
2969 ifp = ifindex2ifnet[ifindex];
2970 ifnet_head_done();
2971
2972 /* If it's detached or isn't a multicast interface, bail out */
2973 if (ifp == NULL || !(ifp->if_flags & IFF_MULTICAST)) {
2974 IMO_REMREF(imo); /* from inp_findmoptions() */
2975 error = EADDRNOTAVAIL;
2976 break;
2977 }
2978 IMO_LOCK(imo);
2979 imo->imo_multicast_ifp = ifp;
2980 /*
2981 * Clear out any remnants of past IP_MULTICAST_IF. The addr
2982 * isn't really used anywhere in the kernel; we could have
2983 * iterated thru the addresses of the interface and pick one
2984 * here, but that is redundant since ip_getmoptions() already
2985 * takes care of that for INADDR_ANY.
2986 */
2987 imo->imo_multicast_addr.s_addr = INADDR_ANY;
2988 IMO_UNLOCK(imo);
2989 IMO_REMREF(imo); /* from inp_findmoptions() */
2990 break;
2991
2992 case IP_MULTICAST_TTL: {
2993 u_char ttl;
2994
2995 /*
2996 * Set the IP time-to-live for outgoing multicast packets.
2997 * The original multicast API required a char argument,
2998 * which is inconsistent with the rest of the socket API.
2999 * We allow either a char or an int.
3000 */
3001 if (sopt->sopt_valsize == sizeof(u_char)) {
3002 error = sooptcopyin(sopt, &ttl, sizeof(u_char),
3003 sizeof(u_char));
3004 if (error)
3005 break;
3006 } else {
3007 u_int ittl;
3008
3009 error = sooptcopyin(sopt, &ittl, sizeof(u_int),
3010 sizeof(u_int));
3011 if (error)
3012 break;
3013 if (ittl > 255) {
3014 error = EINVAL;
3015 break;
3016 }
3017 ttl = (u_char)ittl;
3018 }
3019 imo = inp_findmoptions(inp);
3020 if (imo == NULL) {
3021 error = ENOMEM;
3022 break;
3023 }
3024 IMO_LOCK(imo);
3025 imo->imo_multicast_ttl = ttl;
3026 IMO_UNLOCK(imo);
3027 IMO_REMREF(imo); /* from inp_findmoptions() */
3028 break;
3029 }
3030
3031 case IP_MULTICAST_LOOP: {
3032 u_char loop;
3033
3034 /*
3035 * Set the loopback flag for outgoing multicast packets.
3036 * Must be zero or one. The original multicast API required a
3037 * char argument, which is inconsistent with the rest
3038 * of the socket API. We allow either a char or an int.
3039 */
3040 if (sopt->sopt_valsize == sizeof(u_char)) {
3041 error = sooptcopyin(sopt, &loop, sizeof(u_char),
3042 sizeof(u_char));
3043 if (error)
3044 break;
3045 } else {
3046 u_int iloop;
3047
3048 error = sooptcopyin(sopt, &iloop, sizeof(u_int),
3049 sizeof(u_int));
3050 if (error)
3051 break;
3052 loop = (u_char)iloop;
3053 }
3054 imo = inp_findmoptions(inp);
3055 if (imo == NULL) {
3056 error = ENOMEM;
3057 break;
3058 }
3059 IMO_LOCK(imo);
3060 imo->imo_multicast_loop = !!loop;
3061 IMO_UNLOCK(imo);
3062 IMO_REMREF(imo); /* from inp_findmoptions() */
3063 break;
3064 }
3065
3066 case IP_ADD_MEMBERSHIP:
3067 case IP_ADD_SOURCE_MEMBERSHIP:
3068 case MCAST_JOIN_GROUP:
3069 case MCAST_JOIN_SOURCE_GROUP:
3070 error = inp_join_group(inp, sopt);
3071 break;
3072
3073 case IP_DROP_MEMBERSHIP:
3074 case IP_DROP_SOURCE_MEMBERSHIP:
3075 case MCAST_LEAVE_GROUP:
3076 case MCAST_LEAVE_SOURCE_GROUP:
3077 error = inp_leave_group(inp, sopt);
3078 break;
3079
3080 case IP_BLOCK_SOURCE:
3081 case IP_UNBLOCK_SOURCE:
3082 case MCAST_BLOCK_SOURCE:
3083 case MCAST_UNBLOCK_SOURCE:
3084 error = inp_block_unblock_source(inp, sopt);
3085 break;
3086
3087 case IP_MSFILTER:
3088 error = inp_set_source_filters(inp, sopt);
3089 break;
3090
3091 default:
3092 error = EOPNOTSUPP;
3093 break;
3094 }
3095
3096 return (error);
3097}
3098
3099/*
3100 * Expose IGMP's multicast filter mode and source list(s) to userland,
3101 * keyed by (ifindex, group).
3102 * The filter mode is written out as a uint32_t, followed by
3103 * 0..n of struct in_addr.
3104 * For use by ifmcstat(8).
3105 */
3106static int
3107sysctl_ip_mcast_filters SYSCTL_HANDLER_ARGS
3108{
3109#pragma unused(oidp)
3110
3111 struct in_addr src, group;
3112 struct ifnet *ifp;
3113 struct in_multi *inm;
3114 struct in_multistep step;
3115 struct ip_msource *ims;
3116 int *name;
3117 int retval = 0;
3118 u_int namelen;
3119 uint32_t fmode, ifindex;
3120
3121 name = (int *)arg1;
3122 namelen = (u_int)arg2;
3123
3124 if (req->newptr != USER_ADDR_NULL)
3125 return (EPERM);
3126
3127 if (namelen != 2)
3128 return (EINVAL);
3129
3130 ifindex = name[0];
3131 ifnet_head_lock_shared();
3132 if (ifindex <= 0 || ifindex > (u_int)if_index) {
3133 IGMP_PRINTF(("%s: ifindex %u out of range\n",
3134 __func__, ifindex));
3135 ifnet_head_done();
3136 return (ENOENT);
3137 }
3138
3139 group.s_addr = name[1];
3140 if (!IN_MULTICAST(ntohl(group.s_addr))) {
39236c6e
A
3141 IGMP_INET_PRINTF(group,
3142 ("%s: group %s is not multicast\n",
3143 __func__, _igmp_inet_buf));
6d2010ae
A
3144 ifnet_head_done();
3145 return (EINVAL);
3146 }
3147
3148 ifp = ifindex2ifnet[ifindex];
3149 ifnet_head_done();
3150 if (ifp == NULL) {
3151 IGMP_PRINTF(("%s: no ifp for ifindex %u\n", __func__, ifindex));
3152 return (ENOENT);
3153 }
3154
3155 in_multihead_lock_shared();
3156 IN_FIRST_MULTI(step, inm);
3157 while (inm != NULL) {
3158 INM_LOCK(inm);
3159 if (inm->inm_ifp != ifp)
3160 goto next;
3161
3162 if (!in_hosteq(inm->inm_addr, group))
3163 goto next;
3164
3165 fmode = inm->inm_st[1].iss_fmode;
3166 retval = SYSCTL_OUT(req, &fmode, sizeof(uint32_t));
3167 if (retval != 0) {
3168 INM_UNLOCK(inm);
3169 break; /* abort */
3170 }
3171 RB_FOREACH(ims, ip_msource_tree, &inm->inm_srcs) {
3172#ifdef IGMP_DEBUG
3173 struct in_addr ina;
3174 ina.s_addr = htonl(ims->ims_haddr);
39236c6e
A
3175 IGMP_INET_PRINTF(ina,
3176 ("%s: visit node %s\n", __func__, _igmp_inet_buf));
6d2010ae
A
3177#endif
3178 /*
3179 * Only copy-out sources which are in-mode.
3180 */
3181 if (fmode != ims_get_mode(inm, ims, 1)) {
3182 IGMP_PRINTF(("%s: skip non-in-mode\n",
3183 __func__));
3184 continue; /* process next source */
3185 }
3186 src.s_addr = htonl(ims->ims_haddr);
3187 retval = SYSCTL_OUT(req, &src, sizeof(struct in_addr));
3188 if (retval != 0)
3189 break; /* process next inm */
3190 }
3191next:
3192 INM_UNLOCK(inm);
3193 IN_NEXT_MULTI(step, inm);
3194 }
3195 in_multihead_lock_done();
3196
3197 return (retval);
3198}
3199
3200/*
3201 * XXX
3202 * The whole multicast option thing needs to be re-thought.
3203 * Several of these options are equally applicable to non-multicast
3204 * transmission, and one (IP_MULTICAST_TTL) totally duplicates a
3205 * standard option (IP_TTL).
3206 */
3207/*
3208 * following RFC1724 section 3.3, 0.0.0.0/8 is interpreted as interface index.
3209 */
3210static struct ifnet *
3211ip_multicast_if(struct in_addr *a, unsigned int *ifindexp)
3212{
3213 unsigned int ifindex;
3214 struct ifnet *ifp;
3215
3216 if (ifindexp != NULL)
3217 *ifindexp = 0;
3218 if (ntohl(a->s_addr) >> 24 == 0) {
3219 ifindex = ntohl(a->s_addr) & 0xffffff;
3220 ifnet_head_lock_shared();
3221 /* Don't need to check is ifindex is < 0 since it's unsigned */
3222 if ((unsigned int)if_index < ifindex) {
3223 ifnet_head_done();
3224 return (NULL);
3225 }
3226 ifp = ifindex2ifnet[ifindex];
3227 ifnet_head_done();
3228 if (ifp != NULL && ifindexp != NULL)
3229 *ifindexp = ifindex;
3230 } else {
3231 INADDR_TO_IFP(*a, ifp);
3232 }
3233 return (ifp);
3234}
3235
3236void
3237in_multi_init(void)
3238{
3239 PE_parse_boot_argn("ifa_debug", &inm_debug, sizeof (inm_debug));
3240
3241 /* Setup lock group and attribute for in_multihead */
3242 in_multihead_lock_grp_attr = lck_grp_attr_alloc_init();
3243 in_multihead_lock_grp = lck_grp_alloc_init("in_multihead",
3244 in_multihead_lock_grp_attr);
3245 in_multihead_lock_attr = lck_attr_alloc_init();
3246 lck_rw_init(&in_multihead_lock, in_multihead_lock_grp,
3247 in_multihead_lock_attr);
3248
3249 lck_mtx_init(&inm_trash_lock, in_multihead_lock_grp,
3250 in_multihead_lock_attr);
3251 TAILQ_INIT(&inm_trash_head);
3252
3253 inm_size = (inm_debug == 0) ? sizeof (struct in_multi) :
3254 sizeof (struct in_multi_dbg);
3255 inm_zone = zinit(inm_size, INM_ZONE_MAX * inm_size,
3256 0, INM_ZONE_NAME);
3257 if (inm_zone == NULL) {
3258 panic("%s: failed allocating %s", __func__, INM_ZONE_NAME);
3259 /* NOTREACHED */
3260 }
3261 zone_change(inm_zone, Z_EXPAND, TRUE);
3262
3263 ipms_size = sizeof (struct ip_msource);
3264 ipms_zone = zinit(ipms_size, IPMS_ZONE_MAX * ipms_size,
3265 0, IPMS_ZONE_NAME);
3266 if (ipms_zone == NULL) {
3267 panic("%s: failed allocating %s", __func__, IPMS_ZONE_NAME);
3268 /* NOTREACHED */
3269 }
3270 zone_change(ipms_zone, Z_EXPAND, TRUE);
3271
3272 inms_size = sizeof (struct in_msource);
3273 inms_zone = zinit(inms_size, INMS_ZONE_MAX * inms_size,
3274 0, INMS_ZONE_NAME);
3275 if (inms_zone == NULL) {
3276 panic("%s: failed allocating %s", __func__, INMS_ZONE_NAME);
3277 /* NOTREACHED */
3278 }
3279 zone_change(inms_zone, Z_EXPAND, TRUE);
3280}
3281
3282static struct in_multi *
3283in_multi_alloc(int how)
3284{
3285 struct in_multi *inm;
3286
3287 inm = (how == M_WAITOK) ? zalloc(inm_zone) : zalloc_noblock(inm_zone);
3288 if (inm != NULL) {
3289 bzero(inm, inm_size);
3290 lck_mtx_init(&inm->inm_lock, in_multihead_lock_grp,
3291 in_multihead_lock_attr);
3292 inm->inm_debug |= IFD_ALLOC;
3293 if (inm_debug != 0) {
3294 inm->inm_debug |= IFD_DEBUG;
3295 inm->inm_trace = inm_trace;
3296 }
3297 }
3298 return (inm);
3299}
3300
3301static void
3302in_multi_free(struct in_multi *inm)
3303{
3304 INM_LOCK(inm);
3305 if (inm->inm_debug & IFD_ATTACHED) {
3306 panic("%s: attached inm=%p is being freed", __func__, inm);
3307 /* NOTREACHED */
3308 } else if (inm->inm_ifma != NULL) {
3309 panic("%s: ifma not NULL for inm=%p", __func__, inm);
3310 /* NOTREACHED */
3311 } else if (!(inm->inm_debug & IFD_ALLOC)) {
3312 panic("%s: inm %p cannot be freed", __func__, inm);
3313 /* NOTREACHED */
3314 } else if (inm->inm_refcount != 0) {
3315 panic("%s: non-zero refcount inm=%p", __func__, inm);
3316 /* NOTREACHED */
3317 } else if (inm->inm_reqcnt != 0) {
3318 panic("%s: non-zero reqcnt inm=%p", __func__, inm);
3319 /* NOTREACHED */
3320 }
3321
3322 /* Free any pending IGMPv3 state-change records */
3323 IF_DRAIN(&inm->inm_scq);
3324
3325 inm->inm_debug &= ~IFD_ALLOC;
3326 if ((inm->inm_debug & (IFD_DEBUG | IFD_TRASHED)) ==
3327 (IFD_DEBUG | IFD_TRASHED)) {
3328 lck_mtx_lock(&inm_trash_lock);
3329 TAILQ_REMOVE(&inm_trash_head, (struct in_multi_dbg *)inm,
3330 inm_trash_link);
3331 lck_mtx_unlock(&inm_trash_lock);
3332 inm->inm_debug &= ~IFD_TRASHED;
3333 }
3334 INM_UNLOCK(inm);
3335
3336 lck_mtx_destroy(&inm->inm_lock, in_multihead_lock_grp);
3337 zfree(inm_zone, inm);
3338}
3339
3340static void
3341in_multi_attach(struct in_multi *inm)
3342{
3343 in_multihead_lock_assert(LCK_RW_ASSERT_EXCLUSIVE);
3344 INM_LOCK_ASSERT_HELD(inm);
3345
3346 if (inm->inm_debug & IFD_ATTACHED) {
3347 panic("%s: Attempt to attach an already attached inm=%p",
3348 __func__, inm);
3349 /* NOTREACHED */
3350 } else if (inm->inm_debug & IFD_TRASHED) {
3351 panic("%s: Attempt to reattach a detached inm=%p",
3352 __func__, inm);
3353 /* NOTREACHED */
3354 }
3355
3356 inm->inm_reqcnt++;
3357 VERIFY(inm->inm_reqcnt == 1);
3358 INM_ADDREF_LOCKED(inm);
3359 inm->inm_debug |= IFD_ATTACHED;
3360 /*
3361 * Reattach case: If debugging is enabled, take it
3362 * out of the trash list and clear IFD_TRASHED.
3363 */
3364 if ((inm->inm_debug & (IFD_DEBUG | IFD_TRASHED)) ==
3365 (IFD_DEBUG | IFD_TRASHED)) {
3366 /* Become a regular mutex, just in case */
3367 INM_CONVERT_LOCK(inm);
3368 lck_mtx_lock(&inm_trash_lock);
3369 TAILQ_REMOVE(&inm_trash_head, (struct in_multi_dbg *)inm,
3370 inm_trash_link);
3371 lck_mtx_unlock(&inm_trash_lock);
3372 inm->inm_debug &= ~IFD_TRASHED;
3373 }
3374
3375 LIST_INSERT_HEAD(&in_multihead, inm, inm_link);
3376}
3377
3378int
3379in_multi_detach(struct in_multi *inm)
3380{
3381 in_multihead_lock_assert(LCK_RW_ASSERT_EXCLUSIVE);
3382 INM_LOCK_ASSERT_HELD(inm);
3383
3384 if (inm->inm_reqcnt == 0) {
3385 panic("%s: inm=%p negative reqcnt", __func__, inm);
3386 /* NOTREACHED */
3387 }
3388
3389 --inm->inm_reqcnt;
3390 if (inm->inm_reqcnt > 0)
3391 return (0);
3392
3393 if (!(inm->inm_debug & IFD_ATTACHED)) {
3394 panic("%s: Attempt to detach an unattached record inm=%p",
3395 __func__, inm);
3396 /* NOTREACHED */
3397 } else if (inm->inm_debug & IFD_TRASHED) {
3398 panic("%s: inm %p is already in trash list", __func__, inm);
3399 /* NOTREACHED */
3400 }
3401
3402 /*
3403 * NOTE: Caller calls IFMA_REMREF
3404 */
3405 inm->inm_debug &= ~IFD_ATTACHED;
3406 LIST_REMOVE(inm, inm_link);
3407
3408 if (inm->inm_debug & IFD_DEBUG) {
3409 /* Become a regular mutex, just in case */
3410 INM_CONVERT_LOCK(inm);
3411 lck_mtx_lock(&inm_trash_lock);
3412 TAILQ_INSERT_TAIL(&inm_trash_head,
3413 (struct in_multi_dbg *)inm, inm_trash_link);
3414 lck_mtx_unlock(&inm_trash_lock);
3415 inm->inm_debug |= IFD_TRASHED;
3416 }
3417
3418 return (1);
3419}
3420
3421void
3422inm_addref(struct in_multi *inm, int locked)
3423{
3424 if (!locked)
3425 INM_LOCK_SPIN(inm);
3426 else
3427 INM_LOCK_ASSERT_HELD(inm);
3428
3429 if (++inm->inm_refcount == 0) {
3430 panic("%s: inm=%p wraparound refcnt", __func__, inm);
3431 /* NOTREACHED */
3432 } else if (inm->inm_trace != NULL) {
3433 (*inm->inm_trace)(inm, TRUE);
3434 }
3435 if (!locked)
3436 INM_UNLOCK(inm);
3437}
3438
3439void
3440inm_remref(struct in_multi *inm, int locked)
3441{
3442 struct ifmultiaddr *ifma;
3443 struct igmp_ifinfo *igi;
3444
3445 if (!locked)
3446 INM_LOCK_SPIN(inm);
3447 else
3448 INM_LOCK_ASSERT_HELD(inm);
3449
3450 if (inm->inm_refcount == 0 || (inm->inm_refcount == 1 && locked)) {
3451 panic("%s: inm=%p negative/missing refcnt", __func__, inm);
3452 /* NOTREACHED */
3453 } else if (inm->inm_trace != NULL) {
3454 (*inm->inm_trace)(inm, FALSE);
3455 }
3456
3457 --inm->inm_refcount;
3458 if (inm->inm_refcount > 0) {
3459 if (!locked)
3460 INM_UNLOCK(inm);
3461 return;
3462 }
3463
3464 /*
3465 * Synchronization with in_getmulti(). In the event the inm has been
3466 * detached, the underlying ifma would still be in the if_multiaddrs
3467 * list, and thus can be looked up via if_addmulti(). At that point,
3468 * the only way to find this inm is via ifma_protospec. To avoid
3469 * race conditions between the last inm_remref() of that inm and its
3470 * use via ifma_protospec, in_multihead lock is used for serialization.
3471 * In order to avoid violating the lock order, we must drop inm_lock
3472 * before acquiring in_multihead lock. To prevent the inm from being
3473 * freed prematurely, we hold an extra reference.
3474 */
3475 ++inm->inm_refcount;
3476 INM_UNLOCK(inm);
3477 in_multihead_lock_shared();
3478 INM_LOCK_SPIN(inm);
3479 --inm->inm_refcount;
3480 if (inm->inm_refcount > 0) {
3481 /* We've lost the race, so abort since inm is still in use */
3482 INM_UNLOCK(inm);
3483 in_multihead_lock_done();
3484 /* If it was locked, return it as such */
3485 if (locked)
3486 INM_LOCK(inm);
3487 return;
3488 }
3489 inm_purge(inm);
3490 ifma = inm->inm_ifma;
3491 inm->inm_ifma = NULL;
3492 inm->inm_ifp = NULL;
3493 igi = inm->inm_igi;
3494 inm->inm_igi = NULL;
3495 INM_UNLOCK(inm);
3496 IFMA_LOCK_SPIN(ifma);
3497 ifma->ifma_protospec = NULL;
3498 IFMA_UNLOCK(ifma);
3499 in_multihead_lock_done();
3500
3501 in_multi_free(inm);
3502 if_delmulti_ifma(ifma);
3503 /* Release reference held to the underlying ifmultiaddr */
3504 IFMA_REMREF(ifma);
3505
3506 if (igi != NULL)
3507 IGI_REMREF(igi);
3508}
3509
3510static void
3511inm_trace(struct in_multi *inm, int refhold)
3512{
3513 struct in_multi_dbg *inm_dbg = (struct in_multi_dbg *)inm;
3514 ctrace_t *tr;
3515 u_int32_t idx;
3516 u_int16_t *cnt;
3517
3518 if (!(inm->inm_debug & IFD_DEBUG)) {
3519 panic("%s: inm %p has no debug structure", __func__, inm);
3520 /* NOTREACHED */
3521 }
3522 if (refhold) {
3523 cnt = &inm_dbg->inm_refhold_cnt;
3524 tr = inm_dbg->inm_refhold;
3525 } else {
3526 cnt = &inm_dbg->inm_refrele_cnt;
3527 tr = inm_dbg->inm_refrele;
3528 }
3529
3530 idx = atomic_add_16_ov(cnt, 1) % INM_TRACE_HIST_SIZE;
3531 ctrace_record(&tr[idx]);
3532}
3533
3534void
3535in_multihead_lock_exclusive(void)
3536{
3537 lck_rw_lock_exclusive(&in_multihead_lock);
3538}
3539
3540void
3541in_multihead_lock_shared(void)
3542{
3543 lck_rw_lock_shared(&in_multihead_lock);
3544}
3545
3546void
3547in_multihead_lock_assert(int what)
3548{
3549 lck_rw_assert(&in_multihead_lock, what);
3550}
3551
3552void
3553in_multihead_lock_done(void)
3554{
3555 lck_rw_done(&in_multihead_lock);
3556}
3557
3558static struct ip_msource *
3559ipms_alloc(int how)
3560{
3561 struct ip_msource *ims;
3562
3563 ims = (how == M_WAITOK) ? zalloc(ipms_zone) : zalloc_noblock(ipms_zone);
3564 if (ims != NULL)
3565 bzero(ims, ipms_size);
3566
3567 return (ims);
3568}
3569
3570static void
3571ipms_free(struct ip_msource *ims)
3572{
3573 zfree(ipms_zone, ims);
3574}
3575
3576static struct in_msource *
3577inms_alloc(int how)
3578{
3579 struct in_msource *inms;
3580
3581 inms = (how == M_WAITOK) ? zalloc(inms_zone) :
3582 zalloc_noblock(inms_zone);
3583 if (inms != NULL)
3584 bzero(inms, inms_size);
3585
3586 return (inms);
3587}
3588
3589static void
3590inms_free(struct in_msource *inms)
3591{
3592 zfree(inms_zone, inms);
3593}
3594
3595#ifdef IGMP_DEBUG
3596
3597static const char *inm_modestrs[] = { "un\n", "in", "ex" };
3598
3599static const char *
3600inm_mode_str(const int mode)
3601{
3602 if (mode >= MCAST_UNDEFINED && mode <= MCAST_EXCLUDE)
3603 return (inm_modestrs[mode]);
3604 return ("??");
3605}
3606
3607static const char *inm_statestrs[] = {
3608 "not-member\n",
3609 "silent\n",
39236c6e 3610 "reporting\n",
6d2010ae
A
3611 "idle\n",
3612 "lazy\n",
3613 "sleeping\n",
3614 "awakening\n",
3615 "query-pending\n",
3616 "sg-query-pending\n",
3617 "leaving"
3618};
3619
3620static const char *
3621inm_state_str(const int state)
3622{
3623 if (state >= IGMP_NOT_MEMBER && state <= IGMP_LEAVING_MEMBER)
3624 return (inm_statestrs[state]);
3625 return ("??");
3626}
3627
3628/*
3629 * Dump an in_multi structure to the console.
3630 */
3631void
3632inm_print(const struct in_multi *inm)
3633{
3634 int t;
39236c6e 3635 char buf[MAX_IPv4_STR_LEN];
6d2010ae 3636
39236c6e 3637 INM_LOCK_ASSERT_HELD(__DECONST(struct in_multi *, inm));
6d2010ae
A
3638
3639 if (igmp_debug == 0)
3640 return;
3641
39236c6e
A
3642 inet_ntop(AF_INET, &inm->inm_addr, buf, sizeof(buf));
3643 printf("%s: --- begin inm 0x%llx ---\n", __func__,
3644 (uint64_t)VM_KERNEL_ADDRPERM(inm));
3645 printf("addr %s ifp 0x%llx(%s) ifma 0x%llx\n",
3646 buf,
3647 (uint64_t)VM_KERNEL_ADDRPERM(inm->inm_ifp),
3648 if_name(inm->inm_ifp),
3649 (uint64_t)VM_KERNEL_ADDRPERM(inm->inm_ifma));
6d2010ae
A
3650 printf("timer %u state %s refcount %u scq.len %u\n",
3651 inm->inm_timer,
3652 inm_state_str(inm->inm_state),
3653 inm->inm_refcount,
3654 inm->inm_scq.ifq_len);
39236c6e
A
3655 printf("igi 0x%llx nsrc %lu sctimer %u scrv %u\n",
3656 (uint64_t)VM_KERNEL_ADDRPERM(inm->inm_igi),
6d2010ae
A
3657 inm->inm_nsrc,
3658 inm->inm_sctimer,
3659 inm->inm_scrv);
3660 for (t = 0; t < 2; t++) {
3661 printf("t%d: fmode %s asm %u ex %u in %u rec %u\n", t,
3662 inm_mode_str(inm->inm_st[t].iss_fmode),
3663 inm->inm_st[t].iss_asm,
3664 inm->inm_st[t].iss_ex,
3665 inm->inm_st[t].iss_in,
3666 inm->inm_st[t].iss_rec);
3667 }
39236c6e
A
3668 printf("%s: --- end inm 0x%llx ---\n", __func__,
3669 (uint64_t)VM_KERNEL_ADDRPERM(inm));
6d2010ae
A
3670}
3671
3672#else
3673
3674void
3675inm_print(__unused const struct in_multi *inm)
3676{
3677
3678}
3679
3680#endif