1 /* $OpenBSD: mld6.c,v 1.49 2016/12/21 12:12:13 mpi Exp $ */ 2 /* $KAME: mld6.c,v 1.26 2001/02/16 14:50:35 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1988 Stephen Deering. 35 * Copyright (c) 1992, 1993 36 * The Regents of the University of California. All rights reserved. 37 * 38 * This code is derived from software contributed to Berkeley by 39 * Stephen Deering of Stanford University. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 3. Neither the name of the University nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 * 65 * @(#)igmp.c 8.1 (Berkeley) 7/19/93 66 */ 67 68 #include <sys/param.h> 69 #include <sys/systm.h> 70 #include <sys/mbuf.h> 71 #include <sys/socket.h> 72 #include <sys/protosw.h> 73 #include <sys/syslog.h> 74 75 #include <net/if.h> 76 #include <net/if_var.h> 77 78 #include <netinet/in.h> 79 #include <netinet6/in6_var.h> 80 #include <netinet/ip6.h> 81 #include <netinet6/ip6_var.h> 82 #include <netinet/icmp6.h> 83 #include <netinet6/mld6.h> 84 #include <netinet6/mld6_var.h> 85 86 static struct ip6_pktopts ip6_opts; 87 static int mld_timers_are_running; 88 /* XXX: These are necessary for KAME's link-local hack */ 89 static struct in6_addr mld_all_nodes_linklocal = IN6ADDR_LINKLOCAL_ALLNODES_INIT; 90 static struct in6_addr mld_all_routers_linklocal = IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 91 92 void mld6_checktimer(struct ifnet *); 93 static void mld6_sendpkt(struct in6_multi *, int, const struct in6_addr *); 94 95 void 96 mld6_init(void) 97 { 98 static u_int8_t hbh_buf[8]; 99 struct ip6_hbh *hbh = (struct ip6_hbh *)hbh_buf; 100 u_int16_t rtalert_code = htons((u_int16_t)IP6OPT_RTALERT_MLD); 101 102 mld_timers_are_running = 0; 103 104 /* ip6h_nxt will be fill in later */ 105 hbh->ip6h_len = 0; /* (8 >> 3) - 1 */ 106 107 /* XXX: grotty hard coding... */ 108 hbh_buf[2] = IP6OPT_PADN; /* 2 byte padding */ 109 hbh_buf[3] = 0; 110 hbh_buf[4] = IP6OPT_ROUTER_ALERT; 111 hbh_buf[5] = IP6OPT_RTALERT_LEN - 2; 112 bcopy((caddr_t)&rtalert_code, &hbh_buf[6], sizeof(u_int16_t)); 113 114 ip6_opts.ip6po_hbh = hbh; 115 } 116 117 void 118 mld6_start_listening(struct in6_multi *in6m) 119 { 120 /* 121 * RFC2710 page 10: 122 * The node never sends a Report or Done for the link-scope all-nodes 123 * address. 124 * MLD messages are never sent for multicast addresses whose scope is 0 125 * (reserved) or 1 (node-local). 126 */ 127 mld_all_nodes_linklocal.s6_addr16[1] = htons(in6m->in6m_ifidx);/* XXX */ 128 if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &mld_all_nodes_linklocal) || 129 __IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) < __IPV6_ADDR_SCOPE_LINKLOCAL) { 130 in6m->in6m_timer = 0; 131 in6m->in6m_state = MLD_OTHERLISTENER; 132 } else { 133 mld6_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); 134 in6m->in6m_timer = 135 MLD_RANDOM_DELAY(MLD_V1_MAX_RI * 136 PR_FASTHZ); 137 in6m->in6m_state = MLD_IREPORTEDLAST; 138 mld_timers_are_running = 1; 139 } 140 } 141 142 void 143 mld6_stop_listening(struct in6_multi *in6m) 144 { 145 mld_all_nodes_linklocal.s6_addr16[1] = htons(in6m->in6m_ifidx);/* XXX */ 146 mld_all_routers_linklocal.s6_addr16[1] = 147 htons(in6m->in6m_ifidx); /* XXX: necessary when mrouting */ 148 149 if (in6m->in6m_state == MLD_IREPORTEDLAST && 150 (!IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &mld_all_nodes_linklocal)) && 151 __IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) > __IPV6_ADDR_SCOPE_INTFACELOCAL) 152 mld6_sendpkt(in6m, MLD_LISTENER_DONE, 153 &mld_all_routers_linklocal); 154 } 155 156 void 157 mld6_input(struct mbuf *m, int off) 158 { 159 struct ip6_hdr *ip6; 160 struct mld_hdr *mldh; 161 struct ifnet *ifp; 162 struct in6_multi *in6m; 163 struct ifmaddr *ifma; 164 int timer; /* timer value in the MLD query header */ 165 166 IP6_EXTHDR_GET(mldh, struct mld_hdr *, m, off, sizeof(*mldh)); 167 if (mldh == NULL) { 168 icmp6stat.icp6s_tooshort++; 169 return; 170 } 171 172 /* source address validation */ 173 ip6 = mtod(m, struct ip6_hdr *);/* in case mpullup */ 174 if (!IN6_IS_ADDR_LINKLOCAL(&ip6->ip6_src)) { 175 #if 0 176 char src[INET6_ADDRSTRLEN], grp[INET6_ADDRSTRLEN]; 177 178 log(LOG_ERR, 179 "mld_input: src %s is not link-local (grp=%s)\n", 180 inet_ntop(AF_INET6, &ip6->ip6_src, src, sizeof(src)), 181 inet_ntop(AF_INET6, &mldh->mld_addr, grp, sizeof(grp))); 182 #endif 183 /* 184 * spec (RFC2710) does not explicitly 185 * specify to discard the packet from a non link-local 186 * source address. But we believe it's expected to do so. 187 */ 188 m_freem(m); 189 return; 190 } 191 192 ifp = if_get(m->m_pkthdr.ph_ifidx); 193 if (ifp == NULL) { 194 m_freem(m); 195 return; 196 } 197 198 /* 199 * In the MLD6 specification, there are 3 states and a flag. 200 * 201 * In Non-Listener state, we simply don't have a membership record. 202 * In Delaying Listener state, our timer is running (in6m->in6m_timer) 203 * In Idle Listener state, our timer is not running (in6m->in6m_timer==0) 204 * 205 * The flag is in6m->in6m_state, it is set to MLD_OTHERLISTENER if 206 * we have heard a report from another member, or MLD_IREPORTEDLAST 207 * if we sent the last report. 208 */ 209 switch(mldh->mld_type) { 210 case MLD_LISTENER_QUERY: 211 if (ifp->if_flags & IFF_LOOPBACK) 212 break; 213 214 if (!IN6_IS_ADDR_UNSPECIFIED(&mldh->mld_addr) && 215 !IN6_IS_ADDR_MULTICAST(&mldh->mld_addr)) 216 break; /* print error or log stat? */ 217 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 218 mldh->mld_addr.s6_addr16[1] = 219 htons(ifp->if_index); /* XXX */ 220 221 /* 222 * - Start the timers in all of our membership records 223 * that the query applies to for the interface on 224 * which the query arrived excl. those that belong 225 * to the "all-nodes" group (ff02::1). 226 * - Restart any timer that is already running but has 227 * A value longer than the requested timeout. 228 * - Use the value specified in the query message as 229 * the maximum timeout. 230 */ 231 232 /* 233 * XXX: System timer resolution is too low to handle Max 234 * Response Delay, so set 1 to the internal timer even if 235 * the calculated value equals to zero when Max Response 236 * Delay is positive. 237 */ 238 timer = ntohs(mldh->mld_maxdelay)*PR_FASTHZ/MLD_TIMER_SCALE; 239 if (timer == 0 && mldh->mld_maxdelay) 240 timer = 1; 241 mld_all_nodes_linklocal.s6_addr16[1] = 242 htons(ifp->if_index); /* XXX */ 243 244 TAILQ_FOREACH(ifma, &ifp->if_maddrlist, ifma_list) { 245 if (ifma->ifma_addr->sa_family != AF_INET6) 246 continue; 247 in6m = ifmatoin6m(ifma); 248 if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, 249 &mld_all_nodes_linklocal) || 250 __IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) < 251 __IPV6_ADDR_SCOPE_LINKLOCAL) 252 continue; 253 254 if (IN6_IS_ADDR_UNSPECIFIED(&mldh->mld_addr) || 255 IN6_ARE_ADDR_EQUAL(&mldh->mld_addr, 256 &in6m->in6m_addr)) 257 { 258 if (timer == 0) { 259 /* send a report immediately */ 260 mld6_sendpkt(in6m, MLD_LISTENER_REPORT, 261 NULL); 262 in6m->in6m_timer = 0; /* reset timer */ 263 in6m->in6m_state = MLD_IREPORTEDLAST; 264 } else if (in6m->in6m_timer == 0 || /* idle */ 265 in6m->in6m_timer > timer) { 266 in6m->in6m_timer = 267 MLD_RANDOM_DELAY(timer); 268 mld_timers_are_running = 1; 269 } 270 } 271 } 272 273 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 274 mldh->mld_addr.s6_addr16[1] = 0; /* XXX */ 275 break; 276 case MLD_LISTENER_REPORT: 277 /* 278 * For fast leave to work, we have to know that we are the 279 * last person to send a report for this group. Reports 280 * can potentially get looped back if we are a multicast 281 * router, so discard reports sourced by me. 282 * Note that it is impossible to check IFF_LOOPBACK flag of 283 * ifp for this purpose, since ip6_mloopback pass the physical 284 * interface to if_input_local(). 285 */ 286 if (m->m_flags & M_LOOP) /* XXX: grotty flag, but efficient */ 287 break; 288 289 if (!IN6_IS_ADDR_MULTICAST(&mldh->mld_addr)) 290 break; 291 292 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 293 mldh->mld_addr.s6_addr16[1] = 294 htons(ifp->if_index); /* XXX */ 295 /* 296 * If we belong to the group being reported, stop 297 * our timer for that group. 298 */ 299 IN6_LOOKUP_MULTI(mldh->mld_addr, ifp, in6m); 300 if (in6m) { 301 in6m->in6m_timer = 0; /* transit to idle state */ 302 in6m->in6m_state = MLD_OTHERLISTENER; /* clear flag */ 303 } 304 305 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 306 mldh->mld_addr.s6_addr16[1] = 0; /* XXX */ 307 break; 308 default: /* this is impossible */ 309 #if 0 310 /* 311 * this case should be impossible because of filtering in 312 * icmp6_input(). But we explicitly disabled this part 313 * just in case. 314 */ 315 log(LOG_ERR, "mld_input: illegal type(%d)", mldh->mld_type); 316 #endif 317 break; 318 } 319 if_put(ifp); 320 321 m_freem(m); 322 } 323 324 void 325 mld6_fasttimeo(void) 326 { 327 struct ifnet *ifp; 328 329 /* 330 * Quick check to see if any work needs to be done, in order 331 * to minimize the overhead of fasttimo processing. 332 */ 333 if (!mld_timers_are_running) 334 return; 335 336 mld_timers_are_running = 0; 337 TAILQ_FOREACH(ifp, &ifnet, if_list) 338 mld6_checktimer(ifp); 339 } 340 341 void 342 mld6_checktimer(struct ifnet *ifp) 343 { 344 struct in6_multi *in6m; 345 struct ifmaddr *ifma; 346 347 splsoftassert(IPL_SOFTNET); 348 349 TAILQ_FOREACH(ifma, &ifp->if_maddrlist, ifma_list) { 350 if (ifma->ifma_addr->sa_family != AF_INET6) 351 continue; 352 in6m = ifmatoin6m(ifma); 353 if (in6m->in6m_timer == 0) { 354 /* do nothing */ 355 } else if (--in6m->in6m_timer == 0) { 356 mld6_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); 357 in6m->in6m_state = MLD_IREPORTEDLAST; 358 } else { 359 mld_timers_are_running = 1; 360 } 361 } 362 } 363 364 static void 365 mld6_sendpkt(struct in6_multi *in6m, int type, const struct in6_addr *dst) 366 { 367 struct mbuf *mh, *md; 368 struct mld_hdr *mldh; 369 struct ip6_hdr *ip6; 370 struct ip6_moptions im6o; 371 struct in6_ifaddr *ia6; 372 struct ifnet *ifp; 373 int ignflags; 374 375 ifp = if_get(in6m->in6m_ifidx); 376 if (ifp == NULL) 377 return; 378 379 /* 380 * At first, find a link local address on the outgoing interface 381 * to use as the source address of the MLD packet. 382 * We do not reject tentative addresses for MLD report to deal with 383 * the case where we first join a link-local address. 384 */ 385 ignflags = IN6_IFF_DUPLICATED|IN6_IFF_ANYCAST; 386 if ((ia6 = in6ifa_ifpforlinklocal(ifp, ignflags)) == NULL) { 387 if_put(ifp); 388 return; 389 } 390 if ((ia6->ia6_flags & IN6_IFF_TENTATIVE)) 391 ia6 = NULL; 392 393 /* 394 * Allocate mbufs to store ip6 header and MLD header. 395 * We allocate 2 mbufs and make chain in advance because 396 * it is more convenient when inserting the hop-by-hop option later. 397 */ 398 MGETHDR(mh, M_DONTWAIT, MT_HEADER); 399 if (mh == NULL) { 400 if_put(ifp); 401 return; 402 } 403 MGET(md, M_DONTWAIT, MT_DATA); 404 if (md == NULL) { 405 m_free(mh); 406 if_put(ifp); 407 return; 408 } 409 mh->m_next = md; 410 411 mh->m_pkthdr.ph_ifidx = 0; 412 mh->m_pkthdr.ph_rtableid = ifp->if_rdomain; 413 mh->m_pkthdr.len = sizeof(struct ip6_hdr) + sizeof(struct mld_hdr); 414 mh->m_len = sizeof(struct ip6_hdr); 415 MH_ALIGN(mh, sizeof(struct ip6_hdr)); 416 417 /* fill in the ip6 header */ 418 ip6 = mtod(mh, struct ip6_hdr *); 419 ip6->ip6_flow = 0; 420 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 421 ip6->ip6_vfc |= IPV6_VERSION; 422 /* ip6_plen will be set later */ 423 ip6->ip6_nxt = IPPROTO_ICMPV6; 424 /* ip6_hlim will be set by im6o.im6o_hlim */ 425 ip6->ip6_src = ia6 ? ia6->ia_addr.sin6_addr : in6addr_any; 426 ip6->ip6_dst = dst ? *dst : in6m->in6m_addr; 427 428 /* fill in the MLD header */ 429 md->m_len = sizeof(struct mld_hdr); 430 mldh = mtod(md, struct mld_hdr *); 431 mldh->mld_type = type; 432 mldh->mld_code = 0; 433 mldh->mld_cksum = 0; 434 /* XXX: we assume the function will not be called for query messages */ 435 mldh->mld_maxdelay = 0; 436 mldh->mld_reserved = 0; 437 mldh->mld_addr = in6m->in6m_addr; 438 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 439 mldh->mld_addr.s6_addr16[1] = 0; /* XXX */ 440 mh->m_pkthdr.csum_flags |= M_ICMP_CSUM_OUT; 441 442 /* construct multicast option */ 443 bzero(&im6o, sizeof(im6o)); 444 im6o.im6o_ifidx = ifp->if_index; 445 im6o.im6o_hlim = 1; 446 447 if_put(ifp); 448 449 /* 450 * Request loopback of the report if we are acting as a multicast 451 * router, so that the process-level routing daemon can hear it. 452 */ 453 #ifdef MROUTING 454 im6o.im6o_loop = (ip6_mrouter != NULL); 455 #endif 456 457 icmp6stat.icp6s_outhist[type]++; 458 ip6_output(mh, &ip6_opts, NULL, ia6 ? 0 : IPV6_UNSPECSRC, &im6o, 459 NULL); 460 } 461