1 /* $OpenBSD: mld6.c,v 1.27 2011/04/15 15:14:44 chl Exp $ */ 2 /* $KAME: mld6.c,v 1.26 2001/02/16 14:50:35 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1988 Stephen Deering. 35 * Copyright (c) 1992, 1993 36 * The Regents of the University of California. All rights reserved. 37 * 38 * This code is derived from software contributed to Berkeley by 39 * Stephen Deering of Stanford University. 40 * 41 * Redistribution and use in source and binary forms, with or without 42 * modification, are permitted provided that the following conditions 43 * are met: 44 * 1. Redistributions of source code must retain the above copyright 45 * notice, this list of conditions and the following disclaimer. 46 * 2. Redistributions in binary form must reproduce the above copyright 47 * notice, this list of conditions and the following disclaimer in the 48 * documentation and/or other materials provided with the distribution. 49 * 3. Neither the name of the University nor the names of its contributors 50 * may be used to endorse or promote products derived from this software 51 * without specific prior written permission. 52 * 53 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 54 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 55 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 56 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 57 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 58 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 59 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 60 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 61 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 62 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 63 * SUCH DAMAGE. 64 * 65 * @(#)igmp.c 8.1 (Berkeley) 7/19/93 66 */ 67 68 #include <sys/param.h> 69 #include <sys/systm.h> 70 #include <sys/mbuf.h> 71 #include <sys/socket.h> 72 #include <sys/protosw.h> 73 #include <sys/syslog.h> 74 #include <dev/rndvar.h> 75 76 #include <net/if.h> 77 78 #include <netinet/in.h> 79 #include <netinet/in_var.h> 80 #include <netinet/ip6.h> 81 #include <netinet6/ip6_var.h> 82 #include <netinet/icmp6.h> 83 #include <netinet6/mld6.h> 84 #include <netinet6/mld6_var.h> 85 86 static struct ip6_pktopts ip6_opts; 87 static int mld_timers_are_running; 88 /* XXX: These are necessary for KAME's link-local hack */ 89 static struct in6_addr mld_all_nodes_linklocal = IN6ADDR_LINKLOCAL_ALLNODES_INIT; 90 static struct in6_addr mld_all_routers_linklocal = IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 91 92 static void mld6_sendpkt(struct in6_multi *, int, const struct in6_addr *); 93 94 void 95 mld6_init() 96 { 97 static u_int8_t hbh_buf[8]; 98 struct ip6_hbh *hbh = (struct ip6_hbh *)hbh_buf; 99 u_int16_t rtalert_code = htons((u_int16_t)IP6OPT_RTALERT_MLD); 100 101 mld_timers_are_running = 0; 102 103 /* ip6h_nxt will be fill in later */ 104 hbh->ip6h_len = 0; /* (8 >> 3) - 1 */ 105 106 /* XXX: grotty hard coding... */ 107 hbh_buf[2] = IP6OPT_PADN; /* 2 byte padding */ 108 hbh_buf[3] = 0; 109 hbh_buf[4] = IP6OPT_ROUTER_ALERT; 110 hbh_buf[5] = IP6OPT_RTALERT_LEN - 2; 111 bcopy((caddr_t)&rtalert_code, &hbh_buf[6], sizeof(u_int16_t)); 112 113 ip6_opts.ip6po_hbh = hbh; 114 } 115 116 void 117 mld6_start_listening(struct in6_multi *in6m) 118 { 119 int s = splsoftnet(); 120 121 /* 122 * RFC2710 page 10: 123 * The node never sends a Report or Done for the link-scope all-nodes 124 * address. 125 * MLD messages are never sent for multicast addresses whose scope is 0 126 * (reserved) or 1 (node-local). 127 */ 128 mld_all_nodes_linklocal.s6_addr16[1] = 129 htons(in6m->in6m_ifp->if_index); /* XXX */ 130 if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &mld_all_nodes_linklocal) || 131 IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) < IPV6_ADDR_SCOPE_LINKLOCAL) { 132 in6m->in6m_timer = 0; 133 in6m->in6m_state = MLD_OTHERLISTENER; 134 } else { 135 mld6_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); 136 in6m->in6m_timer = 137 MLD_RANDOM_DELAY(MLD_V1_MAX_RI * 138 PR_FASTHZ); 139 in6m->in6m_state = MLD_IREPORTEDLAST; 140 mld_timers_are_running = 1; 141 } 142 splx(s); 143 } 144 145 void 146 mld6_stop_listening(struct in6_multi *in6m) 147 { 148 mld_all_nodes_linklocal.s6_addr16[1] = 149 htons(in6m->in6m_ifp->if_index); /* XXX */ 150 mld_all_routers_linklocal.s6_addr16[1] = 151 htons(in6m->in6m_ifp->if_index); /* XXX: necessary when mrouting */ 152 153 if (in6m->in6m_state == MLD_IREPORTEDLAST && 154 (!IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &mld_all_nodes_linklocal)) && 155 IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) > IPV6_ADDR_SCOPE_INTFACELOCAL) 156 mld6_sendpkt(in6m, MLD_LISTENER_DONE, 157 &mld_all_routers_linklocal); 158 } 159 160 void 161 mld6_input(struct mbuf *m, int off) 162 { 163 struct ip6_hdr *ip6; 164 struct mld_hdr *mldh; 165 struct ifnet *ifp = m->m_pkthdr.rcvif; 166 struct in6_multi *in6m; 167 struct in6_ifaddr *ia; 168 int timer; /* timer value in the MLD query header */ 169 170 IP6_EXTHDR_GET(mldh, struct mld_hdr *, m, off, sizeof(*mldh)); 171 if (mldh == NULL) { 172 icmp6stat.icp6s_tooshort++; 173 return; 174 } 175 176 /* source address validation */ 177 ip6 = mtod(m, struct ip6_hdr *);/* in case mpullup */ 178 if (!IN6_IS_ADDR_LINKLOCAL(&ip6->ip6_src)) { 179 #if 0 180 log(LOG_ERR, 181 "mld_input: src %s is not link-local (grp=%s)\n", 182 ip6_sprintf(&ip6->ip6_src), 183 ip6_sprintf(&mldh->mld_addr)); 184 #endif 185 /* 186 * spec (RFC2710) does not explicitly 187 * specify to discard the packet from a non link-local 188 * source address. But we believe it's expected to do so. 189 */ 190 m_freem(m); 191 return; 192 } 193 194 /* 195 * In the MLD6 specification, there are 3 states and a flag. 196 * 197 * In Non-Listener state, we simply don't have a membership record. 198 * In Delaying Listener state, our timer is running (in6m->in6m_timer) 199 * In Idle Listener state, our timer is not running (in6m->in6m_timer==0) 200 * 201 * The flag is in6m->in6m_state, it is set to MLD_OTHERLISTENER if 202 * we have heard a report from another member, or MLD_IREPORTEDLAST 203 * if we sent the last report. 204 */ 205 switch(mldh->mld_type) { 206 case MLD_LISTENER_QUERY: 207 if (ifp->if_flags & IFF_LOOPBACK) 208 break; 209 210 if (!IN6_IS_ADDR_UNSPECIFIED(&mldh->mld_addr) && 211 !IN6_IS_ADDR_MULTICAST(&mldh->mld_addr)) 212 break; /* print error or log stat? */ 213 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 214 mldh->mld_addr.s6_addr16[1] = 215 htons(ifp->if_index); /* XXX */ 216 217 /* 218 * - Start the timers in all of our membership records 219 * that the query applies to for the interface on 220 * which the query arrived excl. those that belong 221 * to the "all-nodes" group (ff02::1). 222 * - Restart any timer that is already running but has 223 * A value longer than the requested timeout. 224 * - Use the value specified in the query message as 225 * the maximum timeout. 226 */ 227 IFP_TO_IA6(ifp, ia); 228 if (ia == NULL) 229 break; 230 231 /* 232 * XXX: System timer resolution is too low to handle Max 233 * Response Delay, so set 1 to the internal timer even if 234 * the calculated value equals to zero when Max Response 235 * Delay is positive. 236 */ 237 timer = ntohs(mldh->mld_maxdelay)*PR_FASTHZ/MLD_TIMER_SCALE; 238 if (timer == 0 && mldh->mld_maxdelay) 239 timer = 1; 240 mld_all_nodes_linklocal.s6_addr16[1] = 241 htons(ifp->if_index); /* XXX */ 242 243 LIST_FOREACH(in6m, &ia->ia6_multiaddrs, in6m_entry) { 244 if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, 245 &mld_all_nodes_linklocal) || 246 IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) < 247 IPV6_ADDR_SCOPE_LINKLOCAL) 248 continue; 249 250 if (IN6_IS_ADDR_UNSPECIFIED(&mldh->mld_addr) || 251 IN6_ARE_ADDR_EQUAL(&mldh->mld_addr, 252 &in6m->in6m_addr)) 253 { 254 if (timer == 0) { 255 /* send a report immediately */ 256 mld6_sendpkt(in6m, MLD_LISTENER_REPORT, 257 NULL); 258 in6m->in6m_timer = 0; /* reset timer */ 259 in6m->in6m_state = MLD_IREPORTEDLAST; 260 } else if (in6m->in6m_timer == 0 || /* idle */ 261 in6m->in6m_timer > timer) { 262 in6m->in6m_timer = 263 MLD_RANDOM_DELAY(timer); 264 mld_timers_are_running = 1; 265 } 266 } 267 } 268 269 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 270 mldh->mld_addr.s6_addr16[1] = 0; /* XXX */ 271 break; 272 case MLD_LISTENER_REPORT: 273 /* 274 * For fast leave to work, we have to know that we are the 275 * last person to send a report for this group. Reports 276 * can potentially get looped back if we are a multicast 277 * router, so discard reports sourced by me. 278 * Note that it is impossible to check IFF_LOOPBACK flag of 279 * ifp for this purpose, since ip6_mloopback pass the physical 280 * interface to looutput. 281 */ 282 if (m->m_flags & M_LOOP) /* XXX: grotty flag, but efficient */ 283 break; 284 285 if (!IN6_IS_ADDR_MULTICAST(&mldh->mld_addr)) 286 break; 287 288 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 289 mldh->mld_addr.s6_addr16[1] = 290 htons(ifp->if_index); /* XXX */ 291 /* 292 * If we belong to the group being reported, stop 293 * our timer for that group. 294 */ 295 IN6_LOOKUP_MULTI(mldh->mld_addr, ifp, in6m); 296 if (in6m) { 297 in6m->in6m_timer = 0; /* transit to idle state */ 298 in6m->in6m_state = MLD_OTHERLISTENER; /* clear flag */ 299 } 300 301 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 302 mldh->mld_addr.s6_addr16[1] = 0; /* XXX */ 303 break; 304 default: /* this is impossible */ 305 #if 0 306 /* 307 * this case should be impossible because of filtering in 308 * icmp6_input(). But we explicitly disabled this part 309 * just in case. 310 */ 311 log(LOG_ERR, "mld_input: illegal type(%d)", mldh->mld_type); 312 #endif 313 break; 314 } 315 316 m_freem(m); 317 } 318 319 void 320 mld6_fasttimeo() 321 { 322 struct in6_multi *in6m; 323 struct in6_multistep step; 324 int s; 325 326 /* 327 * Quick check to see if any work needs to be done, in order 328 * to minimize the overhead of fasttimo processing. 329 */ 330 if (!mld_timers_are_running) 331 return; 332 333 s = splsoftnet(); 334 mld_timers_are_running = 0; 335 IN6_FIRST_MULTI(step, in6m); 336 while (in6m != NULL) { 337 if (in6m->in6m_timer == 0) { 338 /* do nothing */ 339 } else if (--in6m->in6m_timer == 0) { 340 mld6_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); 341 in6m->in6m_state = MLD_IREPORTEDLAST; 342 } else { 343 mld_timers_are_running = 1; 344 } 345 IN6_NEXT_MULTI(step, in6m); 346 } 347 splx(s); 348 } 349 350 static void 351 mld6_sendpkt(struct in6_multi *in6m, int type, const struct in6_addr *dst) 352 { 353 struct mbuf *mh, *md; 354 struct mld_hdr *mldh; 355 struct ip6_hdr *ip6; 356 struct ip6_moptions im6o; 357 struct in6_ifaddr *ia; 358 struct ifnet *ifp = in6m->in6m_ifp; 359 int ignflags; 360 361 /* 362 * At first, find a link local address on the outgoing interface 363 * to use as the source address of the MLD packet. 364 * We do not reject tentative addresses for MLD report to deal with 365 * the case where we first join a link-local address. 366 */ 367 ignflags = (IN6_IFF_NOTREADY|IN6_IFF_ANYCAST) & ~IN6_IFF_TENTATIVE; 368 if ((ia = in6ifa_ifpforlinklocal(ifp, ignflags)) == NULL) 369 return; 370 if ((ia->ia6_flags & IN6_IFF_TENTATIVE)) 371 ia = NULL; 372 373 /* 374 * Allocate mbufs to store ip6 header and MLD header. 375 * We allocate 2 mbufs and make chain in advance because 376 * it is more convenient when inserting the hop-by-hop option later. 377 */ 378 MGETHDR(mh, M_DONTWAIT, MT_HEADER); 379 if (mh == NULL) 380 return; 381 MGET(md, M_DONTWAIT, MT_DATA); 382 if (md == NULL) { 383 m_free(mh); 384 return; 385 } 386 mh->m_next = md; 387 388 mh->m_pkthdr.rcvif = NULL; 389 mh->m_pkthdr.len = sizeof(struct ip6_hdr) + sizeof(struct mld_hdr); 390 mh->m_len = sizeof(struct ip6_hdr); 391 MH_ALIGN(mh, sizeof(struct ip6_hdr)); 392 393 /* fill in the ip6 header */ 394 ip6 = mtod(mh, struct ip6_hdr *); 395 ip6->ip6_flow = 0; 396 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 397 ip6->ip6_vfc |= IPV6_VERSION; 398 /* ip6_plen will be set later */ 399 ip6->ip6_nxt = IPPROTO_ICMPV6; 400 /* ip6_hlim will be set by im6o.im6o_multicast_hlim */ 401 ip6->ip6_src = ia ? ia->ia_addr.sin6_addr : in6addr_any; 402 ip6->ip6_dst = dst ? *dst : in6m->in6m_addr; 403 404 /* fill in the MLD header */ 405 md->m_len = sizeof(struct mld_hdr); 406 mldh = mtod(md, struct mld_hdr *); 407 mldh->mld_type = type; 408 mldh->mld_code = 0; 409 mldh->mld_cksum = 0; 410 /* XXX: we assume the function will not be called for query messages */ 411 mldh->mld_maxdelay = 0; 412 mldh->mld_reserved = 0; 413 mldh->mld_addr = in6m->in6m_addr; 414 if (IN6_IS_ADDR_MC_LINKLOCAL(&mldh->mld_addr)) 415 mldh->mld_addr.s6_addr16[1] = 0; /* XXX */ 416 mldh->mld_cksum = in6_cksum(mh, IPPROTO_ICMPV6, sizeof(struct ip6_hdr), 417 sizeof(struct mld_hdr)); 418 419 /* construct multicast option */ 420 bzero(&im6o, sizeof(im6o)); 421 im6o.im6o_multicast_ifp = ifp; 422 im6o.im6o_multicast_hlim = 1; 423 424 /* 425 * Request loopback of the report if we are acting as a multicast 426 * router, so that the process-level routing daemon can hear it. 427 */ 428 #ifdef MROUTING 429 im6o.im6o_multicast_loop = (ip6_mrouter != NULL); 430 #endif 431 432 /* increment output statictics */ 433 icmp6stat.icp6s_outhist[type]++; 434 icmp6_ifstat_inc(ifp, ifs6_out_msg); 435 switch (type) { 436 case MLD_LISTENER_QUERY: 437 icmp6_ifstat_inc(ifp, ifs6_out_mldquery); 438 break; 439 case MLD_LISTENER_REPORT: 440 icmp6_ifstat_inc(ifp, ifs6_out_mldreport); 441 break; 442 case MLD_LISTENER_DONE: 443 icmp6_ifstat_inc(ifp, ifs6_out_mlddone); 444 break; 445 } 446 447 ip6_output(mh, &ip6_opts, NULL, ia ? 0 : IPV6_UNSPECSRC, &im6o, NULL, 448 NULL); 449 } 450