mirror of https://github.com/hak5/openwrt-owl.git
418 lines
12 KiB
Diff
418 lines
12 KiB
Diff
|
From: Felix Fietkau <nbd@openwrt.org>
|
||
|
Subject: [PATCH] bridge: multicast to unicast
|
||
|
|
||
|
Implement optinal multicast->unicast conversion for igmp snooping
|
||
|
---
|
||
|
--- a/include/linux/if_bridge.h
|
||
|
+++ b/include/linux/if_bridge.h
|
||
|
@@ -46,6 +46,7 @@ struct br_ip_list {
|
||
|
#define BR_LEARNING_SYNC BIT(9)
|
||
|
#define BR_PROXYARP_WIFI BIT(10)
|
||
|
#define BR_ISOLATE_MODE BIT(11)
|
||
|
+#define BR_MULTICAST_TO_UCAST BIT(12)
|
||
|
|
||
|
/* values as per ieee8021QBridgeFdbAgingTime */
|
||
|
#define BR_MIN_AGEING_TIME (10 * HZ)
|
||
|
--- a/net/bridge/br_multicast.c
|
||
|
+++ b/net/bridge/br_multicast.c
|
||
|
@@ -42,12 +42,13 @@ static void br_multicast_add_router(stru
|
||
|
static void br_ip4_multicast_leave_group(struct net_bridge *br,
|
||
|
struct net_bridge_port *port,
|
||
|
__be32 group,
|
||
|
- __u16 vid);
|
||
|
+ __u16 vid,
|
||
|
+ const unsigned char *src);
|
||
|
#if IS_ENABLED(CONFIG_IPV6)
|
||
|
static void br_ip6_multicast_leave_group(struct net_bridge *br,
|
||
|
struct net_bridge_port *port,
|
||
|
const struct in6_addr *group,
|
||
|
- __u16 vid);
|
||
|
+ __u16 vid, const unsigned char *src);
|
||
|
#endif
|
||
|
unsigned int br_mdb_rehash_seq;
|
||
|
|
||
|
@@ -649,7 +650,8 @@ struct net_bridge_port_group *br_multica
|
||
|
struct net_bridge_port *port,
|
||
|
struct br_ip *group,
|
||
|
struct net_bridge_port_group __rcu *next,
|
||
|
- unsigned char state)
|
||
|
+ unsigned char state,
|
||
|
+ const unsigned char *src)
|
||
|
{
|
||
|
struct net_bridge_port_group *p;
|
||
|
|
||
|
@@ -664,12 +666,33 @@ struct net_bridge_port_group *br_multica
|
||
|
hlist_add_head(&p->mglist, &port->mglist);
|
||
|
setup_timer(&p->timer, br_multicast_port_group_expired,
|
||
|
(unsigned long)p);
|
||
|
+ if ((port->flags & BR_MULTICAST_TO_UCAST) && src) {
|
||
|
+ memcpy(p->eth_addr, src, ETH_ALEN);
|
||
|
+ p->unicast = true;
|
||
|
+ }
|
||
|
return p;
|
||
|
}
|
||
|
|
||
|
+static bool br_port_group_equal(struct net_bridge_port_group *p,
|
||
|
+ struct net_bridge_port *port,
|
||
|
+ const unsigned char *src)
|
||
|
+{
|
||
|
+ if (p->port != port)
|
||
|
+ return false;
|
||
|
+
|
||
|
+ if (!p->unicast)
|
||
|
+ return true;
|
||
|
+
|
||
|
+ if (!src)
|
||
|
+ return false;
|
||
|
+
|
||
|
+ return ether_addr_equal(src, p->eth_addr);
|
||
|
+}
|
||
|
+
|
||
|
static int br_multicast_add_group(struct net_bridge *br,
|
||
|
struct net_bridge_port *port,
|
||
|
- struct br_ip *group)
|
||
|
+ struct br_ip *group,
|
||
|
+ const unsigned char *src)
|
||
|
{
|
||
|
struct net_bridge_mdb_entry *mp;
|
||
|
struct net_bridge_port_group *p;
|
||
|
@@ -696,13 +719,13 @@ static int br_multicast_add_group(struct
|
||
|
for (pp = &mp->ports;
|
||
|
(p = mlock_dereference(*pp, br)) != NULL;
|
||
|
pp = &p->next) {
|
||
|
- if (p->port == port)
|
||
|
+ if (br_port_group_equal(p, port, src))
|
||
|
goto found;
|
||
|
if ((unsigned long)p->port < (unsigned long)port)
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
- p = br_multicast_new_port_group(port, group, *pp, MDB_TEMPORARY);
|
||
|
+ p = br_multicast_new_port_group(port, group, *pp, MDB_TEMPORARY, src);
|
||
|
if (unlikely(!p))
|
||
|
goto err;
|
||
|
rcu_assign_pointer(*pp, p);
|
||
|
@@ -721,7 +744,7 @@ err:
|
||
|
static int br_ip4_multicast_add_group(struct net_bridge *br,
|
||
|
struct net_bridge_port *port,
|
||
|
__be32 group,
|
||
|
- __u16 vid)
|
||
|
+ __u16 vid, const unsigned char *src)
|
||
|
{
|
||
|
struct br_ip br_group;
|
||
|
|
||
|
@@ -732,14 +755,14 @@ static int br_ip4_multicast_add_group(st
|
||
|
br_group.proto = htons(ETH_P_IP);
|
||
|
br_group.vid = vid;
|
||
|
|
||
|
- return br_multicast_add_group(br, port, &br_group);
|
||
|
+ return br_multicast_add_group(br, port, &br_group, src);
|
||
|
}
|
||
|
|
||
|
#if IS_ENABLED(CONFIG_IPV6)
|
||
|
static int br_ip6_multicast_add_group(struct net_bridge *br,
|
||
|
struct net_bridge_port *port,
|
||
|
const struct in6_addr *group,
|
||
|
- __u16 vid)
|
||
|
+ __u16 vid, const unsigned char *src)
|
||
|
{
|
||
|
struct br_ip br_group;
|
||
|
|
||
|
@@ -750,7 +773,7 @@ static int br_ip6_multicast_add_group(st
|
||
|
br_group.proto = htons(ETH_P_IPV6);
|
||
|
br_group.vid = vid;
|
||
|
|
||
|
- return br_multicast_add_group(br, port, &br_group);
|
||
|
+ return br_multicast_add_group(br, port, &br_group, src);
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
@@ -995,6 +1018,7 @@ static int br_ip4_multicast_igmp3_report
|
||
|
struct sk_buff *skb,
|
||
|
u16 vid)
|
||
|
{
|
||
|
+ const unsigned char *src;
|
||
|
struct igmpv3_report *ih;
|
||
|
struct igmpv3_grec *grec;
|
||
|
int i;
|
||
|
@@ -1038,9 +1062,10 @@ static int br_ip4_multicast_igmp3_report
|
||
|
if ((type == IGMPV3_CHANGE_TO_INCLUDE ||
|
||
|
type == IGMPV3_MODE_IS_INCLUDE) &&
|
||
|
ntohs(grec->grec_nsrcs) == 0) {
|
||
|
- br_ip4_multicast_leave_group(br, port, group, vid);
|
||
|
+ br_ip4_multicast_leave_group(br, port, group, vid, src);
|
||
|
} else {
|
||
|
- err = br_ip4_multicast_add_group(br, port, group, vid);
|
||
|
+ src = eth_hdr(skb)->h_source;
|
||
|
+ err = br_ip4_multicast_add_group(br, port, group, vid, src);
|
||
|
if (err)
|
||
|
break;
|
||
|
}
|
||
|
@@ -1055,6 +1080,7 @@ static int br_ip6_multicast_mld2_report(
|
||
|
struct sk_buff *skb,
|
||
|
u16 vid)
|
||
|
{
|
||
|
+ const unsigned char *src = eth_hdr(skb)->h_source;
|
||
|
struct icmp6hdr *icmp6h;
|
||
|
struct mld2_grec *grec;
|
||
|
int i;
|
||
|
@@ -1106,10 +1132,10 @@ static int br_ip6_multicast_mld2_report(
|
||
|
grec->grec_type == MLD2_MODE_IS_INCLUDE) &&
|
||
|
ntohs(*nsrcs) == 0) {
|
||
|
br_ip6_multicast_leave_group(br, port, &grec->grec_mca,
|
||
|
- vid);
|
||
|
+ vid, src);
|
||
|
} else {
|
||
|
err = br_ip6_multicast_add_group(br, port,
|
||
|
- &grec->grec_mca, vid);
|
||
|
+ &grec->grec_mca, vid, src);
|
||
|
if (!err)
|
||
|
break;
|
||
|
}
|
||
|
@@ -1422,7 +1448,8 @@ br_multicast_leave_group(struct net_brid
|
||
|
struct net_bridge_port *port,
|
||
|
struct br_ip *group,
|
||
|
struct bridge_mcast_other_query *other_query,
|
||
|
- struct bridge_mcast_own_query *own_query)
|
||
|
+ struct bridge_mcast_own_query *own_query,
|
||
|
+ const unsigned char *src)
|
||
|
{
|
||
|
struct net_bridge_mdb_htable *mdb;
|
||
|
struct net_bridge_mdb_entry *mp;
|
||
|
@@ -1446,7 +1473,7 @@ br_multicast_leave_group(struct net_brid
|
||
|
for (pp = &mp->ports;
|
||
|
(p = mlock_dereference(*pp, br)) != NULL;
|
||
|
pp = &p->next) {
|
||
|
- if (p->port != port)
|
||
|
+ if (!br_port_group_equal(p, port, src))
|
||
|
continue;
|
||
|
|
||
|
rcu_assign_pointer(*pp, p->next);
|
||
|
@@ -1509,7 +1536,7 @@ br_multicast_leave_group(struct net_brid
|
||
|
for (p = mlock_dereference(mp->ports, br);
|
||
|
p != NULL;
|
||
|
p = mlock_dereference(p->next, br)) {
|
||
|
- if (p->port != port)
|
||
|
+ if (!br_port_group_equal(p, port, src))
|
||
|
continue;
|
||
|
|
||
|
if (!hlist_unhashed(&p->mglist) &&
|
||
|
@@ -1527,8 +1554,8 @@ out:
|
||
|
|
||
|
static void br_ip4_multicast_leave_group(struct net_bridge *br,
|
||
|
struct net_bridge_port *port,
|
||
|
- __be32 group,
|
||
|
- __u16 vid)
|
||
|
+ __be32 group, __u16 vid,
|
||
|
+ const unsigned char *src)
|
||
|
{
|
||
|
struct br_ip br_group;
|
||
|
struct bridge_mcast_own_query *own_query;
|
||
|
@@ -1543,14 +1570,14 @@ static void br_ip4_multicast_leave_group
|
||
|
br_group.vid = vid;
|
||
|
|
||
|
br_multicast_leave_group(br, port, &br_group, &br->ip4_other_query,
|
||
|
- own_query);
|
||
|
+ own_query, src);
|
||
|
}
|
||
|
|
||
|
#if IS_ENABLED(CONFIG_IPV6)
|
||
|
static void br_ip6_multicast_leave_group(struct net_bridge *br,
|
||
|
struct net_bridge_port *port,
|
||
|
const struct in6_addr *group,
|
||
|
- __u16 vid)
|
||
|
+ __u16 vid, const unsigned char *src)
|
||
|
{
|
||
|
struct br_ip br_group;
|
||
|
struct bridge_mcast_own_query *own_query;
|
||
|
@@ -1565,7 +1592,7 @@ static void br_ip6_multicast_leave_group
|
||
|
br_group.vid = vid;
|
||
|
|
||
|
br_multicast_leave_group(br, port, &br_group, &br->ip6_other_query,
|
||
|
- own_query);
|
||
|
+ own_query, src);
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
@@ -1574,6 +1601,7 @@ static int br_multicast_ipv4_rcv(struct
|
||
|
struct sk_buff *skb,
|
||
|
u16 vid)
|
||
|
{
|
||
|
+ const unsigned char *src;
|
||
|
struct sk_buff *skb_trimmed = NULL;
|
||
|
struct igmphdr *ih;
|
||
|
int err;
|
||
|
@@ -1590,12 +1618,13 @@ static int br_multicast_ipv4_rcv(struct
|
||
|
|
||
|
BR_INPUT_SKB_CB(skb)->igmp = 1;
|
||
|
ih = igmp_hdr(skb);
|
||
|
+ src = eth_hdr(skb)->h_source;
|
||
|
|
||
|
switch (ih->type) {
|
||
|
case IGMP_HOST_MEMBERSHIP_REPORT:
|
||
|
case IGMPV2_HOST_MEMBERSHIP_REPORT:
|
||
|
BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
|
||
|
- err = br_ip4_multicast_add_group(br, port, ih->group, vid);
|
||
|
+ err = br_ip4_multicast_add_group(br, port, ih->group, vid, src);
|
||
|
break;
|
||
|
case IGMPV3_HOST_MEMBERSHIP_REPORT:
|
||
|
err = br_ip4_multicast_igmp3_report(br, port, skb_trimmed, vid);
|
||
|
@@ -1604,7 +1633,7 @@ static int br_multicast_ipv4_rcv(struct
|
||
|
err = br_ip4_multicast_query(br, port, skb_trimmed, vid);
|
||
|
break;
|
||
|
case IGMP_HOST_LEAVE_MESSAGE:
|
||
|
- br_ip4_multicast_leave_group(br, port, ih->group, vid);
|
||
|
+ br_ip4_multicast_leave_group(br, port, ih->group, vid, src);
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
@@ -1620,6 +1649,7 @@ static int br_multicast_ipv6_rcv(struct
|
||
|
struct sk_buff *skb,
|
||
|
u16 vid)
|
||
|
{
|
||
|
+ const unsigned char *src;
|
||
|
struct sk_buff *skb_trimmed = NULL;
|
||
|
struct mld_msg *mld;
|
||
|
int err;
|
||
|
@@ -1639,8 +1669,9 @@ static int br_multicast_ipv6_rcv(struct
|
||
|
|
||
|
switch (mld->mld_type) {
|
||
|
case ICMPV6_MGM_REPORT:
|
||
|
+ src = eth_hdr(skb)->h_source;
|
||
|
BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
|
||
|
- err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid);
|
||
|
+ err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid, src);
|
||
|
break;
|
||
|
case ICMPV6_MLD2_REPORT:
|
||
|
err = br_ip6_multicast_mld2_report(br, port, skb_trimmed, vid);
|
||
|
@@ -1649,7 +1680,8 @@ static int br_multicast_ipv6_rcv(struct
|
||
|
err = br_ip6_multicast_query(br, port, skb_trimmed, vid);
|
||
|
break;
|
||
|
case ICMPV6_MGM_REDUCTION:
|
||
|
- br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid);
|
||
|
+ src = eth_hdr(skb)->h_source;
|
||
|
+ br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid, src);
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
--- a/net/bridge/br_private.h
|
||
|
+++ b/net/bridge/br_private.h
|
||
|
@@ -158,6 +158,9 @@ struct net_bridge_port_group {
|
||
|
struct timer_list timer;
|
||
|
struct br_ip addr;
|
||
|
unsigned char state;
|
||
|
+
|
||
|
+ unsigned char eth_addr[ETH_ALEN];
|
||
|
+ bool unicast;
|
||
|
};
|
||
|
|
||
|
struct net_bridge_mdb_entry
|
||
|
@@ -554,7 +557,8 @@ void br_multicast_free_pg(struct rcu_hea
|
||
|
struct net_bridge_port_group *
|
||
|
br_multicast_new_port_group(struct net_bridge_port *port, struct br_ip *group,
|
||
|
struct net_bridge_port_group __rcu *next,
|
||
|
- unsigned char state);
|
||
|
+ unsigned char state,
|
||
|
+ const unsigned char *src);
|
||
|
void br_mdb_init(void);
|
||
|
void br_mdb_uninit(void);
|
||
|
void br_mdb_notify(struct net_device *dev, struct net_bridge_port *port,
|
||
|
--- a/net/bridge/br_mdb.c
|
||
|
+++ b/net/bridge/br_mdb.c
|
||
|
@@ -416,7 +416,7 @@ static int br_mdb_add_group(struct net_b
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
- p = br_multicast_new_port_group(port, group, *pp, state);
|
||
|
+ p = br_multicast_new_port_group(port, group, *pp, state, NULL);
|
||
|
if (unlikely(!p))
|
||
|
return -ENOMEM;
|
||
|
rcu_assign_pointer(*pp, p);
|
||
|
--- a/net/bridge/br_forward.c
|
||
|
+++ b/net/bridge/br_forward.c
|
||
|
@@ -192,6 +192,34 @@ out:
|
||
|
return p;
|
||
|
}
|
||
|
|
||
|
+static struct net_bridge_port *maybe_deliver_addr(
|
||
|
+ struct net_bridge_port *prev, struct net_bridge_port *p,
|
||
|
+ struct sk_buff *skb, const unsigned char *addr,
|
||
|
+ void (*__packet_hook)(const struct net_bridge_port *p,
|
||
|
+ struct sk_buff *skb))
|
||
|
+{
|
||
|
+ struct net_device *dev = BR_INPUT_SKB_CB(skb)->brdev;
|
||
|
+ const unsigned char *src = eth_hdr(skb)->h_source;
|
||
|
+
|
||
|
+ if (!should_deliver(p, skb))
|
||
|
+ return prev;
|
||
|
+
|
||
|
+ /* Even with hairpin, no soliloquies - prevent breaking IPv6 DAD */
|
||
|
+ if (skb->dev == p->dev && ether_addr_equal(src, addr))
|
||
|
+ return prev;
|
||
|
+
|
||
|
+ skb = skb_copy(skb, GFP_ATOMIC);
|
||
|
+ if (!skb) {
|
||
|
+ dev->stats.tx_dropped++;
|
||
|
+ return prev;
|
||
|
+ }
|
||
|
+
|
||
|
+ memcpy(eth_hdr(skb)->h_dest, addr, ETH_ALEN);
|
||
|
+ __packet_hook(p, skb);
|
||
|
+
|
||
|
+ return prev;
|
||
|
+}
|
||
|
+
|
||
|
/* called under bridge lock */
|
||
|
static void br_flood(struct net_bridge *br, struct sk_buff *skb,
|
||
|
struct sk_buff *skb0,
|
||
|
@@ -264,6 +292,7 @@ static void br_multicast_flood(struct ne
|
||
|
struct net_bridge_port *prev = NULL;
|
||
|
struct net_bridge_port_group *p;
|
||
|
struct hlist_node *rp;
|
||
|
+ const unsigned char *addr;
|
||
|
|
||
|
rp = rcu_dereference(hlist_first_rcu(&br->router_list));
|
||
|
p = mdst ? rcu_dereference(mdst->ports) : NULL;
|
||
|
@@ -274,10 +303,19 @@ static void br_multicast_flood(struct ne
|
||
|
rport = rp ? hlist_entry(rp, struct net_bridge_port, rlist) :
|
||
|
NULL;
|
||
|
|
||
|
- port = (unsigned long)lport > (unsigned long)rport ?
|
||
|
- lport : rport;
|
||
|
-
|
||
|
- prev = maybe_deliver(prev, port, skb, __packet_hook);
|
||
|
+ if ((unsigned long)lport > (unsigned long)rport) {
|
||
|
+ port = lport;
|
||
|
+ addr = p->unicast ? p->eth_addr : NULL;
|
||
|
+ } else {
|
||
|
+ port = rport;
|
||
|
+ addr = NULL;
|
||
|
+ }
|
||
|
+
|
||
|
+ if (addr)
|
||
|
+ prev = maybe_deliver_addr(prev, port, skb, addr,
|
||
|
+ __packet_hook);
|
||
|
+ else
|
||
|
+ prev = maybe_deliver(prev, port, skb, __packet_hook);
|
||
|
if (IS_ERR(prev))
|
||
|
goto out;
|
||
|
|
||
|
--- a/net/bridge/br_sysfs_if.c
|
||
|
+++ b/net/bridge/br_sysfs_if.c
|
||
|
@@ -204,6 +204,7 @@ static BRPORT_ATTR(multicast_router, S_I
|
||
|
store_multicast_router);
|
||
|
|
||
|
BRPORT_ATTR_FLAG(multicast_fast_leave, BR_MULTICAST_FAST_LEAVE);
|
||
|
+BRPORT_ATTR_FLAG(multicast_to_unicast, BR_MULTICAST_TO_UCAST);
|
||
|
#endif
|
||
|
|
||
|
static const struct brport_attribute *brport_attrs[] = {
|
||
|
@@ -230,6 +231,7 @@ static const struct brport_attribute *br
|
||
|
#ifdef CONFIG_BRIDGE_IGMP_SNOOPING
|
||
|
&brport_attr_multicast_router,
|
||
|
&brport_attr_multicast_fast_leave,
|
||
|
+ &brport_attr_multicast_to_unicast,
|
||
|
#endif
|
||
|
&brport_attr_proxyarp,
|
||
|
&brport_attr_proxyarp_wifi,
|