/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in

Bug Summary

File:	bsd/netinet/in_mcast.c
Warning:	line 1861, column 11 Copies out a struct with untouched element(s): __msfr_align, msfr_srcs

Annotated Source Code

* @APPLE_OSREFERENCE_LICENSE_HEADER_START@

* This file contains Original Code and/or Modifications of Original Code

* as defined in and that are subject to the Apple Public Source License

* Version 2.0 (the 'License'). You may not use this file except in

* compliance with the License. The rights granted to you under the License

* may not be used to create, or enable the creation or redistribution of,

* unlawful or unlicensed copies of an Apple operating system, or to

* circumvent, violate, or enable the circumvention or violation of, any

* terms of an Apple operating system software license agreement.

* Please obtain a copy of the License at

* http://www.opensource.apple.com/apsl/ and read it before using this file.

* The Original Code and all software distributed under the License are

* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER

* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,

* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,

* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.

* Please see the License for the specific language governing rights and

* limitations under the License.

* @APPLE_OSREFERENCE_LICENSE_HEADER_END@

/*-

* Redistribution and use in source and binary forms, with or without

* modification, are permitted provided that the following conditions

* are met:

* 1. Redistributions of source code must retain the above copyright

* notice, this list of conditions and the following disclaimer.

* 2. Redistributions in binary form must reproduce the above copyright

* notice, this list of conditions and the following disclaimer in the

* documentation and/or other materials provided with the distribution.

* 3. The name of the author may not be used to endorse or promote

* products derived from this software without specific prior written

* permission.

* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

* SUCH DAMAGE.

* IPv4 multicast socket, group, and socket option processing module.

#include <sys/cdefs.h>

#include <sys/param.h>

#include <sys/systm.h>

#include <sys/kernel.h>

#include <sys/malloc.h>

#include <sys/mbuf.h>

#include <sys/protosw.h>

#include <sys/socket.h>

#include <sys/socketvar.h>

#include <sys/protosw.h>

#include <sys/sysctl.h>

#include <sys/tree.h>

#include <sys/mcache.h>

#include <kern/zalloc.h>

#include <pexpert/pexpert.h>

#include <net/if.h>

#include <net/if_dl.h>

#include <net/route.h>

#include <netinet/in.h>

#include <netinet/in_systm.h>

#include <netinet/in_pcb.h>

#include <netinet/in_var.h>

#include <netinet/ip_var.h>

#include <netinet/igmp_var.h>

#ifndef __SOCKUNION_DECLARED

union sockunion {

struct sockaddr_storage ss;

struct sockaddr sa;

struct sockaddr_dl sdl;

struct sockaddr_in sin;

};

typedef union sockunion sockunion_t;

100

#define __SOCKUNION_DECLARED

101

#endif /* __SOCKUNION_DECLARED */

102

103

104

* Functions with non-static linkage defined in this file should be

105

* declared in in_var.h:

106

* imo_multi_filter()

107

* in_addmulti()

108

* in_delmulti()

109

* in_joingroup()

110

* in_leavegroup()

111

* and ip_var.h:

112

* inp_freemoptions()

113

* inp_getmoptions()

114

* inp_setmoptions()

115

116

* XXX: Both carp and pf need to use the legacy (*,G) KPIs in_addmulti()

117

* and in_delmulti().

118

119

static void imf_commit(struct in_mfilter *);

120

static int imf_get_source(struct in_mfilter *imf,

121

const struct sockaddr_in *psin,

122

struct in_msource **);

123

static struct in_msource *

124

imf_graft(struct in_mfilter *, const uint8_t,

125

const struct sockaddr_in *);

126

static int imf_prune(struct in_mfilter *, const struct sockaddr_in *);

127

static void imf_rollback(struct in_mfilter *);

128

static void imf_reap(struct in_mfilter *);

129

static int imo_grow(struct ip_moptions *, size_t);

130

static size_t imo_match_group(const struct ip_moptions *,

131

const struct ifnet *, const struct sockaddr *);

132

static struct in_msource *

133

imo_match_source(const struct ip_moptions *, const size_t,

134

const struct sockaddr *);

135

static void ims_merge(struct ip_msource *ims,

136

const struct in_msource *lims, const int rollback);

137

static int in_getmulti(struct ifnet *, const struct in_addr *,

138

struct in_multi **);

139

static int in_joingroup(struct ifnet *, const struct in_addr *,

140

struct in_mfilter *, struct in_multi **);

141

static int inm_get_source(struct in_multi *inm, const in_addr_t haddr,

142

const int noalloc, struct ip_msource **pims);

143

static int inm_is_ifp_detached(const struct in_multi *);

144

static int inm_merge(struct in_multi *, /*const*/ struct in_mfilter *);

145

static void inm_reap(struct in_multi *);

146

static struct ip_moptions *

147

inp_findmoptions(struct inpcb *);

148

static int inp_get_source_filters(struct inpcb *, struct sockopt *);

149

static struct ifnet *

150

inp_lookup_mcast_ifp(const struct inpcb *,

151

const struct sockaddr_in *, const struct in_addr);

152

static int inp_block_unblock_source(struct inpcb *, struct sockopt *);

153

static int inp_set_multicast_if(struct inpcb *, struct sockopt *);

154

static int inp_set_source_filters(struct inpcb *, struct sockopt *);

155

static int sysctl_ip_mcast_filters SYSCTL_HANDLER_ARGS(struct sysctl_oid *oidp, void *arg1, int arg2, struct sysctl_req
*req);

156

static struct ifnet * ip_multicast_if(struct in_addr *, unsigned int *);

157

static __inline__ int ip_msource_cmp(const struct ip_msource *,

158

const struct ip_msource *);

159

160

SYSCTL_NODE(_net_inet_ip, OID_AUTO, mcast, CTLFLAG_RW | CTLFLAG_LOCKED, 0, "IPv4 multicast")struct sysctl_oid_list sysctl__net_inet_ip_mcast_children; struct
sysctl_oid sysctl__net_inet_ip_mcast = { &sysctl__net_inet_ip_children
, { 0 }, (-1), (int)(1|(0x80000000|0x40000000) | 0x00800000|0x00400000
), (void*)&sysctl__net_inet_ip_mcast_children, (int)(0), "mcast"
, 0, "N", "IPv4 multicast", 1, 0 }; void const * __set___sysctl_set_sym_sysctl__net_inet_ip_mcast
__attribute__ ((section("__DATA,__sysctl_set"),used)) = (void
*)&sysctl__net_inet_ip_mcast;;

161

162

static u_long in_mcast_maxgrpsrc = IP_MAX_GROUP_SRC_FILTER512;

163

SYSCTL_LONG(_net_inet_ip_mcast, OID_AUTO, maxgrpsrc,struct sysctl_oid sysctl__net_inet_ip_mcast_maxgrpsrc = { &
sysctl__net_inet_ip_mcast_children, { 0 }, (-1), (int)(2|(0x80000000
|0x40000000) | 0x00800000|0x00400000), &in_mcast_maxgrpsrc
, (int)(0), "maxgrpsrc", sysctl_handle_long, "L", "Max source filters per group"
, 1, 0 }; void const * __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_maxgrpsrc
__attribute__ ((section("__DATA,__sysctl_set"),used)) = (void
*)&sysctl__net_inet_ip_mcast_maxgrpsrc; typedef char _sysctl__net_inet_ip_mcast_maxgrpsrc_size_check
[(__builtin_constant_p(&in_mcast_maxgrpsrc) || sizeof(*(&
in_mcast_maxgrpsrc)) == sizeof(long)) ? 0 : -1];

164

CTLFLAG_RW | CTLFLAG_LOCKED, &in_mcast_maxgrpsrc, "Max source filters per group")struct sysctl_oid sysctl__net_inet_ip_mcast_maxgrpsrc = { &
sysctl__net_inet_ip_mcast_children, { 0 }, (-1), (int)(2|(0x80000000
|0x40000000) | 0x00800000|0x00400000), &in_mcast_maxgrpsrc
, (int)(0), "maxgrpsrc", sysctl_handle_long, "L", "Max source filters per group"
, 1, 0 }; void const * __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_maxgrpsrc
__attribute__ ((section("__DATA,__sysctl_set"),used)) = (void
*)&sysctl__net_inet_ip_mcast_maxgrpsrc; typedef char _sysctl__net_inet_ip_mcast_maxgrpsrc_size_check
[(__builtin_constant_p(&in_mcast_maxgrpsrc) || sizeof(*(&
in_mcast_maxgrpsrc)) == sizeof(long)) ? 0 : -1];;

165

166

static u_long in_mcast_maxsocksrc = IP_MAX_SOCK_SRC_FILTER128;

167

SYSCTL_LONG(_net_inet_ip_mcast, OID_AUTO, maxsocksrc,struct sysctl_oid sysctl__net_inet_ip_mcast_maxsocksrc = { &
sysctl__net_inet_ip_mcast_children, { 0 }, (-1), (int)(2|(0x80000000
|0x40000000) | 0x00800000|0x00400000), &in_mcast_maxsocksrc
, (int)(0), "maxsocksrc", sysctl_handle_long, "L", "Max source filters per socket"
, 1, 0 }; void const * __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_maxsocksrc
__attribute__ ((section("__DATA,__sysctl_set"),used)) = (void
*)&sysctl__net_inet_ip_mcast_maxsocksrc; typedef char _sysctl__net_inet_ip_mcast_maxsocksrc_size_check
[(__builtin_constant_p(&in_mcast_maxsocksrc) || sizeof(*(
&in_mcast_maxsocksrc)) == sizeof(long)) ? 0 : -1];

168

CTLFLAG_RW | CTLFLAG_LOCKED, &in_mcast_maxsocksrc,struct sysctl_oid sysctl__net_inet_ip_mcast_maxsocksrc = { &
sysctl__net_inet_ip_mcast_children, { 0 }, (-1), (int)(2|(0x80000000
|0x40000000) | 0x00800000|0x00400000), &in_mcast_maxsocksrc
, (int)(0), "maxsocksrc", sysctl_handle_long, "L", "Max source filters per socket"
, 1, 0 }; void const * __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_maxsocksrc
__attribute__ ((section("__DATA,__sysctl_set"),used)) = (void
*)&sysctl__net_inet_ip_mcast_maxsocksrc; typedef char _sysctl__net_inet_ip_mcast_maxsocksrc_size_check
[(__builtin_constant_p(&in_mcast_maxsocksrc) || sizeof(*(
&in_mcast_maxsocksrc)) == sizeof(long)) ? 0 : -1];

169

"Max source filters per socket")struct sysctl_oid sysctl__net_inet_ip_mcast_maxsocksrc = { &
sysctl__net_inet_ip_mcast_children, { 0 }, (-1), (int)(2|(0x80000000
|0x40000000) | 0x00800000|0x00400000), &in_mcast_maxsocksrc
, (int)(0), "maxsocksrc", sysctl_handle_long, "L", "Max source filters per socket"
, 1, 0 }; void const * __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_maxsocksrc
__attribute__ ((section("__DATA,__sysctl_set"),used)) = (void
*)&sysctl__net_inet_ip_mcast_maxsocksrc; typedef char _sysctl__net_inet_ip_mcast_maxsocksrc_size_check
[(__builtin_constant_p(&in_mcast_maxsocksrc) || sizeof(*(
&in_mcast_maxsocksrc)) == sizeof(long)) ? 0 : -1];;

170

171

int in_mcast_loop = IP_DEFAULT_MULTICAST_LOOP1;

172

SYSCTL_INT(_net_inet_ip_mcast, OID_AUTO, loop, CTLFLAG_RW | CTLFLAG_LOCKED,struct sysctl_oid sysctl__net_inet_ip_mcast_loop = { &sysctl__net_inet_ip_mcast_children
, { 0 }, (-1), (int)(2|(0x80000000|0x40000000) | 0x00800000|0x00400000
), &in_mcast_loop, (int)(0), "loop", sysctl_handle_int, "I"
, "Loopback multicast datagrams by default", 1, 0 }; void const
* __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_loop __attribute__
((section("__DATA,__sysctl_set"),used)) = (void *)&sysctl__net_inet_ip_mcast_loop
; typedef char _sysctl__net_inet_ip_mcast_loop_size_check[(__builtin_constant_p
(&in_mcast_loop) || sizeof(*(&in_mcast_loop)) == sizeof
(int)) ? 0 : -1];

173

&in_mcast_loop, 0, "Loopback multicast datagrams by default")struct sysctl_oid sysctl__net_inet_ip_mcast_loop = { &sysctl__net_inet_ip_mcast_children
, { 0 }, (-1), (int)(2|(0x80000000|0x40000000) | 0x00800000|0x00400000
), &in_mcast_loop, (int)(0), "loop", sysctl_handle_int, "I"
, "Loopback multicast datagrams by default", 1, 0 }; void const
* __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_loop __attribute__
((section("__DATA,__sysctl_set"),used)) = (void *)&sysctl__net_inet_ip_mcast_loop
; typedef char _sysctl__net_inet_ip_mcast_loop_size_check[(__builtin_constant_p
(&in_mcast_loop) || sizeof(*(&in_mcast_loop)) == sizeof
(int)) ? 0 : -1];;

174

175

SYSCTL_NODE(_net_inet_ip_mcast, OID_AUTO, filters,struct sysctl_oid_list sysctl__net_inet_ip_mcast_filters_children
; struct sysctl_oid sysctl__net_inet_ip_mcast_filters = { &
sysctl__net_inet_ip_mcast_children, { 0 }, (-1), (int)(1|0x80000000
| 0x00800000|0x00400000), (void*)&sysctl__net_inet_ip_mcast_filters_children
, (int)(0), "filters", sysctl_ip_mcast_filters, "N", "Per-interface stack-wide source filters"
, 1, 0 }; void const * __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_filters
__attribute__ ((section("__DATA,__sysctl_set"),used)) = (void
*)&sysctl__net_inet_ip_mcast_filters;

176

CTLFLAG_RD | CTLFLAG_LOCKED, sysctl_ip_mcast_filters,struct sysctl_oid_list sysctl__net_inet_ip_mcast_filters_children
; struct sysctl_oid sysctl__net_inet_ip_mcast_filters = { &
sysctl__net_inet_ip_mcast_children, { 0 }, (-1), (int)(1|0x80000000
| 0x00800000|0x00400000), (void*)&sysctl__net_inet_ip_mcast_filters_children
, (int)(0), "filters", sysctl_ip_mcast_filters, "N", "Per-interface stack-wide source filters"
, 1, 0 }; void const * __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_filters
__attribute__ ((section("__DATA,__sysctl_set"),used)) = (void
*)&sysctl__net_inet_ip_mcast_filters;

177

"Per-interface stack-wide source filters")struct sysctl_oid_list sysctl__net_inet_ip_mcast_filters_children
; struct sysctl_oid sysctl__net_inet_ip_mcast_filters = { &
sysctl__net_inet_ip_mcast_children, { 0 }, (-1), (int)(1|0x80000000
| 0x00800000|0x00400000), (void*)&sysctl__net_inet_ip_mcast_filters_children
, (int)(0), "filters", sysctl_ip_mcast_filters, "N", "Per-interface stack-wide source filters"
, 1, 0 }; void const * __set___sysctl_set_sym_sysctl__net_inet_ip_mcast_filters
__attribute__ ((section("__DATA,__sysctl_set"),used)) = (void
*)&sysctl__net_inet_ip_mcast_filters;;

178

179

RB_GENERATE_PREV(ip_msource_tree, ip_msource, ims_link, ip_msource_cmp)struct ip_msource *ip_msource_tree_RB_GETPARENT(struct ip_msource
*elm) { struct ip_msource *parent = (elm)->ims_link.rbe_parent
; if( parent != ((void *)0)) { parent = (struct ip_msource*)(
(uintptr_t)parent & ~(uintptr_t)0x1); return( (struct ip_msource
*) ( (parent == (struct ip_msource*) ((void *)0)) ? ((void *)
0): parent)); } return((struct ip_msource*)((void *)0)); } int
ip_msource_tree_RB_GETCOLOR(struct ip_msource *elm) { int color
= 0; color = (int)((uintptr_t)(elm)->ims_link.rbe_parent &
(uintptr_t)0x1); return(color); } void ip_msource_tree_RB_SETCOLOR
(struct ip_msource *elm,int color) { struct ip_msource *parent
= ip_msource_tree_RB_GETPARENT(elm); if(parent == (struct ip_msource
*)((void *)0)) parent = (struct ip_msource*) ((void *)0); (elm
)->ims_link.rbe_parent = (struct ip_msource*)((uintptr_t)parent
| (unsigned int)color);} struct ip_msource *ip_msource_tree_RB_SETPARENT
(struct ip_msource *elm, struct ip_msource *parent) { int color
= ip_msource_tree_RB_GETCOLOR(elm); (elm)->ims_link.rbe_parent
= parent; if(color) ip_msource_tree_RB_SETCOLOR(elm, color);
return(ip_msource_tree_RB_GETPARENT(elm)); } void ip_msource_tree_RB_INSERT_COLOR
(struct ip_msource_tree *head, struct ip_msource *elm) { struct
ip_msource *parent, *gparent, *tmp; while ((parent = ip_msource_tree_RB_GETPARENT
(elm)) != ((void *)0) && ip_msource_tree_RB_GETCOLOR(
parent) == 1) { gparent = ip_msource_tree_RB_GETPARENT(parent
); if (parent == (gparent)->ims_link.rbe_left) { tmp = (gparent
)->ims_link.rbe_right; if (tmp && ip_msource_tree_RB_GETCOLOR
(tmp) == 1) { ip_msource_tree_RB_SETCOLOR(tmp, 0); do { ip_msource_tree_RB_SETCOLOR
(parent, 0); ip_msource_tree_RB_SETCOLOR(gparent, 1); } while
( 0); elm = gparent; continue; } if ((parent)->ims_link.rbe_right
== elm) { do { (tmp) = (parent)->ims_link.rbe_right; if (
((parent)->ims_link.rbe_right = (tmp)->ims_link.rbe_left
) != ((void *)0)) { ip_msource_tree_RB_SETPARENT((tmp)->ims_link
.rbe_left,(parent)); } (void)(parent); if (ip_msource_tree_RB_SETPARENT
(tmp, ip_msource_tree_RB_GETPARENT(parent)) != ((void *)0)) {
if ((parent) == (ip_msource_tree_RB_GETPARENT(parent))->ims_link
.rbe_left) (ip_msource_tree_RB_GETPARENT(parent))->ims_link
.rbe_left = (tmp); else (ip_msource_tree_RB_GETPARENT(parent)
)->ims_link.rbe_right = (tmp); } else (head)->rbh_root =
(tmp); (tmp)->ims_link.rbe_left = (parent); ip_msource_tree_RB_SETPARENT
(parent, (tmp)); (void)(tmp); if ((ip_msource_tree_RB_GETPARENT
(tmp))) (void)(ip_msource_tree_RB_GETPARENT(tmp)); } while ( 0
); tmp = parent; parent = elm; elm = tmp; } do { ip_msource_tree_RB_SETCOLOR
(parent, 0); ip_msource_tree_RB_SETCOLOR(gparent, 1); } while
( 0); do { (tmp) = (gparent)->ims_link.rbe_left; if (((gparent
)->ims_link.rbe_left = (tmp)->ims_link.rbe_right) != ((
void *)0)) { ip_msource_tree_RB_SETPARENT((tmp)->ims_link.
rbe_right, (gparent)); } (void)(gparent); if (ip_msource_tree_RB_SETPARENT
(tmp, ip_msource_tree_RB_GETPARENT(gparent)) != ((void *)0)) {
if ((gparent) == (ip_msource_tree_RB_GETPARENT(gparent))->
ims_link.rbe_left) (ip_msource_tree_RB_GETPARENT(gparent))->
ims_link.rbe_left = (tmp); else (ip_msource_tree_RB_GETPARENT
(gparent))->ims_link.rbe_right = (tmp); } else (head)->
rbh_root = (tmp); (tmp)->ims_link.rbe_right = (gparent); ip_msource_tree_RB_SETPARENT
(gparent, tmp); (void)(tmp); if ((ip_msource_tree_RB_GETPARENT
(tmp))) (void)(ip_msource_tree_RB_GETPARENT(tmp)); } while ( 0
); } else { tmp = (gparent)->ims_link.rbe_left; if (tmp &&
ip_msource_tree_RB_GETCOLOR(tmp) == 1) { ip_msource_tree_RB_SETCOLOR
(tmp, 0); do { ip_msource_tree_RB_SETCOLOR(parent, 0); ip_msource_tree_RB_SETCOLOR
(gparent, 1); } while ( 0); elm = gparent; continue; } if ((parent
)->ims_link.rbe_left == elm) { do { (tmp) = (parent)->ims_link
.rbe_left; if (((parent)->ims_link.rbe_left = (tmp)->ims_link
.rbe_right) != ((void *)0)) { ip_msource_tree_RB_SETPARENT((tmp
)->ims_link.rbe_right, (parent)); } (void)(parent); if (ip_msource_tree_RB_SETPARENT
(tmp, ip_msource_tree_RB_GETPARENT(parent)) != ((void *)0)) {
if ((parent) == (ip_msource_tree_RB_GETPARENT(parent))->ims_link
.rbe_left) (ip_msource_tree_RB_GETPARENT(parent))->ims_link
.rbe_left = (tmp); else (ip_msource_tree_RB_GETPARENT(parent)
)->ims_link.rbe_right = (tmp); } else (head)->rbh_root =
(tmp); (tmp)->ims_link.rbe_right = (parent); ip_msource_tree_RB_SETPARENT
(parent, tmp); (void)(tmp); if ((ip_msource_tree_RB_GETPARENT
(tmp))) (void)(ip_msource_tree_RB_GETPARENT(tmp)); } while ( 0
); tmp = parent; parent = elm; elm = tmp; } do { ip_msource_tree_RB_SETCOLOR
(parent, 0); ip_msource_tree_RB_SETCOLOR(gparent, 1); } while
( 0); do { (tmp) = (gparent)->ims_link.rbe_right; if (((gparent
)->ims_link.rbe_right = (tmp)->ims_link.rbe_left) != ((
void *)0)) { ip_msource_tree_RB_SETPARENT((tmp)->ims_link.
rbe_left,(gparent)); } (void)(gparent); if (ip_msource_tree_RB_SETPARENT
(tmp, ip_msource_tree_RB_GETPARENT(gparent)) != ((void *)0)) {
if ((gparent) == (ip_msource_tree_RB_GETPARENT(gparent))->
ims_link.rbe_left) (ip_msource_tree_RB_GETPARENT(gparent))->
ims_link.rbe_left = (tmp); else (ip_msource_tree_RB_GETPARENT
(gparent))->ims_link.rbe_right = (tmp); } else (head)->
rbh_root = (tmp); (tmp)->ims_link.rbe_left = (gparent); ip_msource_tree_RB_SETPARENT
(gparent, (tmp)); (void)(tmp); if ((ip_msource_tree_RB_GETPARENT
(tmp))) (void)(ip_msource_tree_RB_GETPARENT(tmp)); } while ( 0
); } } ip_msource_tree_RB_SETCOLOR(head->rbh_root, 0); } void
ip_msource_tree_RB_REMOVE_COLOR(struct ip_msource_tree *head
, struct ip_msource *parent, struct ip_msource *elm) { struct
ip_msource *tmp; while ((elm == ((void *)0) || ip_msource_tree_RB_GETCOLOR
(elm) == 0) && elm != (head)->rbh_root) { if ((parent
)->ims_link.rbe_left == elm) { tmp = (parent)->ims_link
.rbe_right; if (ip_msource_tree_RB_GETCOLOR(tmp) == 1) { do {
ip_msource_tree_RB_SETCOLOR(tmp, 0); ip_msource_tree_RB_SETCOLOR
(parent, 1); } while ( 0); do { (tmp) = (parent)->ims_link
.rbe_right; if (((parent)->ims_link.rbe_right = (tmp)->
ims_link.rbe_left) != ((void *)0)) { ip_msource_tree_RB_SETPARENT
((tmp)->ims_link.rbe_left,(parent)); } (void)(parent); if (
ip_msource_tree_RB_SETPARENT(tmp, ip_msource_tree_RB_GETPARENT
(parent)) != ((void *)0)) { if ((parent) == (ip_msource_tree_RB_GETPARENT
(parent))->ims_link.rbe_left) (ip_msource_tree_RB_GETPARENT
(parent))->ims_link.rbe_left = (tmp); else (ip_msource_tree_RB_GETPARENT
(parent))->ims_link.rbe_right = (tmp); } else (head)->rbh_root
= (tmp); (tmp)->ims_link.rbe_left = (parent); ip_msource_tree_RB_SETPARENT
(parent, (tmp)); (void)(tmp); if ((ip_msource_tree_RB_GETPARENT
(tmp))) (void)(ip_msource_tree_RB_GETPARENT(tmp)); } while ( 0
); tmp = (parent)->ims_link.rbe_right; } if (((tmp)->ims_link
.rbe_left == ((void *)0) || ip_msource_tree_RB_GETCOLOR((tmp)
->ims_link.rbe_left) == 0) && ((tmp)->ims_link.
rbe_right == ((void *)0) || ip_msource_tree_RB_GETCOLOR((tmp)
->ims_link.rbe_right) == 0)) { ip_msource_tree_RB_SETCOLOR
(tmp, 1); elm = parent; parent = ip_msource_tree_RB_GETPARENT
(elm); } else { if ((tmp)->ims_link.rbe_right == ((void *)
0) || ip_msource_tree_RB_GETCOLOR((tmp)->ims_link.rbe_right
) == 0) { struct ip_msource *oleft; if ((oleft = (tmp)->ims_link
.rbe_left) != ((void *)0)) ip_msource_tree_RB_SETCOLOR(oleft,
0); ip_msource_tree_RB_SETCOLOR(tmp, 1); do { (oleft) = (tmp
)->ims_link.rbe_left; if (((tmp)->ims_link.rbe_left = (
oleft)->ims_link.rbe_right) != ((void *)0)) { ip_msource_tree_RB_SETPARENT
((oleft)->ims_link.rbe_right, (tmp)); } (void)(tmp); if (ip_msource_tree_RB_SETPARENT
(oleft, ip_msource_tree_RB_GETPARENT(tmp)) != ((void *)0)) { if
((tmp) == (ip_msource_tree_RB_GETPARENT(tmp))->ims_link.rbe_left
) (ip_msource_tree_RB_GETPARENT(tmp))->ims_link.rbe_left =
(oleft); else (ip_msource_tree_RB_GETPARENT(tmp))->ims_link
.rbe_right = (oleft); } else (head)->rbh_root = (oleft); (
oleft)->ims_link.rbe_right = (tmp); ip_msource_tree_RB_SETPARENT
(tmp, oleft); (void)(oleft); if ((ip_msource_tree_RB_GETPARENT
(oleft))) (void)(ip_msource_tree_RB_GETPARENT(oleft)); } while
( 0); tmp = (parent)->ims_link.rbe_right; } ip_msource_tree_RB_SETCOLOR
(tmp, (ip_msource_tree_RB_GETCOLOR(parent))); ip_msource_tree_RB_SETCOLOR
(parent, 0); if ((tmp)->ims_link.rbe_right) ip_msource_tree_RB_SETCOLOR
((tmp)->ims_link.rbe_right,0); do { (tmp) = (parent)->ims_link
.rbe_right; if (((parent)->ims_link.rbe_right = (tmp)->
ims_link.rbe_left) != ((void *)0)) { ip_msource_tree_RB_SETPARENT
((tmp)->ims_link.rbe_left,(parent)); } (void)(parent); if (
ip_msource_tree_RB_SETPARENT(tmp, ip_msource_tree_RB_GETPARENT
(parent)) != ((void *)0)) { if ((parent) == (ip_msource_tree_RB_GETPARENT
(parent))->ims_link.rbe_left) (ip_msource_tree_RB_GETPARENT
(parent))->ims_link.rbe_left = (tmp); else (ip_msource_tree_RB_GETPARENT
(parent))->ims_link.rbe_right = (tmp); } else (head)->rbh_root
= (tmp); (tmp)->ims_link.rbe_left = (parent); ip_msource_tree_RB_SETPARENT
(parent, (tmp)); (void)(tmp); if ((ip_msource_tree_RB_GETPARENT
(tmp))) (void)(ip_msource_tree_RB_GETPARENT(tmp)); } while ( 0
); elm = (head)->rbh_root; break; } } else { tmp = (parent
)->ims_link.rbe_left; if (ip_msource_tree_RB_GETCOLOR(tmp)
== 1) { do { ip_msource_tree_RB_SETCOLOR(tmp, 0); ip_msource_tree_RB_SETCOLOR
(parent, 1); } while ( 0); do { (tmp) = (parent)->ims_link
.rbe_left; if (((parent)->ims_link.rbe_left = (tmp)->ims_link
.rbe_right) != ((void *)0)) { ip_msource_tree_RB_SETPARENT((tmp
)->ims_link.rbe_right, (parent)); } (void)(parent); if (ip_msource_tree_RB_SETPARENT
(tmp, ip_msource_tree_RB_GETPARENT(parent)) != ((void *)0)) {
if ((parent) == (ip_msource_tree_RB_GETPARENT(parent))->ims_link
.rbe_left) (ip_msource_tree_RB_GETPARENT(parent))->ims_link
.rbe_left = (tmp); else (ip_msource_tree_RB_GETPARENT(parent)
)->ims_link.rbe_right = (tmp); } else (head)->rbh_root =
(tmp); (tmp)->ims_link.rbe_right = (parent); ip_msource_tree_RB_SETPARENT
(parent, tmp); (void)(tmp); if ((ip_msource_tree_RB_GETPARENT
(tmp))) (void)(ip_msource_tree_RB_GETPARENT(tmp)); } while ( 0
); tmp = (parent)->ims_link.rbe_left; } if (((tmp)->ims_link
.rbe_left == ((void *)0) || ip_msource_tree_RB_GETCOLOR((tmp)
->ims_link.rbe_left) == 0) && ((tmp)->ims_link.
rbe_right == ((void *)0) || ip_msource_tree_RB_GETCOLOR((tmp)
->ims_link.rbe_right) == 0)) { ip_msource_tree_RB_SETCOLOR
(tmp, 1); elm = parent; parent = ip_msource_tree_RB_GETPARENT
(elm); } else { if ((tmp)->ims_link.rbe_left == ((void *)0
) || ip_msource_tree_RB_GETCOLOR((tmp)->ims_link.rbe_left)
== 0) { struct ip_msource *oright; if ((oright = (tmp)->ims_link
.rbe_right) != ((void *)0)) ip_msource_tree_RB_SETCOLOR(oright
, 0); ip_msource_tree_RB_SETCOLOR(tmp, 1); do { (oright) = (tmp
)->ims_link.rbe_right; if (((tmp)->ims_link.rbe_right =
(oright)->ims_link.rbe_left) != ((void *)0)) { ip_msource_tree_RB_SETPARENT
((oright)->ims_link.rbe_left,(tmp)); } (void)(tmp); if (ip_msource_tree_RB_SETPARENT
(oright, ip_msource_tree_RB_GETPARENT(tmp)) != ((void *)0)) {
if ((tmp) == (ip_msource_tree_RB_GETPARENT(tmp))->ims_link
.rbe_left) (ip_msource_tree_RB_GETPARENT(tmp))->ims_link.rbe_left
= (oright); else (ip_msource_tree_RB_GETPARENT(tmp))->ims_link
.rbe_right = (oright); } else (head)->rbh_root = (oright);
(oright)->ims_link.rbe_left = (tmp); ip_msource_tree_RB_SETPARENT
(tmp, (oright)); (void)(oright); if ((ip_msource_tree_RB_GETPARENT
(oright))) (void)(ip_msource_tree_RB_GETPARENT(oright)); } while
( 0); tmp = (parent)->ims_link.rbe_left; } ip_msource_tree_RB_SETCOLOR
(tmp,(ip_msource_tree_RB_GETCOLOR(parent))); ip_msource_tree_RB_SETCOLOR
(parent, 0); if ((tmp)->ims_link.rbe_left) ip_msource_tree_RB_SETCOLOR
((tmp)->ims_link.rbe_left, 0); do { (tmp) = (parent)->ims_link
.rbe_left; if (((parent)->ims_link.rbe_left = (tmp)->ims_link
.rbe_right) != ((void *)0)) { ip_msource_tree_RB_SETPARENT((tmp
)->ims_link.rbe_right, (parent)); } (void)(parent); if (ip_msource_tree_RB_SETPARENT
(tmp, ip_msource_tree_RB_GETPARENT(parent)) != ((void *)0)) {
if ((parent) == (ip_msource_tree_RB_GETPARENT(parent))->ims_link
.rbe_left) (ip_msource_tree_RB_GETPARENT(parent))->ims_link
.rbe_left = (tmp); else (ip_msource_tree_RB_GETPARENT(parent)
)->ims_link.rbe_right = (tmp); } else (head)->rbh_root =
(tmp); (tmp)->ims_link.rbe_right = (parent); ip_msource_tree_RB_SETPARENT
(parent, tmp); (void)(tmp); if ((ip_msource_tree_RB_GETPARENT
(tmp))) (void)(ip_msource_tree_RB_GETPARENT(tmp)); } while ( 0
); elm = (head)->rbh_root; break; } } } if (elm) ip_msource_tree_RB_SETCOLOR
(elm, 0); } struct ip_msource * ip_msource_tree_RB_REMOVE(struct
ip_msource_tree *head, struct ip_msource *elm) { struct ip_msource
*child, *parent, *old = elm; int color; if ((elm)->ims_link
.rbe_left == ((void *)0)) child = (elm)->ims_link.rbe_right
; else if ((elm)->ims_link.rbe_right == ((void *)0)) child
= (elm)->ims_link.rbe_left; else { struct ip_msource *left
; elm = (elm)->ims_link.rbe_right; while ((left = (elm)->
ims_link.rbe_left) != ((void *)0)) elm = left; child = (elm)->
ims_link.rbe_right; parent = ip_msource_tree_RB_GETPARENT(elm
); color = ip_msource_tree_RB_GETCOLOR(elm); if (child) ip_msource_tree_RB_SETPARENT
(child, parent); if (parent) { if ((parent)->ims_link.rbe_left
== elm) (parent)->ims_link.rbe_left = child; else (parent
)->ims_link.rbe_right = child; (void)(parent); } else (head
)->rbh_root = child; if (ip_msource_tree_RB_GETPARENT(elm)
== old) parent = elm; (elm)->ims_link = (old)->ims_link
; if (ip_msource_tree_RB_GETPARENT(old)) { if ((ip_msource_tree_RB_GETPARENT
(old))->ims_link.rbe_left == old) (ip_msource_tree_RB_GETPARENT
(old))->ims_link.rbe_left = elm; else (ip_msource_tree_RB_GETPARENT
(old))->ims_link.rbe_right = elm; (void)(ip_msource_tree_RB_GETPARENT
(old)); } else (head)->rbh_root = elm; ip_msource_tree_RB_SETPARENT
((old)->ims_link.rbe_left, elm); if ((old)->ims_link.rbe_right
) ip_msource_tree_RB_SETPARENT((old)->ims_link.rbe_right, elm
); if (parent) { left = parent; do { (void)(left); } while ((
left = ip_msource_tree_RB_GETPARENT(left)) != ((void *)0)); }
goto color; } parent = ip_msource_tree_RB_GETPARENT(elm); color
= ip_msource_tree_RB_GETCOLOR(elm); if (child) ip_msource_tree_RB_SETPARENT
(child, parent); if (parent) { if ((parent)->ims_link.rbe_left
== elm) (parent)->ims_link.rbe_left = child; else (parent
)->ims_link.rbe_right = child; (void)(parent); } else (head
)->rbh_root = child; color: if (color == 0) ip_msource_tree_RB_REMOVE_COLOR
(head, parent, child); return (old); } struct ip_msource * ip_msource_tree_RB_INSERT
(struct ip_msource_tree *head, struct ip_msource *elm) { struct
ip_msource *tmp; struct ip_msource *parent = ((void *)0); int
comp = 0; tmp = (head)->rbh_root; while (tmp) { parent = tmp
; comp = (ip_msource_cmp)(elm, parent); if (comp < 0) tmp =
(tmp)->ims_link.rbe_left; else if (comp > 0) tmp = (tmp
)->ims_link.rbe_right; else return (tmp); } do { ip_msource_tree_RB_SETPARENT
(elm, parent); (elm)->ims_link.rbe_left = (elm)->ims_link
.rbe_right = ((void *)0); ip_msource_tree_RB_SETCOLOR(elm, 1)
; } while ( 0); if (parent != ((void *)0)) { if (comp < 0)
(parent)->ims_link.rbe_left = elm; else (parent)->ims_link
.rbe_right = elm; (void)(parent); } else (head)->rbh_root =
elm; ip_msource_tree_RB_INSERT_COLOR(head, elm); return (((void
*)0)); } struct ip_msource * ip_msource_tree_RB_FIND(struct ip_msource_tree
*head, struct ip_msource *elm) { struct ip_msource *tmp = (head
)->rbh_root; int comp; while (tmp) { comp = ip_msource_cmp
(elm, tmp); if (comp < 0) tmp = (tmp)->ims_link.rbe_left
; else if (comp > 0) tmp = (tmp)->ims_link.rbe_right; else
return (tmp); } return (((void *)0)); } struct ip_msource * ip_msource_tree_RB_NEXT
(struct ip_msource *elm) { if ((elm)->ims_link.rbe_right) {
elm = (elm)->ims_link.rbe_right; while ((elm)->ims_link
.rbe_left) elm = (elm)->ims_link.rbe_left; } else { if (ip_msource_tree_RB_GETPARENT
(elm) && (elm == (ip_msource_tree_RB_GETPARENT(elm))->
ims_link.rbe_left)) elm = ip_msource_tree_RB_GETPARENT(elm); else
{ while (ip_msource_tree_RB_GETPARENT(elm) && (elm ==
(ip_msource_tree_RB_GETPARENT(elm))->ims_link.rbe_right))
elm = ip_msource_tree_RB_GETPARENT(elm); elm = ip_msource_tree_RB_GETPARENT
(elm); } } return (elm); } struct ip_msource * ip_msource_tree_RB_MINMAX
(struct ip_msource_tree *head, int val) { struct ip_msource *
tmp = (head)->rbh_root; struct ip_msource *parent = ((void
*)0); while (tmp) { parent = tmp; if (val < 0) tmp = (tmp
)->ims_link.rbe_left; else tmp = (tmp)->ims_link.rbe_right
; } return (parent); } struct ip_msource * ip_msource_tree_RB_PREV
(struct ip_msource *elm) { if ((elm)->ims_link.rbe_left) {
elm = (elm)->ims_link.rbe_left; while ((elm)->ims_link
.rbe_right) elm = (elm)->ims_link.rbe_right; } else { if (
ip_msource_tree_RB_GETPARENT(elm) && (elm == (ip_msource_tree_RB_GETPARENT
(elm))->ims_link.rbe_right)) elm = ip_msource_tree_RB_GETPARENT
(elm); else { while (ip_msource_tree_RB_GETPARENT(elm) &&
(elm == (ip_msource_tree_RB_GETPARENT(elm))->ims_link.rbe_left
)) elm = ip_msource_tree_RB_GETPARENT(elm); elm = ip_msource_tree_RB_GETPARENT
(elm); } } return (elm); };

180

181

#define INM_TRACE_HIST_SIZE32 32 /* size of trace history */

182

183

/* For gdb */

184

__private_extern__ unsigned int inm_trace_hist_size = INM_TRACE_HIST_SIZE32;

185

186

struct in_multi_dbg {

187

struct in_multi inm; /* in_multi */

188

u_int16_t inm_refhold_cnt; /* # of ref */

189

u_int16_t inm_refrele_cnt; /* # of rele */

190

191

* Circular lists of inm_addref and inm_remref callers.

192

193

ctrace_t inm_refhold[INM_TRACE_HIST_SIZE32];

194

ctrace_t inm_refrele[INM_TRACE_HIST_SIZE32];

195

196

* Trash list linkage

197

198

TAILQ_ENTRY(in_multi_dbg)struct { struct in_multi_dbg *tqe_next; struct in_multi_dbg *
*tqe_prev; } inm_trash_link;

199

};

200

201

/* List of trash in_multi entries protected by inm_trash_lock */

202

static TAILQ_HEAD(, in_multi_dbg)struct { struct in_multi_dbg *tqh_first; struct in_multi_dbg *
*tqh_last; } inm_trash_head;

203

static decl_lck_mtx_data(, inm_trash_lock)lck_mtx_t inm_trash_lock;;

204

205

#define INM_ZONE_MAX64 64 /* maximum elements in zone */

206

#define INM_ZONE_NAME"in_multi" "in_multi" /* zone name */

207

208

#if DEBUG

209

static unsigned int inm_debug = 1; /* debugging (enabled) */

210

#else

211

static unsigned int inm_debug; /* debugging (disabled) */

212

#endif /* !DEBUG */

213

static unsigned int inm_size; /* size of zone element */

214

static struct zone *inm_zone; /* zone for in_multi */

215

216

#define IPMS_ZONE_MAX64 64 /* maximum elements in zone */

217

#define IPMS_ZONE_NAME"ip_msource" "ip_msource" /* zone name */

218

219

static unsigned int ipms_size; /* size of zone element */

220

static struct zone *ipms_zone; /* zone for ip_msource */

221

222

#define INMS_ZONE_MAX64 64 /* maximum elements in zone */

223

#define INMS_ZONE_NAME"in_msource" "in_msource" /* zone name */

224

225

static unsigned int inms_size; /* size of zone element */

226

static struct zone *inms_zone; /* zone for in_msource */

227

228

/* Lock group and attribute for in_multihead_lock lock */

229

static lck_attr_t *in_multihead_lock_attr;

230

static lck_grp_t *in_multihead_lock_grp;

231

static lck_grp_attr_t *in_multihead_lock_grp_attr;

232

233

static decl_lck_rw_data(, in_multihead_lock)lck_rw_t in_multihead_lock;;

234

struct in_multihead in_multihead;

235

236

static struct in_multi *in_multi_alloc(int);

237

static void in_multi_free(struct in_multi *);

238

static void in_multi_attach(struct in_multi *);

239

static void inm_trace(struct in_multi *, int);

240

241

static struct ip_msource *ipms_alloc(int);

242

static void ipms_free(struct ip_msource *);

243

static struct in_msource *inms_alloc(int);

244

static void inms_free(struct in_msource *);

245

246

static __inline int

247

ip_msource_cmp(const struct ip_msource *a, const struct ip_msource *b)

248

{

249

250

if (a->ims_haddr < b->ims_haddr)

251

return (-1);

252

if (a->ims_haddr == b->ims_haddr)

253

return (0);

254

return (1);

255

}

256

257

258

* Inline function which wraps assertions for a valid ifp.

259

260

static __inline__ int

261

inm_is_ifp_detached(const struct in_multi *inm)

262

{

263

VERIFY(inm->inm_ifma != NULL)((void)(__builtin_expect(!!((long)((inm->inm_ifma != ((void
*)0)))), 1L) || assfail("inm->inm_ifma != NULL", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 263)));

264

VERIFY(inm->inm_ifp == inm->inm_ifma->ifma_ifp)((void)(__builtin_expect(!!((long)((inm->inm_ifp == inm->
inm_ifma->ifma_ifp))), 1L) || assfail("inm->inm_ifp == inm->inm_ifma->ifma_ifp"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 264
)));

265

266

return (!ifnet_is_attached(inm->inm_ifp, 0));

267

}

268

269

270

* Initialize an in_mfilter structure to a known state at t0, t1

271

* with an empty source filter list.

272

273

static __inline__ void

274

imf_init(struct in_mfilter *imf, const int st0, const int st1)

275

{

276

memset(imf, 0, sizeof(struct in_mfilter));

277

RB_INIT(&imf->imf_sources)do { (&imf->imf_sources)->rbh_root = ((void *)0); }
while ( 0);

278

imf->imf_st[0] = st0;

279

imf->imf_st[1] = st1;

280

}

281

282

283

* Resize the ip_moptions vector to the next power-of-two minus 1.

284

285

static int

286

imo_grow(struct ip_moptions *imo, size_t newmax)

287

{

288

struct in_multi **nmships;

289

struct in_multi **omships;

290

struct in_mfilter *nmfilters;

291

struct in_mfilter *omfilters;

292

size_t idx;

293

size_t oldmax;

294

295

IMO_LOCK_ASSERT_HELD(imo)lck_mtx_assert(&(imo)->imo_lock, 1);

296

297

nmships = NULL((void *)0);

298

nmfilters = NULL((void *)0);

299

omships = imo->imo_membership;

300

omfilters = imo->imo_mfilters;

301

oldmax = imo->imo_max_memberships;

302

if (newmax == 0)

303

newmax = ((oldmax + 1) * 2) - 1;

304

305

if (newmax > IP_MAX_MEMBERSHIPS4095)

306

return (ETOOMANYREFS59);

307

308

if ((nmships = (struct in_multi **)_REALLOC(omships,({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __REALLOC(omships, sizeof (struct in_multi *) * newmax, 53
, 0x0000 | 0x0004, &site); })

309

sizeof (struct in_multi *) * newmax, M_IPMOPTS,({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __REALLOC(omships, sizeof (struct in_multi *) * newmax, 53
, 0x0000 | 0x0004, &site); })

310

M_WAITOK | M_ZERO)({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __REALLOC(omships, sizeof (struct in_multi *) * newmax, 53
, 0x0000 | 0x0004, &site); })) == NULL((void *)0))

311

return (ENOMEM12);

312

313

imo->imo_membership = nmships;

314

315

if ((nmfilters = (struct in_mfilter *)_REALLOC(omfilters,({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __REALLOC(omfilters, sizeof (struct in_mfilter) * newmax
, 110, 0x0000 | 0x0004, &site); })

316

sizeof (struct in_mfilter) * newmax, M_INMFILTER,({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __REALLOC(omfilters, sizeof (struct in_mfilter) * newmax
, 110, 0x0000 | 0x0004, &site); })

317

M_WAITOK | M_ZERO)({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __REALLOC(omfilters, sizeof (struct in_mfilter) * newmax
, 110, 0x0000 | 0x0004, &site); })) == NULL((void *)0))

318

return (ENOMEM12);

319

320

imo->imo_mfilters = nmfilters;

321

322

/* Initialize newly allocated source filter heads. */

323

for (idx = oldmax; idx < newmax; idx++)

324

imf_init(&nmfilters[idx], MCAST_UNDEFINED0, MCAST_EXCLUDE2);

325

326

imo->imo_max_memberships = newmax;

327

328

return (0);

329

}

330

331

332

* Find an IPv4 multicast group entry for this ip_moptions instance

333

* which matches the specified group, and optionally an interface.

334

* Return its index into the array, or -1 if not found.

335

336

static size_t

337

imo_match_group(const struct ip_moptions *imo, const struct ifnet *ifp,

338

const struct sockaddr *group)

339

{

340

const struct sockaddr_in *gsin;

341

struct in_multi *pinm;

342

int idx;

343

int nmships;

344

345

IMO_LOCK_ASSERT_HELD(__DECONST(struct ip_moptions *, imo))lck_mtx_assert(&((struct ip_moptions *) (long)(imo))->
imo_lock, 1);

346

347

gsin = (struct sockaddr_in *)(uintptr_t)(size_t)group;

348

349

/* The imo_membership array may be lazy allocated. */

350

if (imo->imo_membership == NULL((void *)0) || imo->imo_num_memberships == 0)

351

return (-1);

352

353

nmships = imo->imo_num_memberships;

354

for (idx = 0; idx < nmships; idx++) {

355

pinm = imo->imo_membership[idx];

356

if (pinm == NULL((void *)0))

357

continue;

358

INM_LOCK(pinm)lck_mtx_lock(&(pinm)->inm_lock);

359

if ((ifp == NULL((void *)0) || (pinm->inm_ifp == ifp)) &&

360

in_hosteq(pinm->inm_addr, gsin->sin_addr)((pinm->inm_addr).s_addr == (gsin->sin_addr).s_addr)) {

361

INM_UNLOCK(pinm)lck_mtx_unlock(&(pinm)->inm_lock);

362

break;

363

}

364

INM_UNLOCK(pinm)lck_mtx_unlock(&(pinm)->inm_lock);

365

}

366

if (idx >= nmships)

367

idx = -1;

368

369

return (idx);

370

}

371

372

373

* Find an IPv4 multicast source entry for this imo which matches

374

* the given group index for this socket, and source address.

375

376

* NOTE: This does not check if the entry is in-mode, merely if

377

* it exists, which may not be the desired behaviour.

378

379

static struct in_msource *

380

imo_match_source(const struct ip_moptions *imo, const size_t gidx,

381

const struct sockaddr *src)

382

{

383

struct ip_msource find;

384

struct in_mfilter *imf;

385

struct ip_msource *ims;

386

const sockunion_t *psa;

387

388

IMO_LOCK_ASSERT_HELD(__DECONST(struct ip_moptions *, imo))lck_mtx_assert(&((struct ip_moptions *) (long)(imo))->
imo_lock, 1);

389

390

VERIFY(src->sa_family == AF_INET)((void)(__builtin_expect(!!((long)((src->sa_family == 2)))
, 1L) || assfail("src->sa_family == AF_INET", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 390)));

391

VERIFY(gidx != (size_t)-1 && gidx < imo->imo_num_memberships)((void)(__builtin_expect(!!((long)((gidx != (size_t)-1 &&
gidx < imo->imo_num_memberships))), 1L) || assfail("gidx != (size_t)-1 && gidx < imo->imo_num_memberships"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 391
)));

392

393

/* The imo_mfilters array may be lazy allocated. */

394

if (imo->imo_mfilters == NULL((void *)0))

395

return (NULL((void *)0));

396

imf = &imo->imo_mfilters[gidx];

397

398

/* Source trees are keyed in host byte order. */

399

psa = (sockunion_t *)(uintptr_t)(size_t)src;

400

find.ims_haddr = ntohl(psa->sin.sin_addr.s_addr)(__builtin_constant_p(psa->sin.sin_addr.s_addr) ? ((__uint32_t
)((((__uint32_t)(psa->sin.sin_addr.s_addr) & 0xff000000
) >> 24) | (((__uint32_t)(psa->sin.sin_addr.s_addr) &
0x00ff0000) >> 8) | (((__uint32_t)(psa->sin.sin_addr
.s_addr) & 0x0000ff00) << 8) | (((__uint32_t)(psa->
sin.sin_addr.s_addr) & 0x000000ff) << 24))) : _OSSwapInt32
(psa->sin.sin_addr.s_addr));

401

ims = RB_FIND(ip_msource_tree, &imf->imf_sources, &find)ip_msource_tree_RB_FIND(&imf->imf_sources, &find);

402

403

return ((struct in_msource *)ims);

404

}

405

406

407

* Perform filtering for multicast datagrams on a socket by group and source.

408

409

* Returns 0 if a datagram should be allowed through, or various error codes

410

* if the socket was not a member of the group, or the source was muted, etc.

411

412

int

413

imo_multi_filter(const struct ip_moptions *imo, const struct ifnet *ifp,

414

const struct sockaddr *group, const struct sockaddr *src)

415

{

416

size_t gidx;

417

struct in_msource *ims;

418

int mode;

419

420

IMO_LOCK_ASSERT_HELD(__DECONST(struct ip_moptions *, imo))lck_mtx_assert(&((struct ip_moptions *) (long)(imo))->
imo_lock, 1);

421

VERIFY(ifp != NULL)((void)(__builtin_expect(!!((long)((ifp != ((void *)0)))), 1L
) || assfail("ifp != NULL", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 421)));

422

423

gidx = imo_match_group(imo, ifp, group);

424

if (gidx == (size_t)-1)

425

return (MCAST_NOTGMEMBER1);

426

427

428

* Check if the source was included in an (S,G) join.

429

* Allow reception on exclusive memberships by default,

430

* reject reception on inclusive memberships by default.

431

* Exclude source only if an in-mode exclude filter exists.

432

* Include source only if an in-mode include filter exists.

433

* NOTE: We are comparing group state here at IGMP t1 (now)

434

* with socket-layer t0 (since last downcall).

435

436

mode = imo->imo_mfilters[gidx].imf_st[1];

437

ims = imo_match_source(imo, gidx, src);

438

439

if ((ims == NULL((void *)0) && mode == MCAST_INCLUDE1) ||

440

(ims != NULL((void *)0) && ims->imsl_st[0] != mode)) {

441

return (MCAST_NOTSMEMBER2);

442

}

443

444

return (MCAST_PASS0);

445

}

446

447

int

448

imo_clone(struct inpcb *from_inp, struct inpcb *to_inp)

449

{

450

int i, err = 0;

451

struct ip_moptions *from;

452

struct ip_moptions *to;

453

454

from = inp_findmoptions(from_inp);

455

if (from == NULL((void *)0))

456

return (ENOMEM12);

457

458

to = inp_findmoptions(to_inp);

459

if (to == NULL((void *)0)) {

460

IMO_REMREF(from)imo_remref(from);

461

return (ENOMEM12);

462

}

463

464

IMO_LOCK(from)lck_mtx_lock(&(from)->imo_lock);

465

IMO_LOCK(to)lck_mtx_lock(&(to)->imo_lock);

466

467

to->imo_multicast_ifp = from->imo_multicast_ifp;

468

to->imo_multicast_vif = from->imo_multicast_vif;

469

to->imo_multicast_ttl = from->imo_multicast_ttl;

470

to->imo_multicast_loop = from->imo_multicast_loop;

471

472

473

* We're cloning, so drop any existing memberships and source

474

* filters on the destination ip_moptions.

475

476

for (i = 0; i < to->imo_num_memberships; ++i) {

477

struct in_mfilter *imf;

478

479

imf = to->imo_mfilters ? &to->imo_mfilters[i] : NULL((void *)0);

480

if (imf != NULL((void *)0))

481

imf_leave(imf);

482

483

(void) in_leavegroup(to->imo_membership[i], imf);

484

485

if (imf != NULL((void *)0))

486

imf_purge(imf);

487

488

INM_REMREF(to->imo_membership[i])inm_remref(to->imo_membership[i], 0);

489

to->imo_membership[i] = NULL((void *)0);

490

}

491

to->imo_num_memberships = 0;

492

493

VERIFY(to->imo_max_memberships != 0 && from->imo_max_memberships != 0)((void)(__builtin_expect(!!((long)((to->imo_max_memberships
!= 0 && from->imo_max_memberships != 0))), 1L) ||
assfail("to->imo_max_memberships != 0 && from->imo_max_memberships != 0"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 493
)));

494

if (to->imo_max_memberships < from->imo_max_memberships) {

495

496

* Ensure source and destination ip_moptions memberships

497

* and source filters arrays are at least equal in size.

498

499

err = imo_grow(to, from->imo_max_memberships);

500

if (err != 0)

501

goto done;

502

}

503

VERIFY(to->imo_max_memberships >= from->imo_max_memberships)((void)(__builtin_expect(!!((long)((to->imo_max_memberships
>= from->imo_max_memberships))), 1L) || assfail("to->imo_max_memberships >= from->imo_max_memberships"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 503
)));

504

505

506

* Source filtering doesn't apply to OpenTransport socket,

507

* so simply hold additional reference count per membership.

508

509

for (i = 0; i < from->imo_num_memberships; i++) {

510

to->imo_membership[i] =

511

in_addmulti(&from->imo_membership[i]->inm_addr,

512

from->imo_membership[i]->inm_ifp);

513

if (to->imo_membership[i] == NULL((void *)0))

514

break;

515

to->imo_num_memberships++;

516

}

517

VERIFY(to->imo_num_memberships == from->imo_num_memberships)((void)(__builtin_expect(!!((long)((to->imo_num_memberships
== from->imo_num_memberships))), 1L) || assfail("to->imo_num_memberships == from->imo_num_memberships"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 517
)));

518

519

done:

520

IMO_UNLOCK(to)lck_mtx_unlock(&(to)->imo_lock);

521

IMO_REMREF(to)imo_remref(to);

522

IMO_UNLOCK(from)lck_mtx_unlock(&(from)->imo_lock);

523

IMO_REMREF(from)imo_remref(from);

524

525

return (err);

526

}

527

528

529

* Find and return a reference to an in_multi record for (ifp, group),

530

* and bump its reference count.

531

* If one does not exist, try to allocate it, and update link-layer multicast

532

* filters on ifp to listen for group.

533

* Return 0 if successful, otherwise return an appropriate error code.

534

535

static int

536

in_getmulti(struct ifnet *ifp, const struct in_addr *group,

537

struct in_multi **pinm)

538

{

539

struct sockaddr_in gsin;

540

struct ifmultiaddr *ifma;

541

struct in_multi *inm;

542

int error;

543

544

in_multihead_lock_shared();

545

IN_LOOKUP_MULTI(group, ifp, inm)do { struct in_multistep _step; do { in_multihead_lock_assert
(0x03); (_step).i_inm = ((&in_multihead)->lh_first); do
{ in_multihead_lock_assert(0x03); if ((((inm)) = ((_step)).i_inm
) != ((void *)0)) ((_step)).i_inm = ((((_step)).i_inm)->inm_link
.le_next); } while (0); } while (0); while ((inm) != ((void *
)0)) { lck_mtx_lock_spin(&(inm)->inm_lock); if ((inm)->
inm_ifp == (ifp) && (inm)->inm_addr.s_addr == (group
)->s_addr) { inm_addref(inm, 1); lck_mtx_unlock(&(inm)
->inm_lock); break; } lck_mtx_unlock(&(inm)->inm_lock
); do { in_multihead_lock_assert(0x03); if (((inm) = (_step).
i_inm) != ((void *)0)) (_step).i_inm = (((_step).i_inm)->inm_link
.le_next); } while (0); } } while (0);

546

if (inm != NULL((void *)0)) {

547

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

548

VERIFY(inm->inm_reqcnt >= 1)((void)(__builtin_expect(!!((long)((inm->inm_reqcnt >= 1
))), 1L) || assfail("inm->inm_reqcnt >= 1", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 548)));

549

inm->inm_reqcnt++;

550

VERIFY(inm->inm_reqcnt != 0)((void)(__builtin_expect(!!((long)((inm->inm_reqcnt != 0))
), 1L) || assfail("inm->inm_reqcnt != 0", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 550)));

551

*pinm = inm;

552

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

553

in_multihead_lock_done();

554

555

* We already joined this group; return the inm

556

* with a refcount held (via lookup) for caller.

557

558

return (0);

559

}

560

in_multihead_lock_done();

561

562

bzero(&gsin, sizeof(gsin));

563

gsin.sin_family = AF_INET2;

564

gsin.sin_len = sizeof(struct sockaddr_in);

565

gsin.sin_addr = *group;

566

567

568

* Check if a link-layer group is already associated

569

* with this network-layer group on the given ifnet.

570

571

error = if_addmulti(ifp, (struct sockaddr *)&gsin, &ifma);

572

if (error != 0)

573

return (error);

574

575

576

* See comments in inm_remref() for access to ifma_protospec.

577

578

in_multihead_lock_exclusive();

579

IFMA_LOCK(ifma)lck_mtx_lock(&(ifma)->ifma_lock);

580

if ((inm = ifma->ifma_protospec) != NULL((void *)0)) {

581

VERIFY(ifma->ifma_addr != NULL)((void)(__builtin_expect(!!((long)((ifma->ifma_addr != ((void
*)0)))), 1L) || assfail("ifma->ifma_addr != NULL", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 581)));

582

VERIFY(ifma->ifma_addr->sa_family == AF_INET)((void)(__builtin_expect(!!((long)((ifma->ifma_addr->sa_family
== 2))), 1L) || assfail("ifma->ifma_addr->sa_family == AF_INET"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 582
)));

583

INM_ADDREF(inm)inm_addref(inm, 0); /* for caller */

584

IFMA_UNLOCK(ifma)lck_mtx_unlock(&(ifma)->ifma_lock);

585

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

586

VERIFY(inm->inm_ifma == ifma)((void)(__builtin_expect(!!((long)((inm->inm_ifma == ifma)
)), 1L) || assfail("inm->inm_ifma == ifma", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 586)));

587

VERIFY(inm->inm_ifp == ifp)((void)(__builtin_expect(!!((long)((inm->inm_ifp == ifp)))
, 1L) || assfail("inm->inm_ifp == ifp", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 587)));

588

VERIFY(in_hosteq(inm->inm_addr, *group))((void)(__builtin_expect(!!((long)((((inm->inm_addr).s_addr
== (*group).s_addr)))), 1L) || assfail("in_hosteq(inm->inm_addr, *group)"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 588
)));

589

if (inm->inm_debug & IFD_ATTACHED0x1) {

590

VERIFY(inm->inm_reqcnt >= 1)((void)(__builtin_expect(!!((long)((inm->inm_reqcnt >= 1
))), 1L) || assfail("inm->inm_reqcnt >= 1", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 590)));

591

inm->inm_reqcnt++;

592

VERIFY(inm->inm_reqcnt != 0)((void)(__builtin_expect(!!((long)((inm->inm_reqcnt != 0))
), 1L) || assfail("inm->inm_reqcnt != 0", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 592)));

593

*pinm = inm;

594

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

595

in_multihead_lock_done();

596

IFMA_REMREF(ifma)ifma_remref(ifma);

597

598

* We lost the race with another thread doing

599

* in_getmulti(); since this group has already

600

* been joined; return the inm with a refcount

601

* held for caller.

602

603

return (0);

604

}

605

606

* We lost the race with another thread doing in_delmulti();

607

* the inm referring to the ifma has been detached, thus we

608

* reattach it back to the in_multihead list and return the

609

* inm with a refcount held for the caller.

610

611

in_multi_attach(inm);

612

VERIFY((inm->inm_debug &((void)(__builtin_expect(!!((long)(((inm->inm_debug & (
0x1 | 0x10)) == 0x1))), 1L) || assfail("(inm->inm_debug & (IFD_ATTACHED | IFD_TRASHED)) == IFD_ATTACHED"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 613
)))

613

(IFD_ATTACHED | IFD_TRASHED)) == IFD_ATTACHED)((void)(__builtin_expect(!!((long)(((inm->inm_debug & (
0x1 | 0x10)) == 0x1))), 1L) || assfail("(inm->inm_debug & (IFD_ATTACHED | IFD_TRASHED)) == IFD_ATTACHED"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 613
)));

614

*pinm = inm;

615

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

616

in_multihead_lock_done();

617

IFMA_REMREF(ifma)ifma_remref(ifma);

618

return (0);

619

}

620

IFMA_UNLOCK(ifma)lck_mtx_unlock(&(ifma)->ifma_lock);

621

622

623

* A new in_multi record is needed; allocate and initialize it.

624

* We DO NOT perform an IGMP join as the in_ layer may need to

625

* push an initial source list down to IGMP to support SSM.

626

627

* The initial source filter state is INCLUDE, {} as per the RFC.

628

629

inm = in_multi_alloc(M_WAITOK0x0000);

630

if (inm == NULL((void *)0)) {

631

in_multihead_lock_done();

632

IFMA_REMREF(ifma)ifma_remref(ifma);

633

return (ENOMEM12);

634

}

635

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

636

inm->inm_addr = *group;

637

inm->inm_ifp = ifp;

638

inm->inm_igi = IGMP_IFINFO(ifp)((ifp)->if_igi);

639

VERIFY(inm->inm_igi != NULL)((void)(__builtin_expect(!!((long)((inm->inm_igi != ((void
*)0)))), 1L) || assfail("inm->inm_igi != NULL", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 639)));

640

IGI_ADDREF(inm->inm_igi)igi_addref(inm->inm_igi, 0);

641

inm->inm_ifma = ifma; /* keep refcount from if_addmulti() */

642

inm->inm_state = IGMP_NOT_MEMBER0;

643

644

* Pending state-changes per group are subject to a bounds check.

645

646

inm->inm_scq.ifq_maxlen = IGMP_MAX_STATE_CHANGES24;

647

inm->inm_st[0].iss_fmode = MCAST_UNDEFINED0;

648

inm->inm_st[1].iss_fmode = MCAST_UNDEFINED0;

649

RB_INIT(&inm->inm_srcs)do { (&inm->inm_srcs)->rbh_root = ((void *)0); } while
( 0);

650

*pinm = inm;

651

in_multi_attach(inm);

652

VERIFY((inm->inm_debug & (IFD_ATTACHED | IFD_TRASHED)) == IFD_ATTACHED)((void)(__builtin_expect(!!((long)(((inm->inm_debug & (
0x1 | 0x10)) == 0x1))), 1L) || assfail("(inm->inm_debug & (IFD_ATTACHED | IFD_TRASHED)) == IFD_ATTACHED"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 652
)));

653

INM_ADDREF_LOCKED(inm)inm_addref(inm, 1); /* for caller */

654

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

655

656

IFMA_LOCK(ifma)lck_mtx_lock(&(ifma)->ifma_lock);

657

VERIFY(ifma->ifma_protospec == NULL)((void)(__builtin_expect(!!((long)((ifma->ifma_protospec ==
((void *)0)))), 1L) || assfail("ifma->ifma_protospec == NULL"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 657
)));

658

ifma->ifma_protospec = inm;

659

IFMA_UNLOCK(ifma)lck_mtx_unlock(&(ifma)->ifma_lock);

660

in_multihead_lock_done();

661

662

return (0);

663

}

664

665

666

* Clear recorded source entries for a group.

667

* Used by the IGMP code.

668

* FIXME: Should reap.

669

670

void

671

inm_clear_recorded(struct in_multi *inm)

672

{

673

struct ip_msource *ims;

674

675

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

676

677

RB_FOREACH(ims, ip_msource_tree, &inm->inm_srcs)for ((ims) = ip_msource_tree_RB_MINMAX(&inm->inm_srcs,
-1); (ims) != ((void *)0); (ims) = ip_msource_tree_RB_NEXT(ims
)) {

678

if (ims->ims_stp) {

679

ims->ims_stp = 0;

680

--inm->inm_st[1].iss_rec;

681

}

682

}

683

VERIFY(inm->inm_st[1].iss_rec == 0)((void)(__builtin_expect(!!((long)((inm->inm_st[1].iss_rec
== 0))), 1L) || assfail("inm->inm_st[1].iss_rec == 0", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 683)));

684

}

685

686

687

* Record a source as pending for a Source-Group IGMPv3 query.

688

* This lives here as it modifies the shared tree.

689

690

* inm is the group descriptor.

691

* naddr is the address of the source to record in network-byte order.

692

693

* If the net.inet.igmp.sgalloc sysctl is non-zero, we will

694

* lazy-allocate a source node in response to an SG query.

695

* Otherwise, no allocation is performed. This saves some memory

696

* with the trade-off that the source will not be reported to the

697

* router if joined in the window between the query response and

698

* the group actually being joined on the local host.

699

700

* Return 0 if the source didn't exist or was already marked as recorded.

701

* Return 1 if the source was marked as recorded by this function.

702

* Return <0 if any error occured (negated errno code).

703

704

int

705

inm_record_source(struct in_multi *inm, const in_addr_t naddr)

706

{

707

struct ip_msource find;

708

struct ip_msource *ims, *nims;

709

710

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

711

712

find.ims_haddr = ntohl(naddr)(__builtin_constant_p(naddr) ? ((__uint32_t)((((__uint32_t)(naddr
) & 0xff000000) >> 24) | (((__uint32_t)(naddr) &
0x00ff0000) >> 8) | (((__uint32_t)(naddr) & 0x0000ff00
) << 8) | (((__uint32_t)(naddr) & 0x000000ff) <<
24))) : _OSSwapInt32(naddr));

713

ims = RB_FIND(ip_msource_tree, &inm->inm_srcs, &find)ip_msource_tree_RB_FIND(&inm->inm_srcs, &find);

714

if (ims && ims->ims_stp)

715

return (0);

716

if (ims == NULL((void *)0)) {

717

if (inm->inm_nsrc == in_mcast_maxgrpsrc)

718

return (-ENOSPC28);

719

nims = ipms_alloc(M_WAITOK0x0000);

720

if (nims == NULL((void *)0))

721

return (-ENOMEM12);

722

nims->ims_haddr = find.ims_haddr;

723

RB_INSERT(ip_msource_tree, &inm->inm_srcs, nims)ip_msource_tree_RB_INSERT(&inm->inm_srcs, nims);

724

++inm->inm_nsrc;

725

ims = nims;

726

}

727

728

729

* Mark the source as recorded and update the recorded

730

* source count.

731

732

++ims->ims_stp;

733

++inm->inm_st[1].iss_rec;

734

735

return (1);

736

}

737

738

739

* Return a pointer to an in_msource owned by an in_mfilter,

740

* given its source address.

741

* Lazy-allocate if needed. If this is a new entry its filter state is

742

* undefined at t0.

743

744

* imf is the filter set being modified.

745

* haddr is the source address in *host* byte-order.

746

747

* Caller is expected to be holding imo_lock.

748

749

static int

750

imf_get_source(struct in_mfilter *imf, const struct sockaddr_in *psin,

751

struct in_msource **plims)

752

{

753

struct ip_msource find;

754

struct ip_msource *ims;

755

struct in_msource *lims;

756

int error;

757

758

error = 0;

759

ims = NULL((void *)0);

760

lims = NULL((void *)0);

761

762

/* key is host byte order */

763

find.ims_haddr = ntohl(psin->sin_addr.s_addr)(__builtin_constant_p(psin->sin_addr.s_addr) ? ((__uint32_t
)((((__uint32_t)(psin->sin_addr.s_addr) & 0xff000000) >>
24) | (((__uint32_t)(psin->sin_addr.s_addr) & 0x00ff0000
) >> 8) | (((__uint32_t)(psin->sin_addr.s_addr) &
0x0000ff00) << 8) | (((__uint32_t)(psin->sin_addr.s_addr
) & 0x000000ff) << 24))) : _OSSwapInt32(psin->sin_addr
.s_addr));

764

ims = RB_FIND(ip_msource_tree, &imf->imf_sources, &find)ip_msource_tree_RB_FIND(&imf->imf_sources, &find);

765

lims = (struct in_msource *)ims;

766

if (lims == NULL((void *)0)) {

767

if (imf->imf_nsrc == in_mcast_maxsocksrc)

768

return (ENOSPC28);

769

lims = inms_alloc(M_WAITOK0x0000);

770

if (lims == NULL((void *)0))

771

return (ENOMEM12);

772

lims->ims_haddr = find.ims_haddr;

773

lims->imsl_st[0] = MCAST_UNDEFINED0;

774

RB_INSERT(ip_msource_tree, &imf->imf_sources,ip_msource_tree_RB_INSERT(&imf->imf_sources, (struct ip_msource
*)lims)

775

(struct ip_msource *)lims)ip_msource_tree_RB_INSERT(&imf->imf_sources, (struct ip_msource
*)lims);

776

++imf->imf_nsrc;

777

}

778

779

*plims = lims;

780

781

return (error);

782

}

783

784

785

* Graft a source entry into an existing socket-layer filter set,

786

* maintaining any required invariants and checking allocations.

787

788

* The source is marked as being in the new filter mode at t1.

789

790

* Return the pointer to the new node, otherwise return NULL.

791

792

* Caller is expected to be holding imo_lock.

793

794

static struct in_msource *

795

imf_graft(struct in_mfilter *imf, const uint8_t st1,

796

const struct sockaddr_in *psin)

797

{

798

struct in_msource *lims;

799

800

lims = inms_alloc(M_WAITOK0x0000);

801

if (lims == NULL((void *)0))

802

return (NULL((void *)0));

803

lims->ims_haddr = ntohl(psin->sin_addr.s_addr)(__builtin_constant_p(psin->sin_addr.s_addr) ? ((__uint32_t
)((((__uint32_t)(psin->sin_addr.s_addr) & 0xff000000) >>
24) | (((__uint32_t)(psin->sin_addr.s_addr) & 0x00ff0000
) >> 8) | (((__uint32_t)(psin->sin_addr.s_addr) &
0x0000ff00) << 8) | (((__uint32_t)(psin->sin_addr.s_addr
) & 0x000000ff) << 24))) : _OSSwapInt32(psin->sin_addr
.s_addr));

804

lims->imsl_st[0] = MCAST_UNDEFINED0;

805

lims->imsl_st[1] = st1;

806

RB_INSERT(ip_msource_tree, &imf->imf_sources,ip_msource_tree_RB_INSERT(&imf->imf_sources, (struct ip_msource
*)lims)

807

(struct ip_msource *)lims)ip_msource_tree_RB_INSERT(&imf->imf_sources, (struct ip_msource
*)lims);

808

++imf->imf_nsrc;

809

810

return (lims);

811

}

812

813

814

* Prune a source entry from an existing socket-layer filter set,

815

* maintaining any required invariants and checking allocations.

816

817

* The source is marked as being left at t1, it is not freed.

818

819

* Return 0 if no error occurred, otherwise return an errno value.

820

821

* Caller is expected to be holding imo_lock.

822

823

static int

824

imf_prune(struct in_mfilter *imf, const struct sockaddr_in *psin)

825

{

826

struct ip_msource find;

827

struct ip_msource *ims;

828

struct in_msource *lims;

829

830

/* key is host byte order */

831

832

ims = RB_FIND(ip_msource_tree, &imf->imf_sources, &find)ip_msource_tree_RB_FIND(&imf->imf_sources, &find);

833

if (ims == NULL((void *)0))

834

return (ENOENT2);

835

lims = (struct in_msource *)ims;

836

lims->imsl_st[1] = MCAST_UNDEFINED0;

837

return (0);

838

}

839

840

841

* Revert socket-layer filter set deltas at t1 to t0 state.

842

843

* Caller is expected to be holding imo_lock.

844

845

static void

846

imf_rollback(struct in_mfilter *imf)

847

{

848

struct ip_msource *ims, *tims;

849

struct in_msource *lims;

850

851

RB_FOREACH_SAFE(ims, ip_msource_tree, &imf->imf_sources, tims)for ((ims) = ip_msource_tree_RB_MINMAX(&imf->imf_sources
, -1); ((ims) != ((void *)0)) && ((tims) = ip_msource_tree_RB_NEXT
(ims), (ims) != ((void *)0)); (ims) = (tims)) {

852

lims = (struct in_msource *)ims;

853

if (lims->imsl_st[0] == lims->imsl_st[1]) {

854

/* no change at t1 */

855

continue;

856

} else if (lims->imsl_st[0] != MCAST_UNDEFINED0) {

857

/* revert change to existing source at t1 */

858

lims->imsl_st[1] = lims->imsl_st[0];

859

} else {

860

/* revert source added t1 */

861

IGMP_PRINTF(("%s: free inms 0x%llx\n", __func__,do { if (igmp_debug) printf ("%s: free inms 0x%llx\n", __func__
, (uint64_t)(((vm_offset_t)(lims) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(lims) + vm_kernel_addrperm)); } while (0)

862

(uint64_t)VM_KERNEL_ADDRPERM(lims)))do { if (igmp_debug) printf ("%s: free inms 0x%llx\n", __func__
, (uint64_t)(((vm_offset_t)(lims) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(lims) + vm_kernel_addrperm)); } while (0);

863

RB_REMOVE(ip_msource_tree, &imf->imf_sources, ims)ip_msource_tree_RB_REMOVE(&imf->imf_sources, ims);

864

inms_free(lims);

865

imf->imf_nsrc--;

866

}

867

}

868

imf->imf_st[1] = imf->imf_st[0];

869

}

870

871

872

* Mark socket-layer filter set as INCLUDE {} at t1.

873

874

* Caller is expected to be holding imo_lock.

875

876

void

877

imf_leave(struct in_mfilter *imf)

878

{

879

struct ip_msource *ims;

880

struct in_msource *lims;

881

882

RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources)for ((ims) = ip_msource_tree_RB_MINMAX(&imf->imf_sources
, -1); (ims) != ((void *)0); (ims) = ip_msource_tree_RB_NEXT(
ims)) {

883

lims = (struct in_msource *)ims;

884

lims->imsl_st[1] = MCAST_UNDEFINED0;

885

}

886

imf->imf_st[1] = MCAST_INCLUDE1;

887

}

888

889

890

* Mark socket-layer filter set deltas as committed.

891

892

* Caller is expected to be holding imo_lock.

893

894

static void

895

imf_commit(struct in_mfilter *imf)

896

{

897

struct ip_msource *ims;

898

struct in_msource *lims;

899

900

RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources)for ((ims) = ip_msource_tree_RB_MINMAX(&imf->imf_sources
, -1); (ims) != ((void *)0); (ims) = ip_msource_tree_RB_NEXT(
ims)) {

901

lims = (struct in_msource *)ims;

902

lims->imsl_st[0] = lims->imsl_st[1];

903

}

904

imf->imf_st[0] = imf->imf_st[1];

905

}

906

907

908

* Reap unreferenced sources from socket-layer filter set.

909

910

* Caller is expected to be holding imo_lock.

911

912

static void

913

imf_reap(struct in_mfilter *imf)

914

{

915

struct ip_msource *ims, *tims;

916

struct in_msource *lims;

917

918

919

lims = (struct in_msource *)ims;

920

if ((lims->imsl_st[0] == MCAST_UNDEFINED0) &&

921

(lims->imsl_st[1] == MCAST_UNDEFINED0)) {

922

923

924

RB_REMOVE(ip_msource_tree, &imf->imf_sources, ims)ip_msource_tree_RB_REMOVE(&imf->imf_sources, ims);

925

inms_free(lims);

926

imf->imf_nsrc--;

927

}

928

}

929

}

930

931

932

* Purge socket-layer filter set.

933

934

* Caller is expected to be holding imo_lock.

935

936

void

937

imf_purge(struct in_mfilter *imf)

938

{

939

struct ip_msource *ims, *tims;

940

struct in_msource *lims;

941

942

943

lims = (struct in_msource *)ims;

944

945

946

RB_REMOVE(ip_msource_tree, &imf->imf_sources, ims)ip_msource_tree_RB_REMOVE(&imf->imf_sources, ims);

947

inms_free(lims);

948

imf->imf_nsrc--;

949

}

950

imf->imf_st[0] = imf->imf_st[1] = MCAST_UNDEFINED0;

951

VERIFY(RB_EMPTY(&imf->imf_sources))((void)(__builtin_expect(!!((long)((((&imf->imf_sources
)->rbh_root == ((void *)0))))), 1L) || assfail("RB_EMPTY(&imf->imf_sources)"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 951
)));

952

}

953

954

955

* Look up a source filter entry for a multicast group.

956

957

* inm is the group descriptor to work with.

958

* haddr is the host-byte-order IPv4 address to look up.

959

* noalloc may be non-zero to suppress allocation of sources.

960

* *pims will be set to the address of the retrieved or allocated source.

961

962

* Return 0 if successful, otherwise return a non-zero error code.

963

964

static int

965

inm_get_source(struct in_multi *inm, const in_addr_t haddr,

966

const int noalloc, struct ip_msource **pims)

967

{

968

struct ip_msource find;

969

struct ip_msource *ims, *nims;

970

#ifdef IGMP_DEBUG1

971

struct in_addr ia;

972

char buf[MAX_IPv4_STR_LEN16];

973

#endif

974

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

975

976

find.ims_haddr = haddr;

977

ims = RB_FIND(ip_msource_tree, &inm->inm_srcs, &find)ip_msource_tree_RB_FIND(&inm->inm_srcs, &find);

978

if (ims == NULL((void *)0) && !noalloc) {

979

if (inm->inm_nsrc == in_mcast_maxgrpsrc)

980

return (ENOSPC28);

981

nims = ipms_alloc(M_WAITOK0x0000);

982

if (nims == NULL((void *)0))

983

return (ENOMEM12);

984

nims->ims_haddr = haddr;

985

RB_INSERT(ip_msource_tree, &inm->inm_srcs, nims)ip_msource_tree_RB_INSERT(&inm->inm_srcs, nims);

986

++inm->inm_nsrc;

987

ims = nims;

988

#ifdef IGMP_DEBUG1

989

ia.s_addr = htonl(haddr)(__builtin_constant_p(haddr) ? ((__uint32_t)((((__uint32_t)(haddr
) & 0xff000000) >> 24) | (((__uint32_t)(haddr) &
0x00ff0000) >> 8) | (((__uint32_t)(haddr) & 0x0000ff00
) << 8) | (((__uint32_t)(haddr) & 0x000000ff) <<
24))) : _OSSwapInt32(haddr));

990

inet_ntop(AF_INET2, &ia, buf, sizeof(buf));

991

IGMP_PRINTF(("%s: allocated %s as 0x%llx\n", __func__,do { if (igmp_debug) printf ("%s: allocated %s as 0x%llx\n", __func__
, buf, (uint64_t)(((vm_offset_t)(ims) == 0) ? (vm_offset_t)(0
) : (vm_offset_t)(ims) + vm_kernel_addrperm)); } while (0)

992

buf, (uint64_t)VM_KERNEL_ADDRPERM(ims)))do { if (igmp_debug) printf ("%s: allocated %s as 0x%llx\n", __func__
, buf, (uint64_t)(((vm_offset_t)(ims) == 0) ? (vm_offset_t)(0
) : (vm_offset_t)(ims) + vm_kernel_addrperm)); } while (0);

993

#endif

994

}

995

996

*pims = ims;

997

return (0);

998

}

999

1000

1001

* Helper function to derive the filter mode on a source entry

1002

* from its internal counters. Predicates are:

1003

* A source is only excluded if all listeners exclude it.

1004

* A source is only included if no listeners exclude it,

1005

* and at least one listener includes it.

1006

* May be used by ifmcstat(8).

1007

1008

uint8_t

1009

ims_get_mode(const struct in_multi *inm, const struct ip_msource *ims,

1010

uint8_t t)

1011

{

1012

INM_LOCK_ASSERT_HELD(__DECONST(struct in_multi *, inm))lck_mtx_assert(&((struct in_multi *) (long)(inm))->inm_lock
, 1);

1013

1014

t = !!t;

1015

if (inm->inm_st[t].iss_ex > 0 &&

1016

inm->inm_st[t].iss_ex == ims->ims_st[t].ex)

1017

return (MCAST_EXCLUDE2);

1018

else if (ims->ims_st[t].in > 0 && ims->ims_st[t].ex == 0)

1019

return (MCAST_INCLUDE1);

1020

return (MCAST_UNDEFINED0);

1021

}

1022

1023

1024

* Merge socket-layer source into IGMP-layer source.

1025

* If rollback is non-zero, perform the inverse of the merge.

1026

1027

static void

1028

ims_merge(struct ip_msource *ims, const struct in_msource *lims,

1029

const int rollback)

1030

{

1031

int n = rollback ? -1 : 1;

1032

#ifdef IGMP_DEBUG1

1033

struct in_addr ia;

1034

1035

ia.s_addr = htonl(ims->ims_haddr)(__builtin_constant_p(ims->ims_haddr) ? ((__uint32_t)((((__uint32_t
)(ims->ims_haddr) & 0xff000000) >> 24) | (((__uint32_t
)(ims->ims_haddr) & 0x00ff0000) >> 8) | (((__uint32_t
)(ims->ims_haddr) & 0x0000ff00) << 8) | (((__uint32_t
)(ims->ims_haddr) & 0x000000ff) << 24))) : _OSSwapInt32
(ims->ims_haddr));

1036

#endif

1037

1038

if (lims->imsl_st[0] == MCAST_EXCLUDE2) {

1039

IGMP_INET_PRINTF(ia,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 ex -= %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0)

1040

("%s: t1 ex -= %d on %s\n",do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 ex -= %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0)

1041

__func__, n, _igmp_inet_buf))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 ex -= %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0);

1042

ims->ims_st[1].ex -= n;

1043

} else if (lims->imsl_st[0] == MCAST_INCLUDE1) {

1044

IGMP_INET_PRINTF(ia,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 in -= %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0)

1045

("%s: t1 in -= %d on %s\n",do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 in -= %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0)

1046

__func__, n, _igmp_inet_buf))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 in -= %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0);

1047

ims->ims_st[1].in -= n;

1048

}

1049

1050

if (lims->imsl_st[1] == MCAST_EXCLUDE2) {

1051

IGMP_INET_PRINTF(ia,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 ex += %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0)

1052

("%s: t1 ex += %d on %s\n",do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 ex += %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0)

1053

__func__, n, _igmp_inet_buf))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 ex += %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0);

1054

ims->ims_st[1].ex += n;

1055

} else if (lims->imsl_st[1] == MCAST_INCLUDE1) {

1056

IGMP_INET_PRINTF(ia,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 in += %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0)

1057

("%s: t1 in += %d on %s\n",do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 in += %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0)

1058

__func__, n, _igmp_inet_buf))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ia), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: t1 in += %d on %s\n"
, __func__, n, _igmp_inet_buf); } } while (0);

1059

ims->ims_st[1].in += n;

1060

}

1061

}

1062

1063

1064

* Atomically update the global in_multi state, when a membership's

1065

* filter list is being updated in any way.

1066

1067

* imf is the per-inpcb-membership group filter pointer.

1068

* A fake imf may be passed for in-kernel consumers.

1069

1070

* XXX This is a candidate for a set-symmetric-difference style loop

1071

* which would eliminate the repeated lookup from root of ims nodes,

1072

* as they share the same key space.

1073

1074

* If any error occurred this function will back out of refcounts

1075

* and return a non-zero value.

1076

1077

static int

1078

inm_merge(struct in_multi *inm, /*const*/ struct in_mfilter *imf)

1079

{

1080

struct ip_msource *ims, *nims;

1081

struct in_msource *lims;

1082

int schanged, error;

1083

int nsrc0, nsrc1;

1084

1085

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

1086

1087

schanged = 0;

1088

error = 0;

1089

nsrc1 = nsrc0 = 0;

1090

1091

1092

* Update the source filters first, as this may fail.

1093

* Maintain count of in-mode filters at t0, t1. These are

1094

* used to work out if we transition into ASM mode or not.

1095

* Maintain a count of source filters whose state was

1096

* actually modified by this operation.

1097

1098

RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources)for ((ims) = ip_msource_tree_RB_MINMAX(&imf->imf_sources
, -1); (ims) != ((void *)0); (ims) = ip_msource_tree_RB_NEXT(
ims)) {

1099

lims = (struct in_msource *)ims;

1100

if (lims->imsl_st[0] == imf->imf_st[0]) nsrc0++;

1101

if (lims->imsl_st[1] == imf->imf_st[1]) nsrc1++;

1102

if (lims->imsl_st[0] == lims->imsl_st[1]) continue;

1103

error = inm_get_source(inm, lims->ims_haddr, 0, &nims);

1104

++schanged;

1105

if (error)

1106

break;

1107

ims_merge(nims, lims, 0);

1108

}

1109

if (error) {

1110

struct ip_msource *bims;

1111

1112

RB_FOREACH_REVERSE_FROM(ims, ip_msource_tree, nims)for ((ims) = (nims); ((ims) != ((void *)0)) && ((nims
) = ip_msource_tree_RB_PREV(ims), (ims) != ((void *)0)); (ims
) = (nims)) {

1113

lims = (struct in_msource *)ims;

1114

if (lims->imsl_st[0] == lims->imsl_st[1])

1115

continue;

1116

(void) inm_get_source(inm, lims->ims_haddr, 1, &bims);

1117

if (bims == NULL((void *)0))

1118

continue;

1119

ims_merge(bims, lims, 1);

1120

}

1121

goto out_reap;

1122

}

1123

1124

IGMP_PRINTF(("%s: imf filters in-mode: %d at t0, %d at t1\n",do { if (igmp_debug) printf ("%s: imf filters in-mode: %d at t0, %d at t1\n"
, __func__, nsrc0, nsrc1); } while (0)

1125

__func__, nsrc0, nsrc1))do { if (igmp_debug) printf ("%s: imf filters in-mode: %d at t0, %d at t1\n"
, __func__, nsrc0, nsrc1); } while (0);

1126

1127

/* Handle transition between INCLUDE {n} and INCLUDE {} on socket. */

1128

if (imf->imf_st[0] == imf->imf_st[1] &&

1129

imf->imf_st[1] == MCAST_INCLUDE1) {

1130

if (nsrc1 == 0) {

1131

IGMP_PRINTF(("%s: --in on inm at t1\n", __func__))do { if (igmp_debug) printf ("%s: --in on inm at t1\n", __func__
); } while (0);

1132

--inm->inm_st[1].iss_in;

1133

}

1134

}

1135

1136

/* Handle filter mode transition on socket. */

1137

if (imf->imf_st[0] != imf->imf_st[1]) {

1138

IGMP_PRINTF(("%s: imf transition %d to %d\n",do { if (igmp_debug) printf ("%s: imf transition %d to %d\n",
__func__, imf->imf_st[0], imf->imf_st[1]); } while (0)

1139

__func__, imf->imf_st[0], imf->imf_st[1]))do { if (igmp_debug) printf ("%s: imf transition %d to %d\n",
__func__, imf->imf_st[0], imf->imf_st[1]); } while (0);

1140

1141

if (imf->imf_st[0] == MCAST_EXCLUDE2) {

1142

IGMP_PRINTF(("%s: --ex on inm at t1\n", __func__))do { if (igmp_debug) printf ("%s: --ex on inm at t1\n", __func__
); } while (0);

1143

--inm->inm_st[1].iss_ex;

1144

} else if (imf->imf_st[0] == MCAST_INCLUDE1) {

1145

IGMP_PRINTF(("%s: --in on inm at t1\n", __func__))do { if (igmp_debug) printf ("%s: --in on inm at t1\n", __func__
); } while (0);

1146

--inm->inm_st[1].iss_in;

1147

}

1148

1149

if (imf->imf_st[1] == MCAST_EXCLUDE2) {

1150

IGMP_PRINTF(("%s: ex++ on inm at t1\n", __func__))do { if (igmp_debug) printf ("%s: ex++ on inm at t1\n", __func__
); } while (0);

1151

inm->inm_st[1].iss_ex++;

1152

} else if (imf->imf_st[1] == MCAST_INCLUDE1 && nsrc1 > 0) {

1153

IGMP_PRINTF(("%s: in++ on inm at t1\n", __func__))do { if (igmp_debug) printf ("%s: in++ on inm at t1\n", __func__
); } while (0);

1154

inm->inm_st[1].iss_in++;

1155

}

1156

}

1157

1158

1159

* Track inm filter state in terms of listener counts.

1160

* If there are any exclusive listeners, stack-wide

1161

* membership is exclusive.

1162

* Otherwise, if only inclusive listeners, stack-wide is inclusive.

1163

* If no listeners remain, state is undefined at t1,

1164

* and the IGMP lifecycle for this group should finish.

1165

1166

if (inm->inm_st[1].iss_ex > 0) {

1167

IGMP_PRINTF(("%s: transition to EX\n", __func__))do { if (igmp_debug) printf ("%s: transition to EX\n", __func__
); } while (0);

1168

inm->inm_st[1].iss_fmode = MCAST_EXCLUDE2;

1169

} else if (inm->inm_st[1].iss_in > 0) {

1170

IGMP_PRINTF(("%s: transition to IN\n", __func__))do { if (igmp_debug) printf ("%s: transition to IN\n", __func__
); } while (0);

1171

inm->inm_st[1].iss_fmode = MCAST_INCLUDE1;

1172

} else {

1173

IGMP_PRINTF(("%s: transition to UNDEF\n", __func__))do { if (igmp_debug) printf ("%s: transition to UNDEF\n", __func__
); } while (0);

1174

inm->inm_st[1].iss_fmode = MCAST_UNDEFINED0;

1175

}

1176

1177

/* Decrement ASM listener count on transition out of ASM mode. */

1178

if (imf->imf_st[0] == MCAST_EXCLUDE2 && nsrc0 == 0) {

1179

if ((imf->imf_st[1] != MCAST_EXCLUDE2) ||

1180

(imf->imf_st[1] == MCAST_EXCLUDE2 && nsrc1 > 0)) {

1181

IGMP_PRINTF(("%s: --asm on inm at t1\n", __func__))do { if (igmp_debug) printf ("%s: --asm on inm at t1\n", __func__
); } while (0);

1182

--inm->inm_st[1].iss_asm;

1183

}

1184

}

1185

1186

/* Increment ASM listener count on transition to ASM mode. */

1187

if (imf->imf_st[1] == MCAST_EXCLUDE2 && nsrc1 == 0) {

1188

IGMP_PRINTF(("%s: asm++ on inm at t1\n", __func__))do { if (igmp_debug) printf ("%s: asm++ on inm at t1\n", __func__
); } while (0);

1189

inm->inm_st[1].iss_asm++;

1190

}

1191

1192

IGMP_PRINTF(("%s: merged imf 0x%llx to inm 0x%llx\n", __func__,do { if (igmp_debug) printf ("%s: merged imf 0x%llx to inm 0x%llx\n"
, __func__, (uint64_t)(((vm_offset_t)(imf) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(imf) + vm_kernel_addrperm), (uint64_t)((
(vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t)(inm
) + vm_kernel_addrperm)); } while (0)

1193

(uint64_t)VM_KERNEL_ADDRPERM(imf),do { if (igmp_debug) printf ("%s: merged imf 0x%llx to inm 0x%llx\n"
, __func__, (uint64_t)(((vm_offset_t)(imf) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(imf) + vm_kernel_addrperm), (uint64_t)((
(vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t)(inm
) + vm_kernel_addrperm)); } while (0)

1194

(uint64_t)VM_KERNEL_ADDRPERM(inm)))do { if (igmp_debug) printf ("%s: merged imf 0x%llx to inm 0x%llx\n"
, __func__, (uint64_t)(((vm_offset_t)(imf) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(imf) + vm_kernel_addrperm), (uint64_t)((
(vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t)(inm
) + vm_kernel_addrperm)); } while (0);

1195

inm_print(inm);

1196

1197

out_reap:

1198

if (schanged > 0) {

1199

IGMP_PRINTF(("%s: sources changed; reaping\n", __func__))do { if (igmp_debug) printf ("%s: sources changed; reaping\n"
, __func__); } while (0);

1200

inm_reap(inm);

1201

}

1202

return (error);

1203

}

1204

1205

1206

* Mark an in_multi's filter set deltas as committed.

1207

* Called by IGMP after a state change has been enqueued.

1208

1209

void

1210

inm_commit(struct in_multi *inm)

1211

{

1212

struct ip_msource *ims;

1213

1214

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

1215

1216

IGMP_PRINTF(("%s: commit inm 0x%llx\n", __func__,do { if (igmp_debug) printf ("%s: commit inm 0x%llx\n", __func__
, (uint64_t)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(inm) + vm_kernel_addrperm)); } while (0)

1217

(uint64_t)VM_KERNEL_ADDRPERM(inm)))do { if (igmp_debug) printf ("%s: commit inm 0x%llx\n", __func__
, (uint64_t)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(inm) + vm_kernel_addrperm)); } while (0);

1218

IGMP_PRINTF(("%s: pre commit:\n", __func__))do { if (igmp_debug) printf ("%s: pre commit:\n", __func__); }
while (0);

1219

inm_print(inm);

1220

1221

RB_FOREACH(ims, ip_msource_tree, &inm->inm_srcs)for ((ims) = ip_msource_tree_RB_MINMAX(&inm->inm_srcs,
-1); (ims) != ((void *)0); (ims) = ip_msource_tree_RB_NEXT(ims
)) {

1222

ims->ims_st[0] = ims->ims_st[1];

1223

}

1224

inm->inm_st[0] = inm->inm_st[1];

1225

}

1226

1227

1228

* Reap unreferenced nodes from an in_multi's filter set.

1229

1230

static void

1231

inm_reap(struct in_multi *inm)

1232

{

1233

struct ip_msource *ims, *tims;

1234

1235

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

1236

1237

RB_FOREACH_SAFE(ims, ip_msource_tree, &inm->inm_srcs, tims)for ((ims) = ip_msource_tree_RB_MINMAX(&inm->inm_srcs,
-1); ((ims) != ((void *)0)) && ((tims) = ip_msource_tree_RB_NEXT
(ims), (ims) != ((void *)0)); (ims) = (tims)) {

1238

if (ims->ims_st[0].ex > 0 || ims->ims_st[0].in > 0 ||

1239

ims->ims_st[1].ex > 0 || ims->ims_st[1].in > 0 ||

1240

ims->ims_stp != 0)

1241

continue;

1242

IGMP_PRINTF(("%s: free ims 0x%llx\n", __func__,do { if (igmp_debug) printf ("%s: free ims 0x%llx\n", __func__
, (uint64_t)(((vm_offset_t)(ims) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(ims) + vm_kernel_addrperm)); } while (0)

1243

(uint64_t)VM_KERNEL_ADDRPERM(ims)))do { if (igmp_debug) printf ("%s: free ims 0x%llx\n", __func__
, (uint64_t)(((vm_offset_t)(ims) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(ims) + vm_kernel_addrperm)); } while (0);

1244

RB_REMOVE(ip_msource_tree, &inm->inm_srcs, ims)ip_msource_tree_RB_REMOVE(&inm->inm_srcs, ims);

1245

ipms_free(ims);

1246

inm->inm_nsrc--;

1247

}

1248

}

1249

1250

1251

* Purge all source nodes from an in_multi's filter set.

1252

1253

void

1254

inm_purge(struct in_multi *inm)

1255

{

1256

struct ip_msource *ims, *tims;

1257

1258

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

1259

1260

1261

1262

1263

RB_REMOVE(ip_msource_tree, &inm->inm_srcs, ims)ip_msource_tree_RB_REMOVE(&inm->inm_srcs, ims);

1264

ipms_free(ims);

1265

inm->inm_nsrc--;

1266

}

1267

}

1268

1269

1270

* Join a multicast group; real entry point.

1271

1272

* Only preserves atomicity at inm level.

1273

* NOTE: imf argument cannot be const due to sys/tree.h limitations.

1274

1275

* If the IGMP downcall fails, the group is not joined, and an error

1276

* code is returned.

1277

1278

static int

1279

in_joingroup(struct ifnet *ifp, const struct in_addr *gina,

1280

/*const*/ struct in_mfilter *imf, struct in_multi **pinm)

1281

{

1282

struct in_mfilter timf;

1283

struct in_multi *inm = NULL((void *)0);

1284

int error = 0;

1285

struct igmp_tparams itp;

1286

1287

IGMP_INET_PRINTF(*gina, ("%s: join %s on 0x%llx(%s))\n", __func__,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(*gina), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: join %s on 0x%llx(%s))\n"
, __func__, _igmp_inet_buf, (uint64_t)(((vm_offset_t)(ifp) ==
0) ? (vm_offset_t)(0) : (vm_offset_t)(ifp) + vm_kernel_addrperm
), ifp->if_xname); } } while (0)

1288

_igmp_inet_buf, (uint64_t)VM_KERNEL_ADDRPERM(ifp), if_name(ifp)))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(*gina), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: join %s on 0x%llx(%s))\n"
, __func__, _igmp_inet_buf, (uint64_t)(((vm_offset_t)(ifp) ==
0) ? (vm_offset_t)(0) : (vm_offset_t)(ifp) + vm_kernel_addrperm
), ifp->if_xname); } } while (0);

1289

1290

bzero(&itp, sizeof (itp));

1291

*pinm = NULL((void *)0);

1292

1293

1294

* If no imf was specified (i.e. kernel consumer),

1295

* fake one up and assume it is an ASM join.

1296

1297

if (imf == NULL((void *)0)) {

1298

imf_init(&timf, MCAST_UNDEFINED0, MCAST_EXCLUDE2);

1299

imf = &timf;

1300

}

1301

1302

error = in_getmulti(ifp, gina, &inm);

1303

if (error) {

1304

IGMP_PRINTF(("%s: in_getmulti() failure\n", __func__))do { if (igmp_debug) printf ("%s: in_getmulti() failure\n", __func__
); } while (0);

1305

return (error);

1306

}

1307

1308

IGMP_PRINTF(("%s: merge inm state\n", __func__))do { if (igmp_debug) printf ("%s: merge inm state\n", __func__
); } while (0);

1309

1310

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

1311

error = inm_merge(inm, imf);

1312

if (error) {

1313

IGMP_PRINTF(("%s: failed to merge inm state\n", __func__))do { if (igmp_debug) printf ("%s: failed to merge inm state\n"
, __func__); } while (0);

1314

goto out_inm_release;

1315

}

1316

1317

IGMP_PRINTF(("%s: doing igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: doing igmp downcall\n", __func__
); } while (0);

1318

error = igmp_change_state(inm, &itp);

1319

if (error) {

1320

IGMP_PRINTF(("%s: failed to update source\n", __func__))do { if (igmp_debug) printf ("%s: failed to update source\n",
__func__); } while (0);

1321

imf_rollback(imf);

1322

goto out_inm_release;

1323

}

1324

1325

out_inm_release:

1326

if (error) {

1327

IGMP_PRINTF(("%s: dropping ref on 0x%llx\n", __func__,do { if (igmp_debug) printf ("%s: dropping ref on 0x%llx\n", __func__
, (uint64_t)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(inm) + vm_kernel_addrperm)); } while (0)

1328

(uint64_t)VM_KERNEL_ADDRPERM(inm)))do { if (igmp_debug) printf ("%s: dropping ref on 0x%llx\n", __func__
, (uint64_t)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(inm) + vm_kernel_addrperm)); } while (0);

1329

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

1330

INM_REMREF(inm)inm_remref(inm, 0);

1331

} else {

1332

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

1333

*pinm = inm; /* keep refcount from in_getmulti() */

1334

}

1335

1336

/* schedule timer now that we've dropped the lock(s) */

1337

igmp_set_timeout(&itp);

1338

1339

return (error);

1340

}

1341

1342

1343

* Leave a multicast group; real entry point.

1344

* All source filters will be expunged.

1345

1346

* Only preserves atomicity at inm level.

1347

1348

* Note: This is not the same as inm_release(*) as this function also

1349

* makes a state change downcall into IGMP.

1350

1351

int

1352

in_leavegroup(struct in_multi *inm, /*const*/ struct in_mfilter *imf)

1353

{

1354

struct in_mfilter timf;

1355

int error, lastref;

1356

struct igmp_tparams itp;

1357

1358

bzero(&itp, sizeof (itp));

1359

error = 0;

1360

1361

INM_LOCK_ASSERT_NOTHELD(inm)lck_mtx_assert(&(inm)->inm_lock, 2);

1362

1363

in_multihead_lock_exclusive();

1364

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

1365

1366

IGMP_INET_PRINTF(inm->inm_addr,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(inm->inm_addr), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf
("%s: leave inm 0x%llx, %s/%s%d, imf 0x%llx\n", __func__, (uint64_t
)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t
)(inm) + vm_kernel_addrperm), _igmp_inet_buf, (inm_is_ifp_detached
(inm) ? "null" : inm->inm_ifp->if_name), inm->inm_ifp
->if_unit, (uint64_t)(((vm_offset_t)(imf) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(imf) + vm_kernel_addrperm)); } } while (
0)

1367

("%s: leave inm 0x%llx, %s/%s%d, imf 0x%llx\n", __func__,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(inm->inm_addr), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf
("%s: leave inm 0x%llx, %s/%s%d, imf 0x%llx\n", __func__, (uint64_t
)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t
)(inm) + vm_kernel_addrperm), _igmp_inet_buf, (inm_is_ifp_detached
(inm) ? "null" : inm->inm_ifp->if_name), inm->inm_ifp
->if_unit, (uint64_t)(((vm_offset_t)(imf) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(imf) + vm_kernel_addrperm)); } } while (
0)

1368

(uint64_t)VM_KERNEL_ADDRPERM(inm), _igmp_inet_buf,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(inm->inm_addr), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf
("%s: leave inm 0x%llx, %s/%s%d, imf 0x%llx\n", __func__, (uint64_t
)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t
)(inm) + vm_kernel_addrperm), _igmp_inet_buf, (inm_is_ifp_detached
(inm) ? "null" : inm->inm_ifp->if_name), inm->inm_ifp
->if_unit, (uint64_t)(((vm_offset_t)(imf) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(imf) + vm_kernel_addrperm)); } } while (
0)

1369

(inm_is_ifp_detached(inm) ? "null" : inm->inm_ifp->if_name),do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(inm->inm_addr), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf
("%s: leave inm 0x%llx, %s/%s%d, imf 0x%llx\n", __func__, (uint64_t
)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t
)(inm) + vm_kernel_addrperm), _igmp_inet_buf, (inm_is_ifp_detached
(inm) ? "null" : inm->inm_ifp->if_name), inm->inm_ifp
->if_unit, (uint64_t)(((vm_offset_t)(imf) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(imf) + vm_kernel_addrperm)); } } while (
0)

1370

inm->inm_ifp->if_unit, (uint64_t)VM_KERNEL_ADDRPERM(imf)))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(inm->inm_addr), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf
("%s: leave inm 0x%llx, %s/%s%d, imf 0x%llx\n", __func__, (uint64_t
)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t
)(inm) + vm_kernel_addrperm), _igmp_inet_buf, (inm_is_ifp_detached
(inm) ? "null" : inm->inm_ifp->if_name), inm->inm_ifp
->if_unit, (uint64_t)(((vm_offset_t)(imf) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(imf) + vm_kernel_addrperm)); } } while (
0);

1371

1372

1373

* If no imf was specified (i.e. kernel consumer),

1374

* fake one up and assume it is an ASM join.

1375

1376

if (imf == NULL((void *)0)) {

1377

imf_init(&timf, MCAST_EXCLUDE2, MCAST_UNDEFINED0);

1378

imf = &timf;

1379

}

1380

1381

1382

* Begin state merge transaction at IGMP layer.

1383

1384

* As this particular invocation should not cause any memory

1385

* to be allocated, and there is no opportunity to roll back

1386

* the transaction, it MUST NOT fail.

1387

1388

IGMP_PRINTF(("%s: merge inm state\n", __func__))do { if (igmp_debug) printf ("%s: merge inm state\n", __func__
); } while (0);

1389

1390

error = inm_merge(inm, imf);

1391

KASSERT(error == 0, ("%s: failed to merge inm state\n", __func__));

1392

1393

IGMP_PRINTF(("%s: doing igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: doing igmp downcall\n", __func__
); } while (0);

1394

error = igmp_change_state(inm, &itp);

1395

#if IGMP_DEBUG1

1396

if (error)

1397

IGMP_PRINTF(("%s: failed igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: failed igmp downcall\n", __func__
); } while (0);

1398

#endif

1399

lastref = in_multi_detach(inm);

1400

VERIFY(!lastref || (!(inm->inm_debug & IFD_ATTACHED) &&((void)(__builtin_expect(!!((long)((!lastref || (!(inm->inm_debug
& 0x1) && inm->inm_reqcnt == 0)))), 1L) || assfail
("!lastref || (!(inm->inm_debug & IFD_ATTACHED) && inm->inm_reqcnt == 0)"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 1401
)))

1401

inm->inm_reqcnt == 0))((void)(__builtin_expect(!!((long)((!lastref || (!(inm->inm_debug
& 0x1) && inm->inm_reqcnt == 0)))), 1L) || assfail
("!lastref || (!(inm->inm_debug & IFD_ATTACHED) && inm->inm_reqcnt == 0)"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 1401
)));

1402

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

1403

in_multihead_lock_done();

1404

1405

if (lastref)

1406

INM_REMREF(inm)inm_remref(inm, 0); /* for in_multihead list */

1407

1408

/* schedule timer now that we've dropped the lock(s) */

1409

igmp_set_timeout(&itp);

1410

1411

return (error);

1412

}

1413

1414

1415

* Join an IPv4 multicast group in (*,G) exclusive mode.

1416

* The group must be a 224.0.0.0/24 link-scope group.

1417

* This KPI is for legacy kernel consumers only.

1418

1419

struct in_multi *

1420

in_addmulti(struct in_addr *ap, struct ifnet *ifp)

1421

{

1422

struct in_multi *pinm = NULL((void *)0);

1423

int error;

1424

1425

KASSERT(IN_LOCAL_GROUP(ntohl(ap->s_addr)),

1426

("%s: %s not in 224.0.0.0/24\n", __func__, inet_ntoa(*ap)));

1427

1428

error = in_joingroup(ifp, ap, NULL((void *)0), &pinm);

1429

VERIFY(pinm != NULL || error != 0)((void)(__builtin_expect(!!((long)((pinm != ((void *)0) || error
!= 0))), 1L) || assfail("pinm != NULL || error != 0", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 1429)));

1430

1431

return (pinm);

1432

}

1433

1434

1435

* Leave an IPv4 multicast group, assumed to be in exclusive (*,G) mode.

1436

* This KPI is for legacy kernel consumers only.

1437

1438

void

1439

in_delmulti(struct in_multi *inm)

1440

{

1441

1442

(void) in_leavegroup(inm, NULL((void *)0));

1443

}

1444

1445

1446

* Block or unblock an ASM multicast source on an inpcb.

1447

* This implements the delta-based API described in RFC 3678.

1448

1449

* The delta-based API applies only to exclusive-mode memberships.

1450

* An IGMP downcall will be performed.

1451

1452

* Return 0 if successful, otherwise return an appropriate error code.

1453

1454

static int

1455

inp_block_unblock_source(struct inpcb *inp, struct sockopt *sopt)

1456

{

1457

struct group_source_req gsr;

1458

sockunion_t *gsa, *ssa;

1459

struct ifnet *ifp;

1460

struct in_mfilter *imf;

1461

struct ip_moptions *imo;

1462

struct in_msource *ims;

1463

struct in_multi *inm;

1464

size_t idx;

1465

uint16_t fmode;

1466

int error, doblock;

1467

unsigned int ifindex = 0;

1468

struct igmp_tparams itp;

1469

1470

bzero(&itp, sizeof (itp));

1471

ifp = NULL((void *)0);

1472

error = 0;

1473

doblock = 0;

1474

1475

memset(&gsr, 0, sizeof(struct group_source_req));

1476

gsa = (sockunion_t *)&gsr.gsr_group;

1477

ssa = (sockunion_t *)&gsr.gsr_source;

1478

1479

switch (sopt->sopt_name) {

1480

case IP_BLOCK_SOURCE72:

1481

case IP_UNBLOCK_SOURCE73: {

1482

struct ip_mreq_source mreqs;

1483

1484

error = sooptcopyin(sopt, &mreqs,

1485

sizeof(struct ip_mreq_source),

1486

sizeof(struct ip_mreq_source));

1487

if (error)

1488

return (error);

1489

1490

gsa->sin.sin_family = AF_INET2;

1491

gsa->sin.sin_len = sizeof(struct sockaddr_in);

1492

gsa->sin.sin_addr = mreqs.imr_multiaddr;

1493

1494

ssa->sin.sin_family = AF_INET2;

1495

ssa->sin.sin_len = sizeof(struct sockaddr_in);

1496

ssa->sin.sin_addr = mreqs.imr_sourceaddr;

1497

1498

if (!in_nullhost(mreqs.imr_interface)((mreqs.imr_interface).s_addr == (u_int32_t)0x00000000))

1499

ifp = ip_multicast_if(&mreqs.imr_interface, &ifindex);

1500

1501

if (sopt->sopt_name == IP_BLOCK_SOURCE72)

1502

doblock = 1;

1503

1504

IGMP_INET_PRINTF(mreqs.imr_interface,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(mreqs.imr_interface), _igmp_inet_buf, sizeof(_igmp_inet_buf)
); printf ("%s: imr_interface = %s, ifp = 0x%llx\n", __func__
, _igmp_inet_buf, (uint64_t)(((vm_offset_t)(ifp) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(ifp) + vm_kernel_addrperm)); } } while (
0)

1505

("%s: imr_interface = %s, ifp = 0x%llx\n", __func__,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(mreqs.imr_interface), _igmp_inet_buf, sizeof(_igmp_inet_buf)
); printf ("%s: imr_interface = %s, ifp = 0x%llx\n", __func__
, _igmp_inet_buf, (uint64_t)(((vm_offset_t)(ifp) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(ifp) + vm_kernel_addrperm)); } } while (
0)

1506

_igmp_inet_buf, (uint64_t)VM_KERNEL_ADDRPERM(ifp)))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(mreqs.imr_interface), _igmp_inet_buf, sizeof(_igmp_inet_buf)
); printf ("%s: imr_interface = %s, ifp = 0x%llx\n", __func__
, _igmp_inet_buf, (uint64_t)(((vm_offset_t)(ifp) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(ifp) + vm_kernel_addrperm)); } } while (
0);

1507

break;

1508

}

1509

1510

case MCAST_BLOCK_SOURCE84:

1511

case MCAST_UNBLOCK_SOURCE85:

1512

error = sooptcopyin(sopt, &gsr,

1513

sizeof(struct group_source_req),

1514

sizeof(struct group_source_req));

1515

if (error)

1516

return (error);

1517

1518

if (gsa->sin.sin_family != AF_INET2 ||

1519

gsa->sin.sin_len != sizeof(struct sockaddr_in))

1520

return (EINVAL22);

1521

1522

if (ssa->sin.sin_family != AF_INET2 ||

1523

ssa->sin.sin_len != sizeof(struct sockaddr_in))

1524

return (EINVAL22);

1525

1526

ifnet_head_lock_shared();

1527

if (gsr.gsr_interface == 0 ||

1528

(u_int)if_index < gsr.gsr_interface) {

1529

ifnet_head_done();

1530

return (EADDRNOTAVAIL49);

1531

}

1532

1533

ifp = ifindex2ifnet[gsr.gsr_interface];

1534

ifnet_head_done();

1535

1536

if (ifp == NULL((void *)0))

1537

return (EADDRNOTAVAIL49);

1538

1539

if (sopt->sopt_name == MCAST_BLOCK_SOURCE84)

1540

doblock = 1;

1541

break;

1542

1543

default:

1544

IGMP_PRINTF(("%s: unknown sopt_name %d\n",do { if (igmp_debug) printf ("%s: unknown sopt_name %d\n", __func__
, sopt->sopt_name); } while (0)

1545

__func__, sopt->sopt_name))do { if (igmp_debug) printf ("%s: unknown sopt_name %d\n", __func__
, sopt->sopt_name); } while (0);

1546

return (EOPNOTSUPP102);

1547

}

1548

1549

if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr))(((u_int32_t)((__builtin_constant_p(gsa->sin.sin_addr.s_addr
) ? ((__uint32_t)((((__uint32_t)(gsa->sin.sin_addr.s_addr)
& 0xff000000) >> 24) | (((__uint32_t)(gsa->sin.
sin_addr.s_addr) & 0x00ff0000) >> 8) | (((__uint32_t
)(gsa->sin.sin_addr.s_addr) & 0x0000ff00) << 8) |
(((__uint32_t)(gsa->sin.sin_addr.s_addr) & 0x000000ff
) << 24))) : _OSSwapInt32(gsa->sin.sin_addr.s_addr))
) & 0xf0000000) == 0xe0000000))

1550

return (EINVAL22);

1551

1552

1553

* Check if we are actually a member of this group.

1554

1555

imo = inp_findmoptions(inp);

1556

if (imo == NULL((void *)0))

1557

return (ENOMEM12);

1558

1559

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

1560

idx = imo_match_group(imo, ifp, &gsa->sa);

1561

if (idx == (size_t)-1 || imo->imo_mfilters == NULL((void *)0)) {

1562

error = EADDRNOTAVAIL49;

1563

goto out_imo_locked;

1564

}

1565

1566

VERIFY(imo->imo_mfilters != NULL)((void)(__builtin_expect(!!((long)((imo->imo_mfilters != (
(void *)0)))), 1L) || assfail("imo->imo_mfilters != NULL",
"/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 1566
)));

1567

imf = &imo->imo_mfilters[idx];

1568

inm = imo->imo_membership[idx];

1569

1570

1571

* Attempting to use the delta-based API on an

1572

* non exclusive-mode membership is an error.

1573

1574

fmode = imf->imf_st[0];

1575

if (fmode != MCAST_EXCLUDE2) {

1576

error = EINVAL22;

1577

goto out_imo_locked;

1578

}

1579

1580

1581

* Deal with error cases up-front:

1582

* Asked to block, but already blocked; or

1583

* Asked to unblock, but nothing to unblock.

1584

* If adding a new block entry, allocate it.

1585

1586

ims = imo_match_source(imo, idx, &ssa->sa);

1587

if ((ims != NULL((void *)0) && doblock) || (ims == NULL((void *)0) && !doblock)) {

1588

IGMP_INET_PRINTF(ssa->sin.sin_addr,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ssa->sin.sin_addr), _igmp_inet_buf, sizeof(_igmp_inet_buf
)); printf ("%s: source %s %spresent\n", __func__, _igmp_inet_buf
, doblock ? "" : "not "); } } while (0)

1589

("%s: source %s %spresent\n", __func__,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ssa->sin.sin_addr), _igmp_inet_buf, sizeof(_igmp_inet_buf
)); printf ("%s: source %s %spresent\n", __func__, _igmp_inet_buf
, doblock ? "" : "not "); } } while (0)

1590

_igmp_inet_buf, doblock ? "" : "not "))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ssa->sin.sin_addr), _igmp_inet_buf, sizeof(_igmp_inet_buf
)); printf ("%s: source %s %spresent\n", __func__, _igmp_inet_buf
, doblock ? "" : "not "); } } while (0);

1591

error = EADDRNOTAVAIL49;

1592

goto out_imo_locked;

1593

}

1594

1595

1596

* Begin state merge transaction at socket layer.

1597

1598

if (doblock) {

1599

IGMP_PRINTF(("%s: %s source\n", __func__, "block"))do { if (igmp_debug) printf ("%s: %s source\n", __func__, "block"
); } while (0);

1600

ims = imf_graft(imf, fmode, &ssa->sin);

1601

if (ims == NULL((void *)0))

1602

error = ENOMEM12;

1603

} else {

1604

IGMP_PRINTF(("%s: %s source\n", __func__, "allow"))do { if (igmp_debug) printf ("%s: %s source\n", __func__, "allow"
); } while (0);

1605

error = imf_prune(imf, &ssa->sin);

1606

}

1607

1608

if (error) {

1609

IGMP_PRINTF(("%s: merge imf state failed\n", __func__))do { if (igmp_debug) printf ("%s: merge imf state failed\n", __func__
); } while (0);

1610

goto out_imf_rollback;

1611

}

1612

1613

1614

* Begin state merge transaction at IGMP layer.

1615

1616

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

1617

IGMP_PRINTF(("%s: merge inm state\n", __func__))do { if (igmp_debug) printf ("%s: merge inm state\n", __func__
); } while (0);

1618

error = inm_merge(inm, imf);

1619

if (error) {

1620

IGMP_PRINTF(("%s: failed to merge inm state\n", __func__))do { if (igmp_debug) printf ("%s: failed to merge inm state\n"
, __func__); } while (0);

1621

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

1622

goto out_imf_rollback;

1623

}

1624

1625

IGMP_PRINTF(("%s: doing igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: doing igmp downcall\n", __func__
); } while (0);

1626

error = igmp_change_state(inm, &itp);

1627

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

1628

#if IGMP_DEBUG1

1629

if (error)

1630

IGMP_PRINTF(("%s: failed igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: failed igmp downcall\n", __func__
); } while (0);

1631

#endif

1632

1633

out_imf_rollback:

1634

if (error)

1635

imf_rollback(imf);

1636

else

1637

imf_commit(imf);

1638

1639

imf_reap(imf);

1640

1641

out_imo_locked:

1642

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

1643

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

1644

1645

/* schedule timer now that we've dropped the lock(s) */

1646

igmp_set_timeout(&itp);

1647

1648

return (error);

1649

}

1650

1651

1652

* Given an inpcb, return its multicast options structure pointer.

1653

1654

* Caller is responsible for locking the inpcb, and releasing the

1655

* extra reference held on the imo, upon a successful return.

1656

1657

static struct ip_moptions *

1658

inp_findmoptions(struct inpcb *inp)

1659

{

1660

struct ip_moptions *imo;

1661

struct in_multi **immp;

1662

struct in_mfilter *imfp;

1663

size_t idx;

1664

1665

if ((imo = inp->inp_moptionsinp_depend4.inp4_moptions) != NULL((void *)0)) {

1666

IMO_ADDREF(imo)imo_addref(imo, 0); /* for caller */

1667

return (imo);

1668

}

1669

1670

imo = ip_allocmoptions(M_WAITOK0x0000);

1671

if (imo == NULL((void *)0))

1672

return (NULL((void *)0));

1673

1674

immp = _MALLOC(sizeof (*immp) * IP_MIN_MEMBERSHIPS, M_IPMOPTS,({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __MALLOC(sizeof (*immp) * 31, 53, 0x0000 | 0x0004, &
site); })

1675

M_WAITOK | M_ZERO)({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __MALLOC(sizeof (*immp) * 31, 53, 0x0000 | 0x0004, &
site); });

1676

if (immp == NULL((void *)0)) {

1677

IMO_REMREF(imo)imo_remref(imo);

1678

return (NULL((void *)0));

1679

}

1680

1681

imfp = _MALLOC(sizeof (struct in_mfilter) * IP_MIN_MEMBERSHIPS,({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __MALLOC(sizeof (struct in_mfilter) * 31, 110, 0x0000 | 0x0004
, &site); })

1682

M_INMFILTER, M_WAITOK | M_ZERO)({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __MALLOC(sizeof (struct in_mfilter) * 31, 110, 0x0000 | 0x0004
, &site); });

1683

if (imfp == NULL((void *)0)) {

1684

_FREE(immp, M_IPMOPTS53);

1685

IMO_REMREF(imo)imo_remref(imo);

1686

return (NULL((void *)0));

1687

}

1688

1689

imo->imo_multicast_ifp = NULL((void *)0);

1690

imo->imo_multicast_addr.s_addr = INADDR_ANY(u_int32_t)0x00000000;

1691

imo->imo_multicast_vif = -1;

1692

imo->imo_multicast_ttl = IP_DEFAULT_MULTICAST_TTL1;

1693

imo->imo_multicast_loop = in_mcast_loop;

1694

imo->imo_num_memberships = 0;

1695

imo->imo_max_memberships = IP_MIN_MEMBERSHIPS31;

1696

imo->imo_membership = immp;

1697

1698

/* Initialize per-group source filters. */

1699

for (idx = 0; idx < IP_MIN_MEMBERSHIPS31; idx++)

1700

imf_init(&imfp[idx], MCAST_UNDEFINED0, MCAST_EXCLUDE2);

1701

1702

imo->imo_mfilters = imfp;

1703

inp->inp_moptionsinp_depend4.inp4_moptions = imo; /* keep reference from ip_allocmoptions() */

1704

IMO_ADDREF(imo)imo_addref(imo, 0); /* for caller */

1705

1706

return (imo);

1707

}

1708

1709

* Atomically get source filters on a socket for an IPv4 multicast group.

1710

1711

static int

1712

inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt)

1713

{

1714

struct __msfilterreq64 msfr, msfr64;

1715

struct __msfilterreq32 msfr32;

1716

sockunion_t *gsa;

1717

struct ifnet *ifp;

1718

struct ip_moptions *imo;

1719

struct in_mfilter *imf;

1720

struct ip_msource *ims;

1721

struct in_msource *lims;

1722

struct sockaddr_in *psin;

1723

struct sockaddr_storage *ptss;

1724

struct sockaddr_storage *tss;

1725

int error;

1726

size_t idx, nsrcs, ncsrcs;

1727

user_addr_t tmp_ptr;

1728

1729

imo = inp->inp_moptionsinp_depend4.inp4_moptions;

1730

VERIFY(imo != NULL)((void)(__builtin_expect(!!((long)((imo != ((void *)0)))), 1L
) || assfail("imo != NULL", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 1730)));

1731

1732

if (IS_64BIT_PROCESS(current_proc())) {

Taking true branch

→

1733

error = sooptcopyin(sopt, &msfr64,

1734

sizeof(struct __msfilterreq64),

1735

sizeof(struct __msfilterreq64));

1736

if (error)

←

Assuming 'error' is 0

→

←

Taking false branch

→

1737

return (error);

1738

/* we never use msfr.msfr_srcs; */

1739

memcpy(&msfr, &msfr64, sizeof(msfr64));

1740

} else {

1741

error = sooptcopyin(sopt, &msfr32,

1742

sizeof(struct __msfilterreq32),

1743

sizeof(struct __msfilterreq32));

1744

if (error)

1745

return (error);

1746

/* we never use msfr.msfr_srcs; */

1747

memcpy(&msfr, &msfr32, sizeof(msfr32));

1748

}

1749

1750

ifnet_head_lock_shared();

1751

if (msfr.msfr_ifindex == 0 || (u_int)if_index < msfr.msfr_ifindex) {

←

Taking false branch

→

1752

ifnet_head_done();

1753

return (EADDRNOTAVAIL49);

1754

}

1755

1756

ifp = ifindex2ifnet[msfr.msfr_ifindex];

1757

ifnet_head_done();

1758

1759

if (ifp == NULL((void *)0))

←

Assuming 'ifp' is not equal to null

→

←

Taking false branch

→

1760

return (EADDRNOTAVAIL49);

1761

1762

if ((size_t) msfr.msfr_nsrcs >

←

Taking false branch

→

1763

UINT32_MAX4294967295U / sizeof(struct sockaddr_storage))

1764

msfr.msfr_nsrcs = UINT32_MAX4294967295U / sizeof(struct sockaddr_storage);

1765

1766

if (msfr.msfr_nsrcs > in_mcast_maxsocksrc)

←

Taking false branch

→

1767

msfr.msfr_nsrcs = in_mcast_maxsocksrc;

1768

1769

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

1770

1771

* Lookup group on the socket.

1772

1773

gsa = (sockunion_t *)&msfr.msfr_group;

1774

idx = imo_match_group(imo, ifp, &gsa->sa);

1775

if (idx == (size_t)-1 || imo->imo_mfilters == NULL((void *)0)) {

←

Taking false branch

→

1776

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

1777

return (EADDRNOTAVAIL49);

1778

}

1779

imf = &imo->imo_mfilters[idx];

1780

1781

1782

* Ignore memberships which are in limbo.

1783

1784

if (imf->imf_st[1] == MCAST_UNDEFINED0) {

←

Taking false branch

→

1785

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

1786

return (EAGAIN35);

1787

}

1788

msfr.msfr_fmode = imf->imf_st[1];

1789

1790

1791

* If the user specified a buffer, copy out the source filter

1792

* entries to userland gracefully.

1793

* We only copy out the number of entries which userland

1794

* has asked for, but we always tell userland how big the

1795

* buffer really needs to be.

1796

1797

1798

if (IS_64BIT_PROCESS(current_proc()))

←

Taking false branch

→

1799

tmp_ptr = msfr64.msfr_srcs;

1800

else

1801

tmp_ptr = CAST_USER_ADDR_T(msfr32.msfr_srcs)((user_addr_t)((uintptr_t)(msfr32.msfr_srcs)));

1802

1803

tss = NULL((void *)0);

1804

if (tmp_ptr != USER_ADDR_NULL((user_addr_t) 0) && msfr.msfr_nsrcs > 0) {

1805

tss = _MALLOC((size_t) msfr.msfr_nsrcs * sizeof(*tss),({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __MALLOC((size_t) msfr.msfr_nsrcs * sizeof(*tss), 80, 0x0000
| 0x0004, &site); })

1806

M_TEMP, M_WAITOK | M_ZERO)({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __MALLOC((size_t) msfr.msfr_nsrcs * sizeof(*tss), 80, 0x0000
| 0x0004, &site); });

1807

if (tss == NULL((void *)0)) {

1808

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

1809

return (ENOBUFS55);

1810

}

1811

}

1812

1813

1814

* Count number of sources in-mode at t0.

1815

* If buffer space exists and remains, copy out source entries.

1816

1817

nsrcs = msfr.msfr_nsrcs;

1818

ncsrcs = 0;

1819

ptss = tss;

1820

RB_FOREACH(ims, ip_msource_tree, &imf->imf_sources)for ((ims) = ip_msource_tree_RB_MINMAX(&imf->imf_sources
, -1); (ims) != ((void *)0); (ims) = ip_msource_tree_RB_NEXT(
ims)) {

1821

lims = (struct in_msource *)ims;

1822

if (lims->imsl_st[0] == MCAST_UNDEFINED0 ||

1823

lims->imsl_st[0] != imf->imf_st[0])

1824

continue;

1825

if (tss != NULL((void *)0) && nsrcs > 0) {

1826

psin = (struct sockaddr_in *)ptss;

1827

psin->sin_family = AF_INET2;

1828

psin->sin_len = sizeof(struct sockaddr_in);

1829

psin->sin_addr.s_addr = htonl(lims->ims_haddr)(__builtin_constant_p(lims->ims_haddr) ? ((__uint32_t)((((
__uint32_t)(lims->ims_haddr) & 0xff000000) >> 24
) | (((__uint32_t)(lims->ims_haddr) & 0x00ff0000) >>
8) | (((__uint32_t)(lims->ims_haddr) & 0x0000ff00) <<
8) | (((__uint32_t)(lims->ims_haddr) & 0x000000ff) <<
24))) : _OSSwapInt32(lims->ims_haddr));

1830

psin->sin_port = 0;

1831

++ptss;

1832

--nsrcs;

1833

++ncsrcs;

1834

}

1835

}

1836

1837

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

1838

1839

if (tss != NULL((void *)0)) {

←

Taking false branch

→

1840

error = copyout(tss, tmp_ptr, ncsrcs * sizeof(*tss));

1841

FREE(tss, M_TEMP)_FREE((void *)tss, 80);

1842

if (error)

1843

return (error);

1844

}

1845

1846

msfr.msfr_nsrcs = ncsrcs;

1847

if (IS_64BIT_PROCESS(current_proc())) {

←

Taking false branch

→

1848

msfr64.msfr_ifindex = msfr.msfr_ifindex;

1849

msfr64.msfr_fmode = msfr.msfr_fmode;

1850

msfr64.msfr_nsrcs = msfr.msfr_nsrcs;

1851

memcpy(&msfr64.msfr_group, &msfr.msfr_group,

1852

sizeof(struct sockaddr_storage));

1853

error = sooptcopyout(sopt, &msfr64,

1854

sizeof(struct __msfilterreq64));

1855

} else {

1856

msfr32.msfr_ifindex = msfr.msfr_ifindex;

1857

msfr32.msfr_fmode = msfr.msfr_fmode;

1858

msfr32.msfr_nsrcs = msfr.msfr_nsrcs;

1859

memcpy(&msfr32.msfr_group, &msfr.msfr_group,

1860

sizeof(struct sockaddr_storage));

1861

error = sooptcopyout(sopt, &msfr32,

←

Copies out a struct with untouched element(s): __msfr_align, msfr_srcs

1862

sizeof(struct __msfilterreq32));

1863

}

1864

1865

return (error);

1866

}

1867

1868

1869

* Return the IP multicast options in response to user getsockopt().

1870

1871

int

1872

inp_getmoptions(struct inpcb *inp, struct sockopt *sopt)

1873

{

1874

struct ip_mreqn mreqn;

1875

struct ip_moptions *imo;

1876

struct ifnet *ifp;

1877

struct in_ifaddr *ia;

1878

int error, optval;

1879

unsigned int ifindex;

1880

u_char coptval;

1881

1882

imo = inp->inp_moptionsinp_depend4.inp4_moptions;

1883

1884

* If socket is neither of type SOCK_RAW or SOCK_DGRAM,

1885

* or is a divert socket, reject it.

1886

1887

if (SOCK_PROTO(inp->inp_socket)((inp->inp_socket)->so_proto->pr_protocol) == IPPROTO_DIVERT254 ||

1888

(SOCK_TYPE(inp->inp_socket)((inp->inp_socket)->so_proto->pr_type) != SOCK_RAW3 &&

1889

SOCK_TYPE(inp->inp_socket)((inp->inp_socket)->so_proto->pr_type) != SOCK_DGRAM2)) {

1890

return (EOPNOTSUPP102);

1891

}

1892

1893

error = 0;

1894

switch (sopt->sopt_name) {

1895

case IP_MULTICAST_IF9:

1896

memset(&mreqn, 0, sizeof(struct ip_mreqn));

1897

if (imo != NULL((void *)0)) {

1898

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

1899

ifp = imo->imo_multicast_ifp;

1900

if (!in_nullhost(imo->imo_multicast_addr)((imo->imo_multicast_addr).s_addr == (u_int32_t)0x00000000
)) {

1901

mreqn.imr_address = imo->imo_multicast_addr;

1902

} else if (ifp != NULL((void *)0)) {

1903

mreqn.imr_ifindex = ifp->if_index;

1904

IFP_TO_IA(ifp, ia){ lck_rw_lock_shared(in_ifaddr_rwlock); for ((ia) = ((&in_ifaddrhead
)->tqh_first); (ia) != ((void *)0) && (ia)->ia_ifa
.ifa_ifp != (ifp); (ia) = (((ia))->ia_link.tqe_next)) continue
; if ((ia) != ((void *)0)) ifa_addref(&(ia)->ia_ifa, 0
); lck_rw_done(in_ifaddr_rwlock); };

1905

if (ia != NULL((void *)0)) {

1906

IFA_LOCK_SPIN(&ia->ia_ifa)lck_mtx_lock_spin(&(&ia->ia_ifa)->ifa_lock);

1907

mreqn.imr_address =

1908

IA_SIN(ia)(&(((struct in_ifaddr *)(ia))->ia_addr))->sin_addr;

1909

IFA_UNLOCK(&ia->ia_ifa)lck_mtx_unlock(&(&ia->ia_ifa)->ifa_lock);

1910

IFA_REMREF(&ia->ia_ifa)do { (void) ifa_remref(&ia->ia_ifa, 0); } while (0);

1911

}

1912

}

1913

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

1914

}

1915

if (sopt->sopt_valsize == sizeof(struct ip_mreqn)) {

1916

error = sooptcopyout(sopt, &mreqn,

1917

sizeof(struct ip_mreqn));

1918

} else {

1919

error = sooptcopyout(sopt, &mreqn.imr_address,

1920

sizeof(struct in_addr));

1921

}

1922

break;

1923

1924

case IP_MULTICAST_IFINDEX66:

1925

if (imo != NULL((void *)0))

1926

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

1927

if (imo == NULL((void *)0) || imo->imo_multicast_ifp == NULL((void *)0)) {

1928

ifindex = 0;

1929

} else {

1930

ifindex = imo->imo_multicast_ifp->if_index;

1931

}

1932

if (imo != NULL((void *)0))

1933

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

1934

error = sooptcopyout(sopt, &ifindex, sizeof (ifindex));

1935

break;

1936

1937

case IP_MULTICAST_TTL10:

1938

if (imo == NULL((void *)0))

1939

optval = coptval = IP_DEFAULT_MULTICAST_TTL1;

1940

else {

1941

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

1942

optval = coptval = imo->imo_multicast_ttl;

1943

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

1944

}

1945

if (sopt->sopt_valsize == sizeof(u_char))

1946

error = sooptcopyout(sopt, &coptval, sizeof(u_char));

1947

else

1948

error = sooptcopyout(sopt, &optval, sizeof(int));

1949

break;

1950

1951

case IP_MULTICAST_LOOP11:

1952

if (imo == 0)

1953

optval = coptval = IP_DEFAULT_MULTICAST_LOOP1;

1954

else {

1955

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

1956

optval = coptval = imo->imo_multicast_loop;

1957

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

1958

}

1959

if (sopt->sopt_valsize == sizeof(u_char))

1960

error = sooptcopyout(sopt, &coptval, sizeof(u_char));

1961

else

1962

error = sooptcopyout(sopt, &optval, sizeof(int));

1963

break;

1964

1965

case IP_MSFILTER74:

1966

if (imo == NULL((void *)0)) {

1967

error = EADDRNOTAVAIL49;

1968

} else {

1969

error = inp_get_source_filters(inp, sopt);

1970

}

1971

break;

1972

1973

default:

1974

error = ENOPROTOOPT42;

1975

break;

1976

}

1977

1978

return (error);

1979

}

1980

1981

1982

* Look up the ifnet to use for a multicast group membership,

1983

* given the IPv4 address of an interface, and the IPv4 group address.

1984

1985

* This routine exists to support legacy multicast applications

1986

* which do not understand that multicast memberships are scoped to

1987

* specific physical links in the networking stack, or which need

1988

* to join link-scope groups before IPv4 addresses are configured.

1989

1990

* If inp is non-NULL and is bound to an interface, use this socket's

1991

* inp_boundif for any required routing table lookup.

1992

1993

* If the route lookup fails, attempt to use the first non-loopback

1994

* interface with multicast capability in the system as a

1995

* last resort. The legacy IPv4 ASM API requires that we do

1996

* this in order to allow groups to be joined when the routing

1997

* table has not yet been populated during boot.

1998

1999

* Returns NULL if no ifp could be found.

2000

2001

2002

static struct ifnet *

2003

inp_lookup_mcast_ifp(const struct inpcb *inp,

2004

const struct sockaddr_in *gsin, const struct in_addr ina)

2005

{

2006

struct ifnet *ifp;

2007

unsigned int ifindex = 0;

2008

2009

VERIFY(gsin->sin_family == AF_INET)((void)(__builtin_expect(!!((long)((gsin->sin_family == 2)
)), 1L) || assfail("gsin->sin_family == AF_INET", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 2009)));

2010

VERIFY(IN_MULTICAST(ntohl(gsin->sin_addr.s_addr)))((void)(__builtin_expect(!!((long)(((((u_int32_t)((__builtin_constant_p
(gsin->sin_addr.s_addr) ? ((__uint32_t)((((__uint32_t)(gsin
->sin_addr.s_addr) & 0xff000000) >> 24) | (((__uint32_t
)(gsin->sin_addr.s_addr) & 0x00ff0000) >> 8) | (
((__uint32_t)(gsin->sin_addr.s_addr) & 0x0000ff00) <<
8) | (((__uint32_t)(gsin->sin_addr.s_addr) & 0x000000ff
) << 24))) : _OSSwapInt32(gsin->sin_addr.s_addr))) &
0xf0000000) == 0xe0000000)))), 1L) || assfail("IN_MULTICAST(ntohl(gsin->sin_addr.s_addr))"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 2010
)));

2011

2012

ifp = NULL((void *)0);

2013

if (!in_nullhost(ina)((ina).s_addr == (u_int32_t)0x00000000)) {

2014

struct in_addr new_ina;

2015

memcpy(&new_ina, &ina, sizeof(struct in_addr));

2016

ifp = ip_multicast_if(&new_ina, &ifindex);

2017

} else {

2018

struct route ro;

2019

unsigned int ifscope = IFSCOPE_NONE0;

2020

2021

if (inp != NULL((void *)0) && (inp->inp_flags & INP_BOUND_IF0x00004000))

2022

ifscope = inp->inp_boundifp->if_index;

2023

2024

bzero(&ro, sizeof (ro));

2025

memcpy(&ro.ro_dst, gsin, sizeof(struct sockaddr_in));

2026

rtalloc_scoped_ign(&ro, 0, ifscope);

2027

if (ro.ro_rt != NULL((void *)0)) {

2028

ifp = ro.ro_rt->rt_ifp;

2029

VERIFY(ifp != NULL)((void)(__builtin_expect(!!((long)((ifp != ((void *)0)))), 1L
) || assfail("ifp != NULL", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 2029)));

2030

} else {

2031

struct in_ifaddr *ia;

2032

struct ifnet *mifp;

2033

2034

mifp = NULL((void *)0);

2035

lck_rw_lock_shared(in_ifaddr_rwlock);

2036

TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link)for ((ia) = (((&in_ifaddrhead))->tqh_first); (ia); (ia
) = (((ia))->ia_link.tqe_next)) {

2037

IFA_LOCK_SPIN(&ia->ia_ifa)lck_mtx_lock_spin(&(&ia->ia_ifa)->ifa_lock);

2038

mifp = ia->ia_ifpia_ifa.ifa_ifp;

2039

IFA_UNLOCK(&ia->ia_ifa)lck_mtx_unlock(&(&ia->ia_ifa)->ifa_lock);

2040

if (!(mifp->if_flags & IFF_LOOPBACK0x8) &&

2041

(mifp->if_flags & IFF_MULTICAST0x8000)) {

2042

ifp = mifp;

2043

break;

2044

}

2045

}

2046

lck_rw_done(in_ifaddr_rwlock);

2047

}

2048

ROUTE_RELEASE(&ro)do { if ((&ro)->ro_rt != ((void *)0)) { lck_mtx_assert
(&((&ro)->ro_rt)->rt_lock, 2); if (0) rtfree_locked
((&ro)->ro_rt); else rtfree((&ro)->ro_rt); (&
ro)->ro_rt = ((void *)0); } if ((&ro)->ro_srcia != (
(void *)0)) { do { (void) ifa_remref((&ro)->ro_srcia, 0
); } while (0); (&ro)->ro_srcia = ((void *)0); (&ro
)->ro_flags &= ~0x1; } } while (0);

2049

}

2050

2051

return (ifp);

2052

}

2053

2054

2055

* Join an IPv4 multicast group, possibly with a source.

2056

2057

* NB: sopt->sopt_val might point to the kernel address space. This means that

2058

* we were called by the IPv6 stack due to the presence of an IPv6 v4 mapped

2059

* address. In this scenario, sopt_p points to kernproc and sooptcopyin() will

2060

* just issue an in-kernel memcpy.

2061

2062

int

2063

inp_join_group(struct inpcb *inp, struct sockopt *sopt)

2064

{

2065

struct group_source_req gsr;

2066

sockunion_t *gsa, *ssa;

2067

struct ifnet *ifp;

2068

struct in_mfilter *imf;

2069

struct ip_moptions *imo;

2070

struct in_multi *inm = NULL((void *)0);

2071

struct in_msource *lims;

2072

size_t idx;

2073

int error, is_new;

2074

struct igmp_tparams itp;

2075

2076

bzero(&itp, sizeof (itp));

2077

ifp = NULL((void *)0);

2078

imf = NULL((void *)0);

2079

error = 0;

2080

is_new = 0;

2081

2082

memset(&gsr, 0, sizeof(struct group_source_req));

2083

gsa = (sockunion_t *)&gsr.gsr_group;

2084

gsa->ss.ss_family = AF_UNSPEC0;

2085

ssa = (sockunion_t *)&gsr.gsr_source;

2086

ssa->ss.ss_family = AF_UNSPEC0;

2087

2088

switch (sopt->sopt_name) {

2089

case IP_ADD_MEMBERSHIP12:

2090

case IP_ADD_SOURCE_MEMBERSHIP70: {

2091

struct ip_mreq_source mreqs;

2092

2093

if (sopt->sopt_name == IP_ADD_MEMBERSHIP12) {

2094

error = sooptcopyin(sopt, &mreqs,

2095

sizeof(struct ip_mreq),

2096

sizeof(struct ip_mreq));

2097

2098

* Do argument switcharoo from ip_mreq into

2099

* ip_mreq_source to avoid using two instances.

2100

2101

mreqs.imr_interface = mreqs.imr_sourceaddr;

2102

mreqs.imr_sourceaddr.s_addr = INADDR_ANY(u_int32_t)0x00000000;

2103

} else if (sopt->sopt_name == IP_ADD_SOURCE_MEMBERSHIP70) {

2104

error = sooptcopyin(sopt, &mreqs,

2105

sizeof(struct ip_mreq_source),

2106

sizeof(struct ip_mreq_source));

2107

}

2108

if (error) {

2109

IGMP_PRINTF(("%s: error copyin IP_ADD_MEMBERSHIP/"do { if (igmp_debug) printf ("%s: error copyin IP_ADD_MEMBERSHIP/"
"IP_ADD_SOURCE_MEMBERSHIP %d err=%d\n", __func__, sopt->sopt_name
, error); } while (0)

2110

"IP_ADD_SOURCE_MEMBERSHIP %d err=%d\n",do { if (igmp_debug) printf ("%s: error copyin IP_ADD_MEMBERSHIP/"
"IP_ADD_SOURCE_MEMBERSHIP %d err=%d\n", __func__, sopt->sopt_name
, error); } while (0)

2111

__func__, sopt->sopt_name, error))do { if (igmp_debug) printf ("%s: error copyin IP_ADD_MEMBERSHIP/"
"IP_ADD_SOURCE_MEMBERSHIP %d err=%d\n", __func__, sopt->sopt_name
, error); } while (0);

2112

return (error);

2113

}

2114

2115

gsa->sin.sin_family = AF_INET2;

2116

gsa->sin.sin_len = sizeof(struct sockaddr_in);

2117

gsa->sin.sin_addr = mreqs.imr_multiaddr;

2118

2119

if (sopt->sopt_name == IP_ADD_SOURCE_MEMBERSHIP70) {

2120

ssa->sin.sin_family = AF_INET2;

2121

ssa->sin.sin_len = sizeof(struct sockaddr_in);

2122

ssa->sin.sin_addr = mreqs.imr_sourceaddr;

2123

}

2124

2125

2126

return (EINVAL22);

2127

2128

ifp = inp_lookup_mcast_ifp(inp, &gsa->sin,

2129

mreqs.imr_interface);

2130

2131

2132

2133

break;

2134

}

2135

2136

case MCAST_JOIN_GROUP80:

2137

case MCAST_JOIN_SOURCE_GROUP82:

2138

if (sopt->sopt_name == MCAST_JOIN_GROUP80) {

2139

error = sooptcopyin(sopt, &gsr,

2140

sizeof(struct group_req),

2141

sizeof(struct group_req));

2142

} else if (sopt->sopt_name == MCAST_JOIN_SOURCE_GROUP82) {

2143

error = sooptcopyin(sopt, &gsr,

2144

sizeof(struct group_source_req),

2145

sizeof(struct group_source_req));

2146

}

2147

if (error)

2148

return (error);

2149

2150

if (gsa->sin.sin_family != AF_INET2 ||

2151

gsa->sin.sin_len != sizeof(struct sockaddr_in))

2152

return (EINVAL22);

2153

2154

2155

* Overwrite the port field if present, as the sockaddr

2156

* being copied in may be matched with a binary comparison.

2157

2158

gsa->sin.sin_port = 0;

2159

if (sopt->sopt_name == MCAST_JOIN_SOURCE_GROUP82) {

2160

if (ssa->sin.sin_family != AF_INET2 ||

2161

ssa->sin.sin_len != sizeof(struct sockaddr_in))

2162

return (EINVAL22);

2163

ssa->sin.sin_port = 0;

2164

}

2165

2166

2167

return (EINVAL22);

2168

2169

ifnet_head_lock_shared();

2170

if (gsr.gsr_interface == 0 ||

2171

(u_int)if_index < gsr.gsr_interface) {

2172

ifnet_head_done();

2173

return (EADDRNOTAVAIL49);

2174

}

2175

ifp = ifindex2ifnet[gsr.gsr_interface];

2176

ifnet_head_done();

2177

2178

break;

2179

2180

default:

2181

IGMP_PRINTF(("%s: unknown sopt_name %d\n",do { if (igmp_debug) printf ("%s: unknown sopt_name %d\n", __func__
, sopt->sopt_name); } while (0)

2182

__func__, sopt->sopt_name))do { if (igmp_debug) printf ("%s: unknown sopt_name %d\n", __func__
, sopt->sopt_name); } while (0);

2183

return (EOPNOTSUPP102);

2184

}

2185

2186

if (ifp == NULL((void *)0) || (ifp->if_flags & IFF_MULTICAST0x8000) == 0)

2187

return (EADDRNOTAVAIL49);

2188

2189

imo = inp_findmoptions(inp);

2190

if (imo == NULL((void *)0))

2191

return (ENOMEM12);

2192

2193

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

2194

idx = imo_match_group(imo, ifp, &gsa->sa);

2195

if (idx == (size_t)-1) {

2196

is_new = 1;

2197

} else {

2198

inm = imo->imo_membership[idx];

2199

imf = &imo->imo_mfilters[idx];

2200

if (ssa->ss.ss_family != AF_UNSPEC0) {

2201

2202

* MCAST_JOIN_SOURCE_GROUP on an exclusive membership

2203

* is an error. On an existing inclusive membership,

2204

* it just adds the source to the filter list.

2205

2206

if (imf->imf_st[1] != MCAST_INCLUDE1) {

2207

error = EINVAL22;

2208

goto out_imo_locked;

2209

}

2210

2211

* Throw out duplicates.

2212

2213

* XXX FIXME: This makes a naive assumption that

2214

* even if entries exist for *ssa in this imf,

2215

* they will be rejected as dupes, even if they

2216

* are not valid in the current mode (in-mode).

2217

2218

* in_msource is transactioned just as for anything

2219

* else in SSM -- but note naive use of inm_graft()

2220

* below for allocating new filter entries.

2221

2222

* This is only an issue if someone mixes the

2223

* full-state SSM API with the delta-based API,

2224

* which is discouraged in the relevant RFCs.

2225

2226

lims = imo_match_source(imo, idx, &ssa->sa);

2227

if (lims != NULL((void *)0) /*&&

2228

lims->imsl_st[1] == MCAST_INCLUDE*/) {

2229

error = EADDRNOTAVAIL49;

2230

goto out_imo_locked;

2231

}

2232

} else {

2233

2234

* MCAST_JOIN_GROUP on an existing exclusive

2235

* membership is an error; return EADDRINUSE

2236

* to preserve 4.4BSD API idempotence, and

2237

* avoid tedious detour to code below.

2238

* NOTE: This is bending RFC 3678 a bit.

2239

2240

* On an existing inclusive membership, this is also

2241

* an error; if you want to change filter mode,

2242

* you must use the userland API setsourcefilter().

2243

* XXX We don't reject this for imf in UNDEFINED

2244

* state at t1, because allocation of a filter

2245

* is atomic with allocation of a membership.

2246

2247

error = EINVAL22;

2248

/* See comments above for EADDRINUSE */

2249

if (imf->imf_st[1] == MCAST_EXCLUDE2)

2250

error = EADDRINUSE48;

2251

goto out_imo_locked;

2252

}

2253

}

2254

2255

2256

* Begin state merge transaction at socket layer.

2257

2258

2259

if (is_new) {

2260

if (imo->imo_num_memberships == imo->imo_max_memberships) {

2261

error = imo_grow(imo, 0);

2262

if (error)

2263

goto out_imo_locked;

2264

}

2265

2266

* Allocate the new slot upfront so we can deal with

2267

* grafting the new source filter in same code path

2268

* as for join-source on existing membership.

2269

2270

idx = imo->imo_num_memberships;

2271

imo->imo_membership[idx] = NULL((void *)0);

2272

imo->imo_num_memberships++;

2273

2274

imf = &imo->imo_mfilters[idx];

2275

2276

}

2277

2278

2279

* Graft new source into filter list for this inpcb's

2280

* membership of the group. The in_multi may not have

2281

* been allocated yet if this is a new membership, however,

2282

* the in_mfilter slot will be allocated and must be initialized.

2283

2284

if (ssa->ss.ss_family != AF_UNSPEC0) {

2285

/* Membership starts in IN mode */

2286

if (is_new) {

2287

IGMP_PRINTF(("%s: new join w/source\n", __func__))do { if (igmp_debug) printf ("%s: new join w/source\n", __func__
); } while (0);

2288

imf_init(imf, MCAST_UNDEFINED0, MCAST_INCLUDE1);

2289

} else {

2290

IGMP_PRINTF(("%s: %s source\n", __func__, "allow"))do { if (igmp_debug) printf ("%s: %s source\n", __func__, "allow"
); } while (0);

2291

}

2292

lims = imf_graft(imf, MCAST_INCLUDE1, &ssa->sin);

2293

if (lims == NULL((void *)0)) {

2294

IGMP_PRINTF(("%s: merge imf state failed\n",do { if (igmp_debug) printf ("%s: merge imf state failed\n", __func__
); } while (0)

2295

__func__))do { if (igmp_debug) printf ("%s: merge imf state failed\n", __func__
); } while (0);

2296

error = ENOMEM12;

2297

goto out_imo_free;

2298

}

2299

} else {

2300

/* No address specified; Membership starts in EX mode */

2301

if (is_new) {

2302

IGMP_PRINTF(("%s: new join w/o source\n", __func__))do { if (igmp_debug) printf ("%s: new join w/o source\n", __func__
); } while (0);

2303

imf_init(imf, MCAST_UNDEFINED0, MCAST_EXCLUDE2);

2304

}

2305

}

2306

2307

2308

* Begin state merge transaction at IGMP layer.

2309

2310

if (is_new) {

2311

2312

* Unlock socket as we may end up calling ifnet_ioctl() to join (or leave)

2313

* the multicast group and we run the risk of a lock ordering issue

2314

* if the ifnet thread calls into the socket layer to acquire the pcb list

2315

* lock while the input thread delivers multicast packets

2316

2317

IMO_ADDREF_LOCKED(imo)imo_addref(imo, 1);

2318

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

2319

socket_unlock(inp->inp_socket, 0);

2320

2321

VERIFY(inm == NULL)((void)(__builtin_expect(!!((long)((inm == ((void *)0)))), 1L
) || assfail("inm == NULL", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 2321)));

2322

error = in_joingroup(ifp, &gsa->sin.sin_addr, imf, &inm);

2323

2324

socket_lock(inp->inp_socket, 0);

2325

IMO_REMREF(imo)imo_remref(imo);

2326

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

2327

2328

VERIFY(inm != NULL || error != 0)((void)(__builtin_expect(!!((long)((inm != ((void *)0) || error
!= 0))), 1L) || assfail("inm != NULL || error != 0", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 2328)));

2329

if (error)

2330

goto out_imo_free;

2331

imo->imo_membership[idx] = inm; /* from in_joingroup() */

2332

} else {

2333

IGMP_PRINTF(("%s: merge inm state\n", __func__))do { if (igmp_debug) printf ("%s: merge inm state\n", __func__
); } while (0);

2334

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

2335

error = inm_merge(inm, imf);

2336

if (error) {

2337

IGMP_PRINTF(("%s: failed to merge inm state\n",do { if (igmp_debug) printf ("%s: failed to merge inm state\n"
, __func__); } while (0)

2338

__func__))do { if (igmp_debug) printf ("%s: failed to merge inm state\n"
, __func__); } while (0);

2339

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

2340

goto out_imf_rollback;

2341

}

2342

IGMP_PRINTF(("%s: doing igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: doing igmp downcall\n", __func__
); } while (0);

2343

error = igmp_change_state(inm, &itp);

2344

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

2345

if (error) {

2346

IGMP_PRINTF(("%s: failed igmp downcall\n",do { if (igmp_debug) printf ("%s: failed igmp downcall\n", __func__
); } while (0)

2347

__func__))do { if (igmp_debug) printf ("%s: failed igmp downcall\n", __func__
); } while (0);

2348

goto out_imf_rollback;

2349

}

2350

}

2351

2352

out_imf_rollback:

2353

if (error) {

2354

imf_rollback(imf);

2355

if (is_new)

2356

imf_purge(imf);

2357

else

2358

imf_reap(imf);

2359

} else {

2360

imf_commit(imf);

2361

}

2362

2363

out_imo_free:

2364

if (error && is_new) {

2365

VERIFY(inm == NULL)((void)(__builtin_expect(!!((long)((inm == ((void *)0)))), 1L
) || assfail("inm == NULL", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 2365)));

2366

imo->imo_membership[idx] = NULL((void *)0);

2367

--imo->imo_num_memberships;

2368

}

2369

2370

out_imo_locked:

2371

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

2372

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

2373

2374

/* schedule timer now that we've dropped the lock(s) */

2375

igmp_set_timeout(&itp);

2376

2377

return (error);

2378

}

2379

2380

2381

* Leave an IPv4 multicast group on an inpcb, possibly with a source.

2382

2383

* NB: sopt->sopt_val might point to the kernel address space. Refer to the

2384

* block comment on top of inp_join_group() for more information.

2385

2386

int

2387

inp_leave_group(struct inpcb *inp, struct sockopt *sopt)

2388

{

2389

struct group_source_req gsr;

2390

struct ip_mreq_source mreqs;

2391

sockunion_t *gsa, *ssa;

2392

struct ifnet *ifp;

2393

struct in_mfilter *imf;

2394

struct ip_moptions *imo;

2395

struct in_msource *ims;

2396

struct in_multi *inm = NULL((void *)0);

2397

size_t idx;

2398

int error, is_final;

2399

unsigned int ifindex = 0;

2400

struct igmp_tparams itp;

2401

2402

bzero(&itp, sizeof (itp));

2403

ifp = NULL((void *)0);

2404

error = 0;

2405

is_final = 1;

2406

2407

memset(&gsr, 0, sizeof(struct group_source_req));

2408

gsa = (sockunion_t *)&gsr.gsr_group;

2409

gsa->ss.ss_family = AF_UNSPEC0;

2410

ssa = (sockunion_t *)&gsr.gsr_source;

2411

ssa->ss.ss_family = AF_UNSPEC0;

2412

2413

switch (sopt->sopt_name) {

2414

case IP_DROP_MEMBERSHIP13:

2415

case IP_DROP_SOURCE_MEMBERSHIP71:

2416

if (sopt->sopt_name == IP_DROP_MEMBERSHIP13) {

2417

error = sooptcopyin(sopt, &mreqs,

2418

sizeof(struct ip_mreq),

2419

sizeof(struct ip_mreq));

2420

2421

* Swap interface and sourceaddr arguments,

2422

* as ip_mreq and ip_mreq_source are laid

2423

* out differently.

2424

2425

mreqs.imr_interface = mreqs.imr_sourceaddr;

2426

mreqs.imr_sourceaddr.s_addr = INADDR_ANY(u_int32_t)0x00000000;

2427

} else if (sopt->sopt_name == IP_DROP_SOURCE_MEMBERSHIP71) {

2428

error = sooptcopyin(sopt, &mreqs,

2429

sizeof(struct ip_mreq_source),

2430

sizeof(struct ip_mreq_source));

2431

}

2432

if (error)

2433

return (error);

2434

2435

gsa->sin.sin_family = AF_INET2;

2436

gsa->sin.sin_len = sizeof(struct sockaddr_in);

2437

gsa->sin.sin_addr = mreqs.imr_multiaddr;

2438

2439

if (sopt->sopt_name == IP_DROP_SOURCE_MEMBERSHIP71) {

2440

ssa->sin.sin_family = AF_INET2;

2441

ssa->sin.sin_len = sizeof(struct sockaddr_in);

2442

ssa->sin.sin_addr = mreqs.imr_sourceaddr;

2443

}

2444

2445

* Attempt to look up hinted ifp from interface address.

2446

* Fallthrough with null ifp iff lookup fails, to

2447

* preserve 4.4BSD mcast API idempotence.

2448

* XXX NOTE WELL: The RFC 3678 API is preferred because

2449

* using an IPv4 address as a key is racy.

2450

2451

if (!in_nullhost(mreqs.imr_interface)((mreqs.imr_interface).s_addr == (u_int32_t)0x00000000))

2452

ifp = ip_multicast_if(&mreqs.imr_interface, &ifindex);

2453

2454

2455

2456

2457

2458

break;

2459

2460

case MCAST_LEAVE_GROUP81:

2461

case MCAST_LEAVE_SOURCE_GROUP83:

2462

if (sopt->sopt_name == MCAST_LEAVE_GROUP81) {

2463

error = sooptcopyin(sopt, &gsr,

2464

sizeof(struct group_req),

2465

sizeof(struct group_req));

2466

} else if (sopt->sopt_name == MCAST_LEAVE_SOURCE_GROUP83) {

2467

error = sooptcopyin(sopt, &gsr,

2468

sizeof(struct group_source_req),

2469

sizeof(struct group_source_req));

2470

}

2471

if (error)

2472

return (error);

2473

2474

if (gsa->sin.sin_family != AF_INET2 ||

2475

gsa->sin.sin_len != sizeof(struct sockaddr_in))

2476

return (EINVAL22);

2477

2478

if (sopt->sopt_name == MCAST_LEAVE_SOURCE_GROUP83) {

2479

if (ssa->sin.sin_family != AF_INET2 ||

2480

ssa->sin.sin_len != sizeof(struct sockaddr_in))

2481

return (EINVAL22);

2482

}

2483

2484

ifnet_head_lock_shared();

2485

if (gsr.gsr_interface == 0 ||

2486

(u_int)if_index < gsr.gsr_interface) {

2487

ifnet_head_done();

2488

return (EADDRNOTAVAIL49);

2489

}

2490

2491

ifp = ifindex2ifnet[gsr.gsr_interface];

2492

ifnet_head_done();

2493

break;

2494

2495

default:

2496

IGMP_PRINTF(("%s: unknown sopt_name %d\n",do { if (igmp_debug) printf ("%s: unknown sopt_name %d\n", __func__
, sopt->sopt_name); } while (0)

2497

__func__, sopt->sopt_name))do { if (igmp_debug) printf ("%s: unknown sopt_name %d\n", __func__
, sopt->sopt_name); } while (0);

2498

return (EOPNOTSUPP102);

2499

}

2500

2501

2502

return (EINVAL22);

2503

2504

2505

* Find the membership in the membership array.

2506

2507

imo = inp_findmoptions(inp);

2508

if (imo == NULL((void *)0))

2509

return (ENOMEM12);

2510

2511

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

2512

idx = imo_match_group(imo, ifp, &gsa->sa);

2513

if (idx == (size_t)-1) {

2514

error = EADDRNOTAVAIL49;

2515

goto out_locked;

2516

}

2517

inm = imo->imo_membership[idx];

2518

imf = &imo->imo_mfilters[idx];

2519

2520

if (ssa->ss.ss_family != AF_UNSPEC0) {

2521

IGMP_PRINTF(("%s: opt=%d is_final=0\n", __func__,do { if (igmp_debug) printf ("%s: opt=%d is_final=0\n", __func__
, sopt->sopt_name); } while (0)

2522

sopt->sopt_name))do { if (igmp_debug) printf ("%s: opt=%d is_final=0\n", __func__
, sopt->sopt_name); } while (0);

2523

is_final = 0;

2524

}

2525

2526

2527

* Begin state merge transaction at socket layer.

2528

2529

2530

2531

* If we were instructed only to leave a given source, do so.

2532

* MCAST_LEAVE_SOURCE_GROUP is only valid for inclusive memberships.

2533

2534

if (is_final) {

2535

imf_leave(imf);

2536

} else {

2537

if (imf->imf_st[0] == MCAST_EXCLUDE2) {

2538

error = EADDRNOTAVAIL49;

2539

goto out_locked;

2540

}

2541

ims = imo_match_source(imo, idx, &ssa->sa);

2542

if (ims == NULL((void *)0)) {

2543

2544

2545

_igmp_inet_buf, "not "))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ssa->sin.sin_addr), _igmp_inet_buf, sizeof(_igmp_inet_buf
)); printf ("%s: source %s %spresent\n", __func__, _igmp_inet_buf
, "not "); } } while (0);

2546

error = EADDRNOTAVAIL49;

2547

goto out_locked;

2548

}

2549

IGMP_PRINTF(("%s: %s source\n", __func__, "block"))do { if (igmp_debug) printf ("%s: %s source\n", __func__, "block"
); } while (0);

2550

error = imf_prune(imf, &ssa->sin);

2551

if (error) {

2552

IGMP_PRINTF(("%s: merge imf state failed\n",do { if (igmp_debug) printf ("%s: merge imf state failed\n", __func__
); } while (0)

2553

__func__))do { if (igmp_debug) printf ("%s: merge imf state failed\n", __func__
); } while (0);

2554

goto out_locked;

2555

}

2556

}

2557

2558

2559

* Begin state merge transaction at IGMP layer.

2560

2561

2562

2563

if (is_final) {

2564

2565

* Give up the multicast address record to which

2566

* the membership points. Reference held in imo

2567

* will be released below.

2568

2569

(void) in_leavegroup(inm, imf);

2570

} else {

2571

IGMP_PRINTF(("%s: merge inm state\n", __func__))do { if (igmp_debug) printf ("%s: merge inm state\n", __func__
); } while (0);

2572

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

2573

error = inm_merge(inm, imf);

2574

if (error) {

2575

IGMP_PRINTF(("%s: failed to merge inm state\n",do { if (igmp_debug) printf ("%s: failed to merge inm state\n"
, __func__); } while (0)

2576

__func__))do { if (igmp_debug) printf ("%s: failed to merge inm state\n"
, __func__); } while (0);

2577

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

2578

goto out_imf_rollback;

2579

}

2580

2581

IGMP_PRINTF(("%s: doing igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: doing igmp downcall\n", __func__
); } while (0);

2582

error = igmp_change_state(inm, &itp);

2583

if (error) {

2584

IGMP_PRINTF(("%s: failed igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: failed igmp downcall\n", __func__
); } while (0);

2585

}

2586

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

2587

}

2588

2589

out_imf_rollback:

2590

if (error)

2591

imf_rollback(imf);

2592

else

2593

imf_commit(imf);

2594

2595

imf_reap(imf);

2596

2597

if (is_final) {

2598

/* Remove the gap in the membership array. */

2599

VERIFY(inm == imo->imo_membership[idx])((void)(__builtin_expect(!!((long)((inm == imo->imo_membership
[idx]))), 1L) || assfail("inm == imo->imo_membership[idx]"
, "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c", 2599
)));

2600

imo->imo_membership[idx] = NULL((void *)0);

2601

2602

2603

* See inp_join_group() for why we need to unlock

2604

2605

IMO_ADDREF_LOCKED(imo)imo_addref(imo, 1);

2606

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

2607

socket_unlock(inp->inp_socket, 0);

2608

2609

INM_REMREF(inm)inm_remref(inm, 0);

2610

2611

socket_lock(inp->inp_socket, 0);

2612

IMO_REMREF(imo)imo_remref(imo);

2613

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

2614

2615

for (++idx; idx < imo->imo_num_memberships; ++idx) {

2616

imo->imo_membership[idx-1] = imo->imo_membership[idx];

2617

imo->imo_mfilters[idx-1] = imo->imo_mfilters[idx];

2618

}

2619

imo->imo_num_memberships--;

2620

}

2621

2622

out_locked:

2623

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

2624

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

2625

2626

/* schedule timer now that we've dropped the lock(s) */

2627

igmp_set_timeout(&itp);

2628

2629

return (error);

2630

}

2631

2632

2633

* Select the interface for transmitting IPv4 multicast datagrams.

2634

2635

* Either an instance of struct in_addr or an instance of struct ip_mreqn

2636

* may be passed to this socket option. An address of INADDR_ANY or an

2637

* interface index of 0 is used to remove a previous selection.

2638

* When no interface is selected, one is chosen for every send.

2639

2640

static int

2641

inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt)

2642

{

2643

struct in_addr addr;

2644

struct ip_mreqn mreqn;

2645

struct ifnet *ifp;

2646

struct ip_moptions *imo;

2647

int error = 0 ;

2648

unsigned int ifindex = 0;

2649

2650

if (sopt->sopt_valsize == sizeof(struct ip_mreqn)) {

2651

2652

* An interface index was specified using the

2653

* Linux-derived ip_mreqn structure.

2654

2655

error = sooptcopyin(sopt, &mreqn, sizeof(struct ip_mreqn),

2656

sizeof(struct ip_mreqn));

2657

if (error)

2658

return (error);

2659

2660

ifnet_head_lock_shared();

2661

if (mreqn.imr_ifindex < 0 || if_index < mreqn.imr_ifindex) {

2662

ifnet_head_done();

2663

return (EINVAL22);

2664

}

2665

2666

if (mreqn.imr_ifindex == 0) {

2667

ifp = NULL((void *)0);

2668

} else {

2669

ifp = ifindex2ifnet[mreqn.imr_ifindex];

2670

if (ifp == NULL((void *)0)) {

2671

ifnet_head_done();

2672

return (EADDRNOTAVAIL49);

2673

}

2674

}

2675

ifnet_head_done();

2676

} else {

2677

2678

* An interface was specified by IPv4 address.

2679

* This is the traditional BSD usage.

2680

2681

error = sooptcopyin(sopt, &addr, sizeof(struct in_addr),

2682

sizeof(struct in_addr));

2683

if (error)

2684

return (error);

2685

if (in_nullhost(addr)((addr).s_addr == (u_int32_t)0x00000000)) {

2686

ifp = NULL((void *)0);

2687

} else {

2688

ifp = ip_multicast_if(&addr, &ifindex);

2689

if (ifp == NULL((void *)0)) {

2690

IGMP_INET_PRINTF(addr,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(addr), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: can't find ifp for addr=%s\n"
, __func__, _igmp_inet_buf); } } while (0)

2691

("%s: can't find ifp for addr=%s\n",do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(addr), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: can't find ifp for addr=%s\n"
, __func__, _igmp_inet_buf); } } while (0)

2692

__func__, _igmp_inet_buf))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(addr), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: can't find ifp for addr=%s\n"
, __func__, _igmp_inet_buf); } } while (0);

2693

return (EADDRNOTAVAIL49);

2694

}

2695

}

2696

/* XXX remove? */

2697

#ifdef IGMP_DEBUG0

2698

IGMP_PRINTF(("%s: ifp = 0x%llx, addr = %s\n", __func__,do { if (igmp_debug) printf ("%s: ifp = 0x%llx, addr = %s\n",
__func__, (uint64_t)(((vm_offset_t)(ifp) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(ifp) + vm_kernel_addrperm), inet_ntoa(addr
)); } while (0)

2699

(uint64_t)VM_KERNEL_ADDRPERM(ifp), inet_ntoa(addr)))do { if (igmp_debug) printf ("%s: ifp = 0x%llx, addr = %s\n",
__func__, (uint64_t)(((vm_offset_t)(ifp) == 0) ? (vm_offset_t
)(0) : (vm_offset_t)(ifp) + vm_kernel_addrperm), inet_ntoa(addr
)); } while (0);

2700

#endif

2701

}

2702

2703

/* Reject interfaces which do not support multicast. */

2704

if (ifp != NULL((void *)0) && (ifp->if_flags & IFF_MULTICAST0x8000) == 0)

2705

return (EOPNOTSUPP102);

2706

2707

imo = inp_findmoptions(inp);

2708

if (imo == NULL((void *)0))

2709

return (ENOMEM12);

2710

2711

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

2712

imo->imo_multicast_ifp = ifp;

2713

if (ifindex)

2714

imo->imo_multicast_addr = addr;

2715

else

2716

imo->imo_multicast_addr.s_addr = INADDR_ANY(u_int32_t)0x00000000;

2717

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

2718

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

2719

2720

return (0);

2721

}

2722

2723

2724

* Atomically set source filters on a socket for an IPv4 multicast group.

2725

2726

static int

2727

inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt)

2728

{

2729

struct __msfilterreq64 msfr, msfr64;

2730

struct __msfilterreq32 msfr32;

2731

sockunion_t *gsa;

2732

struct ifnet *ifp;

2733

struct in_mfilter *imf;

2734

struct ip_moptions *imo;

2735

struct in_multi *inm;

2736

size_t idx;

2737

int error;

2738

user_addr_t tmp_ptr;

2739

struct igmp_tparams itp;

2740

2741

bzero(&itp, sizeof (itp));

2742

2743

if (IS_64BIT_PROCESS(current_proc())) {

2744

error = sooptcopyin(sopt, &msfr64,

2745

sizeof(struct __msfilterreq64),

2746

sizeof(struct __msfilterreq64));

2747

if (error)

2748

return (error);

2749

/* we never use msfr.msfr_srcs; */

2750

memcpy(&msfr, &msfr64, sizeof(msfr64));

2751

} else {

2752

error = sooptcopyin(sopt, &msfr32,

2753

sizeof(struct __msfilterreq32),

2754

sizeof(struct __msfilterreq32));

2755

if (error)

2756

return (error);

2757

/* we never use msfr.msfr_srcs; */

2758

memcpy(&msfr, &msfr32, sizeof(msfr32));

2759

}

2760

2761

if ((size_t) msfr.msfr_nsrcs >

2762

UINT32_MAX4294967295U / sizeof(struct sockaddr_storage))

2763

msfr.msfr_nsrcs = UINT32_MAX4294967295U / sizeof(struct sockaddr_storage);

2764

2765

if (msfr.msfr_nsrcs > in_mcast_maxsocksrc)

2766

return (ENOBUFS55);

2767

2768

if ((msfr.msfr_fmode != MCAST_EXCLUDE2 &&

2769

msfr.msfr_fmode != MCAST_INCLUDE1))

2770

return (EINVAL22);

2771

2772

if (msfr.msfr_group.ss_family != AF_INET2 ||

2773

msfr.msfr_group.ss_len != sizeof(struct sockaddr_in))

2774

return (EINVAL22);

2775

2776

gsa = (sockunion_t *)&msfr.msfr_group;

2777

2778

return (EINVAL22);

2779

2780

gsa->sin.sin_port = 0; /* ignore port */

2781

2782

ifnet_head_lock_shared();

2783

if (msfr.msfr_ifindex == 0 || (u_int)if_index < msfr.msfr_ifindex) {

2784

ifnet_head_done();

2785

return (EADDRNOTAVAIL49);

2786

}

2787

2788

ifp = ifindex2ifnet[msfr.msfr_ifindex];

2789

ifnet_head_done();

2790

if (ifp == NULL((void *)0))

2791

return (EADDRNOTAVAIL49);

2792

2793

2794

* Check if this socket is a member of this group.

2795

2796

imo = inp_findmoptions(inp);

2797

if (imo == NULL((void *)0))

2798

return (ENOMEM12);

2799

2800

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

2801

idx = imo_match_group(imo, ifp, &gsa->sa);

2802

if (idx == (size_t)-1 || imo->imo_mfilters == NULL((void *)0)) {

2803

error = EADDRNOTAVAIL49;

2804

goto out_imo_locked;

2805

}

2806

inm = imo->imo_membership[idx];

2807

imf = &imo->imo_mfilters[idx];

2808

2809

2810

* Begin state merge transaction at socket layer.

2811

2812

2813

imf->imf_st[1] = msfr.msfr_fmode;

2814

2815

2816

* Apply any new source filters, if present.

2817

* Make a copy of the user-space source vector so

2818

* that we may copy them with a single copyin. This

2819

* allows us to deal with page faults up-front.

2820

2821

if (msfr.msfr_nsrcs > 0) {

2822

struct in_msource *lims;

2823

struct sockaddr_in *psin;

2824

struct sockaddr_storage *kss, *pkss;

2825

int i;

2826

2827

if (IS_64BIT_PROCESS(current_proc()))

2828

tmp_ptr = msfr64.msfr_srcs;

2829

else

2830

tmp_ptr = CAST_USER_ADDR_T(msfr32.msfr_srcs)((user_addr_t)((uintptr_t)(msfr32.msfr_srcs)));

2831

2832

IGMP_PRINTF(("%s: loading %lu source list entries\n",do { if (igmp_debug) printf ("%s: loading %lu source list entries\n"
, __func__, (unsigned long)msfr.msfr_nsrcs); } while (0)

2833

__func__, (unsigned long)msfr.msfr_nsrcs))do { if (igmp_debug) printf ("%s: loading %lu source list entries\n"
, __func__, (unsigned long)msfr.msfr_nsrcs); } while (0);

2834

kss = _MALLOC((size_t) msfr.msfr_nsrcs * sizeof(*kss),({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __MALLOC((size_t) msfr.msfr_nsrcs * sizeof(*kss), 80, 0x0000
, &site); })

2835

M_TEMP, M_WAITOK)({ static vm_allocation_site_t site __attribute__((section("__DATA, __data"
))); __MALLOC((size_t) msfr.msfr_nsrcs * sizeof(*kss), 80, 0x0000
, &site); });

2836

if (kss == NULL((void *)0)) {

2837

error = ENOMEM12;

2838

goto out_imo_locked;

2839

}

2840

error = copyin(tmp_ptr, kss,

2841

(size_t) msfr.msfr_nsrcs * sizeof(*kss));

2842

if (error) {

2843

FREE(kss, M_TEMP)_FREE((void *)kss, 80);

2844

goto out_imo_locked;

2845

}

2846

2847

2848

* Mark all source filters as UNDEFINED at t1.

2849

* Restore new group filter mode, as imf_leave()

2850

* will set it to INCLUDE.

2851

2852

imf_leave(imf);

2853

imf->imf_st[1] = msfr.msfr_fmode;

2854

2855

2856

* Update socket layer filters at t1, lazy-allocating

2857

* new entries. This saves a bunch of memory at the

2858

* cost of one RB_FIND() per source entry; duplicate

2859

* entries in the msfr_nsrcs vector are ignored.

2860

* If we encounter an error, rollback transaction.

2861

2862

* XXX This too could be replaced with a set-symmetric

2863

* difference like loop to avoid walking from root

2864

* every time, as the key space is common.

2865

2866

for (i = 0, pkss = kss; (u_int)i < msfr.msfr_nsrcs;

2867

i++, pkss++) {

2868

psin = (struct sockaddr_in *)pkss;

2869

if (psin->sin_family != AF_INET2) {

2870

error = EAFNOSUPPORT47;

2871

break;

2872

}

2873

if (psin->sin_len != sizeof(struct sockaddr_in)) {

2874

error = EINVAL22;

2875

break;

2876

}

2877

error = imf_get_source(imf, psin, &lims);

2878

if (error)

2879

break;

2880

lims->imsl_st[1] = imf->imf_st[1];

2881

}

2882

FREE(kss, M_TEMP)_FREE((void *)kss, 80);

2883

}

2884

2885

if (error)

2886

goto out_imf_rollback;

2887

2888

2889

* Begin state merge transaction at IGMP layer.

2890

2891

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

2892

IGMP_PRINTF(("%s: merge inm state\n", __func__))do { if (igmp_debug) printf ("%s: merge inm state\n", __func__
); } while (0);

2893

error = inm_merge(inm, imf);

2894

if (error) {

2895

IGMP_PRINTF(("%s: failed to merge inm state\n", __func__))do { if (igmp_debug) printf ("%s: failed to merge inm state\n"
, __func__); } while (0);

2896

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

2897

goto out_imf_rollback;

2898

}

2899

2900

IGMP_PRINTF(("%s: doing igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: doing igmp downcall\n", __func__
); } while (0);

2901

error = igmp_change_state(inm, &itp);

2902

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

2903

#ifdef IGMP_DEBUG1

2904

if (error)

2905

IGMP_PRINTF(("%s: failed igmp downcall\n", __func__))do { if (igmp_debug) printf ("%s: failed igmp downcall\n", __func__
); } while (0);

2906

#endif

2907

2908

out_imf_rollback:

2909

if (error)

2910

imf_rollback(imf);

2911

else

2912

imf_commit(imf);

2913

2914

imf_reap(imf);

2915

2916

out_imo_locked:

2917

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

2918

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

2919

2920

/* schedule timer now that we've dropped the lock(s) */

2921

igmp_set_timeout(&itp);

2922

2923

return (error);

2924

}

2925

2926

2927

* Set the IP multicast options in response to user setsockopt().

2928

2929

* Many of the socket options handled in this function duplicate the

2930

* functionality of socket options in the regular unicast API. However,

2931

* it is not possible to merge the duplicate code, because the idempotence

2932

* of the IPv4 multicast part of the BSD Sockets API must be preserved;

2933

* the effects of these options must be treated as separate and distinct.

2934

2935

int

2936

inp_setmoptions(struct inpcb *inp, struct sockopt *sopt)

2937

{

2938

struct ip_moptions *imo;

2939

int error;

2940

unsigned int ifindex;

2941

struct ifnet *ifp;

2942

2943

error = 0;

2944

2945

2946

* If socket is neither of type SOCK_RAW or SOCK_DGRAM,

2947

* or is a divert socket, reject it.

2948

2949

if (SOCK_PROTO(inp->inp_socket)((inp->inp_socket)->so_proto->pr_protocol) == IPPROTO_DIVERT254 ||

2950

(SOCK_TYPE(inp->inp_socket)((inp->inp_socket)->so_proto->pr_type) != SOCK_RAW3 &&

2951

SOCK_TYPE(inp->inp_socket)((inp->inp_socket)->so_proto->pr_type) != SOCK_DGRAM2))

2952

return (EOPNOTSUPP102);

2953

2954

switch (sopt->sopt_name) {

2955

case IP_MULTICAST_IF9:

2956

error = inp_set_multicast_if(inp, sopt);

2957

break;

2958

2959

case IP_MULTICAST_IFINDEX66:

2960

2961

* Select the interface for outgoing multicast packets.

2962

2963

error = sooptcopyin(sopt, &ifindex, sizeof (ifindex),

2964

sizeof (ifindex));

2965

if (error)

2966

break;

2967

2968

imo = inp_findmoptions(inp);

2969

if (imo == NULL((void *)0)) {

2970

error = ENOMEM12;

2971

break;

2972

}

2973

2974

* Index 0 is used to remove a previous selection.

2975

* When no interface is selected, a default one is

2976

* chosen every time a multicast packet is sent.

2977

2978

if (ifindex == 0) {

2979

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

2980

imo->imo_multicast_ifp = NULL((void *)0);

2981

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

2982

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

2983

break;

2984

}

2985

2986

ifnet_head_lock_shared();

2987

/* Don't need to check is ifindex is < 0 since it's unsigned */

2988

if ((unsigned int)if_index < ifindex) {

2989

ifnet_head_done();

2990

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

2991

error = ENXIO6; /* per IPV6_MULTICAST_IF */

2992

break;

2993

}

2994

ifp = ifindex2ifnet[ifindex];

2995

ifnet_head_done();

2996

2997

/* If it's detached or isn't a multicast interface, bail out */

2998

if (ifp == NULL((void *)0) || !(ifp->if_flags & IFF_MULTICAST0x8000)) {

2999

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

3000

error = EADDRNOTAVAIL49;

3001

break;

3002

}

3003

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

3004

imo->imo_multicast_ifp = ifp;

3005

3006

* Clear out any remnants of past IP_MULTICAST_IF. The addr

3007

* isn't really used anywhere in the kernel; we could have

3008

* iterated thru the addresses of the interface and pick one

3009

* here, but that is redundant since ip_getmoptions() already

3010

* takes care of that for INADDR_ANY.

3011

3012

imo->imo_multicast_addr.s_addr = INADDR_ANY(u_int32_t)0x00000000;

3013

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

3014

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

3015

break;

3016

3017

case IP_MULTICAST_TTL10: {

3018

u_char ttl;

3019

3020

3021

* Set the IP time-to-live for outgoing multicast packets.

3022

* The original multicast API required a char argument,

3023

* which is inconsistent with the rest of the socket API.

3024

* We allow either a char or an int.

3025

3026

if (sopt->sopt_valsize == sizeof(u_char)) {

3027

error = sooptcopyin(sopt, &ttl, sizeof(u_char),

3028

sizeof(u_char));

3029

if (error)

3030

break;

3031

} else {

3032

u_int ittl;

3033

3034

error = sooptcopyin(sopt, &ittl, sizeof(u_int),

3035

sizeof(u_int));

3036

if (error)

3037

break;

3038

if (ittl > 255) {

3039

error = EINVAL22;

3040

break;

3041

}

3042

ttl = (u_char)ittl;

3043

}

3044

imo = inp_findmoptions(inp);

3045

if (imo == NULL((void *)0)) {

3046

error = ENOMEM12;

3047

break;

3048

}

3049

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

3050

imo->imo_multicast_ttl = ttl;

3051

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

3052

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

3053

break;

3054

}

3055

3056

case IP_MULTICAST_LOOP11: {

3057

u_char loop;

3058

3059

3060

* Set the loopback flag for outgoing multicast packets.

3061

* Must be zero or one. The original multicast API required a

3062

* char argument, which is inconsistent with the rest

3063

* of the socket API. We allow either a char or an int.

3064

3065

if (sopt->sopt_valsize == sizeof(u_char)) {

3066

error = sooptcopyin(sopt, &loop, sizeof(u_char),

3067

sizeof(u_char));

3068

if (error)

3069

break;

3070

} else {

3071

u_int iloop;

3072

3073

error = sooptcopyin(sopt, &iloop, sizeof(u_int),

3074

sizeof(u_int));

3075

if (error)

3076

break;

3077

loop = (u_char)iloop;

3078

}

3079

imo = inp_findmoptions(inp);

3080

if (imo == NULL((void *)0)) {

3081

error = ENOMEM12;

3082

break;

3083

}

3084

IMO_LOCK(imo)lck_mtx_lock(&(imo)->imo_lock);

3085

imo->imo_multicast_loop = !!loop;

3086

IMO_UNLOCK(imo)lck_mtx_unlock(&(imo)->imo_lock);

3087

IMO_REMREF(imo)imo_remref(imo); /* from inp_findmoptions() */

3088

break;

3089

}

3090

3091

case IP_ADD_MEMBERSHIP12:

3092

case IP_ADD_SOURCE_MEMBERSHIP70:

3093

case MCAST_JOIN_GROUP80:

3094

case MCAST_JOIN_SOURCE_GROUP82:

3095

error = inp_join_group(inp, sopt);

3096

break;

3097

3098

case IP_DROP_MEMBERSHIP13:

3099

case IP_DROP_SOURCE_MEMBERSHIP71:

3100

case MCAST_LEAVE_GROUP81:

3101

case MCAST_LEAVE_SOURCE_GROUP83:

3102

error = inp_leave_group(inp, sopt);

3103

break;

3104

3105

case IP_BLOCK_SOURCE72:

3106

case IP_UNBLOCK_SOURCE73:

3107

case MCAST_BLOCK_SOURCE84:

3108

case MCAST_UNBLOCK_SOURCE85:

3109

error = inp_block_unblock_source(inp, sopt);

3110

break;

3111

3112

case IP_MSFILTER74:

3113

error = inp_set_source_filters(inp, sopt);

3114

break;

3115

3116

default:

3117

error = EOPNOTSUPP102;

3118

break;

3119

}

3120

3121

return (error);

3122

}

3123

3124

3125

* Expose IGMP's multicast filter mode and source list(s) to userland,

3126

* keyed by (ifindex, group).

3127

* The filter mode is written out as a uint32_t, followed by

3128

* 0..n of struct in_addr.

3129

* For use by ifmcstat(8).

3130

3131

static int

3132

sysctl_ip_mcast_filters SYSCTL_HANDLER_ARGS(struct sysctl_oid *oidp, void *arg1, int arg2, struct sysctl_req
*req)

3133

{

3134

#pragma unused(oidp)

3135

3136

struct in_addr src, group;

3137

struct ifnet *ifp;

3138

struct in_multi *inm;

3139

struct in_multistep step;

3140

struct ip_msource *ims;

3141

int *name;

3142

int retval = 0;

3143

u_int namelen;

3144

uint32_t fmode, ifindex;

3145

3146

name = (int *)arg1;

3147

namelen = (u_int)arg2;

3148

3149

if (req->newptr != USER_ADDR_NULL((user_addr_t) 0))

3150

return (EPERM1);

3151

3152

if (namelen != 2)

3153

return (EINVAL22);

3154

3155

ifindex = name[0];

3156

ifnet_head_lock_shared();

3157

if (ifindex <= 0 || ifindex > (u_int)if_index) {

3158

IGMP_PRINTF(("%s: ifindex %u out of range\n",do { if (igmp_debug) printf ("%s: ifindex %u out of range\n",
__func__, ifindex); } while (0)

3159

__func__, ifindex))do { if (igmp_debug) printf ("%s: ifindex %u out of range\n",
__func__, ifindex); } while (0);

3160

ifnet_head_done();

3161

return (ENOENT2);

3162

}

3163

3164

group.s_addr = name[1];

3165

if (!IN_MULTICAST(ntohl(group.s_addr))(((u_int32_t)((__builtin_constant_p(group.s_addr) ? ((__uint32_t
)((((__uint32_t)(group.s_addr) & 0xff000000) >> 24)
| (((__uint32_t)(group.s_addr) & 0x00ff0000) >> 8)
| (((__uint32_t)(group.s_addr) & 0x0000ff00) << 8)
| (((__uint32_t)(group.s_addr) & 0x000000ff) << 24
))) : _OSSwapInt32(group.s_addr))) & 0xf0000000) == 0xe0000000
)) {

3166

IGMP_INET_PRINTF(group,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(group), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: group %s is not multicast\n"
, __func__, _igmp_inet_buf); } } while (0)

3167

("%s: group %s is not multicast\n",do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(group), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: group %s is not multicast\n"
, __func__, _igmp_inet_buf); } } while (0)

3168

__func__, _igmp_inet_buf))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(group), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: group %s is not multicast\n"
, __func__, _igmp_inet_buf); } } while (0);

3169

ifnet_head_done();

3170

return (EINVAL22);

3171

}

3172

3173

ifp = ifindex2ifnet[ifindex];

3174

ifnet_head_done();

3175

if (ifp == NULL((void *)0)) {

3176

IGMP_PRINTF(("%s: no ifp for ifindex %u\n", __func__, ifindex))do { if (igmp_debug) printf ("%s: no ifp for ifindex %u\n", __func__
, ifindex); } while (0);

3177

return (ENOENT2);

3178

}

3179

3180

in_multihead_lock_shared();

3181

IN_FIRST_MULTI(step, inm)do { in_multihead_lock_assert(0x03); (step).i_inm = ((&in_multihead
)->lh_first); do { in_multihead_lock_assert(0x03); if ((((
inm)) = ((step)).i_inm) != ((void *)0)) ((step)).i_inm = ((((
step)).i_inm)->inm_link.le_next); } while (0); } while (0);

3182

while (inm != NULL((void *)0)) {

3183

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

3184

if (inm->inm_ifp != ifp)

3185

goto next;

3186

3187

if (!in_hosteq(inm->inm_addr, group)((inm->inm_addr).s_addr == (group).s_addr))

3188

goto next;

3189

3190

fmode = inm->inm_st[1].iss_fmode;

3191

retval = SYSCTL_OUT(req, &fmode, sizeof(uint32_t))(req->oldfunc)(req, &fmode, sizeof(uint32_t));

3192

if (retval != 0) {

3193

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

3194

break; /* abort */

3195

}

3196

RB_FOREACH(ims, ip_msource_tree, &inm->inm_srcs)for ((ims) = ip_msource_tree_RB_MINMAX(&inm->inm_srcs,
-1); (ims) != ((void *)0); (ims) = ip_msource_tree_RB_NEXT(ims
)) {

3197

#ifdef IGMP_DEBUG1

3198

struct in_addr ina;

3199

ina.s_addr = htonl(ims->ims_haddr)(__builtin_constant_p(ims->ims_haddr) ? ((__uint32_t)((((__uint32_t
)(ims->ims_haddr) & 0xff000000) >> 24) | (((__uint32_t
)(ims->ims_haddr) & 0x00ff0000) >> 8) | (((__uint32_t
)(ims->ims_haddr) & 0x0000ff00) << 8) | (((__uint32_t
)(ims->ims_haddr) & 0x000000ff) << 24))) : _OSSwapInt32
(ims->ims_haddr));

3200

IGMP_INET_PRINTF(ina,do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ina), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: visit node %s\n"
, __func__, _igmp_inet_buf); } } while (0)

3201

("%s: visit node %s\n", __func__, _igmp_inet_buf))do { if (igmp_debug) { char _igmp_inet_buf[16]; inet_ntop(2, &
(ina), _igmp_inet_buf, sizeof(_igmp_inet_buf)); printf ("%s: visit node %s\n"
, __func__, _igmp_inet_buf); } } while (0);

3202

#endif

3203

3204

* Only copy-out sources which are in-mode.

3205

3206

if (fmode != ims_get_mode(inm, ims, 1)) {

3207

IGMP_PRINTF(("%s: skip non-in-mode\n",do { if (igmp_debug) printf ("%s: skip non-in-mode\n", __func__
); } while (0)

3208

__func__))do { if (igmp_debug) printf ("%s: skip non-in-mode\n", __func__
); } while (0);

3209

continue; /* process next source */

3210

}

3211

src.s_addr = htonl(ims->ims_haddr)(__builtin_constant_p(ims->ims_haddr) ? ((__uint32_t)((((__uint32_t
)(ims->ims_haddr) & 0xff000000) >> 24) | (((__uint32_t
)(ims->ims_haddr) & 0x00ff0000) >> 8) | (((__uint32_t
)(ims->ims_haddr) & 0x0000ff00) << 8) | (((__uint32_t
)(ims->ims_haddr) & 0x000000ff) << 24))) : _OSSwapInt32
(ims->ims_haddr));

3212

retval = SYSCTL_OUT(req, &src, sizeof(struct in_addr))(req->oldfunc)(req, &src, sizeof(struct in_addr));

3213

if (retval != 0)

3214

break; /* process next inm */

3215

}

3216

3217

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

3218

IN_NEXT_MULTI(step, inm)do { in_multihead_lock_assert(0x03); if (((inm) = (step).i_inm
) != ((void *)0)) (step).i_inm = (((step).i_inm)->inm_link
.le_next); } while (0);

3219

}

3220

in_multihead_lock_done();

3221

3222

return (retval);

3223

}

3224

3225

3226

* XXX

3227

* The whole multicast option thing needs to be re-thought.

3228

* Several of these options are equally applicable to non-multicast

3229

* transmission, and one (IP_MULTICAST_TTL) totally duplicates a

3230

* standard option (IP_TTL).

3231

3232

3233

* following RFC1724 section 3.3, 0.0.0.0/8 is interpreted as interface index.

3234

3235

static struct ifnet *

3236

ip_multicast_if(struct in_addr *a, unsigned int *ifindexp)

3237

{

3238

unsigned int ifindex;

3239

struct ifnet *ifp;

3240

3241

if (ifindexp != NULL((void *)0))

3242

*ifindexp = 0;

3243

if (ntohl(a->s_addr)(__builtin_constant_p(a->s_addr) ? ((__uint32_t)((((__uint32_t
)(a->s_addr) & 0xff000000) >> 24) | (((__uint32_t
)(a->s_addr) & 0x00ff0000) >> 8) | (((__uint32_t
)(a->s_addr) & 0x0000ff00) << 8) | (((__uint32_t
)(a->s_addr) & 0x000000ff) << 24))) : _OSSwapInt32
(a->s_addr)) >> 24 == 0) {

3244

ifindex = ntohl(a->s_addr)(__builtin_constant_p(a->s_addr) ? ((__uint32_t)((((__uint32_t
)(a->s_addr) & 0xff000000) >> 24) | (((__uint32_t
)(a->s_addr) & 0x00ff0000) >> 8) | (((__uint32_t
)(a->s_addr) & 0x0000ff00) << 8) | (((__uint32_t
)(a->s_addr) & 0x000000ff) << 24))) : _OSSwapInt32
(a->s_addr)) & 0xffffff;

3245

ifnet_head_lock_shared();

3246

/* Don't need to check is ifindex is < 0 since it's unsigned */

3247

if ((unsigned int)if_index < ifindex) {

3248

ifnet_head_done();

3249

return (NULL((void *)0));

3250

}

3251

ifp = ifindex2ifnet[ifindex];

3252

ifnet_head_done();

3253

if (ifp != NULL((void *)0) && ifindexp != NULL((void *)0))

3254

*ifindexp = ifindex;

3255

} else {

3256

INADDR_TO_IFP(*a, ifp){ struct in_ifaddr *ia; lck_rw_lock_shared(in_ifaddr_rwlock);
for ((ia) = ((((&in_ifaddrhashtbl[inaddr_hashval((*a).s_addr
)])))->tqh_first); (ia); (ia) = (((ia))->ia_hash.tqe_next
)) { lck_mtx_lock_spin(&(&ia->ia_ifa)->ifa_lock
); if ((&(((struct in_ifaddr *)(ia))->ia_addr))->sin_addr
.s_addr == (*a).s_addr) { lck_mtx_unlock(&(&ia->ia_ifa
)->ifa_lock); break; } lck_mtx_unlock(&(&ia->ia_ifa
)->ifa_lock); } (ifp) = (ia == ((void *)0)) ? ((void *)0) :
ia->ia_ifa.ifa_ifp; lck_rw_done(in_ifaddr_rwlock); };

3257

}

3258

return (ifp);

3259

}

3260

3261

void

3262

in_multi_init(void)

3263

{

3264

PE_parse_boot_argn("ifa_debug", &inm_debug, sizeof (inm_debug));

3265

3266

/* Setup lock group and attribute for in_multihead */

3267

in_multihead_lock_grp_attr = lck_grp_attr_alloc_init();

3268

in_multihead_lock_grp = lck_grp_alloc_init("in_multihead",

3269

in_multihead_lock_grp_attr);

3270

in_multihead_lock_attr = lck_attr_alloc_init();

3271

lck_rw_init(&in_multihead_lock, in_multihead_lock_grp,

3272

in_multihead_lock_attr);

3273

3274

lck_mtx_init(&inm_trash_lock, in_multihead_lock_grp,

3275

in_multihead_lock_attr);

3276

TAILQ_INIT(&inm_trash_head)do { (((&inm_trash_head))->tqh_first) = ((void *)0); (
&inm_trash_head)->tqh_last = &(((&inm_trash_head
))->tqh_first); ; } while (0);

3277

3278

inm_size = (inm_debug == 0) ? sizeof (struct in_multi) :

3279

sizeof (struct in_multi_dbg);

3280

inm_zone = zinit(inm_size, INM_ZONE_MAX64 * inm_size,

3281

0, INM_ZONE_NAME"in_multi");

3282

if (inm_zone == NULL((void *)0)) {

3283

panic("%s: failed allocating %s", __func__, INM_ZONE_NAME)(panic)("\"%s: failed allocating %s\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3283", __func__, "in_multi");

3284

/* NOTREACHED */

3285

}

3286

zone_change(inm_zone, Z_EXPAND3, TRUE1);

3287

3288

ipms_size = sizeof (struct ip_msource);

3289

ipms_zone = zinit(ipms_size, IPMS_ZONE_MAX64 * ipms_size,

3290

0, IPMS_ZONE_NAME"ip_msource");

3291

if (ipms_zone == NULL((void *)0)) {

3292

panic("%s: failed allocating %s", __func__, IPMS_ZONE_NAME)(panic)("\"%s: failed allocating %s\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3292", __func__, "ip_msource");

3293

/* NOTREACHED */

3294

}

3295

zone_change(ipms_zone, Z_EXPAND3, TRUE1);

3296

3297

inms_size = sizeof (struct in_msource);

3298

inms_zone = zinit(inms_size, INMS_ZONE_MAX64 * inms_size,

3299

0, INMS_ZONE_NAME"in_msource");

3300

if (inms_zone == NULL((void *)0)) {

3301

panic("%s: failed allocating %s", __func__, INMS_ZONE_NAME)(panic)("\"%s: failed allocating %s\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3301", __func__, "in_msource");

3302

/* NOTREACHED */

3303

}

3304

zone_change(inms_zone, Z_EXPAND3, TRUE1);

3305

}

3306

3307

static struct in_multi *

3308

in_multi_alloc(int how)

3309

{

3310

struct in_multi *inm;

3311

3312

inm = (how == M_WAITOK0x0000) ? zalloc(inm_zone) : zalloc_noblock(inm_zone);

3313

if (inm != NULL((void *)0)) {

3314

bzero(inm, inm_size);

3315

lck_mtx_init(&inm->inm_lock, in_multihead_lock_grp,

3316

in_multihead_lock_attr);

3317

inm->inm_debug |= IFD_ALLOC0x2;

3318

if (inm_debug != 0) {

3319

inm->inm_debug |= IFD_DEBUG0x4;

3320

inm->inm_trace = inm_trace;

3321

}

3322

}

3323

return (inm);

3324

}

3325

3326

static void

3327

in_multi_free(struct in_multi *inm)

3328

{

3329

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

3330

if (inm->inm_debug & IFD_ATTACHED0x1) {

3331

panic("%s: attached inm=%p is being freed", __func__, inm)(panic)("\"%s: attached inm=%p is being freed\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3331", __func__, inm);

3332

/* NOTREACHED */

3333

} else if (inm->inm_ifma != NULL((void *)0)) {

3334

panic("%s: ifma not NULL for inm=%p", __func__, inm)(panic)("\"%s: ifma not NULL for inm=%p\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3334", __func__, inm);

3335

/* NOTREACHED */

3336

} else if (!(inm->inm_debug & IFD_ALLOC0x2)) {

3337

panic("%s: inm %p cannot be freed", __func__, inm)(panic)("\"%s: inm %p cannot be freed\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3337", __func__, inm);

3338

/* NOTREACHED */

3339

} else if (inm->inm_refcount != 0) {

3340

panic("%s: non-zero refcount inm=%p", __func__, inm)(panic)("\"%s: non-zero refcount inm=%p\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3340", __func__, inm);

3341

/* NOTREACHED */

3342

} else if (inm->inm_reqcnt != 0) {

3343

panic("%s: non-zero reqcnt inm=%p", __func__, inm)(panic)("\"%s: non-zero reqcnt inm=%p\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3343", __func__, inm);

3344

/* NOTREACHED */

3345

}

3346

3347

/* Free any pending IGMPv3 state-change records */

3348

IF_DRAIN(&inm->inm_scq)do { struct mbuf *_m; for (;;) { do { (_m) = (&inm->inm_scq
)->ifq_head; if (_m != ((void *)0)) { if (((&inm->inm_scq
)->ifq_head = (_m)->m_hdr.mh_nextpkt) == ((void *)0)) (
&inm->inm_scq)->ifq_tail = ((void *)0); (_m)->m_hdr
.mh_nextpkt = ((void *)0); (&inm->inm_scq)->ifq_len
--; } } while (0); if (_m == ((void *)0)) break; m_freem(_m);
} } while (0);

3349

3350

inm->inm_debug &= ~IFD_ALLOC0x2;

3351

if ((inm->inm_debug & (IFD_DEBUG0x4 | IFD_TRASHED0x10)) ==

3352

(IFD_DEBUG0x4 | IFD_TRASHED0x10)) {

3353

lck_mtx_lock(&inm_trash_lock);

3354

TAILQ_REMOVE(&inm_trash_head, (struct in_multi_dbg *)inm,do { if ((((((struct in_multi_dbg *)inm))->inm_trash_link.
tqe_next)) != ((void *)0)) ((((struct in_multi_dbg *)inm))->
inm_trash_link.tqe_next)->inm_trash_link.tqe_prev = ((struct
in_multi_dbg *)inm)->inm_trash_link.tqe_prev; else { (&
inm_trash_head)->tqh_last = ((struct in_multi_dbg *)inm)->
inm_trash_link.tqe_prev; ; } *((struct in_multi_dbg *)inm)->
inm_trash_link.tqe_prev = ((((struct in_multi_dbg *)inm))->
inm_trash_link.tqe_next); ; ; ; } while (0)

3355

inm_trash_link)do { if ((((((struct in_multi_dbg *)inm))->inm_trash_link.
tqe_next)) != ((void *)0)) ((((struct in_multi_dbg *)inm))->
inm_trash_link.tqe_next)->inm_trash_link.tqe_prev = ((struct
in_multi_dbg *)inm)->inm_trash_link.tqe_prev; else { (&
inm_trash_head)->tqh_last = ((struct in_multi_dbg *)inm)->
inm_trash_link.tqe_prev; ; } *((struct in_multi_dbg *)inm)->
inm_trash_link.tqe_prev = ((((struct in_multi_dbg *)inm))->
inm_trash_link.tqe_next); ; ; ; } while (0);

3356

lck_mtx_unlock(&inm_trash_lock);

3357

inm->inm_debug &= ~IFD_TRASHED0x10;

3358

}

3359

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

3360

3361

lck_mtx_destroy(&inm->inm_lock, in_multihead_lock_grp);

3362

zfree(inm_zone, inm);

3363

}

3364

3365

static void

3366

in_multi_attach(struct in_multi *inm)

3367

{

3368

in_multihead_lock_assert(LCK_RW_ASSERT_EXCLUSIVE0x02);

3369

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

3370

3371

if (inm->inm_debug & IFD_ATTACHED0x1) {

3372

panic("%s: Attempt to attach an already attached inm=%p",(panic)("\"%s: Attempt to attach an already attached inm=%p\""
"@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c" ":"
"3373", __func__, inm)

3373

__func__, inm)(panic)("\"%s: Attempt to attach an already attached inm=%p\""
"@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c" ":"
"3373", __func__, inm);

3374

/* NOTREACHED */

3375

} else if (inm->inm_debug & IFD_TRASHED0x10) {

3376

panic("%s: Attempt to reattach a detached inm=%p",(panic)("\"%s: Attempt to reattach a detached inm=%p\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3377", __func__, inm)

3377

__func__, inm)(panic)("\"%s: Attempt to reattach a detached inm=%p\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3377", __func__, inm);

3378

/* NOTREACHED */

3379

}

3380

3381

inm->inm_reqcnt++;

3382

VERIFY(inm->inm_reqcnt == 1)((void)(__builtin_expect(!!((long)((inm->inm_reqcnt == 1))
), 1L) || assfail("inm->inm_reqcnt == 1", "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
, 3382)));

3383

INM_ADDREF_LOCKED(inm)inm_addref(inm, 1);

3384

inm->inm_debug |= IFD_ATTACHED0x1;

3385

3386

* Reattach case: If debugging is enabled, take it

3387

* out of the trash list and clear IFD_TRASHED.

3388

3389

if ((inm->inm_debug & (IFD_DEBUG0x4 | IFD_TRASHED0x10)) ==

3390

(IFD_DEBUG0x4 | IFD_TRASHED0x10)) {

3391

/* Become a regular mutex, just in case */

3392

INM_CONVERT_LOCK(inm)do { lck_mtx_assert(&(inm)->inm_lock, 1); lck_mtx_convert_spin
(&(inm)->inm_lock); } while (0);

3393

lck_mtx_lock(&inm_trash_lock);

3394

3395

3396

lck_mtx_unlock(&inm_trash_lock);

3397

inm->inm_debug &= ~IFD_TRASHED0x10;

3398

}

3399

3400

LIST_INSERT_HEAD(&in_multihead, inm, inm_link)do { ; if (((((inm))->inm_link.le_next) = (((&in_multihead
))->lh_first)) != ((void *)0)) (((&in_multihead))->
lh_first)->inm_link.le_prev = &(((inm))->inm_link.le_next
); (((&in_multihead))->lh_first) = (inm); (inm)->inm_link
.le_prev = &(((&in_multihead))->lh_first); } while
(0);

3401

}

3402

3403

int

3404

in_multi_detach(struct in_multi *inm)

3405

{

3406

in_multihead_lock_assert(LCK_RW_ASSERT_EXCLUSIVE0x02);

3407

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

3408

3409

if (inm->inm_reqcnt == 0) {

3410

panic("%s: inm=%p negative reqcnt", __func__, inm)(panic)("\"%s: inm=%p negative reqcnt\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3410", __func__, inm);

3411

/* NOTREACHED */

3412

}

3413

3414

--inm->inm_reqcnt;

3415

if (inm->inm_reqcnt > 0)

3416

return (0);

3417

3418

if (!(inm->inm_debug & IFD_ATTACHED0x1)) {

3419

panic("%s: Attempt to detach an unattached record inm=%p",(panic)("\"%s: Attempt to detach an unattached record inm=%p\""
"@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c" ":"
"3420", __func__, inm)

3420

__func__, inm)(panic)("\"%s: Attempt to detach an unattached record inm=%p\""
"@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c" ":"
"3420", __func__, inm);

3421

/* NOTREACHED */

3422

} else if (inm->inm_debug & IFD_TRASHED0x10) {

3423

panic("%s: inm %p is already in trash list", __func__, inm)(panic)("\"%s: inm %p is already in trash list\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3423", __func__, inm);

3424

/* NOTREACHED */

3425

}

3426

3427

3428

* NOTE: Caller calls IFMA_REMREF

3429

3430

inm->inm_debug &= ~IFD_ATTACHED0x1;

3431

LIST_REMOVE(inm, inm_link)do { ; ; if ((((inm))->inm_link.le_next) != ((void *)0)) (
((inm))->inm_link.le_next)->inm_link.le_prev = (inm)->
inm_link.le_prev; *(inm)->inm_link.le_prev = (((inm))->
inm_link.le_next); ; ; } while (0);

3432

3433

if (inm->inm_debug & IFD_DEBUG0x4) {

3434

/* Become a regular mutex, just in case */

3435

INM_CONVERT_LOCK(inm)do { lck_mtx_assert(&(inm)->inm_lock, 1); lck_mtx_convert_spin
(&(inm)->inm_lock); } while (0);

3436

lck_mtx_lock(&inm_trash_lock);

3437

TAILQ_INSERT_TAIL(&inm_trash_head,do { ((((struct in_multi_dbg *)inm))->inm_trash_link.tqe_next
) = ((void *)0); ((struct in_multi_dbg *)inm)->inm_trash_link
.tqe_prev = (&inm_trash_head)->tqh_last; *(&inm_trash_head
)->tqh_last = ((struct in_multi_dbg *)inm); (&inm_trash_head
)->tqh_last = &((((struct in_multi_dbg *)inm))->inm_trash_link
.tqe_next); ; ; } while (0)

3438

(struct in_multi_dbg *)inm, inm_trash_link)do { ((((struct in_multi_dbg *)inm))->inm_trash_link.tqe_next
) = ((void *)0); ((struct in_multi_dbg *)inm)->inm_trash_link
.tqe_prev = (&inm_trash_head)->tqh_last; *(&inm_trash_head
)->tqh_last = ((struct in_multi_dbg *)inm); (&inm_trash_head
)->tqh_last = &((((struct in_multi_dbg *)inm))->inm_trash_link
.tqe_next); ; ; } while (0);

3439

lck_mtx_unlock(&inm_trash_lock);

3440

inm->inm_debug |= IFD_TRASHED0x10;

3441

}

3442

3443

return (1);

3444

}

3445

3446

void

3447

inm_addref(struct in_multi *inm, int locked)

3448

{

3449

if (!locked)

3450

INM_LOCK_SPIN(inm)lck_mtx_lock_spin(&(inm)->inm_lock);

3451

else

3452

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

3453

3454

if (++inm->inm_refcount == 0) {

3455

panic("%s: inm=%p wraparound refcnt", __func__, inm)(panic)("\"%s: inm=%p wraparound refcnt\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3455", __func__, inm);

3456

/* NOTREACHED */

3457

} else if (inm->inm_trace != NULL((void *)0)) {

3458

(*inm->inm_trace)(inm, TRUE1);

3459

}

3460

if (!locked)

3461

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

3462

}

3463

3464

void

3465

inm_remref(struct in_multi *inm, int locked)

3466

{

3467

struct ifmultiaddr *ifma;

3468

struct igmp_ifinfo *igi;

3469

3470

if (!locked)

3471

INM_LOCK_SPIN(inm)lck_mtx_lock_spin(&(inm)->inm_lock);

3472

else

3473

INM_LOCK_ASSERT_HELD(inm)lck_mtx_assert(&(inm)->inm_lock, 1);

3474

3475

if (inm->inm_refcount == 0 || (inm->inm_refcount == 1 && locked)) {

3476

panic("%s: inm=%p negative/missing refcnt", __func__, inm)(panic)("\"%s: inm=%p negative/missing refcnt\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3476", __func__, inm);

3477

/* NOTREACHED */

3478

} else if (inm->inm_trace != NULL((void *)0)) {

3479

(*inm->inm_trace)(inm, FALSE0);

3480

}

3481

3482

--inm->inm_refcount;

3483

if (inm->inm_refcount > 0) {

3484

if (!locked)

3485

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

3486

return;

3487

}

3488

3489

3490

* Synchronization with in_getmulti(). In the event the inm has been

3491

* detached, the underlying ifma would still be in the if_multiaddrs

3492

* list, and thus can be looked up via if_addmulti(). At that point,

3493

* the only way to find this inm is via ifma_protospec. To avoid

3494

* race conditions between the last inm_remref() of that inm and its

3495

* use via ifma_protospec, in_multihead lock is used for serialization.

3496

* In order to avoid violating the lock order, we must drop inm_lock

3497

* before acquiring in_multihead lock. To prevent the inm from being

3498

* freed prematurely, we hold an extra reference.

3499

3500

++inm->inm_refcount;

3501

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

3502

in_multihead_lock_shared();

3503

INM_LOCK_SPIN(inm)lck_mtx_lock_spin(&(inm)->inm_lock);

3504

--inm->inm_refcount;

3505

if (inm->inm_refcount > 0) {

3506

/* We've lost the race, so abort since inm is still in use */

3507

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

3508

in_multihead_lock_done();

3509

/* If it was locked, return it as such */

3510

if (locked)

3511

INM_LOCK(inm)lck_mtx_lock(&(inm)->inm_lock);

3512

return;

3513

}

3514

inm_purge(inm);

3515

ifma = inm->inm_ifma;

3516

inm->inm_ifma = NULL((void *)0);

3517

inm->inm_ifp = NULL((void *)0);

3518

igi = inm->inm_igi;

3519

inm->inm_igi = NULL((void *)0);

3520

INM_UNLOCK(inm)lck_mtx_unlock(&(inm)->inm_lock);

3521

IFMA_LOCK_SPIN(ifma)lck_mtx_lock_spin(&(ifma)->ifma_lock);

3522

ifma->ifma_protospec = NULL((void *)0);

3523

IFMA_UNLOCK(ifma)lck_mtx_unlock(&(ifma)->ifma_lock);

3524

in_multihead_lock_done();

3525

3526

in_multi_free(inm);

3527

if_delmulti_ifma(ifma);

3528

/* Release reference held to the underlying ifmultiaddr */

3529

IFMA_REMREF(ifma)ifma_remref(ifma);

3530

3531

if (igi != NULL((void *)0))

3532

IGI_REMREF(igi)igi_remref(igi);

3533

}

3534

3535

static void

3536

inm_trace(struct in_multi *inm, int refhold)

3537

{

3538

struct in_multi_dbg *inm_dbg = (struct in_multi_dbg *)inm;

3539

ctrace_t *tr;

3540

u_int32_t idx;

3541

u_int16_t *cnt;

3542

3543

if (!(inm->inm_debug & IFD_DEBUG0x4)) {

3544

panic("%s: inm %p has no debug structure", __func__, inm)(panic)("\"%s: inm %p has no debug structure\"" "@" "/Users/vlad/tmp/xnu-3789.41.3/bsd/netinet/in_mcast.c"
":" "3544", __func__, inm);

3545

/* NOTREACHED */

3546

}

3547

if (refhold) {

3548

cnt = &inm_dbg->inm_refhold_cnt;

3549

tr = inm_dbg->inm_refhold;

3550

} else {

3551

cnt = &inm_dbg->inm_refrele_cnt;

3552

tr = inm_dbg->inm_refrele;

3553

}

3554

3555

idx = atomic_add_16_ov(cnt, 1)((u_int16_t) OSAddAtomic16(1, (volatile SInt16 *)cnt)) % INM_TRACE_HIST_SIZE32;

3556

ctrace_record(&tr[idx]);

3557

}

3558

3559

void

3560

in_multihead_lock_exclusive(void)

3561

{

3562

lck_rw_lock_exclusive(&in_multihead_lock);

3563

}

3564

3565

void

3566

in_multihead_lock_shared(void)

3567

{

3568

lck_rw_lock_shared(&in_multihead_lock);

3569

}

3570

3571

void

3572

in_multihead_lock_assert(int what)

3573

{

3574

lck_rw_assert(&in_multihead_lock, what);

3575

}

3576

3577

void

3578

in_multihead_lock_done(void)

3579

{

3580

lck_rw_done(&in_multihead_lock);

3581

}

3582

3583

static struct ip_msource *

3584

ipms_alloc(int how)

3585

{

3586

struct ip_msource *ims;

3587

3588

ims = (how == M_WAITOK0x0000) ? zalloc(ipms_zone) : zalloc_noblock(ipms_zone);

3589

if (ims != NULL((void *)0))

3590

bzero(ims, ipms_size);

3591

3592

return (ims);

3593

}

3594

3595

static void

3596

ipms_free(struct ip_msource *ims)

3597

{

3598

zfree(ipms_zone, ims);

3599

}

3600

3601

static struct in_msource *

3602

inms_alloc(int how)

3603

{

3604

struct in_msource *inms;

3605

3606

inms = (how == M_WAITOK0x0000) ? zalloc(inms_zone) :

3607

zalloc_noblock(inms_zone);

3608

if (inms != NULL((void *)0))

3609

bzero(inms, inms_size);

3610

3611

return (inms);

3612

}

3613

3614

static void

3615

inms_free(struct in_msource *inms)

3616

{

3617

zfree(inms_zone, inms);

3618

}

3619

3620

#ifdef IGMP_DEBUG1

3621

3622

static const char *inm_modestrs[] = { "un\n", "in", "ex" };

3623

3624

static const char *

3625

inm_mode_str(const int mode)

3626

{

3627

if (mode >= MCAST_UNDEFINED0 && mode <= MCAST_EXCLUDE2)

3628

return (inm_modestrs[mode]);

3629

return ("??");

3630

}

3631

3632

static const char *inm_statestrs[] = {

3633

"not-member\n",

3634

"silent\n",

3635

"reporting\n",

3636

"idle\n",

3637

"lazy\n",

3638

"sleeping\n",

3639

"awakening\n",

3640

"query-pending\n",

3641

"sg-query-pending\n",

3642

"leaving"

3643

};

3644

3645

static const char *

3646

inm_state_str(const int state)

3647

{

3648

if (state >= IGMP_NOT_MEMBER0 && state <= IGMP_LEAVING_MEMBER9)

3649

return (inm_statestrs[state]);

3650

return ("??");

3651

}

3652

3653

3654

* Dump an in_multi structure to the console.

3655

3656

void

3657

inm_print(const struct in_multi *inm)

3658

{

3659

int t;

3660

char buf[MAX_IPv4_STR_LEN16];

3661

3662

INM_LOCK_ASSERT_HELD(__DECONST(struct in_multi *, inm))lck_mtx_assert(&((struct in_multi *) (long)(inm))->inm_lock
, 1);

3663

3664

if (igmp_debug == 0)

3665

return;

3666

3667

inet_ntop(AF_INET2, &inm->inm_addr, buf, sizeof(buf));

3668

printf("%s: --- begin inm 0x%llx ---\n", __func__,

3669

(uint64_t)VM_KERNEL_ADDRPERM(inm)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t)
(inm) + vm_kernel_addrperm));

3670

printf("addr %s ifp 0x%llx(%s) ifma 0x%llx\n",

3671

buf,

3672

(uint64_t)VM_KERNEL_ADDRPERM(inm->inm_ifp)(((vm_offset_t)(inm->inm_ifp) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(inm->inm_ifp) + vm_kernel_addrperm),

3673

if_name(inm->inm_ifp)inm->inm_ifp->if_xname,

3674

(uint64_t)VM_KERNEL_ADDRPERM(inm->inm_ifma)(((vm_offset_t)(inm->inm_ifma) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(inm->inm_ifma) + vm_kernel_addrperm));

3675

printf("timer %u state %s refcount %u scq.len %u\n",

3676

inm->inm_timer,

3677

inm_state_str(inm->inm_state),

3678

inm->inm_refcount,

3679

inm->inm_scq.ifq_len);

3680

printf("igi 0x%llx nsrc %lu sctimer %u scrv %u\n",

3681

(uint64_t)VM_KERNEL_ADDRPERM(inm->inm_igi)(((vm_offset_t)(inm->inm_igi) == 0) ? (vm_offset_t)(0) : (
vm_offset_t)(inm->inm_igi) + vm_kernel_addrperm),

3682

inm->inm_nsrc,

3683

inm->inm_sctimer,

3684

inm->inm_scrv);

3685

for (t = 0; t < 2; t++) {

3686

printf("t%d: fmode %s asm %u ex %u in %u rec %u\n", t,

3687

inm_mode_str(inm->inm_st[t].iss_fmode),

3688

inm->inm_st[t].iss_asm,

3689

inm->inm_st[t].iss_ex,

3690

inm->inm_st[t].iss_in,

3691

inm->inm_st[t].iss_rec);

3692

}

3693

printf("%s: --- end inm 0x%llx ---\n", __func__,

3694

(uint64_t)VM_KERNEL_ADDRPERM(inm)(((vm_offset_t)(inm) == 0) ? (vm_offset_t)(0) : (vm_offset_t)
(inm) + vm_kernel_addrperm));

3695

}

3696

3697

#else

3698

3699

void

3700

inm_print(__unused__attribute__((unused)) const struct in_multi *inm)

3701

{

3702

3703

}

3704

3705

#endif