mld6.c revision 183550
1/*- 2 * Copyright (C) 1998 WIDE Project. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the project nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * $KAME: mld6.c,v 1.27 2001/04/04 05:17:30 itojun Exp $ 30 */ 31 32/*- 33 * Copyright (c) 1988 Stephen Deering. 34 * Copyright (c) 1992, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * This code is derived from software contributed to Berkeley by 38 * Stephen Deering of Stanford University. 39 * 40 * Redistribution and use in source and binary forms, with or without 41 * modification, are permitted provided that the following conditions 42 * are met: 43 * 1. Redistributions of source code must retain the above copyright 44 * notice, this list of conditions and the following disclaimer. 45 * 2. Redistributions in binary form must reproduce the above copyright 46 * notice, this list of conditions and the following disclaimer in the 47 * documentation and/or other materials provided with the distribution. 48 * 4. Neither the name of the University nor the names of its contributors 49 * may be used to endorse or promote products derived from this software 50 * without specific prior written permission. 51 * 52 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 55 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 62 * SUCH DAMAGE. 63 * 64 * @(#)igmp.c 8.1 (Berkeley) 7/19/93 65 */ 66 67#include <sys/cdefs.h> 68__FBSDID("$FreeBSD: head/sys/netinet6/mld6.c 183550 2008-10-02 15:37:58Z zec $"); 69 70#include "opt_inet.h" 71#include "opt_inet6.h" 72 73#include <sys/param.h> 74#include <sys/systm.h> 75#include <sys/mbuf.h> 76#include <sys/socket.h> 77#include <sys/protosw.h> 78#include <sys/syslog.h> 79#include <sys/kernel.h> 80#include <sys/callout.h> 81#include <sys/malloc.h> 82#include <sys/vimage.h> 83 84#include <net/if.h> 85 86#include <netinet/in.h> 87#include <netinet/in_var.h> 88#include <netinet6/in6_var.h> 89#include <netinet/ip6.h> 90#include <netinet6/ip6_var.h> 91#include <netinet6/scope6_var.h> 92#include <netinet/icmp6.h> 93#include <netinet6/mld6_var.h> 94 95/* 96 * Protocol constants 97 */ 98 99/* denotes that the MLD max response delay field specifies time in milliseconds */ 100#define MLD_TIMER_SCALE 1000 101/* 102 * time between repetitions of a node's initial report of interest in a 103 * multicast address(in seconds) 104 */ 105#define MLD_UNSOLICITED_REPORT_INTERVAL 10 106 107static struct ip6_pktopts ip6_opts; 108 109static void mld6_sendpkt(struct in6_multi *, int, const struct in6_addr *); 110static void mld_starttimer(struct in6_multi *); 111static void mld_stoptimer(struct in6_multi *); 112static void mld_timeo(struct in6_multi *); 113static u_long mld_timerresid(struct in6_multi *); 114 115void 116mld6_init(void) 117{ 118 INIT_VNET_INET6(curvnet); 119 static u_int8_t hbh_buf[8]; 120 struct ip6_hbh *hbh = (struct ip6_hbh *)hbh_buf; 121 u_int16_t rtalert_code = htons((u_int16_t)IP6OPT_RTALERT_MLD); 122 123 /* ip6h_nxt will be fill in later */ 124 hbh->ip6h_len = 0; /* (8 >> 3) - 1 */ 125 126 /* XXX: grotty hard coding... */ 127 hbh_buf[2] = IP6OPT_PADN; /* 2 byte padding */ 128 hbh_buf[3] = 0; 129 hbh_buf[4] = IP6OPT_ROUTER_ALERT; 130 hbh_buf[5] = IP6OPT_RTALERT_LEN - 2; 131 bcopy((caddr_t)&rtalert_code, &hbh_buf[6], sizeof(u_int16_t)); 132 133 ip6_initpktopts(&V_ip6_opts); 134 V_ip6_opts.ip6po_hbh = hbh; 135} 136 137static void 138mld_starttimer(struct in6_multi *in6m) 139{ 140 struct timeval now; 141 142 microtime(&now); 143 in6m->in6m_timer_expire.tv_sec = now.tv_sec + in6m->in6m_timer / hz; 144 in6m->in6m_timer_expire.tv_usec = now.tv_usec + 145 (in6m->in6m_timer % hz) * (1000000 / hz); 146 if (in6m->in6m_timer_expire.tv_usec > 1000000) { 147 in6m->in6m_timer_expire.tv_sec++; 148 in6m->in6m_timer_expire.tv_usec -= 1000000; 149 } 150 151 /* start or restart the timer */ 152 callout_reset(in6m->in6m_timer_ch, in6m->in6m_timer, 153 (void (*)(void *))mld_timeo, in6m); 154} 155 156static void 157mld_stoptimer(struct in6_multi *in6m) 158{ 159 if (in6m->in6m_timer == IN6M_TIMER_UNDEF) 160 return; 161 162 callout_stop(in6m->in6m_timer_ch); 163 in6m->in6m_timer = IN6M_TIMER_UNDEF; 164} 165 166static void 167mld_timeo(struct in6_multi *in6m) 168{ 169 int s = splnet(); 170 171 in6m->in6m_timer = IN6M_TIMER_UNDEF; 172 173 callout_stop(in6m->in6m_timer_ch); 174 175 switch (in6m->in6m_state) { 176 case MLD_REPORTPENDING: 177 mld6_start_listening(in6m); 178 break; 179 default: 180 mld6_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); 181 break; 182 } 183 184 splx(s); 185} 186 187static u_long 188mld_timerresid(struct in6_multi *in6m) 189{ 190 struct timeval now, diff; 191 192 microtime(&now); 193 194 if (now.tv_sec > in6m->in6m_timer_expire.tv_sec || 195 (now.tv_sec == in6m->in6m_timer_expire.tv_sec && 196 now.tv_usec > in6m->in6m_timer_expire.tv_usec)) { 197 return (0); 198 } 199 diff = in6m->in6m_timer_expire; 200 diff.tv_sec -= now.tv_sec; 201 diff.tv_usec -= now.tv_usec; 202 if (diff.tv_usec < 0) { 203 diff.tv_sec--; 204 diff.tv_usec += 1000000; 205 } 206 207 /* return the remaining time in milliseconds */ 208 return (diff.tv_sec * 1000 + diff.tv_usec / 1000); 209} 210 211void 212mld6_start_listening(struct in6_multi *in6m) 213{ 214 struct in6_addr all_in6; 215 int s = splnet(); 216 217 /* 218 * RFC2710 page 10: 219 * The node never sends a Report or Done for the link-scope all-nodes 220 * address. 221 * MLD messages are never sent for multicast addresses whose scope is 0 222 * (reserved) or 1 (node-local). 223 */ 224 all_in6 = in6addr_linklocal_allnodes; 225 if (in6_setscope(&all_in6, in6m->in6m_ifp, NULL)) { 226 /* XXX: this should not happen! */ 227 in6m->in6m_timer = 0; 228 in6m->in6m_state = MLD_OTHERLISTENER; 229 } 230 if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &all_in6) || 231 IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) < 232 IPV6_ADDR_SCOPE_LINKLOCAL) { 233 in6m->in6m_timer = 0; 234 in6m->in6m_state = MLD_OTHERLISTENER; 235 } else { 236 mld6_sendpkt(in6m, MLD_LISTENER_REPORT, NULL); 237 in6m->in6m_timer = arc4random() % 238 MLD_UNSOLICITED_REPORT_INTERVAL * hz; 239 in6m->in6m_state = MLD_IREPORTEDLAST; 240 241 mld_starttimer(in6m); 242 } 243 splx(s); 244} 245 246void 247mld6_stop_listening(struct in6_multi *in6m) 248{ 249 struct in6_addr allnode, allrouter; 250 251 allnode = in6addr_linklocal_allnodes; 252 if (in6_setscope(&allnode, in6m->in6m_ifp, NULL)) { 253 /* XXX: this should not happen! */ 254 return; 255 } 256 allrouter = in6addr_linklocal_allrouters; 257 if (in6_setscope(&allrouter, in6m->in6m_ifp, NULL)) { 258 /* XXX impossible */ 259 return; 260 } 261 if (in6m->in6m_state == MLD_IREPORTEDLAST && 262 !IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &allnode) && 263 IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) > 264 IPV6_ADDR_SCOPE_INTFACELOCAL) { 265 mld6_sendpkt(in6m, MLD_LISTENER_DONE, &allrouter); 266 } 267} 268 269void 270mld6_input(struct mbuf *m, int off) 271{ 272 INIT_VNET_INET6(curvnet); 273 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 274 struct mld_hdr *mldh; 275 struct ifnet *ifp = m->m_pkthdr.rcvif; 276 struct in6_multi *in6m; 277 struct in6_addr mld_addr, all_in6; 278 struct in6_ifaddr *ia; 279 struct ifmultiaddr *ifma; 280 u_long timer; /* timer value in the MLD query header */ 281 282#ifndef PULLDOWN_TEST 283 IP6_EXTHDR_CHECK(m, off, sizeof(*mldh),); 284 mldh = (struct mld_hdr *)(mtod(m, caddr_t) + off); 285#else 286 IP6_EXTHDR_GET(mldh, struct mld_hdr *, m, off, sizeof(*mldh)); 287 if (mldh == NULL) { 288 V_icmp6stat.icp6s_tooshort++; 289 return; 290 } 291#endif 292 293 /* source address validation */ 294 ip6 = mtod(m, struct ip6_hdr *); /* in case mpullup */ 295 if (!IN6_IS_ADDR_LINKLOCAL(&ip6->ip6_src)) { 296 char ip6bufs[INET6_ADDRSTRLEN], ip6bufg[INET6_ADDRSTRLEN]; 297 log(LOG_ERR, 298 "mld6_input: src %s is not link-local (grp=%s)\n", 299 ip6_sprintf(ip6bufs, &ip6->ip6_src), 300 ip6_sprintf(ip6bufg, &mldh->mld_addr)); 301 /* 302 * spec (RFC2710) does not explicitly 303 * specify to discard the packet from a non link-local 304 * source address. But we believe it's expected to do so. 305 * XXX: do we have to allow :: as source? 306 */ 307 m_freem(m); 308 return; 309 } 310 311 /* 312 * make a copy for local work (in6_setscope() may modify the 1st arg) 313 */ 314 mld_addr = mldh->mld_addr; 315 if (in6_setscope(&mld_addr, ifp, NULL)) { 316 /* XXX: this should not happen! */ 317 m_free(m); 318 return; 319 } 320 321 /* 322 * In the MLD6 specification, there are 3 states and a flag. 323 * 324 * In Non-Listener state, we simply don't have a membership record. 325 * In Delaying Listener state, our timer is running (in6m->in6m_timer) 326 * In Idle Listener state, our timer is not running 327 * (in6m->in6m_timer==IN6M_TIMER_UNDEF) 328 * 329 * The flag is in6m->in6m_state, it is set to MLD_OTHERLISTENER if 330 * we have heard a report from another member, or MLD_IREPORTEDLAST 331 * if we sent the last report. 332 */ 333 switch(mldh->mld_type) { 334 case MLD_LISTENER_QUERY: 335 if (ifp->if_flags & IFF_LOOPBACK) 336 break; 337 338 if (!IN6_IS_ADDR_UNSPECIFIED(&mld_addr) && 339 !IN6_IS_ADDR_MULTICAST(&mld_addr)) 340 break; /* print error or log stat? */ 341 342 all_in6 = in6addr_linklocal_allnodes; 343 if (in6_setscope(&all_in6, ifp, NULL)) { 344 /* XXX: this should not happen! */ 345 break; 346 } 347 348 /* 349 * - Start the timers in all of our membership records 350 * that the query applies to for the interface on 351 * which the query arrived excl. those that belong 352 * to the "all-nodes" group (ff02::1). 353 * - Restart any timer that is already running but has 354 * A value longer than the requested timeout. 355 * - Use the value specified in the query message as 356 * the maximum timeout. 357 */ 358 timer = ntohs(mldh->mld_maxdelay); 359 360 IFP_TO_IA6(ifp, ia); 361 if (ia == NULL) 362 break; 363 364 /* 365 * XXX: System timer resolution is too low to handle Max 366 * Response Delay, so set 1 to the internal timer even if 367 * the calculated value equals to zero when Max Response 368 * Delay is positive. 369 */ 370 timer = ntohs(mldh->mld_maxdelay) * PR_FASTHZ / MLD_TIMER_SCALE; 371 if (timer == 0 && mldh->mld_maxdelay) 372 timer = 1; 373 374 IF_ADDR_LOCK(ifp); 375 TAILQ_FOREACH(ifma, &ifp->if_multiaddrs, ifma_link) { 376 if (ifma->ifma_addr->sa_family != AF_INET6) 377 continue; 378 in6m = (struct in6_multi *)ifma->ifma_protospec; 379 380 if (IN6_ARE_ADDR_EQUAL(&in6m->in6m_addr, &all_in6) || 381 IPV6_ADDR_MC_SCOPE(&in6m->in6m_addr) < 382 IPV6_ADDR_SCOPE_LINKLOCAL) 383 continue; 384 385 if (IN6_IS_ADDR_UNSPECIFIED(&mld_addr) || 386 IN6_ARE_ADDR_EQUAL(&mld_addr, &in6m->in6m_addr)) { 387 if (timer == 0) { 388 /* send a report immediately */ 389 mld_stoptimer(in6m); 390 mld6_sendpkt(in6m, MLD_LISTENER_REPORT, 391 NULL); 392 in6m->in6m_timer = 0; /* reset timer */ 393 in6m->in6m_state = MLD_IREPORTEDLAST; 394 } 395 else if (in6m->in6m_timer == IN6M_TIMER_UNDEF || 396 mld_timerresid(in6m) > timer) { 397 in6m->in6m_timer = 398 1 + (arc4random() % timer) * hz / 1000; 399 mld_starttimer(in6m); 400 } 401 } 402 } 403 IF_ADDR_UNLOCK(ifp); 404 break; 405 406 case MLD_LISTENER_REPORT: 407 /* 408 * For fast leave to work, we have to know that we are the 409 * last person to send a report for this group. Reports 410 * can potentially get looped back if we are a multicast 411 * router, so discard reports sourced by me. 412 * Note that it is impossible to check IFF_LOOPBACK flag of 413 * ifp for this purpose, since ip6_mloopback pass the physical 414 * interface to looutput. 415 */ 416 if (m->m_flags & M_LOOP) /* XXX: grotty flag, but efficient */ 417 break; 418 419 if (!IN6_IS_ADDR_MULTICAST(&mld_addr)) 420 break; 421 422 /* 423 * If we belong to the group being reported, stop 424 * our timer for that group. 425 */ 426 IN6_LOOKUP_MULTI(mld_addr, ifp, in6m); 427 if (in6m) { 428 in6m->in6m_timer = 0; /* transit to idle state */ 429 in6m->in6m_state = MLD_OTHERLISTENER; /* clear flag */ 430 } 431 break; 432 default: /* this is impossible */ 433 log(LOG_ERR, "mld6_input: illegal type(%d)", mldh->mld_type); 434 break; 435 } 436 437 m_freem(m); 438} 439 440static void 441mld6_sendpkt(struct in6_multi *in6m, int type, const struct in6_addr *dst) 442{ 443 INIT_VNET_INET6(curvnet); 444 struct mbuf *mh, *md; 445 struct mld_hdr *mldh; 446 struct ip6_hdr *ip6; 447 struct ip6_moptions im6o; 448 struct in6_ifaddr *ia; 449 struct ifnet *ifp = in6m->in6m_ifp; 450 struct ifnet *outif = NULL; 451 452 /* 453 * At first, find a link local address on the outgoing interface 454 * to use as the source address of the MLD packet. 455 */ 456 if ((ia = in6ifa_ifpforlinklocal(ifp, IN6_IFF_NOTREADY|IN6_IFF_ANYCAST)) 457 == NULL) 458 return; 459 460 /* 461 * Allocate mbufs to store ip6 header and MLD header. 462 * We allocate 2 mbufs and make chain in advance because 463 * it is more convenient when inserting the hop-by-hop option later. 464 */ 465 MGETHDR(mh, M_DONTWAIT, MT_HEADER); 466 if (mh == NULL) 467 return; 468 MGET(md, M_DONTWAIT, MT_DATA); 469 if (md == NULL) { 470 m_free(mh); 471 return; 472 } 473 mh->m_next = md; 474 475 mh->m_pkthdr.rcvif = NULL; 476 mh->m_pkthdr.len = sizeof(struct ip6_hdr) + sizeof(struct mld_hdr); 477 mh->m_len = sizeof(struct ip6_hdr); 478 MH_ALIGN(mh, sizeof(struct ip6_hdr)); 479 480 /* fill in the ip6 header */ 481 ip6 = mtod(mh, struct ip6_hdr *); 482 ip6->ip6_flow = 0; 483 ip6->ip6_vfc &= ~IPV6_VERSION_MASK; 484 ip6->ip6_vfc |= IPV6_VERSION; 485 /* ip6_plen will be set later */ 486 ip6->ip6_nxt = IPPROTO_ICMPV6; 487 /* ip6_hlim will be set by im6o.im6o_multicast_hlim */ 488 ip6->ip6_src = ia->ia_addr.sin6_addr; 489 ip6->ip6_dst = dst ? *dst : in6m->in6m_addr; 490 491 /* fill in the MLD header */ 492 md->m_len = sizeof(struct mld_hdr); 493 mldh = mtod(md, struct mld_hdr *); 494 mldh->mld_type = type; 495 mldh->mld_code = 0; 496 mldh->mld_cksum = 0; 497 /* XXX: we assume the function will not be called for query messages */ 498 mldh->mld_maxdelay = 0; 499 mldh->mld_reserved = 0; 500 mldh->mld_addr = in6m->in6m_addr; 501 in6_clearscope(&mldh->mld_addr); /* XXX */ 502 mldh->mld_cksum = in6_cksum(mh, IPPROTO_ICMPV6, sizeof(struct ip6_hdr), 503 sizeof(struct mld_hdr)); 504 505 /* construct multicast option */ 506 bzero(&im6o, sizeof(im6o)); 507 im6o.im6o_multicast_ifp = ifp; 508 im6o.im6o_multicast_hlim = 1; 509 510 /* 511 * Request loopback of the report if we are acting as a multicast 512 * router, so that the process-level routing daemon can hear it. 513 */ 514 im6o.im6o_multicast_loop = (ip6_mrouter != NULL); 515 516 /* increment output statictics */ 517 V_icmp6stat.icp6s_outhist[type]++; 518 519 ip6_output(mh, &V_ip6_opts, NULL, 0, &im6o, &outif, NULL); 520 if (outif) { 521 icmp6_ifstat_inc(outif, ifs6_out_msg); 522 switch (type) { 523 case MLD_LISTENER_QUERY: 524 icmp6_ifstat_inc(outif, ifs6_out_mldquery); 525 break; 526 case MLD_LISTENER_REPORT: 527 icmp6_ifstat_inc(outif, ifs6_out_mldreport); 528 break; 529 case MLD_LISTENER_DONE: 530 icmp6_ifstat_inc(outif, ifs6_out_mlddone); 531 break; 532 } 533 } 534} 535 536/* 537 * Add an address to the list of IP6 multicast addresses for a given interface. 538 * Add source addresses to the list also, if upstream router is MLDv2 capable 539 * and the number of source is not 0. 540 */ 541struct in6_multi * 542in6_addmulti(struct in6_addr *maddr6, struct ifnet *ifp, 543 int *errorp, int delay) 544{ 545 struct in6_multi *in6m; 546 547 *errorp = 0; 548 in6m = NULL; 549 550 IFF_LOCKGIANT(ifp); 551 /*IN6_MULTI_LOCK();*/ 552 553 IN6_LOOKUP_MULTI(*maddr6, ifp, in6m); 554 if (in6m != NULL) { 555 /* 556 * If we already joined this group, just bump the 557 * refcount and return it. 558 */ 559 KASSERT(in6m->in6m_refcount >= 1, 560 ("%s: bad refcount %d", __func__, in6m->in6m_refcount)); 561 ++in6m->in6m_refcount; 562 } else do { 563 struct in6_multi *nin6m; 564 struct ifmultiaddr *ifma; 565 struct sockaddr_in6 sa6; 566 567 bzero(&sa6, sizeof(sa6)); 568 sa6.sin6_family = AF_INET6; 569 sa6.sin6_len = sizeof(struct sockaddr_in6); 570 sa6.sin6_addr = *maddr6; 571 572 *errorp = if_addmulti(ifp, (struct sockaddr *)&sa6, &ifma); 573 if (*errorp) 574 break; 575 576 /* 577 * If ifma->ifma_protospec is null, then if_addmulti() created 578 * a new record. Otherwise, bump refcount, and we are done. 579 */ 580 if (ifma->ifma_protospec != NULL) { 581 in6m = ifma->ifma_protospec; 582 ++in6m->in6m_refcount; 583 break; 584 } 585 586 nin6m = malloc(sizeof(*nin6m), M_IP6MADDR, M_NOWAIT | M_ZERO); 587 if (nin6m == NULL) { 588 if_delmulti_ifma(ifma); 589 break; 590 } 591 592 nin6m->in6m_addr = *maddr6; 593 nin6m->in6m_ifp = ifp; 594 nin6m->in6m_refcount = 1; 595 nin6m->in6m_ifma = ifma; 596 ifma->ifma_protospec = nin6m; 597 598 nin6m->in6m_timer_ch = malloc(sizeof(*nin6m->in6m_timer_ch), 599 M_IP6MADDR, M_NOWAIT); 600 if (nin6m->in6m_timer_ch == NULL) { 601 free(nin6m, M_IP6MADDR); 602 if_delmulti_ifma(ifma); 603 break; 604 } 605 606 LIST_INSERT_HEAD(&in6_multihead, nin6m, in6m_entry); 607 608 callout_init(nin6m->in6m_timer_ch, 0); 609 nin6m->in6m_timer = delay; 610 if (nin6m->in6m_timer > 0) { 611 nin6m->in6m_state = MLD_REPORTPENDING; 612 mld_starttimer(nin6m); 613 } 614 615 mld6_start_listening(nin6m); 616 617 in6m = nin6m; 618 619 } while (0); 620 621 /*IN6_MULTI_UNLOCK();*/ 622 IFF_UNLOCKGIANT(ifp); 623 624 return (in6m); 625} 626 627/* 628 * Delete a multicast address record. 629 * 630 * TODO: Locking, as per netinet. 631 */ 632void 633in6_delmulti(struct in6_multi *in6m) 634{ 635 struct ifmultiaddr *ifma; 636 637 KASSERT(in6m->in6m_refcount >= 1, ("%s: freeing freed in6m", __func__)); 638 639 if (--in6m->in6m_refcount == 0) { 640 mld_stoptimer(in6m); 641 mld6_stop_listening(in6m); 642 643 ifma = in6m->in6m_ifma; 644 KASSERT(ifma->ifma_protospec == in6m, 645 ("%s: ifma_protospec != in6m", __func__)); 646 ifma->ifma_protospec = NULL; 647 648 LIST_REMOVE(in6m, in6m_entry); 649 free(in6m->in6m_timer_ch, M_IP6MADDR); 650 free(in6m, M_IP6MADDR); 651 652 if_delmulti_ifma(ifma); 653 } 654} 655