1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Forwarding database 4 * Linux ethernet bridge 5 * 6 * Authors: 7 * Lennert Buytenhek <buytenh@gnu.org> 8 */ 9 10 #include <linux/kernel.h> 11 #include <linux/init.h> 12 #include <linux/rculist.h> 13 #include <linux/spinlock.h> 14 #include <linux/times.h> 15 #include <linux/netdevice.h> 16 #include <linux/etherdevice.h> 17 #include <linux/jhash.h> 18 #include <linux/random.h> 19 #include <linux/slab.h> 20 #include <linux/atomic.h> 21 #include <asm/unaligned.h> 22 #include <linux/if_vlan.h> 23 #include <net/switchdev.h> 24 #include <trace/events/bridge.h> 25 #include "br_private.h" 26 27 static const struct rhashtable_params br_fdb_rht_params = { 28 .head_offset = offsetof(struct net_bridge_fdb_entry, rhnode), 29 .key_offset = offsetof(struct net_bridge_fdb_entry, key), 30 .key_len = sizeof(struct net_bridge_fdb_key), 31 .automatic_shrinking = true, 32 }; 33 34 static struct kmem_cache *br_fdb_cache __read_mostly; 35 36 int __init br_fdb_init(void) 37 { 38 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 39 sizeof(struct net_bridge_fdb_entry), 40 0, 41 SLAB_HWCACHE_ALIGN, NULL); 42 if (!br_fdb_cache) 43 return -ENOMEM; 44 45 return 0; 46 } 47 48 void br_fdb_fini(void) 49 { 50 kmem_cache_destroy(br_fdb_cache); 51 } 52 53 int br_fdb_hash_init(struct net_bridge *br) 54 { 55 return rhashtable_init(&br->fdb_hash_tbl, &br_fdb_rht_params); 56 } 57 58 void br_fdb_hash_fini(struct net_bridge *br) 59 { 60 rhashtable_destroy(&br->fdb_hash_tbl); 61 } 62 63 /* if topology_changing then use forward_delay (default 15 sec) 64 * otherwise keep longer (default 5 minutes) 65 */ 66 static inline unsigned long hold_time(const struct net_bridge *br) 67 { 68 return br->topology_change ? br->forward_delay : br->ageing_time; 69 } 70 71 static inline int has_expired(const struct net_bridge *br, 72 const struct net_bridge_fdb_entry *fdb) 73 { 74 return !test_bit(BR_FDB_STATIC, &fdb->flags) && 75 !test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags) && 76 time_before_eq(fdb->updated + hold_time(br), jiffies); 77 } 78 79 static void fdb_rcu_free(struct rcu_head *head) 80 { 81 struct net_bridge_fdb_entry *ent 82 = container_of(head, struct net_bridge_fdb_entry, rcu); 83 kmem_cache_free(br_fdb_cache, ent); 84 } 85 86 static int fdb_to_nud(const struct net_bridge *br, 87 const struct net_bridge_fdb_entry *fdb) 88 { 89 if (test_bit(BR_FDB_LOCAL, &fdb->flags)) 90 return NUD_PERMANENT; 91 else if (test_bit(BR_FDB_STATIC, &fdb->flags)) 92 return NUD_NOARP; 93 else if (has_expired(br, fdb)) 94 return NUD_STALE; 95 else 96 return NUD_REACHABLE; 97 } 98 99 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 100 const struct net_bridge_fdb_entry *fdb, 101 u32 portid, u32 seq, int type, unsigned int flags) 102 { 103 const struct net_bridge_port *dst = READ_ONCE(fdb->dst); 104 unsigned long now = jiffies; 105 struct nda_cacheinfo ci; 106 struct nlmsghdr *nlh; 107 struct ndmsg *ndm; 108 109 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 110 if (nlh == NULL) 111 return -EMSGSIZE; 112 113 ndm = nlmsg_data(nlh); 114 ndm->ndm_family = AF_BRIDGE; 115 ndm->ndm_pad1 = 0; 116 ndm->ndm_pad2 = 0; 117 ndm->ndm_flags = 0; 118 ndm->ndm_type = 0; 119 ndm->ndm_ifindex = dst ? dst->dev->ifindex : br->dev->ifindex; 120 ndm->ndm_state = fdb_to_nud(br, fdb); 121 122 if (test_bit(BR_FDB_OFFLOADED, &fdb->flags)) 123 ndm->ndm_flags |= NTF_OFFLOADED; 124 if (test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags)) 125 ndm->ndm_flags |= NTF_EXT_LEARNED; 126 if (test_bit(BR_FDB_STICKY, &fdb->flags)) 127 ndm->ndm_flags |= NTF_STICKY; 128 129 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->key.addr)) 130 goto nla_put_failure; 131 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 132 goto nla_put_failure; 133 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 134 ci.ndm_confirmed = 0; 135 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 136 ci.ndm_refcnt = 0; 137 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 138 goto nla_put_failure; 139 140 if (fdb->key.vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), 141 &fdb->key.vlan_id)) 142 goto nla_put_failure; 143 144 if (test_bit(BR_FDB_NOTIFY, &fdb->flags)) { 145 struct nlattr *nest = nla_nest_start(skb, NDA_FDB_EXT_ATTRS); 146 u8 notify_bits = FDB_NOTIFY_BIT; 147 148 if (!nest) 149 goto nla_put_failure; 150 if (test_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags)) 151 notify_bits |= FDB_NOTIFY_INACTIVE_BIT; 152 153 if (nla_put_u8(skb, NFEA_ACTIVITY_NOTIFY, notify_bits)) { 154 nla_nest_cancel(skb, nest); 155 goto nla_put_failure; 156 } 157 158 nla_nest_end(skb, nest); 159 } 160 161 nlmsg_end(skb, nlh); 162 return 0; 163 164 nla_put_failure: 165 nlmsg_cancel(skb, nlh); 166 return -EMSGSIZE; 167 } 168 169 static inline size_t fdb_nlmsg_size(void) 170 { 171 return NLMSG_ALIGN(sizeof(struct ndmsg)) 172 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 173 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 174 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 175 + nla_total_size(sizeof(struct nda_cacheinfo)) 176 + nla_total_size(0) /* NDA_FDB_EXT_ATTRS */ 177 + nla_total_size(sizeof(u8)); /* NFEA_ACTIVITY_NOTIFY */ 178 } 179 180 static void fdb_notify(struct net_bridge *br, 181 const struct net_bridge_fdb_entry *fdb, int type, 182 bool swdev_notify) 183 { 184 struct net *net = dev_net(br->dev); 185 struct sk_buff *skb; 186 int err = -ENOBUFS; 187 188 if (swdev_notify) 189 br_switchdev_fdb_notify(br, fdb, type); 190 191 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 192 if (skb == NULL) 193 goto errout; 194 195 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 196 if (err < 0) { 197 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 198 WARN_ON(err == -EMSGSIZE); 199 kfree_skb(skb); 200 goto errout; 201 } 202 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 203 return; 204 errout: 205 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 206 } 207 208 static struct net_bridge_fdb_entry *fdb_find_rcu(struct rhashtable *tbl, 209 const unsigned char *addr, 210 __u16 vid) 211 { 212 struct net_bridge_fdb_key key; 213 214 WARN_ON_ONCE(!rcu_read_lock_held()); 215 216 key.vlan_id = vid; 217 memcpy(key.addr.addr, addr, sizeof(key.addr.addr)); 218 219 return rhashtable_lookup(tbl, &key, br_fdb_rht_params); 220 } 221 222 /* requires bridge hash_lock */ 223 static struct net_bridge_fdb_entry *br_fdb_find(struct net_bridge *br, 224 const unsigned char *addr, 225 __u16 vid) 226 { 227 struct net_bridge_fdb_entry *fdb; 228 229 lockdep_assert_held_once(&br->hash_lock); 230 231 rcu_read_lock(); 232 fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); 233 rcu_read_unlock(); 234 235 return fdb; 236 } 237 238 struct net_device *br_fdb_find_port(const struct net_device *br_dev, 239 const unsigned char *addr, 240 __u16 vid) 241 { 242 struct net_bridge_fdb_entry *f; 243 struct net_device *dev = NULL; 244 struct net_bridge *br; 245 246 ASSERT_RTNL(); 247 248 if (!netif_is_bridge_master(br_dev)) 249 return NULL; 250 251 br = netdev_priv(br_dev); 252 rcu_read_lock(); 253 f = br_fdb_find_rcu(br, addr, vid); 254 if (f && f->dst) 255 dev = f->dst->dev; 256 rcu_read_unlock(); 257 258 return dev; 259 } 260 EXPORT_SYMBOL_GPL(br_fdb_find_port); 261 262 struct net_bridge_fdb_entry *br_fdb_find_rcu(struct net_bridge *br, 263 const unsigned char *addr, 264 __u16 vid) 265 { 266 return fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); 267 } 268 269 /* When a static FDB entry is added, the mac address from the entry is 270 * added to the bridge private HW address list and all required ports 271 * are then updated with the new information. 272 * Called under RTNL. 273 */ 274 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 275 { 276 int err; 277 struct net_bridge_port *p; 278 279 ASSERT_RTNL(); 280 281 list_for_each_entry(p, &br->port_list, list) { 282 if (!br_promisc_port(p)) { 283 err = dev_uc_add(p->dev, addr); 284 if (err) 285 goto undo; 286 } 287 } 288 289 return; 290 undo: 291 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 292 if (!br_promisc_port(p)) 293 dev_uc_del(p->dev, addr); 294 } 295 } 296 297 /* When a static FDB entry is deleted, the HW address from that entry is 298 * also removed from the bridge private HW address list and updates all 299 * the ports with needed information. 300 * Called under RTNL. 301 */ 302 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 303 { 304 struct net_bridge_port *p; 305 306 ASSERT_RTNL(); 307 308 list_for_each_entry(p, &br->port_list, list) { 309 if (!br_promisc_port(p)) 310 dev_uc_del(p->dev, addr); 311 } 312 } 313 314 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f, 315 bool swdev_notify) 316 { 317 trace_fdb_delete(br, f); 318 319 if (test_bit(BR_FDB_STATIC, &f->flags)) 320 fdb_del_hw_addr(br, f->key.addr.addr); 321 322 hlist_del_init_rcu(&f->fdb_node); 323 rhashtable_remove_fast(&br->fdb_hash_tbl, &f->rhnode, 324 br_fdb_rht_params); 325 fdb_notify(br, f, RTM_DELNEIGH, swdev_notify); 326 call_rcu(&f->rcu, fdb_rcu_free); 327 } 328 329 /* Delete a local entry if no other port had the same address. */ 330 static void fdb_delete_local(struct net_bridge *br, 331 const struct net_bridge_port *p, 332 struct net_bridge_fdb_entry *f) 333 { 334 const unsigned char *addr = f->key.addr.addr; 335 struct net_bridge_vlan_group *vg; 336 const struct net_bridge_vlan *v; 337 struct net_bridge_port *op; 338 u16 vid = f->key.vlan_id; 339 340 /* Maybe another port has same hw addr? */ 341 list_for_each_entry(op, &br->port_list, list) { 342 vg = nbp_vlan_group(op); 343 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 344 (!vid || br_vlan_find(vg, vid))) { 345 f->dst = op; 346 clear_bit(BR_FDB_ADDED_BY_USER, &f->flags); 347 return; 348 } 349 } 350 351 vg = br_vlan_group(br); 352 v = br_vlan_find(vg, vid); 353 /* Maybe bridge device has same hw addr? */ 354 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 355 (!vid || (v && br_vlan_should_use(v)))) { 356 f->dst = NULL; 357 clear_bit(BR_FDB_ADDED_BY_USER, &f->flags); 358 return; 359 } 360 361 fdb_delete(br, f, true); 362 } 363 364 void br_fdb_find_delete_local(struct net_bridge *br, 365 const struct net_bridge_port *p, 366 const unsigned char *addr, u16 vid) 367 { 368 struct net_bridge_fdb_entry *f; 369 370 spin_lock_bh(&br->hash_lock); 371 f = br_fdb_find(br, addr, vid); 372 if (f && test_bit(BR_FDB_LOCAL, &f->flags) && 373 !test_bit(BR_FDB_ADDED_BY_USER, &f->flags) && f->dst == p) 374 fdb_delete_local(br, p, f); 375 spin_unlock_bh(&br->hash_lock); 376 } 377 378 static struct net_bridge_fdb_entry *fdb_create(struct net_bridge *br, 379 struct net_bridge_port *source, 380 const unsigned char *addr, 381 __u16 vid, 382 unsigned long flags) 383 { 384 struct net_bridge_fdb_entry *fdb; 385 int err; 386 387 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 388 if (!fdb) 389 return NULL; 390 391 memcpy(fdb->key.addr.addr, addr, ETH_ALEN); 392 WRITE_ONCE(fdb->dst, source); 393 fdb->key.vlan_id = vid; 394 fdb->flags = flags; 395 fdb->updated = fdb->used = jiffies; 396 err = rhashtable_lookup_insert_fast(&br->fdb_hash_tbl, &fdb->rhnode, 397 br_fdb_rht_params); 398 if (err) { 399 kmem_cache_free(br_fdb_cache, fdb); 400 return NULL; 401 } 402 403 hlist_add_head_rcu(&fdb->fdb_node, &br->fdb_list); 404 405 return fdb; 406 } 407 408 static int fdb_add_local(struct net_bridge *br, struct net_bridge_port *source, 409 const unsigned char *addr, u16 vid) 410 { 411 struct net_bridge_fdb_entry *fdb; 412 413 if (!is_valid_ether_addr(addr)) 414 return -EINVAL; 415 416 fdb = br_fdb_find(br, addr, vid); 417 if (fdb) { 418 /* it is okay to have multiple ports with same 419 * address, just use the first one. 420 */ 421 if (test_bit(BR_FDB_LOCAL, &fdb->flags)) 422 return 0; 423 br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n", 424 source ? source->dev->name : br->dev->name, addr, vid); 425 fdb_delete(br, fdb, true); 426 } 427 428 fdb = fdb_create(br, source, addr, vid, 429 BIT(BR_FDB_LOCAL) | BIT(BR_FDB_STATIC)); 430 if (!fdb) 431 return -ENOMEM; 432 433 fdb_add_hw_addr(br, addr); 434 fdb_notify(br, fdb, RTM_NEWNEIGH, true); 435 return 0; 436 } 437 438 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 439 { 440 struct net_bridge_vlan_group *vg; 441 struct net_bridge_fdb_entry *f; 442 struct net_bridge *br = p->br; 443 struct net_bridge_vlan *v; 444 445 spin_lock_bh(&br->hash_lock); 446 vg = nbp_vlan_group(p); 447 hlist_for_each_entry(f, &br->fdb_list, fdb_node) { 448 if (f->dst == p && test_bit(BR_FDB_LOCAL, &f->flags) && 449 !test_bit(BR_FDB_ADDED_BY_USER, &f->flags)) { 450 /* delete old one */ 451 fdb_delete_local(br, p, f); 452 453 /* if this port has no vlan information 454 * configured, we can safely be done at 455 * this point. 456 */ 457 if (!vg || !vg->num_vlans) 458 goto insert; 459 } 460 } 461 462 insert: 463 /* insert new address, may fail if invalid address or dup. */ 464 fdb_add_local(br, p, newaddr, 0); 465 466 if (!vg || !vg->num_vlans) 467 goto done; 468 469 /* Now add entries for every VLAN configured on the port. 470 * This function runs under RTNL so the bitmap will not change 471 * from under us. 472 */ 473 list_for_each_entry(v, &vg->vlan_list, vlist) 474 fdb_add_local(br, p, newaddr, v->vid); 475 476 done: 477 spin_unlock_bh(&br->hash_lock); 478 } 479 480 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 481 { 482 struct net_bridge_vlan_group *vg; 483 struct net_bridge_fdb_entry *f; 484 struct net_bridge_vlan *v; 485 486 spin_lock_bh(&br->hash_lock); 487 488 /* If old entry was unassociated with any port, then delete it. */ 489 f = br_fdb_find(br, br->dev->dev_addr, 0); 490 if (f && test_bit(BR_FDB_LOCAL, &f->flags) && 491 !f->dst && !test_bit(BR_FDB_ADDED_BY_USER, &f->flags)) 492 fdb_delete_local(br, NULL, f); 493 494 fdb_add_local(br, NULL, newaddr, 0); 495 vg = br_vlan_group(br); 496 if (!vg || !vg->num_vlans) 497 goto out; 498 /* Now remove and add entries for every VLAN configured on the 499 * bridge. This function runs under RTNL so the bitmap will not 500 * change from under us. 501 */ 502 list_for_each_entry(v, &vg->vlan_list, vlist) { 503 if (!br_vlan_should_use(v)) 504 continue; 505 f = br_fdb_find(br, br->dev->dev_addr, v->vid); 506 if (f && test_bit(BR_FDB_LOCAL, &f->flags) && 507 !f->dst && !test_bit(BR_FDB_ADDED_BY_USER, &f->flags)) 508 fdb_delete_local(br, NULL, f); 509 fdb_add_local(br, NULL, newaddr, v->vid); 510 } 511 out: 512 spin_unlock_bh(&br->hash_lock); 513 } 514 515 void br_fdb_cleanup(struct work_struct *work) 516 { 517 struct net_bridge *br = container_of(work, struct net_bridge, 518 gc_work.work); 519 struct net_bridge_fdb_entry *f = NULL; 520 unsigned long delay = hold_time(br); 521 unsigned long work_delay = delay; 522 unsigned long now = jiffies; 523 524 /* this part is tricky, in order to avoid blocking learning and 525 * consequently forwarding, we rely on rcu to delete objects with 526 * delayed freeing allowing us to continue traversing 527 */ 528 rcu_read_lock(); 529 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 530 unsigned long this_timer = f->updated + delay; 531 532 if (test_bit(BR_FDB_STATIC, &f->flags) || 533 test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &f->flags)) { 534 if (test_bit(BR_FDB_NOTIFY, &f->flags)) { 535 if (time_after(this_timer, now)) 536 work_delay = min(work_delay, 537 this_timer - now); 538 else if (!test_and_set_bit(BR_FDB_NOTIFY_INACTIVE, 539 &f->flags)) 540 fdb_notify(br, f, RTM_NEWNEIGH, false); 541 } 542 continue; 543 } 544 545 if (time_after(this_timer, now)) { 546 work_delay = min(work_delay, this_timer - now); 547 } else { 548 spin_lock_bh(&br->hash_lock); 549 if (!hlist_unhashed(&f->fdb_node)) 550 fdb_delete(br, f, true); 551 spin_unlock_bh(&br->hash_lock); 552 } 553 } 554 rcu_read_unlock(); 555 556 /* Cleanup minimum 10 milliseconds apart */ 557 work_delay = max_t(unsigned long, work_delay, msecs_to_jiffies(10)); 558 mod_delayed_work(system_long_wq, &br->gc_work, work_delay); 559 } 560 561 static bool __fdb_flush_matches(const struct net_bridge *br, 562 const struct net_bridge_fdb_entry *f, 563 const struct net_bridge_fdb_flush_desc *desc) 564 { 565 const struct net_bridge_port *dst = READ_ONCE(f->dst); 566 int port_ifidx = dst ? dst->dev->ifindex : br->dev->ifindex; 567 568 if (desc->vlan_id && desc->vlan_id != f->key.vlan_id) 569 return false; 570 if (desc->port_ifindex && desc->port_ifindex != port_ifidx) 571 return false; 572 if (desc->flags_mask && (f->flags & desc->flags_mask) != desc->flags) 573 return false; 574 575 return true; 576 } 577 578 /* Flush forwarding database entries matching the description */ 579 void br_fdb_flush(struct net_bridge *br, 580 const struct net_bridge_fdb_flush_desc *desc) 581 { 582 struct net_bridge_fdb_entry *f; 583 584 rcu_read_lock(); 585 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 586 if (!__fdb_flush_matches(br, f, desc)) 587 continue; 588 589 spin_lock_bh(&br->hash_lock); 590 if (!hlist_unhashed(&f->fdb_node)) 591 fdb_delete(br, f, true); 592 spin_unlock_bh(&br->hash_lock); 593 } 594 rcu_read_unlock(); 595 } 596 597 static unsigned long __ndm_state_to_fdb_flags(u16 ndm_state) 598 { 599 unsigned long flags = 0; 600 601 if (ndm_state & NUD_PERMANENT) 602 __set_bit(BR_FDB_LOCAL, &flags); 603 if (ndm_state & NUD_NOARP) 604 __set_bit(BR_FDB_STATIC, &flags); 605 606 return flags; 607 } 608 609 static unsigned long __ndm_flags_to_fdb_flags(u8 ndm_flags) 610 { 611 unsigned long flags = 0; 612 613 if (ndm_flags & NTF_USE) 614 __set_bit(BR_FDB_ADDED_BY_USER, &flags); 615 if (ndm_flags & NTF_EXT_LEARNED) 616 __set_bit(BR_FDB_ADDED_BY_EXT_LEARN, &flags); 617 if (ndm_flags & NTF_OFFLOADED) 618 __set_bit(BR_FDB_OFFLOADED, &flags); 619 if (ndm_flags & NTF_STICKY) 620 __set_bit(BR_FDB_STICKY, &flags); 621 622 return flags; 623 } 624 625 static int __fdb_flush_validate_ifindex(const struct net_bridge *br, 626 int ifindex, 627 struct netlink_ext_ack *extack) 628 { 629 const struct net_device *dev; 630 631 dev = __dev_get_by_index(dev_net(br->dev), ifindex); 632 if (!dev) { 633 NL_SET_ERR_MSG_MOD(extack, "Unknown flush device ifindex"); 634 return -ENODEV; 635 } 636 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) { 637 NL_SET_ERR_MSG_MOD(extack, "Flush device is not a bridge or bridge port"); 638 return -EINVAL; 639 } 640 if (netif_is_bridge_master(dev) && dev != br->dev) { 641 NL_SET_ERR_MSG_MOD(extack, 642 "Flush bridge device does not match target bridge device"); 643 return -EINVAL; 644 } 645 if (netif_is_bridge_port(dev)) { 646 struct net_bridge_port *p = br_port_get_rtnl(dev); 647 648 if (p->br != br) { 649 NL_SET_ERR_MSG_MOD(extack, "Port belongs to a different bridge device"); 650 return -EINVAL; 651 } 652 } 653 654 return 0; 655 } 656 657 int br_fdb_delete_bulk(struct ndmsg *ndm, struct nlattr *tb[], 658 struct net_device *dev, u16 vid, 659 struct netlink_ext_ack *extack) 660 { 661 u8 ndm_flags = ndm->ndm_flags & ~FDB_FLUSH_IGNORED_NDM_FLAGS; 662 struct net_bridge_fdb_flush_desc desc = { .vlan_id = vid }; 663 struct net_bridge_port *p = NULL; 664 struct net_bridge *br; 665 666 if (netif_is_bridge_master(dev)) { 667 br = netdev_priv(dev); 668 } else { 669 p = br_port_get_rtnl(dev); 670 if (!p) { 671 NL_SET_ERR_MSG_MOD(extack, "Device is not a bridge port"); 672 return -EINVAL; 673 } 674 br = p->br; 675 } 676 677 if (ndm_flags & ~FDB_FLUSH_ALLOWED_NDM_FLAGS) { 678 NL_SET_ERR_MSG(extack, "Unsupported fdb flush ndm flag bits set"); 679 return -EINVAL; 680 } 681 if (ndm->ndm_state & ~FDB_FLUSH_ALLOWED_NDM_STATES) { 682 NL_SET_ERR_MSG(extack, "Unsupported fdb flush ndm state bits set"); 683 return -EINVAL; 684 } 685 686 desc.flags |= __ndm_state_to_fdb_flags(ndm->ndm_state); 687 desc.flags |= __ndm_flags_to_fdb_flags(ndm_flags); 688 if (tb[NDA_NDM_STATE_MASK]) { 689 u16 ndm_state_mask = nla_get_u16(tb[NDA_NDM_STATE_MASK]); 690 691 desc.flags_mask |= __ndm_state_to_fdb_flags(ndm_state_mask); 692 } 693 if (tb[NDA_NDM_FLAGS_MASK]) { 694 u8 ndm_flags_mask = nla_get_u8(tb[NDA_NDM_FLAGS_MASK]); 695 696 desc.flags_mask |= __ndm_flags_to_fdb_flags(ndm_flags_mask); 697 } 698 if (tb[NDA_IFINDEX]) { 699 int err, ifidx = nla_get_s32(tb[NDA_IFINDEX]); 700 701 err = __fdb_flush_validate_ifindex(br, ifidx, extack); 702 if (err) 703 return err; 704 desc.port_ifindex = ifidx; 705 } else if (p) { 706 /* flush was invoked with port device and NTF_MASTER */ 707 desc.port_ifindex = p->dev->ifindex; 708 } 709 710 br_debug(br, "flushing port ifindex: %d vlan id: %u flags: 0x%lx flags mask: 0x%lx\n", 711 desc.port_ifindex, desc.vlan_id, desc.flags, desc.flags_mask); 712 713 br_fdb_flush(br, &desc); 714 715 return 0; 716 } 717 718 /* Flush all entries referring to a specific port. 719 * if do_all is set also flush static entries 720 * if vid is set delete all entries that match the vlan_id 721 */ 722 void br_fdb_delete_by_port(struct net_bridge *br, 723 const struct net_bridge_port *p, 724 u16 vid, 725 int do_all) 726 { 727 struct net_bridge_fdb_entry *f; 728 struct hlist_node *tmp; 729 730 spin_lock_bh(&br->hash_lock); 731 hlist_for_each_entry_safe(f, tmp, &br->fdb_list, fdb_node) { 732 if (f->dst != p) 733 continue; 734 735 if (!do_all) 736 if (test_bit(BR_FDB_STATIC, &f->flags) || 737 (test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &f->flags) && 738 !test_bit(BR_FDB_OFFLOADED, &f->flags)) || 739 (vid && f->key.vlan_id != vid)) 740 continue; 741 742 if (test_bit(BR_FDB_LOCAL, &f->flags)) 743 fdb_delete_local(br, p, f); 744 else 745 fdb_delete(br, f, true); 746 } 747 spin_unlock_bh(&br->hash_lock); 748 } 749 750 #if IS_ENABLED(CONFIG_ATM_LANE) 751 /* Interface used by ATM LANE hook to test 752 * if an addr is on some other bridge port */ 753 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 754 { 755 struct net_bridge_fdb_entry *fdb; 756 struct net_bridge_port *port; 757 int ret; 758 759 rcu_read_lock(); 760 port = br_port_get_rcu(dev); 761 if (!port) 762 ret = 0; 763 else { 764 const struct net_bridge_port *dst = NULL; 765 766 fdb = br_fdb_find_rcu(port->br, addr, 0); 767 if (fdb) 768 dst = READ_ONCE(fdb->dst); 769 770 ret = dst && dst->dev != dev && 771 dst->state == BR_STATE_FORWARDING; 772 } 773 rcu_read_unlock(); 774 775 return ret; 776 } 777 #endif /* CONFIG_ATM_LANE */ 778 779 /* 780 * Fill buffer with forwarding table records in 781 * the API format. 782 */ 783 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 784 unsigned long maxnum, unsigned long skip) 785 { 786 struct net_bridge_fdb_entry *f; 787 struct __fdb_entry *fe = buf; 788 int num = 0; 789 790 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 791 792 rcu_read_lock(); 793 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 794 if (num >= maxnum) 795 break; 796 797 if (has_expired(br, f)) 798 continue; 799 800 /* ignore pseudo entry for local MAC address */ 801 if (!f->dst) 802 continue; 803 804 if (skip) { 805 --skip; 806 continue; 807 } 808 809 /* convert from internal format to API */ 810 memcpy(fe->mac_addr, f->key.addr.addr, ETH_ALEN); 811 812 /* due to ABI compat need to split into hi/lo */ 813 fe->port_no = f->dst->port_no; 814 fe->port_hi = f->dst->port_no >> 8; 815 816 fe->is_local = test_bit(BR_FDB_LOCAL, &f->flags); 817 if (!test_bit(BR_FDB_STATIC, &f->flags)) 818 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 819 ++fe; 820 ++num; 821 } 822 rcu_read_unlock(); 823 824 return num; 825 } 826 827 /* Add entry for local address of interface */ 828 int br_fdb_add_local(struct net_bridge *br, struct net_bridge_port *source, 829 const unsigned char *addr, u16 vid) 830 { 831 int ret; 832 833 spin_lock_bh(&br->hash_lock); 834 ret = fdb_add_local(br, source, addr, vid); 835 spin_unlock_bh(&br->hash_lock); 836 return ret; 837 } 838 839 /* returns true if the fdb was modified */ 840 static bool __fdb_mark_active(struct net_bridge_fdb_entry *fdb) 841 { 842 return !!(test_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags) && 843 test_and_clear_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags)); 844 } 845 846 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 847 const unsigned char *addr, u16 vid, unsigned long flags) 848 { 849 struct net_bridge_fdb_entry *fdb; 850 851 /* some users want to always flood. */ 852 if (hold_time(br) == 0) 853 return; 854 855 fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); 856 if (likely(fdb)) { 857 /* attempt to update an entry for a local interface */ 858 if (unlikely(test_bit(BR_FDB_LOCAL, &fdb->flags))) { 859 if (net_ratelimit()) 860 br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n", 861 source->dev->name, addr, vid); 862 } else { 863 unsigned long now = jiffies; 864 bool fdb_modified = false; 865 866 if (now != fdb->updated) { 867 fdb->updated = now; 868 fdb_modified = __fdb_mark_active(fdb); 869 } 870 871 /* fastpath: update of existing entry */ 872 if (unlikely(source != READ_ONCE(fdb->dst) && 873 !test_bit(BR_FDB_STICKY, &fdb->flags))) { 874 br_switchdev_fdb_notify(br, fdb, RTM_DELNEIGH); 875 WRITE_ONCE(fdb->dst, source); 876 fdb_modified = true; 877 /* Take over HW learned entry */ 878 if (unlikely(test_bit(BR_FDB_ADDED_BY_EXT_LEARN, 879 &fdb->flags))) 880 clear_bit(BR_FDB_ADDED_BY_EXT_LEARN, 881 &fdb->flags); 882 } 883 884 if (unlikely(test_bit(BR_FDB_ADDED_BY_USER, &flags))) 885 set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags); 886 if (unlikely(fdb_modified)) { 887 trace_br_fdb_update(br, source, addr, vid, flags); 888 fdb_notify(br, fdb, RTM_NEWNEIGH, true); 889 } 890 } 891 } else { 892 spin_lock(&br->hash_lock); 893 fdb = fdb_create(br, source, addr, vid, flags); 894 if (fdb) { 895 trace_br_fdb_update(br, source, addr, vid, flags); 896 fdb_notify(br, fdb, RTM_NEWNEIGH, true); 897 } 898 /* else we lose race and someone else inserts 899 * it first, don't bother updating 900 */ 901 spin_unlock(&br->hash_lock); 902 } 903 } 904 905 /* Dump information about entries, in response to GETNEIGH */ 906 int br_fdb_dump(struct sk_buff *skb, 907 struct netlink_callback *cb, 908 struct net_device *dev, 909 struct net_device *filter_dev, 910 int *idx) 911 { 912 struct net_bridge *br = netdev_priv(dev); 913 struct net_bridge_fdb_entry *f; 914 int err = 0; 915 916 if (!netif_is_bridge_master(dev)) 917 return err; 918 919 if (!filter_dev) { 920 err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 921 if (err < 0) 922 return err; 923 } 924 925 rcu_read_lock(); 926 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 927 if (*idx < cb->args[2]) 928 goto skip; 929 if (filter_dev && (!f->dst || f->dst->dev != filter_dev)) { 930 if (filter_dev != dev) 931 goto skip; 932 /* !f->dst is a special case for bridge 933 * It means the MAC belongs to the bridge 934 * Therefore need a little more filtering 935 * we only want to dump the !f->dst case 936 */ 937 if (f->dst) 938 goto skip; 939 } 940 if (!filter_dev && f->dst) 941 goto skip; 942 943 err = fdb_fill_info(skb, br, f, 944 NETLINK_CB(cb->skb).portid, 945 cb->nlh->nlmsg_seq, 946 RTM_NEWNEIGH, 947 NLM_F_MULTI); 948 if (err < 0) 949 break; 950 skip: 951 *idx += 1; 952 } 953 rcu_read_unlock(); 954 955 return err; 956 } 957 958 int br_fdb_get(struct sk_buff *skb, 959 struct nlattr *tb[], 960 struct net_device *dev, 961 const unsigned char *addr, 962 u16 vid, u32 portid, u32 seq, 963 struct netlink_ext_ack *extack) 964 { 965 struct net_bridge *br = netdev_priv(dev); 966 struct net_bridge_fdb_entry *f; 967 int err = 0; 968 969 rcu_read_lock(); 970 f = br_fdb_find_rcu(br, addr, vid); 971 if (!f) { 972 NL_SET_ERR_MSG(extack, "Fdb entry not found"); 973 err = -ENOENT; 974 goto errout; 975 } 976 977 err = fdb_fill_info(skb, br, f, portid, seq, 978 RTM_NEWNEIGH, 0); 979 errout: 980 rcu_read_unlock(); 981 return err; 982 } 983 984 /* returns true if the fdb is modified */ 985 static bool fdb_handle_notify(struct net_bridge_fdb_entry *fdb, u8 notify) 986 { 987 bool modified = false; 988 989 /* allow to mark an entry as inactive, usually done on creation */ 990 if ((notify & FDB_NOTIFY_INACTIVE_BIT) && 991 !test_and_set_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags)) 992 modified = true; 993 994 if ((notify & FDB_NOTIFY_BIT) && 995 !test_and_set_bit(BR_FDB_NOTIFY, &fdb->flags)) { 996 /* enabled activity tracking */ 997 modified = true; 998 } else if (!(notify & FDB_NOTIFY_BIT) && 999 test_and_clear_bit(BR_FDB_NOTIFY, &fdb->flags)) { 1000 /* disabled activity tracking, clear notify state */ 1001 clear_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags); 1002 modified = true; 1003 } 1004 1005 return modified; 1006 } 1007 1008 /* Update (create or replace) forwarding database entry */ 1009 static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source, 1010 const u8 *addr, struct ndmsg *ndm, u16 flags, u16 vid, 1011 struct nlattr *nfea_tb[]) 1012 { 1013 bool is_sticky = !!(ndm->ndm_flags & NTF_STICKY); 1014 bool refresh = !nfea_tb[NFEA_DONT_REFRESH]; 1015 struct net_bridge_fdb_entry *fdb; 1016 u16 state = ndm->ndm_state; 1017 bool modified = false; 1018 u8 notify = 0; 1019 1020 /* If the port cannot learn allow only local and static entries */ 1021 if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 1022 !(source->state == BR_STATE_LEARNING || 1023 source->state == BR_STATE_FORWARDING)) 1024 return -EPERM; 1025 1026 if (!source && !(state & NUD_PERMANENT)) { 1027 pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n", 1028 br->dev->name); 1029 return -EINVAL; 1030 } 1031 1032 if (is_sticky && (state & NUD_PERMANENT)) 1033 return -EINVAL; 1034 1035 if (nfea_tb[NFEA_ACTIVITY_NOTIFY]) { 1036 notify = nla_get_u8(nfea_tb[NFEA_ACTIVITY_NOTIFY]); 1037 if ((notify & ~BR_FDB_NOTIFY_SETTABLE_BITS) || 1038 (notify & BR_FDB_NOTIFY_SETTABLE_BITS) == FDB_NOTIFY_INACTIVE_BIT) 1039 return -EINVAL; 1040 } 1041 1042 fdb = br_fdb_find(br, addr, vid); 1043 if (fdb == NULL) { 1044 if (!(flags & NLM_F_CREATE)) 1045 return -ENOENT; 1046 1047 fdb = fdb_create(br, source, addr, vid, 0); 1048 if (!fdb) 1049 return -ENOMEM; 1050 1051 modified = true; 1052 } else { 1053 if (flags & NLM_F_EXCL) 1054 return -EEXIST; 1055 1056 if (READ_ONCE(fdb->dst) != source) { 1057 WRITE_ONCE(fdb->dst, source); 1058 modified = true; 1059 } 1060 } 1061 1062 if (fdb_to_nud(br, fdb) != state) { 1063 if (state & NUD_PERMANENT) { 1064 set_bit(BR_FDB_LOCAL, &fdb->flags); 1065 if (!test_and_set_bit(BR_FDB_STATIC, &fdb->flags)) 1066 fdb_add_hw_addr(br, addr); 1067 } else if (state & NUD_NOARP) { 1068 clear_bit(BR_FDB_LOCAL, &fdb->flags); 1069 if (!test_and_set_bit(BR_FDB_STATIC, &fdb->flags)) 1070 fdb_add_hw_addr(br, addr); 1071 } else { 1072 clear_bit(BR_FDB_LOCAL, &fdb->flags); 1073 if (test_and_clear_bit(BR_FDB_STATIC, &fdb->flags)) 1074 fdb_del_hw_addr(br, addr); 1075 } 1076 1077 modified = true; 1078 } 1079 1080 if (is_sticky != test_bit(BR_FDB_STICKY, &fdb->flags)) { 1081 change_bit(BR_FDB_STICKY, &fdb->flags); 1082 modified = true; 1083 } 1084 1085 if (fdb_handle_notify(fdb, notify)) 1086 modified = true; 1087 1088 set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags); 1089 1090 fdb->used = jiffies; 1091 if (modified) { 1092 if (refresh) 1093 fdb->updated = jiffies; 1094 fdb_notify(br, fdb, RTM_NEWNEIGH, true); 1095 } 1096 1097 return 0; 1098 } 1099 1100 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br, 1101 struct net_bridge_port *p, const unsigned char *addr, 1102 u16 nlh_flags, u16 vid, struct nlattr *nfea_tb[], 1103 struct netlink_ext_ack *extack) 1104 { 1105 int err = 0; 1106 1107 if (ndm->ndm_flags & NTF_USE) { 1108 if (!p) { 1109 pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n", 1110 br->dev->name); 1111 return -EINVAL; 1112 } 1113 if (!nbp_state_should_learn(p)) 1114 return 0; 1115 1116 local_bh_disable(); 1117 rcu_read_lock(); 1118 br_fdb_update(br, p, addr, vid, BIT(BR_FDB_ADDED_BY_USER)); 1119 rcu_read_unlock(); 1120 local_bh_enable(); 1121 } else if (ndm->ndm_flags & NTF_EXT_LEARNED) { 1122 if (!p && !(ndm->ndm_state & NUD_PERMANENT)) { 1123 NL_SET_ERR_MSG_MOD(extack, 1124 "FDB entry towards bridge must be permanent"); 1125 return -EINVAL; 1126 } 1127 err = br_fdb_external_learn_add(br, p, addr, vid, true); 1128 } else { 1129 spin_lock_bh(&br->hash_lock); 1130 err = fdb_add_entry(br, p, addr, ndm, nlh_flags, vid, nfea_tb); 1131 spin_unlock_bh(&br->hash_lock); 1132 } 1133 1134 return err; 1135 } 1136 1137 static const struct nla_policy br_nda_fdb_pol[NFEA_MAX + 1] = { 1138 [NFEA_ACTIVITY_NOTIFY] = { .type = NLA_U8 }, 1139 [NFEA_DONT_REFRESH] = { .type = NLA_FLAG }, 1140 }; 1141 1142 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 1143 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 1144 struct net_device *dev, 1145 const unsigned char *addr, u16 vid, u16 nlh_flags, 1146 struct netlink_ext_ack *extack) 1147 { 1148 struct nlattr *nfea_tb[NFEA_MAX + 1], *attr; 1149 struct net_bridge_vlan_group *vg; 1150 struct net_bridge_port *p = NULL; 1151 struct net_bridge_vlan *v; 1152 struct net_bridge *br = NULL; 1153 int err = 0; 1154 1155 trace_br_fdb_add(ndm, dev, addr, vid, nlh_flags); 1156 1157 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 1158 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 1159 return -EINVAL; 1160 } 1161 1162 if (is_zero_ether_addr(addr)) { 1163 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 1164 return -EINVAL; 1165 } 1166 1167 if (netif_is_bridge_master(dev)) { 1168 br = netdev_priv(dev); 1169 vg = br_vlan_group(br); 1170 } else { 1171 p = br_port_get_rtnl(dev); 1172 if (!p) { 1173 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 1174 dev->name); 1175 return -EINVAL; 1176 } 1177 br = p->br; 1178 vg = nbp_vlan_group(p); 1179 } 1180 1181 if (tb[NDA_FDB_EXT_ATTRS]) { 1182 attr = tb[NDA_FDB_EXT_ATTRS]; 1183 err = nla_parse_nested(nfea_tb, NFEA_MAX, attr, 1184 br_nda_fdb_pol, extack); 1185 if (err) 1186 return err; 1187 } else { 1188 memset(nfea_tb, 0, sizeof(struct nlattr *) * (NFEA_MAX + 1)); 1189 } 1190 1191 if (vid) { 1192 v = br_vlan_find(vg, vid); 1193 if (!v || !br_vlan_should_use(v)) { 1194 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 1195 return -EINVAL; 1196 } 1197 1198 /* VID was specified, so use it. */ 1199 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid, nfea_tb, 1200 extack); 1201 } else { 1202 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0, nfea_tb, 1203 extack); 1204 if (err || !vg || !vg->num_vlans) 1205 goto out; 1206 1207 /* We have vlans configured on this port and user didn't 1208 * specify a VLAN. To be nice, add/update entry for every 1209 * vlan on this port. 1210 */ 1211 list_for_each_entry(v, &vg->vlan_list, vlist) { 1212 if (!br_vlan_should_use(v)) 1213 continue; 1214 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid, 1215 nfea_tb, extack); 1216 if (err) 1217 goto out; 1218 } 1219 } 1220 1221 out: 1222 return err; 1223 } 1224 1225 static int fdb_delete_by_addr_and_port(struct net_bridge *br, 1226 const struct net_bridge_port *p, 1227 const u8 *addr, u16 vlan) 1228 { 1229 struct net_bridge_fdb_entry *fdb; 1230 1231 fdb = br_fdb_find(br, addr, vlan); 1232 if (!fdb || READ_ONCE(fdb->dst) != p) 1233 return -ENOENT; 1234 1235 fdb_delete(br, fdb, true); 1236 1237 return 0; 1238 } 1239 1240 static int __br_fdb_delete(struct net_bridge *br, 1241 const struct net_bridge_port *p, 1242 const unsigned char *addr, u16 vid) 1243 { 1244 int err; 1245 1246 spin_lock_bh(&br->hash_lock); 1247 err = fdb_delete_by_addr_and_port(br, p, addr, vid); 1248 spin_unlock_bh(&br->hash_lock); 1249 1250 return err; 1251 } 1252 1253 /* Remove neighbor entry with RTM_DELNEIGH */ 1254 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 1255 struct net_device *dev, 1256 const unsigned char *addr, u16 vid, 1257 struct netlink_ext_ack *extack) 1258 { 1259 struct net_bridge_vlan_group *vg; 1260 struct net_bridge_port *p = NULL; 1261 struct net_bridge_vlan *v; 1262 struct net_bridge *br; 1263 int err; 1264 1265 if (netif_is_bridge_master(dev)) { 1266 br = netdev_priv(dev); 1267 vg = br_vlan_group(br); 1268 } else { 1269 p = br_port_get_rtnl(dev); 1270 if (!p) { 1271 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 1272 dev->name); 1273 return -EINVAL; 1274 } 1275 vg = nbp_vlan_group(p); 1276 br = p->br; 1277 } 1278 1279 if (vid) { 1280 v = br_vlan_find(vg, vid); 1281 if (!v) { 1282 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 1283 return -EINVAL; 1284 } 1285 1286 err = __br_fdb_delete(br, p, addr, vid); 1287 } else { 1288 err = -ENOENT; 1289 err &= __br_fdb_delete(br, p, addr, 0); 1290 if (!vg || !vg->num_vlans) 1291 return err; 1292 1293 list_for_each_entry(v, &vg->vlan_list, vlist) { 1294 if (!br_vlan_should_use(v)) 1295 continue; 1296 err &= __br_fdb_delete(br, p, addr, v->vid); 1297 } 1298 } 1299 1300 return err; 1301 } 1302 1303 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1304 { 1305 struct net_bridge_fdb_entry *f, *tmp; 1306 int err = 0; 1307 1308 ASSERT_RTNL(); 1309 1310 /* the key here is that static entries change only under rtnl */ 1311 rcu_read_lock(); 1312 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 1313 /* We only care for static entries */ 1314 if (!test_bit(BR_FDB_STATIC, &f->flags)) 1315 continue; 1316 err = dev_uc_add(p->dev, f->key.addr.addr); 1317 if (err) 1318 goto rollback; 1319 } 1320 done: 1321 rcu_read_unlock(); 1322 1323 return err; 1324 1325 rollback: 1326 hlist_for_each_entry_rcu(tmp, &br->fdb_list, fdb_node) { 1327 /* We only care for static entries */ 1328 if (!test_bit(BR_FDB_STATIC, &tmp->flags)) 1329 continue; 1330 if (tmp == f) 1331 break; 1332 dev_uc_del(p->dev, tmp->key.addr.addr); 1333 } 1334 1335 goto done; 1336 } 1337 1338 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1339 { 1340 struct net_bridge_fdb_entry *f; 1341 1342 ASSERT_RTNL(); 1343 1344 rcu_read_lock(); 1345 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 1346 /* We only care for static entries */ 1347 if (!test_bit(BR_FDB_STATIC, &f->flags)) 1348 continue; 1349 1350 dev_uc_del(p->dev, f->key.addr.addr); 1351 } 1352 rcu_read_unlock(); 1353 } 1354 1355 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1356 const unsigned char *addr, u16 vid, 1357 bool swdev_notify) 1358 { 1359 struct net_bridge_fdb_entry *fdb; 1360 bool modified = false; 1361 int err = 0; 1362 1363 trace_br_fdb_external_learn_add(br, p, addr, vid); 1364 1365 spin_lock_bh(&br->hash_lock); 1366 1367 fdb = br_fdb_find(br, addr, vid); 1368 if (!fdb) { 1369 unsigned long flags = BIT(BR_FDB_ADDED_BY_EXT_LEARN); 1370 1371 if (swdev_notify) 1372 flags |= BIT(BR_FDB_ADDED_BY_USER); 1373 1374 if (!p) 1375 flags |= BIT(BR_FDB_LOCAL); 1376 1377 fdb = fdb_create(br, p, addr, vid, flags); 1378 if (!fdb) { 1379 err = -ENOMEM; 1380 goto err_unlock; 1381 } 1382 fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify); 1383 } else { 1384 fdb->updated = jiffies; 1385 1386 if (READ_ONCE(fdb->dst) != p) { 1387 WRITE_ONCE(fdb->dst, p); 1388 modified = true; 1389 } 1390 1391 if (test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags)) { 1392 /* Refresh entry */ 1393 fdb->used = jiffies; 1394 } else if (!test_bit(BR_FDB_ADDED_BY_USER, &fdb->flags)) { 1395 /* Take over SW learned entry */ 1396 set_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags); 1397 modified = true; 1398 } 1399 1400 if (swdev_notify) 1401 set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags); 1402 1403 if (!p) 1404 set_bit(BR_FDB_LOCAL, &fdb->flags); 1405 1406 if (modified) 1407 fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify); 1408 } 1409 1410 err_unlock: 1411 spin_unlock_bh(&br->hash_lock); 1412 1413 return err; 1414 } 1415 1416 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1417 const unsigned char *addr, u16 vid, 1418 bool swdev_notify) 1419 { 1420 struct net_bridge_fdb_entry *fdb; 1421 int err = 0; 1422 1423 spin_lock_bh(&br->hash_lock); 1424 1425 fdb = br_fdb_find(br, addr, vid); 1426 if (fdb && test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags)) 1427 fdb_delete(br, fdb, swdev_notify); 1428 else 1429 err = -ENOENT; 1430 1431 spin_unlock_bh(&br->hash_lock); 1432 1433 return err; 1434 } 1435 1436 void br_fdb_offloaded_set(struct net_bridge *br, struct net_bridge_port *p, 1437 const unsigned char *addr, u16 vid, bool offloaded) 1438 { 1439 struct net_bridge_fdb_entry *fdb; 1440 1441 spin_lock_bh(&br->hash_lock); 1442 1443 fdb = br_fdb_find(br, addr, vid); 1444 if (fdb && offloaded != test_bit(BR_FDB_OFFLOADED, &fdb->flags)) 1445 change_bit(BR_FDB_OFFLOADED, &fdb->flags); 1446 1447 spin_unlock_bh(&br->hash_lock); 1448 } 1449 1450 void br_fdb_clear_offload(const struct net_device *dev, u16 vid) 1451 { 1452 struct net_bridge_fdb_entry *f; 1453 struct net_bridge_port *p; 1454 1455 ASSERT_RTNL(); 1456 1457 p = br_port_get_rtnl(dev); 1458 if (!p) 1459 return; 1460 1461 spin_lock_bh(&p->br->hash_lock); 1462 hlist_for_each_entry(f, &p->br->fdb_list, fdb_node) { 1463 if (f->dst == p && f->key.vlan_id == vid) 1464 clear_bit(BR_FDB_OFFLOADED, &f->flags); 1465 } 1466 spin_unlock_bh(&p->br->hash_lock); 1467 } 1468 EXPORT_SYMBOL_GPL(br_fdb_clear_offload); 1469