1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 32 const unsigned char *addr, u16 vid); 33 static void fdb_notify(struct net_bridge *br, 34 const struct net_bridge_fdb_entry *, int); 35 36 static u32 fdb_salt __read_mostly; 37 38 int __init br_fdb_init(void) 39 { 40 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 41 sizeof(struct net_bridge_fdb_entry), 42 0, 43 SLAB_HWCACHE_ALIGN, NULL); 44 if (!br_fdb_cache) 45 return -ENOMEM; 46 47 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 48 return 0; 49 } 50 51 void br_fdb_fini(void) 52 { 53 kmem_cache_destroy(br_fdb_cache); 54 } 55 56 57 /* if topology_changing then use forward_delay (default 15 sec) 58 * otherwise keep longer (default 5 minutes) 59 */ 60 static inline unsigned long hold_time(const struct net_bridge *br) 61 { 62 return br->topology_change ? br->forward_delay : br->ageing_time; 63 } 64 65 static inline int has_expired(const struct net_bridge *br, 66 const struct net_bridge_fdb_entry *fdb) 67 { 68 return !fdb->is_static && !fdb->added_by_external_learn && 69 time_before_eq(fdb->updated + hold_time(br), jiffies); 70 } 71 72 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 73 { 74 /* use 1 byte of OUI and 3 bytes of NIC */ 75 u32 key = get_unaligned((u32 *)(mac + 2)); 76 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 77 } 78 79 static void fdb_rcu_free(struct rcu_head *head) 80 { 81 struct net_bridge_fdb_entry *ent 82 = container_of(head, struct net_bridge_fdb_entry, rcu); 83 kmem_cache_free(br_fdb_cache, ent); 84 } 85 86 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 87 const unsigned char *addr, 88 __u16 vid) 89 { 90 struct net_bridge_fdb_entry *f; 91 92 WARN_ON_ONCE(!rcu_read_lock_held()); 93 94 hlist_for_each_entry_rcu(f, head, hlist) 95 if (ether_addr_equal(f->addr.addr, addr) && f->vlan_id == vid) 96 break; 97 98 return f; 99 } 100 101 /* requires bridge hash_lock */ 102 static struct net_bridge_fdb_entry *br_fdb_find(struct net_bridge *br, 103 const unsigned char *addr, 104 __u16 vid) 105 { 106 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 107 struct net_bridge_fdb_entry *fdb; 108 109 lockdep_assert_held_once(&br->hash_lock); 110 111 rcu_read_lock(); 112 fdb = fdb_find_rcu(head, addr, vid); 113 rcu_read_unlock(); 114 115 return fdb; 116 } 117 118 struct net_bridge_fdb_entry *br_fdb_find_rcu(struct net_bridge *br, 119 const unsigned char *addr, 120 __u16 vid) 121 { 122 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 123 124 return fdb_find_rcu(head, addr, vid); 125 } 126 127 /* When a static FDB entry is added, the mac address from the entry is 128 * added to the bridge private HW address list and all required ports 129 * are then updated with the new information. 130 * Called under RTNL. 131 */ 132 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 133 { 134 int err; 135 struct net_bridge_port *p; 136 137 ASSERT_RTNL(); 138 139 list_for_each_entry(p, &br->port_list, list) { 140 if (!br_promisc_port(p)) { 141 err = dev_uc_add(p->dev, addr); 142 if (err) 143 goto undo; 144 } 145 } 146 147 return; 148 undo: 149 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 150 if (!br_promisc_port(p)) 151 dev_uc_del(p->dev, addr); 152 } 153 } 154 155 /* When a static FDB entry is deleted, the HW address from that entry is 156 * also removed from the bridge private HW address list and updates all 157 * the ports with needed information. 158 * Called under RTNL. 159 */ 160 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 161 { 162 struct net_bridge_port *p; 163 164 ASSERT_RTNL(); 165 166 list_for_each_entry(p, &br->port_list, list) { 167 if (!br_promisc_port(p)) 168 dev_uc_del(p->dev, addr); 169 } 170 } 171 172 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 173 { 174 struct switchdev_obj_port_fdb fdb = { 175 .obj = { 176 .orig_dev = f->dst->dev, 177 .id = SWITCHDEV_OBJ_ID_PORT_FDB, 178 .flags = SWITCHDEV_F_DEFER, 179 }, 180 .vid = f->vlan_id, 181 }; 182 183 ether_addr_copy(fdb.addr, f->addr.addr); 184 switchdev_port_obj_del(f->dst->dev, &fdb.obj); 185 } 186 187 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 188 { 189 if (f->is_static) 190 fdb_del_hw_addr(br, f->addr.addr); 191 192 if (f->added_by_external_learn) 193 fdb_del_external_learn(f); 194 195 hlist_del_init_rcu(&f->hlist); 196 fdb_notify(br, f, RTM_DELNEIGH); 197 call_rcu(&f->rcu, fdb_rcu_free); 198 } 199 200 /* Delete a local entry if no other port had the same address. */ 201 static void fdb_delete_local(struct net_bridge *br, 202 const struct net_bridge_port *p, 203 struct net_bridge_fdb_entry *f) 204 { 205 const unsigned char *addr = f->addr.addr; 206 struct net_bridge_vlan_group *vg; 207 const struct net_bridge_vlan *v; 208 struct net_bridge_port *op; 209 u16 vid = f->vlan_id; 210 211 /* Maybe another port has same hw addr? */ 212 list_for_each_entry(op, &br->port_list, list) { 213 vg = nbp_vlan_group(op); 214 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 215 (!vid || br_vlan_find(vg, vid))) { 216 f->dst = op; 217 f->added_by_user = 0; 218 return; 219 } 220 } 221 222 vg = br_vlan_group(br); 223 v = br_vlan_find(vg, vid); 224 /* Maybe bridge device has same hw addr? */ 225 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 226 (!vid || (v && br_vlan_should_use(v)))) { 227 f->dst = NULL; 228 f->added_by_user = 0; 229 return; 230 } 231 232 fdb_delete(br, f); 233 } 234 235 void br_fdb_find_delete_local(struct net_bridge *br, 236 const struct net_bridge_port *p, 237 const unsigned char *addr, u16 vid) 238 { 239 struct net_bridge_fdb_entry *f; 240 241 spin_lock_bh(&br->hash_lock); 242 f = br_fdb_find(br, addr, vid); 243 if (f && f->is_local && !f->added_by_user && f->dst == p) 244 fdb_delete_local(br, p, f); 245 spin_unlock_bh(&br->hash_lock); 246 } 247 248 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 249 { 250 struct net_bridge_vlan_group *vg; 251 struct net_bridge *br = p->br; 252 struct net_bridge_vlan *v; 253 int i; 254 255 spin_lock_bh(&br->hash_lock); 256 257 vg = nbp_vlan_group(p); 258 /* Search all chains since old address/hash is unknown */ 259 for (i = 0; i < BR_HASH_SIZE; i++) { 260 struct hlist_node *h; 261 hlist_for_each(h, &br->hash[i]) { 262 struct net_bridge_fdb_entry *f; 263 264 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 265 if (f->dst == p && f->is_local && !f->added_by_user) { 266 /* delete old one */ 267 fdb_delete_local(br, p, f); 268 269 /* if this port has no vlan information 270 * configured, we can safely be done at 271 * this point. 272 */ 273 if (!vg || !vg->num_vlans) 274 goto insert; 275 } 276 } 277 } 278 279 insert: 280 /* insert new address, may fail if invalid address or dup. */ 281 fdb_insert(br, p, newaddr, 0); 282 283 if (!vg || !vg->num_vlans) 284 goto done; 285 286 /* Now add entries for every VLAN configured on the port. 287 * This function runs under RTNL so the bitmap will not change 288 * from under us. 289 */ 290 list_for_each_entry(v, &vg->vlan_list, vlist) 291 fdb_insert(br, p, newaddr, v->vid); 292 293 done: 294 spin_unlock_bh(&br->hash_lock); 295 } 296 297 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 298 { 299 struct net_bridge_vlan_group *vg; 300 struct net_bridge_fdb_entry *f; 301 struct net_bridge_vlan *v; 302 303 spin_lock_bh(&br->hash_lock); 304 305 /* If old entry was unassociated with any port, then delete it. */ 306 f = br_fdb_find(br, br->dev->dev_addr, 0); 307 if (f && f->is_local && !f->dst && !f->added_by_user) 308 fdb_delete_local(br, NULL, f); 309 310 fdb_insert(br, NULL, newaddr, 0); 311 vg = br_vlan_group(br); 312 if (!vg || !vg->num_vlans) 313 goto out; 314 /* Now remove and add entries for every VLAN configured on the 315 * bridge. This function runs under RTNL so the bitmap will not 316 * change from under us. 317 */ 318 list_for_each_entry(v, &vg->vlan_list, vlist) { 319 if (!br_vlan_should_use(v)) 320 continue; 321 f = br_fdb_find(br, br->dev->dev_addr, v->vid); 322 if (f && f->is_local && !f->dst && !f->added_by_user) 323 fdb_delete_local(br, NULL, f); 324 fdb_insert(br, NULL, newaddr, v->vid); 325 } 326 out: 327 spin_unlock_bh(&br->hash_lock); 328 } 329 330 void br_fdb_cleanup(struct work_struct *work) 331 { 332 struct net_bridge *br = container_of(work, struct net_bridge, 333 gc_work.work); 334 unsigned long delay = hold_time(br); 335 unsigned long work_delay = delay; 336 unsigned long now = jiffies; 337 int i; 338 339 for (i = 0; i < BR_HASH_SIZE; i++) { 340 struct net_bridge_fdb_entry *f; 341 struct hlist_node *n; 342 343 if (!br->hash[i].first) 344 continue; 345 346 spin_lock_bh(&br->hash_lock); 347 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 348 unsigned long this_timer; 349 350 if (f->is_static) 351 continue; 352 if (f->added_by_external_learn) 353 continue; 354 this_timer = f->updated + delay; 355 if (time_after(this_timer, now)) 356 work_delay = min(work_delay, this_timer - now); 357 else 358 fdb_delete(br, f); 359 } 360 spin_unlock_bh(&br->hash_lock); 361 cond_resched(); 362 } 363 364 /* Cleanup minimum 10 milliseconds apart */ 365 work_delay = max_t(unsigned long, work_delay, msecs_to_jiffies(10)); 366 mod_delayed_work(system_long_wq, &br->gc_work, work_delay); 367 } 368 369 /* Completely flush all dynamic entries in forwarding database.*/ 370 void br_fdb_flush(struct net_bridge *br) 371 { 372 int i; 373 374 spin_lock_bh(&br->hash_lock); 375 for (i = 0; i < BR_HASH_SIZE; i++) { 376 struct net_bridge_fdb_entry *f; 377 struct hlist_node *n; 378 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 379 if (!f->is_static) 380 fdb_delete(br, f); 381 } 382 } 383 spin_unlock_bh(&br->hash_lock); 384 } 385 386 /* Flush all entries referring to a specific port. 387 * if do_all is set also flush static entries 388 * if vid is set delete all entries that match the vlan_id 389 */ 390 void br_fdb_delete_by_port(struct net_bridge *br, 391 const struct net_bridge_port *p, 392 u16 vid, 393 int do_all) 394 { 395 int i; 396 397 spin_lock_bh(&br->hash_lock); 398 for (i = 0; i < BR_HASH_SIZE; i++) { 399 struct hlist_node *h, *g; 400 401 hlist_for_each_safe(h, g, &br->hash[i]) { 402 struct net_bridge_fdb_entry *f 403 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 404 if (f->dst != p) 405 continue; 406 407 if (!do_all) 408 if (f->is_static || (vid && f->vlan_id != vid)) 409 continue; 410 411 if (f->is_local) 412 fdb_delete_local(br, p, f); 413 else 414 fdb_delete(br, f); 415 } 416 } 417 spin_unlock_bh(&br->hash_lock); 418 } 419 420 #if IS_ENABLED(CONFIG_ATM_LANE) 421 /* Interface used by ATM LANE hook to test 422 * if an addr is on some other bridge port */ 423 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 424 { 425 struct net_bridge_fdb_entry *fdb; 426 struct net_bridge_port *port; 427 int ret; 428 429 rcu_read_lock(); 430 port = br_port_get_rcu(dev); 431 if (!port) 432 ret = 0; 433 else { 434 fdb = br_fdb_find_rcu(port->br, addr, 0); 435 ret = fdb && fdb->dst && fdb->dst->dev != dev && 436 fdb->dst->state == BR_STATE_FORWARDING; 437 } 438 rcu_read_unlock(); 439 440 return ret; 441 } 442 #endif /* CONFIG_ATM_LANE */ 443 444 /* 445 * Fill buffer with forwarding table records in 446 * the API format. 447 */ 448 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 449 unsigned long maxnum, unsigned long skip) 450 { 451 struct __fdb_entry *fe = buf; 452 int i, num = 0; 453 struct net_bridge_fdb_entry *f; 454 455 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 456 457 rcu_read_lock(); 458 for (i = 0; i < BR_HASH_SIZE; i++) { 459 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 460 if (num >= maxnum) 461 goto out; 462 463 if (has_expired(br, f)) 464 continue; 465 466 /* ignore pseudo entry for local MAC address */ 467 if (!f->dst) 468 continue; 469 470 if (skip) { 471 --skip; 472 continue; 473 } 474 475 /* convert from internal format to API */ 476 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 477 478 /* due to ABI compat need to split into hi/lo */ 479 fe->port_no = f->dst->port_no; 480 fe->port_hi = f->dst->port_no >> 8; 481 482 fe->is_local = f->is_local; 483 if (!f->is_static) 484 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 485 ++fe; 486 ++num; 487 } 488 } 489 490 out: 491 rcu_read_unlock(); 492 493 return num; 494 } 495 496 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 497 struct net_bridge_port *source, 498 const unsigned char *addr, 499 __u16 vid, 500 unsigned char is_local, 501 unsigned char is_static) 502 { 503 struct net_bridge_fdb_entry *fdb; 504 505 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 506 if (fdb) { 507 memcpy(fdb->addr.addr, addr, ETH_ALEN); 508 fdb->dst = source; 509 fdb->vlan_id = vid; 510 fdb->is_local = is_local; 511 fdb->is_static = is_static; 512 fdb->added_by_user = 0; 513 fdb->added_by_external_learn = 0; 514 fdb->offloaded = 0; 515 fdb->updated = fdb->used = jiffies; 516 hlist_add_head_rcu(&fdb->hlist, head); 517 } 518 return fdb; 519 } 520 521 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 522 const unsigned char *addr, u16 vid) 523 { 524 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 525 struct net_bridge_fdb_entry *fdb; 526 527 if (!is_valid_ether_addr(addr)) 528 return -EINVAL; 529 530 fdb = br_fdb_find(br, addr, vid); 531 if (fdb) { 532 /* it is okay to have multiple ports with same 533 * address, just use the first one. 534 */ 535 if (fdb->is_local) 536 return 0; 537 br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n", 538 source ? source->dev->name : br->dev->name, addr, vid); 539 fdb_delete(br, fdb); 540 } 541 542 fdb = fdb_create(head, source, addr, vid, 1, 1); 543 if (!fdb) 544 return -ENOMEM; 545 546 fdb_add_hw_addr(br, addr); 547 fdb_notify(br, fdb, RTM_NEWNEIGH); 548 return 0; 549 } 550 551 /* Add entry for local address of interface */ 552 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 553 const unsigned char *addr, u16 vid) 554 { 555 int ret; 556 557 spin_lock_bh(&br->hash_lock); 558 ret = fdb_insert(br, source, addr, vid); 559 spin_unlock_bh(&br->hash_lock); 560 return ret; 561 } 562 563 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 564 const unsigned char *addr, u16 vid, bool added_by_user) 565 { 566 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 567 struct net_bridge_fdb_entry *fdb; 568 bool fdb_modified = false; 569 570 /* some users want to always flood. */ 571 if (hold_time(br) == 0) 572 return; 573 574 /* ignore packets unless we are using this port */ 575 if (!(source->state == BR_STATE_LEARNING || 576 source->state == BR_STATE_FORWARDING)) 577 return; 578 579 fdb = fdb_find_rcu(head, addr, vid); 580 if (likely(fdb)) { 581 /* attempt to update an entry for a local interface */ 582 if (unlikely(fdb->is_local)) { 583 if (net_ratelimit()) 584 br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n", 585 source->dev->name, addr, vid); 586 } else { 587 unsigned long now = jiffies; 588 589 /* fastpath: update of existing entry */ 590 if (unlikely(source != fdb->dst)) { 591 fdb->dst = source; 592 fdb_modified = true; 593 /* Take over HW learned entry */ 594 if (unlikely(fdb->added_by_external_learn)) 595 fdb->added_by_external_learn = 0; 596 } 597 if (now != fdb->updated) 598 fdb->updated = now; 599 if (unlikely(added_by_user)) 600 fdb->added_by_user = 1; 601 if (unlikely(fdb_modified)) 602 fdb_notify(br, fdb, RTM_NEWNEIGH); 603 } 604 } else { 605 spin_lock(&br->hash_lock); 606 if (likely(!fdb_find_rcu(head, addr, vid))) { 607 fdb = fdb_create(head, source, addr, vid, 0, 0); 608 if (fdb) { 609 if (unlikely(added_by_user)) 610 fdb->added_by_user = 1; 611 fdb_notify(br, fdb, RTM_NEWNEIGH); 612 } 613 } 614 /* else we lose race and someone else inserts 615 * it first, don't bother updating 616 */ 617 spin_unlock(&br->hash_lock); 618 } 619 } 620 621 static int fdb_to_nud(const struct net_bridge *br, 622 const struct net_bridge_fdb_entry *fdb) 623 { 624 if (fdb->is_local) 625 return NUD_PERMANENT; 626 else if (fdb->is_static) 627 return NUD_NOARP; 628 else if (has_expired(br, fdb)) 629 return NUD_STALE; 630 else 631 return NUD_REACHABLE; 632 } 633 634 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 635 const struct net_bridge_fdb_entry *fdb, 636 u32 portid, u32 seq, int type, unsigned int flags) 637 { 638 unsigned long now = jiffies; 639 struct nda_cacheinfo ci; 640 struct nlmsghdr *nlh; 641 struct ndmsg *ndm; 642 643 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 644 if (nlh == NULL) 645 return -EMSGSIZE; 646 647 ndm = nlmsg_data(nlh); 648 ndm->ndm_family = AF_BRIDGE; 649 ndm->ndm_pad1 = 0; 650 ndm->ndm_pad2 = 0; 651 ndm->ndm_flags = 0; 652 ndm->ndm_type = 0; 653 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 654 ndm->ndm_state = fdb_to_nud(br, fdb); 655 656 if (fdb->offloaded) 657 ndm->ndm_flags |= NTF_OFFLOADED; 658 if (fdb->added_by_external_learn) 659 ndm->ndm_flags |= NTF_EXT_LEARNED; 660 661 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 662 goto nla_put_failure; 663 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 664 goto nla_put_failure; 665 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 666 ci.ndm_confirmed = 0; 667 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 668 ci.ndm_refcnt = 0; 669 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 670 goto nla_put_failure; 671 672 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 673 goto nla_put_failure; 674 675 nlmsg_end(skb, nlh); 676 return 0; 677 678 nla_put_failure: 679 nlmsg_cancel(skb, nlh); 680 return -EMSGSIZE; 681 } 682 683 static inline size_t fdb_nlmsg_size(void) 684 { 685 return NLMSG_ALIGN(sizeof(struct ndmsg)) 686 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 687 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 688 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 689 + nla_total_size(sizeof(struct nda_cacheinfo)); 690 } 691 692 static void fdb_notify(struct net_bridge *br, 693 const struct net_bridge_fdb_entry *fdb, int type) 694 { 695 struct net *net = dev_net(br->dev); 696 struct sk_buff *skb; 697 int err = -ENOBUFS; 698 699 br_switchdev_fdb_notify(fdb, type); 700 701 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 702 if (skb == NULL) 703 goto errout; 704 705 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 706 if (err < 0) { 707 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 708 WARN_ON(err == -EMSGSIZE); 709 kfree_skb(skb); 710 goto errout; 711 } 712 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 713 return; 714 errout: 715 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 716 } 717 718 /* Dump information about entries, in response to GETNEIGH */ 719 int br_fdb_dump(struct sk_buff *skb, 720 struct netlink_callback *cb, 721 struct net_device *dev, 722 struct net_device *filter_dev, 723 int *idx) 724 { 725 struct net_bridge *br = netdev_priv(dev); 726 int err = 0; 727 int i; 728 729 if (!(dev->priv_flags & IFF_EBRIDGE)) 730 goto out; 731 732 if (!filter_dev) { 733 err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 734 if (err < 0) 735 goto out; 736 } 737 738 for (i = 0; i < BR_HASH_SIZE; i++) { 739 struct net_bridge_fdb_entry *f; 740 741 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 742 743 if (*idx < cb->args[2]) 744 goto skip; 745 746 if (filter_dev && 747 (!f->dst || f->dst->dev != filter_dev)) { 748 if (filter_dev != dev) 749 goto skip; 750 /* !f->dst is a special case for bridge 751 * It means the MAC belongs to the bridge 752 * Therefore need a little more filtering 753 * we only want to dump the !f->dst case 754 */ 755 if (f->dst) 756 goto skip; 757 } 758 if (!filter_dev && f->dst) 759 goto skip; 760 761 err = fdb_fill_info(skb, br, f, 762 NETLINK_CB(cb->skb).portid, 763 cb->nlh->nlmsg_seq, 764 RTM_NEWNEIGH, 765 NLM_F_MULTI); 766 if (err < 0) 767 goto out; 768 skip: 769 *idx += 1; 770 } 771 } 772 773 out: 774 return err; 775 } 776 777 /* Update (create or replace) forwarding database entry */ 778 static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source, 779 const __u8 *addr, __u16 state, __u16 flags, __u16 vid) 780 { 781 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 782 struct net_bridge_fdb_entry *fdb; 783 bool modified = false; 784 785 /* If the port cannot learn allow only local and static entries */ 786 if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 787 !(source->state == BR_STATE_LEARNING || 788 source->state == BR_STATE_FORWARDING)) 789 return -EPERM; 790 791 if (!source && !(state & NUD_PERMANENT)) { 792 pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n", 793 br->dev->name); 794 return -EINVAL; 795 } 796 797 fdb = br_fdb_find(br, addr, vid); 798 if (fdb == NULL) { 799 if (!(flags & NLM_F_CREATE)) 800 return -ENOENT; 801 802 fdb = fdb_create(head, source, addr, vid, 0, 0); 803 if (!fdb) 804 return -ENOMEM; 805 806 modified = true; 807 } else { 808 if (flags & NLM_F_EXCL) 809 return -EEXIST; 810 811 if (fdb->dst != source) { 812 fdb->dst = source; 813 modified = true; 814 } 815 } 816 817 if (fdb_to_nud(br, fdb) != state) { 818 if (state & NUD_PERMANENT) { 819 fdb->is_local = 1; 820 if (!fdb->is_static) { 821 fdb->is_static = 1; 822 fdb_add_hw_addr(br, addr); 823 } 824 } else if (state & NUD_NOARP) { 825 fdb->is_local = 0; 826 if (!fdb->is_static) { 827 fdb->is_static = 1; 828 fdb_add_hw_addr(br, addr); 829 } 830 } else { 831 fdb->is_local = 0; 832 if (fdb->is_static) { 833 fdb->is_static = 0; 834 fdb_del_hw_addr(br, addr); 835 } 836 } 837 838 modified = true; 839 } 840 fdb->added_by_user = 1; 841 842 fdb->used = jiffies; 843 if (modified) { 844 fdb->updated = jiffies; 845 fdb_notify(br, fdb, RTM_NEWNEIGH); 846 } 847 848 return 0; 849 } 850 851 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br, 852 struct net_bridge_port *p, const unsigned char *addr, 853 u16 nlh_flags, u16 vid) 854 { 855 int err = 0; 856 857 if (ndm->ndm_flags & NTF_USE) { 858 if (!p) { 859 pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n", 860 br->dev->name); 861 return -EINVAL; 862 } 863 local_bh_disable(); 864 rcu_read_lock(); 865 br_fdb_update(br, p, addr, vid, true); 866 rcu_read_unlock(); 867 local_bh_enable(); 868 } else if (ndm->ndm_flags & NTF_EXT_LEARNED) { 869 err = br_fdb_external_learn_add(br, p, addr, vid); 870 } else { 871 spin_lock_bh(&br->hash_lock); 872 err = fdb_add_entry(br, p, addr, ndm->ndm_state, 873 nlh_flags, vid); 874 spin_unlock_bh(&br->hash_lock); 875 } 876 877 return err; 878 } 879 880 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 881 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 882 struct net_device *dev, 883 const unsigned char *addr, u16 vid, u16 nlh_flags) 884 { 885 struct net_bridge_vlan_group *vg; 886 struct net_bridge_port *p = NULL; 887 struct net_bridge_vlan *v; 888 struct net_bridge *br = NULL; 889 int err = 0; 890 891 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 892 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 893 return -EINVAL; 894 } 895 896 if (is_zero_ether_addr(addr)) { 897 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 898 return -EINVAL; 899 } 900 901 if (dev->priv_flags & IFF_EBRIDGE) { 902 br = netdev_priv(dev); 903 vg = br_vlan_group(br); 904 } else { 905 p = br_port_get_rtnl(dev); 906 if (!p) { 907 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 908 dev->name); 909 return -EINVAL; 910 } 911 br = p->br; 912 vg = nbp_vlan_group(p); 913 } 914 915 if (vid) { 916 v = br_vlan_find(vg, vid); 917 if (!v || !br_vlan_should_use(v)) { 918 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 919 return -EINVAL; 920 } 921 922 /* VID was specified, so use it. */ 923 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid); 924 } else { 925 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0); 926 if (err || !vg || !vg->num_vlans) 927 goto out; 928 929 /* We have vlans configured on this port and user didn't 930 * specify a VLAN. To be nice, add/update entry for every 931 * vlan on this port. 932 */ 933 list_for_each_entry(v, &vg->vlan_list, vlist) { 934 if (!br_vlan_should_use(v)) 935 continue; 936 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid); 937 if (err) 938 goto out; 939 } 940 } 941 942 out: 943 return err; 944 } 945 946 static int fdb_delete_by_addr_and_port(struct net_bridge *br, 947 const struct net_bridge_port *p, 948 const u8 *addr, u16 vlan) 949 { 950 struct net_bridge_fdb_entry *fdb; 951 952 fdb = br_fdb_find(br, addr, vlan); 953 if (!fdb || fdb->dst != p) 954 return -ENOENT; 955 956 fdb_delete(br, fdb); 957 958 return 0; 959 } 960 961 static int __br_fdb_delete(struct net_bridge *br, 962 const struct net_bridge_port *p, 963 const unsigned char *addr, u16 vid) 964 { 965 int err; 966 967 spin_lock_bh(&br->hash_lock); 968 err = fdb_delete_by_addr_and_port(br, p, addr, vid); 969 spin_unlock_bh(&br->hash_lock); 970 971 return err; 972 } 973 974 /* Remove neighbor entry with RTM_DELNEIGH */ 975 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 976 struct net_device *dev, 977 const unsigned char *addr, u16 vid) 978 { 979 struct net_bridge_vlan_group *vg; 980 struct net_bridge_port *p = NULL; 981 struct net_bridge_vlan *v; 982 struct net_bridge *br; 983 int err; 984 985 if (dev->priv_flags & IFF_EBRIDGE) { 986 br = netdev_priv(dev); 987 vg = br_vlan_group(br); 988 } else { 989 p = br_port_get_rtnl(dev); 990 if (!p) { 991 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 992 dev->name); 993 return -EINVAL; 994 } 995 vg = nbp_vlan_group(p); 996 br = p->br; 997 } 998 999 if (vid) { 1000 v = br_vlan_find(vg, vid); 1001 if (!v) { 1002 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 1003 return -EINVAL; 1004 } 1005 1006 err = __br_fdb_delete(br, p, addr, vid); 1007 } else { 1008 err = -ENOENT; 1009 err &= __br_fdb_delete(br, p, addr, 0); 1010 if (!vg || !vg->num_vlans) 1011 return err; 1012 1013 list_for_each_entry(v, &vg->vlan_list, vlist) { 1014 if (!br_vlan_should_use(v)) 1015 continue; 1016 err &= __br_fdb_delete(br, p, addr, v->vid); 1017 } 1018 } 1019 1020 return err; 1021 } 1022 1023 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1024 { 1025 struct net_bridge_fdb_entry *fdb, *tmp; 1026 int i; 1027 int err; 1028 1029 ASSERT_RTNL(); 1030 1031 for (i = 0; i < BR_HASH_SIZE; i++) { 1032 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 1033 /* We only care for static entries */ 1034 if (!fdb->is_static) 1035 continue; 1036 1037 err = dev_uc_add(p->dev, fdb->addr.addr); 1038 if (err) 1039 goto rollback; 1040 } 1041 } 1042 return 0; 1043 1044 rollback: 1045 for (i = 0; i < BR_HASH_SIZE; i++) { 1046 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 1047 /* If we reached the fdb that failed, we can stop */ 1048 if (tmp == fdb) 1049 break; 1050 1051 /* We only care for static entries */ 1052 if (!tmp->is_static) 1053 continue; 1054 1055 dev_uc_del(p->dev, tmp->addr.addr); 1056 } 1057 } 1058 return err; 1059 } 1060 1061 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1062 { 1063 struct net_bridge_fdb_entry *fdb; 1064 int i; 1065 1066 ASSERT_RTNL(); 1067 1068 for (i = 0; i < BR_HASH_SIZE; i++) { 1069 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1070 /* We only care for static entries */ 1071 if (!fdb->is_static) 1072 continue; 1073 1074 dev_uc_del(p->dev, fdb->addr.addr); 1075 } 1076 } 1077 } 1078 1079 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1080 const unsigned char *addr, u16 vid) 1081 { 1082 struct net_bridge_fdb_entry *fdb; 1083 struct hlist_head *head; 1084 bool modified = false; 1085 int err = 0; 1086 1087 spin_lock_bh(&br->hash_lock); 1088 1089 head = &br->hash[br_mac_hash(addr, vid)]; 1090 fdb = br_fdb_find(br, addr, vid); 1091 if (!fdb) { 1092 fdb = fdb_create(head, p, addr, vid, 0, 0); 1093 if (!fdb) { 1094 err = -ENOMEM; 1095 goto err_unlock; 1096 } 1097 fdb->added_by_external_learn = 1; 1098 fdb_notify(br, fdb, RTM_NEWNEIGH); 1099 } else { 1100 fdb->updated = jiffies; 1101 1102 if (fdb->dst != p) { 1103 fdb->dst = p; 1104 modified = true; 1105 } 1106 1107 if (fdb->added_by_external_learn) { 1108 /* Refresh entry */ 1109 fdb->used = jiffies; 1110 } else if (!fdb->added_by_user) { 1111 /* Take over SW learned entry */ 1112 fdb->added_by_external_learn = 1; 1113 modified = true; 1114 } 1115 1116 if (modified) 1117 fdb_notify(br, fdb, RTM_NEWNEIGH); 1118 } 1119 1120 err_unlock: 1121 spin_unlock_bh(&br->hash_lock); 1122 1123 return err; 1124 } 1125 1126 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1127 const unsigned char *addr, u16 vid) 1128 { 1129 struct net_bridge_fdb_entry *fdb; 1130 int err = 0; 1131 1132 spin_lock_bh(&br->hash_lock); 1133 1134 fdb = br_fdb_find(br, addr, vid); 1135 if (fdb && fdb->added_by_external_learn) 1136 fdb_delete(br, fdb); 1137 else 1138 err = -ENOENT; 1139 1140 spin_unlock_bh(&br->hash_lock); 1141 1142 return err; 1143 } 1144 1145 void br_fdb_offloaded_set(struct net_bridge *br, struct net_bridge_port *p, 1146 const unsigned char *addr, u16 vid) 1147 { 1148 struct net_bridge_fdb_entry *fdb; 1149 1150 spin_lock_bh(&br->hash_lock); 1151 1152 fdb = br_fdb_find(br, addr, vid); 1153 if (fdb) 1154 fdb->offloaded = 1; 1155 1156 spin_unlock_bh(&br->hash_lock); 1157 } 1158