1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include <trace/events/bridge.h> 29 #include "br_private.h" 30 31 static const struct rhashtable_params br_fdb_rht_params = { 32 .head_offset = offsetof(struct net_bridge_fdb_entry, rhnode), 33 .key_offset = offsetof(struct net_bridge_fdb_entry, key), 34 .key_len = sizeof(struct net_bridge_fdb_key), 35 .automatic_shrinking = true, 36 .locks_mul = 1, 37 }; 38 39 static struct kmem_cache *br_fdb_cache __read_mostly; 40 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 41 const unsigned char *addr, u16 vid); 42 static void fdb_notify(struct net_bridge *br, 43 const struct net_bridge_fdb_entry *, int); 44 45 int __init br_fdb_init(void) 46 { 47 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 48 sizeof(struct net_bridge_fdb_entry), 49 0, 50 SLAB_HWCACHE_ALIGN, NULL); 51 if (!br_fdb_cache) 52 return -ENOMEM; 53 54 return 0; 55 } 56 57 void br_fdb_fini(void) 58 { 59 kmem_cache_destroy(br_fdb_cache); 60 } 61 62 int br_fdb_hash_init(struct net_bridge *br) 63 { 64 return rhashtable_init(&br->fdb_hash_tbl, &br_fdb_rht_params); 65 } 66 67 void br_fdb_hash_fini(struct net_bridge *br) 68 { 69 rhashtable_destroy(&br->fdb_hash_tbl); 70 } 71 72 /* if topology_changing then use forward_delay (default 15 sec) 73 * otherwise keep longer (default 5 minutes) 74 */ 75 static inline unsigned long hold_time(const struct net_bridge *br) 76 { 77 return br->topology_change ? br->forward_delay : br->ageing_time; 78 } 79 80 static inline int has_expired(const struct net_bridge *br, 81 const struct net_bridge_fdb_entry *fdb) 82 { 83 return !fdb->is_static && !fdb->added_by_external_learn && 84 time_before_eq(fdb->updated + hold_time(br), jiffies); 85 } 86 87 static void fdb_rcu_free(struct rcu_head *head) 88 { 89 struct net_bridge_fdb_entry *ent 90 = container_of(head, struct net_bridge_fdb_entry, rcu); 91 kmem_cache_free(br_fdb_cache, ent); 92 } 93 94 static struct net_bridge_fdb_entry *fdb_find_rcu(struct rhashtable *tbl, 95 const unsigned char *addr, 96 __u16 vid) 97 { 98 struct net_bridge_fdb_key key; 99 100 WARN_ON_ONCE(!rcu_read_lock_held()); 101 102 key.vlan_id = vid; 103 memcpy(key.addr.addr, addr, sizeof(key.addr.addr)); 104 105 return rhashtable_lookup(tbl, &key, br_fdb_rht_params); 106 } 107 108 /* requires bridge hash_lock */ 109 static struct net_bridge_fdb_entry *br_fdb_find(struct net_bridge *br, 110 const unsigned char *addr, 111 __u16 vid) 112 { 113 struct net_bridge_fdb_entry *fdb; 114 115 lockdep_assert_held_once(&br->hash_lock); 116 117 rcu_read_lock(); 118 fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); 119 rcu_read_unlock(); 120 121 return fdb; 122 } 123 124 struct net_bridge_fdb_entry *br_fdb_find_rcu(struct net_bridge *br, 125 const unsigned char *addr, 126 __u16 vid) 127 { 128 return fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); 129 } 130 131 /* When a static FDB entry is added, the mac address from the entry is 132 * added to the bridge private HW address list and all required ports 133 * are then updated with the new information. 134 * Called under RTNL. 135 */ 136 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 137 { 138 int err; 139 struct net_bridge_port *p; 140 141 ASSERT_RTNL(); 142 143 list_for_each_entry(p, &br->port_list, list) { 144 if (!br_promisc_port(p)) { 145 err = dev_uc_add(p->dev, addr); 146 if (err) 147 goto undo; 148 } 149 } 150 151 return; 152 undo: 153 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 154 if (!br_promisc_port(p)) 155 dev_uc_del(p->dev, addr); 156 } 157 } 158 159 /* When a static FDB entry is deleted, the HW address from that entry is 160 * also removed from the bridge private HW address list and updates all 161 * the ports with needed information. 162 * Called under RTNL. 163 */ 164 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 165 { 166 struct net_bridge_port *p; 167 168 ASSERT_RTNL(); 169 170 list_for_each_entry(p, &br->port_list, list) { 171 if (!br_promisc_port(p)) 172 dev_uc_del(p->dev, addr); 173 } 174 } 175 176 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 177 { 178 trace_fdb_delete(br, f); 179 180 if (f->is_static) 181 fdb_del_hw_addr(br, f->key.addr.addr); 182 183 hlist_del_init_rcu(&f->fdb_node); 184 rhashtable_remove_fast(&br->fdb_hash_tbl, &f->rhnode, 185 br_fdb_rht_params); 186 fdb_notify(br, f, RTM_DELNEIGH); 187 call_rcu(&f->rcu, fdb_rcu_free); 188 } 189 190 /* Delete a local entry if no other port had the same address. */ 191 static void fdb_delete_local(struct net_bridge *br, 192 const struct net_bridge_port *p, 193 struct net_bridge_fdb_entry *f) 194 { 195 const unsigned char *addr = f->key.addr.addr; 196 struct net_bridge_vlan_group *vg; 197 const struct net_bridge_vlan *v; 198 struct net_bridge_port *op; 199 u16 vid = f->key.vlan_id; 200 201 /* Maybe another port has same hw addr? */ 202 list_for_each_entry(op, &br->port_list, list) { 203 vg = nbp_vlan_group(op); 204 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 205 (!vid || br_vlan_find(vg, vid))) { 206 f->dst = op; 207 f->added_by_user = 0; 208 return; 209 } 210 } 211 212 vg = br_vlan_group(br); 213 v = br_vlan_find(vg, vid); 214 /* Maybe bridge device has same hw addr? */ 215 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 216 (!vid || (v && br_vlan_should_use(v)))) { 217 f->dst = NULL; 218 f->added_by_user = 0; 219 return; 220 } 221 222 fdb_delete(br, f); 223 } 224 225 void br_fdb_find_delete_local(struct net_bridge *br, 226 const struct net_bridge_port *p, 227 const unsigned char *addr, u16 vid) 228 { 229 struct net_bridge_fdb_entry *f; 230 231 spin_lock_bh(&br->hash_lock); 232 f = br_fdb_find(br, addr, vid); 233 if (f && f->is_local && !f->added_by_user && f->dst == p) 234 fdb_delete_local(br, p, f); 235 spin_unlock_bh(&br->hash_lock); 236 } 237 238 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 239 { 240 struct net_bridge_vlan_group *vg; 241 struct net_bridge_fdb_entry *f; 242 struct net_bridge *br = p->br; 243 struct net_bridge_vlan *v; 244 245 spin_lock_bh(&br->hash_lock); 246 vg = nbp_vlan_group(p); 247 hlist_for_each_entry(f, &br->fdb_list, fdb_node) { 248 if (f->dst == p && f->is_local && !f->added_by_user) { 249 /* delete old one */ 250 fdb_delete_local(br, p, f); 251 252 /* if this port has no vlan information 253 * configured, we can safely be done at 254 * this point. 255 */ 256 if (!vg || !vg->num_vlans) 257 goto insert; 258 } 259 } 260 261 insert: 262 /* insert new address, may fail if invalid address or dup. */ 263 fdb_insert(br, p, newaddr, 0); 264 265 if (!vg || !vg->num_vlans) 266 goto done; 267 268 /* Now add entries for every VLAN configured on the port. 269 * This function runs under RTNL so the bitmap will not change 270 * from under us. 271 */ 272 list_for_each_entry(v, &vg->vlan_list, vlist) 273 fdb_insert(br, p, newaddr, v->vid); 274 275 done: 276 spin_unlock_bh(&br->hash_lock); 277 } 278 279 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 280 { 281 struct net_bridge_vlan_group *vg; 282 struct net_bridge_fdb_entry *f; 283 struct net_bridge_vlan *v; 284 285 spin_lock_bh(&br->hash_lock); 286 287 /* If old entry was unassociated with any port, then delete it. */ 288 f = br_fdb_find(br, br->dev->dev_addr, 0); 289 if (f && f->is_local && !f->dst && !f->added_by_user) 290 fdb_delete_local(br, NULL, f); 291 292 fdb_insert(br, NULL, newaddr, 0); 293 vg = br_vlan_group(br); 294 if (!vg || !vg->num_vlans) 295 goto out; 296 /* Now remove and add entries for every VLAN configured on the 297 * bridge. This function runs under RTNL so the bitmap will not 298 * change from under us. 299 */ 300 list_for_each_entry(v, &vg->vlan_list, vlist) { 301 if (!br_vlan_should_use(v)) 302 continue; 303 f = br_fdb_find(br, br->dev->dev_addr, v->vid); 304 if (f && f->is_local && !f->dst && !f->added_by_user) 305 fdb_delete_local(br, NULL, f); 306 fdb_insert(br, NULL, newaddr, v->vid); 307 } 308 out: 309 spin_unlock_bh(&br->hash_lock); 310 } 311 312 void br_fdb_cleanup(struct work_struct *work) 313 { 314 struct net_bridge *br = container_of(work, struct net_bridge, 315 gc_work.work); 316 struct net_bridge_fdb_entry *f = NULL; 317 unsigned long delay = hold_time(br); 318 unsigned long work_delay = delay; 319 unsigned long now = jiffies; 320 321 /* this part is tricky, in order to avoid blocking learning and 322 * consequently forwarding, we rely on rcu to delete objects with 323 * delayed freeing allowing us to continue traversing 324 */ 325 rcu_read_lock(); 326 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 327 unsigned long this_timer; 328 329 if (f->is_static || f->added_by_external_learn) 330 continue; 331 this_timer = f->updated + delay; 332 if (time_after(this_timer, now)) { 333 work_delay = min(work_delay, this_timer - now); 334 } else { 335 spin_lock_bh(&br->hash_lock); 336 if (!hlist_unhashed(&f->fdb_node)) 337 fdb_delete(br, f); 338 spin_unlock_bh(&br->hash_lock); 339 } 340 } 341 rcu_read_unlock(); 342 343 /* Cleanup minimum 10 milliseconds apart */ 344 work_delay = max_t(unsigned long, work_delay, msecs_to_jiffies(10)); 345 mod_delayed_work(system_long_wq, &br->gc_work, work_delay); 346 } 347 348 /* Completely flush all dynamic entries in forwarding database.*/ 349 void br_fdb_flush(struct net_bridge *br) 350 { 351 struct net_bridge_fdb_entry *f; 352 struct hlist_node *tmp; 353 354 spin_lock_bh(&br->hash_lock); 355 hlist_for_each_entry_safe(f, tmp, &br->fdb_list, fdb_node) { 356 if (!f->is_static) 357 fdb_delete(br, f); 358 } 359 spin_unlock_bh(&br->hash_lock); 360 } 361 362 /* Flush all entries referring to a specific port. 363 * if do_all is set also flush static entries 364 * if vid is set delete all entries that match the vlan_id 365 */ 366 void br_fdb_delete_by_port(struct net_bridge *br, 367 const struct net_bridge_port *p, 368 u16 vid, 369 int do_all) 370 { 371 struct net_bridge_fdb_entry *f; 372 struct hlist_node *tmp; 373 374 spin_lock_bh(&br->hash_lock); 375 hlist_for_each_entry_safe(f, tmp, &br->fdb_list, fdb_node) { 376 if (f->dst != p) 377 continue; 378 379 if (!do_all) 380 if (f->is_static || (vid && f->key.vlan_id != vid)) 381 continue; 382 383 if (f->is_local) 384 fdb_delete_local(br, p, f); 385 else 386 fdb_delete(br, f); 387 } 388 spin_unlock_bh(&br->hash_lock); 389 } 390 391 #if IS_ENABLED(CONFIG_ATM_LANE) 392 /* Interface used by ATM LANE hook to test 393 * if an addr is on some other bridge port */ 394 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 395 { 396 struct net_bridge_fdb_entry *fdb; 397 struct net_bridge_port *port; 398 int ret; 399 400 rcu_read_lock(); 401 port = br_port_get_rcu(dev); 402 if (!port) 403 ret = 0; 404 else { 405 fdb = br_fdb_find_rcu(port->br, addr, 0); 406 ret = fdb && fdb->dst && fdb->dst->dev != dev && 407 fdb->dst->state == BR_STATE_FORWARDING; 408 } 409 rcu_read_unlock(); 410 411 return ret; 412 } 413 #endif /* CONFIG_ATM_LANE */ 414 415 /* 416 * Fill buffer with forwarding table records in 417 * the API format. 418 */ 419 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 420 unsigned long maxnum, unsigned long skip) 421 { 422 struct net_bridge_fdb_entry *f; 423 struct __fdb_entry *fe = buf; 424 int num = 0; 425 426 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 427 428 rcu_read_lock(); 429 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 430 if (num >= maxnum) 431 break; 432 433 if (has_expired(br, f)) 434 continue; 435 436 /* ignore pseudo entry for local MAC address */ 437 if (!f->dst) 438 continue; 439 440 if (skip) { 441 --skip; 442 continue; 443 } 444 445 /* convert from internal format to API */ 446 memcpy(fe->mac_addr, f->key.addr.addr, ETH_ALEN); 447 448 /* due to ABI compat need to split into hi/lo */ 449 fe->port_no = f->dst->port_no; 450 fe->port_hi = f->dst->port_no >> 8; 451 452 fe->is_local = f->is_local; 453 if (!f->is_static) 454 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 455 ++fe; 456 ++num; 457 } 458 rcu_read_unlock(); 459 460 return num; 461 } 462 463 static struct net_bridge_fdb_entry *fdb_create(struct net_bridge *br, 464 struct net_bridge_port *source, 465 const unsigned char *addr, 466 __u16 vid, 467 unsigned char is_local, 468 unsigned char is_static) 469 { 470 struct net_bridge_fdb_entry *fdb; 471 472 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 473 if (fdb) { 474 memcpy(fdb->key.addr.addr, addr, ETH_ALEN); 475 fdb->dst = source; 476 fdb->key.vlan_id = vid; 477 fdb->is_local = is_local; 478 fdb->is_static = is_static; 479 fdb->added_by_user = 0; 480 fdb->added_by_external_learn = 0; 481 fdb->offloaded = 0; 482 fdb->updated = fdb->used = jiffies; 483 if (rhashtable_lookup_insert_fast(&br->fdb_hash_tbl, 484 &fdb->rhnode, 485 br_fdb_rht_params)) { 486 kmem_cache_free(br_fdb_cache, fdb); 487 fdb = NULL; 488 } else { 489 hlist_add_head_rcu(&fdb->fdb_node, &br->fdb_list); 490 } 491 } 492 return fdb; 493 } 494 495 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 496 const unsigned char *addr, u16 vid) 497 { 498 struct net_bridge_fdb_entry *fdb; 499 500 if (!is_valid_ether_addr(addr)) 501 return -EINVAL; 502 503 fdb = br_fdb_find(br, addr, vid); 504 if (fdb) { 505 /* it is okay to have multiple ports with same 506 * address, just use the first one. 507 */ 508 if (fdb->is_local) 509 return 0; 510 br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n", 511 source ? source->dev->name : br->dev->name, addr, vid); 512 fdb_delete(br, fdb); 513 } 514 515 fdb = fdb_create(br, source, addr, vid, 1, 1); 516 if (!fdb) 517 return -ENOMEM; 518 519 fdb_add_hw_addr(br, addr); 520 fdb_notify(br, fdb, RTM_NEWNEIGH); 521 return 0; 522 } 523 524 /* Add entry for local address of interface */ 525 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 526 const unsigned char *addr, u16 vid) 527 { 528 int ret; 529 530 spin_lock_bh(&br->hash_lock); 531 ret = fdb_insert(br, source, addr, vid); 532 spin_unlock_bh(&br->hash_lock); 533 return ret; 534 } 535 536 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 537 const unsigned char *addr, u16 vid, bool added_by_user) 538 { 539 struct net_bridge_fdb_entry *fdb; 540 bool fdb_modified = false; 541 542 /* some users want to always flood. */ 543 if (hold_time(br) == 0) 544 return; 545 546 /* ignore packets unless we are using this port */ 547 if (!(source->state == BR_STATE_LEARNING || 548 source->state == BR_STATE_FORWARDING)) 549 return; 550 551 fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); 552 if (likely(fdb)) { 553 /* attempt to update an entry for a local interface */ 554 if (unlikely(fdb->is_local)) { 555 if (net_ratelimit()) 556 br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n", 557 source->dev->name, addr, vid); 558 } else { 559 unsigned long now = jiffies; 560 561 /* fastpath: update of existing entry */ 562 if (unlikely(source != fdb->dst)) { 563 fdb->dst = source; 564 fdb_modified = true; 565 /* Take over HW learned entry */ 566 if (unlikely(fdb->added_by_external_learn)) 567 fdb->added_by_external_learn = 0; 568 } 569 if (now != fdb->updated) 570 fdb->updated = now; 571 if (unlikely(added_by_user)) 572 fdb->added_by_user = 1; 573 if (unlikely(fdb_modified)) { 574 trace_br_fdb_update(br, source, addr, vid, added_by_user); 575 fdb_notify(br, fdb, RTM_NEWNEIGH); 576 } 577 } 578 } else { 579 spin_lock(&br->hash_lock); 580 fdb = fdb_create(br, source, addr, vid, 0, 0); 581 if (fdb) { 582 if (unlikely(added_by_user)) 583 fdb->added_by_user = 1; 584 trace_br_fdb_update(br, source, addr, vid, 585 added_by_user); 586 fdb_notify(br, fdb, RTM_NEWNEIGH); 587 } 588 /* else we lose race and someone else inserts 589 * it first, don't bother updating 590 */ 591 spin_unlock(&br->hash_lock); 592 } 593 } 594 595 static int fdb_to_nud(const struct net_bridge *br, 596 const struct net_bridge_fdb_entry *fdb) 597 { 598 if (fdb->is_local) 599 return NUD_PERMANENT; 600 else if (fdb->is_static) 601 return NUD_NOARP; 602 else if (has_expired(br, fdb)) 603 return NUD_STALE; 604 else 605 return NUD_REACHABLE; 606 } 607 608 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 609 const struct net_bridge_fdb_entry *fdb, 610 u32 portid, u32 seq, int type, unsigned int flags) 611 { 612 unsigned long now = jiffies; 613 struct nda_cacheinfo ci; 614 struct nlmsghdr *nlh; 615 struct ndmsg *ndm; 616 617 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 618 if (nlh == NULL) 619 return -EMSGSIZE; 620 621 ndm = nlmsg_data(nlh); 622 ndm->ndm_family = AF_BRIDGE; 623 ndm->ndm_pad1 = 0; 624 ndm->ndm_pad2 = 0; 625 ndm->ndm_flags = 0; 626 ndm->ndm_type = 0; 627 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 628 ndm->ndm_state = fdb_to_nud(br, fdb); 629 630 if (fdb->offloaded) 631 ndm->ndm_flags |= NTF_OFFLOADED; 632 if (fdb->added_by_external_learn) 633 ndm->ndm_flags |= NTF_EXT_LEARNED; 634 635 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->key.addr)) 636 goto nla_put_failure; 637 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 638 goto nla_put_failure; 639 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 640 ci.ndm_confirmed = 0; 641 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 642 ci.ndm_refcnt = 0; 643 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 644 goto nla_put_failure; 645 646 if (fdb->key.vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), 647 &fdb->key.vlan_id)) 648 goto nla_put_failure; 649 650 nlmsg_end(skb, nlh); 651 return 0; 652 653 nla_put_failure: 654 nlmsg_cancel(skb, nlh); 655 return -EMSGSIZE; 656 } 657 658 static inline size_t fdb_nlmsg_size(void) 659 { 660 return NLMSG_ALIGN(sizeof(struct ndmsg)) 661 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 662 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 663 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 664 + nla_total_size(sizeof(struct nda_cacheinfo)); 665 } 666 667 static void fdb_notify(struct net_bridge *br, 668 const struct net_bridge_fdb_entry *fdb, int type) 669 { 670 struct net *net = dev_net(br->dev); 671 struct sk_buff *skb; 672 int err = -ENOBUFS; 673 674 br_switchdev_fdb_notify(fdb, type); 675 676 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 677 if (skb == NULL) 678 goto errout; 679 680 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 681 if (err < 0) { 682 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 683 WARN_ON(err == -EMSGSIZE); 684 kfree_skb(skb); 685 goto errout; 686 } 687 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 688 return; 689 errout: 690 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 691 } 692 693 /* Dump information about entries, in response to GETNEIGH */ 694 int br_fdb_dump(struct sk_buff *skb, 695 struct netlink_callback *cb, 696 struct net_device *dev, 697 struct net_device *filter_dev, 698 int *idx) 699 { 700 struct net_bridge *br = netdev_priv(dev); 701 struct net_bridge_fdb_entry *f; 702 int err = 0; 703 704 if (!(dev->priv_flags & IFF_EBRIDGE)) 705 return err; 706 707 if (!filter_dev) { 708 err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 709 if (err < 0) 710 return err; 711 } 712 713 rcu_read_lock(); 714 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 715 if (*idx < cb->args[2]) 716 goto skip; 717 if (filter_dev && (!f->dst || f->dst->dev != filter_dev)) { 718 if (filter_dev != dev) 719 goto skip; 720 /* !f->dst is a special case for bridge 721 * It means the MAC belongs to the bridge 722 * Therefore need a little more filtering 723 * we only want to dump the !f->dst case 724 */ 725 if (f->dst) 726 goto skip; 727 } 728 if (!filter_dev && f->dst) 729 goto skip; 730 731 err = fdb_fill_info(skb, br, f, 732 NETLINK_CB(cb->skb).portid, 733 cb->nlh->nlmsg_seq, 734 RTM_NEWNEIGH, 735 NLM_F_MULTI); 736 if (err < 0) 737 break; 738 skip: 739 *idx += 1; 740 } 741 rcu_read_unlock(); 742 743 return err; 744 } 745 746 /* Update (create or replace) forwarding database entry */ 747 static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source, 748 const __u8 *addr, __u16 state, __u16 flags, __u16 vid) 749 { 750 struct net_bridge_fdb_entry *fdb; 751 bool modified = false; 752 753 /* If the port cannot learn allow only local and static entries */ 754 if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 755 !(source->state == BR_STATE_LEARNING || 756 source->state == BR_STATE_FORWARDING)) 757 return -EPERM; 758 759 if (!source && !(state & NUD_PERMANENT)) { 760 pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n", 761 br->dev->name); 762 return -EINVAL; 763 } 764 765 fdb = br_fdb_find(br, addr, vid); 766 if (fdb == NULL) { 767 if (!(flags & NLM_F_CREATE)) 768 return -ENOENT; 769 770 fdb = fdb_create(br, source, addr, vid, 0, 0); 771 if (!fdb) 772 return -ENOMEM; 773 774 modified = true; 775 } else { 776 if (flags & NLM_F_EXCL) 777 return -EEXIST; 778 779 if (fdb->dst != source) { 780 fdb->dst = source; 781 modified = true; 782 } 783 } 784 785 if (fdb_to_nud(br, fdb) != state) { 786 if (state & NUD_PERMANENT) { 787 fdb->is_local = 1; 788 if (!fdb->is_static) { 789 fdb->is_static = 1; 790 fdb_add_hw_addr(br, addr); 791 } 792 } else if (state & NUD_NOARP) { 793 fdb->is_local = 0; 794 if (!fdb->is_static) { 795 fdb->is_static = 1; 796 fdb_add_hw_addr(br, addr); 797 } 798 } else { 799 fdb->is_local = 0; 800 if (fdb->is_static) { 801 fdb->is_static = 0; 802 fdb_del_hw_addr(br, addr); 803 } 804 } 805 806 modified = true; 807 } 808 fdb->added_by_user = 1; 809 810 fdb->used = jiffies; 811 if (modified) { 812 fdb->updated = jiffies; 813 fdb_notify(br, fdb, RTM_NEWNEIGH); 814 } 815 816 return 0; 817 } 818 819 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br, 820 struct net_bridge_port *p, const unsigned char *addr, 821 u16 nlh_flags, u16 vid) 822 { 823 int err = 0; 824 825 if (ndm->ndm_flags & NTF_USE) { 826 if (!p) { 827 pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n", 828 br->dev->name); 829 return -EINVAL; 830 } 831 local_bh_disable(); 832 rcu_read_lock(); 833 br_fdb_update(br, p, addr, vid, true); 834 rcu_read_unlock(); 835 local_bh_enable(); 836 } else if (ndm->ndm_flags & NTF_EXT_LEARNED) { 837 err = br_fdb_external_learn_add(br, p, addr, vid); 838 } else { 839 spin_lock_bh(&br->hash_lock); 840 err = fdb_add_entry(br, p, addr, ndm->ndm_state, 841 nlh_flags, vid); 842 spin_unlock_bh(&br->hash_lock); 843 } 844 845 return err; 846 } 847 848 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 849 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 850 struct net_device *dev, 851 const unsigned char *addr, u16 vid, u16 nlh_flags) 852 { 853 struct net_bridge_vlan_group *vg; 854 struct net_bridge_port *p = NULL; 855 struct net_bridge_vlan *v; 856 struct net_bridge *br = NULL; 857 int err = 0; 858 859 trace_br_fdb_add(ndm, dev, addr, vid, nlh_flags); 860 861 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 862 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 863 return -EINVAL; 864 } 865 866 if (is_zero_ether_addr(addr)) { 867 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 868 return -EINVAL; 869 } 870 871 if (dev->priv_flags & IFF_EBRIDGE) { 872 br = netdev_priv(dev); 873 vg = br_vlan_group(br); 874 } else { 875 p = br_port_get_rtnl(dev); 876 if (!p) { 877 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 878 dev->name); 879 return -EINVAL; 880 } 881 br = p->br; 882 vg = nbp_vlan_group(p); 883 } 884 885 if (vid) { 886 v = br_vlan_find(vg, vid); 887 if (!v || !br_vlan_should_use(v)) { 888 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 889 return -EINVAL; 890 } 891 892 /* VID was specified, so use it. */ 893 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid); 894 } else { 895 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0); 896 if (err || !vg || !vg->num_vlans) 897 goto out; 898 899 /* We have vlans configured on this port and user didn't 900 * specify a VLAN. To be nice, add/update entry for every 901 * vlan on this port. 902 */ 903 list_for_each_entry(v, &vg->vlan_list, vlist) { 904 if (!br_vlan_should_use(v)) 905 continue; 906 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid); 907 if (err) 908 goto out; 909 } 910 } 911 912 out: 913 return err; 914 } 915 916 static int fdb_delete_by_addr_and_port(struct net_bridge *br, 917 const struct net_bridge_port *p, 918 const u8 *addr, u16 vlan) 919 { 920 struct net_bridge_fdb_entry *fdb; 921 922 fdb = br_fdb_find(br, addr, vlan); 923 if (!fdb || fdb->dst != p) 924 return -ENOENT; 925 926 fdb_delete(br, fdb); 927 928 return 0; 929 } 930 931 static int __br_fdb_delete(struct net_bridge *br, 932 const struct net_bridge_port *p, 933 const unsigned char *addr, u16 vid) 934 { 935 int err; 936 937 spin_lock_bh(&br->hash_lock); 938 err = fdb_delete_by_addr_and_port(br, p, addr, vid); 939 spin_unlock_bh(&br->hash_lock); 940 941 return err; 942 } 943 944 /* Remove neighbor entry with RTM_DELNEIGH */ 945 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 946 struct net_device *dev, 947 const unsigned char *addr, u16 vid) 948 { 949 struct net_bridge_vlan_group *vg; 950 struct net_bridge_port *p = NULL; 951 struct net_bridge_vlan *v; 952 struct net_bridge *br; 953 int err; 954 955 if (dev->priv_flags & IFF_EBRIDGE) { 956 br = netdev_priv(dev); 957 vg = br_vlan_group(br); 958 } else { 959 p = br_port_get_rtnl(dev); 960 if (!p) { 961 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 962 dev->name); 963 return -EINVAL; 964 } 965 vg = nbp_vlan_group(p); 966 br = p->br; 967 } 968 969 if (vid) { 970 v = br_vlan_find(vg, vid); 971 if (!v) { 972 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 973 return -EINVAL; 974 } 975 976 err = __br_fdb_delete(br, p, addr, vid); 977 } else { 978 err = -ENOENT; 979 err &= __br_fdb_delete(br, p, addr, 0); 980 if (!vg || !vg->num_vlans) 981 return err; 982 983 list_for_each_entry(v, &vg->vlan_list, vlist) { 984 if (!br_vlan_should_use(v)) 985 continue; 986 err &= __br_fdb_delete(br, p, addr, v->vid); 987 } 988 } 989 990 return err; 991 } 992 993 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 994 { 995 struct net_bridge_fdb_entry *f, *tmp; 996 int err = 0; 997 998 ASSERT_RTNL(); 999 1000 /* the key here is that static entries change only under rtnl */ 1001 rcu_read_lock(); 1002 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 1003 /* We only care for static entries */ 1004 if (!f->is_static) 1005 continue; 1006 err = dev_uc_add(p->dev, f->key.addr.addr); 1007 if (err) 1008 goto rollback; 1009 } 1010 done: 1011 rcu_read_unlock(); 1012 1013 return err; 1014 1015 rollback: 1016 hlist_for_each_entry_rcu(tmp, &br->fdb_list, fdb_node) { 1017 /* We only care for static entries */ 1018 if (!tmp->is_static) 1019 continue; 1020 if (tmp == f) 1021 break; 1022 dev_uc_del(p->dev, tmp->key.addr.addr); 1023 } 1024 1025 goto done; 1026 } 1027 1028 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1029 { 1030 struct net_bridge_fdb_entry *f; 1031 1032 ASSERT_RTNL(); 1033 1034 rcu_read_lock(); 1035 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 1036 /* We only care for static entries */ 1037 if (!f->is_static) 1038 continue; 1039 1040 dev_uc_del(p->dev, f->key.addr.addr); 1041 } 1042 rcu_read_unlock(); 1043 } 1044 1045 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1046 const unsigned char *addr, u16 vid) 1047 { 1048 struct net_bridge_fdb_entry *fdb; 1049 bool modified = false; 1050 int err = 0; 1051 1052 trace_br_fdb_external_learn_add(br, p, addr, vid); 1053 1054 spin_lock_bh(&br->hash_lock); 1055 1056 fdb = br_fdb_find(br, addr, vid); 1057 if (!fdb) { 1058 fdb = fdb_create(br, p, addr, vid, 0, 0); 1059 if (!fdb) { 1060 err = -ENOMEM; 1061 goto err_unlock; 1062 } 1063 fdb->added_by_external_learn = 1; 1064 fdb_notify(br, fdb, RTM_NEWNEIGH); 1065 } else { 1066 fdb->updated = jiffies; 1067 1068 if (fdb->dst != p) { 1069 fdb->dst = p; 1070 modified = true; 1071 } 1072 1073 if (fdb->added_by_external_learn) { 1074 /* Refresh entry */ 1075 fdb->used = jiffies; 1076 } else if (!fdb->added_by_user) { 1077 /* Take over SW learned entry */ 1078 fdb->added_by_external_learn = 1; 1079 modified = true; 1080 } 1081 1082 if (modified) 1083 fdb_notify(br, fdb, RTM_NEWNEIGH); 1084 } 1085 1086 err_unlock: 1087 spin_unlock_bh(&br->hash_lock); 1088 1089 return err; 1090 } 1091 1092 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1093 const unsigned char *addr, u16 vid) 1094 { 1095 struct net_bridge_fdb_entry *fdb; 1096 int err = 0; 1097 1098 spin_lock_bh(&br->hash_lock); 1099 1100 fdb = br_fdb_find(br, addr, vid); 1101 if (fdb && fdb->added_by_external_learn) 1102 fdb_delete(br, fdb); 1103 else 1104 err = -ENOENT; 1105 1106 spin_unlock_bh(&br->hash_lock); 1107 1108 return err; 1109 } 1110 1111 void br_fdb_offloaded_set(struct net_bridge *br, struct net_bridge_port *p, 1112 const unsigned char *addr, u16 vid) 1113 { 1114 struct net_bridge_fdb_entry *fdb; 1115 1116 spin_lock_bh(&br->hash_lock); 1117 1118 fdb = br_fdb_find(br, addr, vid); 1119 if (fdb) 1120 fdb->offloaded = 1; 1121 1122 spin_unlock_bh(&br->hash_lock); 1123 } 1124