1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 32 const unsigned char *addr, 33 __u16 vid); 34 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 35 const unsigned char *addr, u16 vid); 36 static void fdb_notify(struct net_bridge *br, 37 const struct net_bridge_fdb_entry *, int); 38 39 static u32 fdb_salt __read_mostly; 40 41 int __init br_fdb_init(void) 42 { 43 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 44 sizeof(struct net_bridge_fdb_entry), 45 0, 46 SLAB_HWCACHE_ALIGN, NULL); 47 if (!br_fdb_cache) 48 return -ENOMEM; 49 50 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 51 return 0; 52 } 53 54 void br_fdb_fini(void) 55 { 56 kmem_cache_destroy(br_fdb_cache); 57 } 58 59 60 /* if topology_changing then use forward_delay (default 15 sec) 61 * otherwise keep longer (default 5 minutes) 62 */ 63 static inline unsigned long hold_time(const struct net_bridge *br) 64 { 65 return br->topology_change ? br->forward_delay : br->ageing_time; 66 } 67 68 static inline int has_expired(const struct net_bridge *br, 69 const struct net_bridge_fdb_entry *fdb) 70 { 71 return !fdb->is_static && 72 time_before_eq(fdb->updated + hold_time(br), jiffies); 73 } 74 75 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 76 { 77 /* use 1 byte of OUI and 3 bytes of NIC */ 78 u32 key = get_unaligned((u32 *)(mac + 2)); 79 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 80 } 81 82 static void fdb_rcu_free(struct rcu_head *head) 83 { 84 struct net_bridge_fdb_entry *ent 85 = container_of(head, struct net_bridge_fdb_entry, rcu); 86 kmem_cache_free(br_fdb_cache, ent); 87 } 88 89 /* When a static FDB entry is added, the mac address from the entry is 90 * added to the bridge private HW address list and all required ports 91 * are then updated with the new information. 92 * Called under RTNL. 93 */ 94 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 95 { 96 int err; 97 struct net_bridge_port *p; 98 99 ASSERT_RTNL(); 100 101 list_for_each_entry(p, &br->port_list, list) { 102 if (!br_promisc_port(p)) { 103 err = dev_uc_add(p->dev, addr); 104 if (err) 105 goto undo; 106 } 107 } 108 109 return; 110 undo: 111 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 112 if (!br_promisc_port(p)) 113 dev_uc_del(p->dev, addr); 114 } 115 } 116 117 /* When a static FDB entry is deleted, the HW address from that entry is 118 * also removed from the bridge private HW address list and updates all 119 * the ports with needed information. 120 * Called under RTNL. 121 */ 122 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 123 { 124 struct net_bridge_port *p; 125 126 ASSERT_RTNL(); 127 128 list_for_each_entry(p, &br->port_list, list) { 129 if (!br_promisc_port(p)) 130 dev_uc_del(p->dev, addr); 131 } 132 } 133 134 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 135 { 136 struct switchdev_obj_port_fdb fdb = { 137 .obj = { 138 .orig_dev = f->dst->dev, 139 .id = SWITCHDEV_OBJ_ID_PORT_FDB, 140 .flags = SWITCHDEV_F_DEFER, 141 }, 142 .vid = f->vlan_id, 143 }; 144 145 ether_addr_copy(fdb.addr, f->addr.addr); 146 switchdev_port_obj_del(f->dst->dev, &fdb.obj); 147 } 148 149 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 150 { 151 if (f->is_static) 152 fdb_del_hw_addr(br, f->addr.addr); 153 154 if (f->added_by_external_learn) 155 fdb_del_external_learn(f); 156 157 hlist_del_rcu(&f->hlist); 158 fdb_notify(br, f, RTM_DELNEIGH); 159 call_rcu(&f->rcu, fdb_rcu_free); 160 } 161 162 /* Delete a local entry if no other port had the same address. */ 163 static void fdb_delete_local(struct net_bridge *br, 164 const struct net_bridge_port *p, 165 struct net_bridge_fdb_entry *f) 166 { 167 const unsigned char *addr = f->addr.addr; 168 struct net_bridge_vlan_group *vg; 169 const struct net_bridge_vlan *v; 170 struct net_bridge_port *op; 171 u16 vid = f->vlan_id; 172 173 /* Maybe another port has same hw addr? */ 174 list_for_each_entry(op, &br->port_list, list) { 175 vg = nbp_vlan_group(op); 176 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 177 (!vid || br_vlan_find(vg, vid))) { 178 f->dst = op; 179 f->added_by_user = 0; 180 return; 181 } 182 } 183 184 vg = br_vlan_group(br); 185 v = br_vlan_find(vg, vid); 186 /* Maybe bridge device has same hw addr? */ 187 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 188 (!vid || (v && br_vlan_should_use(v)))) { 189 f->dst = NULL; 190 f->added_by_user = 0; 191 return; 192 } 193 194 fdb_delete(br, f); 195 } 196 197 void br_fdb_find_delete_local(struct net_bridge *br, 198 const struct net_bridge_port *p, 199 const unsigned char *addr, u16 vid) 200 { 201 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 202 struct net_bridge_fdb_entry *f; 203 204 spin_lock_bh(&br->hash_lock); 205 f = fdb_find(head, addr, vid); 206 if (f && f->is_local && !f->added_by_user && f->dst == p) 207 fdb_delete_local(br, p, f); 208 spin_unlock_bh(&br->hash_lock); 209 } 210 211 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 212 { 213 struct net_bridge_vlan_group *vg; 214 struct net_bridge *br = p->br; 215 struct net_bridge_vlan *v; 216 int i; 217 218 spin_lock_bh(&br->hash_lock); 219 220 vg = nbp_vlan_group(p); 221 /* Search all chains since old address/hash is unknown */ 222 for (i = 0; i < BR_HASH_SIZE; i++) { 223 struct hlist_node *h; 224 hlist_for_each(h, &br->hash[i]) { 225 struct net_bridge_fdb_entry *f; 226 227 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 228 if (f->dst == p && f->is_local && !f->added_by_user) { 229 /* delete old one */ 230 fdb_delete_local(br, p, f); 231 232 /* if this port has no vlan information 233 * configured, we can safely be done at 234 * this point. 235 */ 236 if (!vg || !vg->num_vlans) 237 goto insert; 238 } 239 } 240 } 241 242 insert: 243 /* insert new address, may fail if invalid address or dup. */ 244 fdb_insert(br, p, newaddr, 0); 245 246 if (!vg || !vg->num_vlans) 247 goto done; 248 249 /* Now add entries for every VLAN configured on the port. 250 * This function runs under RTNL so the bitmap will not change 251 * from under us. 252 */ 253 list_for_each_entry(v, &vg->vlan_list, vlist) 254 fdb_insert(br, p, newaddr, v->vid); 255 256 done: 257 spin_unlock_bh(&br->hash_lock); 258 } 259 260 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 261 { 262 struct net_bridge_vlan_group *vg; 263 struct net_bridge_fdb_entry *f; 264 struct net_bridge_vlan *v; 265 266 spin_lock_bh(&br->hash_lock); 267 268 /* If old entry was unassociated with any port, then delete it. */ 269 f = __br_fdb_get(br, br->dev->dev_addr, 0); 270 if (f && f->is_local && !f->dst) 271 fdb_delete_local(br, NULL, f); 272 273 fdb_insert(br, NULL, newaddr, 0); 274 vg = br_vlan_group(br); 275 if (!vg || !vg->num_vlans) 276 goto out; 277 /* Now remove and add entries for every VLAN configured on the 278 * bridge. This function runs under RTNL so the bitmap will not 279 * change from under us. 280 */ 281 list_for_each_entry(v, &vg->vlan_list, vlist) { 282 f = __br_fdb_get(br, br->dev->dev_addr, v->vid); 283 if (f && f->is_local && !f->dst) 284 fdb_delete_local(br, NULL, f); 285 fdb_insert(br, NULL, newaddr, v->vid); 286 } 287 out: 288 spin_unlock_bh(&br->hash_lock); 289 } 290 291 void br_fdb_cleanup(unsigned long _data) 292 { 293 struct net_bridge *br = (struct net_bridge *)_data; 294 unsigned long delay = hold_time(br); 295 unsigned long next_timer = jiffies + br->ageing_time; 296 int i; 297 298 spin_lock(&br->hash_lock); 299 for (i = 0; i < BR_HASH_SIZE; i++) { 300 struct net_bridge_fdb_entry *f; 301 struct hlist_node *n; 302 303 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 304 unsigned long this_timer; 305 if (f->is_static) 306 continue; 307 if (f->added_by_external_learn) 308 continue; 309 this_timer = f->updated + delay; 310 if (time_before_eq(this_timer, jiffies)) 311 fdb_delete(br, f); 312 else if (time_before(this_timer, next_timer)) 313 next_timer = this_timer; 314 } 315 } 316 spin_unlock(&br->hash_lock); 317 318 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 319 } 320 321 /* Completely flush all dynamic entries in forwarding database.*/ 322 void br_fdb_flush(struct net_bridge *br) 323 { 324 int i; 325 326 spin_lock_bh(&br->hash_lock); 327 for (i = 0; i < BR_HASH_SIZE; i++) { 328 struct net_bridge_fdb_entry *f; 329 struct hlist_node *n; 330 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 331 if (!f->is_static) 332 fdb_delete(br, f); 333 } 334 } 335 spin_unlock_bh(&br->hash_lock); 336 } 337 338 /* Flush all entries referring to a specific port. 339 * if do_all is set also flush static entries 340 * if vid is set delete all entries that match the vlan_id 341 */ 342 void br_fdb_delete_by_port(struct net_bridge *br, 343 const struct net_bridge_port *p, 344 u16 vid, 345 int do_all) 346 { 347 int i; 348 349 spin_lock_bh(&br->hash_lock); 350 for (i = 0; i < BR_HASH_SIZE; i++) { 351 struct hlist_node *h, *g; 352 353 hlist_for_each_safe(h, g, &br->hash[i]) { 354 struct net_bridge_fdb_entry *f 355 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 356 if (f->dst != p) 357 continue; 358 359 if (!do_all) 360 if (f->is_static || (vid && f->vlan_id != vid)) 361 continue; 362 363 if (f->is_local) 364 fdb_delete_local(br, p, f); 365 else 366 fdb_delete(br, f); 367 } 368 } 369 spin_unlock_bh(&br->hash_lock); 370 } 371 372 /* No locking or refcounting, assumes caller has rcu_read_lock */ 373 struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 374 const unsigned char *addr, 375 __u16 vid) 376 { 377 struct net_bridge_fdb_entry *fdb; 378 379 hlist_for_each_entry_rcu(fdb, 380 &br->hash[br_mac_hash(addr, vid)], hlist) { 381 if (ether_addr_equal(fdb->addr.addr, addr) && 382 fdb->vlan_id == vid) { 383 if (unlikely(has_expired(br, fdb))) 384 break; 385 return fdb; 386 } 387 } 388 389 return NULL; 390 } 391 392 #if IS_ENABLED(CONFIG_ATM_LANE) 393 /* Interface used by ATM LANE hook to test 394 * if an addr is on some other bridge port */ 395 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 396 { 397 struct net_bridge_fdb_entry *fdb; 398 struct net_bridge_port *port; 399 int ret; 400 401 rcu_read_lock(); 402 port = br_port_get_rcu(dev); 403 if (!port) 404 ret = 0; 405 else { 406 fdb = __br_fdb_get(port->br, addr, 0); 407 ret = fdb && fdb->dst && fdb->dst->dev != dev && 408 fdb->dst->state == BR_STATE_FORWARDING; 409 } 410 rcu_read_unlock(); 411 412 return ret; 413 } 414 #endif /* CONFIG_ATM_LANE */ 415 416 /* 417 * Fill buffer with forwarding table records in 418 * the API format. 419 */ 420 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 421 unsigned long maxnum, unsigned long skip) 422 { 423 struct __fdb_entry *fe = buf; 424 int i, num = 0; 425 struct net_bridge_fdb_entry *f; 426 427 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 428 429 rcu_read_lock(); 430 for (i = 0; i < BR_HASH_SIZE; i++) { 431 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 432 if (num >= maxnum) 433 goto out; 434 435 if (has_expired(br, f)) 436 continue; 437 438 /* ignore pseudo entry for local MAC address */ 439 if (!f->dst) 440 continue; 441 442 if (skip) { 443 --skip; 444 continue; 445 } 446 447 /* convert from internal format to API */ 448 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 449 450 /* due to ABI compat need to split into hi/lo */ 451 fe->port_no = f->dst->port_no; 452 fe->port_hi = f->dst->port_no >> 8; 453 454 fe->is_local = f->is_local; 455 if (!f->is_static) 456 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 457 ++fe; 458 ++num; 459 } 460 } 461 462 out: 463 rcu_read_unlock(); 464 465 return num; 466 } 467 468 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 469 const unsigned char *addr, 470 __u16 vid) 471 { 472 struct net_bridge_fdb_entry *fdb; 473 474 hlist_for_each_entry(fdb, head, hlist) { 475 if (ether_addr_equal(fdb->addr.addr, addr) && 476 fdb->vlan_id == vid) 477 return fdb; 478 } 479 return NULL; 480 } 481 482 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 483 const unsigned char *addr, 484 __u16 vid) 485 { 486 struct net_bridge_fdb_entry *fdb; 487 488 hlist_for_each_entry_rcu(fdb, head, hlist) { 489 if (ether_addr_equal(fdb->addr.addr, addr) && 490 fdb->vlan_id == vid) 491 return fdb; 492 } 493 return NULL; 494 } 495 496 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 497 struct net_bridge_port *source, 498 const unsigned char *addr, 499 __u16 vid, 500 unsigned char is_local, 501 unsigned char is_static) 502 { 503 struct net_bridge_fdb_entry *fdb; 504 505 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 506 if (fdb) { 507 memcpy(fdb->addr.addr, addr, ETH_ALEN); 508 fdb->dst = source; 509 fdb->vlan_id = vid; 510 fdb->is_local = is_local; 511 fdb->is_static = is_static; 512 fdb->added_by_user = 0; 513 fdb->added_by_external_learn = 0; 514 fdb->updated = fdb->used = jiffies; 515 hlist_add_head_rcu(&fdb->hlist, head); 516 } 517 return fdb; 518 } 519 520 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 521 const unsigned char *addr, u16 vid) 522 { 523 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 524 struct net_bridge_fdb_entry *fdb; 525 526 if (!is_valid_ether_addr(addr)) 527 return -EINVAL; 528 529 fdb = fdb_find(head, addr, vid); 530 if (fdb) { 531 /* it is okay to have multiple ports with same 532 * address, just use the first one. 533 */ 534 if (fdb->is_local) 535 return 0; 536 br_warn(br, "adding interface %s with same address " 537 "as a received packet\n", 538 source ? source->dev->name : br->dev->name); 539 fdb_delete(br, fdb); 540 } 541 542 fdb = fdb_create(head, source, addr, vid, 1, 1); 543 if (!fdb) 544 return -ENOMEM; 545 546 fdb_add_hw_addr(br, addr); 547 fdb_notify(br, fdb, RTM_NEWNEIGH); 548 return 0; 549 } 550 551 /* Add entry for local address of interface */ 552 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 553 const unsigned char *addr, u16 vid) 554 { 555 int ret; 556 557 spin_lock_bh(&br->hash_lock); 558 ret = fdb_insert(br, source, addr, vid); 559 spin_unlock_bh(&br->hash_lock); 560 return ret; 561 } 562 563 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 564 const unsigned char *addr, u16 vid, bool added_by_user) 565 { 566 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 567 struct net_bridge_fdb_entry *fdb; 568 bool fdb_modified = false; 569 570 /* some users want to always flood. */ 571 if (hold_time(br) == 0) 572 return; 573 574 /* ignore packets unless we are using this port */ 575 if (!(source->state == BR_STATE_LEARNING || 576 source->state == BR_STATE_FORWARDING)) 577 return; 578 579 fdb = fdb_find_rcu(head, addr, vid); 580 if (likely(fdb)) { 581 /* attempt to update an entry for a local interface */ 582 if (unlikely(fdb->is_local)) { 583 if (net_ratelimit()) 584 br_warn(br, "received packet on %s with " 585 "own address as source address\n", 586 source->dev->name); 587 } else { 588 /* fastpath: update of existing entry */ 589 if (unlikely(source != fdb->dst)) { 590 fdb->dst = source; 591 fdb_modified = true; 592 } 593 fdb->updated = jiffies; 594 if (unlikely(added_by_user)) 595 fdb->added_by_user = 1; 596 if (unlikely(fdb_modified)) 597 fdb_notify(br, fdb, RTM_NEWNEIGH); 598 } 599 } else { 600 spin_lock(&br->hash_lock); 601 if (likely(!fdb_find(head, addr, vid))) { 602 fdb = fdb_create(head, source, addr, vid, 0, 0); 603 if (fdb) { 604 if (unlikely(added_by_user)) 605 fdb->added_by_user = 1; 606 fdb_notify(br, fdb, RTM_NEWNEIGH); 607 } 608 } 609 /* else we lose race and someone else inserts 610 * it first, don't bother updating 611 */ 612 spin_unlock(&br->hash_lock); 613 } 614 } 615 616 static int fdb_to_nud(const struct net_bridge *br, 617 const struct net_bridge_fdb_entry *fdb) 618 { 619 if (fdb->is_local) 620 return NUD_PERMANENT; 621 else if (fdb->is_static) 622 return NUD_NOARP; 623 else if (has_expired(br, fdb)) 624 return NUD_STALE; 625 else 626 return NUD_REACHABLE; 627 } 628 629 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 630 const struct net_bridge_fdb_entry *fdb, 631 u32 portid, u32 seq, int type, unsigned int flags) 632 { 633 unsigned long now = jiffies; 634 struct nda_cacheinfo ci; 635 struct nlmsghdr *nlh; 636 struct ndmsg *ndm; 637 638 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 639 if (nlh == NULL) 640 return -EMSGSIZE; 641 642 ndm = nlmsg_data(nlh); 643 ndm->ndm_family = AF_BRIDGE; 644 ndm->ndm_pad1 = 0; 645 ndm->ndm_pad2 = 0; 646 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 647 ndm->ndm_type = 0; 648 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 649 ndm->ndm_state = fdb_to_nud(br, fdb); 650 651 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 652 goto nla_put_failure; 653 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 654 goto nla_put_failure; 655 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 656 ci.ndm_confirmed = 0; 657 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 658 ci.ndm_refcnt = 0; 659 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 660 goto nla_put_failure; 661 662 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 663 goto nla_put_failure; 664 665 nlmsg_end(skb, nlh); 666 return 0; 667 668 nla_put_failure: 669 nlmsg_cancel(skb, nlh); 670 return -EMSGSIZE; 671 } 672 673 static inline size_t fdb_nlmsg_size(void) 674 { 675 return NLMSG_ALIGN(sizeof(struct ndmsg)) 676 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 677 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 678 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 679 + nla_total_size(sizeof(struct nda_cacheinfo)); 680 } 681 682 static void fdb_notify(struct net_bridge *br, 683 const struct net_bridge_fdb_entry *fdb, int type) 684 { 685 struct net *net = dev_net(br->dev); 686 struct sk_buff *skb; 687 int err = -ENOBUFS; 688 689 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 690 if (skb == NULL) 691 goto errout; 692 693 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 694 if (err < 0) { 695 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 696 WARN_ON(err == -EMSGSIZE); 697 kfree_skb(skb); 698 goto errout; 699 } 700 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 701 return; 702 errout: 703 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 704 } 705 706 /* Dump information about entries, in response to GETNEIGH */ 707 int br_fdb_dump(struct sk_buff *skb, 708 struct netlink_callback *cb, 709 struct net_device *dev, 710 struct net_device *filter_dev, 711 int idx) 712 { 713 struct net_bridge *br = netdev_priv(dev); 714 int i; 715 716 if (!(dev->priv_flags & IFF_EBRIDGE)) 717 goto out; 718 719 if (!filter_dev) 720 idx = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 721 722 for (i = 0; i < BR_HASH_SIZE; i++) { 723 struct net_bridge_fdb_entry *f; 724 725 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 726 if (idx < cb->args[0]) 727 goto skip; 728 729 if (filter_dev && 730 (!f->dst || f->dst->dev != filter_dev)) { 731 if (filter_dev != dev) 732 goto skip; 733 /* !f->dst is a special case for bridge 734 * It means the MAC belongs to the bridge 735 * Therefore need a little more filtering 736 * we only want to dump the !f->dst case 737 */ 738 if (f->dst) 739 goto skip; 740 } 741 if (!filter_dev && f->dst) 742 goto skip; 743 744 if (fdb_fill_info(skb, br, f, 745 NETLINK_CB(cb->skb).portid, 746 cb->nlh->nlmsg_seq, 747 RTM_NEWNEIGH, 748 NLM_F_MULTI) < 0) 749 break; 750 skip: 751 ++idx; 752 } 753 } 754 755 out: 756 return idx; 757 } 758 759 /* Update (create or replace) forwarding database entry */ 760 static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 761 __u16 state, __u16 flags, __u16 vid) 762 { 763 struct net_bridge *br = source->br; 764 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 765 struct net_bridge_fdb_entry *fdb; 766 bool modified = false; 767 768 /* If the port cannot learn allow only local and static entries */ 769 if (!(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 770 !(source->state == BR_STATE_LEARNING || 771 source->state == BR_STATE_FORWARDING)) 772 return -EPERM; 773 774 fdb = fdb_find(head, addr, vid); 775 if (fdb == NULL) { 776 if (!(flags & NLM_F_CREATE)) 777 return -ENOENT; 778 779 fdb = fdb_create(head, source, addr, vid, 0, 0); 780 if (!fdb) 781 return -ENOMEM; 782 783 modified = true; 784 } else { 785 if (flags & NLM_F_EXCL) 786 return -EEXIST; 787 788 if (fdb->dst != source) { 789 fdb->dst = source; 790 modified = true; 791 } 792 } 793 794 if (fdb_to_nud(br, fdb) != state) { 795 if (state & NUD_PERMANENT) { 796 fdb->is_local = 1; 797 if (!fdb->is_static) { 798 fdb->is_static = 1; 799 fdb_add_hw_addr(br, addr); 800 } 801 } else if (state & NUD_NOARP) { 802 fdb->is_local = 0; 803 if (!fdb->is_static) { 804 fdb->is_static = 1; 805 fdb_add_hw_addr(br, addr); 806 } 807 } else { 808 fdb->is_local = 0; 809 if (fdb->is_static) { 810 fdb->is_static = 0; 811 fdb_del_hw_addr(br, addr); 812 } 813 } 814 815 modified = true; 816 } 817 fdb->added_by_user = 1; 818 819 fdb->used = jiffies; 820 if (modified) { 821 fdb->updated = jiffies; 822 fdb_notify(br, fdb, RTM_NEWNEIGH); 823 } 824 825 return 0; 826 } 827 828 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 829 const unsigned char *addr, u16 nlh_flags, u16 vid) 830 { 831 int err = 0; 832 833 if (ndm->ndm_flags & NTF_USE) { 834 local_bh_disable(); 835 rcu_read_lock(); 836 br_fdb_update(p->br, p, addr, vid, true); 837 rcu_read_unlock(); 838 local_bh_enable(); 839 } else { 840 spin_lock_bh(&p->br->hash_lock); 841 err = fdb_add_entry(p, addr, ndm->ndm_state, 842 nlh_flags, vid); 843 spin_unlock_bh(&p->br->hash_lock); 844 } 845 846 return err; 847 } 848 849 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 850 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 851 struct net_device *dev, 852 const unsigned char *addr, u16 vid, u16 nlh_flags) 853 { 854 struct net_bridge_vlan_group *vg; 855 struct net_bridge_port *p = NULL; 856 struct net_bridge_vlan *v; 857 struct net_bridge *br = NULL; 858 int err = 0; 859 860 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 861 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 862 return -EINVAL; 863 } 864 865 if (is_zero_ether_addr(addr)) { 866 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 867 return -EINVAL; 868 } 869 870 if (dev->priv_flags & IFF_EBRIDGE) { 871 br = netdev_priv(dev); 872 vg = br_vlan_group(br); 873 } else { 874 p = br_port_get_rtnl(dev); 875 if (!p) { 876 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 877 dev->name); 878 return -EINVAL; 879 } 880 vg = nbp_vlan_group(p); 881 } 882 883 if (vid) { 884 v = br_vlan_find(vg, vid); 885 if (!v || !br_vlan_should_use(v)) { 886 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 887 return -EINVAL; 888 } 889 890 /* VID was specified, so use it. */ 891 if (dev->priv_flags & IFF_EBRIDGE) 892 err = br_fdb_insert(br, NULL, addr, vid); 893 else 894 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 895 } else { 896 if (dev->priv_flags & IFF_EBRIDGE) 897 err = br_fdb_insert(br, NULL, addr, 0); 898 else 899 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 900 if (err || !vg || !vg->num_vlans) 901 goto out; 902 903 /* We have vlans configured on this port and user didn't 904 * specify a VLAN. To be nice, add/update entry for every 905 * vlan on this port. 906 */ 907 list_for_each_entry(v, &vg->vlan_list, vlist) { 908 if (!br_vlan_should_use(v)) 909 continue; 910 if (dev->priv_flags & IFF_EBRIDGE) 911 err = br_fdb_insert(br, NULL, addr, v->vid); 912 else 913 err = __br_fdb_add(ndm, p, addr, nlh_flags, 914 v->vid); 915 if (err) 916 goto out; 917 } 918 } 919 920 out: 921 return err; 922 } 923 924 static int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, 925 u16 vid) 926 { 927 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 928 struct net_bridge_fdb_entry *fdb; 929 930 fdb = fdb_find(head, addr, vid); 931 if (!fdb) 932 return -ENOENT; 933 934 fdb_delete(br, fdb); 935 return 0; 936 } 937 938 static int __br_fdb_delete_by_addr(struct net_bridge *br, 939 const unsigned char *addr, u16 vid) 940 { 941 int err; 942 943 spin_lock_bh(&br->hash_lock); 944 err = fdb_delete_by_addr(br, addr, vid); 945 spin_unlock_bh(&br->hash_lock); 946 947 return err; 948 } 949 950 static int fdb_delete_by_addr_and_port(struct net_bridge_port *p, 951 const u8 *addr, u16 vlan) 952 { 953 struct net_bridge *br = p->br; 954 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 955 struct net_bridge_fdb_entry *fdb; 956 957 fdb = fdb_find(head, addr, vlan); 958 if (!fdb || fdb->dst != p) 959 return -ENOENT; 960 961 fdb_delete(br, fdb); 962 return 0; 963 } 964 965 static int __br_fdb_delete(struct net_bridge_port *p, 966 const unsigned char *addr, u16 vid) 967 { 968 int err; 969 970 spin_lock_bh(&p->br->hash_lock); 971 err = fdb_delete_by_addr_and_port(p, addr, vid); 972 spin_unlock_bh(&p->br->hash_lock); 973 974 return err; 975 } 976 977 /* Remove neighbor entry with RTM_DELNEIGH */ 978 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 979 struct net_device *dev, 980 const unsigned char *addr, u16 vid) 981 { 982 struct net_bridge_vlan_group *vg; 983 struct net_bridge_port *p = NULL; 984 struct net_bridge_vlan *v; 985 struct net_bridge *br = NULL; 986 int err; 987 988 if (dev->priv_flags & IFF_EBRIDGE) { 989 br = netdev_priv(dev); 990 vg = br_vlan_group(br); 991 } else { 992 p = br_port_get_rtnl(dev); 993 if (!p) { 994 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 995 dev->name); 996 return -EINVAL; 997 } 998 vg = nbp_vlan_group(p); 999 } 1000 1001 if (vid) { 1002 v = br_vlan_find(vg, vid); 1003 if (!v) { 1004 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 1005 return -EINVAL; 1006 } 1007 1008 if (dev->priv_flags & IFF_EBRIDGE) 1009 err = __br_fdb_delete_by_addr(br, addr, vid); 1010 else 1011 err = __br_fdb_delete(p, addr, vid); 1012 } else { 1013 err = -ENOENT; 1014 if (dev->priv_flags & IFF_EBRIDGE) 1015 err = __br_fdb_delete_by_addr(br, addr, 0); 1016 else 1017 err &= __br_fdb_delete(p, addr, 0); 1018 1019 if (!vg || !vg->num_vlans) 1020 goto out; 1021 1022 list_for_each_entry(v, &vg->vlan_list, vlist) { 1023 if (!br_vlan_should_use(v)) 1024 continue; 1025 if (dev->priv_flags & IFF_EBRIDGE) 1026 err = __br_fdb_delete_by_addr(br, addr, v->vid); 1027 else 1028 err &= __br_fdb_delete(p, addr, v->vid); 1029 } 1030 } 1031 out: 1032 return err; 1033 } 1034 1035 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1036 { 1037 struct net_bridge_fdb_entry *fdb, *tmp; 1038 int i; 1039 int err; 1040 1041 ASSERT_RTNL(); 1042 1043 for (i = 0; i < BR_HASH_SIZE; i++) { 1044 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 1045 /* We only care for static entries */ 1046 if (!fdb->is_static) 1047 continue; 1048 1049 err = dev_uc_add(p->dev, fdb->addr.addr); 1050 if (err) 1051 goto rollback; 1052 } 1053 } 1054 return 0; 1055 1056 rollback: 1057 for (i = 0; i < BR_HASH_SIZE; i++) { 1058 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 1059 /* If we reached the fdb that failed, we can stop */ 1060 if (tmp == fdb) 1061 break; 1062 1063 /* We only care for static entries */ 1064 if (!tmp->is_static) 1065 continue; 1066 1067 dev_uc_del(p->dev, tmp->addr.addr); 1068 } 1069 } 1070 return err; 1071 } 1072 1073 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1074 { 1075 struct net_bridge_fdb_entry *fdb; 1076 int i; 1077 1078 ASSERT_RTNL(); 1079 1080 for (i = 0; i < BR_HASH_SIZE; i++) { 1081 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1082 /* We only care for static entries */ 1083 if (!fdb->is_static) 1084 continue; 1085 1086 dev_uc_del(p->dev, fdb->addr.addr); 1087 } 1088 } 1089 } 1090 1091 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1092 const unsigned char *addr, u16 vid) 1093 { 1094 struct hlist_head *head; 1095 struct net_bridge_fdb_entry *fdb; 1096 int err = 0; 1097 1098 ASSERT_RTNL(); 1099 spin_lock_bh(&br->hash_lock); 1100 1101 head = &br->hash[br_mac_hash(addr, vid)]; 1102 fdb = fdb_find(head, addr, vid); 1103 if (!fdb) { 1104 fdb = fdb_create(head, p, addr, vid, 0, 0); 1105 if (!fdb) { 1106 err = -ENOMEM; 1107 goto err_unlock; 1108 } 1109 fdb->added_by_external_learn = 1; 1110 fdb_notify(br, fdb, RTM_NEWNEIGH); 1111 } else if (fdb->added_by_external_learn) { 1112 /* Refresh entry */ 1113 fdb->updated = fdb->used = jiffies; 1114 } else if (!fdb->added_by_user) { 1115 /* Take over SW learned entry */ 1116 fdb->added_by_external_learn = 1; 1117 fdb->updated = jiffies; 1118 fdb_notify(br, fdb, RTM_NEWNEIGH); 1119 } 1120 1121 err_unlock: 1122 spin_unlock_bh(&br->hash_lock); 1123 1124 return err; 1125 } 1126 1127 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1128 const unsigned char *addr, u16 vid) 1129 { 1130 struct hlist_head *head; 1131 struct net_bridge_fdb_entry *fdb; 1132 int err = 0; 1133 1134 ASSERT_RTNL(); 1135 spin_lock_bh(&br->hash_lock); 1136 1137 head = &br->hash[br_mac_hash(addr, vid)]; 1138 fdb = fdb_find(head, addr, vid); 1139 if (fdb && fdb->added_by_external_learn) 1140 fdb_delete(br, fdb); 1141 else 1142 err = -ENOENT; 1143 1144 spin_unlock_bh(&br->hash_lock); 1145 1146 return err; 1147 } 1148