1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 32 const unsigned char *addr, 33 __u16 vid); 34 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 35 const unsigned char *addr, u16 vid); 36 static void fdb_notify(struct net_bridge *br, 37 const struct net_bridge_fdb_entry *, int); 38 39 static u32 fdb_salt __read_mostly; 40 41 int __init br_fdb_init(void) 42 { 43 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 44 sizeof(struct net_bridge_fdb_entry), 45 0, 46 SLAB_HWCACHE_ALIGN, NULL); 47 if (!br_fdb_cache) 48 return -ENOMEM; 49 50 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 51 return 0; 52 } 53 54 void br_fdb_fini(void) 55 { 56 kmem_cache_destroy(br_fdb_cache); 57 } 58 59 60 /* if topology_changing then use forward_delay (default 15 sec) 61 * otherwise keep longer (default 5 minutes) 62 */ 63 static inline unsigned long hold_time(const struct net_bridge *br) 64 { 65 return br->topology_change ? br->forward_delay : br->ageing_time; 66 } 67 68 static inline int has_expired(const struct net_bridge *br, 69 const struct net_bridge_fdb_entry *fdb) 70 { 71 return !fdb->is_static && 72 time_before_eq(fdb->updated + hold_time(br), jiffies); 73 } 74 75 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 76 { 77 /* use 1 byte of OUI and 3 bytes of NIC */ 78 u32 key = get_unaligned((u32 *)(mac + 2)); 79 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 80 } 81 82 static void fdb_rcu_free(struct rcu_head *head) 83 { 84 struct net_bridge_fdb_entry *ent 85 = container_of(head, struct net_bridge_fdb_entry, rcu); 86 kmem_cache_free(br_fdb_cache, ent); 87 } 88 89 /* When a static FDB entry is added, the mac address from the entry is 90 * added to the bridge private HW address list and all required ports 91 * are then updated with the new information. 92 * Called under RTNL. 93 */ 94 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 95 { 96 int err; 97 struct net_bridge_port *p; 98 99 ASSERT_RTNL(); 100 101 list_for_each_entry(p, &br->port_list, list) { 102 if (!br_promisc_port(p)) { 103 err = dev_uc_add(p->dev, addr); 104 if (err) 105 goto undo; 106 } 107 } 108 109 return; 110 undo: 111 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 112 if (!br_promisc_port(p)) 113 dev_uc_del(p->dev, addr); 114 } 115 } 116 117 /* When a static FDB entry is deleted, the HW address from that entry is 118 * also removed from the bridge private HW address list and updates all 119 * the ports with needed information. 120 * Called under RTNL. 121 */ 122 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 123 { 124 struct net_bridge_port *p; 125 126 ASSERT_RTNL(); 127 128 list_for_each_entry(p, &br->port_list, list) { 129 if (!br_promisc_port(p)) 130 dev_uc_del(p->dev, addr); 131 } 132 } 133 134 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 135 { 136 struct switchdev_obj obj = { 137 .id = SWITCHDEV_OBJ_PORT_FDB, 138 .u.fdb = { 139 .addr = f->addr.addr, 140 .vid = f->vlan_id, 141 }, 142 }; 143 144 switchdev_port_obj_del(f->dst->dev, &obj); 145 } 146 147 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 148 { 149 if (f->is_static) 150 fdb_del_hw_addr(br, f->addr.addr); 151 152 if (f->added_by_external_learn) 153 fdb_del_external_learn(f); 154 155 hlist_del_rcu(&f->hlist); 156 fdb_notify(br, f, RTM_DELNEIGH); 157 call_rcu(&f->rcu, fdb_rcu_free); 158 } 159 160 /* Delete a local entry if no other port had the same address. */ 161 static void fdb_delete_local(struct net_bridge *br, 162 const struct net_bridge_port *p, 163 struct net_bridge_fdb_entry *f) 164 { 165 const unsigned char *addr = f->addr.addr; 166 u16 vid = f->vlan_id; 167 struct net_bridge_port *op; 168 169 /* Maybe another port has same hw addr? */ 170 list_for_each_entry(op, &br->port_list, list) { 171 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 172 (!vid || nbp_vlan_find(op, vid))) { 173 f->dst = op; 174 f->added_by_user = 0; 175 return; 176 } 177 } 178 179 /* Maybe bridge device has same hw addr? */ 180 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 181 (!vid || br_vlan_find(br, vid))) { 182 f->dst = NULL; 183 f->added_by_user = 0; 184 return; 185 } 186 187 fdb_delete(br, f); 188 } 189 190 void br_fdb_find_delete_local(struct net_bridge *br, 191 const struct net_bridge_port *p, 192 const unsigned char *addr, u16 vid) 193 { 194 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 195 struct net_bridge_fdb_entry *f; 196 197 spin_lock_bh(&br->hash_lock); 198 f = fdb_find(head, addr, vid); 199 if (f && f->is_local && !f->added_by_user && f->dst == p) 200 fdb_delete_local(br, p, f); 201 spin_unlock_bh(&br->hash_lock); 202 } 203 204 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 205 { 206 struct net_bridge *br = p->br; 207 struct net_port_vlans *pv = nbp_get_vlan_info(p); 208 bool no_vlan = !pv; 209 int i; 210 u16 vid; 211 212 spin_lock_bh(&br->hash_lock); 213 214 /* Search all chains since old address/hash is unknown */ 215 for (i = 0; i < BR_HASH_SIZE; i++) { 216 struct hlist_node *h; 217 hlist_for_each(h, &br->hash[i]) { 218 struct net_bridge_fdb_entry *f; 219 220 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 221 if (f->dst == p && f->is_local && !f->added_by_user) { 222 /* delete old one */ 223 fdb_delete_local(br, p, f); 224 225 /* if this port has no vlan information 226 * configured, we can safely be done at 227 * this point. 228 */ 229 if (no_vlan) 230 goto insert; 231 } 232 } 233 } 234 235 insert: 236 /* insert new address, may fail if invalid address or dup. */ 237 fdb_insert(br, p, newaddr, 0); 238 239 if (no_vlan) 240 goto done; 241 242 /* Now add entries for every VLAN configured on the port. 243 * This function runs under RTNL so the bitmap will not change 244 * from under us. 245 */ 246 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) 247 fdb_insert(br, p, newaddr, vid); 248 249 done: 250 spin_unlock_bh(&br->hash_lock); 251 } 252 253 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 254 { 255 struct net_bridge_fdb_entry *f; 256 struct net_port_vlans *pv; 257 u16 vid = 0; 258 259 spin_lock_bh(&br->hash_lock); 260 261 /* If old entry was unassociated with any port, then delete it. */ 262 f = __br_fdb_get(br, br->dev->dev_addr, 0); 263 if (f && f->is_local && !f->dst) 264 fdb_delete_local(br, NULL, f); 265 266 fdb_insert(br, NULL, newaddr, 0); 267 268 /* Now remove and add entries for every VLAN configured on the 269 * bridge. This function runs under RTNL so the bitmap will not 270 * change from under us. 271 */ 272 pv = br_get_vlan_info(br); 273 if (!pv) 274 goto out; 275 276 for_each_set_bit_from(vid, pv->vlan_bitmap, VLAN_N_VID) { 277 f = __br_fdb_get(br, br->dev->dev_addr, vid); 278 if (f && f->is_local && !f->dst) 279 fdb_delete_local(br, NULL, f); 280 fdb_insert(br, NULL, newaddr, vid); 281 } 282 out: 283 spin_unlock_bh(&br->hash_lock); 284 } 285 286 void br_fdb_cleanup(unsigned long _data) 287 { 288 struct net_bridge *br = (struct net_bridge *)_data; 289 unsigned long delay = hold_time(br); 290 unsigned long next_timer = jiffies + br->ageing_time; 291 int i; 292 293 spin_lock(&br->hash_lock); 294 for (i = 0; i < BR_HASH_SIZE; i++) { 295 struct net_bridge_fdb_entry *f; 296 struct hlist_node *n; 297 298 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 299 unsigned long this_timer; 300 if (f->is_static) 301 continue; 302 this_timer = f->updated + delay; 303 if (time_before_eq(this_timer, jiffies)) 304 fdb_delete(br, f); 305 else if (time_before(this_timer, next_timer)) 306 next_timer = this_timer; 307 } 308 } 309 spin_unlock(&br->hash_lock); 310 311 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 312 } 313 314 /* Completely flush all dynamic entries in forwarding database.*/ 315 void br_fdb_flush(struct net_bridge *br) 316 { 317 int i; 318 319 spin_lock_bh(&br->hash_lock); 320 for (i = 0; i < BR_HASH_SIZE; i++) { 321 struct net_bridge_fdb_entry *f; 322 struct hlist_node *n; 323 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 324 if (!f->is_static) 325 fdb_delete(br, f); 326 } 327 } 328 spin_unlock_bh(&br->hash_lock); 329 } 330 331 /* Flush all entries referring to a specific port. 332 * if do_all is set also flush static entries 333 * if vid is set delete all entries that match the vlan_id 334 */ 335 void br_fdb_delete_by_port(struct net_bridge *br, 336 const struct net_bridge_port *p, 337 u16 vid, 338 int do_all) 339 { 340 int i; 341 342 spin_lock_bh(&br->hash_lock); 343 for (i = 0; i < BR_HASH_SIZE; i++) { 344 struct hlist_node *h, *g; 345 346 hlist_for_each_safe(h, g, &br->hash[i]) { 347 struct net_bridge_fdb_entry *f 348 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 349 if (f->dst != p) 350 continue; 351 352 if (!do_all) 353 if (f->is_static || (vid && f->vlan_id != vid)) 354 continue; 355 356 if (f->is_local) 357 fdb_delete_local(br, p, f); 358 else 359 fdb_delete(br, f); 360 } 361 } 362 spin_unlock_bh(&br->hash_lock); 363 } 364 365 /* No locking or refcounting, assumes caller has rcu_read_lock */ 366 struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 367 const unsigned char *addr, 368 __u16 vid) 369 { 370 struct net_bridge_fdb_entry *fdb; 371 372 hlist_for_each_entry_rcu(fdb, 373 &br->hash[br_mac_hash(addr, vid)], hlist) { 374 if (ether_addr_equal(fdb->addr.addr, addr) && 375 fdb->vlan_id == vid) { 376 if (unlikely(has_expired(br, fdb))) 377 break; 378 return fdb; 379 } 380 } 381 382 return NULL; 383 } 384 385 #if IS_ENABLED(CONFIG_ATM_LANE) 386 /* Interface used by ATM LANE hook to test 387 * if an addr is on some other bridge port */ 388 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 389 { 390 struct net_bridge_fdb_entry *fdb; 391 struct net_bridge_port *port; 392 int ret; 393 394 rcu_read_lock(); 395 port = br_port_get_rcu(dev); 396 if (!port) 397 ret = 0; 398 else { 399 fdb = __br_fdb_get(port->br, addr, 0); 400 ret = fdb && fdb->dst && fdb->dst->dev != dev && 401 fdb->dst->state == BR_STATE_FORWARDING; 402 } 403 rcu_read_unlock(); 404 405 return ret; 406 } 407 #endif /* CONFIG_ATM_LANE */ 408 409 /* 410 * Fill buffer with forwarding table records in 411 * the API format. 412 */ 413 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 414 unsigned long maxnum, unsigned long skip) 415 { 416 struct __fdb_entry *fe = buf; 417 int i, num = 0; 418 struct net_bridge_fdb_entry *f; 419 420 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 421 422 rcu_read_lock(); 423 for (i = 0; i < BR_HASH_SIZE; i++) { 424 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 425 if (num >= maxnum) 426 goto out; 427 428 if (has_expired(br, f)) 429 continue; 430 431 /* ignore pseudo entry for local MAC address */ 432 if (!f->dst) 433 continue; 434 435 if (skip) { 436 --skip; 437 continue; 438 } 439 440 /* convert from internal format to API */ 441 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 442 443 /* due to ABI compat need to split into hi/lo */ 444 fe->port_no = f->dst->port_no; 445 fe->port_hi = f->dst->port_no >> 8; 446 447 fe->is_local = f->is_local; 448 if (!f->is_static) 449 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 450 ++fe; 451 ++num; 452 } 453 } 454 455 out: 456 rcu_read_unlock(); 457 458 return num; 459 } 460 461 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 462 const unsigned char *addr, 463 __u16 vid) 464 { 465 struct net_bridge_fdb_entry *fdb; 466 467 hlist_for_each_entry(fdb, head, hlist) { 468 if (ether_addr_equal(fdb->addr.addr, addr) && 469 fdb->vlan_id == vid) 470 return fdb; 471 } 472 return NULL; 473 } 474 475 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 476 const unsigned char *addr, 477 __u16 vid) 478 { 479 struct net_bridge_fdb_entry *fdb; 480 481 hlist_for_each_entry_rcu(fdb, head, hlist) { 482 if (ether_addr_equal(fdb->addr.addr, addr) && 483 fdb->vlan_id == vid) 484 return fdb; 485 } 486 return NULL; 487 } 488 489 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 490 struct net_bridge_port *source, 491 const unsigned char *addr, 492 __u16 vid) 493 { 494 struct net_bridge_fdb_entry *fdb; 495 496 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 497 if (fdb) { 498 memcpy(fdb->addr.addr, addr, ETH_ALEN); 499 fdb->dst = source; 500 fdb->vlan_id = vid; 501 fdb->is_local = 0; 502 fdb->is_static = 0; 503 fdb->added_by_user = 0; 504 fdb->added_by_external_learn = 0; 505 fdb->updated = fdb->used = jiffies; 506 hlist_add_head_rcu(&fdb->hlist, head); 507 } 508 return fdb; 509 } 510 511 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 512 const unsigned char *addr, u16 vid) 513 { 514 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 515 struct net_bridge_fdb_entry *fdb; 516 517 if (!is_valid_ether_addr(addr)) 518 return -EINVAL; 519 520 fdb = fdb_find(head, addr, vid); 521 if (fdb) { 522 /* it is okay to have multiple ports with same 523 * address, just use the first one. 524 */ 525 if (fdb->is_local) 526 return 0; 527 br_warn(br, "adding interface %s with same address " 528 "as a received packet\n", 529 source ? source->dev->name : br->dev->name); 530 fdb_delete(br, fdb); 531 } 532 533 fdb = fdb_create(head, source, addr, vid); 534 if (!fdb) 535 return -ENOMEM; 536 537 fdb->is_local = fdb->is_static = 1; 538 fdb_add_hw_addr(br, addr); 539 fdb_notify(br, fdb, RTM_NEWNEIGH); 540 return 0; 541 } 542 543 /* Add entry for local address of interface */ 544 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 545 const unsigned char *addr, u16 vid) 546 { 547 int ret; 548 549 spin_lock_bh(&br->hash_lock); 550 ret = fdb_insert(br, source, addr, vid); 551 spin_unlock_bh(&br->hash_lock); 552 return ret; 553 } 554 555 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 556 const unsigned char *addr, u16 vid, bool added_by_user) 557 { 558 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 559 struct net_bridge_fdb_entry *fdb; 560 bool fdb_modified = false; 561 562 /* some users want to always flood. */ 563 if (hold_time(br) == 0) 564 return; 565 566 /* ignore packets unless we are using this port */ 567 if (!(source->state == BR_STATE_LEARNING || 568 source->state == BR_STATE_FORWARDING)) 569 return; 570 571 fdb = fdb_find_rcu(head, addr, vid); 572 if (likely(fdb)) { 573 /* attempt to update an entry for a local interface */ 574 if (unlikely(fdb->is_local)) { 575 if (net_ratelimit()) 576 br_warn(br, "received packet on %s with " 577 "own address as source address\n", 578 source->dev->name); 579 } else { 580 /* fastpath: update of existing entry */ 581 if (unlikely(source != fdb->dst)) { 582 fdb->dst = source; 583 fdb_modified = true; 584 } 585 fdb->updated = jiffies; 586 if (unlikely(added_by_user)) 587 fdb->added_by_user = 1; 588 if (unlikely(fdb_modified)) 589 fdb_notify(br, fdb, RTM_NEWNEIGH); 590 } 591 } else { 592 spin_lock(&br->hash_lock); 593 if (likely(!fdb_find(head, addr, vid))) { 594 fdb = fdb_create(head, source, addr, vid); 595 if (fdb) { 596 if (unlikely(added_by_user)) 597 fdb->added_by_user = 1; 598 fdb_notify(br, fdb, RTM_NEWNEIGH); 599 } 600 } 601 /* else we lose race and someone else inserts 602 * it first, don't bother updating 603 */ 604 spin_unlock(&br->hash_lock); 605 } 606 } 607 608 static int fdb_to_nud(const struct net_bridge_fdb_entry *fdb) 609 { 610 if (fdb->is_local) 611 return NUD_PERMANENT; 612 else if (fdb->is_static) 613 return NUD_NOARP; 614 else if (has_expired(fdb->dst->br, fdb)) 615 return NUD_STALE; 616 else 617 return NUD_REACHABLE; 618 } 619 620 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 621 const struct net_bridge_fdb_entry *fdb, 622 u32 portid, u32 seq, int type, unsigned int flags) 623 { 624 unsigned long now = jiffies; 625 struct nda_cacheinfo ci; 626 struct nlmsghdr *nlh; 627 struct ndmsg *ndm; 628 629 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 630 if (nlh == NULL) 631 return -EMSGSIZE; 632 633 ndm = nlmsg_data(nlh); 634 ndm->ndm_family = AF_BRIDGE; 635 ndm->ndm_pad1 = 0; 636 ndm->ndm_pad2 = 0; 637 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 638 ndm->ndm_type = 0; 639 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 640 ndm->ndm_state = fdb_to_nud(fdb); 641 642 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 643 goto nla_put_failure; 644 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 645 goto nla_put_failure; 646 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 647 ci.ndm_confirmed = 0; 648 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 649 ci.ndm_refcnt = 0; 650 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 651 goto nla_put_failure; 652 653 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 654 goto nla_put_failure; 655 656 nlmsg_end(skb, nlh); 657 return 0; 658 659 nla_put_failure: 660 nlmsg_cancel(skb, nlh); 661 return -EMSGSIZE; 662 } 663 664 static inline size_t fdb_nlmsg_size(void) 665 { 666 return NLMSG_ALIGN(sizeof(struct ndmsg)) 667 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 668 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 669 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 670 + nla_total_size(sizeof(struct nda_cacheinfo)); 671 } 672 673 static void fdb_notify(struct net_bridge *br, 674 const struct net_bridge_fdb_entry *fdb, int type) 675 { 676 struct net *net = dev_net(br->dev); 677 struct sk_buff *skb; 678 int err = -ENOBUFS; 679 680 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 681 if (skb == NULL) 682 goto errout; 683 684 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 685 if (err < 0) { 686 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 687 WARN_ON(err == -EMSGSIZE); 688 kfree_skb(skb); 689 goto errout; 690 } 691 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 692 return; 693 errout: 694 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 695 } 696 697 /* Dump information about entries, in response to GETNEIGH */ 698 int br_fdb_dump(struct sk_buff *skb, 699 struct netlink_callback *cb, 700 struct net_device *dev, 701 struct net_device *filter_dev, 702 int idx) 703 { 704 struct net_bridge *br = netdev_priv(dev); 705 int i; 706 707 if (!(dev->priv_flags & IFF_EBRIDGE)) 708 goto out; 709 710 if (!filter_dev) 711 idx = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 712 713 for (i = 0; i < BR_HASH_SIZE; i++) { 714 struct net_bridge_fdb_entry *f; 715 716 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 717 if (idx < cb->args[0]) 718 goto skip; 719 720 if (filter_dev && 721 (!f->dst || f->dst->dev != filter_dev)) { 722 if (filter_dev != dev) 723 goto skip; 724 /* !f->dst is a special case for bridge 725 * It means the MAC belongs to the bridge 726 * Therefore need a little more filtering 727 * we only want to dump the !f->dst case 728 */ 729 if (f->dst) 730 goto skip; 731 } 732 if (!filter_dev && f->dst) 733 goto skip; 734 735 if (fdb_fill_info(skb, br, f, 736 NETLINK_CB(cb->skb).portid, 737 cb->nlh->nlmsg_seq, 738 RTM_NEWNEIGH, 739 NLM_F_MULTI) < 0) 740 break; 741 skip: 742 ++idx; 743 } 744 } 745 746 out: 747 return idx; 748 } 749 750 /* Update (create or replace) forwarding database entry */ 751 static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 752 __u16 state, __u16 flags, __u16 vid) 753 { 754 struct net_bridge *br = source->br; 755 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 756 struct net_bridge_fdb_entry *fdb; 757 bool modified = false; 758 759 /* If the port cannot learn allow only local and static entries */ 760 if (!(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 761 !(source->state == BR_STATE_LEARNING || 762 source->state == BR_STATE_FORWARDING)) 763 return -EPERM; 764 765 fdb = fdb_find(head, addr, vid); 766 if (fdb == NULL) { 767 if (!(flags & NLM_F_CREATE)) 768 return -ENOENT; 769 770 fdb = fdb_create(head, source, addr, vid); 771 if (!fdb) 772 return -ENOMEM; 773 774 modified = true; 775 } else { 776 if (flags & NLM_F_EXCL) 777 return -EEXIST; 778 779 if (fdb->dst != source) { 780 fdb->dst = source; 781 modified = true; 782 } 783 } 784 785 if (fdb_to_nud(fdb) != state) { 786 if (state & NUD_PERMANENT) { 787 fdb->is_local = 1; 788 if (!fdb->is_static) { 789 fdb->is_static = 1; 790 fdb_add_hw_addr(br, addr); 791 } 792 } else if (state & NUD_NOARP) { 793 fdb->is_local = 0; 794 if (!fdb->is_static) { 795 fdb->is_static = 1; 796 fdb_add_hw_addr(br, addr); 797 } 798 } else { 799 fdb->is_local = 0; 800 if (fdb->is_static) { 801 fdb->is_static = 0; 802 fdb_del_hw_addr(br, addr); 803 } 804 } 805 806 modified = true; 807 } 808 fdb->added_by_user = 1; 809 810 fdb->used = jiffies; 811 if (modified) { 812 fdb->updated = jiffies; 813 fdb_notify(br, fdb, RTM_NEWNEIGH); 814 } 815 816 return 0; 817 } 818 819 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 820 const unsigned char *addr, u16 nlh_flags, u16 vid) 821 { 822 int err = 0; 823 824 if (ndm->ndm_flags & NTF_USE) { 825 local_bh_disable(); 826 rcu_read_lock(); 827 br_fdb_update(p->br, p, addr, vid, true); 828 rcu_read_unlock(); 829 local_bh_enable(); 830 } else { 831 spin_lock_bh(&p->br->hash_lock); 832 err = fdb_add_entry(p, addr, ndm->ndm_state, 833 nlh_flags, vid); 834 spin_unlock_bh(&p->br->hash_lock); 835 } 836 837 return err; 838 } 839 840 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 841 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 842 struct net_device *dev, 843 const unsigned char *addr, u16 vid, u16 nlh_flags) 844 { 845 struct net_bridge_port *p; 846 int err = 0; 847 struct net_port_vlans *pv; 848 849 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 850 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 851 return -EINVAL; 852 } 853 854 if (is_zero_ether_addr(addr)) { 855 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 856 return -EINVAL; 857 } 858 859 p = br_port_get_rtnl(dev); 860 if (p == NULL) { 861 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 862 dev->name); 863 return -EINVAL; 864 } 865 866 pv = nbp_get_vlan_info(p); 867 if (vid) { 868 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 869 pr_info("bridge: RTM_NEWNEIGH with unconfigured " 870 "vlan %d on port %s\n", vid, dev->name); 871 return -EINVAL; 872 } 873 874 /* VID was specified, so use it. */ 875 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 876 } else { 877 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 878 if (err || !pv) 879 goto out; 880 881 /* We have vlans configured on this port and user didn't 882 * specify a VLAN. To be nice, add/update entry for every 883 * vlan on this port. 884 */ 885 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 886 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 887 if (err) 888 goto out; 889 } 890 } 891 892 out: 893 return err; 894 } 895 896 static int fdb_delete_by_addr_and_port(struct net_bridge_port *p, 897 const u8 *addr, u16 vlan) 898 { 899 struct net_bridge *br = p->br; 900 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 901 struct net_bridge_fdb_entry *fdb; 902 903 fdb = fdb_find(head, addr, vlan); 904 if (!fdb || fdb->dst != p) 905 return -ENOENT; 906 907 fdb_delete(br, fdb); 908 return 0; 909 } 910 911 static int __br_fdb_delete(struct net_bridge_port *p, 912 const unsigned char *addr, u16 vid) 913 { 914 int err; 915 916 spin_lock_bh(&p->br->hash_lock); 917 err = fdb_delete_by_addr_and_port(p, addr, vid); 918 spin_unlock_bh(&p->br->hash_lock); 919 920 return err; 921 } 922 923 /* Remove neighbor entry with RTM_DELNEIGH */ 924 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 925 struct net_device *dev, 926 const unsigned char *addr, u16 vid) 927 { 928 struct net_bridge_port *p; 929 int err; 930 struct net_port_vlans *pv; 931 932 p = br_port_get_rtnl(dev); 933 if (p == NULL) { 934 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 935 dev->name); 936 return -EINVAL; 937 } 938 939 pv = nbp_get_vlan_info(p); 940 if (vid) { 941 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 942 pr_info("bridge: RTM_DELNEIGH with unconfigured " 943 "vlan %d on port %s\n", vid, dev->name); 944 return -EINVAL; 945 } 946 947 err = __br_fdb_delete(p, addr, vid); 948 } else { 949 err = -ENOENT; 950 err &= __br_fdb_delete(p, addr, 0); 951 if (!pv) 952 goto out; 953 954 /* We have vlans configured on this port and user didn't 955 * specify a VLAN. To be nice, add/update entry for every 956 * vlan on this port. 957 */ 958 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 959 err &= __br_fdb_delete(p, addr, vid); 960 } 961 } 962 out: 963 return err; 964 } 965 966 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 967 { 968 struct net_bridge_fdb_entry *fdb, *tmp; 969 int i; 970 int err; 971 972 ASSERT_RTNL(); 973 974 for (i = 0; i < BR_HASH_SIZE; i++) { 975 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 976 /* We only care for static entries */ 977 if (!fdb->is_static) 978 continue; 979 980 err = dev_uc_add(p->dev, fdb->addr.addr); 981 if (err) 982 goto rollback; 983 } 984 } 985 return 0; 986 987 rollback: 988 for (i = 0; i < BR_HASH_SIZE; i++) { 989 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 990 /* If we reached the fdb that failed, we can stop */ 991 if (tmp == fdb) 992 break; 993 994 /* We only care for static entries */ 995 if (!tmp->is_static) 996 continue; 997 998 dev_uc_del(p->dev, tmp->addr.addr); 999 } 1000 } 1001 return err; 1002 } 1003 1004 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1005 { 1006 struct net_bridge_fdb_entry *fdb; 1007 int i; 1008 1009 ASSERT_RTNL(); 1010 1011 for (i = 0; i < BR_HASH_SIZE; i++) { 1012 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1013 /* We only care for static entries */ 1014 if (!fdb->is_static) 1015 continue; 1016 1017 dev_uc_del(p->dev, fdb->addr.addr); 1018 } 1019 } 1020 } 1021 1022 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1023 const unsigned char *addr, u16 vid) 1024 { 1025 struct hlist_head *head; 1026 struct net_bridge_fdb_entry *fdb; 1027 int err = 0; 1028 1029 ASSERT_RTNL(); 1030 spin_lock_bh(&br->hash_lock); 1031 1032 head = &br->hash[br_mac_hash(addr, vid)]; 1033 fdb = fdb_find(head, addr, vid); 1034 if (!fdb) { 1035 fdb = fdb_create(head, p, addr, vid); 1036 if (!fdb) { 1037 err = -ENOMEM; 1038 goto err_unlock; 1039 } 1040 fdb->added_by_external_learn = 1; 1041 fdb_notify(br, fdb, RTM_NEWNEIGH); 1042 } else if (fdb->added_by_external_learn) { 1043 /* Refresh entry */ 1044 fdb->updated = fdb->used = jiffies; 1045 } else if (!fdb->added_by_user) { 1046 /* Take over SW learned entry */ 1047 fdb->added_by_external_learn = 1; 1048 fdb->updated = jiffies; 1049 fdb_notify(br, fdb, RTM_NEWNEIGH); 1050 } 1051 1052 err_unlock: 1053 spin_unlock_bh(&br->hash_lock); 1054 1055 return err; 1056 } 1057 1058 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1059 const unsigned char *addr, u16 vid) 1060 { 1061 struct hlist_head *head; 1062 struct net_bridge_fdb_entry *fdb; 1063 int err = 0; 1064 1065 ASSERT_RTNL(); 1066 spin_lock_bh(&br->hash_lock); 1067 1068 head = &br->hash[br_mac_hash(addr, vid)]; 1069 fdb = fdb_find(head, addr, vid); 1070 if (fdb && fdb->added_by_external_learn) 1071 fdb_delete(br, fdb); 1072 else 1073 err = -ENOENT; 1074 1075 spin_unlock_bh(&br->hash_lock); 1076 1077 return err; 1078 } 1079