1 // SPDX-License-Identifier: GPL-2.0 2 #include <linux/err.h> 3 #include <linux/igmp.h> 4 #include <linux/kernel.h> 5 #include <linux/netdevice.h> 6 #include <linux/rculist.h> 7 #include <linux/skbuff.h> 8 #include <linux/if_ether.h> 9 #include <net/ip.h> 10 #include <net/netlink.h> 11 #include <net/switchdev.h> 12 #if IS_ENABLED(CONFIG_IPV6) 13 #include <net/ipv6.h> 14 #include <net/addrconf.h> 15 #endif 16 17 #include "br_private.h" 18 19 static bool br_rports_have_mc_router(struct net_bridge_mcast *brmctx) 20 { 21 #if IS_ENABLED(CONFIG_IPV6) 22 return !hlist_empty(&brmctx->ip4_mc_router_list) || 23 !hlist_empty(&brmctx->ip6_mc_router_list); 24 #else 25 return !hlist_empty(&brmctx->ip4_mc_router_list); 26 #endif 27 } 28 29 static bool 30 br_ip4_rports_get_timer(struct net_bridge_port *port, unsigned long *timer) 31 { 32 *timer = br_timer_value(&port->multicast_ctx.ip4_mc_router_timer); 33 return !hlist_unhashed(&port->multicast_ctx.ip4_rlist); 34 } 35 36 static bool 37 br_ip6_rports_get_timer(struct net_bridge_port *port, unsigned long *timer) 38 { 39 #if IS_ENABLED(CONFIG_IPV6) 40 *timer = br_timer_value(&port->multicast_ctx.ip6_mc_router_timer); 41 return !hlist_unhashed(&port->multicast_ctx.ip6_rlist); 42 #else 43 *timer = 0; 44 return false; 45 #endif 46 } 47 48 static int br_rports_fill_info(struct sk_buff *skb, struct netlink_callback *cb, 49 struct net_device *dev) 50 { 51 struct net_bridge *br = netdev_priv(dev); 52 bool have_ip4_mc_rtr, have_ip6_mc_rtr; 53 unsigned long ip4_timer, ip6_timer; 54 struct nlattr *nest, *port_nest; 55 struct net_bridge_port *p; 56 57 if (!br->multicast_ctx.multicast_router) 58 return 0; 59 60 if (!br_rports_have_mc_router(&br->multicast_ctx)) 61 return 0; 62 63 nest = nla_nest_start_noflag(skb, MDBA_ROUTER); 64 if (nest == NULL) 65 return -EMSGSIZE; 66 67 list_for_each_entry_rcu(p, &br->port_list, list) { 68 have_ip4_mc_rtr = br_ip4_rports_get_timer(p, &ip4_timer); 69 have_ip6_mc_rtr = br_ip6_rports_get_timer(p, &ip6_timer); 70 71 if (!have_ip4_mc_rtr && !have_ip6_mc_rtr) 72 continue; 73 74 port_nest = nla_nest_start_noflag(skb, MDBA_ROUTER_PORT); 75 if (!port_nest) 76 goto fail; 77 78 if (nla_put_nohdr(skb, sizeof(u32), &p->dev->ifindex) || 79 nla_put_u32(skb, MDBA_ROUTER_PATTR_TIMER, 80 max(ip4_timer, ip6_timer)) || 81 nla_put_u8(skb, MDBA_ROUTER_PATTR_TYPE, 82 p->multicast_ctx.multicast_router) || 83 (have_ip4_mc_rtr && 84 nla_put_u32(skb, MDBA_ROUTER_PATTR_INET_TIMER, 85 ip4_timer)) || 86 (have_ip6_mc_rtr && 87 nla_put_u32(skb, MDBA_ROUTER_PATTR_INET6_TIMER, 88 ip6_timer))) { 89 nla_nest_cancel(skb, port_nest); 90 goto fail; 91 } 92 nla_nest_end(skb, port_nest); 93 } 94 95 nla_nest_end(skb, nest); 96 return 0; 97 fail: 98 nla_nest_cancel(skb, nest); 99 return -EMSGSIZE; 100 } 101 102 static void __mdb_entry_fill_flags(struct br_mdb_entry *e, unsigned char flags) 103 { 104 e->state = flags & MDB_PG_FLAGS_PERMANENT; 105 e->flags = 0; 106 if (flags & MDB_PG_FLAGS_OFFLOAD) 107 e->flags |= MDB_FLAGS_OFFLOAD; 108 if (flags & MDB_PG_FLAGS_FAST_LEAVE) 109 e->flags |= MDB_FLAGS_FAST_LEAVE; 110 if (flags & MDB_PG_FLAGS_STAR_EXCL) 111 e->flags |= MDB_FLAGS_STAR_EXCL; 112 if (flags & MDB_PG_FLAGS_BLOCKED) 113 e->flags |= MDB_FLAGS_BLOCKED; 114 } 115 116 static void __mdb_entry_to_br_ip(struct br_mdb_entry *entry, struct br_ip *ip, 117 struct nlattr **mdb_attrs) 118 { 119 memset(ip, 0, sizeof(struct br_ip)); 120 ip->vid = entry->vid; 121 ip->proto = entry->addr.proto; 122 switch (ip->proto) { 123 case htons(ETH_P_IP): 124 ip->dst.ip4 = entry->addr.u.ip4; 125 if (mdb_attrs && mdb_attrs[MDBE_ATTR_SOURCE]) 126 ip->src.ip4 = nla_get_in_addr(mdb_attrs[MDBE_ATTR_SOURCE]); 127 break; 128 #if IS_ENABLED(CONFIG_IPV6) 129 case htons(ETH_P_IPV6): 130 ip->dst.ip6 = entry->addr.u.ip6; 131 if (mdb_attrs && mdb_attrs[MDBE_ATTR_SOURCE]) 132 ip->src.ip6 = nla_get_in6_addr(mdb_attrs[MDBE_ATTR_SOURCE]); 133 break; 134 #endif 135 default: 136 ether_addr_copy(ip->dst.mac_addr, entry->addr.u.mac_addr); 137 } 138 139 } 140 141 static int __mdb_fill_srcs(struct sk_buff *skb, 142 struct net_bridge_port_group *p) 143 { 144 struct net_bridge_group_src *ent; 145 struct nlattr *nest, *nest_ent; 146 147 if (hlist_empty(&p->src_list)) 148 return 0; 149 150 nest = nla_nest_start(skb, MDBA_MDB_EATTR_SRC_LIST); 151 if (!nest) 152 return -EMSGSIZE; 153 154 hlist_for_each_entry_rcu(ent, &p->src_list, node, 155 lockdep_is_held(&p->key.port->br->multicast_lock)) { 156 nest_ent = nla_nest_start(skb, MDBA_MDB_SRCLIST_ENTRY); 157 if (!nest_ent) 158 goto out_cancel_err; 159 switch (ent->addr.proto) { 160 case htons(ETH_P_IP): 161 if (nla_put_in_addr(skb, MDBA_MDB_SRCATTR_ADDRESS, 162 ent->addr.src.ip4)) { 163 nla_nest_cancel(skb, nest_ent); 164 goto out_cancel_err; 165 } 166 break; 167 #if IS_ENABLED(CONFIG_IPV6) 168 case htons(ETH_P_IPV6): 169 if (nla_put_in6_addr(skb, MDBA_MDB_SRCATTR_ADDRESS, 170 &ent->addr.src.ip6)) { 171 nla_nest_cancel(skb, nest_ent); 172 goto out_cancel_err; 173 } 174 break; 175 #endif 176 default: 177 nla_nest_cancel(skb, nest_ent); 178 continue; 179 } 180 if (nla_put_u32(skb, MDBA_MDB_SRCATTR_TIMER, 181 br_timer_value(&ent->timer))) { 182 nla_nest_cancel(skb, nest_ent); 183 goto out_cancel_err; 184 } 185 nla_nest_end(skb, nest_ent); 186 } 187 188 nla_nest_end(skb, nest); 189 190 return 0; 191 192 out_cancel_err: 193 nla_nest_cancel(skb, nest); 194 return -EMSGSIZE; 195 } 196 197 static int __mdb_fill_info(struct sk_buff *skb, 198 struct net_bridge_mdb_entry *mp, 199 struct net_bridge_port_group *p) 200 { 201 bool dump_srcs_mode = false; 202 struct timer_list *mtimer; 203 struct nlattr *nest_ent; 204 struct br_mdb_entry e; 205 u8 flags = 0; 206 int ifindex; 207 208 memset(&e, 0, sizeof(e)); 209 if (p) { 210 ifindex = p->key.port->dev->ifindex; 211 mtimer = &p->timer; 212 flags = p->flags; 213 } else { 214 ifindex = mp->br->dev->ifindex; 215 mtimer = &mp->timer; 216 } 217 218 __mdb_entry_fill_flags(&e, flags); 219 e.ifindex = ifindex; 220 e.vid = mp->addr.vid; 221 if (mp->addr.proto == htons(ETH_P_IP)) 222 e.addr.u.ip4 = mp->addr.dst.ip4; 223 #if IS_ENABLED(CONFIG_IPV6) 224 else if (mp->addr.proto == htons(ETH_P_IPV6)) 225 e.addr.u.ip6 = mp->addr.dst.ip6; 226 #endif 227 else 228 ether_addr_copy(e.addr.u.mac_addr, mp->addr.dst.mac_addr); 229 e.addr.proto = mp->addr.proto; 230 nest_ent = nla_nest_start_noflag(skb, 231 MDBA_MDB_ENTRY_INFO); 232 if (!nest_ent) 233 return -EMSGSIZE; 234 235 if (nla_put_nohdr(skb, sizeof(e), &e) || 236 nla_put_u32(skb, 237 MDBA_MDB_EATTR_TIMER, 238 br_timer_value(mtimer))) 239 goto nest_err; 240 241 switch (mp->addr.proto) { 242 case htons(ETH_P_IP): 243 dump_srcs_mode = !!(mp->br->multicast_ctx.multicast_igmp_version == 3); 244 if (mp->addr.src.ip4) { 245 if (nla_put_in_addr(skb, MDBA_MDB_EATTR_SOURCE, 246 mp->addr.src.ip4)) 247 goto nest_err; 248 break; 249 } 250 break; 251 #if IS_ENABLED(CONFIG_IPV6) 252 case htons(ETH_P_IPV6): 253 dump_srcs_mode = !!(mp->br->multicast_ctx.multicast_mld_version == 2); 254 if (!ipv6_addr_any(&mp->addr.src.ip6)) { 255 if (nla_put_in6_addr(skb, MDBA_MDB_EATTR_SOURCE, 256 &mp->addr.src.ip6)) 257 goto nest_err; 258 break; 259 } 260 break; 261 #endif 262 default: 263 ether_addr_copy(e.addr.u.mac_addr, mp->addr.dst.mac_addr); 264 } 265 if (p) { 266 if (nla_put_u8(skb, MDBA_MDB_EATTR_RTPROT, p->rt_protocol)) 267 goto nest_err; 268 if (dump_srcs_mode && 269 (__mdb_fill_srcs(skb, p) || 270 nla_put_u8(skb, MDBA_MDB_EATTR_GROUP_MODE, 271 p->filter_mode))) 272 goto nest_err; 273 } 274 nla_nest_end(skb, nest_ent); 275 276 return 0; 277 278 nest_err: 279 nla_nest_cancel(skb, nest_ent); 280 return -EMSGSIZE; 281 } 282 283 static int br_mdb_fill_info(struct sk_buff *skb, struct netlink_callback *cb, 284 struct net_device *dev) 285 { 286 int idx = 0, s_idx = cb->args[1], err = 0, pidx = 0, s_pidx = cb->args[2]; 287 struct net_bridge *br = netdev_priv(dev); 288 struct net_bridge_mdb_entry *mp; 289 struct nlattr *nest, *nest2; 290 291 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) 292 return 0; 293 294 nest = nla_nest_start_noflag(skb, MDBA_MDB); 295 if (nest == NULL) 296 return -EMSGSIZE; 297 298 hlist_for_each_entry_rcu(mp, &br->mdb_list, mdb_node) { 299 struct net_bridge_port_group *p; 300 struct net_bridge_port_group __rcu **pp; 301 302 if (idx < s_idx) 303 goto skip; 304 305 nest2 = nla_nest_start_noflag(skb, MDBA_MDB_ENTRY); 306 if (!nest2) { 307 err = -EMSGSIZE; 308 break; 309 } 310 311 if (!s_pidx && mp->host_joined) { 312 err = __mdb_fill_info(skb, mp, NULL); 313 if (err) { 314 nla_nest_cancel(skb, nest2); 315 break; 316 } 317 } 318 319 for (pp = &mp->ports; (p = rcu_dereference(*pp)) != NULL; 320 pp = &p->next) { 321 if (!p->key.port) 322 continue; 323 if (pidx < s_pidx) 324 goto skip_pg; 325 326 err = __mdb_fill_info(skb, mp, p); 327 if (err) { 328 nla_nest_end(skb, nest2); 329 goto out; 330 } 331 skip_pg: 332 pidx++; 333 } 334 pidx = 0; 335 s_pidx = 0; 336 nla_nest_end(skb, nest2); 337 skip: 338 idx++; 339 } 340 341 out: 342 cb->args[1] = idx; 343 cb->args[2] = pidx; 344 nla_nest_end(skb, nest); 345 return err; 346 } 347 348 static int br_mdb_valid_dump_req(const struct nlmsghdr *nlh, 349 struct netlink_ext_ack *extack) 350 { 351 struct br_port_msg *bpm; 352 353 if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*bpm))) { 354 NL_SET_ERR_MSG_MOD(extack, "Invalid header for mdb dump request"); 355 return -EINVAL; 356 } 357 358 bpm = nlmsg_data(nlh); 359 if (bpm->ifindex) { 360 NL_SET_ERR_MSG_MOD(extack, "Filtering by device index is not supported for mdb dump request"); 361 return -EINVAL; 362 } 363 if (nlmsg_attrlen(nlh, sizeof(*bpm))) { 364 NL_SET_ERR_MSG(extack, "Invalid data after header in mdb dump request"); 365 return -EINVAL; 366 } 367 368 return 0; 369 } 370 371 static int br_mdb_dump(struct sk_buff *skb, struct netlink_callback *cb) 372 { 373 struct net_device *dev; 374 struct net *net = sock_net(skb->sk); 375 struct nlmsghdr *nlh = NULL; 376 int idx = 0, s_idx; 377 378 if (cb->strict_check) { 379 int err = br_mdb_valid_dump_req(cb->nlh, cb->extack); 380 381 if (err < 0) 382 return err; 383 } 384 385 s_idx = cb->args[0]; 386 387 rcu_read_lock(); 388 389 cb->seq = net->dev_base_seq; 390 391 for_each_netdev_rcu(net, dev) { 392 if (dev->priv_flags & IFF_EBRIDGE) { 393 struct br_port_msg *bpm; 394 395 if (idx < s_idx) 396 goto skip; 397 398 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, 399 cb->nlh->nlmsg_seq, RTM_GETMDB, 400 sizeof(*bpm), NLM_F_MULTI); 401 if (nlh == NULL) 402 break; 403 404 bpm = nlmsg_data(nlh); 405 memset(bpm, 0, sizeof(*bpm)); 406 bpm->ifindex = dev->ifindex; 407 if (br_mdb_fill_info(skb, cb, dev) < 0) 408 goto out; 409 if (br_rports_fill_info(skb, cb, dev) < 0) 410 goto out; 411 412 cb->args[1] = 0; 413 nlmsg_end(skb, nlh); 414 skip: 415 idx++; 416 } 417 } 418 419 out: 420 if (nlh) 421 nlmsg_end(skb, nlh); 422 rcu_read_unlock(); 423 cb->args[0] = idx; 424 return skb->len; 425 } 426 427 static int nlmsg_populate_mdb_fill(struct sk_buff *skb, 428 struct net_device *dev, 429 struct net_bridge_mdb_entry *mp, 430 struct net_bridge_port_group *pg, 431 int type) 432 { 433 struct nlmsghdr *nlh; 434 struct br_port_msg *bpm; 435 struct nlattr *nest, *nest2; 436 437 nlh = nlmsg_put(skb, 0, 0, type, sizeof(*bpm), 0); 438 if (!nlh) 439 return -EMSGSIZE; 440 441 bpm = nlmsg_data(nlh); 442 memset(bpm, 0, sizeof(*bpm)); 443 bpm->family = AF_BRIDGE; 444 bpm->ifindex = dev->ifindex; 445 nest = nla_nest_start_noflag(skb, MDBA_MDB); 446 if (nest == NULL) 447 goto cancel; 448 nest2 = nla_nest_start_noflag(skb, MDBA_MDB_ENTRY); 449 if (nest2 == NULL) 450 goto end; 451 452 if (__mdb_fill_info(skb, mp, pg)) 453 goto end; 454 455 nla_nest_end(skb, nest2); 456 nla_nest_end(skb, nest); 457 nlmsg_end(skb, nlh); 458 return 0; 459 460 end: 461 nla_nest_end(skb, nest); 462 cancel: 463 nlmsg_cancel(skb, nlh); 464 return -EMSGSIZE; 465 } 466 467 static size_t rtnl_mdb_nlmsg_size(struct net_bridge_port_group *pg) 468 { 469 size_t nlmsg_size = NLMSG_ALIGN(sizeof(struct br_port_msg)) + 470 nla_total_size(sizeof(struct br_mdb_entry)) + 471 nla_total_size(sizeof(u32)); 472 struct net_bridge_group_src *ent; 473 size_t addr_size = 0; 474 475 if (!pg) 476 goto out; 477 478 /* MDBA_MDB_EATTR_RTPROT */ 479 nlmsg_size += nla_total_size(sizeof(u8)); 480 481 switch (pg->key.addr.proto) { 482 case htons(ETH_P_IP): 483 /* MDBA_MDB_EATTR_SOURCE */ 484 if (pg->key.addr.src.ip4) 485 nlmsg_size += nla_total_size(sizeof(__be32)); 486 if (pg->key.port->br->multicast_ctx.multicast_igmp_version == 2) 487 goto out; 488 addr_size = sizeof(__be32); 489 break; 490 #if IS_ENABLED(CONFIG_IPV6) 491 case htons(ETH_P_IPV6): 492 /* MDBA_MDB_EATTR_SOURCE */ 493 if (!ipv6_addr_any(&pg->key.addr.src.ip6)) 494 nlmsg_size += nla_total_size(sizeof(struct in6_addr)); 495 if (pg->key.port->br->multicast_ctx.multicast_mld_version == 1) 496 goto out; 497 addr_size = sizeof(struct in6_addr); 498 break; 499 #endif 500 } 501 502 /* MDBA_MDB_EATTR_GROUP_MODE */ 503 nlmsg_size += nla_total_size(sizeof(u8)); 504 505 /* MDBA_MDB_EATTR_SRC_LIST nested attr */ 506 if (!hlist_empty(&pg->src_list)) 507 nlmsg_size += nla_total_size(0); 508 509 hlist_for_each_entry(ent, &pg->src_list, node) { 510 /* MDBA_MDB_SRCLIST_ENTRY nested attr + 511 * MDBA_MDB_SRCATTR_ADDRESS + MDBA_MDB_SRCATTR_TIMER 512 */ 513 nlmsg_size += nla_total_size(0) + 514 nla_total_size(addr_size) + 515 nla_total_size(sizeof(u32)); 516 } 517 out: 518 return nlmsg_size; 519 } 520 521 struct br_mdb_complete_info { 522 struct net_bridge_port *port; 523 struct br_ip ip; 524 }; 525 526 static void br_mdb_complete(struct net_device *dev, int err, void *priv) 527 { 528 struct br_mdb_complete_info *data = priv; 529 struct net_bridge_port_group __rcu **pp; 530 struct net_bridge_port_group *p; 531 struct net_bridge_mdb_entry *mp; 532 struct net_bridge_port *port = data->port; 533 struct net_bridge *br = port->br; 534 535 if (err) 536 goto err; 537 538 spin_lock_bh(&br->multicast_lock); 539 mp = br_mdb_ip_get(br, &data->ip); 540 if (!mp) 541 goto out; 542 for (pp = &mp->ports; (p = mlock_dereference(*pp, br)) != NULL; 543 pp = &p->next) { 544 if (p->key.port != port) 545 continue; 546 p->flags |= MDB_PG_FLAGS_OFFLOAD; 547 } 548 out: 549 spin_unlock_bh(&br->multicast_lock); 550 err: 551 kfree(priv); 552 } 553 554 static void br_switchdev_mdb_populate(struct switchdev_obj_port_mdb *mdb, 555 const struct net_bridge_mdb_entry *mp) 556 { 557 if (mp->addr.proto == htons(ETH_P_IP)) 558 ip_eth_mc_map(mp->addr.dst.ip4, mdb->addr); 559 #if IS_ENABLED(CONFIG_IPV6) 560 else if (mp->addr.proto == htons(ETH_P_IPV6)) 561 ipv6_eth_mc_map(&mp->addr.dst.ip6, mdb->addr); 562 #endif 563 else 564 ether_addr_copy(mdb->addr, mp->addr.dst.mac_addr); 565 566 mdb->vid = mp->addr.vid; 567 } 568 569 static int br_mdb_replay_one(struct notifier_block *nb, struct net_device *dev, 570 const struct switchdev_obj_port_mdb *mdb, 571 unsigned long action, const void *ctx, 572 struct netlink_ext_ack *extack) 573 { 574 struct switchdev_notifier_port_obj_info obj_info = { 575 .info = { 576 .dev = dev, 577 .extack = extack, 578 .ctx = ctx, 579 }, 580 .obj = &mdb->obj, 581 }; 582 int err; 583 584 err = nb->notifier_call(nb, action, &obj_info); 585 return notifier_to_errno(err); 586 } 587 588 static int br_mdb_queue_one(struct list_head *mdb_list, 589 enum switchdev_obj_id id, 590 const struct net_bridge_mdb_entry *mp, 591 struct net_device *orig_dev) 592 { 593 struct switchdev_obj_port_mdb *mdb; 594 595 mdb = kzalloc(sizeof(*mdb), GFP_ATOMIC); 596 if (!mdb) 597 return -ENOMEM; 598 599 mdb->obj.id = id; 600 mdb->obj.orig_dev = orig_dev; 601 br_switchdev_mdb_populate(mdb, mp); 602 list_add_tail(&mdb->obj.list, mdb_list); 603 604 return 0; 605 } 606 607 int br_mdb_replay(struct net_device *br_dev, struct net_device *dev, 608 const void *ctx, bool adding, struct notifier_block *nb, 609 struct netlink_ext_ack *extack) 610 { 611 const struct net_bridge_mdb_entry *mp; 612 struct switchdev_obj *obj, *tmp; 613 struct net_bridge *br; 614 unsigned long action; 615 LIST_HEAD(mdb_list); 616 int err = 0; 617 618 ASSERT_RTNL(); 619 620 if (!nb) 621 return 0; 622 623 if (!netif_is_bridge_master(br_dev) || !netif_is_bridge_port(dev)) 624 return -EINVAL; 625 626 br = netdev_priv(br_dev); 627 628 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) 629 return 0; 630 631 /* We cannot walk over br->mdb_list protected just by the rtnl_mutex, 632 * because the write-side protection is br->multicast_lock. But we 633 * need to emulate the [ blocking ] calling context of a regular 634 * switchdev event, so since both br->multicast_lock and RCU read side 635 * critical sections are atomic, we have no choice but to pick the RCU 636 * read side lock, queue up all our events, leave the critical section 637 * and notify switchdev from blocking context. 638 */ 639 rcu_read_lock(); 640 641 hlist_for_each_entry_rcu(mp, &br->mdb_list, mdb_node) { 642 struct net_bridge_port_group __rcu * const *pp; 643 const struct net_bridge_port_group *p; 644 645 if (mp->host_joined) { 646 err = br_mdb_queue_one(&mdb_list, 647 SWITCHDEV_OBJ_ID_HOST_MDB, 648 mp, br_dev); 649 if (err) { 650 rcu_read_unlock(); 651 goto out_free_mdb; 652 } 653 } 654 655 for (pp = &mp->ports; (p = rcu_dereference(*pp)) != NULL; 656 pp = &p->next) { 657 if (p->key.port->dev != dev) 658 continue; 659 660 err = br_mdb_queue_one(&mdb_list, 661 SWITCHDEV_OBJ_ID_PORT_MDB, 662 mp, dev); 663 if (err) { 664 rcu_read_unlock(); 665 goto out_free_mdb; 666 } 667 } 668 } 669 670 rcu_read_unlock(); 671 672 if (adding) 673 action = SWITCHDEV_PORT_OBJ_ADD; 674 else 675 action = SWITCHDEV_PORT_OBJ_DEL; 676 677 list_for_each_entry(obj, &mdb_list, list) { 678 err = br_mdb_replay_one(nb, dev, SWITCHDEV_OBJ_PORT_MDB(obj), 679 action, ctx, extack); 680 if (err) 681 goto out_free_mdb; 682 } 683 684 out_free_mdb: 685 list_for_each_entry_safe(obj, tmp, &mdb_list, list) { 686 list_del(&obj->list); 687 kfree(SWITCHDEV_OBJ_PORT_MDB(obj)); 688 } 689 690 return err; 691 } 692 693 static void br_mdb_switchdev_host_port(struct net_device *dev, 694 struct net_device *lower_dev, 695 struct net_bridge_mdb_entry *mp, 696 int type) 697 { 698 struct switchdev_obj_port_mdb mdb = { 699 .obj = { 700 .id = SWITCHDEV_OBJ_ID_HOST_MDB, 701 .flags = SWITCHDEV_F_DEFER, 702 .orig_dev = dev, 703 }, 704 }; 705 706 br_switchdev_mdb_populate(&mdb, mp); 707 708 switch (type) { 709 case RTM_NEWMDB: 710 switchdev_port_obj_add(lower_dev, &mdb.obj, NULL); 711 break; 712 case RTM_DELMDB: 713 switchdev_port_obj_del(lower_dev, &mdb.obj); 714 break; 715 } 716 } 717 718 static void br_mdb_switchdev_host(struct net_device *dev, 719 struct net_bridge_mdb_entry *mp, int type) 720 { 721 struct net_device *lower_dev; 722 struct list_head *iter; 723 724 netdev_for_each_lower_dev(dev, lower_dev, iter) 725 br_mdb_switchdev_host_port(dev, lower_dev, mp, type); 726 } 727 728 void br_mdb_notify(struct net_device *dev, 729 struct net_bridge_mdb_entry *mp, 730 struct net_bridge_port_group *pg, 731 int type) 732 { 733 struct br_mdb_complete_info *complete_info; 734 struct switchdev_obj_port_mdb mdb = { 735 .obj = { 736 .id = SWITCHDEV_OBJ_ID_PORT_MDB, 737 .flags = SWITCHDEV_F_DEFER, 738 }, 739 }; 740 struct net *net = dev_net(dev); 741 struct sk_buff *skb; 742 int err = -ENOBUFS; 743 744 if (pg) { 745 br_switchdev_mdb_populate(&mdb, mp); 746 747 mdb.obj.orig_dev = pg->key.port->dev; 748 switch (type) { 749 case RTM_NEWMDB: 750 complete_info = kmalloc(sizeof(*complete_info), GFP_ATOMIC); 751 if (!complete_info) 752 break; 753 complete_info->port = pg->key.port; 754 complete_info->ip = mp->addr; 755 mdb.obj.complete_priv = complete_info; 756 mdb.obj.complete = br_mdb_complete; 757 if (switchdev_port_obj_add(pg->key.port->dev, &mdb.obj, NULL)) 758 kfree(complete_info); 759 break; 760 case RTM_DELMDB: 761 switchdev_port_obj_del(pg->key.port->dev, &mdb.obj); 762 break; 763 } 764 } else { 765 br_mdb_switchdev_host(dev, mp, type); 766 } 767 768 skb = nlmsg_new(rtnl_mdb_nlmsg_size(pg), GFP_ATOMIC); 769 if (!skb) 770 goto errout; 771 772 err = nlmsg_populate_mdb_fill(skb, dev, mp, pg, type); 773 if (err < 0) { 774 kfree_skb(skb); 775 goto errout; 776 } 777 778 rtnl_notify(skb, net, 0, RTNLGRP_MDB, NULL, GFP_ATOMIC); 779 return; 780 errout: 781 rtnl_set_sk_err(net, RTNLGRP_MDB, err); 782 } 783 784 static int nlmsg_populate_rtr_fill(struct sk_buff *skb, 785 struct net_device *dev, 786 int ifindex, u16 vid, u32 pid, 787 u32 seq, int type, unsigned int flags) 788 { 789 struct nlattr *nest, *port_nest; 790 struct br_port_msg *bpm; 791 struct nlmsghdr *nlh; 792 793 nlh = nlmsg_put(skb, pid, seq, type, sizeof(*bpm), 0); 794 if (!nlh) 795 return -EMSGSIZE; 796 797 bpm = nlmsg_data(nlh); 798 memset(bpm, 0, sizeof(*bpm)); 799 bpm->family = AF_BRIDGE; 800 bpm->ifindex = dev->ifindex; 801 nest = nla_nest_start_noflag(skb, MDBA_ROUTER); 802 if (!nest) 803 goto cancel; 804 805 port_nest = nla_nest_start_noflag(skb, MDBA_ROUTER_PORT); 806 if (!port_nest) 807 goto end; 808 if (nla_put_nohdr(skb, sizeof(u32), &ifindex)) { 809 nla_nest_cancel(skb, port_nest); 810 goto end; 811 } 812 if (vid && nla_put_u16(skb, MDBA_ROUTER_PATTR_VID, vid)) { 813 nla_nest_cancel(skb, port_nest); 814 goto end; 815 } 816 nla_nest_end(skb, port_nest); 817 818 nla_nest_end(skb, nest); 819 nlmsg_end(skb, nlh); 820 return 0; 821 822 end: 823 nla_nest_end(skb, nest); 824 cancel: 825 nlmsg_cancel(skb, nlh); 826 return -EMSGSIZE; 827 } 828 829 static inline size_t rtnl_rtr_nlmsg_size(void) 830 { 831 return NLMSG_ALIGN(sizeof(struct br_port_msg)) 832 + nla_total_size(sizeof(__u32)) 833 + nla_total_size(sizeof(u16)); 834 } 835 836 void br_rtr_notify(struct net_device *dev, struct net_bridge_mcast_port *pmctx, 837 int type) 838 { 839 struct net *net = dev_net(dev); 840 struct sk_buff *skb; 841 int err = -ENOBUFS; 842 int ifindex; 843 u16 vid; 844 845 ifindex = pmctx ? pmctx->port->dev->ifindex : 0; 846 vid = pmctx && br_multicast_port_ctx_is_vlan(pmctx) ? pmctx->vlan->vid : 847 0; 848 skb = nlmsg_new(rtnl_rtr_nlmsg_size(), GFP_ATOMIC); 849 if (!skb) 850 goto errout; 851 852 err = nlmsg_populate_rtr_fill(skb, dev, ifindex, vid, 0, 0, type, 853 NTF_SELF); 854 if (err < 0) { 855 kfree_skb(skb); 856 goto errout; 857 } 858 859 rtnl_notify(skb, net, 0, RTNLGRP_MDB, NULL, GFP_ATOMIC); 860 return; 861 862 errout: 863 rtnl_set_sk_err(net, RTNLGRP_MDB, err); 864 } 865 866 static bool is_valid_mdb_entry(struct br_mdb_entry *entry, 867 struct netlink_ext_ack *extack) 868 { 869 if (entry->ifindex == 0) { 870 NL_SET_ERR_MSG_MOD(extack, "Zero entry ifindex is not allowed"); 871 return false; 872 } 873 874 if (entry->addr.proto == htons(ETH_P_IP)) { 875 if (!ipv4_is_multicast(entry->addr.u.ip4)) { 876 NL_SET_ERR_MSG_MOD(extack, "IPv4 entry group address is not multicast"); 877 return false; 878 } 879 if (ipv4_is_local_multicast(entry->addr.u.ip4)) { 880 NL_SET_ERR_MSG_MOD(extack, "IPv4 entry group address is local multicast"); 881 return false; 882 } 883 #if IS_ENABLED(CONFIG_IPV6) 884 } else if (entry->addr.proto == htons(ETH_P_IPV6)) { 885 if (ipv6_addr_is_ll_all_nodes(&entry->addr.u.ip6)) { 886 NL_SET_ERR_MSG_MOD(extack, "IPv6 entry group address is link-local all nodes"); 887 return false; 888 } 889 #endif 890 } else if (entry->addr.proto == 0) { 891 /* L2 mdb */ 892 if (!is_multicast_ether_addr(entry->addr.u.mac_addr)) { 893 NL_SET_ERR_MSG_MOD(extack, "L2 entry group is not multicast"); 894 return false; 895 } 896 } else { 897 NL_SET_ERR_MSG_MOD(extack, "Unknown entry protocol"); 898 return false; 899 } 900 901 if (entry->state != MDB_PERMANENT && entry->state != MDB_TEMPORARY) { 902 NL_SET_ERR_MSG_MOD(extack, "Unknown entry state"); 903 return false; 904 } 905 if (entry->vid >= VLAN_VID_MASK) { 906 NL_SET_ERR_MSG_MOD(extack, "Invalid entry VLAN id"); 907 return false; 908 } 909 910 return true; 911 } 912 913 static bool is_valid_mdb_source(struct nlattr *attr, __be16 proto, 914 struct netlink_ext_ack *extack) 915 { 916 switch (proto) { 917 case htons(ETH_P_IP): 918 if (nla_len(attr) != sizeof(struct in_addr)) { 919 NL_SET_ERR_MSG_MOD(extack, "IPv4 invalid source address length"); 920 return false; 921 } 922 if (ipv4_is_multicast(nla_get_in_addr(attr))) { 923 NL_SET_ERR_MSG_MOD(extack, "IPv4 multicast source address is not allowed"); 924 return false; 925 } 926 break; 927 #if IS_ENABLED(CONFIG_IPV6) 928 case htons(ETH_P_IPV6): { 929 struct in6_addr src; 930 931 if (nla_len(attr) != sizeof(struct in6_addr)) { 932 NL_SET_ERR_MSG_MOD(extack, "IPv6 invalid source address length"); 933 return false; 934 } 935 src = nla_get_in6_addr(attr); 936 if (ipv6_addr_is_multicast(&src)) { 937 NL_SET_ERR_MSG_MOD(extack, "IPv6 multicast source address is not allowed"); 938 return false; 939 } 940 break; 941 } 942 #endif 943 default: 944 NL_SET_ERR_MSG_MOD(extack, "Invalid protocol used with source address"); 945 return false; 946 } 947 948 return true; 949 } 950 951 static const struct nla_policy br_mdbe_attrs_pol[MDBE_ATTR_MAX + 1] = { 952 [MDBE_ATTR_SOURCE] = NLA_POLICY_RANGE(NLA_BINARY, 953 sizeof(struct in_addr), 954 sizeof(struct in6_addr)), 955 }; 956 957 static int br_mdb_parse(struct sk_buff *skb, struct nlmsghdr *nlh, 958 struct net_device **pdev, struct br_mdb_entry **pentry, 959 struct nlattr **mdb_attrs, struct netlink_ext_ack *extack) 960 { 961 struct net *net = sock_net(skb->sk); 962 struct br_mdb_entry *entry; 963 struct br_port_msg *bpm; 964 struct nlattr *tb[MDBA_SET_ENTRY_MAX+1]; 965 struct net_device *dev; 966 int err; 967 968 err = nlmsg_parse_deprecated(nlh, sizeof(*bpm), tb, 969 MDBA_SET_ENTRY_MAX, NULL, NULL); 970 if (err < 0) 971 return err; 972 973 bpm = nlmsg_data(nlh); 974 if (bpm->ifindex == 0) { 975 NL_SET_ERR_MSG_MOD(extack, "Invalid bridge ifindex"); 976 return -EINVAL; 977 } 978 979 dev = __dev_get_by_index(net, bpm->ifindex); 980 if (dev == NULL) { 981 NL_SET_ERR_MSG_MOD(extack, "Bridge device doesn't exist"); 982 return -ENODEV; 983 } 984 985 if (!(dev->priv_flags & IFF_EBRIDGE)) { 986 NL_SET_ERR_MSG_MOD(extack, "Device is not a bridge"); 987 return -EOPNOTSUPP; 988 } 989 990 *pdev = dev; 991 992 if (!tb[MDBA_SET_ENTRY]) { 993 NL_SET_ERR_MSG_MOD(extack, "Missing MDBA_SET_ENTRY attribute"); 994 return -EINVAL; 995 } 996 if (nla_len(tb[MDBA_SET_ENTRY]) != sizeof(struct br_mdb_entry)) { 997 NL_SET_ERR_MSG_MOD(extack, "Invalid MDBA_SET_ENTRY attribute length"); 998 return -EINVAL; 999 } 1000 1001 entry = nla_data(tb[MDBA_SET_ENTRY]); 1002 if (!is_valid_mdb_entry(entry, extack)) 1003 return -EINVAL; 1004 *pentry = entry; 1005 1006 if (tb[MDBA_SET_ENTRY_ATTRS]) { 1007 err = nla_parse_nested(mdb_attrs, MDBE_ATTR_MAX, 1008 tb[MDBA_SET_ENTRY_ATTRS], 1009 br_mdbe_attrs_pol, extack); 1010 if (err) 1011 return err; 1012 if (mdb_attrs[MDBE_ATTR_SOURCE] && 1013 !is_valid_mdb_source(mdb_attrs[MDBE_ATTR_SOURCE], 1014 entry->addr.proto, extack)) 1015 return -EINVAL; 1016 } else { 1017 memset(mdb_attrs, 0, 1018 sizeof(struct nlattr *) * (MDBE_ATTR_MAX + 1)); 1019 } 1020 1021 return 0; 1022 } 1023 1024 static struct net_bridge_mcast * 1025 __br_mdb_choose_context(struct net_bridge *br, 1026 const struct br_mdb_entry *entry, 1027 struct netlink_ext_ack *extack) 1028 { 1029 struct net_bridge_mcast *brmctx = NULL; 1030 struct net_bridge_vlan *v; 1031 1032 if (!br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) { 1033 brmctx = &br->multicast_ctx; 1034 goto out; 1035 } 1036 1037 if (!entry->vid) { 1038 NL_SET_ERR_MSG_MOD(extack, "Cannot add an entry without a vlan when vlan snooping is enabled"); 1039 goto out; 1040 } 1041 1042 v = br_vlan_find(br_vlan_group(br), entry->vid); 1043 if (!v) { 1044 NL_SET_ERR_MSG_MOD(extack, "Vlan is not configured"); 1045 goto out; 1046 } 1047 if (br_multicast_ctx_vlan_global_disabled(&v->br_mcast_ctx)) { 1048 NL_SET_ERR_MSG_MOD(extack, "Vlan's multicast processing is disabled"); 1049 goto out; 1050 } 1051 brmctx = &v->br_mcast_ctx; 1052 out: 1053 return brmctx; 1054 } 1055 1056 static int br_mdb_add_group(struct net_bridge *br, struct net_bridge_port *port, 1057 struct br_mdb_entry *entry, 1058 struct nlattr **mdb_attrs, 1059 struct netlink_ext_ack *extack) 1060 { 1061 struct net_bridge_mdb_entry *mp, *star_mp; 1062 struct net_bridge_port_group __rcu **pp; 1063 struct net_bridge_port_group *p; 1064 struct net_bridge_mcast *brmctx; 1065 struct br_ip group, star_group; 1066 unsigned long now = jiffies; 1067 unsigned char flags = 0; 1068 u8 filter_mode; 1069 int err; 1070 1071 __mdb_entry_to_br_ip(entry, &group, mdb_attrs); 1072 1073 brmctx = __br_mdb_choose_context(br, entry, extack); 1074 if (!brmctx) 1075 return -EINVAL; 1076 1077 /* host join errors which can happen before creating the group */ 1078 if (!port) { 1079 /* don't allow any flags for host-joined groups */ 1080 if (entry->state) { 1081 NL_SET_ERR_MSG_MOD(extack, "Flags are not allowed for host groups"); 1082 return -EINVAL; 1083 } 1084 if (!br_multicast_is_star_g(&group)) { 1085 NL_SET_ERR_MSG_MOD(extack, "Groups with sources cannot be manually host joined"); 1086 return -EINVAL; 1087 } 1088 } 1089 1090 if (br_group_is_l2(&group) && entry->state != MDB_PERMANENT) { 1091 NL_SET_ERR_MSG_MOD(extack, "Only permanent L2 entries allowed"); 1092 return -EINVAL; 1093 } 1094 1095 mp = br_mdb_ip_get(br, &group); 1096 if (!mp) { 1097 mp = br_multicast_new_group(br, &group); 1098 err = PTR_ERR_OR_ZERO(mp); 1099 if (err) 1100 return err; 1101 } 1102 1103 /* host join */ 1104 if (!port) { 1105 if (mp->host_joined) { 1106 NL_SET_ERR_MSG_MOD(extack, "Group is already joined by host"); 1107 return -EEXIST; 1108 } 1109 1110 br_multicast_host_join(brmctx, mp, false); 1111 br_mdb_notify(br->dev, mp, NULL, RTM_NEWMDB); 1112 1113 return 0; 1114 } 1115 1116 for (pp = &mp->ports; 1117 (p = mlock_dereference(*pp, br)) != NULL; 1118 pp = &p->next) { 1119 if (p->key.port == port) { 1120 NL_SET_ERR_MSG_MOD(extack, "Group is already joined by port"); 1121 return -EEXIST; 1122 } 1123 if ((unsigned long)p->key.port < (unsigned long)port) 1124 break; 1125 } 1126 1127 filter_mode = br_multicast_is_star_g(&group) ? MCAST_EXCLUDE : 1128 MCAST_INCLUDE; 1129 1130 if (entry->state == MDB_PERMANENT) 1131 flags |= MDB_PG_FLAGS_PERMANENT; 1132 1133 p = br_multicast_new_port_group(port, &group, *pp, flags, NULL, 1134 filter_mode, RTPROT_STATIC); 1135 if (unlikely(!p)) { 1136 NL_SET_ERR_MSG_MOD(extack, "Couldn't allocate new port group"); 1137 return -ENOMEM; 1138 } 1139 rcu_assign_pointer(*pp, p); 1140 if (entry->state == MDB_TEMPORARY) 1141 mod_timer(&p->timer, 1142 now + brmctx->multicast_membership_interval); 1143 br_mdb_notify(br->dev, mp, p, RTM_NEWMDB); 1144 /* if we are adding a new EXCLUDE port group (*,G) it needs to be also 1145 * added to all S,G entries for proper replication, if we are adding 1146 * a new INCLUDE port (S,G) then all of *,G EXCLUDE ports need to be 1147 * added to it for proper replication 1148 */ 1149 if (br_multicast_should_handle_mode(brmctx, group.proto)) { 1150 switch (filter_mode) { 1151 case MCAST_EXCLUDE: 1152 br_multicast_star_g_handle_mode(p, MCAST_EXCLUDE); 1153 break; 1154 case MCAST_INCLUDE: 1155 star_group = p->key.addr; 1156 memset(&star_group.src, 0, sizeof(star_group.src)); 1157 star_mp = br_mdb_ip_get(br, &star_group); 1158 if (star_mp) 1159 br_multicast_sg_add_exclude_ports(star_mp, p); 1160 break; 1161 } 1162 } 1163 1164 return 0; 1165 } 1166 1167 static int __br_mdb_add(struct net *net, struct net_bridge *br, 1168 struct net_bridge_port *p, 1169 struct br_mdb_entry *entry, 1170 struct nlattr **mdb_attrs, 1171 struct netlink_ext_ack *extack) 1172 { 1173 int ret; 1174 1175 spin_lock_bh(&br->multicast_lock); 1176 ret = br_mdb_add_group(br, p, entry, mdb_attrs, extack); 1177 spin_unlock_bh(&br->multicast_lock); 1178 1179 return ret; 1180 } 1181 1182 static int br_mdb_add(struct sk_buff *skb, struct nlmsghdr *nlh, 1183 struct netlink_ext_ack *extack) 1184 { 1185 struct nlattr *mdb_attrs[MDBE_ATTR_MAX + 1]; 1186 struct net *net = sock_net(skb->sk); 1187 struct net_bridge_vlan_group *vg; 1188 struct net_bridge_port *p = NULL; 1189 struct net_device *dev, *pdev; 1190 struct br_mdb_entry *entry; 1191 struct net_bridge_vlan *v; 1192 struct net_bridge *br; 1193 int err; 1194 1195 err = br_mdb_parse(skb, nlh, &dev, &entry, mdb_attrs, extack); 1196 if (err < 0) 1197 return err; 1198 1199 br = netdev_priv(dev); 1200 1201 if (!netif_running(br->dev)) { 1202 NL_SET_ERR_MSG_MOD(extack, "Bridge device is not running"); 1203 return -EINVAL; 1204 } 1205 1206 if (!br_opt_get(br, BROPT_MULTICAST_ENABLED)) { 1207 NL_SET_ERR_MSG_MOD(extack, "Bridge's multicast processing is disabled"); 1208 return -EINVAL; 1209 } 1210 1211 if (entry->ifindex != br->dev->ifindex) { 1212 pdev = __dev_get_by_index(net, entry->ifindex); 1213 if (!pdev) { 1214 NL_SET_ERR_MSG_MOD(extack, "Port net device doesn't exist"); 1215 return -ENODEV; 1216 } 1217 1218 p = br_port_get_rtnl(pdev); 1219 if (!p) { 1220 NL_SET_ERR_MSG_MOD(extack, "Net device is not a bridge port"); 1221 return -EINVAL; 1222 } 1223 1224 if (p->br != br) { 1225 NL_SET_ERR_MSG_MOD(extack, "Port belongs to a different bridge device"); 1226 return -EINVAL; 1227 } 1228 if (p->state == BR_STATE_DISABLED) { 1229 NL_SET_ERR_MSG_MOD(extack, "Port is in disabled state"); 1230 return -EINVAL; 1231 } 1232 vg = nbp_vlan_group(p); 1233 } else { 1234 vg = br_vlan_group(br); 1235 } 1236 1237 /* If vlan filtering is enabled and VLAN is not specified 1238 * install mdb entry on all vlans configured on the port. 1239 */ 1240 if (br_vlan_enabled(br->dev) && vg && entry->vid == 0) { 1241 list_for_each_entry(v, &vg->vlan_list, vlist) { 1242 entry->vid = v->vid; 1243 err = __br_mdb_add(net, br, p, entry, mdb_attrs, extack); 1244 if (err) 1245 break; 1246 } 1247 } else { 1248 err = __br_mdb_add(net, br, p, entry, mdb_attrs, extack); 1249 } 1250 1251 return err; 1252 } 1253 1254 static int __br_mdb_del(struct net_bridge *br, struct br_mdb_entry *entry, 1255 struct nlattr **mdb_attrs) 1256 { 1257 struct net_bridge_mdb_entry *mp; 1258 struct net_bridge_port_group *p; 1259 struct net_bridge_port_group __rcu **pp; 1260 struct br_ip ip; 1261 int err = -EINVAL; 1262 1263 if (!netif_running(br->dev) || !br_opt_get(br, BROPT_MULTICAST_ENABLED)) 1264 return -EINVAL; 1265 1266 __mdb_entry_to_br_ip(entry, &ip, mdb_attrs); 1267 1268 spin_lock_bh(&br->multicast_lock); 1269 mp = br_mdb_ip_get(br, &ip); 1270 if (!mp) 1271 goto unlock; 1272 1273 /* host leave */ 1274 if (entry->ifindex == mp->br->dev->ifindex && mp->host_joined) { 1275 br_multicast_host_leave(mp, false); 1276 err = 0; 1277 br_mdb_notify(br->dev, mp, NULL, RTM_DELMDB); 1278 if (!mp->ports && netif_running(br->dev)) 1279 mod_timer(&mp->timer, jiffies); 1280 goto unlock; 1281 } 1282 1283 for (pp = &mp->ports; 1284 (p = mlock_dereference(*pp, br)) != NULL; 1285 pp = &p->next) { 1286 if (!p->key.port || p->key.port->dev->ifindex != entry->ifindex) 1287 continue; 1288 1289 if (p->key.port->state == BR_STATE_DISABLED) 1290 goto unlock; 1291 1292 br_multicast_del_pg(mp, p, pp); 1293 err = 0; 1294 break; 1295 } 1296 1297 unlock: 1298 spin_unlock_bh(&br->multicast_lock); 1299 return err; 1300 } 1301 1302 static int br_mdb_del(struct sk_buff *skb, struct nlmsghdr *nlh, 1303 struct netlink_ext_ack *extack) 1304 { 1305 struct nlattr *mdb_attrs[MDBE_ATTR_MAX + 1]; 1306 struct net *net = sock_net(skb->sk); 1307 struct net_bridge_vlan_group *vg; 1308 struct net_bridge_port *p = NULL; 1309 struct net_device *dev, *pdev; 1310 struct br_mdb_entry *entry; 1311 struct net_bridge_vlan *v; 1312 struct net_bridge *br; 1313 int err; 1314 1315 err = br_mdb_parse(skb, nlh, &dev, &entry, mdb_attrs, extack); 1316 if (err < 0) 1317 return err; 1318 1319 br = netdev_priv(dev); 1320 1321 if (entry->ifindex != br->dev->ifindex) { 1322 pdev = __dev_get_by_index(net, entry->ifindex); 1323 if (!pdev) 1324 return -ENODEV; 1325 1326 p = br_port_get_rtnl(pdev); 1327 if (!p || p->br != br || p->state == BR_STATE_DISABLED) 1328 return -EINVAL; 1329 vg = nbp_vlan_group(p); 1330 } else { 1331 vg = br_vlan_group(br); 1332 } 1333 1334 /* If vlan filtering is enabled and VLAN is not specified 1335 * delete mdb entry on all vlans configured on the port. 1336 */ 1337 if (br_vlan_enabled(br->dev) && vg && entry->vid == 0) { 1338 list_for_each_entry(v, &vg->vlan_list, vlist) { 1339 entry->vid = v->vid; 1340 err = __br_mdb_del(br, entry, mdb_attrs); 1341 } 1342 } else { 1343 err = __br_mdb_del(br, entry, mdb_attrs); 1344 } 1345 1346 return err; 1347 } 1348 1349 void br_mdb_init(void) 1350 { 1351 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_GETMDB, NULL, br_mdb_dump, 0); 1352 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_NEWMDB, br_mdb_add, NULL, 0); 1353 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_DELMDB, br_mdb_del, NULL, 0); 1354 } 1355 1356 void br_mdb_uninit(void) 1357 { 1358 rtnl_unregister(PF_BRIDGE, RTM_GETMDB); 1359 rtnl_unregister(PF_BRIDGE, RTM_NEWMDB); 1360 rtnl_unregister(PF_BRIDGE, RTM_DELMDB); 1361 } 1362