1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include "br_private.h" 28 29 static struct kmem_cache *br_fdb_cache __read_mostly; 30 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 31 const unsigned char *addr, 32 __u16 vid); 33 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 34 const unsigned char *addr, u16 vid); 35 static void fdb_notify(struct net_bridge *br, 36 const struct net_bridge_fdb_entry *, int); 37 38 static u32 fdb_salt __read_mostly; 39 40 int __init br_fdb_init(void) 41 { 42 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 43 sizeof(struct net_bridge_fdb_entry), 44 0, 45 SLAB_HWCACHE_ALIGN, NULL); 46 if (!br_fdb_cache) 47 return -ENOMEM; 48 49 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 50 return 0; 51 } 52 53 void br_fdb_fini(void) 54 { 55 kmem_cache_destroy(br_fdb_cache); 56 } 57 58 59 /* if topology_changing then use forward_delay (default 15 sec) 60 * otherwise keep longer (default 5 minutes) 61 */ 62 static inline unsigned long hold_time(const struct net_bridge *br) 63 { 64 return br->topology_change ? br->forward_delay : br->ageing_time; 65 } 66 67 static inline int has_expired(const struct net_bridge *br, 68 const struct net_bridge_fdb_entry *fdb) 69 { 70 return !fdb->is_static && 71 time_before_eq(fdb->updated + hold_time(br), jiffies); 72 } 73 74 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 75 { 76 /* use 1 byte of OUI and 3 bytes of NIC */ 77 u32 key = get_unaligned((u32 *)(mac + 2)); 78 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 79 } 80 81 static void fdb_rcu_free(struct rcu_head *head) 82 { 83 struct net_bridge_fdb_entry *ent 84 = container_of(head, struct net_bridge_fdb_entry, rcu); 85 kmem_cache_free(br_fdb_cache, ent); 86 } 87 88 /* When a static FDB entry is added, the mac address from the entry is 89 * added to the bridge private HW address list and all required ports 90 * are then updated with the new information. 91 * Called under RTNL. 92 */ 93 static void fdb_add_hw(struct net_bridge *br, const unsigned char *addr) 94 { 95 int err; 96 struct net_bridge_port *p; 97 98 ASSERT_RTNL(); 99 100 list_for_each_entry(p, &br->port_list, list) { 101 if (!br_promisc_port(p)) { 102 err = dev_uc_add(p->dev, addr); 103 if (err) 104 goto undo; 105 } 106 } 107 108 return; 109 undo: 110 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 111 if (!br_promisc_port(p)) 112 dev_uc_del(p->dev, addr); 113 } 114 } 115 116 /* When a static FDB entry is deleted, the HW address from that entry is 117 * also removed from the bridge private HW address list and updates all 118 * the ports with needed information. 119 * Called under RTNL. 120 */ 121 static void fdb_del_hw(struct net_bridge *br, const unsigned char *addr) 122 { 123 struct net_bridge_port *p; 124 125 ASSERT_RTNL(); 126 127 list_for_each_entry(p, &br->port_list, list) { 128 if (!br_promisc_port(p)) 129 dev_uc_del(p->dev, addr); 130 } 131 } 132 133 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 134 { 135 if (f->is_static) 136 fdb_del_hw(br, f->addr.addr); 137 138 hlist_del_rcu(&f->hlist); 139 fdb_notify(br, f, RTM_DELNEIGH); 140 call_rcu(&f->rcu, fdb_rcu_free); 141 } 142 143 /* Delete a local entry if no other port had the same address. */ 144 static void fdb_delete_local(struct net_bridge *br, 145 const struct net_bridge_port *p, 146 struct net_bridge_fdb_entry *f) 147 { 148 const unsigned char *addr = f->addr.addr; 149 u16 vid = f->vlan_id; 150 struct net_bridge_port *op; 151 152 /* Maybe another port has same hw addr? */ 153 list_for_each_entry(op, &br->port_list, list) { 154 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 155 (!vid || nbp_vlan_find(op, vid))) { 156 f->dst = op; 157 f->added_by_user = 0; 158 return; 159 } 160 } 161 162 /* Maybe bridge device has same hw addr? */ 163 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 164 (!vid || br_vlan_find(br, vid))) { 165 f->dst = NULL; 166 f->added_by_user = 0; 167 return; 168 } 169 170 fdb_delete(br, f); 171 } 172 173 void br_fdb_find_delete_local(struct net_bridge *br, 174 const struct net_bridge_port *p, 175 const unsigned char *addr, u16 vid) 176 { 177 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 178 struct net_bridge_fdb_entry *f; 179 180 spin_lock_bh(&br->hash_lock); 181 f = fdb_find(head, addr, vid); 182 if (f && f->is_local && !f->added_by_user && f->dst == p) 183 fdb_delete_local(br, p, f); 184 spin_unlock_bh(&br->hash_lock); 185 } 186 187 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 188 { 189 struct net_bridge *br = p->br; 190 struct net_port_vlans *pv = nbp_get_vlan_info(p); 191 bool no_vlan = !pv; 192 int i; 193 u16 vid; 194 195 spin_lock_bh(&br->hash_lock); 196 197 /* Search all chains since old address/hash is unknown */ 198 for (i = 0; i < BR_HASH_SIZE; i++) { 199 struct hlist_node *h; 200 hlist_for_each(h, &br->hash[i]) { 201 struct net_bridge_fdb_entry *f; 202 203 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 204 if (f->dst == p && f->is_local && !f->added_by_user) { 205 /* delete old one */ 206 fdb_delete_local(br, p, f); 207 208 /* if this port has no vlan information 209 * configured, we can safely be done at 210 * this point. 211 */ 212 if (no_vlan) 213 goto insert; 214 } 215 } 216 } 217 218 insert: 219 /* insert new address, may fail if invalid address or dup. */ 220 fdb_insert(br, p, newaddr, 0); 221 222 if (no_vlan) 223 goto done; 224 225 /* Now add entries for every VLAN configured on the port. 226 * This function runs under RTNL so the bitmap will not change 227 * from under us. 228 */ 229 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) 230 fdb_insert(br, p, newaddr, vid); 231 232 done: 233 spin_unlock_bh(&br->hash_lock); 234 } 235 236 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 237 { 238 struct net_bridge_fdb_entry *f; 239 struct net_port_vlans *pv; 240 u16 vid = 0; 241 242 spin_lock_bh(&br->hash_lock); 243 244 /* If old entry was unassociated with any port, then delete it. */ 245 f = __br_fdb_get(br, br->dev->dev_addr, 0); 246 if (f && f->is_local && !f->dst) 247 fdb_delete_local(br, NULL, f); 248 249 fdb_insert(br, NULL, newaddr, 0); 250 251 /* Now remove and add entries for every VLAN configured on the 252 * bridge. This function runs under RTNL so the bitmap will not 253 * change from under us. 254 */ 255 pv = br_get_vlan_info(br); 256 if (!pv) 257 goto out; 258 259 for_each_set_bit_from(vid, pv->vlan_bitmap, VLAN_N_VID) { 260 f = __br_fdb_get(br, br->dev->dev_addr, vid); 261 if (f && f->is_local && !f->dst) 262 fdb_delete_local(br, NULL, f); 263 fdb_insert(br, NULL, newaddr, vid); 264 } 265 out: 266 spin_unlock_bh(&br->hash_lock); 267 } 268 269 void br_fdb_cleanup(unsigned long _data) 270 { 271 struct net_bridge *br = (struct net_bridge *)_data; 272 unsigned long delay = hold_time(br); 273 unsigned long next_timer = jiffies + br->ageing_time; 274 int i; 275 276 spin_lock(&br->hash_lock); 277 for (i = 0; i < BR_HASH_SIZE; i++) { 278 struct net_bridge_fdb_entry *f; 279 struct hlist_node *n; 280 281 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 282 unsigned long this_timer; 283 if (f->is_static) 284 continue; 285 this_timer = f->updated + delay; 286 if (time_before_eq(this_timer, jiffies)) 287 fdb_delete(br, f); 288 else if (time_before(this_timer, next_timer)) 289 next_timer = this_timer; 290 } 291 } 292 spin_unlock(&br->hash_lock); 293 294 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 295 } 296 297 /* Completely flush all dynamic entries in forwarding database.*/ 298 void br_fdb_flush(struct net_bridge *br) 299 { 300 int i; 301 302 spin_lock_bh(&br->hash_lock); 303 for (i = 0; i < BR_HASH_SIZE; i++) { 304 struct net_bridge_fdb_entry *f; 305 struct hlist_node *n; 306 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 307 if (!f->is_static) 308 fdb_delete(br, f); 309 } 310 } 311 spin_unlock_bh(&br->hash_lock); 312 } 313 314 /* Flush all entries referring to a specific port. 315 * if do_all is set also flush static entries 316 */ 317 void br_fdb_delete_by_port(struct net_bridge *br, 318 const struct net_bridge_port *p, 319 int do_all) 320 { 321 int i; 322 323 spin_lock_bh(&br->hash_lock); 324 for (i = 0; i < BR_HASH_SIZE; i++) { 325 struct hlist_node *h, *g; 326 327 hlist_for_each_safe(h, g, &br->hash[i]) { 328 struct net_bridge_fdb_entry *f 329 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 330 if (f->dst != p) 331 continue; 332 333 if (f->is_static && !do_all) 334 continue; 335 336 if (f->is_local) 337 fdb_delete_local(br, p, f); 338 else 339 fdb_delete(br, f); 340 } 341 } 342 spin_unlock_bh(&br->hash_lock); 343 } 344 345 /* No locking or refcounting, assumes caller has rcu_read_lock */ 346 struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 347 const unsigned char *addr, 348 __u16 vid) 349 { 350 struct net_bridge_fdb_entry *fdb; 351 352 hlist_for_each_entry_rcu(fdb, 353 &br->hash[br_mac_hash(addr, vid)], hlist) { 354 if (ether_addr_equal(fdb->addr.addr, addr) && 355 fdb->vlan_id == vid) { 356 if (unlikely(has_expired(br, fdb))) 357 break; 358 return fdb; 359 } 360 } 361 362 return NULL; 363 } 364 365 #if IS_ENABLED(CONFIG_ATM_LANE) 366 /* Interface used by ATM LANE hook to test 367 * if an addr is on some other bridge port */ 368 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 369 { 370 struct net_bridge_fdb_entry *fdb; 371 struct net_bridge_port *port; 372 int ret; 373 374 rcu_read_lock(); 375 port = br_port_get_rcu(dev); 376 if (!port) 377 ret = 0; 378 else { 379 fdb = __br_fdb_get(port->br, addr, 0); 380 ret = fdb && fdb->dst && fdb->dst->dev != dev && 381 fdb->dst->state == BR_STATE_FORWARDING; 382 } 383 rcu_read_unlock(); 384 385 return ret; 386 } 387 #endif /* CONFIG_ATM_LANE */ 388 389 /* 390 * Fill buffer with forwarding table records in 391 * the API format. 392 */ 393 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 394 unsigned long maxnum, unsigned long skip) 395 { 396 struct __fdb_entry *fe = buf; 397 int i, num = 0; 398 struct net_bridge_fdb_entry *f; 399 400 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 401 402 rcu_read_lock(); 403 for (i = 0; i < BR_HASH_SIZE; i++) { 404 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 405 if (num >= maxnum) 406 goto out; 407 408 if (has_expired(br, f)) 409 continue; 410 411 /* ignore pseudo entry for local MAC address */ 412 if (!f->dst) 413 continue; 414 415 if (skip) { 416 --skip; 417 continue; 418 } 419 420 /* convert from internal format to API */ 421 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 422 423 /* due to ABI compat need to split into hi/lo */ 424 fe->port_no = f->dst->port_no; 425 fe->port_hi = f->dst->port_no >> 8; 426 427 fe->is_local = f->is_local; 428 if (!f->is_static) 429 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 430 ++fe; 431 ++num; 432 } 433 } 434 435 out: 436 rcu_read_unlock(); 437 438 return num; 439 } 440 441 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 442 const unsigned char *addr, 443 __u16 vid) 444 { 445 struct net_bridge_fdb_entry *fdb; 446 447 hlist_for_each_entry(fdb, head, hlist) { 448 if (ether_addr_equal(fdb->addr.addr, addr) && 449 fdb->vlan_id == vid) 450 return fdb; 451 } 452 return NULL; 453 } 454 455 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 456 const unsigned char *addr, 457 __u16 vid) 458 { 459 struct net_bridge_fdb_entry *fdb; 460 461 hlist_for_each_entry_rcu(fdb, head, hlist) { 462 if (ether_addr_equal(fdb->addr.addr, addr) && 463 fdb->vlan_id == vid) 464 return fdb; 465 } 466 return NULL; 467 } 468 469 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 470 struct net_bridge_port *source, 471 const unsigned char *addr, 472 __u16 vid) 473 { 474 struct net_bridge_fdb_entry *fdb; 475 476 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 477 if (fdb) { 478 memcpy(fdb->addr.addr, addr, ETH_ALEN); 479 fdb->dst = source; 480 fdb->vlan_id = vid; 481 fdb->is_local = 0; 482 fdb->is_static = 0; 483 fdb->added_by_user = 0; 484 fdb->updated = fdb->used = jiffies; 485 hlist_add_head_rcu(&fdb->hlist, head); 486 } 487 return fdb; 488 } 489 490 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 491 const unsigned char *addr, u16 vid) 492 { 493 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 494 struct net_bridge_fdb_entry *fdb; 495 496 if (!is_valid_ether_addr(addr)) 497 return -EINVAL; 498 499 fdb = fdb_find(head, addr, vid); 500 if (fdb) { 501 /* it is okay to have multiple ports with same 502 * address, just use the first one. 503 */ 504 if (fdb->is_local) 505 return 0; 506 br_warn(br, "adding interface %s with same address " 507 "as a received packet\n", 508 source ? source->dev->name : br->dev->name); 509 fdb_delete(br, fdb); 510 } 511 512 fdb = fdb_create(head, source, addr, vid); 513 if (!fdb) 514 return -ENOMEM; 515 516 fdb->is_local = fdb->is_static = 1; 517 fdb_add_hw(br, addr); 518 fdb_notify(br, fdb, RTM_NEWNEIGH); 519 return 0; 520 } 521 522 /* Add entry for local address of interface */ 523 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 524 const unsigned char *addr, u16 vid) 525 { 526 int ret; 527 528 spin_lock_bh(&br->hash_lock); 529 ret = fdb_insert(br, source, addr, vid); 530 spin_unlock_bh(&br->hash_lock); 531 return ret; 532 } 533 534 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 535 const unsigned char *addr, u16 vid, bool added_by_user) 536 { 537 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 538 struct net_bridge_fdb_entry *fdb; 539 bool fdb_modified = false; 540 541 /* some users want to always flood. */ 542 if (hold_time(br) == 0) 543 return; 544 545 /* ignore packets unless we are using this port */ 546 if (!(source->state == BR_STATE_LEARNING || 547 source->state == BR_STATE_FORWARDING)) 548 return; 549 550 fdb = fdb_find_rcu(head, addr, vid); 551 if (likely(fdb)) { 552 /* attempt to update an entry for a local interface */ 553 if (unlikely(fdb->is_local)) { 554 if (net_ratelimit()) 555 br_warn(br, "received packet on %s with " 556 "own address as source address\n", 557 source->dev->name); 558 } else { 559 /* fastpath: update of existing entry */ 560 if (unlikely(source != fdb->dst)) { 561 fdb->dst = source; 562 fdb_modified = true; 563 } 564 fdb->updated = jiffies; 565 if (unlikely(added_by_user)) 566 fdb->added_by_user = 1; 567 if (unlikely(fdb_modified)) 568 fdb_notify(br, fdb, RTM_NEWNEIGH); 569 } 570 } else { 571 spin_lock(&br->hash_lock); 572 if (likely(!fdb_find(head, addr, vid))) { 573 fdb = fdb_create(head, source, addr, vid); 574 if (fdb) { 575 if (unlikely(added_by_user)) 576 fdb->added_by_user = 1; 577 fdb_notify(br, fdb, RTM_NEWNEIGH); 578 } 579 } 580 /* else we lose race and someone else inserts 581 * it first, don't bother updating 582 */ 583 spin_unlock(&br->hash_lock); 584 } 585 } 586 587 static int fdb_to_nud(const struct net_bridge_fdb_entry *fdb) 588 { 589 if (fdb->is_local) 590 return NUD_PERMANENT; 591 else if (fdb->is_static) 592 return NUD_NOARP; 593 else if (has_expired(fdb->dst->br, fdb)) 594 return NUD_STALE; 595 else 596 return NUD_REACHABLE; 597 } 598 599 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 600 const struct net_bridge_fdb_entry *fdb, 601 u32 portid, u32 seq, int type, unsigned int flags) 602 { 603 unsigned long now = jiffies; 604 struct nda_cacheinfo ci; 605 struct nlmsghdr *nlh; 606 struct ndmsg *ndm; 607 608 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 609 if (nlh == NULL) 610 return -EMSGSIZE; 611 612 ndm = nlmsg_data(nlh); 613 ndm->ndm_family = AF_BRIDGE; 614 ndm->ndm_pad1 = 0; 615 ndm->ndm_pad2 = 0; 616 ndm->ndm_flags = 0; 617 ndm->ndm_type = 0; 618 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 619 ndm->ndm_state = fdb_to_nud(fdb); 620 621 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 622 goto nla_put_failure; 623 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 624 goto nla_put_failure; 625 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 626 ci.ndm_confirmed = 0; 627 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 628 ci.ndm_refcnt = 0; 629 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 630 goto nla_put_failure; 631 632 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 633 goto nla_put_failure; 634 635 return nlmsg_end(skb, nlh); 636 637 nla_put_failure: 638 nlmsg_cancel(skb, nlh); 639 return -EMSGSIZE; 640 } 641 642 static inline size_t fdb_nlmsg_size(void) 643 { 644 return NLMSG_ALIGN(sizeof(struct ndmsg)) 645 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 646 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 647 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 648 + nla_total_size(sizeof(struct nda_cacheinfo)); 649 } 650 651 static void fdb_notify(struct net_bridge *br, 652 const struct net_bridge_fdb_entry *fdb, int type) 653 { 654 struct net *net = dev_net(br->dev); 655 struct sk_buff *skb; 656 int err = -ENOBUFS; 657 658 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 659 if (skb == NULL) 660 goto errout; 661 662 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 663 if (err < 0) { 664 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 665 WARN_ON(err == -EMSGSIZE); 666 kfree_skb(skb); 667 goto errout; 668 } 669 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 670 return; 671 errout: 672 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 673 } 674 675 /* Dump information about entries, in response to GETNEIGH */ 676 int br_fdb_dump(struct sk_buff *skb, 677 struct netlink_callback *cb, 678 struct net_device *dev, 679 struct net_device *filter_dev, 680 int idx) 681 { 682 struct net_bridge *br = netdev_priv(dev); 683 int i; 684 685 if (!(dev->priv_flags & IFF_EBRIDGE)) 686 goto out; 687 688 for (i = 0; i < BR_HASH_SIZE; i++) { 689 struct net_bridge_fdb_entry *f; 690 691 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 692 if (idx < cb->args[0]) 693 goto skip; 694 695 if (filter_dev && 696 (!f->dst || f->dst->dev != filter_dev)) { 697 if (filter_dev != dev) 698 goto skip; 699 /* !f->dst is a speacial case for bridge 700 * It means the MAC belongs to the bridge 701 * Therefore need a little more filtering 702 * we only want to dump the !f->dst case 703 */ 704 if (f->dst) 705 goto skip; 706 } 707 708 if (fdb_fill_info(skb, br, f, 709 NETLINK_CB(cb->skb).portid, 710 cb->nlh->nlmsg_seq, 711 RTM_NEWNEIGH, 712 NLM_F_MULTI) < 0) 713 break; 714 skip: 715 ++idx; 716 } 717 } 718 719 out: 720 return idx; 721 } 722 723 /* Update (create or replace) forwarding database entry */ 724 static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 725 __u16 state, __u16 flags, __u16 vid) 726 { 727 struct net_bridge *br = source->br; 728 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 729 struct net_bridge_fdb_entry *fdb; 730 bool modified = false; 731 732 fdb = fdb_find(head, addr, vid); 733 if (fdb == NULL) { 734 if (!(flags & NLM_F_CREATE)) 735 return -ENOENT; 736 737 fdb = fdb_create(head, source, addr, vid); 738 if (!fdb) 739 return -ENOMEM; 740 741 modified = true; 742 } else { 743 if (flags & NLM_F_EXCL) 744 return -EEXIST; 745 746 if (fdb->dst != source) { 747 fdb->dst = source; 748 modified = true; 749 } 750 } 751 752 if (fdb_to_nud(fdb) != state) { 753 if (state & NUD_PERMANENT) { 754 fdb->is_local = 1; 755 if (!fdb->is_static) { 756 fdb->is_static = 1; 757 fdb_add_hw(br, addr); 758 } 759 } else if (state & NUD_NOARP) { 760 fdb->is_local = 0; 761 if (!fdb->is_static) { 762 fdb->is_static = 1; 763 fdb_add_hw(br, addr); 764 } 765 } else { 766 fdb->is_local = 0; 767 if (fdb->is_static) { 768 fdb->is_static = 0; 769 fdb_del_hw(br, addr); 770 } 771 } 772 773 modified = true; 774 } 775 fdb->added_by_user = 1; 776 777 fdb->used = jiffies; 778 if (modified) { 779 fdb->updated = jiffies; 780 fdb_notify(br, fdb, RTM_NEWNEIGH); 781 } 782 783 return 0; 784 } 785 786 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 787 const unsigned char *addr, u16 nlh_flags, u16 vid) 788 { 789 int err = 0; 790 791 if (ndm->ndm_flags & NTF_USE) { 792 rcu_read_lock(); 793 br_fdb_update(p->br, p, addr, vid, true); 794 rcu_read_unlock(); 795 } else { 796 spin_lock_bh(&p->br->hash_lock); 797 err = fdb_add_entry(p, addr, ndm->ndm_state, 798 nlh_flags, vid); 799 spin_unlock_bh(&p->br->hash_lock); 800 } 801 802 return err; 803 } 804 805 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 806 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 807 struct net_device *dev, 808 const unsigned char *addr, u16 nlh_flags) 809 { 810 struct net_bridge_port *p; 811 int err = 0; 812 struct net_port_vlans *pv; 813 unsigned short vid = VLAN_N_VID; 814 815 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 816 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 817 return -EINVAL; 818 } 819 820 if (tb[NDA_VLAN]) { 821 if (nla_len(tb[NDA_VLAN]) != sizeof(unsigned short)) { 822 pr_info("bridge: RTM_NEWNEIGH with invalid vlan\n"); 823 return -EINVAL; 824 } 825 826 vid = nla_get_u16(tb[NDA_VLAN]); 827 828 if (!vid || vid >= VLAN_VID_MASK) { 829 pr_info("bridge: RTM_NEWNEIGH with invalid vlan id %d\n", 830 vid); 831 return -EINVAL; 832 } 833 } 834 835 if (is_zero_ether_addr(addr)) { 836 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 837 return -EINVAL; 838 } 839 840 p = br_port_get_rtnl(dev); 841 if (p == NULL) { 842 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 843 dev->name); 844 return -EINVAL; 845 } 846 847 pv = nbp_get_vlan_info(p); 848 if (vid != VLAN_N_VID) { 849 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 850 pr_info("bridge: RTM_NEWNEIGH with unconfigured " 851 "vlan %d on port %s\n", vid, dev->name); 852 return -EINVAL; 853 } 854 855 /* VID was specified, so use it. */ 856 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 857 } else { 858 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 859 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 860 goto out; 861 } 862 863 /* We have vlans configured on this port and user didn't 864 * specify a VLAN. To be nice, add/update entry for every 865 * vlan on this port. 866 */ 867 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 868 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 869 if (err) 870 goto out; 871 } 872 } 873 874 out: 875 return err; 876 } 877 878 static int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, u16 vlan) 879 { 880 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 881 struct net_bridge_fdb_entry *fdb; 882 883 fdb = fdb_find(head, addr, vlan); 884 if (!fdb) 885 return -ENOENT; 886 887 fdb_delete(br, fdb); 888 return 0; 889 } 890 891 static int __br_fdb_delete(struct net_bridge_port *p, 892 const unsigned char *addr, u16 vid) 893 { 894 int err; 895 896 spin_lock_bh(&p->br->hash_lock); 897 err = fdb_delete_by_addr(p->br, addr, vid); 898 spin_unlock_bh(&p->br->hash_lock); 899 900 return err; 901 } 902 903 /* Remove neighbor entry with RTM_DELNEIGH */ 904 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 905 struct net_device *dev, 906 const unsigned char *addr) 907 { 908 struct net_bridge_port *p; 909 int err; 910 struct net_port_vlans *pv; 911 unsigned short vid = VLAN_N_VID; 912 913 if (tb[NDA_VLAN]) { 914 if (nla_len(tb[NDA_VLAN]) != sizeof(unsigned short)) { 915 pr_info("bridge: RTM_NEWNEIGH with invalid vlan\n"); 916 return -EINVAL; 917 } 918 919 vid = nla_get_u16(tb[NDA_VLAN]); 920 921 if (!vid || vid >= VLAN_VID_MASK) { 922 pr_info("bridge: RTM_NEWNEIGH with invalid vlan id %d\n", 923 vid); 924 return -EINVAL; 925 } 926 } 927 p = br_port_get_rtnl(dev); 928 if (p == NULL) { 929 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 930 dev->name); 931 return -EINVAL; 932 } 933 934 pv = nbp_get_vlan_info(p); 935 if (vid != VLAN_N_VID) { 936 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 937 pr_info("bridge: RTM_DELNEIGH with unconfigured " 938 "vlan %d on port %s\n", vid, dev->name); 939 return -EINVAL; 940 } 941 942 err = __br_fdb_delete(p, addr, vid); 943 } else { 944 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 945 err = __br_fdb_delete(p, addr, 0); 946 goto out; 947 } 948 949 /* We have vlans configured on this port and user didn't 950 * specify a VLAN. To be nice, add/update entry for every 951 * vlan on this port. 952 */ 953 err = -ENOENT; 954 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 955 err &= __br_fdb_delete(p, addr, vid); 956 } 957 } 958 out: 959 return err; 960 } 961 962 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 963 { 964 struct net_bridge_fdb_entry *fdb, *tmp; 965 int i; 966 int err; 967 968 ASSERT_RTNL(); 969 970 for (i = 0; i < BR_HASH_SIZE; i++) { 971 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 972 /* We only care for static entries */ 973 if (!fdb->is_static) 974 continue; 975 976 err = dev_uc_add(p->dev, fdb->addr.addr); 977 if (err) 978 goto rollback; 979 } 980 } 981 return 0; 982 983 rollback: 984 for (i = 0; i < BR_HASH_SIZE; i++) { 985 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 986 /* If we reached the fdb that failed, we can stop */ 987 if (tmp == fdb) 988 break; 989 990 /* We only care for static entries */ 991 if (!tmp->is_static) 992 continue; 993 994 dev_uc_del(p->dev, tmp->addr.addr); 995 } 996 } 997 return err; 998 } 999 1000 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1001 { 1002 struct net_bridge_fdb_entry *fdb; 1003 int i; 1004 1005 ASSERT_RTNL(); 1006 1007 for (i = 0; i < BR_HASH_SIZE; i++) { 1008 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1009 /* We only care for static entries */ 1010 if (!fdb->is_static) 1011 continue; 1012 1013 dev_uc_del(p->dev, fdb->addr.addr); 1014 } 1015 } 1016 } 1017