1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 32 const unsigned char *addr, 33 __u16 vid); 34 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 35 const unsigned char *addr, u16 vid); 36 static void fdb_notify(struct net_bridge *br, 37 const struct net_bridge_fdb_entry *, int); 38 39 static u32 fdb_salt __read_mostly; 40 41 int __init br_fdb_init(void) 42 { 43 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 44 sizeof(struct net_bridge_fdb_entry), 45 0, 46 SLAB_HWCACHE_ALIGN, NULL); 47 if (!br_fdb_cache) 48 return -ENOMEM; 49 50 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 51 return 0; 52 } 53 54 void br_fdb_fini(void) 55 { 56 kmem_cache_destroy(br_fdb_cache); 57 } 58 59 60 /* if topology_changing then use forward_delay (default 15 sec) 61 * otherwise keep longer (default 5 minutes) 62 */ 63 static inline unsigned long hold_time(const struct net_bridge *br) 64 { 65 return br->topology_change ? br->forward_delay : br->ageing_time; 66 } 67 68 static inline int has_expired(const struct net_bridge *br, 69 const struct net_bridge_fdb_entry *fdb) 70 { 71 return !fdb->is_static && 72 time_before_eq(fdb->updated + hold_time(br), jiffies); 73 } 74 75 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 76 { 77 /* use 1 byte of OUI and 3 bytes of NIC */ 78 u32 key = get_unaligned((u32 *)(mac + 2)); 79 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 80 } 81 82 static void fdb_rcu_free(struct rcu_head *head) 83 { 84 struct net_bridge_fdb_entry *ent 85 = container_of(head, struct net_bridge_fdb_entry, rcu); 86 kmem_cache_free(br_fdb_cache, ent); 87 } 88 89 /* When a static FDB entry is added, the mac address from the entry is 90 * added to the bridge private HW address list and all required ports 91 * are then updated with the new information. 92 * Called under RTNL. 93 */ 94 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 95 { 96 int err; 97 struct net_bridge_port *p; 98 99 ASSERT_RTNL(); 100 101 list_for_each_entry(p, &br->port_list, list) { 102 if (!br_promisc_port(p)) { 103 err = dev_uc_add(p->dev, addr); 104 if (err) 105 goto undo; 106 } 107 } 108 109 return; 110 undo: 111 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 112 if (!br_promisc_port(p)) 113 dev_uc_del(p->dev, addr); 114 } 115 } 116 117 /* When a static FDB entry is deleted, the HW address from that entry is 118 * also removed from the bridge private HW address list and updates all 119 * the ports with needed information. 120 * Called under RTNL. 121 */ 122 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 123 { 124 struct net_bridge_port *p; 125 126 ASSERT_RTNL(); 127 128 list_for_each_entry(p, &br->port_list, list) { 129 if (!br_promisc_port(p)) 130 dev_uc_del(p->dev, addr); 131 } 132 } 133 134 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 135 { 136 struct switchdev_obj obj = { 137 .id = SWITCHDEV_OBJ_PORT_FDB, 138 .u.fdb = { 139 .addr = f->addr.addr, 140 .vid = f->vlan_id, 141 }, 142 }; 143 144 switchdev_port_obj_del(f->dst->dev, &obj); 145 } 146 147 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 148 { 149 if (f->is_static) 150 fdb_del_hw_addr(br, f->addr.addr); 151 152 if (f->added_by_external_learn) 153 fdb_del_external_learn(f); 154 155 hlist_del_rcu(&f->hlist); 156 fdb_notify(br, f, RTM_DELNEIGH); 157 call_rcu(&f->rcu, fdb_rcu_free); 158 } 159 160 /* Delete a local entry if no other port had the same address. */ 161 static void fdb_delete_local(struct net_bridge *br, 162 const struct net_bridge_port *p, 163 struct net_bridge_fdb_entry *f) 164 { 165 const unsigned char *addr = f->addr.addr; 166 struct net_bridge_vlan_group *vg; 167 const struct net_bridge_vlan *v; 168 struct net_bridge_port *op; 169 u16 vid = f->vlan_id; 170 171 /* Maybe another port has same hw addr? */ 172 list_for_each_entry(op, &br->port_list, list) { 173 vg = nbp_vlan_group(op); 174 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 175 (!vid || br_vlan_find(vg, vid))) { 176 f->dst = op; 177 f->added_by_user = 0; 178 return; 179 } 180 } 181 182 vg = br_vlan_group(br); 183 v = br_vlan_find(vg, vid); 184 /* Maybe bridge device has same hw addr? */ 185 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 186 (!vid || (v && br_vlan_should_use(v)))) { 187 f->dst = NULL; 188 f->added_by_user = 0; 189 return; 190 } 191 192 fdb_delete(br, f); 193 } 194 195 void br_fdb_find_delete_local(struct net_bridge *br, 196 const struct net_bridge_port *p, 197 const unsigned char *addr, u16 vid) 198 { 199 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 200 struct net_bridge_fdb_entry *f; 201 202 spin_lock_bh(&br->hash_lock); 203 f = fdb_find(head, addr, vid); 204 if (f && f->is_local && !f->added_by_user && f->dst == p) 205 fdb_delete_local(br, p, f); 206 spin_unlock_bh(&br->hash_lock); 207 } 208 209 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 210 { 211 struct net_bridge_vlan_group *vg; 212 struct net_bridge *br = p->br; 213 struct net_bridge_vlan *v; 214 int i; 215 216 spin_lock_bh(&br->hash_lock); 217 218 vg = nbp_vlan_group(p); 219 /* Search all chains since old address/hash is unknown */ 220 for (i = 0; i < BR_HASH_SIZE; i++) { 221 struct hlist_node *h; 222 hlist_for_each(h, &br->hash[i]) { 223 struct net_bridge_fdb_entry *f; 224 225 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 226 if (f->dst == p && f->is_local && !f->added_by_user) { 227 /* delete old one */ 228 fdb_delete_local(br, p, f); 229 230 /* if this port has no vlan information 231 * configured, we can safely be done at 232 * this point. 233 */ 234 if (!vg || !vg->num_vlans) 235 goto insert; 236 } 237 } 238 } 239 240 insert: 241 /* insert new address, may fail if invalid address or dup. */ 242 fdb_insert(br, p, newaddr, 0); 243 244 if (!vg || !vg->num_vlans) 245 goto done; 246 247 /* Now add entries for every VLAN configured on the port. 248 * This function runs under RTNL so the bitmap will not change 249 * from under us. 250 */ 251 list_for_each_entry(v, &vg->vlan_list, vlist) 252 fdb_insert(br, p, newaddr, v->vid); 253 254 done: 255 spin_unlock_bh(&br->hash_lock); 256 } 257 258 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 259 { 260 struct net_bridge_vlan_group *vg; 261 struct net_bridge_fdb_entry *f; 262 struct net_bridge_vlan *v; 263 264 spin_lock_bh(&br->hash_lock); 265 266 /* If old entry was unassociated with any port, then delete it. */ 267 f = __br_fdb_get(br, br->dev->dev_addr, 0); 268 if (f && f->is_local && !f->dst) 269 fdb_delete_local(br, NULL, f); 270 271 fdb_insert(br, NULL, newaddr, 0); 272 vg = br_vlan_group(br); 273 if (!vg || !vg->num_vlans) 274 goto out; 275 /* Now remove and add entries for every VLAN configured on the 276 * bridge. This function runs under RTNL so the bitmap will not 277 * change from under us. 278 */ 279 list_for_each_entry(v, &vg->vlan_list, vlist) { 280 f = __br_fdb_get(br, br->dev->dev_addr, v->vid); 281 if (f && f->is_local && !f->dst) 282 fdb_delete_local(br, NULL, f); 283 fdb_insert(br, NULL, newaddr, v->vid); 284 } 285 out: 286 spin_unlock_bh(&br->hash_lock); 287 } 288 289 void br_fdb_cleanup(unsigned long _data) 290 { 291 struct net_bridge *br = (struct net_bridge *)_data; 292 unsigned long delay = hold_time(br); 293 unsigned long next_timer = jiffies + br->ageing_time; 294 int i; 295 296 spin_lock(&br->hash_lock); 297 for (i = 0; i < BR_HASH_SIZE; i++) { 298 struct net_bridge_fdb_entry *f; 299 struct hlist_node *n; 300 301 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 302 unsigned long this_timer; 303 if (f->is_static) 304 continue; 305 if (f->added_by_external_learn) 306 continue; 307 this_timer = f->updated + delay; 308 if (time_before_eq(this_timer, jiffies)) 309 fdb_delete(br, f); 310 else if (time_before(this_timer, next_timer)) 311 next_timer = this_timer; 312 } 313 } 314 spin_unlock(&br->hash_lock); 315 316 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 317 } 318 319 /* Completely flush all dynamic entries in forwarding database.*/ 320 void br_fdb_flush(struct net_bridge *br) 321 { 322 int i; 323 324 spin_lock_bh(&br->hash_lock); 325 for (i = 0; i < BR_HASH_SIZE; i++) { 326 struct net_bridge_fdb_entry *f; 327 struct hlist_node *n; 328 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 329 if (!f->is_static) 330 fdb_delete(br, f); 331 } 332 } 333 spin_unlock_bh(&br->hash_lock); 334 } 335 336 /* Flush all entries referring to a specific port. 337 * if do_all is set also flush static entries 338 * if vid is set delete all entries that match the vlan_id 339 */ 340 void br_fdb_delete_by_port(struct net_bridge *br, 341 const struct net_bridge_port *p, 342 u16 vid, 343 int do_all) 344 { 345 int i; 346 347 spin_lock_bh(&br->hash_lock); 348 for (i = 0; i < BR_HASH_SIZE; i++) { 349 struct hlist_node *h, *g; 350 351 hlist_for_each_safe(h, g, &br->hash[i]) { 352 struct net_bridge_fdb_entry *f 353 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 354 if (f->dst != p) 355 continue; 356 357 if (!do_all) 358 if (f->is_static || (vid && f->vlan_id != vid)) 359 continue; 360 361 if (f->is_local) 362 fdb_delete_local(br, p, f); 363 else 364 fdb_delete(br, f); 365 } 366 } 367 spin_unlock_bh(&br->hash_lock); 368 } 369 370 /* No locking or refcounting, assumes caller has rcu_read_lock */ 371 struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 372 const unsigned char *addr, 373 __u16 vid) 374 { 375 struct net_bridge_fdb_entry *fdb; 376 377 hlist_for_each_entry_rcu(fdb, 378 &br->hash[br_mac_hash(addr, vid)], hlist) { 379 if (ether_addr_equal(fdb->addr.addr, addr) && 380 fdb->vlan_id == vid) { 381 if (unlikely(has_expired(br, fdb))) 382 break; 383 return fdb; 384 } 385 } 386 387 return NULL; 388 } 389 390 #if IS_ENABLED(CONFIG_ATM_LANE) 391 /* Interface used by ATM LANE hook to test 392 * if an addr is on some other bridge port */ 393 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 394 { 395 struct net_bridge_fdb_entry *fdb; 396 struct net_bridge_port *port; 397 int ret; 398 399 rcu_read_lock(); 400 port = br_port_get_rcu(dev); 401 if (!port) 402 ret = 0; 403 else { 404 fdb = __br_fdb_get(port->br, addr, 0); 405 ret = fdb && fdb->dst && fdb->dst->dev != dev && 406 fdb->dst->state == BR_STATE_FORWARDING; 407 } 408 rcu_read_unlock(); 409 410 return ret; 411 } 412 #endif /* CONFIG_ATM_LANE */ 413 414 /* 415 * Fill buffer with forwarding table records in 416 * the API format. 417 */ 418 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 419 unsigned long maxnum, unsigned long skip) 420 { 421 struct __fdb_entry *fe = buf; 422 int i, num = 0; 423 struct net_bridge_fdb_entry *f; 424 425 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 426 427 rcu_read_lock(); 428 for (i = 0; i < BR_HASH_SIZE; i++) { 429 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 430 if (num >= maxnum) 431 goto out; 432 433 if (has_expired(br, f)) 434 continue; 435 436 /* ignore pseudo entry for local MAC address */ 437 if (!f->dst) 438 continue; 439 440 if (skip) { 441 --skip; 442 continue; 443 } 444 445 /* convert from internal format to API */ 446 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 447 448 /* due to ABI compat need to split into hi/lo */ 449 fe->port_no = f->dst->port_no; 450 fe->port_hi = f->dst->port_no >> 8; 451 452 fe->is_local = f->is_local; 453 if (!f->is_static) 454 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 455 ++fe; 456 ++num; 457 } 458 } 459 460 out: 461 rcu_read_unlock(); 462 463 return num; 464 } 465 466 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 467 const unsigned char *addr, 468 __u16 vid) 469 { 470 struct net_bridge_fdb_entry *fdb; 471 472 hlist_for_each_entry(fdb, head, hlist) { 473 if (ether_addr_equal(fdb->addr.addr, addr) && 474 fdb->vlan_id == vid) 475 return fdb; 476 } 477 return NULL; 478 } 479 480 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 481 const unsigned char *addr, 482 __u16 vid) 483 { 484 struct net_bridge_fdb_entry *fdb; 485 486 hlist_for_each_entry_rcu(fdb, head, hlist) { 487 if (ether_addr_equal(fdb->addr.addr, addr) && 488 fdb->vlan_id == vid) 489 return fdb; 490 } 491 return NULL; 492 } 493 494 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 495 struct net_bridge_port *source, 496 const unsigned char *addr, 497 __u16 vid) 498 { 499 struct net_bridge_fdb_entry *fdb; 500 501 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 502 if (fdb) { 503 memcpy(fdb->addr.addr, addr, ETH_ALEN); 504 fdb->dst = source; 505 fdb->vlan_id = vid; 506 fdb->is_local = 0; 507 fdb->is_static = 0; 508 fdb->added_by_user = 0; 509 fdb->added_by_external_learn = 0; 510 fdb->updated = fdb->used = jiffies; 511 hlist_add_head_rcu(&fdb->hlist, head); 512 } 513 return fdb; 514 } 515 516 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 517 const unsigned char *addr, u16 vid) 518 { 519 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 520 struct net_bridge_fdb_entry *fdb; 521 522 if (!is_valid_ether_addr(addr)) 523 return -EINVAL; 524 525 fdb = fdb_find(head, addr, vid); 526 if (fdb) { 527 /* it is okay to have multiple ports with same 528 * address, just use the first one. 529 */ 530 if (fdb->is_local) 531 return 0; 532 br_warn(br, "adding interface %s with same address " 533 "as a received packet\n", 534 source ? source->dev->name : br->dev->name); 535 fdb_delete(br, fdb); 536 } 537 538 fdb = fdb_create(head, source, addr, vid); 539 if (!fdb) 540 return -ENOMEM; 541 542 fdb->is_local = fdb->is_static = 1; 543 fdb_add_hw_addr(br, addr); 544 fdb_notify(br, fdb, RTM_NEWNEIGH); 545 return 0; 546 } 547 548 /* Add entry for local address of interface */ 549 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 550 const unsigned char *addr, u16 vid) 551 { 552 int ret; 553 554 spin_lock_bh(&br->hash_lock); 555 ret = fdb_insert(br, source, addr, vid); 556 spin_unlock_bh(&br->hash_lock); 557 return ret; 558 } 559 560 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 561 const unsigned char *addr, u16 vid, bool added_by_user) 562 { 563 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 564 struct net_bridge_fdb_entry *fdb; 565 bool fdb_modified = false; 566 567 /* some users want to always flood. */ 568 if (hold_time(br) == 0) 569 return; 570 571 /* ignore packets unless we are using this port */ 572 if (!(source->state == BR_STATE_LEARNING || 573 source->state == BR_STATE_FORWARDING)) 574 return; 575 576 fdb = fdb_find_rcu(head, addr, vid); 577 if (likely(fdb)) { 578 /* attempt to update an entry for a local interface */ 579 if (unlikely(fdb->is_local)) { 580 if (net_ratelimit()) 581 br_warn(br, "received packet on %s with " 582 "own address as source address\n", 583 source->dev->name); 584 } else { 585 /* fastpath: update of existing entry */ 586 if (unlikely(source != fdb->dst)) { 587 fdb->dst = source; 588 fdb_modified = true; 589 } 590 fdb->updated = jiffies; 591 if (unlikely(added_by_user)) 592 fdb->added_by_user = 1; 593 if (unlikely(fdb_modified)) 594 fdb_notify(br, fdb, RTM_NEWNEIGH); 595 } 596 } else { 597 spin_lock(&br->hash_lock); 598 if (likely(!fdb_find(head, addr, vid))) { 599 fdb = fdb_create(head, source, addr, vid); 600 if (fdb) { 601 if (unlikely(added_by_user)) 602 fdb->added_by_user = 1; 603 fdb_notify(br, fdb, RTM_NEWNEIGH); 604 } 605 } 606 /* else we lose race and someone else inserts 607 * it first, don't bother updating 608 */ 609 spin_unlock(&br->hash_lock); 610 } 611 } 612 613 static int fdb_to_nud(const struct net_bridge_fdb_entry *fdb) 614 { 615 if (fdb->is_local) 616 return NUD_PERMANENT; 617 else if (fdb->is_static) 618 return NUD_NOARP; 619 else if (has_expired(fdb->dst->br, fdb)) 620 return NUD_STALE; 621 else 622 return NUD_REACHABLE; 623 } 624 625 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 626 const struct net_bridge_fdb_entry *fdb, 627 u32 portid, u32 seq, int type, unsigned int flags) 628 { 629 unsigned long now = jiffies; 630 struct nda_cacheinfo ci; 631 struct nlmsghdr *nlh; 632 struct ndmsg *ndm; 633 634 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 635 if (nlh == NULL) 636 return -EMSGSIZE; 637 638 ndm = nlmsg_data(nlh); 639 ndm->ndm_family = AF_BRIDGE; 640 ndm->ndm_pad1 = 0; 641 ndm->ndm_pad2 = 0; 642 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 643 ndm->ndm_type = 0; 644 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 645 ndm->ndm_state = fdb_to_nud(fdb); 646 647 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 648 goto nla_put_failure; 649 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 650 goto nla_put_failure; 651 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 652 ci.ndm_confirmed = 0; 653 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 654 ci.ndm_refcnt = 0; 655 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 656 goto nla_put_failure; 657 658 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 659 goto nla_put_failure; 660 661 nlmsg_end(skb, nlh); 662 return 0; 663 664 nla_put_failure: 665 nlmsg_cancel(skb, nlh); 666 return -EMSGSIZE; 667 } 668 669 static inline size_t fdb_nlmsg_size(void) 670 { 671 return NLMSG_ALIGN(sizeof(struct ndmsg)) 672 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 673 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 674 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 675 + nla_total_size(sizeof(struct nda_cacheinfo)); 676 } 677 678 static void fdb_notify(struct net_bridge *br, 679 const struct net_bridge_fdb_entry *fdb, int type) 680 { 681 struct net *net = dev_net(br->dev); 682 struct sk_buff *skb; 683 int err = -ENOBUFS; 684 685 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 686 if (skb == NULL) 687 goto errout; 688 689 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 690 if (err < 0) { 691 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 692 WARN_ON(err == -EMSGSIZE); 693 kfree_skb(skb); 694 goto errout; 695 } 696 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 697 return; 698 errout: 699 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 700 } 701 702 /* Dump information about entries, in response to GETNEIGH */ 703 int br_fdb_dump(struct sk_buff *skb, 704 struct netlink_callback *cb, 705 struct net_device *dev, 706 struct net_device *filter_dev, 707 int idx) 708 { 709 struct net_bridge *br = netdev_priv(dev); 710 int i; 711 712 if (!(dev->priv_flags & IFF_EBRIDGE)) 713 goto out; 714 715 if (!filter_dev) 716 idx = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 717 718 for (i = 0; i < BR_HASH_SIZE; i++) { 719 struct net_bridge_fdb_entry *f; 720 721 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 722 if (idx < cb->args[0]) 723 goto skip; 724 725 if (filter_dev && 726 (!f->dst || f->dst->dev != filter_dev)) { 727 if (filter_dev != dev) 728 goto skip; 729 /* !f->dst is a special case for bridge 730 * It means the MAC belongs to the bridge 731 * Therefore need a little more filtering 732 * we only want to dump the !f->dst case 733 */ 734 if (f->dst) 735 goto skip; 736 } 737 if (!filter_dev && f->dst) 738 goto skip; 739 740 if (fdb_fill_info(skb, br, f, 741 NETLINK_CB(cb->skb).portid, 742 cb->nlh->nlmsg_seq, 743 RTM_NEWNEIGH, 744 NLM_F_MULTI) < 0) 745 break; 746 skip: 747 ++idx; 748 } 749 } 750 751 out: 752 return idx; 753 } 754 755 /* Update (create or replace) forwarding database entry */ 756 static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 757 __u16 state, __u16 flags, __u16 vid) 758 { 759 struct net_bridge *br = source->br; 760 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 761 struct net_bridge_fdb_entry *fdb; 762 bool modified = false; 763 764 /* If the port cannot learn allow only local and static entries */ 765 if (!(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 766 !(source->state == BR_STATE_LEARNING || 767 source->state == BR_STATE_FORWARDING)) 768 return -EPERM; 769 770 fdb = fdb_find(head, addr, vid); 771 if (fdb == NULL) { 772 if (!(flags & NLM_F_CREATE)) 773 return -ENOENT; 774 775 fdb = fdb_create(head, source, addr, vid); 776 if (!fdb) 777 return -ENOMEM; 778 779 modified = true; 780 } else { 781 if (flags & NLM_F_EXCL) 782 return -EEXIST; 783 784 if (fdb->dst != source) { 785 fdb->dst = source; 786 modified = true; 787 } 788 } 789 790 if (fdb_to_nud(fdb) != state) { 791 if (state & NUD_PERMANENT) { 792 fdb->is_local = 1; 793 if (!fdb->is_static) { 794 fdb->is_static = 1; 795 fdb_add_hw_addr(br, addr); 796 } 797 } else if (state & NUD_NOARP) { 798 fdb->is_local = 0; 799 if (!fdb->is_static) { 800 fdb->is_static = 1; 801 fdb_add_hw_addr(br, addr); 802 } 803 } else { 804 fdb->is_local = 0; 805 if (fdb->is_static) { 806 fdb->is_static = 0; 807 fdb_del_hw_addr(br, addr); 808 } 809 } 810 811 modified = true; 812 } 813 fdb->added_by_user = 1; 814 815 fdb->used = jiffies; 816 if (modified) { 817 fdb->updated = jiffies; 818 fdb_notify(br, fdb, RTM_NEWNEIGH); 819 } 820 821 return 0; 822 } 823 824 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 825 const unsigned char *addr, u16 nlh_flags, u16 vid) 826 { 827 int err = 0; 828 829 if (ndm->ndm_flags & NTF_USE) { 830 local_bh_disable(); 831 rcu_read_lock(); 832 br_fdb_update(p->br, p, addr, vid, true); 833 rcu_read_unlock(); 834 local_bh_enable(); 835 } else { 836 spin_lock_bh(&p->br->hash_lock); 837 err = fdb_add_entry(p, addr, ndm->ndm_state, 838 nlh_flags, vid); 839 spin_unlock_bh(&p->br->hash_lock); 840 } 841 842 return err; 843 } 844 845 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 846 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 847 struct net_device *dev, 848 const unsigned char *addr, u16 vid, u16 nlh_flags) 849 { 850 struct net_bridge_vlan_group *vg; 851 struct net_bridge_port *p; 852 struct net_bridge_vlan *v; 853 int err = 0; 854 855 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 856 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 857 return -EINVAL; 858 } 859 860 if (is_zero_ether_addr(addr)) { 861 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 862 return -EINVAL; 863 } 864 865 p = br_port_get_rtnl(dev); 866 if (p == NULL) { 867 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 868 dev->name); 869 return -EINVAL; 870 } 871 872 vg = nbp_vlan_group(p); 873 if (vid) { 874 v = br_vlan_find(vg, vid); 875 if (!v) { 876 pr_info("bridge: RTM_NEWNEIGH with unconfigured " 877 "vlan %d on port %s\n", vid, dev->name); 878 return -EINVAL; 879 } 880 881 /* VID was specified, so use it. */ 882 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 883 } else { 884 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 885 if (err || !vg || !vg->num_vlans) 886 goto out; 887 888 /* We have vlans configured on this port and user didn't 889 * specify a VLAN. To be nice, add/update entry for every 890 * vlan on this port. 891 */ 892 list_for_each_entry(v, &vg->vlan_list, vlist) { 893 err = __br_fdb_add(ndm, p, addr, nlh_flags, v->vid); 894 if (err) 895 goto out; 896 } 897 } 898 899 out: 900 return err; 901 } 902 903 static int fdb_delete_by_addr_and_port(struct net_bridge_port *p, 904 const u8 *addr, u16 vlan) 905 { 906 struct net_bridge *br = p->br; 907 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 908 struct net_bridge_fdb_entry *fdb; 909 910 fdb = fdb_find(head, addr, vlan); 911 if (!fdb || fdb->dst != p) 912 return -ENOENT; 913 914 fdb_delete(br, fdb); 915 return 0; 916 } 917 918 static int __br_fdb_delete(struct net_bridge_port *p, 919 const unsigned char *addr, u16 vid) 920 { 921 int err; 922 923 spin_lock_bh(&p->br->hash_lock); 924 err = fdb_delete_by_addr_and_port(p, addr, vid); 925 spin_unlock_bh(&p->br->hash_lock); 926 927 return err; 928 } 929 930 /* Remove neighbor entry with RTM_DELNEIGH */ 931 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 932 struct net_device *dev, 933 const unsigned char *addr, u16 vid) 934 { 935 struct net_bridge_vlan_group *vg; 936 struct net_bridge_port *p; 937 struct net_bridge_vlan *v; 938 int err; 939 940 p = br_port_get_rtnl(dev); 941 if (p == NULL) { 942 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 943 dev->name); 944 return -EINVAL; 945 } 946 947 vg = nbp_vlan_group(p); 948 if (vid) { 949 v = br_vlan_find(vg, vid); 950 if (!v) { 951 pr_info("bridge: RTM_DELNEIGH with unconfigured " 952 "vlan %d on port %s\n", vid, dev->name); 953 return -EINVAL; 954 } 955 956 err = __br_fdb_delete(p, addr, vid); 957 } else { 958 err = -ENOENT; 959 err &= __br_fdb_delete(p, addr, 0); 960 if (!vg || !vg->num_vlans) 961 goto out; 962 963 list_for_each_entry(v, &vg->vlan_list, vlist) 964 err &= __br_fdb_delete(p, addr, v->vid); 965 } 966 out: 967 return err; 968 } 969 970 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 971 { 972 struct net_bridge_fdb_entry *fdb, *tmp; 973 int i; 974 int err; 975 976 ASSERT_RTNL(); 977 978 for (i = 0; i < BR_HASH_SIZE; i++) { 979 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 980 /* We only care for static entries */ 981 if (!fdb->is_static) 982 continue; 983 984 err = dev_uc_add(p->dev, fdb->addr.addr); 985 if (err) 986 goto rollback; 987 } 988 } 989 return 0; 990 991 rollback: 992 for (i = 0; i < BR_HASH_SIZE; i++) { 993 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 994 /* If we reached the fdb that failed, we can stop */ 995 if (tmp == fdb) 996 break; 997 998 /* We only care for static entries */ 999 if (!tmp->is_static) 1000 continue; 1001 1002 dev_uc_del(p->dev, tmp->addr.addr); 1003 } 1004 } 1005 return err; 1006 } 1007 1008 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1009 { 1010 struct net_bridge_fdb_entry *fdb; 1011 int i; 1012 1013 ASSERT_RTNL(); 1014 1015 for (i = 0; i < BR_HASH_SIZE; i++) { 1016 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1017 /* We only care for static entries */ 1018 if (!fdb->is_static) 1019 continue; 1020 1021 dev_uc_del(p->dev, fdb->addr.addr); 1022 } 1023 } 1024 } 1025 1026 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1027 const unsigned char *addr, u16 vid) 1028 { 1029 struct hlist_head *head; 1030 struct net_bridge_fdb_entry *fdb; 1031 int err = 0; 1032 1033 ASSERT_RTNL(); 1034 spin_lock_bh(&br->hash_lock); 1035 1036 head = &br->hash[br_mac_hash(addr, vid)]; 1037 fdb = fdb_find(head, addr, vid); 1038 if (!fdb) { 1039 fdb = fdb_create(head, p, addr, vid); 1040 if (!fdb) { 1041 err = -ENOMEM; 1042 goto err_unlock; 1043 } 1044 fdb->added_by_external_learn = 1; 1045 fdb_notify(br, fdb, RTM_NEWNEIGH); 1046 } else if (fdb->added_by_external_learn) { 1047 /* Refresh entry */ 1048 fdb->updated = fdb->used = jiffies; 1049 } else if (!fdb->added_by_user) { 1050 /* Take over SW learned entry */ 1051 fdb->added_by_external_learn = 1; 1052 fdb->updated = jiffies; 1053 fdb_notify(br, fdb, RTM_NEWNEIGH); 1054 } 1055 1056 err_unlock: 1057 spin_unlock_bh(&br->hash_lock); 1058 1059 return err; 1060 } 1061 1062 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1063 const unsigned char *addr, u16 vid) 1064 { 1065 struct hlist_head *head; 1066 struct net_bridge_fdb_entry *fdb; 1067 int err = 0; 1068 1069 ASSERT_RTNL(); 1070 spin_lock_bh(&br->hash_lock); 1071 1072 head = &br->hash[br_mac_hash(addr, vid)]; 1073 fdb = fdb_find(head, addr, vid); 1074 if (fdb && fdb->added_by_external_learn) 1075 fdb_delete(br, fdb); 1076 else 1077 err = -ENOENT; 1078 1079 spin_unlock_bh(&br->hash_lock); 1080 1081 return err; 1082 } 1083