xref: /openbmc/linux/net/bridge/br_fdb.c (revision 2e35facf82bcdd9b9eb9129f4fb31127b79249ec)
1 /*
2  *	Forwarding database
3  *	Linux ethernet bridge
4  *
5  *	Authors:
6  *	Lennert Buytenhek		<buytenh@gnu.org>
7  *
8  *	This program is free software; you can redistribute it and/or
9  *	modify it under the terms of the GNU General Public License
10  *	as published by the Free Software Foundation; either version
11  *	2 of the License, or (at your option) any later version.
12  */
13 
14 #include <linux/kernel.h>
15 #include <linux/init.h>
16 #include <linux/rculist.h>
17 #include <linux/spinlock.h>
18 #include <linux/times.h>
19 #include <linux/netdevice.h>
20 #include <linux/etherdevice.h>
21 #include <linux/jhash.h>
22 #include <linux/random.h>
23 #include <linux/slab.h>
24 #include <linux/atomic.h>
25 #include <asm/unaligned.h>
26 #include <linux/if_vlan.h>
27 #include <net/switchdev.h>
28 #include <trace/events/bridge.h>
29 #include "br_private.h"
30 
31 static const struct rhashtable_params br_fdb_rht_params = {
32 	.head_offset = offsetof(struct net_bridge_fdb_entry, rhnode),
33 	.key_offset = offsetof(struct net_bridge_fdb_entry, key),
34 	.key_len = sizeof(struct net_bridge_fdb_key),
35 	.automatic_shrinking = true,
36 };
37 
38 static struct kmem_cache *br_fdb_cache __read_mostly;
39 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source,
40 		      const unsigned char *addr, u16 vid);
41 static void fdb_notify(struct net_bridge *br,
42 		       const struct net_bridge_fdb_entry *, int, bool);
43 
44 int __init br_fdb_init(void)
45 {
46 	br_fdb_cache = kmem_cache_create("bridge_fdb_cache",
47 					 sizeof(struct net_bridge_fdb_entry),
48 					 0,
49 					 SLAB_HWCACHE_ALIGN, NULL);
50 	if (!br_fdb_cache)
51 		return -ENOMEM;
52 
53 	return 0;
54 }
55 
56 void br_fdb_fini(void)
57 {
58 	kmem_cache_destroy(br_fdb_cache);
59 }
60 
61 int br_fdb_hash_init(struct net_bridge *br)
62 {
63 	return rhashtable_init(&br->fdb_hash_tbl, &br_fdb_rht_params);
64 }
65 
66 void br_fdb_hash_fini(struct net_bridge *br)
67 {
68 	rhashtable_destroy(&br->fdb_hash_tbl);
69 }
70 
71 /* if topology_changing then use forward_delay (default 15 sec)
72  * otherwise keep longer (default 5 minutes)
73  */
74 static inline unsigned long hold_time(const struct net_bridge *br)
75 {
76 	return br->topology_change ? br->forward_delay : br->ageing_time;
77 }
78 
79 static inline int has_expired(const struct net_bridge *br,
80 				  const struct net_bridge_fdb_entry *fdb)
81 {
82 	return !fdb->is_static && !fdb->added_by_external_learn &&
83 		time_before_eq(fdb->updated + hold_time(br), jiffies);
84 }
85 
86 static void fdb_rcu_free(struct rcu_head *head)
87 {
88 	struct net_bridge_fdb_entry *ent
89 		= container_of(head, struct net_bridge_fdb_entry, rcu);
90 	kmem_cache_free(br_fdb_cache, ent);
91 }
92 
93 static struct net_bridge_fdb_entry *fdb_find_rcu(struct rhashtable *tbl,
94 						 const unsigned char *addr,
95 						 __u16 vid)
96 {
97 	struct net_bridge_fdb_key key;
98 
99 	WARN_ON_ONCE(!rcu_read_lock_held());
100 
101 	key.vlan_id = vid;
102 	memcpy(key.addr.addr, addr, sizeof(key.addr.addr));
103 
104 	return rhashtable_lookup(tbl, &key, br_fdb_rht_params);
105 }
106 
107 /* requires bridge hash_lock */
108 static struct net_bridge_fdb_entry *br_fdb_find(struct net_bridge *br,
109 						const unsigned char *addr,
110 						__u16 vid)
111 {
112 	struct net_bridge_fdb_entry *fdb;
113 
114 	lockdep_assert_held_once(&br->hash_lock);
115 
116 	rcu_read_lock();
117 	fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid);
118 	rcu_read_unlock();
119 
120 	return fdb;
121 }
122 
123 struct net_device *br_fdb_find_port(const struct net_device *br_dev,
124 				    const unsigned char *addr,
125 				    __u16 vid)
126 {
127 	struct net_bridge_fdb_entry *f;
128 	struct net_device *dev = NULL;
129 	struct net_bridge *br;
130 
131 	ASSERT_RTNL();
132 
133 	if (!netif_is_bridge_master(br_dev))
134 		return NULL;
135 
136 	br = netdev_priv(br_dev);
137 	rcu_read_lock();
138 	f = br_fdb_find_rcu(br, addr, vid);
139 	if (f && f->dst)
140 		dev = f->dst->dev;
141 	rcu_read_unlock();
142 
143 	return dev;
144 }
145 EXPORT_SYMBOL_GPL(br_fdb_find_port);
146 
147 struct net_bridge_fdb_entry *br_fdb_find_rcu(struct net_bridge *br,
148 					     const unsigned char *addr,
149 					     __u16 vid)
150 {
151 	return fdb_find_rcu(&br->fdb_hash_tbl, addr, vid);
152 }
153 
154 /* When a static FDB entry is added, the mac address from the entry is
155  * added to the bridge private HW address list and all required ports
156  * are then updated with the new information.
157  * Called under RTNL.
158  */
159 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr)
160 {
161 	int err;
162 	struct net_bridge_port *p;
163 
164 	ASSERT_RTNL();
165 
166 	list_for_each_entry(p, &br->port_list, list) {
167 		if (!br_promisc_port(p)) {
168 			err = dev_uc_add(p->dev, addr);
169 			if (err)
170 				goto undo;
171 		}
172 	}
173 
174 	return;
175 undo:
176 	list_for_each_entry_continue_reverse(p, &br->port_list, list) {
177 		if (!br_promisc_port(p))
178 			dev_uc_del(p->dev, addr);
179 	}
180 }
181 
182 /* When a static FDB entry is deleted, the HW address from that entry is
183  * also removed from the bridge private HW address list and updates all
184  * the ports with needed information.
185  * Called under RTNL.
186  */
187 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr)
188 {
189 	struct net_bridge_port *p;
190 
191 	ASSERT_RTNL();
192 
193 	list_for_each_entry(p, &br->port_list, list) {
194 		if (!br_promisc_port(p))
195 			dev_uc_del(p->dev, addr);
196 	}
197 }
198 
199 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f,
200 		       bool swdev_notify)
201 {
202 	trace_fdb_delete(br, f);
203 
204 	if (f->is_static)
205 		fdb_del_hw_addr(br, f->key.addr.addr);
206 
207 	hlist_del_init_rcu(&f->fdb_node);
208 	rhashtable_remove_fast(&br->fdb_hash_tbl, &f->rhnode,
209 			       br_fdb_rht_params);
210 	fdb_notify(br, f, RTM_DELNEIGH, swdev_notify);
211 	call_rcu(&f->rcu, fdb_rcu_free);
212 }
213 
214 /* Delete a local entry if no other port had the same address. */
215 static void fdb_delete_local(struct net_bridge *br,
216 			     const struct net_bridge_port *p,
217 			     struct net_bridge_fdb_entry *f)
218 {
219 	const unsigned char *addr = f->key.addr.addr;
220 	struct net_bridge_vlan_group *vg;
221 	const struct net_bridge_vlan *v;
222 	struct net_bridge_port *op;
223 	u16 vid = f->key.vlan_id;
224 
225 	/* Maybe another port has same hw addr? */
226 	list_for_each_entry(op, &br->port_list, list) {
227 		vg = nbp_vlan_group(op);
228 		if (op != p && ether_addr_equal(op->dev->dev_addr, addr) &&
229 		    (!vid || br_vlan_find(vg, vid))) {
230 			f->dst = op;
231 			f->added_by_user = 0;
232 			return;
233 		}
234 	}
235 
236 	vg = br_vlan_group(br);
237 	v = br_vlan_find(vg, vid);
238 	/* Maybe bridge device has same hw addr? */
239 	if (p && ether_addr_equal(br->dev->dev_addr, addr) &&
240 	    (!vid || (v && br_vlan_should_use(v)))) {
241 		f->dst = NULL;
242 		f->added_by_user = 0;
243 		return;
244 	}
245 
246 	fdb_delete(br, f, true);
247 }
248 
249 void br_fdb_find_delete_local(struct net_bridge *br,
250 			      const struct net_bridge_port *p,
251 			      const unsigned char *addr, u16 vid)
252 {
253 	struct net_bridge_fdb_entry *f;
254 
255 	spin_lock_bh(&br->hash_lock);
256 	f = br_fdb_find(br, addr, vid);
257 	if (f && f->is_local && !f->added_by_user && f->dst == p)
258 		fdb_delete_local(br, p, f);
259 	spin_unlock_bh(&br->hash_lock);
260 }
261 
262 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr)
263 {
264 	struct net_bridge_vlan_group *vg;
265 	struct net_bridge_fdb_entry *f;
266 	struct net_bridge *br = p->br;
267 	struct net_bridge_vlan *v;
268 
269 	spin_lock_bh(&br->hash_lock);
270 	vg = nbp_vlan_group(p);
271 	hlist_for_each_entry(f, &br->fdb_list, fdb_node) {
272 		if (f->dst == p && f->is_local && !f->added_by_user) {
273 			/* delete old one */
274 			fdb_delete_local(br, p, f);
275 
276 			/* if this port has no vlan information
277 			 * configured, we can safely be done at
278 			 * this point.
279 			 */
280 			if (!vg || !vg->num_vlans)
281 				goto insert;
282 		}
283 	}
284 
285 insert:
286 	/* insert new address,  may fail if invalid address or dup. */
287 	fdb_insert(br, p, newaddr, 0);
288 
289 	if (!vg || !vg->num_vlans)
290 		goto done;
291 
292 	/* Now add entries for every VLAN configured on the port.
293 	 * This function runs under RTNL so the bitmap will not change
294 	 * from under us.
295 	 */
296 	list_for_each_entry(v, &vg->vlan_list, vlist)
297 		fdb_insert(br, p, newaddr, v->vid);
298 
299 done:
300 	spin_unlock_bh(&br->hash_lock);
301 }
302 
303 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr)
304 {
305 	struct net_bridge_vlan_group *vg;
306 	struct net_bridge_fdb_entry *f;
307 	struct net_bridge_vlan *v;
308 
309 	spin_lock_bh(&br->hash_lock);
310 
311 	/* If old entry was unassociated with any port, then delete it. */
312 	f = br_fdb_find(br, br->dev->dev_addr, 0);
313 	if (f && f->is_local && !f->dst && !f->added_by_user)
314 		fdb_delete_local(br, NULL, f);
315 
316 	fdb_insert(br, NULL, newaddr, 0);
317 	vg = br_vlan_group(br);
318 	if (!vg || !vg->num_vlans)
319 		goto out;
320 	/* Now remove and add entries for every VLAN configured on the
321 	 * bridge.  This function runs under RTNL so the bitmap will not
322 	 * change from under us.
323 	 */
324 	list_for_each_entry(v, &vg->vlan_list, vlist) {
325 		if (!br_vlan_should_use(v))
326 			continue;
327 		f = br_fdb_find(br, br->dev->dev_addr, v->vid);
328 		if (f && f->is_local && !f->dst && !f->added_by_user)
329 			fdb_delete_local(br, NULL, f);
330 		fdb_insert(br, NULL, newaddr, v->vid);
331 	}
332 out:
333 	spin_unlock_bh(&br->hash_lock);
334 }
335 
336 void br_fdb_cleanup(struct work_struct *work)
337 {
338 	struct net_bridge *br = container_of(work, struct net_bridge,
339 					     gc_work.work);
340 	struct net_bridge_fdb_entry *f = NULL;
341 	unsigned long delay = hold_time(br);
342 	unsigned long work_delay = delay;
343 	unsigned long now = jiffies;
344 
345 	/* this part is tricky, in order to avoid blocking learning and
346 	 * consequently forwarding, we rely on rcu to delete objects with
347 	 * delayed freeing allowing us to continue traversing
348 	 */
349 	rcu_read_lock();
350 	hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
351 		unsigned long this_timer;
352 
353 		if (f->is_static || f->added_by_external_learn)
354 			continue;
355 		this_timer = f->updated + delay;
356 		if (time_after(this_timer, now)) {
357 			work_delay = min(work_delay, this_timer - now);
358 		} else {
359 			spin_lock_bh(&br->hash_lock);
360 			if (!hlist_unhashed(&f->fdb_node))
361 				fdb_delete(br, f, true);
362 			spin_unlock_bh(&br->hash_lock);
363 		}
364 	}
365 	rcu_read_unlock();
366 
367 	/* Cleanup minimum 10 milliseconds apart */
368 	work_delay = max_t(unsigned long, work_delay, msecs_to_jiffies(10));
369 	mod_delayed_work(system_long_wq, &br->gc_work, work_delay);
370 }
371 
372 /* Completely flush all dynamic entries in forwarding database.*/
373 void br_fdb_flush(struct net_bridge *br)
374 {
375 	struct net_bridge_fdb_entry *f;
376 	struct hlist_node *tmp;
377 
378 	spin_lock_bh(&br->hash_lock);
379 	hlist_for_each_entry_safe(f, tmp, &br->fdb_list, fdb_node) {
380 		if (!f->is_static)
381 			fdb_delete(br, f, true);
382 	}
383 	spin_unlock_bh(&br->hash_lock);
384 }
385 
386 /* Flush all entries referring to a specific port.
387  * if do_all is set also flush static entries
388  * if vid is set delete all entries that match the vlan_id
389  */
390 void br_fdb_delete_by_port(struct net_bridge *br,
391 			   const struct net_bridge_port *p,
392 			   u16 vid,
393 			   int do_all)
394 {
395 	struct net_bridge_fdb_entry *f;
396 	struct hlist_node *tmp;
397 
398 	spin_lock_bh(&br->hash_lock);
399 	hlist_for_each_entry_safe(f, tmp, &br->fdb_list, fdb_node) {
400 		if (f->dst != p)
401 			continue;
402 
403 		if (!do_all)
404 			if (f->is_static || (vid && f->key.vlan_id != vid))
405 				continue;
406 
407 		if (f->is_local)
408 			fdb_delete_local(br, p, f);
409 		else
410 			fdb_delete(br, f, true);
411 	}
412 	spin_unlock_bh(&br->hash_lock);
413 }
414 
415 #if IS_ENABLED(CONFIG_ATM_LANE)
416 /* Interface used by ATM LANE hook to test
417  * if an addr is on some other bridge port */
418 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr)
419 {
420 	struct net_bridge_fdb_entry *fdb;
421 	struct net_bridge_port *port;
422 	int ret;
423 
424 	rcu_read_lock();
425 	port = br_port_get_rcu(dev);
426 	if (!port)
427 		ret = 0;
428 	else {
429 		fdb = br_fdb_find_rcu(port->br, addr, 0);
430 		ret = fdb && fdb->dst && fdb->dst->dev != dev &&
431 			fdb->dst->state == BR_STATE_FORWARDING;
432 	}
433 	rcu_read_unlock();
434 
435 	return ret;
436 }
437 #endif /* CONFIG_ATM_LANE */
438 
439 /*
440  * Fill buffer with forwarding table records in
441  * the API format.
442  */
443 int br_fdb_fillbuf(struct net_bridge *br, void *buf,
444 		   unsigned long maxnum, unsigned long skip)
445 {
446 	struct net_bridge_fdb_entry *f;
447 	struct __fdb_entry *fe = buf;
448 	int num = 0;
449 
450 	memset(buf, 0, maxnum*sizeof(struct __fdb_entry));
451 
452 	rcu_read_lock();
453 	hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
454 		if (num >= maxnum)
455 			break;
456 
457 		if (has_expired(br, f))
458 			continue;
459 
460 		/* ignore pseudo entry for local MAC address */
461 		if (!f->dst)
462 			continue;
463 
464 		if (skip) {
465 			--skip;
466 			continue;
467 		}
468 
469 		/* convert from internal format to API */
470 		memcpy(fe->mac_addr, f->key.addr.addr, ETH_ALEN);
471 
472 		/* due to ABI compat need to split into hi/lo */
473 		fe->port_no = f->dst->port_no;
474 		fe->port_hi = f->dst->port_no >> 8;
475 
476 		fe->is_local = f->is_local;
477 		if (!f->is_static)
478 			fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated);
479 		++fe;
480 		++num;
481 	}
482 	rcu_read_unlock();
483 
484 	return num;
485 }
486 
487 static struct net_bridge_fdb_entry *fdb_create(struct net_bridge *br,
488 					       struct net_bridge_port *source,
489 					       const unsigned char *addr,
490 					       __u16 vid,
491 					       unsigned char is_local,
492 					       unsigned char is_static)
493 {
494 	struct net_bridge_fdb_entry *fdb;
495 
496 	fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC);
497 	if (fdb) {
498 		memcpy(fdb->key.addr.addr, addr, ETH_ALEN);
499 		fdb->dst = source;
500 		fdb->key.vlan_id = vid;
501 		fdb->is_local = is_local;
502 		fdb->is_static = is_static;
503 		fdb->added_by_user = 0;
504 		fdb->added_by_external_learn = 0;
505 		fdb->offloaded = 0;
506 		fdb->is_sticky = 0;
507 		fdb->updated = fdb->used = jiffies;
508 		if (rhashtable_lookup_insert_fast(&br->fdb_hash_tbl,
509 						  &fdb->rhnode,
510 						  br_fdb_rht_params)) {
511 			kmem_cache_free(br_fdb_cache, fdb);
512 			fdb = NULL;
513 		} else {
514 			hlist_add_head_rcu(&fdb->fdb_node, &br->fdb_list);
515 		}
516 	}
517 	return fdb;
518 }
519 
520 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source,
521 		  const unsigned char *addr, u16 vid)
522 {
523 	struct net_bridge_fdb_entry *fdb;
524 
525 	if (!is_valid_ether_addr(addr))
526 		return -EINVAL;
527 
528 	fdb = br_fdb_find(br, addr, vid);
529 	if (fdb) {
530 		/* it is okay to have multiple ports with same
531 		 * address, just use the first one.
532 		 */
533 		if (fdb->is_local)
534 			return 0;
535 		br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n",
536 		       source ? source->dev->name : br->dev->name, addr, vid);
537 		fdb_delete(br, fdb, true);
538 	}
539 
540 	fdb = fdb_create(br, source, addr, vid, 1, 1);
541 	if (!fdb)
542 		return -ENOMEM;
543 
544 	fdb_add_hw_addr(br, addr);
545 	fdb_notify(br, fdb, RTM_NEWNEIGH, true);
546 	return 0;
547 }
548 
549 /* Add entry for local address of interface */
550 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source,
551 		  const unsigned char *addr, u16 vid)
552 {
553 	int ret;
554 
555 	spin_lock_bh(&br->hash_lock);
556 	ret = fdb_insert(br, source, addr, vid);
557 	spin_unlock_bh(&br->hash_lock);
558 	return ret;
559 }
560 
561 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source,
562 		   const unsigned char *addr, u16 vid, bool added_by_user)
563 {
564 	struct net_bridge_fdb_entry *fdb;
565 	bool fdb_modified = false;
566 
567 	/* some users want to always flood. */
568 	if (hold_time(br) == 0)
569 		return;
570 
571 	/* ignore packets unless we are using this port */
572 	if (!(source->state == BR_STATE_LEARNING ||
573 	      source->state == BR_STATE_FORWARDING))
574 		return;
575 
576 	fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid);
577 	if (likely(fdb)) {
578 		/* attempt to update an entry for a local interface */
579 		if (unlikely(fdb->is_local)) {
580 			if (net_ratelimit())
581 				br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n",
582 					source->dev->name, addr, vid);
583 		} else {
584 			unsigned long now = jiffies;
585 
586 			/* fastpath: update of existing entry */
587 			if (unlikely(source != fdb->dst && !fdb->is_sticky)) {
588 				fdb->dst = source;
589 				fdb_modified = true;
590 				/* Take over HW learned entry */
591 				if (unlikely(fdb->added_by_external_learn))
592 					fdb->added_by_external_learn = 0;
593 			}
594 			if (now != fdb->updated)
595 				fdb->updated = now;
596 			if (unlikely(added_by_user))
597 				fdb->added_by_user = 1;
598 			if (unlikely(fdb_modified)) {
599 				trace_br_fdb_update(br, source, addr, vid, added_by_user);
600 				fdb_notify(br, fdb, RTM_NEWNEIGH, true);
601 			}
602 		}
603 	} else {
604 		spin_lock(&br->hash_lock);
605 		fdb = fdb_create(br, source, addr, vid, 0, 0);
606 		if (fdb) {
607 			if (unlikely(added_by_user))
608 				fdb->added_by_user = 1;
609 			trace_br_fdb_update(br, source, addr, vid,
610 					    added_by_user);
611 			fdb_notify(br, fdb, RTM_NEWNEIGH, true);
612 		}
613 		/* else  we lose race and someone else inserts
614 		 * it first, don't bother updating
615 		 */
616 		spin_unlock(&br->hash_lock);
617 	}
618 }
619 
620 static int fdb_to_nud(const struct net_bridge *br,
621 		      const struct net_bridge_fdb_entry *fdb)
622 {
623 	if (fdb->is_local)
624 		return NUD_PERMANENT;
625 	else if (fdb->is_static)
626 		return NUD_NOARP;
627 	else if (has_expired(br, fdb))
628 		return NUD_STALE;
629 	else
630 		return NUD_REACHABLE;
631 }
632 
633 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br,
634 			 const struct net_bridge_fdb_entry *fdb,
635 			 u32 portid, u32 seq, int type, unsigned int flags)
636 {
637 	unsigned long now = jiffies;
638 	struct nda_cacheinfo ci;
639 	struct nlmsghdr *nlh;
640 	struct ndmsg *ndm;
641 
642 	nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags);
643 	if (nlh == NULL)
644 		return -EMSGSIZE;
645 
646 	ndm = nlmsg_data(nlh);
647 	ndm->ndm_family	 = AF_BRIDGE;
648 	ndm->ndm_pad1    = 0;
649 	ndm->ndm_pad2    = 0;
650 	ndm->ndm_flags	 = 0;
651 	ndm->ndm_type	 = 0;
652 	ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex;
653 	ndm->ndm_state   = fdb_to_nud(br, fdb);
654 
655 	if (fdb->offloaded)
656 		ndm->ndm_flags |= NTF_OFFLOADED;
657 	if (fdb->added_by_external_learn)
658 		ndm->ndm_flags |= NTF_EXT_LEARNED;
659 	if (fdb->is_sticky)
660 		ndm->ndm_flags |= NTF_STICKY;
661 
662 	if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->key.addr))
663 		goto nla_put_failure;
664 	if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex))
665 		goto nla_put_failure;
666 	ci.ndm_used	 = jiffies_to_clock_t(now - fdb->used);
667 	ci.ndm_confirmed = 0;
668 	ci.ndm_updated	 = jiffies_to_clock_t(now - fdb->updated);
669 	ci.ndm_refcnt	 = 0;
670 	if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci))
671 		goto nla_put_failure;
672 
673 	if (fdb->key.vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16),
674 					&fdb->key.vlan_id))
675 		goto nla_put_failure;
676 
677 	nlmsg_end(skb, nlh);
678 	return 0;
679 
680 nla_put_failure:
681 	nlmsg_cancel(skb, nlh);
682 	return -EMSGSIZE;
683 }
684 
685 static inline size_t fdb_nlmsg_size(void)
686 {
687 	return NLMSG_ALIGN(sizeof(struct ndmsg))
688 		+ nla_total_size(ETH_ALEN) /* NDA_LLADDR */
689 		+ nla_total_size(sizeof(u32)) /* NDA_MASTER */
690 		+ nla_total_size(sizeof(u16)) /* NDA_VLAN */
691 		+ nla_total_size(sizeof(struct nda_cacheinfo));
692 }
693 
694 static void fdb_notify(struct net_bridge *br,
695 		       const struct net_bridge_fdb_entry *fdb, int type,
696 		       bool swdev_notify)
697 {
698 	struct net *net = dev_net(br->dev);
699 	struct sk_buff *skb;
700 	int err = -ENOBUFS;
701 
702 	if (swdev_notify)
703 		br_switchdev_fdb_notify(fdb, type);
704 
705 	skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC);
706 	if (skb == NULL)
707 		goto errout;
708 
709 	err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0);
710 	if (err < 0) {
711 		/* -EMSGSIZE implies BUG in fdb_nlmsg_size() */
712 		WARN_ON(err == -EMSGSIZE);
713 		kfree_skb(skb);
714 		goto errout;
715 	}
716 	rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC);
717 	return;
718 errout:
719 	rtnl_set_sk_err(net, RTNLGRP_NEIGH, err);
720 }
721 
722 /* Dump information about entries, in response to GETNEIGH */
723 int br_fdb_dump(struct sk_buff *skb,
724 		struct netlink_callback *cb,
725 		struct net_device *dev,
726 		struct net_device *filter_dev,
727 		int *idx)
728 {
729 	struct net_bridge *br = netdev_priv(dev);
730 	struct net_bridge_fdb_entry *f;
731 	int err = 0;
732 
733 	if (!(dev->priv_flags & IFF_EBRIDGE))
734 		return err;
735 
736 	if (!filter_dev) {
737 		err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx);
738 		if (err < 0)
739 			return err;
740 	}
741 
742 	rcu_read_lock();
743 	hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
744 		if (*idx < cb->args[2])
745 			goto skip;
746 		if (filter_dev && (!f->dst || f->dst->dev != filter_dev)) {
747 			if (filter_dev != dev)
748 				goto skip;
749 			/* !f->dst is a special case for bridge
750 			 * It means the MAC belongs to the bridge
751 			 * Therefore need a little more filtering
752 			 * we only want to dump the !f->dst case
753 			 */
754 			if (f->dst)
755 				goto skip;
756 		}
757 		if (!filter_dev && f->dst)
758 			goto skip;
759 
760 		err = fdb_fill_info(skb, br, f,
761 				    NETLINK_CB(cb->skb).portid,
762 				    cb->nlh->nlmsg_seq,
763 				    RTM_NEWNEIGH,
764 				    NLM_F_MULTI);
765 		if (err < 0)
766 			break;
767 skip:
768 		*idx += 1;
769 	}
770 	rcu_read_unlock();
771 
772 	return err;
773 }
774 
775 int br_fdb_get(struct sk_buff *skb,
776 	       struct nlattr *tb[],
777 	       struct net_device *dev,
778 	       const unsigned char *addr,
779 	       u16 vid, u32 portid, u32 seq,
780 	       struct netlink_ext_ack *extack)
781 {
782 	struct net_bridge *br = netdev_priv(dev);
783 	struct net_bridge_fdb_entry *f;
784 	int err = 0;
785 
786 	rcu_read_lock();
787 	f = br_fdb_find_rcu(br, addr, vid);
788 	if (!f) {
789 		NL_SET_ERR_MSG(extack, "Fdb entry not found");
790 		err = -ENOENT;
791 		goto errout;
792 	}
793 
794 	err = fdb_fill_info(skb, br, f, portid, seq,
795 			    RTM_NEWNEIGH, 0);
796 errout:
797 	rcu_read_unlock();
798 	return err;
799 }
800 
801 /* Update (create or replace) forwarding database entry */
802 static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source,
803 			 const u8 *addr, u16 state, u16 flags, u16 vid,
804 			 u8 ndm_flags)
805 {
806 	u8 is_sticky = !!(ndm_flags & NTF_STICKY);
807 	struct net_bridge_fdb_entry *fdb;
808 	bool modified = false;
809 
810 	/* If the port cannot learn allow only local and static entries */
811 	if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) &&
812 	    !(source->state == BR_STATE_LEARNING ||
813 	      source->state == BR_STATE_FORWARDING))
814 		return -EPERM;
815 
816 	if (!source && !(state & NUD_PERMANENT)) {
817 		pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n",
818 			br->dev->name);
819 		return -EINVAL;
820 	}
821 
822 	if (is_sticky && (state & NUD_PERMANENT))
823 		return -EINVAL;
824 
825 	fdb = br_fdb_find(br, addr, vid);
826 	if (fdb == NULL) {
827 		if (!(flags & NLM_F_CREATE))
828 			return -ENOENT;
829 
830 		fdb = fdb_create(br, source, addr, vid, 0, 0);
831 		if (!fdb)
832 			return -ENOMEM;
833 
834 		modified = true;
835 	} else {
836 		if (flags & NLM_F_EXCL)
837 			return -EEXIST;
838 
839 		if (fdb->dst != source) {
840 			fdb->dst = source;
841 			modified = true;
842 		}
843 	}
844 
845 	if (fdb_to_nud(br, fdb) != state) {
846 		if (state & NUD_PERMANENT) {
847 			fdb->is_local = 1;
848 			if (!fdb->is_static) {
849 				fdb->is_static = 1;
850 				fdb_add_hw_addr(br, addr);
851 			}
852 		} else if (state & NUD_NOARP) {
853 			fdb->is_local = 0;
854 			if (!fdb->is_static) {
855 				fdb->is_static = 1;
856 				fdb_add_hw_addr(br, addr);
857 			}
858 		} else {
859 			fdb->is_local = 0;
860 			if (fdb->is_static) {
861 				fdb->is_static = 0;
862 				fdb_del_hw_addr(br, addr);
863 			}
864 		}
865 
866 		modified = true;
867 	}
868 
869 	if (is_sticky != fdb->is_sticky) {
870 		fdb->is_sticky = is_sticky;
871 		modified = true;
872 	}
873 
874 	fdb->added_by_user = 1;
875 
876 	fdb->used = jiffies;
877 	if (modified) {
878 		fdb->updated = jiffies;
879 		fdb_notify(br, fdb, RTM_NEWNEIGH, true);
880 	}
881 
882 	return 0;
883 }
884 
885 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br,
886 			struct net_bridge_port *p, const unsigned char *addr,
887 			u16 nlh_flags, u16 vid)
888 {
889 	int err = 0;
890 
891 	if (ndm->ndm_flags & NTF_USE) {
892 		if (!p) {
893 			pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n",
894 				br->dev->name);
895 			return -EINVAL;
896 		}
897 		local_bh_disable();
898 		rcu_read_lock();
899 		br_fdb_update(br, p, addr, vid, true);
900 		rcu_read_unlock();
901 		local_bh_enable();
902 	} else if (ndm->ndm_flags & NTF_EXT_LEARNED) {
903 		err = br_fdb_external_learn_add(br, p, addr, vid, true);
904 	} else {
905 		spin_lock_bh(&br->hash_lock);
906 		err = fdb_add_entry(br, p, addr, ndm->ndm_state,
907 				    nlh_flags, vid, ndm->ndm_flags);
908 		spin_unlock_bh(&br->hash_lock);
909 	}
910 
911 	return err;
912 }
913 
914 /* Add new permanent fdb entry with RTM_NEWNEIGH */
915 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[],
916 	       struct net_device *dev,
917 	       const unsigned char *addr, u16 vid, u16 nlh_flags,
918 	       struct netlink_ext_ack *extack)
919 {
920 	struct net_bridge_vlan_group *vg;
921 	struct net_bridge_port *p = NULL;
922 	struct net_bridge_vlan *v;
923 	struct net_bridge *br = NULL;
924 	int err = 0;
925 
926 	trace_br_fdb_add(ndm, dev, addr, vid, nlh_flags);
927 
928 	if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) {
929 		pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state);
930 		return -EINVAL;
931 	}
932 
933 	if (is_zero_ether_addr(addr)) {
934 		pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n");
935 		return -EINVAL;
936 	}
937 
938 	if (dev->priv_flags & IFF_EBRIDGE) {
939 		br = netdev_priv(dev);
940 		vg = br_vlan_group(br);
941 	} else {
942 		p = br_port_get_rtnl(dev);
943 		if (!p) {
944 			pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n",
945 				dev->name);
946 			return -EINVAL;
947 		}
948 		br = p->br;
949 		vg = nbp_vlan_group(p);
950 	}
951 
952 	if (vid) {
953 		v = br_vlan_find(vg, vid);
954 		if (!v || !br_vlan_should_use(v)) {
955 			pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name);
956 			return -EINVAL;
957 		}
958 
959 		/* VID was specified, so use it. */
960 		err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid);
961 	} else {
962 		err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0);
963 		if (err || !vg || !vg->num_vlans)
964 			goto out;
965 
966 		/* We have vlans configured on this port and user didn't
967 		 * specify a VLAN.  To be nice, add/update entry for every
968 		 * vlan on this port.
969 		 */
970 		list_for_each_entry(v, &vg->vlan_list, vlist) {
971 			if (!br_vlan_should_use(v))
972 				continue;
973 			err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid);
974 			if (err)
975 				goto out;
976 		}
977 	}
978 
979 out:
980 	return err;
981 }
982 
983 static int fdb_delete_by_addr_and_port(struct net_bridge *br,
984 				       const struct net_bridge_port *p,
985 				       const u8 *addr, u16 vlan)
986 {
987 	struct net_bridge_fdb_entry *fdb;
988 
989 	fdb = br_fdb_find(br, addr, vlan);
990 	if (!fdb || fdb->dst != p)
991 		return -ENOENT;
992 
993 	fdb_delete(br, fdb, true);
994 
995 	return 0;
996 }
997 
998 static int __br_fdb_delete(struct net_bridge *br,
999 			   const struct net_bridge_port *p,
1000 			   const unsigned char *addr, u16 vid)
1001 {
1002 	int err;
1003 
1004 	spin_lock_bh(&br->hash_lock);
1005 	err = fdb_delete_by_addr_and_port(br, p, addr, vid);
1006 	spin_unlock_bh(&br->hash_lock);
1007 
1008 	return err;
1009 }
1010 
1011 /* Remove neighbor entry with RTM_DELNEIGH */
1012 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[],
1013 		  struct net_device *dev,
1014 		  const unsigned char *addr, u16 vid)
1015 {
1016 	struct net_bridge_vlan_group *vg;
1017 	struct net_bridge_port *p = NULL;
1018 	struct net_bridge_vlan *v;
1019 	struct net_bridge *br;
1020 	int err;
1021 
1022 	if (dev->priv_flags & IFF_EBRIDGE) {
1023 		br = netdev_priv(dev);
1024 		vg = br_vlan_group(br);
1025 	} else {
1026 		p = br_port_get_rtnl(dev);
1027 		if (!p) {
1028 			pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n",
1029 				dev->name);
1030 			return -EINVAL;
1031 		}
1032 		vg = nbp_vlan_group(p);
1033 		br = p->br;
1034 	}
1035 
1036 	if (vid) {
1037 		v = br_vlan_find(vg, vid);
1038 		if (!v) {
1039 			pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name);
1040 			return -EINVAL;
1041 		}
1042 
1043 		err = __br_fdb_delete(br, p, addr, vid);
1044 	} else {
1045 		err = -ENOENT;
1046 		err &= __br_fdb_delete(br, p, addr, 0);
1047 		if (!vg || !vg->num_vlans)
1048 			return err;
1049 
1050 		list_for_each_entry(v, &vg->vlan_list, vlist) {
1051 			if (!br_vlan_should_use(v))
1052 				continue;
1053 			err &= __br_fdb_delete(br, p, addr, v->vid);
1054 		}
1055 	}
1056 
1057 	return err;
1058 }
1059 
1060 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p)
1061 {
1062 	struct net_bridge_fdb_entry *f, *tmp;
1063 	int err = 0;
1064 
1065 	ASSERT_RTNL();
1066 
1067 	/* the key here is that static entries change only under rtnl */
1068 	rcu_read_lock();
1069 	hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
1070 		/* We only care for static entries */
1071 		if (!f->is_static)
1072 			continue;
1073 		err = dev_uc_add(p->dev, f->key.addr.addr);
1074 		if (err)
1075 			goto rollback;
1076 	}
1077 done:
1078 	rcu_read_unlock();
1079 
1080 	return err;
1081 
1082 rollback:
1083 	hlist_for_each_entry_rcu(tmp, &br->fdb_list, fdb_node) {
1084 		/* We only care for static entries */
1085 		if (!tmp->is_static)
1086 			continue;
1087 		if (tmp == f)
1088 			break;
1089 		dev_uc_del(p->dev, tmp->key.addr.addr);
1090 	}
1091 
1092 	goto done;
1093 }
1094 
1095 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p)
1096 {
1097 	struct net_bridge_fdb_entry *f;
1098 
1099 	ASSERT_RTNL();
1100 
1101 	rcu_read_lock();
1102 	hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
1103 		/* We only care for static entries */
1104 		if (!f->is_static)
1105 			continue;
1106 
1107 		dev_uc_del(p->dev, f->key.addr.addr);
1108 	}
1109 	rcu_read_unlock();
1110 }
1111 
1112 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p,
1113 			      const unsigned char *addr, u16 vid,
1114 			      bool swdev_notify)
1115 {
1116 	struct net_bridge_fdb_entry *fdb;
1117 	bool modified = false;
1118 	int err = 0;
1119 
1120 	trace_br_fdb_external_learn_add(br, p, addr, vid);
1121 
1122 	spin_lock_bh(&br->hash_lock);
1123 
1124 	fdb = br_fdb_find(br, addr, vid);
1125 	if (!fdb) {
1126 		fdb = fdb_create(br, p, addr, vid, 0, 0);
1127 		if (!fdb) {
1128 			err = -ENOMEM;
1129 			goto err_unlock;
1130 		}
1131 		if (swdev_notify)
1132 			fdb->added_by_user = 1;
1133 		fdb->added_by_external_learn = 1;
1134 		fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify);
1135 	} else {
1136 		fdb->updated = jiffies;
1137 
1138 		if (fdb->dst != p) {
1139 			fdb->dst = p;
1140 			modified = true;
1141 		}
1142 
1143 		if (fdb->added_by_external_learn) {
1144 			/* Refresh entry */
1145 			fdb->used = jiffies;
1146 		} else if (!fdb->added_by_user) {
1147 			/* Take over SW learned entry */
1148 			fdb->added_by_external_learn = 1;
1149 			modified = true;
1150 		}
1151 
1152 		if (swdev_notify)
1153 			fdb->added_by_user = 1;
1154 
1155 		if (modified)
1156 			fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify);
1157 	}
1158 
1159 err_unlock:
1160 	spin_unlock_bh(&br->hash_lock);
1161 
1162 	return err;
1163 }
1164 
1165 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p,
1166 			      const unsigned char *addr, u16 vid,
1167 			      bool swdev_notify)
1168 {
1169 	struct net_bridge_fdb_entry *fdb;
1170 	int err = 0;
1171 
1172 	spin_lock_bh(&br->hash_lock);
1173 
1174 	fdb = br_fdb_find(br, addr, vid);
1175 	if (fdb && fdb->added_by_external_learn)
1176 		fdb_delete(br, fdb, swdev_notify);
1177 	else
1178 		err = -ENOENT;
1179 
1180 	spin_unlock_bh(&br->hash_lock);
1181 
1182 	return err;
1183 }
1184 
1185 void br_fdb_offloaded_set(struct net_bridge *br, struct net_bridge_port *p,
1186 			  const unsigned char *addr, u16 vid, bool offloaded)
1187 {
1188 	struct net_bridge_fdb_entry *fdb;
1189 
1190 	spin_lock_bh(&br->hash_lock);
1191 
1192 	fdb = br_fdb_find(br, addr, vid);
1193 	if (fdb)
1194 		fdb->offloaded = offloaded;
1195 
1196 	spin_unlock_bh(&br->hash_lock);
1197 }
1198 
1199 void br_fdb_clear_offload(const struct net_device *dev, u16 vid)
1200 {
1201 	struct net_bridge_fdb_entry *f;
1202 	struct net_bridge_port *p;
1203 
1204 	ASSERT_RTNL();
1205 
1206 	p = br_port_get_rtnl(dev);
1207 	if (!p)
1208 		return;
1209 
1210 	spin_lock_bh(&p->br->hash_lock);
1211 	hlist_for_each_entry(f, &p->br->fdb_list, fdb_node) {
1212 		if (f->dst == p && f->key.vlan_id == vid)
1213 			f->offloaded = 0;
1214 	}
1215 	spin_unlock_bh(&p->br->hash_lock);
1216 }
1217 EXPORT_SYMBOL_GPL(br_fdb_clear_offload);
1218