1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 32 const unsigned char *addr, 33 __u16 vid); 34 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 35 const unsigned char *addr, u16 vid); 36 static void fdb_notify(struct net_bridge *br, 37 const struct net_bridge_fdb_entry *, int); 38 39 static u32 fdb_salt __read_mostly; 40 41 int __init br_fdb_init(void) 42 { 43 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 44 sizeof(struct net_bridge_fdb_entry), 45 0, 46 SLAB_HWCACHE_ALIGN, NULL); 47 if (!br_fdb_cache) 48 return -ENOMEM; 49 50 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 51 return 0; 52 } 53 54 void br_fdb_fini(void) 55 { 56 kmem_cache_destroy(br_fdb_cache); 57 } 58 59 60 /* if topology_changing then use forward_delay (default 15 sec) 61 * otherwise keep longer (default 5 minutes) 62 */ 63 static inline unsigned long hold_time(const struct net_bridge *br) 64 { 65 return br->topology_change ? br->forward_delay : br->ageing_time; 66 } 67 68 static inline int has_expired(const struct net_bridge *br, 69 const struct net_bridge_fdb_entry *fdb) 70 { 71 return !fdb->is_static && 72 time_before_eq(fdb->updated + hold_time(br), jiffies); 73 } 74 75 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 76 { 77 /* use 1 byte of OUI and 3 bytes of NIC */ 78 u32 key = get_unaligned((u32 *)(mac + 2)); 79 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 80 } 81 82 static void fdb_rcu_free(struct rcu_head *head) 83 { 84 struct net_bridge_fdb_entry *ent 85 = container_of(head, struct net_bridge_fdb_entry, rcu); 86 kmem_cache_free(br_fdb_cache, ent); 87 } 88 89 /* When a static FDB entry is added, the mac address from the entry is 90 * added to the bridge private HW address list and all required ports 91 * are then updated with the new information. 92 * Called under RTNL. 93 */ 94 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 95 { 96 int err; 97 struct net_bridge_port *p; 98 99 ASSERT_RTNL(); 100 101 list_for_each_entry(p, &br->port_list, list) { 102 if (!br_promisc_port(p)) { 103 err = dev_uc_add(p->dev, addr); 104 if (err) 105 goto undo; 106 } 107 } 108 109 return; 110 undo: 111 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 112 if (!br_promisc_port(p)) 113 dev_uc_del(p->dev, addr); 114 } 115 } 116 117 /* When a static FDB entry is deleted, the HW address from that entry is 118 * also removed from the bridge private HW address list and updates all 119 * the ports with needed information. 120 * Called under RTNL. 121 */ 122 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 123 { 124 struct net_bridge_port *p; 125 126 ASSERT_RTNL(); 127 128 list_for_each_entry(p, &br->port_list, list) { 129 if (!br_promisc_port(p)) 130 dev_uc_del(p->dev, addr); 131 } 132 } 133 134 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 135 { 136 struct switchdev_obj_port_fdb fdb = { 137 .obj = { 138 .orig_dev = f->dst->dev, 139 .id = SWITCHDEV_OBJ_ID_PORT_FDB, 140 .flags = SWITCHDEV_F_DEFER, 141 }, 142 .vid = f->vlan_id, 143 }; 144 145 ether_addr_copy(fdb.addr, f->addr.addr); 146 switchdev_port_obj_del(f->dst->dev, &fdb.obj); 147 } 148 149 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 150 { 151 if (f->is_static) 152 fdb_del_hw_addr(br, f->addr.addr); 153 154 if (f->added_by_external_learn) 155 fdb_del_external_learn(f); 156 157 hlist_del_rcu(&f->hlist); 158 fdb_notify(br, f, RTM_DELNEIGH); 159 call_rcu(&f->rcu, fdb_rcu_free); 160 } 161 162 /* Delete a local entry if no other port had the same address. */ 163 static void fdb_delete_local(struct net_bridge *br, 164 const struct net_bridge_port *p, 165 struct net_bridge_fdb_entry *f) 166 { 167 const unsigned char *addr = f->addr.addr; 168 struct net_bridge_vlan_group *vg; 169 const struct net_bridge_vlan *v; 170 struct net_bridge_port *op; 171 u16 vid = f->vlan_id; 172 173 /* Maybe another port has same hw addr? */ 174 list_for_each_entry(op, &br->port_list, list) { 175 vg = nbp_vlan_group(op); 176 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 177 (!vid || br_vlan_find(vg, vid))) { 178 f->dst = op; 179 f->added_by_user = 0; 180 return; 181 } 182 } 183 184 vg = br_vlan_group(br); 185 v = br_vlan_find(vg, vid); 186 /* Maybe bridge device has same hw addr? */ 187 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 188 (!vid || (v && br_vlan_should_use(v)))) { 189 f->dst = NULL; 190 f->added_by_user = 0; 191 return; 192 } 193 194 fdb_delete(br, f); 195 } 196 197 void br_fdb_find_delete_local(struct net_bridge *br, 198 const struct net_bridge_port *p, 199 const unsigned char *addr, u16 vid) 200 { 201 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 202 struct net_bridge_fdb_entry *f; 203 204 spin_lock_bh(&br->hash_lock); 205 f = fdb_find(head, addr, vid); 206 if (f && f->is_local && !f->added_by_user && f->dst == p) 207 fdb_delete_local(br, p, f); 208 spin_unlock_bh(&br->hash_lock); 209 } 210 211 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 212 { 213 struct net_bridge_vlan_group *vg; 214 struct net_bridge *br = p->br; 215 struct net_bridge_vlan *v; 216 int i; 217 218 spin_lock_bh(&br->hash_lock); 219 220 vg = nbp_vlan_group(p); 221 /* Search all chains since old address/hash is unknown */ 222 for (i = 0; i < BR_HASH_SIZE; i++) { 223 struct hlist_node *h; 224 hlist_for_each(h, &br->hash[i]) { 225 struct net_bridge_fdb_entry *f; 226 227 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 228 if (f->dst == p && f->is_local && !f->added_by_user) { 229 /* delete old one */ 230 fdb_delete_local(br, p, f); 231 232 /* if this port has no vlan information 233 * configured, we can safely be done at 234 * this point. 235 */ 236 if (!vg || !vg->num_vlans) 237 goto insert; 238 } 239 } 240 } 241 242 insert: 243 /* insert new address, may fail if invalid address or dup. */ 244 fdb_insert(br, p, newaddr, 0); 245 246 if (!vg || !vg->num_vlans) 247 goto done; 248 249 /* Now add entries for every VLAN configured on the port. 250 * This function runs under RTNL so the bitmap will not change 251 * from under us. 252 */ 253 list_for_each_entry(v, &vg->vlan_list, vlist) 254 fdb_insert(br, p, newaddr, v->vid); 255 256 done: 257 spin_unlock_bh(&br->hash_lock); 258 } 259 260 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 261 { 262 struct net_bridge_vlan_group *vg; 263 struct net_bridge_fdb_entry *f; 264 struct net_bridge_vlan *v; 265 266 spin_lock_bh(&br->hash_lock); 267 268 /* If old entry was unassociated with any port, then delete it. */ 269 f = __br_fdb_get(br, br->dev->dev_addr, 0); 270 if (f && f->is_local && !f->dst) 271 fdb_delete_local(br, NULL, f); 272 273 fdb_insert(br, NULL, newaddr, 0); 274 vg = br_vlan_group(br); 275 if (!vg || !vg->num_vlans) 276 goto out; 277 /* Now remove and add entries for every VLAN configured on the 278 * bridge. This function runs under RTNL so the bitmap will not 279 * change from under us. 280 */ 281 list_for_each_entry(v, &vg->vlan_list, vlist) { 282 if (!br_vlan_should_use(v)) 283 continue; 284 f = __br_fdb_get(br, br->dev->dev_addr, v->vid); 285 if (f && f->is_local && !f->dst) 286 fdb_delete_local(br, NULL, f); 287 fdb_insert(br, NULL, newaddr, v->vid); 288 } 289 out: 290 spin_unlock_bh(&br->hash_lock); 291 } 292 293 void br_fdb_cleanup(unsigned long _data) 294 { 295 struct net_bridge *br = (struct net_bridge *)_data; 296 unsigned long delay = hold_time(br); 297 unsigned long next_timer = jiffies + br->ageing_time; 298 int i; 299 300 spin_lock(&br->hash_lock); 301 for (i = 0; i < BR_HASH_SIZE; i++) { 302 struct net_bridge_fdb_entry *f; 303 struct hlist_node *n; 304 305 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 306 unsigned long this_timer; 307 if (f->is_static) 308 continue; 309 if (f->added_by_external_learn) 310 continue; 311 this_timer = f->updated + delay; 312 if (time_before_eq(this_timer, jiffies)) 313 fdb_delete(br, f); 314 else if (time_before(this_timer, next_timer)) 315 next_timer = this_timer; 316 } 317 } 318 spin_unlock(&br->hash_lock); 319 320 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 321 } 322 323 /* Completely flush all dynamic entries in forwarding database.*/ 324 void br_fdb_flush(struct net_bridge *br) 325 { 326 int i; 327 328 spin_lock_bh(&br->hash_lock); 329 for (i = 0; i < BR_HASH_SIZE; i++) { 330 struct net_bridge_fdb_entry *f; 331 struct hlist_node *n; 332 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 333 if (!f->is_static) 334 fdb_delete(br, f); 335 } 336 } 337 spin_unlock_bh(&br->hash_lock); 338 } 339 340 /* Flush all entries referring to a specific port. 341 * if do_all is set also flush static entries 342 * if vid is set delete all entries that match the vlan_id 343 */ 344 void br_fdb_delete_by_port(struct net_bridge *br, 345 const struct net_bridge_port *p, 346 u16 vid, 347 int do_all) 348 { 349 int i; 350 351 spin_lock_bh(&br->hash_lock); 352 for (i = 0; i < BR_HASH_SIZE; i++) { 353 struct hlist_node *h, *g; 354 355 hlist_for_each_safe(h, g, &br->hash[i]) { 356 struct net_bridge_fdb_entry *f 357 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 358 if (f->dst != p) 359 continue; 360 361 if (!do_all) 362 if (f->is_static || (vid && f->vlan_id != vid)) 363 continue; 364 365 if (f->is_local) 366 fdb_delete_local(br, p, f); 367 else 368 fdb_delete(br, f); 369 } 370 } 371 spin_unlock_bh(&br->hash_lock); 372 } 373 374 /* No locking or refcounting, assumes caller has rcu_read_lock */ 375 struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 376 const unsigned char *addr, 377 __u16 vid) 378 { 379 struct net_bridge_fdb_entry *fdb; 380 381 hlist_for_each_entry_rcu(fdb, 382 &br->hash[br_mac_hash(addr, vid)], hlist) { 383 if (ether_addr_equal(fdb->addr.addr, addr) && 384 fdb->vlan_id == vid) { 385 if (unlikely(has_expired(br, fdb))) 386 break; 387 return fdb; 388 } 389 } 390 391 return NULL; 392 } 393 394 #if IS_ENABLED(CONFIG_ATM_LANE) 395 /* Interface used by ATM LANE hook to test 396 * if an addr is on some other bridge port */ 397 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 398 { 399 struct net_bridge_fdb_entry *fdb; 400 struct net_bridge_port *port; 401 int ret; 402 403 rcu_read_lock(); 404 port = br_port_get_rcu(dev); 405 if (!port) 406 ret = 0; 407 else { 408 fdb = __br_fdb_get(port->br, addr, 0); 409 ret = fdb && fdb->dst && fdb->dst->dev != dev && 410 fdb->dst->state == BR_STATE_FORWARDING; 411 } 412 rcu_read_unlock(); 413 414 return ret; 415 } 416 #endif /* CONFIG_ATM_LANE */ 417 418 /* 419 * Fill buffer with forwarding table records in 420 * the API format. 421 */ 422 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 423 unsigned long maxnum, unsigned long skip) 424 { 425 struct __fdb_entry *fe = buf; 426 int i, num = 0; 427 struct net_bridge_fdb_entry *f; 428 429 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 430 431 rcu_read_lock(); 432 for (i = 0; i < BR_HASH_SIZE; i++) { 433 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 434 if (num >= maxnum) 435 goto out; 436 437 if (has_expired(br, f)) 438 continue; 439 440 /* ignore pseudo entry for local MAC address */ 441 if (!f->dst) 442 continue; 443 444 if (skip) { 445 --skip; 446 continue; 447 } 448 449 /* convert from internal format to API */ 450 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 451 452 /* due to ABI compat need to split into hi/lo */ 453 fe->port_no = f->dst->port_no; 454 fe->port_hi = f->dst->port_no >> 8; 455 456 fe->is_local = f->is_local; 457 if (!f->is_static) 458 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 459 ++fe; 460 ++num; 461 } 462 } 463 464 out: 465 rcu_read_unlock(); 466 467 return num; 468 } 469 470 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 471 const unsigned char *addr, 472 __u16 vid) 473 { 474 struct net_bridge_fdb_entry *fdb; 475 476 hlist_for_each_entry(fdb, head, hlist) { 477 if (ether_addr_equal(fdb->addr.addr, addr) && 478 fdb->vlan_id == vid) 479 return fdb; 480 } 481 return NULL; 482 } 483 484 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 485 const unsigned char *addr, 486 __u16 vid) 487 { 488 struct net_bridge_fdb_entry *fdb; 489 490 hlist_for_each_entry_rcu(fdb, head, hlist) { 491 if (ether_addr_equal(fdb->addr.addr, addr) && 492 fdb->vlan_id == vid) 493 return fdb; 494 } 495 return NULL; 496 } 497 498 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 499 struct net_bridge_port *source, 500 const unsigned char *addr, 501 __u16 vid, 502 unsigned char is_local, 503 unsigned char is_static) 504 { 505 struct net_bridge_fdb_entry *fdb; 506 507 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 508 if (fdb) { 509 memcpy(fdb->addr.addr, addr, ETH_ALEN); 510 fdb->dst = source; 511 fdb->vlan_id = vid; 512 fdb->is_local = is_local; 513 fdb->is_static = is_static; 514 fdb->added_by_user = 0; 515 fdb->added_by_external_learn = 0; 516 fdb->updated = fdb->used = jiffies; 517 hlist_add_head_rcu(&fdb->hlist, head); 518 } 519 return fdb; 520 } 521 522 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 523 const unsigned char *addr, u16 vid) 524 { 525 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 526 struct net_bridge_fdb_entry *fdb; 527 528 if (!is_valid_ether_addr(addr)) 529 return -EINVAL; 530 531 fdb = fdb_find(head, addr, vid); 532 if (fdb) { 533 /* it is okay to have multiple ports with same 534 * address, just use the first one. 535 */ 536 if (fdb->is_local) 537 return 0; 538 br_warn(br, "adding interface %s with same address " 539 "as a received packet\n", 540 source ? source->dev->name : br->dev->name); 541 fdb_delete(br, fdb); 542 } 543 544 fdb = fdb_create(head, source, addr, vid, 1, 1); 545 if (!fdb) 546 return -ENOMEM; 547 548 fdb_add_hw_addr(br, addr); 549 fdb_notify(br, fdb, RTM_NEWNEIGH); 550 return 0; 551 } 552 553 /* Add entry for local address of interface */ 554 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 555 const unsigned char *addr, u16 vid) 556 { 557 int ret; 558 559 spin_lock_bh(&br->hash_lock); 560 ret = fdb_insert(br, source, addr, vid); 561 spin_unlock_bh(&br->hash_lock); 562 return ret; 563 } 564 565 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 566 const unsigned char *addr, u16 vid, bool added_by_user) 567 { 568 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 569 struct net_bridge_fdb_entry *fdb; 570 bool fdb_modified = false; 571 572 /* some users want to always flood. */ 573 if (hold_time(br) == 0) 574 return; 575 576 /* ignore packets unless we are using this port */ 577 if (!(source->state == BR_STATE_LEARNING || 578 source->state == BR_STATE_FORWARDING)) 579 return; 580 581 fdb = fdb_find_rcu(head, addr, vid); 582 if (likely(fdb)) { 583 /* attempt to update an entry for a local interface */ 584 if (unlikely(fdb->is_local)) { 585 if (net_ratelimit()) 586 br_warn(br, "received packet on %s with " 587 "own address as source address\n", 588 source->dev->name); 589 } else { 590 /* fastpath: update of existing entry */ 591 if (unlikely(source != fdb->dst)) { 592 fdb->dst = source; 593 fdb_modified = true; 594 } 595 fdb->updated = jiffies; 596 if (unlikely(added_by_user)) 597 fdb->added_by_user = 1; 598 if (unlikely(fdb_modified)) 599 fdb_notify(br, fdb, RTM_NEWNEIGH); 600 } 601 } else { 602 spin_lock(&br->hash_lock); 603 if (likely(!fdb_find(head, addr, vid))) { 604 fdb = fdb_create(head, source, addr, vid, 0, 0); 605 if (fdb) { 606 if (unlikely(added_by_user)) 607 fdb->added_by_user = 1; 608 fdb_notify(br, fdb, RTM_NEWNEIGH); 609 } 610 } 611 /* else we lose race and someone else inserts 612 * it first, don't bother updating 613 */ 614 spin_unlock(&br->hash_lock); 615 } 616 } 617 618 static int fdb_to_nud(const struct net_bridge *br, 619 const struct net_bridge_fdb_entry *fdb) 620 { 621 if (fdb->is_local) 622 return NUD_PERMANENT; 623 else if (fdb->is_static) 624 return NUD_NOARP; 625 else if (has_expired(br, fdb)) 626 return NUD_STALE; 627 else 628 return NUD_REACHABLE; 629 } 630 631 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 632 const struct net_bridge_fdb_entry *fdb, 633 u32 portid, u32 seq, int type, unsigned int flags) 634 { 635 unsigned long now = jiffies; 636 struct nda_cacheinfo ci; 637 struct nlmsghdr *nlh; 638 struct ndmsg *ndm; 639 640 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 641 if (nlh == NULL) 642 return -EMSGSIZE; 643 644 ndm = nlmsg_data(nlh); 645 ndm->ndm_family = AF_BRIDGE; 646 ndm->ndm_pad1 = 0; 647 ndm->ndm_pad2 = 0; 648 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 649 ndm->ndm_type = 0; 650 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 651 ndm->ndm_state = fdb_to_nud(br, fdb); 652 653 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 654 goto nla_put_failure; 655 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 656 goto nla_put_failure; 657 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 658 ci.ndm_confirmed = 0; 659 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 660 ci.ndm_refcnt = 0; 661 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 662 goto nla_put_failure; 663 664 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 665 goto nla_put_failure; 666 667 nlmsg_end(skb, nlh); 668 return 0; 669 670 nla_put_failure: 671 nlmsg_cancel(skb, nlh); 672 return -EMSGSIZE; 673 } 674 675 static inline size_t fdb_nlmsg_size(void) 676 { 677 return NLMSG_ALIGN(sizeof(struct ndmsg)) 678 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 679 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 680 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 681 + nla_total_size(sizeof(struct nda_cacheinfo)); 682 } 683 684 static void fdb_notify(struct net_bridge *br, 685 const struct net_bridge_fdb_entry *fdb, int type) 686 { 687 struct net *net = dev_net(br->dev); 688 struct sk_buff *skb; 689 int err = -ENOBUFS; 690 691 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 692 if (skb == NULL) 693 goto errout; 694 695 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 696 if (err < 0) { 697 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 698 WARN_ON(err == -EMSGSIZE); 699 kfree_skb(skb); 700 goto errout; 701 } 702 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 703 return; 704 errout: 705 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 706 } 707 708 /* Dump information about entries, in response to GETNEIGH */ 709 int br_fdb_dump(struct sk_buff *skb, 710 struct netlink_callback *cb, 711 struct net_device *dev, 712 struct net_device *filter_dev, 713 int idx) 714 { 715 struct net_bridge *br = netdev_priv(dev); 716 int i; 717 718 if (!(dev->priv_flags & IFF_EBRIDGE)) 719 goto out; 720 721 if (!filter_dev) 722 idx = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 723 724 for (i = 0; i < BR_HASH_SIZE; i++) { 725 struct net_bridge_fdb_entry *f; 726 727 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 728 int err; 729 730 if (idx < cb->args[0]) 731 goto skip; 732 733 if (filter_dev && 734 (!f->dst || f->dst->dev != filter_dev)) { 735 if (filter_dev != dev) 736 goto skip; 737 /* !f->dst is a special case for bridge 738 * It means the MAC belongs to the bridge 739 * Therefore need a little more filtering 740 * we only want to dump the !f->dst case 741 */ 742 if (f->dst) 743 goto skip; 744 } 745 if (!filter_dev && f->dst) 746 goto skip; 747 748 err = fdb_fill_info(skb, br, f, 749 NETLINK_CB(cb->skb).portid, 750 cb->nlh->nlmsg_seq, 751 RTM_NEWNEIGH, 752 NLM_F_MULTI); 753 if (err < 0) { 754 cb->args[1] = err; 755 break; 756 } 757 skip: 758 ++idx; 759 } 760 } 761 762 out: 763 return idx; 764 } 765 766 /* Update (create or replace) forwarding database entry */ 767 static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 768 __u16 state, __u16 flags, __u16 vid) 769 { 770 struct net_bridge *br = source->br; 771 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 772 struct net_bridge_fdb_entry *fdb; 773 bool modified = false; 774 775 /* If the port cannot learn allow only local and static entries */ 776 if (!(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 777 !(source->state == BR_STATE_LEARNING || 778 source->state == BR_STATE_FORWARDING)) 779 return -EPERM; 780 781 fdb = fdb_find(head, addr, vid); 782 if (fdb == NULL) { 783 if (!(flags & NLM_F_CREATE)) 784 return -ENOENT; 785 786 fdb = fdb_create(head, source, addr, vid, 0, 0); 787 if (!fdb) 788 return -ENOMEM; 789 790 modified = true; 791 } else { 792 if (flags & NLM_F_EXCL) 793 return -EEXIST; 794 795 if (fdb->dst != source) { 796 fdb->dst = source; 797 modified = true; 798 } 799 } 800 801 if (fdb_to_nud(br, fdb) != state) { 802 if (state & NUD_PERMANENT) { 803 fdb->is_local = 1; 804 if (!fdb->is_static) { 805 fdb->is_static = 1; 806 fdb_add_hw_addr(br, addr); 807 } 808 } else if (state & NUD_NOARP) { 809 fdb->is_local = 0; 810 if (!fdb->is_static) { 811 fdb->is_static = 1; 812 fdb_add_hw_addr(br, addr); 813 } 814 } else { 815 fdb->is_local = 0; 816 if (fdb->is_static) { 817 fdb->is_static = 0; 818 fdb_del_hw_addr(br, addr); 819 } 820 } 821 822 modified = true; 823 } 824 fdb->added_by_user = 1; 825 826 fdb->used = jiffies; 827 if (modified) { 828 fdb->updated = jiffies; 829 fdb_notify(br, fdb, RTM_NEWNEIGH); 830 } 831 832 return 0; 833 } 834 835 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 836 const unsigned char *addr, u16 nlh_flags, u16 vid) 837 { 838 int err = 0; 839 840 if (ndm->ndm_flags & NTF_USE) { 841 local_bh_disable(); 842 rcu_read_lock(); 843 br_fdb_update(p->br, p, addr, vid, true); 844 rcu_read_unlock(); 845 local_bh_enable(); 846 } else { 847 spin_lock_bh(&p->br->hash_lock); 848 err = fdb_add_entry(p, addr, ndm->ndm_state, 849 nlh_flags, vid); 850 spin_unlock_bh(&p->br->hash_lock); 851 } 852 853 return err; 854 } 855 856 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 857 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 858 struct net_device *dev, 859 const unsigned char *addr, u16 vid, u16 nlh_flags) 860 { 861 struct net_bridge_vlan_group *vg; 862 struct net_bridge_port *p = NULL; 863 struct net_bridge_vlan *v; 864 struct net_bridge *br = NULL; 865 int err = 0; 866 867 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 868 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 869 return -EINVAL; 870 } 871 872 if (is_zero_ether_addr(addr)) { 873 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 874 return -EINVAL; 875 } 876 877 if (dev->priv_flags & IFF_EBRIDGE) { 878 br = netdev_priv(dev); 879 vg = br_vlan_group(br); 880 } else { 881 p = br_port_get_rtnl(dev); 882 if (!p) { 883 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 884 dev->name); 885 return -EINVAL; 886 } 887 vg = nbp_vlan_group(p); 888 } 889 890 if (vid) { 891 v = br_vlan_find(vg, vid); 892 if (!v || !br_vlan_should_use(v)) { 893 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 894 return -EINVAL; 895 } 896 897 /* VID was specified, so use it. */ 898 if (dev->priv_flags & IFF_EBRIDGE) 899 err = br_fdb_insert(br, NULL, addr, vid); 900 else 901 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 902 } else { 903 if (dev->priv_flags & IFF_EBRIDGE) 904 err = br_fdb_insert(br, NULL, addr, 0); 905 else 906 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 907 if (err || !vg || !vg->num_vlans) 908 goto out; 909 910 /* We have vlans configured on this port and user didn't 911 * specify a VLAN. To be nice, add/update entry for every 912 * vlan on this port. 913 */ 914 list_for_each_entry(v, &vg->vlan_list, vlist) { 915 if (!br_vlan_should_use(v)) 916 continue; 917 if (dev->priv_flags & IFF_EBRIDGE) 918 err = br_fdb_insert(br, NULL, addr, v->vid); 919 else 920 err = __br_fdb_add(ndm, p, addr, nlh_flags, 921 v->vid); 922 if (err) 923 goto out; 924 } 925 } 926 927 out: 928 return err; 929 } 930 931 static int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, 932 u16 vid) 933 { 934 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 935 struct net_bridge_fdb_entry *fdb; 936 937 fdb = fdb_find(head, addr, vid); 938 if (!fdb) 939 return -ENOENT; 940 941 fdb_delete(br, fdb); 942 return 0; 943 } 944 945 static int __br_fdb_delete_by_addr(struct net_bridge *br, 946 const unsigned char *addr, u16 vid) 947 { 948 int err; 949 950 spin_lock_bh(&br->hash_lock); 951 err = fdb_delete_by_addr(br, addr, vid); 952 spin_unlock_bh(&br->hash_lock); 953 954 return err; 955 } 956 957 static int fdb_delete_by_addr_and_port(struct net_bridge_port *p, 958 const u8 *addr, u16 vlan) 959 { 960 struct net_bridge *br = p->br; 961 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 962 struct net_bridge_fdb_entry *fdb; 963 964 fdb = fdb_find(head, addr, vlan); 965 if (!fdb || fdb->dst != p) 966 return -ENOENT; 967 968 fdb_delete(br, fdb); 969 return 0; 970 } 971 972 static int __br_fdb_delete(struct net_bridge_port *p, 973 const unsigned char *addr, u16 vid) 974 { 975 int err; 976 977 spin_lock_bh(&p->br->hash_lock); 978 err = fdb_delete_by_addr_and_port(p, addr, vid); 979 spin_unlock_bh(&p->br->hash_lock); 980 981 return err; 982 } 983 984 /* Remove neighbor entry with RTM_DELNEIGH */ 985 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 986 struct net_device *dev, 987 const unsigned char *addr, u16 vid) 988 { 989 struct net_bridge_vlan_group *vg; 990 struct net_bridge_port *p = NULL; 991 struct net_bridge_vlan *v; 992 struct net_bridge *br = NULL; 993 int err; 994 995 if (dev->priv_flags & IFF_EBRIDGE) { 996 br = netdev_priv(dev); 997 vg = br_vlan_group(br); 998 } else { 999 p = br_port_get_rtnl(dev); 1000 if (!p) { 1001 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 1002 dev->name); 1003 return -EINVAL; 1004 } 1005 vg = nbp_vlan_group(p); 1006 } 1007 1008 if (vid) { 1009 v = br_vlan_find(vg, vid); 1010 if (!v) { 1011 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 1012 return -EINVAL; 1013 } 1014 1015 if (dev->priv_flags & IFF_EBRIDGE) 1016 err = __br_fdb_delete_by_addr(br, addr, vid); 1017 else 1018 err = __br_fdb_delete(p, addr, vid); 1019 } else { 1020 err = -ENOENT; 1021 if (dev->priv_flags & IFF_EBRIDGE) 1022 err = __br_fdb_delete_by_addr(br, addr, 0); 1023 else 1024 err &= __br_fdb_delete(p, addr, 0); 1025 1026 if (!vg || !vg->num_vlans) 1027 goto out; 1028 1029 list_for_each_entry(v, &vg->vlan_list, vlist) { 1030 if (!br_vlan_should_use(v)) 1031 continue; 1032 if (dev->priv_flags & IFF_EBRIDGE) 1033 err = __br_fdb_delete_by_addr(br, addr, v->vid); 1034 else 1035 err &= __br_fdb_delete(p, addr, v->vid); 1036 } 1037 } 1038 out: 1039 return err; 1040 } 1041 1042 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1043 { 1044 struct net_bridge_fdb_entry *fdb, *tmp; 1045 int i; 1046 int err; 1047 1048 ASSERT_RTNL(); 1049 1050 for (i = 0; i < BR_HASH_SIZE; i++) { 1051 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 1052 /* We only care for static entries */ 1053 if (!fdb->is_static) 1054 continue; 1055 1056 err = dev_uc_add(p->dev, fdb->addr.addr); 1057 if (err) 1058 goto rollback; 1059 } 1060 } 1061 return 0; 1062 1063 rollback: 1064 for (i = 0; i < BR_HASH_SIZE; i++) { 1065 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 1066 /* If we reached the fdb that failed, we can stop */ 1067 if (tmp == fdb) 1068 break; 1069 1070 /* We only care for static entries */ 1071 if (!tmp->is_static) 1072 continue; 1073 1074 dev_uc_del(p->dev, tmp->addr.addr); 1075 } 1076 } 1077 return err; 1078 } 1079 1080 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1081 { 1082 struct net_bridge_fdb_entry *fdb; 1083 int i; 1084 1085 ASSERT_RTNL(); 1086 1087 for (i = 0; i < BR_HASH_SIZE; i++) { 1088 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1089 /* We only care for static entries */ 1090 if (!fdb->is_static) 1091 continue; 1092 1093 dev_uc_del(p->dev, fdb->addr.addr); 1094 } 1095 } 1096 } 1097 1098 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1099 const unsigned char *addr, u16 vid) 1100 { 1101 struct hlist_head *head; 1102 struct net_bridge_fdb_entry *fdb; 1103 int err = 0; 1104 1105 ASSERT_RTNL(); 1106 spin_lock_bh(&br->hash_lock); 1107 1108 head = &br->hash[br_mac_hash(addr, vid)]; 1109 fdb = fdb_find(head, addr, vid); 1110 if (!fdb) { 1111 fdb = fdb_create(head, p, addr, vid, 0, 0); 1112 if (!fdb) { 1113 err = -ENOMEM; 1114 goto err_unlock; 1115 } 1116 fdb->added_by_external_learn = 1; 1117 fdb_notify(br, fdb, RTM_NEWNEIGH); 1118 } else if (fdb->added_by_external_learn) { 1119 /* Refresh entry */ 1120 fdb->updated = fdb->used = jiffies; 1121 } else if (!fdb->added_by_user) { 1122 /* Take over SW learned entry */ 1123 fdb->added_by_external_learn = 1; 1124 fdb->updated = jiffies; 1125 fdb_notify(br, fdb, RTM_NEWNEIGH); 1126 } 1127 1128 err_unlock: 1129 spin_unlock_bh(&br->hash_lock); 1130 1131 return err; 1132 } 1133 1134 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1135 const unsigned char *addr, u16 vid) 1136 { 1137 struct hlist_head *head; 1138 struct net_bridge_fdb_entry *fdb; 1139 int err = 0; 1140 1141 ASSERT_RTNL(); 1142 spin_lock_bh(&br->hash_lock); 1143 1144 head = &br->hash[br_mac_hash(addr, vid)]; 1145 fdb = fdb_find(head, addr, vid); 1146 if (fdb && fdb->added_by_external_learn) 1147 fdb_delete(br, fdb); 1148 else 1149 err = -ENOENT; 1150 1151 spin_unlock_bh(&br->hash_lock); 1152 1153 return err; 1154 } 1155