1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 32 const unsigned char *addr, 33 __u16 vid); 34 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 35 const unsigned char *addr, u16 vid); 36 static void fdb_notify(struct net_bridge *br, 37 const struct net_bridge_fdb_entry *, int); 38 39 static u32 fdb_salt __read_mostly; 40 41 int __init br_fdb_init(void) 42 { 43 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 44 sizeof(struct net_bridge_fdb_entry), 45 0, 46 SLAB_HWCACHE_ALIGN, NULL); 47 if (!br_fdb_cache) 48 return -ENOMEM; 49 50 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 51 return 0; 52 } 53 54 void br_fdb_fini(void) 55 { 56 kmem_cache_destroy(br_fdb_cache); 57 } 58 59 60 /* if topology_changing then use forward_delay (default 15 sec) 61 * otherwise keep longer (default 5 minutes) 62 */ 63 static inline unsigned long hold_time(const struct net_bridge *br) 64 { 65 return br->topology_change ? br->forward_delay : br->ageing_time; 66 } 67 68 static inline int has_expired(const struct net_bridge *br, 69 const struct net_bridge_fdb_entry *fdb) 70 { 71 return !fdb->is_static && 72 time_before_eq(fdb->updated + hold_time(br), jiffies); 73 } 74 75 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 76 { 77 /* use 1 byte of OUI and 3 bytes of NIC */ 78 u32 key = get_unaligned((u32 *)(mac + 2)); 79 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 80 } 81 82 static void fdb_rcu_free(struct rcu_head *head) 83 { 84 struct net_bridge_fdb_entry *ent 85 = container_of(head, struct net_bridge_fdb_entry, rcu); 86 kmem_cache_free(br_fdb_cache, ent); 87 } 88 89 /* When a static FDB entry is added, the mac address from the entry is 90 * added to the bridge private HW address list and all required ports 91 * are then updated with the new information. 92 * Called under RTNL. 93 */ 94 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 95 { 96 int err; 97 struct net_bridge_port *p; 98 99 ASSERT_RTNL(); 100 101 list_for_each_entry(p, &br->port_list, list) { 102 if (!br_promisc_port(p)) { 103 err = dev_uc_add(p->dev, addr); 104 if (err) 105 goto undo; 106 } 107 } 108 109 return; 110 undo: 111 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 112 if (!br_promisc_port(p)) 113 dev_uc_del(p->dev, addr); 114 } 115 } 116 117 /* When a static FDB entry is deleted, the HW address from that entry is 118 * also removed from the bridge private HW address list and updates all 119 * the ports with needed information. 120 * Called under RTNL. 121 */ 122 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 123 { 124 struct net_bridge_port *p; 125 126 ASSERT_RTNL(); 127 128 list_for_each_entry(p, &br->port_list, list) { 129 if (!br_promisc_port(p)) 130 dev_uc_del(p->dev, addr); 131 } 132 } 133 134 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 135 { 136 struct switchdev_obj obj = { 137 .id = SWITCHDEV_OBJ_PORT_FDB, 138 .u.fdb = { 139 .addr = f->addr.addr, 140 .vid = f->vlan_id, 141 }, 142 }; 143 144 switchdev_port_obj_del(f->dst->dev, &obj); 145 } 146 147 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 148 { 149 if (f->is_static) 150 fdb_del_hw_addr(br, f->addr.addr); 151 152 if (f->added_by_external_learn) 153 fdb_del_external_learn(f); 154 155 hlist_del_rcu(&f->hlist); 156 fdb_notify(br, f, RTM_DELNEIGH); 157 call_rcu(&f->rcu, fdb_rcu_free); 158 } 159 160 /* Delete a local entry if no other port had the same address. */ 161 static void fdb_delete_local(struct net_bridge *br, 162 const struct net_bridge_port *p, 163 struct net_bridge_fdb_entry *f) 164 { 165 const unsigned char *addr = f->addr.addr; 166 u16 vid = f->vlan_id; 167 struct net_bridge_port *op; 168 169 /* Maybe another port has same hw addr? */ 170 list_for_each_entry(op, &br->port_list, list) { 171 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 172 (!vid || nbp_vlan_find(op, vid))) { 173 f->dst = op; 174 f->added_by_user = 0; 175 return; 176 } 177 } 178 179 /* Maybe bridge device has same hw addr? */ 180 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 181 (!vid || br_vlan_find(br, vid))) { 182 f->dst = NULL; 183 f->added_by_user = 0; 184 return; 185 } 186 187 fdb_delete(br, f); 188 } 189 190 void br_fdb_find_delete_local(struct net_bridge *br, 191 const struct net_bridge_port *p, 192 const unsigned char *addr, u16 vid) 193 { 194 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 195 struct net_bridge_fdb_entry *f; 196 197 spin_lock_bh(&br->hash_lock); 198 f = fdb_find(head, addr, vid); 199 if (f && f->is_local && !f->added_by_user && f->dst == p) 200 fdb_delete_local(br, p, f); 201 spin_unlock_bh(&br->hash_lock); 202 } 203 204 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 205 { 206 struct net_bridge *br = p->br; 207 struct net_port_vlans *pv = nbp_get_vlan_info(p); 208 bool no_vlan = !pv; 209 int i; 210 u16 vid; 211 212 spin_lock_bh(&br->hash_lock); 213 214 /* Search all chains since old address/hash is unknown */ 215 for (i = 0; i < BR_HASH_SIZE; i++) { 216 struct hlist_node *h; 217 hlist_for_each(h, &br->hash[i]) { 218 struct net_bridge_fdb_entry *f; 219 220 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 221 if (f->dst == p && f->is_local && !f->added_by_user) { 222 /* delete old one */ 223 fdb_delete_local(br, p, f); 224 225 /* if this port has no vlan information 226 * configured, we can safely be done at 227 * this point. 228 */ 229 if (no_vlan) 230 goto insert; 231 } 232 } 233 } 234 235 insert: 236 /* insert new address, may fail if invalid address or dup. */ 237 fdb_insert(br, p, newaddr, 0); 238 239 if (no_vlan) 240 goto done; 241 242 /* Now add entries for every VLAN configured on the port. 243 * This function runs under RTNL so the bitmap will not change 244 * from under us. 245 */ 246 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) 247 fdb_insert(br, p, newaddr, vid); 248 249 done: 250 spin_unlock_bh(&br->hash_lock); 251 } 252 253 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 254 { 255 struct net_bridge_fdb_entry *f; 256 struct net_port_vlans *pv; 257 u16 vid = 0; 258 259 spin_lock_bh(&br->hash_lock); 260 261 /* If old entry was unassociated with any port, then delete it. */ 262 f = __br_fdb_get(br, br->dev->dev_addr, 0); 263 if (f && f->is_local && !f->dst) 264 fdb_delete_local(br, NULL, f); 265 266 fdb_insert(br, NULL, newaddr, 0); 267 268 /* Now remove and add entries for every VLAN configured on the 269 * bridge. This function runs under RTNL so the bitmap will not 270 * change from under us. 271 */ 272 pv = br_get_vlan_info(br); 273 if (!pv) 274 goto out; 275 276 for_each_set_bit_from(vid, pv->vlan_bitmap, VLAN_N_VID) { 277 f = __br_fdb_get(br, br->dev->dev_addr, vid); 278 if (f && f->is_local && !f->dst) 279 fdb_delete_local(br, NULL, f); 280 fdb_insert(br, NULL, newaddr, vid); 281 } 282 out: 283 spin_unlock_bh(&br->hash_lock); 284 } 285 286 void br_fdb_cleanup(unsigned long _data) 287 { 288 struct net_bridge *br = (struct net_bridge *)_data; 289 unsigned long delay = hold_time(br); 290 unsigned long next_timer = jiffies + br->ageing_time; 291 int i; 292 293 spin_lock(&br->hash_lock); 294 for (i = 0; i < BR_HASH_SIZE; i++) { 295 struct net_bridge_fdb_entry *f; 296 struct hlist_node *n; 297 298 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 299 unsigned long this_timer; 300 if (f->is_static) 301 continue; 302 if (f->added_by_external_learn) 303 continue; 304 this_timer = f->updated + delay; 305 if (time_before_eq(this_timer, jiffies)) 306 fdb_delete(br, f); 307 else if (time_before(this_timer, next_timer)) 308 next_timer = this_timer; 309 } 310 } 311 spin_unlock(&br->hash_lock); 312 313 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 314 } 315 316 /* Completely flush all dynamic entries in forwarding database.*/ 317 void br_fdb_flush(struct net_bridge *br) 318 { 319 int i; 320 321 spin_lock_bh(&br->hash_lock); 322 for (i = 0; i < BR_HASH_SIZE; i++) { 323 struct net_bridge_fdb_entry *f; 324 struct hlist_node *n; 325 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 326 if (!f->is_static) 327 fdb_delete(br, f); 328 } 329 } 330 spin_unlock_bh(&br->hash_lock); 331 } 332 333 /* Flush all entries referring to a specific port. 334 * if do_all is set also flush static entries 335 * if vid is set delete all entries that match the vlan_id 336 */ 337 void br_fdb_delete_by_port(struct net_bridge *br, 338 const struct net_bridge_port *p, 339 u16 vid, 340 int do_all) 341 { 342 int i; 343 344 spin_lock_bh(&br->hash_lock); 345 for (i = 0; i < BR_HASH_SIZE; i++) { 346 struct hlist_node *h, *g; 347 348 hlist_for_each_safe(h, g, &br->hash[i]) { 349 struct net_bridge_fdb_entry *f 350 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 351 if (f->dst != p) 352 continue; 353 354 if (!do_all) 355 if (f->is_static || (vid && f->vlan_id != vid)) 356 continue; 357 358 if (f->is_local) 359 fdb_delete_local(br, p, f); 360 else 361 fdb_delete(br, f); 362 } 363 } 364 spin_unlock_bh(&br->hash_lock); 365 } 366 367 /* No locking or refcounting, assumes caller has rcu_read_lock */ 368 struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 369 const unsigned char *addr, 370 __u16 vid) 371 { 372 struct net_bridge_fdb_entry *fdb; 373 374 hlist_for_each_entry_rcu(fdb, 375 &br->hash[br_mac_hash(addr, vid)], hlist) { 376 if (ether_addr_equal(fdb->addr.addr, addr) && 377 fdb->vlan_id == vid) { 378 if (unlikely(has_expired(br, fdb))) 379 break; 380 return fdb; 381 } 382 } 383 384 return NULL; 385 } 386 387 #if IS_ENABLED(CONFIG_ATM_LANE) 388 /* Interface used by ATM LANE hook to test 389 * if an addr is on some other bridge port */ 390 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 391 { 392 struct net_bridge_fdb_entry *fdb; 393 struct net_bridge_port *port; 394 int ret; 395 396 rcu_read_lock(); 397 port = br_port_get_rcu(dev); 398 if (!port) 399 ret = 0; 400 else { 401 fdb = __br_fdb_get(port->br, addr, 0); 402 ret = fdb && fdb->dst && fdb->dst->dev != dev && 403 fdb->dst->state == BR_STATE_FORWARDING; 404 } 405 rcu_read_unlock(); 406 407 return ret; 408 } 409 #endif /* CONFIG_ATM_LANE */ 410 411 /* 412 * Fill buffer with forwarding table records in 413 * the API format. 414 */ 415 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 416 unsigned long maxnum, unsigned long skip) 417 { 418 struct __fdb_entry *fe = buf; 419 int i, num = 0; 420 struct net_bridge_fdb_entry *f; 421 422 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 423 424 rcu_read_lock(); 425 for (i = 0; i < BR_HASH_SIZE; i++) { 426 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 427 if (num >= maxnum) 428 goto out; 429 430 if (has_expired(br, f)) 431 continue; 432 433 /* ignore pseudo entry for local MAC address */ 434 if (!f->dst) 435 continue; 436 437 if (skip) { 438 --skip; 439 continue; 440 } 441 442 /* convert from internal format to API */ 443 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 444 445 /* due to ABI compat need to split into hi/lo */ 446 fe->port_no = f->dst->port_no; 447 fe->port_hi = f->dst->port_no >> 8; 448 449 fe->is_local = f->is_local; 450 if (!f->is_static) 451 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 452 ++fe; 453 ++num; 454 } 455 } 456 457 out: 458 rcu_read_unlock(); 459 460 return num; 461 } 462 463 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 464 const unsigned char *addr, 465 __u16 vid) 466 { 467 struct net_bridge_fdb_entry *fdb; 468 469 hlist_for_each_entry(fdb, head, hlist) { 470 if (ether_addr_equal(fdb->addr.addr, addr) && 471 fdb->vlan_id == vid) 472 return fdb; 473 } 474 return NULL; 475 } 476 477 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 478 const unsigned char *addr, 479 __u16 vid) 480 { 481 struct net_bridge_fdb_entry *fdb; 482 483 hlist_for_each_entry_rcu(fdb, head, hlist) { 484 if (ether_addr_equal(fdb->addr.addr, addr) && 485 fdb->vlan_id == vid) 486 return fdb; 487 } 488 return NULL; 489 } 490 491 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 492 struct net_bridge_port *source, 493 const unsigned char *addr, 494 __u16 vid) 495 { 496 struct net_bridge_fdb_entry *fdb; 497 498 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 499 if (fdb) { 500 memcpy(fdb->addr.addr, addr, ETH_ALEN); 501 fdb->dst = source; 502 fdb->vlan_id = vid; 503 fdb->is_local = 0; 504 fdb->is_static = 0; 505 fdb->added_by_user = 0; 506 fdb->added_by_external_learn = 0; 507 fdb->updated = fdb->used = jiffies; 508 hlist_add_head_rcu(&fdb->hlist, head); 509 } 510 return fdb; 511 } 512 513 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 514 const unsigned char *addr, u16 vid) 515 { 516 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 517 struct net_bridge_fdb_entry *fdb; 518 519 if (!is_valid_ether_addr(addr)) 520 return -EINVAL; 521 522 fdb = fdb_find(head, addr, vid); 523 if (fdb) { 524 /* it is okay to have multiple ports with same 525 * address, just use the first one. 526 */ 527 if (fdb->is_local) 528 return 0; 529 br_warn(br, "adding interface %s with same address " 530 "as a received packet\n", 531 source ? source->dev->name : br->dev->name); 532 fdb_delete(br, fdb); 533 } 534 535 fdb = fdb_create(head, source, addr, vid); 536 if (!fdb) 537 return -ENOMEM; 538 539 fdb->is_local = fdb->is_static = 1; 540 fdb_add_hw_addr(br, addr); 541 fdb_notify(br, fdb, RTM_NEWNEIGH); 542 return 0; 543 } 544 545 /* Add entry for local address of interface */ 546 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 547 const unsigned char *addr, u16 vid) 548 { 549 int ret; 550 551 spin_lock_bh(&br->hash_lock); 552 ret = fdb_insert(br, source, addr, vid); 553 spin_unlock_bh(&br->hash_lock); 554 return ret; 555 } 556 557 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 558 const unsigned char *addr, u16 vid, bool added_by_user) 559 { 560 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 561 struct net_bridge_fdb_entry *fdb; 562 bool fdb_modified = false; 563 564 /* some users want to always flood. */ 565 if (hold_time(br) == 0) 566 return; 567 568 /* ignore packets unless we are using this port */ 569 if (!(source->state == BR_STATE_LEARNING || 570 source->state == BR_STATE_FORWARDING)) 571 return; 572 573 fdb = fdb_find_rcu(head, addr, vid); 574 if (likely(fdb)) { 575 /* attempt to update an entry for a local interface */ 576 if (unlikely(fdb->is_local)) { 577 if (net_ratelimit()) 578 br_warn(br, "received packet on %s with " 579 "own address as source address\n", 580 source->dev->name); 581 } else { 582 /* fastpath: update of existing entry */ 583 if (unlikely(source != fdb->dst)) { 584 fdb->dst = source; 585 fdb_modified = true; 586 } 587 fdb->updated = jiffies; 588 if (unlikely(added_by_user)) 589 fdb->added_by_user = 1; 590 if (unlikely(fdb_modified)) 591 fdb_notify(br, fdb, RTM_NEWNEIGH); 592 } 593 } else { 594 spin_lock(&br->hash_lock); 595 if (likely(!fdb_find(head, addr, vid))) { 596 fdb = fdb_create(head, source, addr, vid); 597 if (fdb) { 598 if (unlikely(added_by_user)) 599 fdb->added_by_user = 1; 600 fdb_notify(br, fdb, RTM_NEWNEIGH); 601 } 602 } 603 /* else we lose race and someone else inserts 604 * it first, don't bother updating 605 */ 606 spin_unlock(&br->hash_lock); 607 } 608 } 609 610 static int fdb_to_nud(const struct net_bridge_fdb_entry *fdb) 611 { 612 if (fdb->is_local) 613 return NUD_PERMANENT; 614 else if (fdb->is_static) 615 return NUD_NOARP; 616 else if (has_expired(fdb->dst->br, fdb)) 617 return NUD_STALE; 618 else 619 return NUD_REACHABLE; 620 } 621 622 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 623 const struct net_bridge_fdb_entry *fdb, 624 u32 portid, u32 seq, int type, unsigned int flags) 625 { 626 unsigned long now = jiffies; 627 struct nda_cacheinfo ci; 628 struct nlmsghdr *nlh; 629 struct ndmsg *ndm; 630 631 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 632 if (nlh == NULL) 633 return -EMSGSIZE; 634 635 ndm = nlmsg_data(nlh); 636 ndm->ndm_family = AF_BRIDGE; 637 ndm->ndm_pad1 = 0; 638 ndm->ndm_pad2 = 0; 639 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 640 ndm->ndm_type = 0; 641 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 642 ndm->ndm_state = fdb_to_nud(fdb); 643 644 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 645 goto nla_put_failure; 646 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 647 goto nla_put_failure; 648 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 649 ci.ndm_confirmed = 0; 650 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 651 ci.ndm_refcnt = 0; 652 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 653 goto nla_put_failure; 654 655 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 656 goto nla_put_failure; 657 658 nlmsg_end(skb, nlh); 659 return 0; 660 661 nla_put_failure: 662 nlmsg_cancel(skb, nlh); 663 return -EMSGSIZE; 664 } 665 666 static inline size_t fdb_nlmsg_size(void) 667 { 668 return NLMSG_ALIGN(sizeof(struct ndmsg)) 669 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 670 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 671 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 672 + nla_total_size(sizeof(struct nda_cacheinfo)); 673 } 674 675 static void fdb_notify(struct net_bridge *br, 676 const struct net_bridge_fdb_entry *fdb, int type) 677 { 678 struct net *net = dev_net(br->dev); 679 struct sk_buff *skb; 680 int err = -ENOBUFS; 681 682 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 683 if (skb == NULL) 684 goto errout; 685 686 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 687 if (err < 0) { 688 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 689 WARN_ON(err == -EMSGSIZE); 690 kfree_skb(skb); 691 goto errout; 692 } 693 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 694 return; 695 errout: 696 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 697 } 698 699 /* Dump information about entries, in response to GETNEIGH */ 700 int br_fdb_dump(struct sk_buff *skb, 701 struct netlink_callback *cb, 702 struct net_device *dev, 703 struct net_device *filter_dev, 704 int idx) 705 { 706 struct net_bridge *br = netdev_priv(dev); 707 int i; 708 709 if (!(dev->priv_flags & IFF_EBRIDGE)) 710 goto out; 711 712 if (!filter_dev) 713 idx = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 714 715 for (i = 0; i < BR_HASH_SIZE; i++) { 716 struct net_bridge_fdb_entry *f; 717 718 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 719 if (idx < cb->args[0]) 720 goto skip; 721 722 if (filter_dev && 723 (!f->dst || f->dst->dev != filter_dev)) { 724 if (filter_dev != dev) 725 goto skip; 726 /* !f->dst is a special case for bridge 727 * It means the MAC belongs to the bridge 728 * Therefore need a little more filtering 729 * we only want to dump the !f->dst case 730 */ 731 if (f->dst) 732 goto skip; 733 } 734 if (!filter_dev && f->dst) 735 goto skip; 736 737 if (fdb_fill_info(skb, br, f, 738 NETLINK_CB(cb->skb).portid, 739 cb->nlh->nlmsg_seq, 740 RTM_NEWNEIGH, 741 NLM_F_MULTI) < 0) 742 break; 743 skip: 744 ++idx; 745 } 746 } 747 748 out: 749 return idx; 750 } 751 752 /* Update (create or replace) forwarding database entry */ 753 static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 754 __u16 state, __u16 flags, __u16 vid) 755 { 756 struct net_bridge *br = source->br; 757 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 758 struct net_bridge_fdb_entry *fdb; 759 bool modified = false; 760 761 /* If the port cannot learn allow only local and static entries */ 762 if (!(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 763 !(source->state == BR_STATE_LEARNING || 764 source->state == BR_STATE_FORWARDING)) 765 return -EPERM; 766 767 fdb = fdb_find(head, addr, vid); 768 if (fdb == NULL) { 769 if (!(flags & NLM_F_CREATE)) 770 return -ENOENT; 771 772 fdb = fdb_create(head, source, addr, vid); 773 if (!fdb) 774 return -ENOMEM; 775 776 modified = true; 777 } else { 778 if (flags & NLM_F_EXCL) 779 return -EEXIST; 780 781 if (fdb->dst != source) { 782 fdb->dst = source; 783 modified = true; 784 } 785 } 786 787 if (fdb_to_nud(fdb) != state) { 788 if (state & NUD_PERMANENT) { 789 fdb->is_local = 1; 790 if (!fdb->is_static) { 791 fdb->is_static = 1; 792 fdb_add_hw_addr(br, addr); 793 } 794 } else if (state & NUD_NOARP) { 795 fdb->is_local = 0; 796 if (!fdb->is_static) { 797 fdb->is_static = 1; 798 fdb_add_hw_addr(br, addr); 799 } 800 } else { 801 fdb->is_local = 0; 802 if (fdb->is_static) { 803 fdb->is_static = 0; 804 fdb_del_hw_addr(br, addr); 805 } 806 } 807 808 modified = true; 809 } 810 fdb->added_by_user = 1; 811 812 fdb->used = jiffies; 813 if (modified) { 814 fdb->updated = jiffies; 815 fdb_notify(br, fdb, RTM_NEWNEIGH); 816 } 817 818 return 0; 819 } 820 821 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 822 const unsigned char *addr, u16 nlh_flags, u16 vid) 823 { 824 int err = 0; 825 826 if (ndm->ndm_flags & NTF_USE) { 827 local_bh_disable(); 828 rcu_read_lock(); 829 br_fdb_update(p->br, p, addr, vid, true); 830 rcu_read_unlock(); 831 local_bh_enable(); 832 } else { 833 spin_lock_bh(&p->br->hash_lock); 834 err = fdb_add_entry(p, addr, ndm->ndm_state, 835 nlh_flags, vid); 836 spin_unlock_bh(&p->br->hash_lock); 837 } 838 839 return err; 840 } 841 842 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 843 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 844 struct net_device *dev, 845 const unsigned char *addr, u16 vid, u16 nlh_flags) 846 { 847 struct net_bridge_port *p; 848 int err = 0; 849 struct net_port_vlans *pv; 850 851 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 852 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 853 return -EINVAL; 854 } 855 856 if (is_zero_ether_addr(addr)) { 857 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 858 return -EINVAL; 859 } 860 861 p = br_port_get_rtnl(dev); 862 if (p == NULL) { 863 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 864 dev->name); 865 return -EINVAL; 866 } 867 868 pv = nbp_get_vlan_info(p); 869 if (vid) { 870 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 871 pr_info("bridge: RTM_NEWNEIGH with unconfigured " 872 "vlan %d on port %s\n", vid, dev->name); 873 return -EINVAL; 874 } 875 876 /* VID was specified, so use it. */ 877 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 878 } else { 879 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 880 if (err || !pv) 881 goto out; 882 883 /* We have vlans configured on this port and user didn't 884 * specify a VLAN. To be nice, add/update entry for every 885 * vlan on this port. 886 */ 887 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 888 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 889 if (err) 890 goto out; 891 } 892 } 893 894 out: 895 return err; 896 } 897 898 static int fdb_delete_by_addr_and_port(struct net_bridge_port *p, 899 const u8 *addr, u16 vlan) 900 { 901 struct net_bridge *br = p->br; 902 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 903 struct net_bridge_fdb_entry *fdb; 904 905 fdb = fdb_find(head, addr, vlan); 906 if (!fdb || fdb->dst != p) 907 return -ENOENT; 908 909 fdb_delete(br, fdb); 910 return 0; 911 } 912 913 static int __br_fdb_delete(struct net_bridge_port *p, 914 const unsigned char *addr, u16 vid) 915 { 916 int err; 917 918 spin_lock_bh(&p->br->hash_lock); 919 err = fdb_delete_by_addr_and_port(p, addr, vid); 920 spin_unlock_bh(&p->br->hash_lock); 921 922 return err; 923 } 924 925 /* Remove neighbor entry with RTM_DELNEIGH */ 926 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 927 struct net_device *dev, 928 const unsigned char *addr, u16 vid) 929 { 930 struct net_bridge_port *p; 931 int err; 932 struct net_port_vlans *pv; 933 934 p = br_port_get_rtnl(dev); 935 if (p == NULL) { 936 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 937 dev->name); 938 return -EINVAL; 939 } 940 941 pv = nbp_get_vlan_info(p); 942 if (vid) { 943 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 944 pr_info("bridge: RTM_DELNEIGH with unconfigured " 945 "vlan %d on port %s\n", vid, dev->name); 946 return -EINVAL; 947 } 948 949 err = __br_fdb_delete(p, addr, vid); 950 } else { 951 err = -ENOENT; 952 err &= __br_fdb_delete(p, addr, 0); 953 if (!pv) 954 goto out; 955 956 /* We have vlans configured on this port and user didn't 957 * specify a VLAN. To be nice, add/update entry for every 958 * vlan on this port. 959 */ 960 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 961 err &= __br_fdb_delete(p, addr, vid); 962 } 963 } 964 out: 965 return err; 966 } 967 968 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 969 { 970 struct net_bridge_fdb_entry *fdb, *tmp; 971 int i; 972 int err; 973 974 ASSERT_RTNL(); 975 976 for (i = 0; i < BR_HASH_SIZE; i++) { 977 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 978 /* We only care for static entries */ 979 if (!fdb->is_static) 980 continue; 981 982 err = dev_uc_add(p->dev, fdb->addr.addr); 983 if (err) 984 goto rollback; 985 } 986 } 987 return 0; 988 989 rollback: 990 for (i = 0; i < BR_HASH_SIZE; i++) { 991 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 992 /* If we reached the fdb that failed, we can stop */ 993 if (tmp == fdb) 994 break; 995 996 /* We only care for static entries */ 997 if (!tmp->is_static) 998 continue; 999 1000 dev_uc_del(p->dev, tmp->addr.addr); 1001 } 1002 } 1003 return err; 1004 } 1005 1006 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1007 { 1008 struct net_bridge_fdb_entry *fdb; 1009 int i; 1010 1011 ASSERT_RTNL(); 1012 1013 for (i = 0; i < BR_HASH_SIZE; i++) { 1014 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1015 /* We only care for static entries */ 1016 if (!fdb->is_static) 1017 continue; 1018 1019 dev_uc_del(p->dev, fdb->addr.addr); 1020 } 1021 } 1022 } 1023 1024 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1025 const unsigned char *addr, u16 vid) 1026 { 1027 struct hlist_head *head; 1028 struct net_bridge_fdb_entry *fdb; 1029 int err = 0; 1030 1031 ASSERT_RTNL(); 1032 spin_lock_bh(&br->hash_lock); 1033 1034 head = &br->hash[br_mac_hash(addr, vid)]; 1035 fdb = fdb_find(head, addr, vid); 1036 if (!fdb) { 1037 fdb = fdb_create(head, p, addr, vid); 1038 if (!fdb) { 1039 err = -ENOMEM; 1040 goto err_unlock; 1041 } 1042 fdb->added_by_external_learn = 1; 1043 fdb_notify(br, fdb, RTM_NEWNEIGH); 1044 } else if (fdb->added_by_external_learn) { 1045 /* Refresh entry */ 1046 fdb->updated = fdb->used = jiffies; 1047 } else if (!fdb->added_by_user) { 1048 /* Take over SW learned entry */ 1049 fdb->added_by_external_learn = 1; 1050 fdb->updated = jiffies; 1051 fdb_notify(br, fdb, RTM_NEWNEIGH); 1052 } 1053 1054 err_unlock: 1055 spin_unlock_bh(&br->hash_lock); 1056 1057 return err; 1058 } 1059 1060 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1061 const unsigned char *addr, u16 vid) 1062 { 1063 struct hlist_head *head; 1064 struct net_bridge_fdb_entry *fdb; 1065 int err = 0; 1066 1067 ASSERT_RTNL(); 1068 spin_lock_bh(&br->hash_lock); 1069 1070 head = &br->hash[br_mac_hash(addr, vid)]; 1071 fdb = fdb_find(head, addr, vid); 1072 if (fdb && fdb->added_by_external_learn) 1073 fdb_delete(br, fdb); 1074 else 1075 err = -ENOENT; 1076 1077 spin_unlock_bh(&br->hash_lock); 1078 1079 return err; 1080 } 1081