1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include "br_private.h" 28 29 static struct kmem_cache *br_fdb_cache __read_mostly; 30 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 31 const unsigned char *addr, 32 __u16 vid); 33 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 34 const unsigned char *addr, u16 vid); 35 static void fdb_notify(struct net_bridge *br, 36 const struct net_bridge_fdb_entry *, int); 37 38 static u32 fdb_salt __read_mostly; 39 40 int __init br_fdb_init(void) 41 { 42 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 43 sizeof(struct net_bridge_fdb_entry), 44 0, 45 SLAB_HWCACHE_ALIGN, NULL); 46 if (!br_fdb_cache) 47 return -ENOMEM; 48 49 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 50 return 0; 51 } 52 53 void br_fdb_fini(void) 54 { 55 kmem_cache_destroy(br_fdb_cache); 56 } 57 58 59 /* if topology_changing then use forward_delay (default 15 sec) 60 * otherwise keep longer (default 5 minutes) 61 */ 62 static inline unsigned long hold_time(const struct net_bridge *br) 63 { 64 return br->topology_change ? br->forward_delay : br->ageing_time; 65 } 66 67 static inline int has_expired(const struct net_bridge *br, 68 const struct net_bridge_fdb_entry *fdb) 69 { 70 return !fdb->is_static && 71 time_before_eq(fdb->updated + hold_time(br), jiffies); 72 } 73 74 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 75 { 76 /* use 1 byte of OUI and 3 bytes of NIC */ 77 u32 key = get_unaligned((u32 *)(mac + 2)); 78 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 79 } 80 81 static void fdb_rcu_free(struct rcu_head *head) 82 { 83 struct net_bridge_fdb_entry *ent 84 = container_of(head, struct net_bridge_fdb_entry, rcu); 85 kmem_cache_free(br_fdb_cache, ent); 86 } 87 88 /* When a static FDB entry is added, the mac address from the entry is 89 * added to the bridge private HW address list and all required ports 90 * are then updated with the new information. 91 * Called under RTNL. 92 */ 93 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 94 { 95 int err; 96 struct net_bridge_port *p; 97 98 ASSERT_RTNL(); 99 100 list_for_each_entry(p, &br->port_list, list) { 101 if (!br_promisc_port(p)) { 102 err = dev_uc_add(p->dev, addr); 103 if (err) 104 goto undo; 105 } 106 } 107 108 return; 109 undo: 110 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 111 if (!br_promisc_port(p)) 112 dev_uc_del(p->dev, addr); 113 } 114 } 115 116 /* When a static FDB entry is deleted, the HW address from that entry is 117 * also removed from the bridge private HW address list and updates all 118 * the ports with needed information. 119 * Called under RTNL. 120 */ 121 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 122 { 123 struct net_bridge_port *p; 124 125 ASSERT_RTNL(); 126 127 list_for_each_entry(p, &br->port_list, list) { 128 if (!br_promisc_port(p)) 129 dev_uc_del(p->dev, addr); 130 } 131 } 132 133 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 134 { 135 if (f->is_static) 136 fdb_del_hw_addr(br, f->addr.addr); 137 138 hlist_del_rcu(&f->hlist); 139 fdb_notify(br, f, RTM_DELNEIGH); 140 call_rcu(&f->rcu, fdb_rcu_free); 141 } 142 143 /* Delete a local entry if no other port had the same address. */ 144 static void fdb_delete_local(struct net_bridge *br, 145 const struct net_bridge_port *p, 146 struct net_bridge_fdb_entry *f) 147 { 148 const unsigned char *addr = f->addr.addr; 149 u16 vid = f->vlan_id; 150 struct net_bridge_port *op; 151 152 /* Maybe another port has same hw addr? */ 153 list_for_each_entry(op, &br->port_list, list) { 154 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 155 (!vid || nbp_vlan_find(op, vid))) { 156 f->dst = op; 157 f->added_by_user = 0; 158 return; 159 } 160 } 161 162 /* Maybe bridge device has same hw addr? */ 163 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 164 (!vid || br_vlan_find(br, vid))) { 165 f->dst = NULL; 166 f->added_by_user = 0; 167 return; 168 } 169 170 fdb_delete(br, f); 171 } 172 173 void br_fdb_find_delete_local(struct net_bridge *br, 174 const struct net_bridge_port *p, 175 const unsigned char *addr, u16 vid) 176 { 177 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 178 struct net_bridge_fdb_entry *f; 179 180 spin_lock_bh(&br->hash_lock); 181 f = fdb_find(head, addr, vid); 182 if (f && f->is_local && !f->added_by_user && f->dst == p) 183 fdb_delete_local(br, p, f); 184 spin_unlock_bh(&br->hash_lock); 185 } 186 187 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 188 { 189 struct net_bridge *br = p->br; 190 struct net_port_vlans *pv = nbp_get_vlan_info(p); 191 bool no_vlan = !pv; 192 int i; 193 u16 vid; 194 195 spin_lock_bh(&br->hash_lock); 196 197 /* Search all chains since old address/hash is unknown */ 198 for (i = 0; i < BR_HASH_SIZE; i++) { 199 struct hlist_node *h; 200 hlist_for_each(h, &br->hash[i]) { 201 struct net_bridge_fdb_entry *f; 202 203 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 204 if (f->dst == p && f->is_local && !f->added_by_user) { 205 /* delete old one */ 206 fdb_delete_local(br, p, f); 207 208 /* if this port has no vlan information 209 * configured, we can safely be done at 210 * this point. 211 */ 212 if (no_vlan) 213 goto insert; 214 } 215 } 216 } 217 218 insert: 219 /* insert new address, may fail if invalid address or dup. */ 220 fdb_insert(br, p, newaddr, 0); 221 222 if (no_vlan) 223 goto done; 224 225 /* Now add entries for every VLAN configured on the port. 226 * This function runs under RTNL so the bitmap will not change 227 * from under us. 228 */ 229 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) 230 fdb_insert(br, p, newaddr, vid); 231 232 done: 233 spin_unlock_bh(&br->hash_lock); 234 } 235 236 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 237 { 238 struct net_bridge_fdb_entry *f; 239 struct net_port_vlans *pv; 240 u16 vid = 0; 241 242 spin_lock_bh(&br->hash_lock); 243 244 /* If old entry was unassociated with any port, then delete it. */ 245 f = __br_fdb_get(br, br->dev->dev_addr, 0); 246 if (f && f->is_local && !f->dst) 247 fdb_delete_local(br, NULL, f); 248 249 fdb_insert(br, NULL, newaddr, 0); 250 251 /* Now remove and add entries for every VLAN configured on the 252 * bridge. This function runs under RTNL so the bitmap will not 253 * change from under us. 254 */ 255 pv = br_get_vlan_info(br); 256 if (!pv) 257 goto out; 258 259 for_each_set_bit_from(vid, pv->vlan_bitmap, VLAN_N_VID) { 260 f = __br_fdb_get(br, br->dev->dev_addr, vid); 261 if (f && f->is_local && !f->dst) 262 fdb_delete_local(br, NULL, f); 263 fdb_insert(br, NULL, newaddr, vid); 264 } 265 out: 266 spin_unlock_bh(&br->hash_lock); 267 } 268 269 void br_fdb_cleanup(unsigned long _data) 270 { 271 struct net_bridge *br = (struct net_bridge *)_data; 272 unsigned long delay = hold_time(br); 273 unsigned long next_timer = jiffies + br->ageing_time; 274 int i; 275 276 spin_lock(&br->hash_lock); 277 for (i = 0; i < BR_HASH_SIZE; i++) { 278 struct net_bridge_fdb_entry *f; 279 struct hlist_node *n; 280 281 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 282 unsigned long this_timer; 283 if (f->is_static) 284 continue; 285 this_timer = f->updated + delay; 286 if (time_before_eq(this_timer, jiffies)) 287 fdb_delete(br, f); 288 else if (time_before(this_timer, next_timer)) 289 next_timer = this_timer; 290 } 291 } 292 spin_unlock(&br->hash_lock); 293 294 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 295 } 296 297 /* Completely flush all dynamic entries in forwarding database.*/ 298 void br_fdb_flush(struct net_bridge *br) 299 { 300 int i; 301 302 spin_lock_bh(&br->hash_lock); 303 for (i = 0; i < BR_HASH_SIZE; i++) { 304 struct net_bridge_fdb_entry *f; 305 struct hlist_node *n; 306 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 307 if (!f->is_static) 308 fdb_delete(br, f); 309 } 310 } 311 spin_unlock_bh(&br->hash_lock); 312 } 313 314 /* Flush all entries referring to a specific port. 315 * if do_all is set also flush static entries 316 */ 317 void br_fdb_delete_by_port(struct net_bridge *br, 318 const struct net_bridge_port *p, 319 int do_all) 320 { 321 int i; 322 323 spin_lock_bh(&br->hash_lock); 324 for (i = 0; i < BR_HASH_SIZE; i++) { 325 struct hlist_node *h, *g; 326 327 hlist_for_each_safe(h, g, &br->hash[i]) { 328 struct net_bridge_fdb_entry *f 329 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 330 if (f->dst != p) 331 continue; 332 333 if (f->is_static && !do_all) 334 continue; 335 336 if (f->is_local) 337 fdb_delete_local(br, p, f); 338 else 339 fdb_delete(br, f); 340 } 341 } 342 spin_unlock_bh(&br->hash_lock); 343 } 344 345 /* No locking or refcounting, assumes caller has rcu_read_lock */ 346 struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 347 const unsigned char *addr, 348 __u16 vid) 349 { 350 struct net_bridge_fdb_entry *fdb; 351 352 hlist_for_each_entry_rcu(fdb, 353 &br->hash[br_mac_hash(addr, vid)], hlist) { 354 if (ether_addr_equal(fdb->addr.addr, addr) && 355 fdb->vlan_id == vid) { 356 if (unlikely(has_expired(br, fdb))) 357 break; 358 return fdb; 359 } 360 } 361 362 return NULL; 363 } 364 365 #if IS_ENABLED(CONFIG_ATM_LANE) 366 /* Interface used by ATM LANE hook to test 367 * if an addr is on some other bridge port */ 368 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 369 { 370 struct net_bridge_fdb_entry *fdb; 371 struct net_bridge_port *port; 372 int ret; 373 374 rcu_read_lock(); 375 port = br_port_get_rcu(dev); 376 if (!port) 377 ret = 0; 378 else { 379 fdb = __br_fdb_get(port->br, addr, 0); 380 ret = fdb && fdb->dst && fdb->dst->dev != dev && 381 fdb->dst->state == BR_STATE_FORWARDING; 382 } 383 rcu_read_unlock(); 384 385 return ret; 386 } 387 #endif /* CONFIG_ATM_LANE */ 388 389 /* 390 * Fill buffer with forwarding table records in 391 * the API format. 392 */ 393 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 394 unsigned long maxnum, unsigned long skip) 395 { 396 struct __fdb_entry *fe = buf; 397 int i, num = 0; 398 struct net_bridge_fdb_entry *f; 399 400 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 401 402 rcu_read_lock(); 403 for (i = 0; i < BR_HASH_SIZE; i++) { 404 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 405 if (num >= maxnum) 406 goto out; 407 408 if (has_expired(br, f)) 409 continue; 410 411 /* ignore pseudo entry for local MAC address */ 412 if (!f->dst) 413 continue; 414 415 if (skip) { 416 --skip; 417 continue; 418 } 419 420 /* convert from internal format to API */ 421 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 422 423 /* due to ABI compat need to split into hi/lo */ 424 fe->port_no = f->dst->port_no; 425 fe->port_hi = f->dst->port_no >> 8; 426 427 fe->is_local = f->is_local; 428 if (!f->is_static) 429 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 430 ++fe; 431 ++num; 432 } 433 } 434 435 out: 436 rcu_read_unlock(); 437 438 return num; 439 } 440 441 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 442 const unsigned char *addr, 443 __u16 vid) 444 { 445 struct net_bridge_fdb_entry *fdb; 446 447 hlist_for_each_entry(fdb, head, hlist) { 448 if (ether_addr_equal(fdb->addr.addr, addr) && 449 fdb->vlan_id == vid) 450 return fdb; 451 } 452 return NULL; 453 } 454 455 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 456 const unsigned char *addr, 457 __u16 vid) 458 { 459 struct net_bridge_fdb_entry *fdb; 460 461 hlist_for_each_entry_rcu(fdb, head, hlist) { 462 if (ether_addr_equal(fdb->addr.addr, addr) && 463 fdb->vlan_id == vid) 464 return fdb; 465 } 466 return NULL; 467 } 468 469 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 470 struct net_bridge_port *source, 471 const unsigned char *addr, 472 __u16 vid) 473 { 474 struct net_bridge_fdb_entry *fdb; 475 476 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 477 if (fdb) { 478 memcpy(fdb->addr.addr, addr, ETH_ALEN); 479 fdb->dst = source; 480 fdb->vlan_id = vid; 481 fdb->is_local = 0; 482 fdb->is_static = 0; 483 fdb->added_by_user = 0; 484 fdb->added_by_external_learn = 0; 485 fdb->updated = fdb->used = jiffies; 486 hlist_add_head_rcu(&fdb->hlist, head); 487 } 488 return fdb; 489 } 490 491 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 492 const unsigned char *addr, u16 vid) 493 { 494 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 495 struct net_bridge_fdb_entry *fdb; 496 497 if (!is_valid_ether_addr(addr)) 498 return -EINVAL; 499 500 fdb = fdb_find(head, addr, vid); 501 if (fdb) { 502 /* it is okay to have multiple ports with same 503 * address, just use the first one. 504 */ 505 if (fdb->is_local) 506 return 0; 507 br_warn(br, "adding interface %s with same address " 508 "as a received packet\n", 509 source ? source->dev->name : br->dev->name); 510 fdb_delete(br, fdb); 511 } 512 513 fdb = fdb_create(head, source, addr, vid); 514 if (!fdb) 515 return -ENOMEM; 516 517 fdb->is_local = fdb->is_static = 1; 518 fdb_add_hw_addr(br, addr); 519 fdb_notify(br, fdb, RTM_NEWNEIGH); 520 return 0; 521 } 522 523 /* Add entry for local address of interface */ 524 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 525 const unsigned char *addr, u16 vid) 526 { 527 int ret; 528 529 spin_lock_bh(&br->hash_lock); 530 ret = fdb_insert(br, source, addr, vid); 531 spin_unlock_bh(&br->hash_lock); 532 return ret; 533 } 534 535 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 536 const unsigned char *addr, u16 vid, bool added_by_user) 537 { 538 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 539 struct net_bridge_fdb_entry *fdb; 540 bool fdb_modified = false; 541 542 /* some users want to always flood. */ 543 if (hold_time(br) == 0) 544 return; 545 546 /* ignore packets unless we are using this port */ 547 if (!(source->state == BR_STATE_LEARNING || 548 source->state == BR_STATE_FORWARDING)) 549 return; 550 551 fdb = fdb_find_rcu(head, addr, vid); 552 if (likely(fdb)) { 553 /* attempt to update an entry for a local interface */ 554 if (unlikely(fdb->is_local)) { 555 if (net_ratelimit()) 556 br_warn(br, "received packet on %s with " 557 "own address as source address\n", 558 source->dev->name); 559 } else { 560 /* fastpath: update of existing entry */ 561 if (unlikely(source != fdb->dst)) { 562 fdb->dst = source; 563 fdb_modified = true; 564 } 565 fdb->updated = jiffies; 566 if (unlikely(added_by_user)) 567 fdb->added_by_user = 1; 568 if (unlikely(fdb_modified)) 569 fdb_notify(br, fdb, RTM_NEWNEIGH); 570 } 571 } else { 572 spin_lock(&br->hash_lock); 573 if (likely(!fdb_find(head, addr, vid))) { 574 fdb = fdb_create(head, source, addr, vid); 575 if (fdb) { 576 if (unlikely(added_by_user)) 577 fdb->added_by_user = 1; 578 fdb_notify(br, fdb, RTM_NEWNEIGH); 579 } 580 } 581 /* else we lose race and someone else inserts 582 * it first, don't bother updating 583 */ 584 spin_unlock(&br->hash_lock); 585 } 586 } 587 588 static int fdb_to_nud(const struct net_bridge_fdb_entry *fdb) 589 { 590 if (fdb->is_local) 591 return NUD_PERMANENT; 592 else if (fdb->is_static) 593 return NUD_NOARP; 594 else if (has_expired(fdb->dst->br, fdb)) 595 return NUD_STALE; 596 else 597 return NUD_REACHABLE; 598 } 599 600 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 601 const struct net_bridge_fdb_entry *fdb, 602 u32 portid, u32 seq, int type, unsigned int flags) 603 { 604 unsigned long now = jiffies; 605 struct nda_cacheinfo ci; 606 struct nlmsghdr *nlh; 607 struct ndmsg *ndm; 608 609 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 610 if (nlh == NULL) 611 return -EMSGSIZE; 612 613 ndm = nlmsg_data(nlh); 614 ndm->ndm_family = AF_BRIDGE; 615 ndm->ndm_pad1 = 0; 616 ndm->ndm_pad2 = 0; 617 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 618 ndm->ndm_type = 0; 619 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 620 ndm->ndm_state = fdb_to_nud(fdb); 621 622 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 623 goto nla_put_failure; 624 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 625 goto nla_put_failure; 626 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 627 ci.ndm_confirmed = 0; 628 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 629 ci.ndm_refcnt = 0; 630 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 631 goto nla_put_failure; 632 633 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 634 goto nla_put_failure; 635 636 return nlmsg_end(skb, nlh); 637 638 nla_put_failure: 639 nlmsg_cancel(skb, nlh); 640 return -EMSGSIZE; 641 } 642 643 static inline size_t fdb_nlmsg_size(void) 644 { 645 return NLMSG_ALIGN(sizeof(struct ndmsg)) 646 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 647 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 648 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 649 + nla_total_size(sizeof(struct nda_cacheinfo)); 650 } 651 652 static void fdb_notify(struct net_bridge *br, 653 const struct net_bridge_fdb_entry *fdb, int type) 654 { 655 struct net *net = dev_net(br->dev); 656 struct sk_buff *skb; 657 int err = -ENOBUFS; 658 659 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 660 if (skb == NULL) 661 goto errout; 662 663 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 664 if (err < 0) { 665 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 666 WARN_ON(err == -EMSGSIZE); 667 kfree_skb(skb); 668 goto errout; 669 } 670 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 671 return; 672 errout: 673 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 674 } 675 676 /* Dump information about entries, in response to GETNEIGH */ 677 int br_fdb_dump(struct sk_buff *skb, 678 struct netlink_callback *cb, 679 struct net_device *dev, 680 struct net_device *filter_dev, 681 int idx) 682 { 683 struct net_bridge *br = netdev_priv(dev); 684 int i; 685 686 if (!(dev->priv_flags & IFF_EBRIDGE)) 687 goto out; 688 689 for (i = 0; i < BR_HASH_SIZE; i++) { 690 struct net_bridge_fdb_entry *f; 691 692 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 693 if (idx < cb->args[0]) 694 goto skip; 695 696 if (filter_dev && 697 (!f->dst || f->dst->dev != filter_dev)) { 698 if (filter_dev != dev) 699 goto skip; 700 /* !f->dst is a speacial case for bridge 701 * It means the MAC belongs to the bridge 702 * Therefore need a little more filtering 703 * we only want to dump the !f->dst case 704 */ 705 if (f->dst) 706 goto skip; 707 } 708 709 if (fdb_fill_info(skb, br, f, 710 NETLINK_CB(cb->skb).portid, 711 cb->nlh->nlmsg_seq, 712 RTM_NEWNEIGH, 713 NLM_F_MULTI) < 0) 714 break; 715 skip: 716 ++idx; 717 } 718 } 719 720 out: 721 return idx; 722 } 723 724 /* Update (create or replace) forwarding database entry */ 725 static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 726 __u16 state, __u16 flags, __u16 vid) 727 { 728 struct net_bridge *br = source->br; 729 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 730 struct net_bridge_fdb_entry *fdb; 731 bool modified = false; 732 733 fdb = fdb_find(head, addr, vid); 734 if (fdb == NULL) { 735 if (!(flags & NLM_F_CREATE)) 736 return -ENOENT; 737 738 fdb = fdb_create(head, source, addr, vid); 739 if (!fdb) 740 return -ENOMEM; 741 742 modified = true; 743 } else { 744 if (flags & NLM_F_EXCL) 745 return -EEXIST; 746 747 if (fdb->dst != source) { 748 fdb->dst = source; 749 modified = true; 750 } 751 } 752 753 if (fdb_to_nud(fdb) != state) { 754 if (state & NUD_PERMANENT) { 755 fdb->is_local = 1; 756 if (!fdb->is_static) { 757 fdb->is_static = 1; 758 fdb_add_hw_addr(br, addr); 759 } 760 } else if (state & NUD_NOARP) { 761 fdb->is_local = 0; 762 if (!fdb->is_static) { 763 fdb->is_static = 1; 764 fdb_add_hw_addr(br, addr); 765 } 766 } else { 767 fdb->is_local = 0; 768 if (fdb->is_static) { 769 fdb->is_static = 0; 770 fdb_del_hw_addr(br, addr); 771 } 772 } 773 774 modified = true; 775 } 776 fdb->added_by_user = 1; 777 778 fdb->used = jiffies; 779 if (modified) { 780 fdb->updated = jiffies; 781 fdb_notify(br, fdb, RTM_NEWNEIGH); 782 } 783 784 return 0; 785 } 786 787 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 788 const unsigned char *addr, u16 nlh_flags, u16 vid) 789 { 790 int err = 0; 791 792 if (ndm->ndm_flags & NTF_USE) { 793 rcu_read_lock(); 794 br_fdb_update(p->br, p, addr, vid, true); 795 rcu_read_unlock(); 796 } else { 797 spin_lock_bh(&p->br->hash_lock); 798 err = fdb_add_entry(p, addr, ndm->ndm_state, 799 nlh_flags, vid); 800 spin_unlock_bh(&p->br->hash_lock); 801 } 802 803 return err; 804 } 805 806 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 807 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 808 struct net_device *dev, 809 const unsigned char *addr, u16 vid, u16 nlh_flags) 810 { 811 struct net_bridge_port *p; 812 int err = 0; 813 struct net_port_vlans *pv; 814 815 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 816 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 817 return -EINVAL; 818 } 819 820 if (is_zero_ether_addr(addr)) { 821 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 822 return -EINVAL; 823 } 824 825 p = br_port_get_rtnl(dev); 826 if (p == NULL) { 827 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 828 dev->name); 829 return -EINVAL; 830 } 831 832 pv = nbp_get_vlan_info(p); 833 if (vid) { 834 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 835 pr_info("bridge: RTM_NEWNEIGH with unconfigured " 836 "vlan %d on port %s\n", vid, dev->name); 837 return -EINVAL; 838 } 839 840 /* VID was specified, so use it. */ 841 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 842 } else { 843 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 844 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 845 goto out; 846 } 847 848 /* We have vlans configured on this port and user didn't 849 * specify a VLAN. To be nice, add/update entry for every 850 * vlan on this port. 851 */ 852 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 853 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 854 if (err) 855 goto out; 856 } 857 } 858 859 out: 860 return err; 861 } 862 863 static int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, u16 vlan) 864 { 865 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 866 struct net_bridge_fdb_entry *fdb; 867 868 fdb = fdb_find(head, addr, vlan); 869 if (!fdb) 870 return -ENOENT; 871 872 fdb_delete(br, fdb); 873 return 0; 874 } 875 876 static int __br_fdb_delete(struct net_bridge_port *p, 877 const unsigned char *addr, u16 vid) 878 { 879 int err; 880 881 spin_lock_bh(&p->br->hash_lock); 882 err = fdb_delete_by_addr(p->br, addr, vid); 883 spin_unlock_bh(&p->br->hash_lock); 884 885 return err; 886 } 887 888 /* Remove neighbor entry with RTM_DELNEIGH */ 889 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 890 struct net_device *dev, 891 const unsigned char *addr, u16 vid) 892 { 893 struct net_bridge_port *p; 894 int err; 895 struct net_port_vlans *pv; 896 897 p = br_port_get_rtnl(dev); 898 if (p == NULL) { 899 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 900 dev->name); 901 return -EINVAL; 902 } 903 904 pv = nbp_get_vlan_info(p); 905 if (vid) { 906 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 907 pr_info("bridge: RTM_DELNEIGH with unconfigured " 908 "vlan %d on port %s\n", vid, dev->name); 909 return -EINVAL; 910 } 911 912 err = __br_fdb_delete(p, addr, vid); 913 } else { 914 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 915 err = __br_fdb_delete(p, addr, 0); 916 goto out; 917 } 918 919 /* We have vlans configured on this port and user didn't 920 * specify a VLAN. To be nice, add/update entry for every 921 * vlan on this port. 922 */ 923 err = -ENOENT; 924 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 925 err &= __br_fdb_delete(p, addr, vid); 926 } 927 } 928 out: 929 return err; 930 } 931 932 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 933 { 934 struct net_bridge_fdb_entry *fdb, *tmp; 935 int i; 936 int err; 937 938 ASSERT_RTNL(); 939 940 for (i = 0; i < BR_HASH_SIZE; i++) { 941 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 942 /* We only care for static entries */ 943 if (!fdb->is_static) 944 continue; 945 946 err = dev_uc_add(p->dev, fdb->addr.addr); 947 if (err) 948 goto rollback; 949 } 950 } 951 return 0; 952 953 rollback: 954 for (i = 0; i < BR_HASH_SIZE; i++) { 955 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 956 /* If we reached the fdb that failed, we can stop */ 957 if (tmp == fdb) 958 break; 959 960 /* We only care for static entries */ 961 if (!tmp->is_static) 962 continue; 963 964 dev_uc_del(p->dev, tmp->addr.addr); 965 } 966 } 967 return err; 968 } 969 970 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 971 { 972 struct net_bridge_fdb_entry *fdb; 973 int i; 974 975 ASSERT_RTNL(); 976 977 for (i = 0; i < BR_HASH_SIZE; i++) { 978 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 979 /* We only care for static entries */ 980 if (!fdb->is_static) 981 continue; 982 983 dev_uc_del(p->dev, fdb->addr.addr); 984 } 985 } 986 } 987 988 int br_fdb_external_learn_add(struct net_device *dev, 989 const unsigned char *addr, u16 vid) 990 { 991 struct net_bridge_port *p; 992 struct net_bridge *br; 993 struct hlist_head *head; 994 struct net_bridge_fdb_entry *fdb; 995 int err = 0; 996 997 rtnl_lock(); 998 999 p = br_port_get_rtnl(dev); 1000 if (!p) { 1001 pr_info("bridge: %s not a bridge port\n", dev->name); 1002 err = -EINVAL; 1003 goto err_rtnl_unlock; 1004 } 1005 1006 br = p->br; 1007 1008 spin_lock_bh(&br->hash_lock); 1009 1010 head = &br->hash[br_mac_hash(addr, vid)]; 1011 fdb = fdb_find(head, addr, vid); 1012 if (!fdb) { 1013 fdb = fdb_create(head, p, addr, vid); 1014 if (!fdb) { 1015 err = -ENOMEM; 1016 goto err_unlock; 1017 } 1018 fdb->added_by_external_learn = 1; 1019 fdb_notify(br, fdb, RTM_NEWNEIGH); 1020 } else if (fdb->added_by_external_learn) { 1021 /* Refresh entry */ 1022 fdb->updated = fdb->used = jiffies; 1023 } else if (!fdb->added_by_user) { 1024 /* Take over SW learned entry */ 1025 fdb->added_by_external_learn = 1; 1026 fdb->updated = jiffies; 1027 fdb_notify(br, fdb, RTM_NEWNEIGH); 1028 } 1029 1030 err_unlock: 1031 spin_unlock_bh(&br->hash_lock); 1032 err_rtnl_unlock: 1033 rtnl_unlock(); 1034 1035 return err; 1036 } 1037 EXPORT_SYMBOL(br_fdb_external_learn_add); 1038 1039 int br_fdb_external_learn_del(struct net_device *dev, 1040 const unsigned char *addr, u16 vid) 1041 { 1042 struct net_bridge_port *p; 1043 struct net_bridge *br; 1044 struct hlist_head *head; 1045 struct net_bridge_fdb_entry *fdb; 1046 int err = 0; 1047 1048 rtnl_lock(); 1049 1050 p = br_port_get_rtnl(dev); 1051 if (!p) { 1052 pr_info("bridge: %s not a bridge port\n", dev->name); 1053 err = -EINVAL; 1054 goto err_rtnl_unlock; 1055 } 1056 1057 br = p->br; 1058 1059 spin_lock_bh(&br->hash_lock); 1060 1061 head = &br->hash[br_mac_hash(addr, vid)]; 1062 fdb = fdb_find(head, addr, vid); 1063 if (fdb && fdb->added_by_external_learn) 1064 fdb_delete(br, fdb); 1065 else 1066 err = -ENOENT; 1067 1068 spin_unlock_bh(&br->hash_lock); 1069 err_rtnl_unlock: 1070 rtnl_unlock(); 1071 1072 return err; 1073 } 1074 EXPORT_SYMBOL(br_fdb_external_learn_del); 1075