1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 32 const unsigned char *addr, 33 __u16 vid); 34 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 35 const unsigned char *addr, u16 vid); 36 static void fdb_notify(struct net_bridge *br, 37 const struct net_bridge_fdb_entry *, int); 38 39 static u32 fdb_salt __read_mostly; 40 41 int __init br_fdb_init(void) 42 { 43 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 44 sizeof(struct net_bridge_fdb_entry), 45 0, 46 SLAB_HWCACHE_ALIGN, NULL); 47 if (!br_fdb_cache) 48 return -ENOMEM; 49 50 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 51 return 0; 52 } 53 54 void br_fdb_fini(void) 55 { 56 kmem_cache_destroy(br_fdb_cache); 57 } 58 59 60 /* if topology_changing then use forward_delay (default 15 sec) 61 * otherwise keep longer (default 5 minutes) 62 */ 63 static inline unsigned long hold_time(const struct net_bridge *br) 64 { 65 return br->topology_change ? br->forward_delay : br->ageing_time; 66 } 67 68 static inline int has_expired(const struct net_bridge *br, 69 const struct net_bridge_fdb_entry *fdb) 70 { 71 return !fdb->is_static && 72 time_before_eq(fdb->updated + hold_time(br), jiffies); 73 } 74 75 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 76 { 77 /* use 1 byte of OUI and 3 bytes of NIC */ 78 u32 key = get_unaligned((u32 *)(mac + 2)); 79 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 80 } 81 82 static void fdb_rcu_free(struct rcu_head *head) 83 { 84 struct net_bridge_fdb_entry *ent 85 = container_of(head, struct net_bridge_fdb_entry, rcu); 86 kmem_cache_free(br_fdb_cache, ent); 87 } 88 89 /* When a static FDB entry is added, the mac address from the entry is 90 * added to the bridge private HW address list and all required ports 91 * are then updated with the new information. 92 * Called under RTNL. 93 */ 94 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 95 { 96 int err; 97 struct net_bridge_port *p; 98 99 ASSERT_RTNL(); 100 101 list_for_each_entry(p, &br->port_list, list) { 102 if (!br_promisc_port(p)) { 103 err = dev_uc_add(p->dev, addr); 104 if (err) 105 goto undo; 106 } 107 } 108 109 return; 110 undo: 111 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 112 if (!br_promisc_port(p)) 113 dev_uc_del(p->dev, addr); 114 } 115 } 116 117 /* When a static FDB entry is deleted, the HW address from that entry is 118 * also removed from the bridge private HW address list and updates all 119 * the ports with needed information. 120 * Called under RTNL. 121 */ 122 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 123 { 124 struct net_bridge_port *p; 125 126 ASSERT_RTNL(); 127 128 list_for_each_entry(p, &br->port_list, list) { 129 if (!br_promisc_port(p)) 130 dev_uc_del(p->dev, addr); 131 } 132 } 133 134 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 135 { 136 struct switchdev_obj_port_fdb fdb = { 137 .obj = { 138 .id = SWITCHDEV_OBJ_ID_PORT_FDB, 139 .flags = SWITCHDEV_F_DEFER, 140 }, 141 .vid = f->vlan_id, 142 }; 143 144 ether_addr_copy(fdb.addr, f->addr.addr); 145 switchdev_port_obj_del(f->dst->dev, &fdb.obj); 146 } 147 148 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 149 { 150 if (f->is_static) 151 fdb_del_hw_addr(br, f->addr.addr); 152 153 if (f->added_by_external_learn) 154 fdb_del_external_learn(f); 155 156 hlist_del_rcu(&f->hlist); 157 fdb_notify(br, f, RTM_DELNEIGH); 158 call_rcu(&f->rcu, fdb_rcu_free); 159 } 160 161 /* Delete a local entry if no other port had the same address. */ 162 static void fdb_delete_local(struct net_bridge *br, 163 const struct net_bridge_port *p, 164 struct net_bridge_fdb_entry *f) 165 { 166 const unsigned char *addr = f->addr.addr; 167 struct net_bridge_vlan_group *vg; 168 const struct net_bridge_vlan *v; 169 struct net_bridge_port *op; 170 u16 vid = f->vlan_id; 171 172 /* Maybe another port has same hw addr? */ 173 list_for_each_entry(op, &br->port_list, list) { 174 vg = nbp_vlan_group(op); 175 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 176 (!vid || br_vlan_find(vg, vid))) { 177 f->dst = op; 178 f->added_by_user = 0; 179 return; 180 } 181 } 182 183 vg = br_vlan_group(br); 184 v = br_vlan_find(vg, vid); 185 /* Maybe bridge device has same hw addr? */ 186 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 187 (!vid || (v && br_vlan_should_use(v)))) { 188 f->dst = NULL; 189 f->added_by_user = 0; 190 return; 191 } 192 193 fdb_delete(br, f); 194 } 195 196 void br_fdb_find_delete_local(struct net_bridge *br, 197 const struct net_bridge_port *p, 198 const unsigned char *addr, u16 vid) 199 { 200 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 201 struct net_bridge_fdb_entry *f; 202 203 spin_lock_bh(&br->hash_lock); 204 f = fdb_find(head, addr, vid); 205 if (f && f->is_local && !f->added_by_user && f->dst == p) 206 fdb_delete_local(br, p, f); 207 spin_unlock_bh(&br->hash_lock); 208 } 209 210 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 211 { 212 struct net_bridge_vlan_group *vg; 213 struct net_bridge *br = p->br; 214 struct net_bridge_vlan *v; 215 int i; 216 217 spin_lock_bh(&br->hash_lock); 218 219 vg = nbp_vlan_group(p); 220 /* Search all chains since old address/hash is unknown */ 221 for (i = 0; i < BR_HASH_SIZE; i++) { 222 struct hlist_node *h; 223 hlist_for_each(h, &br->hash[i]) { 224 struct net_bridge_fdb_entry *f; 225 226 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 227 if (f->dst == p && f->is_local && !f->added_by_user) { 228 /* delete old one */ 229 fdb_delete_local(br, p, f); 230 231 /* if this port has no vlan information 232 * configured, we can safely be done at 233 * this point. 234 */ 235 if (!vg || !vg->num_vlans) 236 goto insert; 237 } 238 } 239 } 240 241 insert: 242 /* insert new address, may fail if invalid address or dup. */ 243 fdb_insert(br, p, newaddr, 0); 244 245 if (!vg || !vg->num_vlans) 246 goto done; 247 248 /* Now add entries for every VLAN configured on the port. 249 * This function runs under RTNL so the bitmap will not change 250 * from under us. 251 */ 252 list_for_each_entry(v, &vg->vlan_list, vlist) 253 fdb_insert(br, p, newaddr, v->vid); 254 255 done: 256 spin_unlock_bh(&br->hash_lock); 257 } 258 259 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 260 { 261 struct net_bridge_vlan_group *vg; 262 struct net_bridge_fdb_entry *f; 263 struct net_bridge_vlan *v; 264 265 spin_lock_bh(&br->hash_lock); 266 267 /* If old entry was unassociated with any port, then delete it. */ 268 f = __br_fdb_get(br, br->dev->dev_addr, 0); 269 if (f && f->is_local && !f->dst) 270 fdb_delete_local(br, NULL, f); 271 272 fdb_insert(br, NULL, newaddr, 0); 273 vg = br_vlan_group(br); 274 if (!vg || !vg->num_vlans) 275 goto out; 276 /* Now remove and add entries for every VLAN configured on the 277 * bridge. This function runs under RTNL so the bitmap will not 278 * change from under us. 279 */ 280 list_for_each_entry(v, &vg->vlan_list, vlist) { 281 f = __br_fdb_get(br, br->dev->dev_addr, v->vid); 282 if (f && f->is_local && !f->dst) 283 fdb_delete_local(br, NULL, f); 284 fdb_insert(br, NULL, newaddr, v->vid); 285 } 286 out: 287 spin_unlock_bh(&br->hash_lock); 288 } 289 290 void br_fdb_cleanup(unsigned long _data) 291 { 292 struct net_bridge *br = (struct net_bridge *)_data; 293 unsigned long delay = hold_time(br); 294 unsigned long next_timer = jiffies + br->ageing_time; 295 int i; 296 297 spin_lock(&br->hash_lock); 298 for (i = 0; i < BR_HASH_SIZE; i++) { 299 struct net_bridge_fdb_entry *f; 300 struct hlist_node *n; 301 302 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 303 unsigned long this_timer; 304 if (f->is_static) 305 continue; 306 if (f->added_by_external_learn) 307 continue; 308 this_timer = f->updated + delay; 309 if (time_before_eq(this_timer, jiffies)) 310 fdb_delete(br, f); 311 else if (time_before(this_timer, next_timer)) 312 next_timer = this_timer; 313 } 314 } 315 spin_unlock(&br->hash_lock); 316 317 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 318 } 319 320 /* Completely flush all dynamic entries in forwarding database.*/ 321 void br_fdb_flush(struct net_bridge *br) 322 { 323 int i; 324 325 spin_lock_bh(&br->hash_lock); 326 for (i = 0; i < BR_HASH_SIZE; i++) { 327 struct net_bridge_fdb_entry *f; 328 struct hlist_node *n; 329 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 330 if (!f->is_static) 331 fdb_delete(br, f); 332 } 333 } 334 spin_unlock_bh(&br->hash_lock); 335 } 336 337 /* Flush all entries referring to a specific port. 338 * if do_all is set also flush static entries 339 * if vid is set delete all entries that match the vlan_id 340 */ 341 void br_fdb_delete_by_port(struct net_bridge *br, 342 const struct net_bridge_port *p, 343 u16 vid, 344 int do_all) 345 { 346 int i; 347 348 spin_lock_bh(&br->hash_lock); 349 for (i = 0; i < BR_HASH_SIZE; i++) { 350 struct hlist_node *h, *g; 351 352 hlist_for_each_safe(h, g, &br->hash[i]) { 353 struct net_bridge_fdb_entry *f 354 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 355 if (f->dst != p) 356 continue; 357 358 if (!do_all) 359 if (f->is_static || (vid && f->vlan_id != vid)) 360 continue; 361 362 if (f->is_local) 363 fdb_delete_local(br, p, f); 364 else 365 fdb_delete(br, f); 366 } 367 } 368 spin_unlock_bh(&br->hash_lock); 369 } 370 371 /* No locking or refcounting, assumes caller has rcu_read_lock */ 372 struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 373 const unsigned char *addr, 374 __u16 vid) 375 { 376 struct net_bridge_fdb_entry *fdb; 377 378 hlist_for_each_entry_rcu(fdb, 379 &br->hash[br_mac_hash(addr, vid)], hlist) { 380 if (ether_addr_equal(fdb->addr.addr, addr) && 381 fdb->vlan_id == vid) { 382 if (unlikely(has_expired(br, fdb))) 383 break; 384 return fdb; 385 } 386 } 387 388 return NULL; 389 } 390 391 #if IS_ENABLED(CONFIG_ATM_LANE) 392 /* Interface used by ATM LANE hook to test 393 * if an addr is on some other bridge port */ 394 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 395 { 396 struct net_bridge_fdb_entry *fdb; 397 struct net_bridge_port *port; 398 int ret; 399 400 rcu_read_lock(); 401 port = br_port_get_rcu(dev); 402 if (!port) 403 ret = 0; 404 else { 405 fdb = __br_fdb_get(port->br, addr, 0); 406 ret = fdb && fdb->dst && fdb->dst->dev != dev && 407 fdb->dst->state == BR_STATE_FORWARDING; 408 } 409 rcu_read_unlock(); 410 411 return ret; 412 } 413 #endif /* CONFIG_ATM_LANE */ 414 415 /* 416 * Fill buffer with forwarding table records in 417 * the API format. 418 */ 419 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 420 unsigned long maxnum, unsigned long skip) 421 { 422 struct __fdb_entry *fe = buf; 423 int i, num = 0; 424 struct net_bridge_fdb_entry *f; 425 426 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 427 428 rcu_read_lock(); 429 for (i = 0; i < BR_HASH_SIZE; i++) { 430 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 431 if (num >= maxnum) 432 goto out; 433 434 if (has_expired(br, f)) 435 continue; 436 437 /* ignore pseudo entry for local MAC address */ 438 if (!f->dst) 439 continue; 440 441 if (skip) { 442 --skip; 443 continue; 444 } 445 446 /* convert from internal format to API */ 447 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 448 449 /* due to ABI compat need to split into hi/lo */ 450 fe->port_no = f->dst->port_no; 451 fe->port_hi = f->dst->port_no >> 8; 452 453 fe->is_local = f->is_local; 454 if (!f->is_static) 455 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 456 ++fe; 457 ++num; 458 } 459 } 460 461 out: 462 rcu_read_unlock(); 463 464 return num; 465 } 466 467 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 468 const unsigned char *addr, 469 __u16 vid) 470 { 471 struct net_bridge_fdb_entry *fdb; 472 473 hlist_for_each_entry(fdb, head, hlist) { 474 if (ether_addr_equal(fdb->addr.addr, addr) && 475 fdb->vlan_id == vid) 476 return fdb; 477 } 478 return NULL; 479 } 480 481 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 482 const unsigned char *addr, 483 __u16 vid) 484 { 485 struct net_bridge_fdb_entry *fdb; 486 487 hlist_for_each_entry_rcu(fdb, head, hlist) { 488 if (ether_addr_equal(fdb->addr.addr, addr) && 489 fdb->vlan_id == vid) 490 return fdb; 491 } 492 return NULL; 493 } 494 495 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 496 struct net_bridge_port *source, 497 const unsigned char *addr, 498 __u16 vid, 499 unsigned char is_local, 500 unsigned char is_static) 501 { 502 struct net_bridge_fdb_entry *fdb; 503 504 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 505 if (fdb) { 506 memcpy(fdb->addr.addr, addr, ETH_ALEN); 507 fdb->dst = source; 508 fdb->vlan_id = vid; 509 fdb->is_local = is_local; 510 fdb->is_static = is_static; 511 fdb->added_by_user = 0; 512 fdb->added_by_external_learn = 0; 513 fdb->updated = fdb->used = jiffies; 514 hlist_add_head_rcu(&fdb->hlist, head); 515 } 516 return fdb; 517 } 518 519 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 520 const unsigned char *addr, u16 vid) 521 { 522 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 523 struct net_bridge_fdb_entry *fdb; 524 525 if (!is_valid_ether_addr(addr)) 526 return -EINVAL; 527 528 fdb = fdb_find(head, addr, vid); 529 if (fdb) { 530 /* it is okay to have multiple ports with same 531 * address, just use the first one. 532 */ 533 if (fdb->is_local) 534 return 0; 535 br_warn(br, "adding interface %s with same address " 536 "as a received packet\n", 537 source ? source->dev->name : br->dev->name); 538 fdb_delete(br, fdb); 539 } 540 541 fdb = fdb_create(head, source, addr, vid, 1, 1); 542 if (!fdb) 543 return -ENOMEM; 544 545 fdb_add_hw_addr(br, addr); 546 fdb_notify(br, fdb, RTM_NEWNEIGH); 547 return 0; 548 } 549 550 /* Add entry for local address of interface */ 551 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 552 const unsigned char *addr, u16 vid) 553 { 554 int ret; 555 556 spin_lock_bh(&br->hash_lock); 557 ret = fdb_insert(br, source, addr, vid); 558 spin_unlock_bh(&br->hash_lock); 559 return ret; 560 } 561 562 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 563 const unsigned char *addr, u16 vid, bool added_by_user) 564 { 565 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 566 struct net_bridge_fdb_entry *fdb; 567 bool fdb_modified = false; 568 569 /* some users want to always flood. */ 570 if (hold_time(br) == 0) 571 return; 572 573 /* ignore packets unless we are using this port */ 574 if (!(source->state == BR_STATE_LEARNING || 575 source->state == BR_STATE_FORWARDING)) 576 return; 577 578 fdb = fdb_find_rcu(head, addr, vid); 579 if (likely(fdb)) { 580 /* attempt to update an entry for a local interface */ 581 if (unlikely(fdb->is_local)) { 582 if (net_ratelimit()) 583 br_warn(br, "received packet on %s with " 584 "own address as source address\n", 585 source->dev->name); 586 } else { 587 /* fastpath: update of existing entry */ 588 if (unlikely(source != fdb->dst)) { 589 fdb->dst = source; 590 fdb_modified = true; 591 } 592 fdb->updated = jiffies; 593 if (unlikely(added_by_user)) 594 fdb->added_by_user = 1; 595 if (unlikely(fdb_modified)) 596 fdb_notify(br, fdb, RTM_NEWNEIGH); 597 } 598 } else { 599 spin_lock(&br->hash_lock); 600 if (likely(!fdb_find(head, addr, vid))) { 601 fdb = fdb_create(head, source, addr, vid, 0, 0); 602 if (fdb) { 603 if (unlikely(added_by_user)) 604 fdb->added_by_user = 1; 605 fdb_notify(br, fdb, RTM_NEWNEIGH); 606 } 607 } 608 /* else we lose race and someone else inserts 609 * it first, don't bother updating 610 */ 611 spin_unlock(&br->hash_lock); 612 } 613 } 614 615 static int fdb_to_nud(const struct net_bridge *br, 616 const struct net_bridge_fdb_entry *fdb) 617 { 618 if (fdb->is_local) 619 return NUD_PERMANENT; 620 else if (fdb->is_static) 621 return NUD_NOARP; 622 else if (has_expired(br, fdb)) 623 return NUD_STALE; 624 else 625 return NUD_REACHABLE; 626 } 627 628 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 629 const struct net_bridge_fdb_entry *fdb, 630 u32 portid, u32 seq, int type, unsigned int flags) 631 { 632 unsigned long now = jiffies; 633 struct nda_cacheinfo ci; 634 struct nlmsghdr *nlh; 635 struct ndmsg *ndm; 636 637 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 638 if (nlh == NULL) 639 return -EMSGSIZE; 640 641 ndm = nlmsg_data(nlh); 642 ndm->ndm_family = AF_BRIDGE; 643 ndm->ndm_pad1 = 0; 644 ndm->ndm_pad2 = 0; 645 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 646 ndm->ndm_type = 0; 647 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 648 ndm->ndm_state = fdb_to_nud(br, fdb); 649 650 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 651 goto nla_put_failure; 652 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 653 goto nla_put_failure; 654 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 655 ci.ndm_confirmed = 0; 656 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 657 ci.ndm_refcnt = 0; 658 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 659 goto nla_put_failure; 660 661 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 662 goto nla_put_failure; 663 664 nlmsg_end(skb, nlh); 665 return 0; 666 667 nla_put_failure: 668 nlmsg_cancel(skb, nlh); 669 return -EMSGSIZE; 670 } 671 672 static inline size_t fdb_nlmsg_size(void) 673 { 674 return NLMSG_ALIGN(sizeof(struct ndmsg)) 675 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 676 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 677 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 678 + nla_total_size(sizeof(struct nda_cacheinfo)); 679 } 680 681 static void fdb_notify(struct net_bridge *br, 682 const struct net_bridge_fdb_entry *fdb, int type) 683 { 684 struct net *net = dev_net(br->dev); 685 struct sk_buff *skb; 686 int err = -ENOBUFS; 687 688 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 689 if (skb == NULL) 690 goto errout; 691 692 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 693 if (err < 0) { 694 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 695 WARN_ON(err == -EMSGSIZE); 696 kfree_skb(skb); 697 goto errout; 698 } 699 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 700 return; 701 errout: 702 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 703 } 704 705 /* Dump information about entries, in response to GETNEIGH */ 706 int br_fdb_dump(struct sk_buff *skb, 707 struct netlink_callback *cb, 708 struct net_device *dev, 709 struct net_device *filter_dev, 710 int idx) 711 { 712 struct net_bridge *br = netdev_priv(dev); 713 int i; 714 715 if (!(dev->priv_flags & IFF_EBRIDGE)) 716 goto out; 717 718 if (!filter_dev) 719 idx = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 720 721 for (i = 0; i < BR_HASH_SIZE; i++) { 722 struct net_bridge_fdb_entry *f; 723 724 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 725 if (idx < cb->args[0]) 726 goto skip; 727 728 if (filter_dev && 729 (!f->dst || f->dst->dev != filter_dev)) { 730 if (filter_dev != dev) 731 goto skip; 732 /* !f->dst is a special case for bridge 733 * It means the MAC belongs to the bridge 734 * Therefore need a little more filtering 735 * we only want to dump the !f->dst case 736 */ 737 if (f->dst) 738 goto skip; 739 } 740 if (!filter_dev && f->dst) 741 goto skip; 742 743 if (fdb_fill_info(skb, br, f, 744 NETLINK_CB(cb->skb).portid, 745 cb->nlh->nlmsg_seq, 746 RTM_NEWNEIGH, 747 NLM_F_MULTI) < 0) 748 break; 749 skip: 750 ++idx; 751 } 752 } 753 754 out: 755 return idx; 756 } 757 758 /* Update (create or replace) forwarding database entry */ 759 static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 760 __u16 state, __u16 flags, __u16 vid) 761 { 762 struct net_bridge *br = source->br; 763 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 764 struct net_bridge_fdb_entry *fdb; 765 bool modified = false; 766 767 /* If the port cannot learn allow only local and static entries */ 768 if (!(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 769 !(source->state == BR_STATE_LEARNING || 770 source->state == BR_STATE_FORWARDING)) 771 return -EPERM; 772 773 fdb = fdb_find(head, addr, vid); 774 if (fdb == NULL) { 775 if (!(flags & NLM_F_CREATE)) 776 return -ENOENT; 777 778 fdb = fdb_create(head, source, addr, vid, 0, 0); 779 if (!fdb) 780 return -ENOMEM; 781 782 modified = true; 783 } else { 784 if (flags & NLM_F_EXCL) 785 return -EEXIST; 786 787 if (fdb->dst != source) { 788 fdb->dst = source; 789 modified = true; 790 } 791 } 792 793 if (fdb_to_nud(br, fdb) != state) { 794 if (state & NUD_PERMANENT) { 795 fdb->is_local = 1; 796 if (!fdb->is_static) { 797 fdb->is_static = 1; 798 fdb_add_hw_addr(br, addr); 799 } 800 } else if (state & NUD_NOARP) { 801 fdb->is_local = 0; 802 if (!fdb->is_static) { 803 fdb->is_static = 1; 804 fdb_add_hw_addr(br, addr); 805 } 806 } else { 807 fdb->is_local = 0; 808 if (fdb->is_static) { 809 fdb->is_static = 0; 810 fdb_del_hw_addr(br, addr); 811 } 812 } 813 814 modified = true; 815 } 816 fdb->added_by_user = 1; 817 818 fdb->used = jiffies; 819 if (modified) { 820 fdb->updated = jiffies; 821 fdb_notify(br, fdb, RTM_NEWNEIGH); 822 } 823 824 return 0; 825 } 826 827 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 828 const unsigned char *addr, u16 nlh_flags, u16 vid) 829 { 830 int err = 0; 831 832 if (ndm->ndm_flags & NTF_USE) { 833 local_bh_disable(); 834 rcu_read_lock(); 835 br_fdb_update(p->br, p, addr, vid, true); 836 rcu_read_unlock(); 837 local_bh_enable(); 838 } else { 839 spin_lock_bh(&p->br->hash_lock); 840 err = fdb_add_entry(p, addr, ndm->ndm_state, 841 nlh_flags, vid); 842 spin_unlock_bh(&p->br->hash_lock); 843 } 844 845 return err; 846 } 847 848 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 849 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 850 struct net_device *dev, 851 const unsigned char *addr, u16 vid, u16 nlh_flags) 852 { 853 struct net_bridge_vlan_group *vg; 854 struct net_bridge_port *p = NULL; 855 struct net_bridge_vlan *v; 856 struct net_bridge *br = NULL; 857 int err = 0; 858 859 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 860 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 861 return -EINVAL; 862 } 863 864 if (is_zero_ether_addr(addr)) { 865 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 866 return -EINVAL; 867 } 868 869 if (dev->priv_flags & IFF_EBRIDGE) { 870 br = netdev_priv(dev); 871 vg = br_vlan_group(br); 872 } else { 873 p = br_port_get_rtnl(dev); 874 if (!p) { 875 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 876 dev->name); 877 return -EINVAL; 878 } 879 vg = nbp_vlan_group(p); 880 } 881 882 if (vid) { 883 v = br_vlan_find(vg, vid); 884 if (!v || !br_vlan_should_use(v)) { 885 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 886 return -EINVAL; 887 } 888 889 /* VID was specified, so use it. */ 890 if (dev->priv_flags & IFF_EBRIDGE) 891 err = br_fdb_insert(br, NULL, addr, vid); 892 else 893 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 894 } else { 895 if (dev->priv_flags & IFF_EBRIDGE) 896 err = br_fdb_insert(br, NULL, addr, 0); 897 else 898 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 899 if (err || !vg || !vg->num_vlans) 900 goto out; 901 902 /* We have vlans configured on this port and user didn't 903 * specify a VLAN. To be nice, add/update entry for every 904 * vlan on this port. 905 */ 906 list_for_each_entry(v, &vg->vlan_list, vlist) { 907 if (!br_vlan_should_use(v)) 908 continue; 909 if (dev->priv_flags & IFF_EBRIDGE) 910 err = br_fdb_insert(br, NULL, addr, v->vid); 911 else 912 err = __br_fdb_add(ndm, p, addr, nlh_flags, 913 v->vid); 914 if (err) 915 goto out; 916 } 917 } 918 919 out: 920 return err; 921 } 922 923 static int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, 924 u16 vid) 925 { 926 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 927 struct net_bridge_fdb_entry *fdb; 928 929 fdb = fdb_find(head, addr, vid); 930 if (!fdb) 931 return -ENOENT; 932 933 fdb_delete(br, fdb); 934 return 0; 935 } 936 937 static int __br_fdb_delete_by_addr(struct net_bridge *br, 938 const unsigned char *addr, u16 vid) 939 { 940 int err; 941 942 spin_lock_bh(&br->hash_lock); 943 err = fdb_delete_by_addr(br, addr, vid); 944 spin_unlock_bh(&br->hash_lock); 945 946 return err; 947 } 948 949 static int fdb_delete_by_addr_and_port(struct net_bridge_port *p, 950 const u8 *addr, u16 vlan) 951 { 952 struct net_bridge *br = p->br; 953 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 954 struct net_bridge_fdb_entry *fdb; 955 956 fdb = fdb_find(head, addr, vlan); 957 if (!fdb || fdb->dst != p) 958 return -ENOENT; 959 960 fdb_delete(br, fdb); 961 return 0; 962 } 963 964 static int __br_fdb_delete(struct net_bridge_port *p, 965 const unsigned char *addr, u16 vid) 966 { 967 int err; 968 969 spin_lock_bh(&p->br->hash_lock); 970 err = fdb_delete_by_addr_and_port(p, addr, vid); 971 spin_unlock_bh(&p->br->hash_lock); 972 973 return err; 974 } 975 976 /* Remove neighbor entry with RTM_DELNEIGH */ 977 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 978 struct net_device *dev, 979 const unsigned char *addr, u16 vid) 980 { 981 struct net_bridge_vlan_group *vg; 982 struct net_bridge_port *p = NULL; 983 struct net_bridge_vlan *v; 984 struct net_bridge *br = NULL; 985 int err; 986 987 if (dev->priv_flags & IFF_EBRIDGE) { 988 br = netdev_priv(dev); 989 vg = br_vlan_group(br); 990 } else { 991 p = br_port_get_rtnl(dev); 992 if (!p) { 993 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 994 dev->name); 995 return -EINVAL; 996 } 997 vg = nbp_vlan_group(p); 998 } 999 1000 if (vid) { 1001 v = br_vlan_find(vg, vid); 1002 if (!v) { 1003 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 1004 return -EINVAL; 1005 } 1006 1007 if (dev->priv_flags & IFF_EBRIDGE) 1008 err = __br_fdb_delete_by_addr(br, addr, vid); 1009 else 1010 err = __br_fdb_delete(p, addr, vid); 1011 } else { 1012 err = -ENOENT; 1013 if (dev->priv_flags & IFF_EBRIDGE) 1014 err = __br_fdb_delete_by_addr(br, addr, 0); 1015 else 1016 err &= __br_fdb_delete(p, addr, 0); 1017 1018 if (!vg || !vg->num_vlans) 1019 goto out; 1020 1021 list_for_each_entry(v, &vg->vlan_list, vlist) { 1022 if (!br_vlan_should_use(v)) 1023 continue; 1024 if (dev->priv_flags & IFF_EBRIDGE) 1025 err = __br_fdb_delete_by_addr(br, addr, v->vid); 1026 else 1027 err &= __br_fdb_delete(p, addr, v->vid); 1028 } 1029 } 1030 out: 1031 return err; 1032 } 1033 1034 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1035 { 1036 struct net_bridge_fdb_entry *fdb, *tmp; 1037 int i; 1038 int err; 1039 1040 ASSERT_RTNL(); 1041 1042 for (i = 0; i < BR_HASH_SIZE; i++) { 1043 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 1044 /* We only care for static entries */ 1045 if (!fdb->is_static) 1046 continue; 1047 1048 err = dev_uc_add(p->dev, fdb->addr.addr); 1049 if (err) 1050 goto rollback; 1051 } 1052 } 1053 return 0; 1054 1055 rollback: 1056 for (i = 0; i < BR_HASH_SIZE; i++) { 1057 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 1058 /* If we reached the fdb that failed, we can stop */ 1059 if (tmp == fdb) 1060 break; 1061 1062 /* We only care for static entries */ 1063 if (!tmp->is_static) 1064 continue; 1065 1066 dev_uc_del(p->dev, tmp->addr.addr); 1067 } 1068 } 1069 return err; 1070 } 1071 1072 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1073 { 1074 struct net_bridge_fdb_entry *fdb; 1075 int i; 1076 1077 ASSERT_RTNL(); 1078 1079 for (i = 0; i < BR_HASH_SIZE; i++) { 1080 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1081 /* We only care for static entries */ 1082 if (!fdb->is_static) 1083 continue; 1084 1085 dev_uc_del(p->dev, fdb->addr.addr); 1086 } 1087 } 1088 } 1089 1090 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1091 const unsigned char *addr, u16 vid) 1092 { 1093 struct hlist_head *head; 1094 struct net_bridge_fdb_entry *fdb; 1095 int err = 0; 1096 1097 ASSERT_RTNL(); 1098 spin_lock_bh(&br->hash_lock); 1099 1100 head = &br->hash[br_mac_hash(addr, vid)]; 1101 fdb = fdb_find(head, addr, vid); 1102 if (!fdb) { 1103 fdb = fdb_create(head, p, addr, vid, 0, 0); 1104 if (!fdb) { 1105 err = -ENOMEM; 1106 goto err_unlock; 1107 } 1108 fdb->added_by_external_learn = 1; 1109 fdb_notify(br, fdb, RTM_NEWNEIGH); 1110 } else if (fdb->added_by_external_learn) { 1111 /* Refresh entry */ 1112 fdb->updated = fdb->used = jiffies; 1113 } else if (!fdb->added_by_user) { 1114 /* Take over SW learned entry */ 1115 fdb->added_by_external_learn = 1; 1116 fdb->updated = jiffies; 1117 fdb_notify(br, fdb, RTM_NEWNEIGH); 1118 } 1119 1120 err_unlock: 1121 spin_unlock_bh(&br->hash_lock); 1122 1123 return err; 1124 } 1125 1126 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1127 const unsigned char *addr, u16 vid) 1128 { 1129 struct hlist_head *head; 1130 struct net_bridge_fdb_entry *fdb; 1131 int err = 0; 1132 1133 ASSERT_RTNL(); 1134 spin_lock_bh(&br->hash_lock); 1135 1136 head = &br->hash[br_mac_hash(addr, vid)]; 1137 fdb = fdb_find(head, addr, vid); 1138 if (fdb && fdb->added_by_external_learn) 1139 fdb_delete(br, fdb); 1140 else 1141 err = -ENOENT; 1142 1143 spin_unlock_bh(&br->hash_lock); 1144 1145 return err; 1146 } 1147