1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 32 const unsigned char *addr, u16 vid); 33 static void fdb_notify(struct net_bridge *br, 34 const struct net_bridge_fdb_entry *, int); 35 36 static u32 fdb_salt __read_mostly; 37 38 int __init br_fdb_init(void) 39 { 40 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 41 sizeof(struct net_bridge_fdb_entry), 42 0, 43 SLAB_HWCACHE_ALIGN, NULL); 44 if (!br_fdb_cache) 45 return -ENOMEM; 46 47 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 48 return 0; 49 } 50 51 void br_fdb_fini(void) 52 { 53 kmem_cache_destroy(br_fdb_cache); 54 } 55 56 57 /* if topology_changing then use forward_delay (default 15 sec) 58 * otherwise keep longer (default 5 minutes) 59 */ 60 static inline unsigned long hold_time(const struct net_bridge *br) 61 { 62 return br->topology_change ? br->forward_delay : br->ageing_time; 63 } 64 65 static inline int has_expired(const struct net_bridge *br, 66 const struct net_bridge_fdb_entry *fdb) 67 { 68 return !fdb->is_static && !fdb->added_by_external_learn && 69 time_before_eq(fdb->updated + hold_time(br), jiffies); 70 } 71 72 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 73 { 74 /* use 1 byte of OUI and 3 bytes of NIC */ 75 u32 key = get_unaligned((u32 *)(mac + 2)); 76 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 77 } 78 79 static void fdb_rcu_free(struct rcu_head *head) 80 { 81 struct net_bridge_fdb_entry *ent 82 = container_of(head, struct net_bridge_fdb_entry, rcu); 83 kmem_cache_free(br_fdb_cache, ent); 84 } 85 86 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 87 const unsigned char *addr, 88 __u16 vid) 89 { 90 struct net_bridge_fdb_entry *f; 91 92 WARN_ON_ONCE(!rcu_read_lock_held()); 93 94 hlist_for_each_entry_rcu(f, head, hlist) 95 if (ether_addr_equal(f->addr.addr, addr) && f->vlan_id == vid) 96 break; 97 98 return f; 99 } 100 101 /* requires bridge hash_lock */ 102 static struct net_bridge_fdb_entry *br_fdb_find(struct net_bridge *br, 103 const unsigned char *addr, 104 __u16 vid) 105 { 106 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 107 struct net_bridge_fdb_entry *fdb; 108 109 lockdep_assert_held_once(&br->hash_lock); 110 111 rcu_read_lock(); 112 fdb = fdb_find_rcu(head, addr, vid); 113 rcu_read_unlock(); 114 115 return fdb; 116 } 117 118 struct net_bridge_fdb_entry *br_fdb_find_rcu(struct net_bridge *br, 119 const unsigned char *addr, 120 __u16 vid) 121 { 122 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 123 124 return fdb_find_rcu(head, addr, vid); 125 } 126 127 /* When a static FDB entry is added, the mac address from the entry is 128 * added to the bridge private HW address list and all required ports 129 * are then updated with the new information. 130 * Called under RTNL. 131 */ 132 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 133 { 134 int err; 135 struct net_bridge_port *p; 136 137 ASSERT_RTNL(); 138 139 list_for_each_entry(p, &br->port_list, list) { 140 if (!br_promisc_port(p)) { 141 err = dev_uc_add(p->dev, addr); 142 if (err) 143 goto undo; 144 } 145 } 146 147 return; 148 undo: 149 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 150 if (!br_promisc_port(p)) 151 dev_uc_del(p->dev, addr); 152 } 153 } 154 155 /* When a static FDB entry is deleted, the HW address from that entry is 156 * also removed from the bridge private HW address list and updates all 157 * the ports with needed information. 158 * Called under RTNL. 159 */ 160 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 161 { 162 struct net_bridge_port *p; 163 164 ASSERT_RTNL(); 165 166 list_for_each_entry(p, &br->port_list, list) { 167 if (!br_promisc_port(p)) 168 dev_uc_del(p->dev, addr); 169 } 170 } 171 172 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 173 { 174 struct switchdev_obj_port_fdb fdb = { 175 .obj = { 176 .orig_dev = f->dst->dev, 177 .id = SWITCHDEV_OBJ_ID_PORT_FDB, 178 .flags = SWITCHDEV_F_DEFER, 179 }, 180 .vid = f->vlan_id, 181 }; 182 183 ether_addr_copy(fdb.addr, f->addr.addr); 184 switchdev_port_obj_del(f->dst->dev, &fdb.obj); 185 } 186 187 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 188 { 189 if (f->is_static) 190 fdb_del_hw_addr(br, f->addr.addr); 191 192 if (f->added_by_external_learn) 193 fdb_del_external_learn(f); 194 195 hlist_del_init_rcu(&f->hlist); 196 fdb_notify(br, f, RTM_DELNEIGH); 197 call_rcu(&f->rcu, fdb_rcu_free); 198 } 199 200 /* Delete a local entry if no other port had the same address. */ 201 static void fdb_delete_local(struct net_bridge *br, 202 const struct net_bridge_port *p, 203 struct net_bridge_fdb_entry *f) 204 { 205 const unsigned char *addr = f->addr.addr; 206 struct net_bridge_vlan_group *vg; 207 const struct net_bridge_vlan *v; 208 struct net_bridge_port *op; 209 u16 vid = f->vlan_id; 210 211 /* Maybe another port has same hw addr? */ 212 list_for_each_entry(op, &br->port_list, list) { 213 vg = nbp_vlan_group(op); 214 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 215 (!vid || br_vlan_find(vg, vid))) { 216 f->dst = op; 217 f->added_by_user = 0; 218 return; 219 } 220 } 221 222 vg = br_vlan_group(br); 223 v = br_vlan_find(vg, vid); 224 /* Maybe bridge device has same hw addr? */ 225 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 226 (!vid || (v && br_vlan_should_use(v)))) { 227 f->dst = NULL; 228 f->added_by_user = 0; 229 return; 230 } 231 232 fdb_delete(br, f); 233 } 234 235 void br_fdb_find_delete_local(struct net_bridge *br, 236 const struct net_bridge_port *p, 237 const unsigned char *addr, u16 vid) 238 { 239 struct net_bridge_fdb_entry *f; 240 241 spin_lock_bh(&br->hash_lock); 242 f = br_fdb_find(br, addr, vid); 243 if (f && f->is_local && !f->added_by_user && f->dst == p) 244 fdb_delete_local(br, p, f); 245 spin_unlock_bh(&br->hash_lock); 246 } 247 248 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 249 { 250 struct net_bridge_vlan_group *vg; 251 struct net_bridge *br = p->br; 252 struct net_bridge_vlan *v; 253 int i; 254 255 spin_lock_bh(&br->hash_lock); 256 257 vg = nbp_vlan_group(p); 258 /* Search all chains since old address/hash is unknown */ 259 for (i = 0; i < BR_HASH_SIZE; i++) { 260 struct hlist_node *h; 261 hlist_for_each(h, &br->hash[i]) { 262 struct net_bridge_fdb_entry *f; 263 264 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 265 if (f->dst == p && f->is_local && !f->added_by_user) { 266 /* delete old one */ 267 fdb_delete_local(br, p, f); 268 269 /* if this port has no vlan information 270 * configured, we can safely be done at 271 * this point. 272 */ 273 if (!vg || !vg->num_vlans) 274 goto insert; 275 } 276 } 277 } 278 279 insert: 280 /* insert new address, may fail if invalid address or dup. */ 281 fdb_insert(br, p, newaddr, 0); 282 283 if (!vg || !vg->num_vlans) 284 goto done; 285 286 /* Now add entries for every VLAN configured on the port. 287 * This function runs under RTNL so the bitmap will not change 288 * from under us. 289 */ 290 list_for_each_entry(v, &vg->vlan_list, vlist) 291 fdb_insert(br, p, newaddr, v->vid); 292 293 done: 294 spin_unlock_bh(&br->hash_lock); 295 } 296 297 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 298 { 299 struct net_bridge_vlan_group *vg; 300 struct net_bridge_fdb_entry *f; 301 struct net_bridge_vlan *v; 302 303 spin_lock_bh(&br->hash_lock); 304 305 /* If old entry was unassociated with any port, then delete it. */ 306 f = br_fdb_find(br, br->dev->dev_addr, 0); 307 if (f && f->is_local && !f->dst && !f->added_by_user) 308 fdb_delete_local(br, NULL, f); 309 310 fdb_insert(br, NULL, newaddr, 0); 311 vg = br_vlan_group(br); 312 if (!vg || !vg->num_vlans) 313 goto out; 314 /* Now remove and add entries for every VLAN configured on the 315 * bridge. This function runs under RTNL so the bitmap will not 316 * change from under us. 317 */ 318 list_for_each_entry(v, &vg->vlan_list, vlist) { 319 if (!br_vlan_should_use(v)) 320 continue; 321 f = br_fdb_find(br, br->dev->dev_addr, v->vid); 322 if (f && f->is_local && !f->dst && !f->added_by_user) 323 fdb_delete_local(br, NULL, f); 324 fdb_insert(br, NULL, newaddr, v->vid); 325 } 326 out: 327 spin_unlock_bh(&br->hash_lock); 328 } 329 330 void br_fdb_cleanup(struct work_struct *work) 331 { 332 struct net_bridge *br = container_of(work, struct net_bridge, 333 gc_work.work); 334 unsigned long delay = hold_time(br); 335 unsigned long work_delay = delay; 336 unsigned long now = jiffies; 337 int i; 338 339 for (i = 0; i < BR_HASH_SIZE; i++) { 340 struct net_bridge_fdb_entry *f; 341 struct hlist_node *n; 342 343 if (!br->hash[i].first) 344 continue; 345 346 spin_lock_bh(&br->hash_lock); 347 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 348 unsigned long this_timer; 349 350 if (f->is_static) 351 continue; 352 if (f->added_by_external_learn) 353 continue; 354 this_timer = f->updated + delay; 355 if (time_after(this_timer, now)) 356 work_delay = min(work_delay, this_timer - now); 357 else 358 fdb_delete(br, f); 359 } 360 spin_unlock_bh(&br->hash_lock); 361 cond_resched(); 362 } 363 364 /* Cleanup minimum 10 milliseconds apart */ 365 work_delay = max_t(unsigned long, work_delay, msecs_to_jiffies(10)); 366 mod_delayed_work(system_long_wq, &br->gc_work, work_delay); 367 } 368 369 /* Completely flush all dynamic entries in forwarding database.*/ 370 void br_fdb_flush(struct net_bridge *br) 371 { 372 int i; 373 374 spin_lock_bh(&br->hash_lock); 375 for (i = 0; i < BR_HASH_SIZE; i++) { 376 struct net_bridge_fdb_entry *f; 377 struct hlist_node *n; 378 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 379 if (!f->is_static) 380 fdb_delete(br, f); 381 } 382 } 383 spin_unlock_bh(&br->hash_lock); 384 } 385 386 /* Flush all entries referring to a specific port. 387 * if do_all is set also flush static entries 388 * if vid is set delete all entries that match the vlan_id 389 */ 390 void br_fdb_delete_by_port(struct net_bridge *br, 391 const struct net_bridge_port *p, 392 u16 vid, 393 int do_all) 394 { 395 int i; 396 397 spin_lock_bh(&br->hash_lock); 398 for (i = 0; i < BR_HASH_SIZE; i++) { 399 struct hlist_node *h, *g; 400 401 hlist_for_each_safe(h, g, &br->hash[i]) { 402 struct net_bridge_fdb_entry *f 403 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 404 if (f->dst != p) 405 continue; 406 407 if (!do_all) 408 if (f->is_static || (vid && f->vlan_id != vid)) 409 continue; 410 411 if (f->is_local) 412 fdb_delete_local(br, p, f); 413 else 414 fdb_delete(br, f); 415 } 416 } 417 spin_unlock_bh(&br->hash_lock); 418 } 419 420 #if IS_ENABLED(CONFIG_ATM_LANE) 421 /* Interface used by ATM LANE hook to test 422 * if an addr is on some other bridge port */ 423 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 424 { 425 struct net_bridge_fdb_entry *fdb; 426 struct net_bridge_port *port; 427 int ret; 428 429 rcu_read_lock(); 430 port = br_port_get_rcu(dev); 431 if (!port) 432 ret = 0; 433 else { 434 fdb = br_fdb_find_rcu(port->br, addr, 0); 435 ret = fdb && fdb->dst && fdb->dst->dev != dev && 436 fdb->dst->state == BR_STATE_FORWARDING; 437 } 438 rcu_read_unlock(); 439 440 return ret; 441 } 442 #endif /* CONFIG_ATM_LANE */ 443 444 /* 445 * Fill buffer with forwarding table records in 446 * the API format. 447 */ 448 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 449 unsigned long maxnum, unsigned long skip) 450 { 451 struct __fdb_entry *fe = buf; 452 int i, num = 0; 453 struct net_bridge_fdb_entry *f; 454 455 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 456 457 rcu_read_lock(); 458 for (i = 0; i < BR_HASH_SIZE; i++) { 459 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 460 if (num >= maxnum) 461 goto out; 462 463 if (has_expired(br, f)) 464 continue; 465 466 /* ignore pseudo entry for local MAC address */ 467 if (!f->dst) 468 continue; 469 470 if (skip) { 471 --skip; 472 continue; 473 } 474 475 /* convert from internal format to API */ 476 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 477 478 /* due to ABI compat need to split into hi/lo */ 479 fe->port_no = f->dst->port_no; 480 fe->port_hi = f->dst->port_no >> 8; 481 482 fe->is_local = f->is_local; 483 if (!f->is_static) 484 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 485 ++fe; 486 ++num; 487 } 488 } 489 490 out: 491 rcu_read_unlock(); 492 493 return num; 494 } 495 496 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 497 struct net_bridge_port *source, 498 const unsigned char *addr, 499 __u16 vid, 500 unsigned char is_local, 501 unsigned char is_static) 502 { 503 struct net_bridge_fdb_entry *fdb; 504 505 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 506 if (fdb) { 507 memcpy(fdb->addr.addr, addr, ETH_ALEN); 508 fdb->dst = source; 509 fdb->vlan_id = vid; 510 fdb->is_local = is_local; 511 fdb->is_static = is_static; 512 fdb->added_by_user = 0; 513 fdb->added_by_external_learn = 0; 514 fdb->updated = fdb->used = jiffies; 515 hlist_add_head_rcu(&fdb->hlist, head); 516 } 517 return fdb; 518 } 519 520 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 521 const unsigned char *addr, u16 vid) 522 { 523 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 524 struct net_bridge_fdb_entry *fdb; 525 526 if (!is_valid_ether_addr(addr)) 527 return -EINVAL; 528 529 fdb = br_fdb_find(br, addr, vid); 530 if (fdb) { 531 /* it is okay to have multiple ports with same 532 * address, just use the first one. 533 */ 534 if (fdb->is_local) 535 return 0; 536 br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n", 537 source ? source->dev->name : br->dev->name, addr, vid); 538 fdb_delete(br, fdb); 539 } 540 541 fdb = fdb_create(head, source, addr, vid, 1, 1); 542 if (!fdb) 543 return -ENOMEM; 544 545 fdb_add_hw_addr(br, addr); 546 fdb_notify(br, fdb, RTM_NEWNEIGH); 547 return 0; 548 } 549 550 /* Add entry for local address of interface */ 551 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 552 const unsigned char *addr, u16 vid) 553 { 554 int ret; 555 556 spin_lock_bh(&br->hash_lock); 557 ret = fdb_insert(br, source, addr, vid); 558 spin_unlock_bh(&br->hash_lock); 559 return ret; 560 } 561 562 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 563 const unsigned char *addr, u16 vid, bool added_by_user) 564 { 565 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 566 struct net_bridge_fdb_entry *fdb; 567 bool fdb_modified = false; 568 569 /* some users want to always flood. */ 570 if (hold_time(br) == 0) 571 return; 572 573 /* ignore packets unless we are using this port */ 574 if (!(source->state == BR_STATE_LEARNING || 575 source->state == BR_STATE_FORWARDING)) 576 return; 577 578 fdb = fdb_find_rcu(head, addr, vid); 579 if (likely(fdb)) { 580 /* attempt to update an entry for a local interface */ 581 if (unlikely(fdb->is_local)) { 582 if (net_ratelimit()) 583 br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n", 584 source->dev->name, addr, vid); 585 } else { 586 unsigned long now = jiffies; 587 588 /* fastpath: update of existing entry */ 589 if (unlikely(source != fdb->dst)) { 590 fdb->dst = source; 591 fdb_modified = true; 592 /* Take over HW learned entry */ 593 if (unlikely(fdb->added_by_external_learn)) 594 fdb->added_by_external_learn = 0; 595 } 596 if (now != fdb->updated) 597 fdb->updated = now; 598 if (unlikely(added_by_user)) 599 fdb->added_by_user = 1; 600 if (unlikely(fdb_modified)) 601 fdb_notify(br, fdb, RTM_NEWNEIGH); 602 } 603 } else { 604 spin_lock(&br->hash_lock); 605 if (likely(!fdb_find_rcu(head, addr, vid))) { 606 fdb = fdb_create(head, source, addr, vid, 0, 0); 607 if (fdb) { 608 if (unlikely(added_by_user)) 609 fdb->added_by_user = 1; 610 fdb_notify(br, fdb, RTM_NEWNEIGH); 611 } 612 } 613 /* else we lose race and someone else inserts 614 * it first, don't bother updating 615 */ 616 spin_unlock(&br->hash_lock); 617 } 618 } 619 620 static int fdb_to_nud(const struct net_bridge *br, 621 const struct net_bridge_fdb_entry *fdb) 622 { 623 if (fdb->is_local) 624 return NUD_PERMANENT; 625 else if (fdb->is_static) 626 return NUD_NOARP; 627 else if (has_expired(br, fdb)) 628 return NUD_STALE; 629 else 630 return NUD_REACHABLE; 631 } 632 633 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 634 const struct net_bridge_fdb_entry *fdb, 635 u32 portid, u32 seq, int type, unsigned int flags) 636 { 637 unsigned long now = jiffies; 638 struct nda_cacheinfo ci; 639 struct nlmsghdr *nlh; 640 struct ndmsg *ndm; 641 642 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 643 if (nlh == NULL) 644 return -EMSGSIZE; 645 646 ndm = nlmsg_data(nlh); 647 ndm->ndm_family = AF_BRIDGE; 648 ndm->ndm_pad1 = 0; 649 ndm->ndm_pad2 = 0; 650 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 651 ndm->ndm_type = 0; 652 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 653 ndm->ndm_state = fdb_to_nud(br, fdb); 654 655 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 656 goto nla_put_failure; 657 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 658 goto nla_put_failure; 659 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 660 ci.ndm_confirmed = 0; 661 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 662 ci.ndm_refcnt = 0; 663 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 664 goto nla_put_failure; 665 666 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 667 goto nla_put_failure; 668 669 nlmsg_end(skb, nlh); 670 return 0; 671 672 nla_put_failure: 673 nlmsg_cancel(skb, nlh); 674 return -EMSGSIZE; 675 } 676 677 static inline size_t fdb_nlmsg_size(void) 678 { 679 return NLMSG_ALIGN(sizeof(struct ndmsg)) 680 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 681 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 682 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 683 + nla_total_size(sizeof(struct nda_cacheinfo)); 684 } 685 686 static void fdb_notify(struct net_bridge *br, 687 const struct net_bridge_fdb_entry *fdb, int type) 688 { 689 struct net *net = dev_net(br->dev); 690 struct sk_buff *skb; 691 int err = -ENOBUFS; 692 693 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 694 if (skb == NULL) 695 goto errout; 696 697 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 698 if (err < 0) { 699 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 700 WARN_ON(err == -EMSGSIZE); 701 kfree_skb(skb); 702 goto errout; 703 } 704 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 705 return; 706 errout: 707 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 708 } 709 710 /* Dump information about entries, in response to GETNEIGH */ 711 int br_fdb_dump(struct sk_buff *skb, 712 struct netlink_callback *cb, 713 struct net_device *dev, 714 struct net_device *filter_dev, 715 int *idx) 716 { 717 struct net_bridge *br = netdev_priv(dev); 718 int err = 0; 719 int i; 720 721 if (!(dev->priv_flags & IFF_EBRIDGE)) 722 goto out; 723 724 if (!filter_dev) { 725 err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 726 if (err < 0) 727 goto out; 728 } 729 730 for (i = 0; i < BR_HASH_SIZE; i++) { 731 struct net_bridge_fdb_entry *f; 732 733 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 734 735 if (*idx < cb->args[2]) 736 goto skip; 737 738 if (filter_dev && 739 (!f->dst || f->dst->dev != filter_dev)) { 740 if (filter_dev != dev) 741 goto skip; 742 /* !f->dst is a special case for bridge 743 * It means the MAC belongs to the bridge 744 * Therefore need a little more filtering 745 * we only want to dump the !f->dst case 746 */ 747 if (f->dst) 748 goto skip; 749 } 750 if (!filter_dev && f->dst) 751 goto skip; 752 753 err = fdb_fill_info(skb, br, f, 754 NETLINK_CB(cb->skb).portid, 755 cb->nlh->nlmsg_seq, 756 RTM_NEWNEIGH, 757 NLM_F_MULTI); 758 if (err < 0) 759 goto out; 760 skip: 761 *idx += 1; 762 } 763 } 764 765 out: 766 return err; 767 } 768 769 /* Update (create or replace) forwarding database entry */ 770 static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source, 771 const __u8 *addr, __u16 state, __u16 flags, __u16 vid) 772 { 773 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 774 struct net_bridge_fdb_entry *fdb; 775 bool modified = false; 776 777 /* If the port cannot learn allow only local and static entries */ 778 if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 779 !(source->state == BR_STATE_LEARNING || 780 source->state == BR_STATE_FORWARDING)) 781 return -EPERM; 782 783 if (!source && !(state & NUD_PERMANENT)) { 784 pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n", 785 br->dev->name); 786 return -EINVAL; 787 } 788 789 fdb = br_fdb_find(br, addr, vid); 790 if (fdb == NULL) { 791 if (!(flags & NLM_F_CREATE)) 792 return -ENOENT; 793 794 fdb = fdb_create(head, source, addr, vid, 0, 0); 795 if (!fdb) 796 return -ENOMEM; 797 798 modified = true; 799 } else { 800 if (flags & NLM_F_EXCL) 801 return -EEXIST; 802 803 if (fdb->dst != source) { 804 fdb->dst = source; 805 modified = true; 806 } 807 } 808 809 if (fdb_to_nud(br, fdb) != state) { 810 if (state & NUD_PERMANENT) { 811 fdb->is_local = 1; 812 if (!fdb->is_static) { 813 fdb->is_static = 1; 814 fdb_add_hw_addr(br, addr); 815 } 816 } else if (state & NUD_NOARP) { 817 fdb->is_local = 0; 818 if (!fdb->is_static) { 819 fdb->is_static = 1; 820 fdb_add_hw_addr(br, addr); 821 } 822 } else { 823 fdb->is_local = 0; 824 if (fdb->is_static) { 825 fdb->is_static = 0; 826 fdb_del_hw_addr(br, addr); 827 } 828 } 829 830 modified = true; 831 } 832 fdb->added_by_user = 1; 833 834 fdb->used = jiffies; 835 if (modified) { 836 fdb->updated = jiffies; 837 fdb_notify(br, fdb, RTM_NEWNEIGH); 838 } 839 840 return 0; 841 } 842 843 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br, 844 struct net_bridge_port *p, const unsigned char *addr, 845 u16 nlh_flags, u16 vid) 846 { 847 int err = 0; 848 849 if (ndm->ndm_flags & NTF_USE) { 850 if (!p) { 851 pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n", 852 br->dev->name); 853 return -EINVAL; 854 } 855 local_bh_disable(); 856 rcu_read_lock(); 857 br_fdb_update(br, p, addr, vid, true); 858 rcu_read_unlock(); 859 local_bh_enable(); 860 } else if (ndm->ndm_flags & NTF_EXT_LEARNED) { 861 err = br_fdb_external_learn_add(br, p, addr, vid); 862 } else { 863 spin_lock_bh(&br->hash_lock); 864 err = fdb_add_entry(br, p, addr, ndm->ndm_state, 865 nlh_flags, vid); 866 spin_unlock_bh(&br->hash_lock); 867 } 868 869 return err; 870 } 871 872 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 873 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 874 struct net_device *dev, 875 const unsigned char *addr, u16 vid, u16 nlh_flags) 876 { 877 struct net_bridge_vlan_group *vg; 878 struct net_bridge_port *p = NULL; 879 struct net_bridge_vlan *v; 880 struct net_bridge *br = NULL; 881 int err = 0; 882 883 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 884 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 885 return -EINVAL; 886 } 887 888 if (is_zero_ether_addr(addr)) { 889 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 890 return -EINVAL; 891 } 892 893 if (dev->priv_flags & IFF_EBRIDGE) { 894 br = netdev_priv(dev); 895 vg = br_vlan_group(br); 896 } else { 897 p = br_port_get_rtnl(dev); 898 if (!p) { 899 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 900 dev->name); 901 return -EINVAL; 902 } 903 br = p->br; 904 vg = nbp_vlan_group(p); 905 } 906 907 if (vid) { 908 v = br_vlan_find(vg, vid); 909 if (!v || !br_vlan_should_use(v)) { 910 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 911 return -EINVAL; 912 } 913 914 /* VID was specified, so use it. */ 915 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid); 916 } else { 917 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0); 918 if (err || !vg || !vg->num_vlans) 919 goto out; 920 921 /* We have vlans configured on this port and user didn't 922 * specify a VLAN. To be nice, add/update entry for every 923 * vlan on this port. 924 */ 925 list_for_each_entry(v, &vg->vlan_list, vlist) { 926 if (!br_vlan_should_use(v)) 927 continue; 928 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid); 929 if (err) 930 goto out; 931 } 932 } 933 934 out: 935 return err; 936 } 937 938 static int fdb_delete_by_addr_and_port(struct net_bridge *br, 939 const struct net_bridge_port *p, 940 const u8 *addr, u16 vlan) 941 { 942 struct net_bridge_fdb_entry *fdb; 943 944 fdb = br_fdb_find(br, addr, vlan); 945 if (!fdb || fdb->dst != p) 946 return -ENOENT; 947 948 fdb_delete(br, fdb); 949 950 return 0; 951 } 952 953 static int __br_fdb_delete(struct net_bridge *br, 954 const struct net_bridge_port *p, 955 const unsigned char *addr, u16 vid) 956 { 957 int err; 958 959 spin_lock_bh(&br->hash_lock); 960 err = fdb_delete_by_addr_and_port(br, p, addr, vid); 961 spin_unlock_bh(&br->hash_lock); 962 963 return err; 964 } 965 966 /* Remove neighbor entry with RTM_DELNEIGH */ 967 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 968 struct net_device *dev, 969 const unsigned char *addr, u16 vid) 970 { 971 struct net_bridge_vlan_group *vg; 972 struct net_bridge_port *p = NULL; 973 struct net_bridge_vlan *v; 974 struct net_bridge *br; 975 int err; 976 977 if (dev->priv_flags & IFF_EBRIDGE) { 978 br = netdev_priv(dev); 979 vg = br_vlan_group(br); 980 } else { 981 p = br_port_get_rtnl(dev); 982 if (!p) { 983 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 984 dev->name); 985 return -EINVAL; 986 } 987 vg = nbp_vlan_group(p); 988 br = p->br; 989 } 990 991 if (vid) { 992 v = br_vlan_find(vg, vid); 993 if (!v) { 994 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 995 return -EINVAL; 996 } 997 998 err = __br_fdb_delete(br, p, addr, vid); 999 } else { 1000 err = -ENOENT; 1001 err &= __br_fdb_delete(br, p, addr, 0); 1002 if (!vg || !vg->num_vlans) 1003 return err; 1004 1005 list_for_each_entry(v, &vg->vlan_list, vlist) { 1006 if (!br_vlan_should_use(v)) 1007 continue; 1008 err &= __br_fdb_delete(br, p, addr, v->vid); 1009 } 1010 } 1011 1012 return err; 1013 } 1014 1015 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1016 { 1017 struct net_bridge_fdb_entry *fdb, *tmp; 1018 int i; 1019 int err; 1020 1021 ASSERT_RTNL(); 1022 1023 for (i = 0; i < BR_HASH_SIZE; i++) { 1024 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 1025 /* We only care for static entries */ 1026 if (!fdb->is_static) 1027 continue; 1028 1029 err = dev_uc_add(p->dev, fdb->addr.addr); 1030 if (err) 1031 goto rollback; 1032 } 1033 } 1034 return 0; 1035 1036 rollback: 1037 for (i = 0; i < BR_HASH_SIZE; i++) { 1038 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 1039 /* If we reached the fdb that failed, we can stop */ 1040 if (tmp == fdb) 1041 break; 1042 1043 /* We only care for static entries */ 1044 if (!tmp->is_static) 1045 continue; 1046 1047 dev_uc_del(p->dev, tmp->addr.addr); 1048 } 1049 } 1050 return err; 1051 } 1052 1053 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1054 { 1055 struct net_bridge_fdb_entry *fdb; 1056 int i; 1057 1058 ASSERT_RTNL(); 1059 1060 for (i = 0; i < BR_HASH_SIZE; i++) { 1061 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1062 /* We only care for static entries */ 1063 if (!fdb->is_static) 1064 continue; 1065 1066 dev_uc_del(p->dev, fdb->addr.addr); 1067 } 1068 } 1069 } 1070 1071 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1072 const unsigned char *addr, u16 vid) 1073 { 1074 struct hlist_head *head; 1075 struct net_bridge_fdb_entry *fdb; 1076 int err = 0; 1077 1078 ASSERT_RTNL(); 1079 spin_lock_bh(&br->hash_lock); 1080 1081 head = &br->hash[br_mac_hash(addr, vid)]; 1082 fdb = br_fdb_find(br, addr, vid); 1083 if (!fdb) { 1084 fdb = fdb_create(head, p, addr, vid, 0, 0); 1085 if (!fdb) { 1086 err = -ENOMEM; 1087 goto err_unlock; 1088 } 1089 fdb->added_by_external_learn = 1; 1090 fdb_notify(br, fdb, RTM_NEWNEIGH); 1091 } else if (fdb->added_by_external_learn) { 1092 /* Refresh entry */ 1093 fdb->updated = fdb->used = jiffies; 1094 } else if (!fdb->added_by_user) { 1095 /* Take over SW learned entry */ 1096 fdb->added_by_external_learn = 1; 1097 fdb->updated = jiffies; 1098 fdb_notify(br, fdb, RTM_NEWNEIGH); 1099 } 1100 1101 err_unlock: 1102 spin_unlock_bh(&br->hash_lock); 1103 1104 return err; 1105 } 1106 1107 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1108 const unsigned char *addr, u16 vid) 1109 { 1110 struct net_bridge_fdb_entry *fdb; 1111 int err = 0; 1112 1113 ASSERT_RTNL(); 1114 spin_lock_bh(&br->hash_lock); 1115 1116 fdb = br_fdb_find(br, addr, vid); 1117 if (fdb && fdb->added_by_external_learn) 1118 fdb_delete(br, fdb); 1119 else 1120 err = -ENOENT; 1121 1122 spin_unlock_bh(&br->hash_lock); 1123 1124 return err; 1125 } 1126