1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 32 const unsigned char *addr, 33 __u16 vid); 34 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 35 const unsigned char *addr, u16 vid); 36 static void fdb_notify(struct net_bridge *br, 37 const struct net_bridge_fdb_entry *, int); 38 39 static u32 fdb_salt __read_mostly; 40 41 int __init br_fdb_init(void) 42 { 43 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 44 sizeof(struct net_bridge_fdb_entry), 45 0, 46 SLAB_HWCACHE_ALIGN, NULL); 47 if (!br_fdb_cache) 48 return -ENOMEM; 49 50 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 51 return 0; 52 } 53 54 void br_fdb_fini(void) 55 { 56 kmem_cache_destroy(br_fdb_cache); 57 } 58 59 60 /* if topology_changing then use forward_delay (default 15 sec) 61 * otherwise keep longer (default 5 minutes) 62 */ 63 static inline unsigned long hold_time(const struct net_bridge *br) 64 { 65 return br->topology_change ? br->forward_delay : br->ageing_time; 66 } 67 68 static inline int has_expired(const struct net_bridge *br, 69 const struct net_bridge_fdb_entry *fdb) 70 { 71 return !fdb->is_static && 72 time_before_eq(fdb->updated + hold_time(br), jiffies); 73 } 74 75 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 76 { 77 /* use 1 byte of OUI and 3 bytes of NIC */ 78 u32 key = get_unaligned((u32 *)(mac + 2)); 79 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 80 } 81 82 static void fdb_rcu_free(struct rcu_head *head) 83 { 84 struct net_bridge_fdb_entry *ent 85 = container_of(head, struct net_bridge_fdb_entry, rcu); 86 kmem_cache_free(br_fdb_cache, ent); 87 } 88 89 /* When a static FDB entry is added, the mac address from the entry is 90 * added to the bridge private HW address list and all required ports 91 * are then updated with the new information. 92 * Called under RTNL. 93 */ 94 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 95 { 96 int err; 97 struct net_bridge_port *p; 98 99 ASSERT_RTNL(); 100 101 list_for_each_entry(p, &br->port_list, list) { 102 if (!br_promisc_port(p)) { 103 err = dev_uc_add(p->dev, addr); 104 if (err) 105 goto undo; 106 } 107 } 108 109 return; 110 undo: 111 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 112 if (!br_promisc_port(p)) 113 dev_uc_del(p->dev, addr); 114 } 115 } 116 117 /* When a static FDB entry is deleted, the HW address from that entry is 118 * also removed from the bridge private HW address list and updates all 119 * the ports with needed information. 120 * Called under RTNL. 121 */ 122 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 123 { 124 struct net_bridge_port *p; 125 126 ASSERT_RTNL(); 127 128 list_for_each_entry(p, &br->port_list, list) { 129 if (!br_promisc_port(p)) 130 dev_uc_del(p->dev, addr); 131 } 132 } 133 134 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 135 { 136 struct switchdev_obj_port_fdb fdb = { 137 .obj = { 138 .orig_dev = f->dst->dev, 139 .id = SWITCHDEV_OBJ_ID_PORT_FDB, 140 .flags = SWITCHDEV_F_DEFER, 141 }, 142 .vid = f->vlan_id, 143 }; 144 145 ether_addr_copy(fdb.addr, f->addr.addr); 146 switchdev_port_obj_del(f->dst->dev, &fdb.obj); 147 } 148 149 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 150 { 151 if (f->is_static) 152 fdb_del_hw_addr(br, f->addr.addr); 153 154 if (f->added_by_external_learn) 155 fdb_del_external_learn(f); 156 157 hlist_del_rcu(&f->hlist); 158 fdb_notify(br, f, RTM_DELNEIGH); 159 call_rcu(&f->rcu, fdb_rcu_free); 160 } 161 162 /* Delete a local entry if no other port had the same address. */ 163 static void fdb_delete_local(struct net_bridge *br, 164 const struct net_bridge_port *p, 165 struct net_bridge_fdb_entry *f) 166 { 167 const unsigned char *addr = f->addr.addr; 168 struct net_bridge_vlan_group *vg; 169 const struct net_bridge_vlan *v; 170 struct net_bridge_port *op; 171 u16 vid = f->vlan_id; 172 173 /* Maybe another port has same hw addr? */ 174 list_for_each_entry(op, &br->port_list, list) { 175 vg = nbp_vlan_group(op); 176 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 177 (!vid || br_vlan_find(vg, vid))) { 178 f->dst = op; 179 f->added_by_user = 0; 180 return; 181 } 182 } 183 184 vg = br_vlan_group(br); 185 v = br_vlan_find(vg, vid); 186 /* Maybe bridge device has same hw addr? */ 187 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 188 (!vid || (v && br_vlan_should_use(v)))) { 189 f->dst = NULL; 190 f->added_by_user = 0; 191 return; 192 } 193 194 fdb_delete(br, f); 195 } 196 197 void br_fdb_find_delete_local(struct net_bridge *br, 198 const struct net_bridge_port *p, 199 const unsigned char *addr, u16 vid) 200 { 201 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 202 struct net_bridge_fdb_entry *f; 203 204 spin_lock_bh(&br->hash_lock); 205 f = fdb_find(head, addr, vid); 206 if (f && f->is_local && !f->added_by_user && f->dst == p) 207 fdb_delete_local(br, p, f); 208 spin_unlock_bh(&br->hash_lock); 209 } 210 211 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 212 { 213 struct net_bridge_vlan_group *vg; 214 struct net_bridge *br = p->br; 215 struct net_bridge_vlan *v; 216 int i; 217 218 spin_lock_bh(&br->hash_lock); 219 220 vg = nbp_vlan_group(p); 221 /* Search all chains since old address/hash is unknown */ 222 for (i = 0; i < BR_HASH_SIZE; i++) { 223 struct hlist_node *h; 224 hlist_for_each(h, &br->hash[i]) { 225 struct net_bridge_fdb_entry *f; 226 227 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 228 if (f->dst == p && f->is_local && !f->added_by_user) { 229 /* delete old one */ 230 fdb_delete_local(br, p, f); 231 232 /* if this port has no vlan information 233 * configured, we can safely be done at 234 * this point. 235 */ 236 if (!vg || !vg->num_vlans) 237 goto insert; 238 } 239 } 240 } 241 242 insert: 243 /* insert new address, may fail if invalid address or dup. */ 244 fdb_insert(br, p, newaddr, 0); 245 246 if (!vg || !vg->num_vlans) 247 goto done; 248 249 /* Now add entries for every VLAN configured on the port. 250 * This function runs under RTNL so the bitmap will not change 251 * from under us. 252 */ 253 list_for_each_entry(v, &vg->vlan_list, vlist) 254 fdb_insert(br, p, newaddr, v->vid); 255 256 done: 257 spin_unlock_bh(&br->hash_lock); 258 } 259 260 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 261 { 262 struct net_bridge_vlan_group *vg; 263 struct net_bridge_fdb_entry *f; 264 struct net_bridge_vlan *v; 265 266 spin_lock_bh(&br->hash_lock); 267 268 /* If old entry was unassociated with any port, then delete it. */ 269 f = __br_fdb_get(br, br->dev->dev_addr, 0); 270 if (f && f->is_local && !f->dst && !f->added_by_user) 271 fdb_delete_local(br, NULL, f); 272 273 fdb_insert(br, NULL, newaddr, 0); 274 vg = br_vlan_group(br); 275 if (!vg || !vg->num_vlans) 276 goto out; 277 /* Now remove and add entries for every VLAN configured on the 278 * bridge. This function runs under RTNL so the bitmap will not 279 * change from under us. 280 */ 281 list_for_each_entry(v, &vg->vlan_list, vlist) { 282 if (!br_vlan_should_use(v)) 283 continue; 284 f = __br_fdb_get(br, br->dev->dev_addr, v->vid); 285 if (f && f->is_local && !f->dst && !f->added_by_user) 286 fdb_delete_local(br, NULL, f); 287 fdb_insert(br, NULL, newaddr, v->vid); 288 } 289 out: 290 spin_unlock_bh(&br->hash_lock); 291 } 292 293 void br_fdb_cleanup(unsigned long _data) 294 { 295 struct net_bridge *br = (struct net_bridge *)_data; 296 unsigned long delay = hold_time(br); 297 unsigned long next_timer = jiffies + br->ageing_time; 298 int i; 299 300 spin_lock(&br->hash_lock); 301 for (i = 0; i < BR_HASH_SIZE; i++) { 302 struct net_bridge_fdb_entry *f; 303 struct hlist_node *n; 304 305 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 306 unsigned long this_timer; 307 if (f->is_static) 308 continue; 309 if (f->added_by_external_learn) 310 continue; 311 this_timer = f->updated + delay; 312 if (time_before_eq(this_timer, jiffies)) 313 fdb_delete(br, f); 314 else if (time_before(this_timer, next_timer)) 315 next_timer = this_timer; 316 } 317 } 318 spin_unlock(&br->hash_lock); 319 320 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 321 } 322 323 /* Completely flush all dynamic entries in forwarding database.*/ 324 void br_fdb_flush(struct net_bridge *br) 325 { 326 int i; 327 328 spin_lock_bh(&br->hash_lock); 329 for (i = 0; i < BR_HASH_SIZE; i++) { 330 struct net_bridge_fdb_entry *f; 331 struct hlist_node *n; 332 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 333 if (!f->is_static) 334 fdb_delete(br, f); 335 } 336 } 337 spin_unlock_bh(&br->hash_lock); 338 } 339 340 /* Flush all entries referring to a specific port. 341 * if do_all is set also flush static entries 342 * if vid is set delete all entries that match the vlan_id 343 */ 344 void br_fdb_delete_by_port(struct net_bridge *br, 345 const struct net_bridge_port *p, 346 u16 vid, 347 int do_all) 348 { 349 int i; 350 351 spin_lock_bh(&br->hash_lock); 352 for (i = 0; i < BR_HASH_SIZE; i++) { 353 struct hlist_node *h, *g; 354 355 hlist_for_each_safe(h, g, &br->hash[i]) { 356 struct net_bridge_fdb_entry *f 357 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 358 if (f->dst != p) 359 continue; 360 361 if (!do_all) 362 if (f->is_static || (vid && f->vlan_id != vid)) 363 continue; 364 365 if (f->is_local) 366 fdb_delete_local(br, p, f); 367 else 368 fdb_delete(br, f); 369 } 370 } 371 spin_unlock_bh(&br->hash_lock); 372 } 373 374 /* No locking or refcounting, assumes caller has rcu_read_lock */ 375 struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 376 const unsigned char *addr, 377 __u16 vid) 378 { 379 struct net_bridge_fdb_entry *fdb; 380 381 hlist_for_each_entry_rcu(fdb, 382 &br->hash[br_mac_hash(addr, vid)], hlist) { 383 if (ether_addr_equal(fdb->addr.addr, addr) && 384 fdb->vlan_id == vid) { 385 if (unlikely(has_expired(br, fdb))) 386 break; 387 return fdb; 388 } 389 } 390 391 return NULL; 392 } 393 394 #if IS_ENABLED(CONFIG_ATM_LANE) 395 /* Interface used by ATM LANE hook to test 396 * if an addr is on some other bridge port */ 397 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 398 { 399 struct net_bridge_fdb_entry *fdb; 400 struct net_bridge_port *port; 401 int ret; 402 403 rcu_read_lock(); 404 port = br_port_get_rcu(dev); 405 if (!port) 406 ret = 0; 407 else { 408 fdb = __br_fdb_get(port->br, addr, 0); 409 ret = fdb && fdb->dst && fdb->dst->dev != dev && 410 fdb->dst->state == BR_STATE_FORWARDING; 411 } 412 rcu_read_unlock(); 413 414 return ret; 415 } 416 #endif /* CONFIG_ATM_LANE */ 417 418 /* 419 * Fill buffer with forwarding table records in 420 * the API format. 421 */ 422 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 423 unsigned long maxnum, unsigned long skip) 424 { 425 struct __fdb_entry *fe = buf; 426 int i, num = 0; 427 struct net_bridge_fdb_entry *f; 428 429 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 430 431 rcu_read_lock(); 432 for (i = 0; i < BR_HASH_SIZE; i++) { 433 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 434 if (num >= maxnum) 435 goto out; 436 437 if (has_expired(br, f)) 438 continue; 439 440 /* ignore pseudo entry for local MAC address */ 441 if (!f->dst) 442 continue; 443 444 if (skip) { 445 --skip; 446 continue; 447 } 448 449 /* convert from internal format to API */ 450 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 451 452 /* due to ABI compat need to split into hi/lo */ 453 fe->port_no = f->dst->port_no; 454 fe->port_hi = f->dst->port_no >> 8; 455 456 fe->is_local = f->is_local; 457 if (!f->is_static) 458 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 459 ++fe; 460 ++num; 461 } 462 } 463 464 out: 465 rcu_read_unlock(); 466 467 return num; 468 } 469 470 static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 471 const unsigned char *addr, 472 __u16 vid) 473 { 474 struct net_bridge_fdb_entry *fdb; 475 476 hlist_for_each_entry(fdb, head, hlist) { 477 if (ether_addr_equal(fdb->addr.addr, addr) && 478 fdb->vlan_id == vid) 479 return fdb; 480 } 481 return NULL; 482 } 483 484 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 485 const unsigned char *addr, 486 __u16 vid) 487 { 488 struct net_bridge_fdb_entry *fdb; 489 490 hlist_for_each_entry_rcu(fdb, head, hlist) { 491 if (ether_addr_equal(fdb->addr.addr, addr) && 492 fdb->vlan_id == vid) 493 return fdb; 494 } 495 return NULL; 496 } 497 498 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 499 struct net_bridge_port *source, 500 const unsigned char *addr, 501 __u16 vid, 502 unsigned char is_local, 503 unsigned char is_static) 504 { 505 struct net_bridge_fdb_entry *fdb; 506 507 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 508 if (fdb) { 509 memcpy(fdb->addr.addr, addr, ETH_ALEN); 510 fdb->dst = source; 511 fdb->vlan_id = vid; 512 fdb->is_local = is_local; 513 fdb->is_static = is_static; 514 fdb->added_by_user = 0; 515 fdb->added_by_external_learn = 0; 516 fdb->updated = fdb->used = jiffies; 517 hlist_add_head_rcu(&fdb->hlist, head); 518 } 519 return fdb; 520 } 521 522 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 523 const unsigned char *addr, u16 vid) 524 { 525 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 526 struct net_bridge_fdb_entry *fdb; 527 528 if (!is_valid_ether_addr(addr)) 529 return -EINVAL; 530 531 fdb = fdb_find(head, addr, vid); 532 if (fdb) { 533 /* it is okay to have multiple ports with same 534 * address, just use the first one. 535 */ 536 if (fdb->is_local) 537 return 0; 538 br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n", 539 source ? source->dev->name : br->dev->name, addr, vid); 540 fdb_delete(br, fdb); 541 } 542 543 fdb = fdb_create(head, source, addr, vid, 1, 1); 544 if (!fdb) 545 return -ENOMEM; 546 547 fdb_add_hw_addr(br, addr); 548 fdb_notify(br, fdb, RTM_NEWNEIGH); 549 return 0; 550 } 551 552 /* Add entry for local address of interface */ 553 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 554 const unsigned char *addr, u16 vid) 555 { 556 int ret; 557 558 spin_lock_bh(&br->hash_lock); 559 ret = fdb_insert(br, source, addr, vid); 560 spin_unlock_bh(&br->hash_lock); 561 return ret; 562 } 563 564 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 565 const unsigned char *addr, u16 vid, bool added_by_user) 566 { 567 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 568 struct net_bridge_fdb_entry *fdb; 569 bool fdb_modified = false; 570 571 /* some users want to always flood. */ 572 if (hold_time(br) == 0) 573 return; 574 575 /* ignore packets unless we are using this port */ 576 if (!(source->state == BR_STATE_LEARNING || 577 source->state == BR_STATE_FORWARDING)) 578 return; 579 580 fdb = fdb_find_rcu(head, addr, vid); 581 if (likely(fdb)) { 582 /* attempt to update an entry for a local interface */ 583 if (unlikely(fdb->is_local)) { 584 if (net_ratelimit()) 585 br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n", 586 source->dev->name, addr, vid); 587 } else { 588 /* fastpath: update of existing entry */ 589 if (unlikely(source != fdb->dst)) { 590 fdb->dst = source; 591 fdb_modified = true; 592 } 593 fdb->updated = jiffies; 594 if (unlikely(added_by_user)) 595 fdb->added_by_user = 1; 596 if (unlikely(fdb_modified)) 597 fdb_notify(br, fdb, RTM_NEWNEIGH); 598 } 599 } else { 600 spin_lock(&br->hash_lock); 601 if (likely(!fdb_find(head, addr, vid))) { 602 fdb = fdb_create(head, source, addr, vid, 0, 0); 603 if (fdb) { 604 if (unlikely(added_by_user)) 605 fdb->added_by_user = 1; 606 fdb_notify(br, fdb, RTM_NEWNEIGH); 607 } 608 } 609 /* else we lose race and someone else inserts 610 * it first, don't bother updating 611 */ 612 spin_unlock(&br->hash_lock); 613 } 614 } 615 616 static int fdb_to_nud(const struct net_bridge *br, 617 const struct net_bridge_fdb_entry *fdb) 618 { 619 if (fdb->is_local) 620 return NUD_PERMANENT; 621 else if (fdb->is_static) 622 return NUD_NOARP; 623 else if (has_expired(br, fdb)) 624 return NUD_STALE; 625 else 626 return NUD_REACHABLE; 627 } 628 629 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 630 const struct net_bridge_fdb_entry *fdb, 631 u32 portid, u32 seq, int type, unsigned int flags) 632 { 633 unsigned long now = jiffies; 634 struct nda_cacheinfo ci; 635 struct nlmsghdr *nlh; 636 struct ndmsg *ndm; 637 638 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 639 if (nlh == NULL) 640 return -EMSGSIZE; 641 642 ndm = nlmsg_data(nlh); 643 ndm->ndm_family = AF_BRIDGE; 644 ndm->ndm_pad1 = 0; 645 ndm->ndm_pad2 = 0; 646 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 647 ndm->ndm_type = 0; 648 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 649 ndm->ndm_state = fdb_to_nud(br, fdb); 650 651 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 652 goto nla_put_failure; 653 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 654 goto nla_put_failure; 655 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 656 ci.ndm_confirmed = 0; 657 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 658 ci.ndm_refcnt = 0; 659 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 660 goto nla_put_failure; 661 662 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 663 goto nla_put_failure; 664 665 nlmsg_end(skb, nlh); 666 return 0; 667 668 nla_put_failure: 669 nlmsg_cancel(skb, nlh); 670 return -EMSGSIZE; 671 } 672 673 static inline size_t fdb_nlmsg_size(void) 674 { 675 return NLMSG_ALIGN(sizeof(struct ndmsg)) 676 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 677 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 678 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 679 + nla_total_size(sizeof(struct nda_cacheinfo)); 680 } 681 682 static void fdb_notify(struct net_bridge *br, 683 const struct net_bridge_fdb_entry *fdb, int type) 684 { 685 struct net *net = dev_net(br->dev); 686 struct sk_buff *skb; 687 int err = -ENOBUFS; 688 689 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 690 if (skb == NULL) 691 goto errout; 692 693 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 694 if (err < 0) { 695 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 696 WARN_ON(err == -EMSGSIZE); 697 kfree_skb(skb); 698 goto errout; 699 } 700 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 701 return; 702 errout: 703 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 704 } 705 706 /* Dump information about entries, in response to GETNEIGH */ 707 int br_fdb_dump(struct sk_buff *skb, 708 struct netlink_callback *cb, 709 struct net_device *dev, 710 struct net_device *filter_dev, 711 int *idx) 712 { 713 struct net_bridge *br = netdev_priv(dev); 714 int err = 0; 715 int i; 716 717 if (!(dev->priv_flags & IFF_EBRIDGE)) 718 goto out; 719 720 if (!filter_dev) { 721 err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 722 if (err < 0) 723 goto out; 724 } 725 726 for (i = 0; i < BR_HASH_SIZE; i++) { 727 struct net_bridge_fdb_entry *f; 728 729 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 730 731 if (*idx < cb->args[2]) 732 goto skip; 733 734 if (filter_dev && 735 (!f->dst || f->dst->dev != filter_dev)) { 736 if (filter_dev != dev) 737 goto skip; 738 /* !f->dst is a special case for bridge 739 * It means the MAC belongs to the bridge 740 * Therefore need a little more filtering 741 * we only want to dump the !f->dst case 742 */ 743 if (f->dst) 744 goto skip; 745 } 746 if (!filter_dev && f->dst) 747 goto skip; 748 749 err = fdb_fill_info(skb, br, f, 750 NETLINK_CB(cb->skb).portid, 751 cb->nlh->nlmsg_seq, 752 RTM_NEWNEIGH, 753 NLM_F_MULTI); 754 if (err < 0) 755 goto out; 756 skip: 757 *idx += 1; 758 } 759 } 760 761 out: 762 return err; 763 } 764 765 /* Update (create or replace) forwarding database entry */ 766 static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source, 767 const __u8 *addr, __u16 state, __u16 flags, __u16 vid) 768 { 769 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 770 struct net_bridge_fdb_entry *fdb; 771 bool modified = false; 772 773 /* If the port cannot learn allow only local and static entries */ 774 if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 775 !(source->state == BR_STATE_LEARNING || 776 source->state == BR_STATE_FORWARDING)) 777 return -EPERM; 778 779 if (!source && !(state & NUD_PERMANENT)) { 780 pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n", 781 br->dev->name); 782 return -EINVAL; 783 } 784 785 fdb = fdb_find(head, addr, vid); 786 if (fdb == NULL) { 787 if (!(flags & NLM_F_CREATE)) 788 return -ENOENT; 789 790 fdb = fdb_create(head, source, addr, vid, 0, 0); 791 if (!fdb) 792 return -ENOMEM; 793 794 modified = true; 795 } else { 796 if (flags & NLM_F_EXCL) 797 return -EEXIST; 798 799 if (fdb->dst != source) { 800 fdb->dst = source; 801 modified = true; 802 } 803 } 804 805 if (fdb_to_nud(br, fdb) != state) { 806 if (state & NUD_PERMANENT) { 807 fdb->is_local = 1; 808 if (!fdb->is_static) { 809 fdb->is_static = 1; 810 fdb_add_hw_addr(br, addr); 811 } 812 } else if (state & NUD_NOARP) { 813 fdb->is_local = 0; 814 if (!fdb->is_static) { 815 fdb->is_static = 1; 816 fdb_add_hw_addr(br, addr); 817 } 818 } else { 819 fdb->is_local = 0; 820 if (fdb->is_static) { 821 fdb->is_static = 0; 822 fdb_del_hw_addr(br, addr); 823 } 824 } 825 826 modified = true; 827 } 828 fdb->added_by_user = 1; 829 830 fdb->used = jiffies; 831 if (modified) { 832 fdb->updated = jiffies; 833 fdb_notify(br, fdb, RTM_NEWNEIGH); 834 } 835 836 return 0; 837 } 838 839 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br, 840 struct net_bridge_port *p, const unsigned char *addr, 841 u16 nlh_flags, u16 vid) 842 { 843 int err = 0; 844 845 if (ndm->ndm_flags & NTF_USE) { 846 if (!p) { 847 pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n", 848 br->dev->name); 849 return -EINVAL; 850 } 851 local_bh_disable(); 852 rcu_read_lock(); 853 br_fdb_update(br, p, addr, vid, true); 854 rcu_read_unlock(); 855 local_bh_enable(); 856 } else { 857 spin_lock_bh(&br->hash_lock); 858 err = fdb_add_entry(br, p, addr, ndm->ndm_state, 859 nlh_flags, vid); 860 spin_unlock_bh(&br->hash_lock); 861 } 862 863 return err; 864 } 865 866 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 867 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 868 struct net_device *dev, 869 const unsigned char *addr, u16 vid, u16 nlh_flags) 870 { 871 struct net_bridge_vlan_group *vg; 872 struct net_bridge_port *p = NULL; 873 struct net_bridge_vlan *v; 874 struct net_bridge *br = NULL; 875 int err = 0; 876 877 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 878 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 879 return -EINVAL; 880 } 881 882 if (is_zero_ether_addr(addr)) { 883 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 884 return -EINVAL; 885 } 886 887 if (dev->priv_flags & IFF_EBRIDGE) { 888 br = netdev_priv(dev); 889 vg = br_vlan_group(br); 890 } else { 891 p = br_port_get_rtnl(dev); 892 if (!p) { 893 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 894 dev->name); 895 return -EINVAL; 896 } 897 br = p->br; 898 vg = nbp_vlan_group(p); 899 } 900 901 if (vid) { 902 v = br_vlan_find(vg, vid); 903 if (!v || !br_vlan_should_use(v)) { 904 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 905 return -EINVAL; 906 } 907 908 /* VID was specified, so use it. */ 909 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid); 910 } else { 911 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0); 912 if (err || !vg || !vg->num_vlans) 913 goto out; 914 915 /* We have vlans configured on this port and user didn't 916 * specify a VLAN. To be nice, add/update entry for every 917 * vlan on this port. 918 */ 919 list_for_each_entry(v, &vg->vlan_list, vlist) { 920 if (!br_vlan_should_use(v)) 921 continue; 922 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid); 923 if (err) 924 goto out; 925 } 926 } 927 928 out: 929 return err; 930 } 931 932 static int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, 933 u16 vid) 934 { 935 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 936 struct net_bridge_fdb_entry *fdb; 937 938 fdb = fdb_find(head, addr, vid); 939 if (!fdb) 940 return -ENOENT; 941 942 fdb_delete(br, fdb); 943 return 0; 944 } 945 946 static int __br_fdb_delete_by_addr(struct net_bridge *br, 947 const unsigned char *addr, u16 vid) 948 { 949 int err; 950 951 spin_lock_bh(&br->hash_lock); 952 err = fdb_delete_by_addr(br, addr, vid); 953 spin_unlock_bh(&br->hash_lock); 954 955 return err; 956 } 957 958 static int fdb_delete_by_addr_and_port(struct net_bridge_port *p, 959 const u8 *addr, u16 vlan) 960 { 961 struct net_bridge *br = p->br; 962 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 963 struct net_bridge_fdb_entry *fdb; 964 965 fdb = fdb_find(head, addr, vlan); 966 if (!fdb || fdb->dst != p) 967 return -ENOENT; 968 969 fdb_delete(br, fdb); 970 return 0; 971 } 972 973 static int __br_fdb_delete(struct net_bridge_port *p, 974 const unsigned char *addr, u16 vid) 975 { 976 int err; 977 978 spin_lock_bh(&p->br->hash_lock); 979 err = fdb_delete_by_addr_and_port(p, addr, vid); 980 spin_unlock_bh(&p->br->hash_lock); 981 982 return err; 983 } 984 985 /* Remove neighbor entry with RTM_DELNEIGH */ 986 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 987 struct net_device *dev, 988 const unsigned char *addr, u16 vid) 989 { 990 struct net_bridge_vlan_group *vg; 991 struct net_bridge_port *p = NULL; 992 struct net_bridge_vlan *v; 993 struct net_bridge *br = NULL; 994 int err; 995 996 if (dev->priv_flags & IFF_EBRIDGE) { 997 br = netdev_priv(dev); 998 vg = br_vlan_group(br); 999 } else { 1000 p = br_port_get_rtnl(dev); 1001 if (!p) { 1002 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 1003 dev->name); 1004 return -EINVAL; 1005 } 1006 vg = nbp_vlan_group(p); 1007 } 1008 1009 if (vid) { 1010 v = br_vlan_find(vg, vid); 1011 if (!v) { 1012 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 1013 return -EINVAL; 1014 } 1015 1016 if (dev->priv_flags & IFF_EBRIDGE) 1017 err = __br_fdb_delete_by_addr(br, addr, vid); 1018 else 1019 err = __br_fdb_delete(p, addr, vid); 1020 } else { 1021 err = -ENOENT; 1022 if (dev->priv_flags & IFF_EBRIDGE) 1023 err = __br_fdb_delete_by_addr(br, addr, 0); 1024 else 1025 err &= __br_fdb_delete(p, addr, 0); 1026 1027 if (!vg || !vg->num_vlans) 1028 goto out; 1029 1030 list_for_each_entry(v, &vg->vlan_list, vlist) { 1031 if (!br_vlan_should_use(v)) 1032 continue; 1033 if (dev->priv_flags & IFF_EBRIDGE) 1034 err = __br_fdb_delete_by_addr(br, addr, v->vid); 1035 else 1036 err &= __br_fdb_delete(p, addr, v->vid); 1037 } 1038 } 1039 out: 1040 return err; 1041 } 1042 1043 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1044 { 1045 struct net_bridge_fdb_entry *fdb, *tmp; 1046 int i; 1047 int err; 1048 1049 ASSERT_RTNL(); 1050 1051 for (i = 0; i < BR_HASH_SIZE; i++) { 1052 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 1053 /* We only care for static entries */ 1054 if (!fdb->is_static) 1055 continue; 1056 1057 err = dev_uc_add(p->dev, fdb->addr.addr); 1058 if (err) 1059 goto rollback; 1060 } 1061 } 1062 return 0; 1063 1064 rollback: 1065 for (i = 0; i < BR_HASH_SIZE; i++) { 1066 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 1067 /* If we reached the fdb that failed, we can stop */ 1068 if (tmp == fdb) 1069 break; 1070 1071 /* We only care for static entries */ 1072 if (!tmp->is_static) 1073 continue; 1074 1075 dev_uc_del(p->dev, tmp->addr.addr); 1076 } 1077 } 1078 return err; 1079 } 1080 1081 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1082 { 1083 struct net_bridge_fdb_entry *fdb; 1084 int i; 1085 1086 ASSERT_RTNL(); 1087 1088 for (i = 0; i < BR_HASH_SIZE; i++) { 1089 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1090 /* We only care for static entries */ 1091 if (!fdb->is_static) 1092 continue; 1093 1094 dev_uc_del(p->dev, fdb->addr.addr); 1095 } 1096 } 1097 } 1098 1099 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1100 const unsigned char *addr, u16 vid) 1101 { 1102 struct hlist_head *head; 1103 struct net_bridge_fdb_entry *fdb; 1104 int err = 0; 1105 1106 ASSERT_RTNL(); 1107 spin_lock_bh(&br->hash_lock); 1108 1109 head = &br->hash[br_mac_hash(addr, vid)]; 1110 fdb = fdb_find(head, addr, vid); 1111 if (!fdb) { 1112 fdb = fdb_create(head, p, addr, vid, 0, 0); 1113 if (!fdb) { 1114 err = -ENOMEM; 1115 goto err_unlock; 1116 } 1117 fdb->added_by_external_learn = 1; 1118 fdb_notify(br, fdb, RTM_NEWNEIGH); 1119 } else if (fdb->added_by_external_learn) { 1120 /* Refresh entry */ 1121 fdb->updated = fdb->used = jiffies; 1122 } else if (!fdb->added_by_user) { 1123 /* Take over SW learned entry */ 1124 fdb->added_by_external_learn = 1; 1125 fdb->updated = jiffies; 1126 fdb_notify(br, fdb, RTM_NEWNEIGH); 1127 } 1128 1129 err_unlock: 1130 spin_unlock_bh(&br->hash_lock); 1131 1132 return err; 1133 } 1134 1135 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1136 const unsigned char *addr, u16 vid) 1137 { 1138 struct hlist_head *head; 1139 struct net_bridge_fdb_entry *fdb; 1140 int err = 0; 1141 1142 ASSERT_RTNL(); 1143 spin_lock_bh(&br->hash_lock); 1144 1145 head = &br->hash[br_mac_hash(addr, vid)]; 1146 fdb = fdb_find(head, addr, vid); 1147 if (fdb && fdb->added_by_external_learn) 1148 fdb_delete(br, fdb); 1149 else 1150 err = -ENOENT; 1151 1152 spin_unlock_bh(&br->hash_lock); 1153 1154 return err; 1155 } 1156