1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include <trace/events/bridge.h> 29 #include "br_private.h" 30 31 static struct kmem_cache *br_fdb_cache __read_mostly; 32 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 33 const unsigned char *addr, u16 vid); 34 static void fdb_notify(struct net_bridge *br, 35 const struct net_bridge_fdb_entry *, int); 36 37 static u32 fdb_salt __read_mostly; 38 39 int __init br_fdb_init(void) 40 { 41 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 42 sizeof(struct net_bridge_fdb_entry), 43 0, 44 SLAB_HWCACHE_ALIGN, NULL); 45 if (!br_fdb_cache) 46 return -ENOMEM; 47 48 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 49 return 0; 50 } 51 52 void br_fdb_fini(void) 53 { 54 kmem_cache_destroy(br_fdb_cache); 55 } 56 57 58 /* if topology_changing then use forward_delay (default 15 sec) 59 * otherwise keep longer (default 5 minutes) 60 */ 61 static inline unsigned long hold_time(const struct net_bridge *br) 62 { 63 return br->topology_change ? br->forward_delay : br->ageing_time; 64 } 65 66 static inline int has_expired(const struct net_bridge *br, 67 const struct net_bridge_fdb_entry *fdb) 68 { 69 return !fdb->is_static && !fdb->added_by_external_learn && 70 time_before_eq(fdb->updated + hold_time(br), jiffies); 71 } 72 73 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 74 { 75 /* use 1 byte of OUI and 3 bytes of NIC */ 76 u32 key = get_unaligned((u32 *)(mac + 2)); 77 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 78 } 79 80 static void fdb_rcu_free(struct rcu_head *head) 81 { 82 struct net_bridge_fdb_entry *ent 83 = container_of(head, struct net_bridge_fdb_entry, rcu); 84 kmem_cache_free(br_fdb_cache, ent); 85 } 86 87 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 88 const unsigned char *addr, 89 __u16 vid) 90 { 91 struct net_bridge_fdb_entry *f; 92 93 WARN_ON_ONCE(!rcu_read_lock_held()); 94 95 hlist_for_each_entry_rcu(f, head, hlist) 96 if (ether_addr_equal(f->addr.addr, addr) && f->vlan_id == vid) 97 break; 98 99 return f; 100 } 101 102 /* requires bridge hash_lock */ 103 static struct net_bridge_fdb_entry *br_fdb_find(struct net_bridge *br, 104 const unsigned char *addr, 105 __u16 vid) 106 { 107 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 108 struct net_bridge_fdb_entry *fdb; 109 110 lockdep_assert_held_once(&br->hash_lock); 111 112 rcu_read_lock(); 113 fdb = fdb_find_rcu(head, addr, vid); 114 rcu_read_unlock(); 115 116 return fdb; 117 } 118 119 struct net_bridge_fdb_entry *br_fdb_find_rcu(struct net_bridge *br, 120 const unsigned char *addr, 121 __u16 vid) 122 { 123 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 124 125 return fdb_find_rcu(head, addr, vid); 126 } 127 128 /* When a static FDB entry is added, the mac address from the entry is 129 * added to the bridge private HW address list and all required ports 130 * are then updated with the new information. 131 * Called under RTNL. 132 */ 133 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 134 { 135 int err; 136 struct net_bridge_port *p; 137 138 ASSERT_RTNL(); 139 140 list_for_each_entry(p, &br->port_list, list) { 141 if (!br_promisc_port(p)) { 142 err = dev_uc_add(p->dev, addr); 143 if (err) 144 goto undo; 145 } 146 } 147 148 return; 149 undo: 150 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 151 if (!br_promisc_port(p)) 152 dev_uc_del(p->dev, addr); 153 } 154 } 155 156 /* When a static FDB entry is deleted, the HW address from that entry is 157 * also removed from the bridge private HW address list and updates all 158 * the ports with needed information. 159 * Called under RTNL. 160 */ 161 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 162 { 163 struct net_bridge_port *p; 164 165 ASSERT_RTNL(); 166 167 list_for_each_entry(p, &br->port_list, list) { 168 if (!br_promisc_port(p)) 169 dev_uc_del(p->dev, addr); 170 } 171 } 172 173 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 174 { 175 trace_fdb_delete(br, f); 176 177 if (f->is_static) 178 fdb_del_hw_addr(br, f->addr.addr); 179 180 hlist_del_init_rcu(&f->hlist); 181 fdb_notify(br, f, RTM_DELNEIGH); 182 call_rcu(&f->rcu, fdb_rcu_free); 183 } 184 185 /* Delete a local entry if no other port had the same address. */ 186 static void fdb_delete_local(struct net_bridge *br, 187 const struct net_bridge_port *p, 188 struct net_bridge_fdb_entry *f) 189 { 190 const unsigned char *addr = f->addr.addr; 191 struct net_bridge_vlan_group *vg; 192 const struct net_bridge_vlan *v; 193 struct net_bridge_port *op; 194 u16 vid = f->vlan_id; 195 196 /* Maybe another port has same hw addr? */ 197 list_for_each_entry(op, &br->port_list, list) { 198 vg = nbp_vlan_group(op); 199 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 200 (!vid || br_vlan_find(vg, vid))) { 201 f->dst = op; 202 f->added_by_user = 0; 203 return; 204 } 205 } 206 207 vg = br_vlan_group(br); 208 v = br_vlan_find(vg, vid); 209 /* Maybe bridge device has same hw addr? */ 210 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 211 (!vid || (v && br_vlan_should_use(v)))) { 212 f->dst = NULL; 213 f->added_by_user = 0; 214 return; 215 } 216 217 fdb_delete(br, f); 218 } 219 220 void br_fdb_find_delete_local(struct net_bridge *br, 221 const struct net_bridge_port *p, 222 const unsigned char *addr, u16 vid) 223 { 224 struct net_bridge_fdb_entry *f; 225 226 spin_lock_bh(&br->hash_lock); 227 f = br_fdb_find(br, addr, vid); 228 if (f && f->is_local && !f->added_by_user && f->dst == p) 229 fdb_delete_local(br, p, f); 230 spin_unlock_bh(&br->hash_lock); 231 } 232 233 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 234 { 235 struct net_bridge_vlan_group *vg; 236 struct net_bridge *br = p->br; 237 struct net_bridge_vlan *v; 238 int i; 239 240 spin_lock_bh(&br->hash_lock); 241 242 vg = nbp_vlan_group(p); 243 /* Search all chains since old address/hash is unknown */ 244 for (i = 0; i < BR_HASH_SIZE; i++) { 245 struct hlist_node *h; 246 hlist_for_each(h, &br->hash[i]) { 247 struct net_bridge_fdb_entry *f; 248 249 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 250 if (f->dst == p && f->is_local && !f->added_by_user) { 251 /* delete old one */ 252 fdb_delete_local(br, p, f); 253 254 /* if this port has no vlan information 255 * configured, we can safely be done at 256 * this point. 257 */ 258 if (!vg || !vg->num_vlans) 259 goto insert; 260 } 261 } 262 } 263 264 insert: 265 /* insert new address, may fail if invalid address or dup. */ 266 fdb_insert(br, p, newaddr, 0); 267 268 if (!vg || !vg->num_vlans) 269 goto done; 270 271 /* Now add entries for every VLAN configured on the port. 272 * This function runs under RTNL so the bitmap will not change 273 * from under us. 274 */ 275 list_for_each_entry(v, &vg->vlan_list, vlist) 276 fdb_insert(br, p, newaddr, v->vid); 277 278 done: 279 spin_unlock_bh(&br->hash_lock); 280 } 281 282 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 283 { 284 struct net_bridge_vlan_group *vg; 285 struct net_bridge_fdb_entry *f; 286 struct net_bridge_vlan *v; 287 288 spin_lock_bh(&br->hash_lock); 289 290 /* If old entry was unassociated with any port, then delete it. */ 291 f = br_fdb_find(br, br->dev->dev_addr, 0); 292 if (f && f->is_local && !f->dst && !f->added_by_user) 293 fdb_delete_local(br, NULL, f); 294 295 fdb_insert(br, NULL, newaddr, 0); 296 vg = br_vlan_group(br); 297 if (!vg || !vg->num_vlans) 298 goto out; 299 /* Now remove and add entries for every VLAN configured on the 300 * bridge. This function runs under RTNL so the bitmap will not 301 * change from under us. 302 */ 303 list_for_each_entry(v, &vg->vlan_list, vlist) { 304 if (!br_vlan_should_use(v)) 305 continue; 306 f = br_fdb_find(br, br->dev->dev_addr, v->vid); 307 if (f && f->is_local && !f->dst && !f->added_by_user) 308 fdb_delete_local(br, NULL, f); 309 fdb_insert(br, NULL, newaddr, v->vid); 310 } 311 out: 312 spin_unlock_bh(&br->hash_lock); 313 } 314 315 void br_fdb_cleanup(struct work_struct *work) 316 { 317 struct net_bridge *br = container_of(work, struct net_bridge, 318 gc_work.work); 319 unsigned long delay = hold_time(br); 320 unsigned long work_delay = delay; 321 unsigned long now = jiffies; 322 int i; 323 324 for (i = 0; i < BR_HASH_SIZE; i++) { 325 struct net_bridge_fdb_entry *f; 326 struct hlist_node *n; 327 328 if (!br->hash[i].first) 329 continue; 330 331 spin_lock_bh(&br->hash_lock); 332 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 333 unsigned long this_timer; 334 335 if (f->is_static) 336 continue; 337 if (f->added_by_external_learn) 338 continue; 339 this_timer = f->updated + delay; 340 if (time_after(this_timer, now)) 341 work_delay = min(work_delay, this_timer - now); 342 else 343 fdb_delete(br, f); 344 } 345 spin_unlock_bh(&br->hash_lock); 346 cond_resched(); 347 } 348 349 /* Cleanup minimum 10 milliseconds apart */ 350 work_delay = max_t(unsigned long, work_delay, msecs_to_jiffies(10)); 351 mod_delayed_work(system_long_wq, &br->gc_work, work_delay); 352 } 353 354 /* Completely flush all dynamic entries in forwarding database.*/ 355 void br_fdb_flush(struct net_bridge *br) 356 { 357 int i; 358 359 spin_lock_bh(&br->hash_lock); 360 for (i = 0; i < BR_HASH_SIZE; i++) { 361 struct net_bridge_fdb_entry *f; 362 struct hlist_node *n; 363 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 364 if (!f->is_static) 365 fdb_delete(br, f); 366 } 367 } 368 spin_unlock_bh(&br->hash_lock); 369 } 370 371 /* Flush all entries referring to a specific port. 372 * if do_all is set also flush static entries 373 * if vid is set delete all entries that match the vlan_id 374 */ 375 void br_fdb_delete_by_port(struct net_bridge *br, 376 const struct net_bridge_port *p, 377 u16 vid, 378 int do_all) 379 { 380 int i; 381 382 spin_lock_bh(&br->hash_lock); 383 for (i = 0; i < BR_HASH_SIZE; i++) { 384 struct hlist_node *h, *g; 385 386 hlist_for_each_safe(h, g, &br->hash[i]) { 387 struct net_bridge_fdb_entry *f 388 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 389 if (f->dst != p) 390 continue; 391 392 if (!do_all) 393 if (f->is_static || (vid && f->vlan_id != vid)) 394 continue; 395 396 if (f->is_local) 397 fdb_delete_local(br, p, f); 398 else 399 fdb_delete(br, f); 400 } 401 } 402 spin_unlock_bh(&br->hash_lock); 403 } 404 405 #if IS_ENABLED(CONFIG_ATM_LANE) 406 /* Interface used by ATM LANE hook to test 407 * if an addr is on some other bridge port */ 408 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 409 { 410 struct net_bridge_fdb_entry *fdb; 411 struct net_bridge_port *port; 412 int ret; 413 414 rcu_read_lock(); 415 port = br_port_get_rcu(dev); 416 if (!port) 417 ret = 0; 418 else { 419 fdb = br_fdb_find_rcu(port->br, addr, 0); 420 ret = fdb && fdb->dst && fdb->dst->dev != dev && 421 fdb->dst->state == BR_STATE_FORWARDING; 422 } 423 rcu_read_unlock(); 424 425 return ret; 426 } 427 #endif /* CONFIG_ATM_LANE */ 428 429 /* 430 * Fill buffer with forwarding table records in 431 * the API format. 432 */ 433 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 434 unsigned long maxnum, unsigned long skip) 435 { 436 struct __fdb_entry *fe = buf; 437 int i, num = 0; 438 struct net_bridge_fdb_entry *f; 439 440 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 441 442 rcu_read_lock(); 443 for (i = 0; i < BR_HASH_SIZE; i++) { 444 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 445 if (num >= maxnum) 446 goto out; 447 448 if (has_expired(br, f)) 449 continue; 450 451 /* ignore pseudo entry for local MAC address */ 452 if (!f->dst) 453 continue; 454 455 if (skip) { 456 --skip; 457 continue; 458 } 459 460 /* convert from internal format to API */ 461 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 462 463 /* due to ABI compat need to split into hi/lo */ 464 fe->port_no = f->dst->port_no; 465 fe->port_hi = f->dst->port_no >> 8; 466 467 fe->is_local = f->is_local; 468 if (!f->is_static) 469 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 470 ++fe; 471 ++num; 472 } 473 } 474 475 out: 476 rcu_read_unlock(); 477 478 return num; 479 } 480 481 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 482 struct net_bridge_port *source, 483 const unsigned char *addr, 484 __u16 vid, 485 unsigned char is_local, 486 unsigned char is_static) 487 { 488 struct net_bridge_fdb_entry *fdb; 489 490 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 491 if (fdb) { 492 memcpy(fdb->addr.addr, addr, ETH_ALEN); 493 fdb->dst = source; 494 fdb->vlan_id = vid; 495 fdb->is_local = is_local; 496 fdb->is_static = is_static; 497 fdb->added_by_user = 0; 498 fdb->added_by_external_learn = 0; 499 fdb->offloaded = 0; 500 fdb->updated = fdb->used = jiffies; 501 hlist_add_head_rcu(&fdb->hlist, head); 502 } 503 return fdb; 504 } 505 506 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 507 const unsigned char *addr, u16 vid) 508 { 509 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 510 struct net_bridge_fdb_entry *fdb; 511 512 if (!is_valid_ether_addr(addr)) 513 return -EINVAL; 514 515 fdb = br_fdb_find(br, addr, vid); 516 if (fdb) { 517 /* it is okay to have multiple ports with same 518 * address, just use the first one. 519 */ 520 if (fdb->is_local) 521 return 0; 522 br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n", 523 source ? source->dev->name : br->dev->name, addr, vid); 524 fdb_delete(br, fdb); 525 } 526 527 fdb = fdb_create(head, source, addr, vid, 1, 1); 528 if (!fdb) 529 return -ENOMEM; 530 531 fdb_add_hw_addr(br, addr); 532 fdb_notify(br, fdb, RTM_NEWNEIGH); 533 return 0; 534 } 535 536 /* Add entry for local address of interface */ 537 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 538 const unsigned char *addr, u16 vid) 539 { 540 int ret; 541 542 spin_lock_bh(&br->hash_lock); 543 ret = fdb_insert(br, source, addr, vid); 544 spin_unlock_bh(&br->hash_lock); 545 return ret; 546 } 547 548 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 549 const unsigned char *addr, u16 vid, bool added_by_user) 550 { 551 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 552 struct net_bridge_fdb_entry *fdb; 553 bool fdb_modified = false; 554 555 /* some users want to always flood. */ 556 if (hold_time(br) == 0) 557 return; 558 559 /* ignore packets unless we are using this port */ 560 if (!(source->state == BR_STATE_LEARNING || 561 source->state == BR_STATE_FORWARDING)) 562 return; 563 564 fdb = fdb_find_rcu(head, addr, vid); 565 if (likely(fdb)) { 566 /* attempt to update an entry for a local interface */ 567 if (unlikely(fdb->is_local)) { 568 if (net_ratelimit()) 569 br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n", 570 source->dev->name, addr, vid); 571 } else { 572 unsigned long now = jiffies; 573 574 /* fastpath: update of existing entry */ 575 if (unlikely(source != fdb->dst)) { 576 fdb->dst = source; 577 fdb_modified = true; 578 /* Take over HW learned entry */ 579 if (unlikely(fdb->added_by_external_learn)) 580 fdb->added_by_external_learn = 0; 581 } 582 if (now != fdb->updated) 583 fdb->updated = now; 584 if (unlikely(added_by_user)) 585 fdb->added_by_user = 1; 586 if (unlikely(fdb_modified)) { 587 trace_br_fdb_update(br, source, addr, vid, added_by_user); 588 fdb_notify(br, fdb, RTM_NEWNEIGH); 589 } 590 } 591 } else { 592 spin_lock(&br->hash_lock); 593 if (likely(!fdb_find_rcu(head, addr, vid))) { 594 fdb = fdb_create(head, source, addr, vid, 0, 0); 595 if (fdb) { 596 if (unlikely(added_by_user)) 597 fdb->added_by_user = 1; 598 trace_br_fdb_update(br, source, addr, vid, added_by_user); 599 fdb_notify(br, fdb, RTM_NEWNEIGH); 600 } 601 } 602 /* else we lose race and someone else inserts 603 * it first, don't bother updating 604 */ 605 spin_unlock(&br->hash_lock); 606 } 607 } 608 609 static int fdb_to_nud(const struct net_bridge *br, 610 const struct net_bridge_fdb_entry *fdb) 611 { 612 if (fdb->is_local) 613 return NUD_PERMANENT; 614 else if (fdb->is_static) 615 return NUD_NOARP; 616 else if (has_expired(br, fdb)) 617 return NUD_STALE; 618 else 619 return NUD_REACHABLE; 620 } 621 622 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 623 const struct net_bridge_fdb_entry *fdb, 624 u32 portid, u32 seq, int type, unsigned int flags) 625 { 626 unsigned long now = jiffies; 627 struct nda_cacheinfo ci; 628 struct nlmsghdr *nlh; 629 struct ndmsg *ndm; 630 631 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 632 if (nlh == NULL) 633 return -EMSGSIZE; 634 635 ndm = nlmsg_data(nlh); 636 ndm->ndm_family = AF_BRIDGE; 637 ndm->ndm_pad1 = 0; 638 ndm->ndm_pad2 = 0; 639 ndm->ndm_flags = 0; 640 ndm->ndm_type = 0; 641 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 642 ndm->ndm_state = fdb_to_nud(br, fdb); 643 644 if (fdb->offloaded) 645 ndm->ndm_flags |= NTF_OFFLOADED; 646 if (fdb->added_by_external_learn) 647 ndm->ndm_flags |= NTF_EXT_LEARNED; 648 649 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 650 goto nla_put_failure; 651 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 652 goto nla_put_failure; 653 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 654 ci.ndm_confirmed = 0; 655 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 656 ci.ndm_refcnt = 0; 657 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 658 goto nla_put_failure; 659 660 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 661 goto nla_put_failure; 662 663 nlmsg_end(skb, nlh); 664 return 0; 665 666 nla_put_failure: 667 nlmsg_cancel(skb, nlh); 668 return -EMSGSIZE; 669 } 670 671 static inline size_t fdb_nlmsg_size(void) 672 { 673 return NLMSG_ALIGN(sizeof(struct ndmsg)) 674 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 675 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 676 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 677 + nla_total_size(sizeof(struct nda_cacheinfo)); 678 } 679 680 static void fdb_notify(struct net_bridge *br, 681 const struct net_bridge_fdb_entry *fdb, int type) 682 { 683 struct net *net = dev_net(br->dev); 684 struct sk_buff *skb; 685 int err = -ENOBUFS; 686 687 br_switchdev_fdb_notify(fdb, type); 688 689 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 690 if (skb == NULL) 691 goto errout; 692 693 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 694 if (err < 0) { 695 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 696 WARN_ON(err == -EMSGSIZE); 697 kfree_skb(skb); 698 goto errout; 699 } 700 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 701 return; 702 errout: 703 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 704 } 705 706 /* Dump information about entries, in response to GETNEIGH */ 707 int br_fdb_dump(struct sk_buff *skb, 708 struct netlink_callback *cb, 709 struct net_device *dev, 710 struct net_device *filter_dev, 711 int *idx) 712 { 713 struct net_bridge *br = netdev_priv(dev); 714 int err = 0; 715 int i; 716 717 if (!(dev->priv_flags & IFF_EBRIDGE)) 718 goto out; 719 720 if (!filter_dev) { 721 err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 722 if (err < 0) 723 goto out; 724 } 725 726 for (i = 0; i < BR_HASH_SIZE; i++) { 727 struct net_bridge_fdb_entry *f; 728 729 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 730 731 if (*idx < cb->args[2]) 732 goto skip; 733 734 if (filter_dev && 735 (!f->dst || f->dst->dev != filter_dev)) { 736 if (filter_dev != dev) 737 goto skip; 738 /* !f->dst is a special case for bridge 739 * It means the MAC belongs to the bridge 740 * Therefore need a little more filtering 741 * we only want to dump the !f->dst case 742 */ 743 if (f->dst) 744 goto skip; 745 } 746 if (!filter_dev && f->dst) 747 goto skip; 748 749 err = fdb_fill_info(skb, br, f, 750 NETLINK_CB(cb->skb).portid, 751 cb->nlh->nlmsg_seq, 752 RTM_NEWNEIGH, 753 NLM_F_MULTI); 754 if (err < 0) 755 goto out; 756 skip: 757 *idx += 1; 758 } 759 } 760 761 out: 762 return err; 763 } 764 765 /* Update (create or replace) forwarding database entry */ 766 static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source, 767 const __u8 *addr, __u16 state, __u16 flags, __u16 vid) 768 { 769 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 770 struct net_bridge_fdb_entry *fdb; 771 bool modified = false; 772 773 /* If the port cannot learn allow only local and static entries */ 774 if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 775 !(source->state == BR_STATE_LEARNING || 776 source->state == BR_STATE_FORWARDING)) 777 return -EPERM; 778 779 if (!source && !(state & NUD_PERMANENT)) { 780 pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n", 781 br->dev->name); 782 return -EINVAL; 783 } 784 785 fdb = br_fdb_find(br, addr, vid); 786 if (fdb == NULL) { 787 if (!(flags & NLM_F_CREATE)) 788 return -ENOENT; 789 790 fdb = fdb_create(head, source, addr, vid, 0, 0); 791 if (!fdb) 792 return -ENOMEM; 793 794 modified = true; 795 } else { 796 if (flags & NLM_F_EXCL) 797 return -EEXIST; 798 799 if (fdb->dst != source) { 800 fdb->dst = source; 801 modified = true; 802 } 803 } 804 805 if (fdb_to_nud(br, fdb) != state) { 806 if (state & NUD_PERMANENT) { 807 fdb->is_local = 1; 808 if (!fdb->is_static) { 809 fdb->is_static = 1; 810 fdb_add_hw_addr(br, addr); 811 } 812 } else if (state & NUD_NOARP) { 813 fdb->is_local = 0; 814 if (!fdb->is_static) { 815 fdb->is_static = 1; 816 fdb_add_hw_addr(br, addr); 817 } 818 } else { 819 fdb->is_local = 0; 820 if (fdb->is_static) { 821 fdb->is_static = 0; 822 fdb_del_hw_addr(br, addr); 823 } 824 } 825 826 modified = true; 827 } 828 fdb->added_by_user = 1; 829 830 fdb->used = jiffies; 831 if (modified) { 832 fdb->updated = jiffies; 833 fdb_notify(br, fdb, RTM_NEWNEIGH); 834 } 835 836 return 0; 837 } 838 839 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br, 840 struct net_bridge_port *p, const unsigned char *addr, 841 u16 nlh_flags, u16 vid) 842 { 843 int err = 0; 844 845 if (ndm->ndm_flags & NTF_USE) { 846 if (!p) { 847 pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n", 848 br->dev->name); 849 return -EINVAL; 850 } 851 local_bh_disable(); 852 rcu_read_lock(); 853 br_fdb_update(br, p, addr, vid, true); 854 rcu_read_unlock(); 855 local_bh_enable(); 856 } else if (ndm->ndm_flags & NTF_EXT_LEARNED) { 857 err = br_fdb_external_learn_add(br, p, addr, vid); 858 } else { 859 spin_lock_bh(&br->hash_lock); 860 err = fdb_add_entry(br, p, addr, ndm->ndm_state, 861 nlh_flags, vid); 862 spin_unlock_bh(&br->hash_lock); 863 } 864 865 return err; 866 } 867 868 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 869 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 870 struct net_device *dev, 871 const unsigned char *addr, u16 vid, u16 nlh_flags) 872 { 873 struct net_bridge_vlan_group *vg; 874 struct net_bridge_port *p = NULL; 875 struct net_bridge_vlan *v; 876 struct net_bridge *br = NULL; 877 int err = 0; 878 879 trace_br_fdb_add(ndm, dev, addr, vid, nlh_flags); 880 881 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 882 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 883 return -EINVAL; 884 } 885 886 if (is_zero_ether_addr(addr)) { 887 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 888 return -EINVAL; 889 } 890 891 if (dev->priv_flags & IFF_EBRIDGE) { 892 br = netdev_priv(dev); 893 vg = br_vlan_group(br); 894 } else { 895 p = br_port_get_rtnl(dev); 896 if (!p) { 897 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 898 dev->name); 899 return -EINVAL; 900 } 901 br = p->br; 902 vg = nbp_vlan_group(p); 903 } 904 905 if (vid) { 906 v = br_vlan_find(vg, vid); 907 if (!v || !br_vlan_should_use(v)) { 908 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 909 return -EINVAL; 910 } 911 912 /* VID was specified, so use it. */ 913 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid); 914 } else { 915 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0); 916 if (err || !vg || !vg->num_vlans) 917 goto out; 918 919 /* We have vlans configured on this port and user didn't 920 * specify a VLAN. To be nice, add/update entry for every 921 * vlan on this port. 922 */ 923 list_for_each_entry(v, &vg->vlan_list, vlist) { 924 if (!br_vlan_should_use(v)) 925 continue; 926 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid); 927 if (err) 928 goto out; 929 } 930 } 931 932 out: 933 return err; 934 } 935 936 static int fdb_delete_by_addr_and_port(struct net_bridge *br, 937 const struct net_bridge_port *p, 938 const u8 *addr, u16 vlan) 939 { 940 struct net_bridge_fdb_entry *fdb; 941 942 fdb = br_fdb_find(br, addr, vlan); 943 if (!fdb || fdb->dst != p) 944 return -ENOENT; 945 946 fdb_delete(br, fdb); 947 948 return 0; 949 } 950 951 static int __br_fdb_delete(struct net_bridge *br, 952 const struct net_bridge_port *p, 953 const unsigned char *addr, u16 vid) 954 { 955 int err; 956 957 spin_lock_bh(&br->hash_lock); 958 err = fdb_delete_by_addr_and_port(br, p, addr, vid); 959 spin_unlock_bh(&br->hash_lock); 960 961 return err; 962 } 963 964 /* Remove neighbor entry with RTM_DELNEIGH */ 965 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 966 struct net_device *dev, 967 const unsigned char *addr, u16 vid) 968 { 969 struct net_bridge_vlan_group *vg; 970 struct net_bridge_port *p = NULL; 971 struct net_bridge_vlan *v; 972 struct net_bridge *br; 973 int err; 974 975 if (dev->priv_flags & IFF_EBRIDGE) { 976 br = netdev_priv(dev); 977 vg = br_vlan_group(br); 978 } else { 979 p = br_port_get_rtnl(dev); 980 if (!p) { 981 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 982 dev->name); 983 return -EINVAL; 984 } 985 vg = nbp_vlan_group(p); 986 br = p->br; 987 } 988 989 if (vid) { 990 v = br_vlan_find(vg, vid); 991 if (!v) { 992 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 993 return -EINVAL; 994 } 995 996 err = __br_fdb_delete(br, p, addr, vid); 997 } else { 998 err = -ENOENT; 999 err &= __br_fdb_delete(br, p, addr, 0); 1000 if (!vg || !vg->num_vlans) 1001 return err; 1002 1003 list_for_each_entry(v, &vg->vlan_list, vlist) { 1004 if (!br_vlan_should_use(v)) 1005 continue; 1006 err &= __br_fdb_delete(br, p, addr, v->vid); 1007 } 1008 } 1009 1010 return err; 1011 } 1012 1013 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1014 { 1015 struct net_bridge_fdb_entry *fdb, *tmp; 1016 int i; 1017 int err; 1018 1019 ASSERT_RTNL(); 1020 1021 for (i = 0; i < BR_HASH_SIZE; i++) { 1022 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 1023 /* We only care for static entries */ 1024 if (!fdb->is_static) 1025 continue; 1026 1027 err = dev_uc_add(p->dev, fdb->addr.addr); 1028 if (err) 1029 goto rollback; 1030 } 1031 } 1032 return 0; 1033 1034 rollback: 1035 for (i = 0; i < BR_HASH_SIZE; i++) { 1036 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 1037 /* If we reached the fdb that failed, we can stop */ 1038 if (tmp == fdb) 1039 break; 1040 1041 /* We only care for static entries */ 1042 if (!tmp->is_static) 1043 continue; 1044 1045 dev_uc_del(p->dev, tmp->addr.addr); 1046 } 1047 } 1048 return err; 1049 } 1050 1051 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1052 { 1053 struct net_bridge_fdb_entry *fdb; 1054 int i; 1055 1056 ASSERT_RTNL(); 1057 1058 for (i = 0; i < BR_HASH_SIZE; i++) { 1059 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1060 /* We only care for static entries */ 1061 if (!fdb->is_static) 1062 continue; 1063 1064 dev_uc_del(p->dev, fdb->addr.addr); 1065 } 1066 } 1067 } 1068 1069 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1070 const unsigned char *addr, u16 vid) 1071 { 1072 struct net_bridge_fdb_entry *fdb; 1073 struct hlist_head *head; 1074 bool modified = false; 1075 int err = 0; 1076 1077 trace_br_fdb_external_learn_add(br, p, addr, vid); 1078 1079 spin_lock_bh(&br->hash_lock); 1080 1081 head = &br->hash[br_mac_hash(addr, vid)]; 1082 fdb = br_fdb_find(br, addr, vid); 1083 if (!fdb) { 1084 fdb = fdb_create(head, p, addr, vid, 0, 0); 1085 if (!fdb) { 1086 err = -ENOMEM; 1087 goto err_unlock; 1088 } 1089 fdb->added_by_external_learn = 1; 1090 fdb_notify(br, fdb, RTM_NEWNEIGH); 1091 } else { 1092 fdb->updated = jiffies; 1093 1094 if (fdb->dst != p) { 1095 fdb->dst = p; 1096 modified = true; 1097 } 1098 1099 if (fdb->added_by_external_learn) { 1100 /* Refresh entry */ 1101 fdb->used = jiffies; 1102 } else if (!fdb->added_by_user) { 1103 /* Take over SW learned entry */ 1104 fdb->added_by_external_learn = 1; 1105 modified = true; 1106 } 1107 1108 if (modified) 1109 fdb_notify(br, fdb, RTM_NEWNEIGH); 1110 } 1111 1112 err_unlock: 1113 spin_unlock_bh(&br->hash_lock); 1114 1115 return err; 1116 } 1117 1118 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1119 const unsigned char *addr, u16 vid) 1120 { 1121 struct net_bridge_fdb_entry *fdb; 1122 int err = 0; 1123 1124 spin_lock_bh(&br->hash_lock); 1125 1126 fdb = br_fdb_find(br, addr, vid); 1127 if (fdb && fdb->added_by_external_learn) 1128 fdb_delete(br, fdb); 1129 else 1130 err = -ENOENT; 1131 1132 spin_unlock_bh(&br->hash_lock); 1133 1134 return err; 1135 } 1136 1137 void br_fdb_offloaded_set(struct net_bridge *br, struct net_bridge_port *p, 1138 const unsigned char *addr, u16 vid) 1139 { 1140 struct net_bridge_fdb_entry *fdb; 1141 1142 spin_lock_bh(&br->hash_lock); 1143 1144 fdb = br_fdb_find(br, addr, vid); 1145 if (fdb) 1146 fdb->offloaded = 1; 1147 1148 spin_unlock_bh(&br->hash_lock); 1149 } 1150