1 /* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14 #include <linux/kernel.h> 15 #include <linux/init.h> 16 #include <linux/rculist.h> 17 #include <linux/spinlock.h> 18 #include <linux/times.h> 19 #include <linux/netdevice.h> 20 #include <linux/etherdevice.h> 21 #include <linux/jhash.h> 22 #include <linux/random.h> 23 #include <linux/slab.h> 24 #include <linux/atomic.h> 25 #include <asm/unaligned.h> 26 #include <linux/if_vlan.h> 27 #include <net/switchdev.h> 28 #include "br_private.h" 29 30 static struct kmem_cache *br_fdb_cache __read_mostly; 31 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 32 const unsigned char *addr, u16 vid); 33 static void fdb_notify(struct net_bridge *br, 34 const struct net_bridge_fdb_entry *, int); 35 36 static u32 fdb_salt __read_mostly; 37 38 int __init br_fdb_init(void) 39 { 40 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 41 sizeof(struct net_bridge_fdb_entry), 42 0, 43 SLAB_HWCACHE_ALIGN, NULL); 44 if (!br_fdb_cache) 45 return -ENOMEM; 46 47 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 48 return 0; 49 } 50 51 void br_fdb_fini(void) 52 { 53 kmem_cache_destroy(br_fdb_cache); 54 } 55 56 57 /* if topology_changing then use forward_delay (default 15 sec) 58 * otherwise keep longer (default 5 minutes) 59 */ 60 static inline unsigned long hold_time(const struct net_bridge *br) 61 { 62 return br->topology_change ? br->forward_delay : br->ageing_time; 63 } 64 65 static inline int has_expired(const struct net_bridge *br, 66 const struct net_bridge_fdb_entry *fdb) 67 { 68 return !fdb->is_static && !fdb->added_by_external_learn && 69 time_before_eq(fdb->updated + hold_time(br), jiffies); 70 } 71 72 static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 73 { 74 /* use 1 byte of OUI and 3 bytes of NIC */ 75 u32 key = get_unaligned((u32 *)(mac + 2)); 76 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 77 } 78 79 static void fdb_rcu_free(struct rcu_head *head) 80 { 81 struct net_bridge_fdb_entry *ent 82 = container_of(head, struct net_bridge_fdb_entry, rcu); 83 kmem_cache_free(br_fdb_cache, ent); 84 } 85 86 static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 87 const unsigned char *addr, 88 __u16 vid) 89 { 90 struct net_bridge_fdb_entry *f; 91 92 WARN_ON_ONCE(!rcu_read_lock_held()); 93 94 hlist_for_each_entry_rcu(f, head, hlist) 95 if (ether_addr_equal(f->addr.addr, addr) && f->vlan_id == vid) 96 break; 97 98 return f; 99 } 100 101 /* requires bridge hash_lock */ 102 static struct net_bridge_fdb_entry *br_fdb_find(struct net_bridge *br, 103 const unsigned char *addr, 104 __u16 vid) 105 { 106 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 107 struct net_bridge_fdb_entry *fdb; 108 109 lockdep_assert_held_once(&br->hash_lock); 110 111 rcu_read_lock(); 112 fdb = fdb_find_rcu(head, addr, vid); 113 rcu_read_unlock(); 114 115 return fdb; 116 } 117 118 struct net_bridge_fdb_entry *br_fdb_find_rcu(struct net_bridge *br, 119 const unsigned char *addr, 120 __u16 vid) 121 { 122 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 123 124 return fdb_find_rcu(head, addr, vid); 125 } 126 127 /* When a static FDB entry is added, the mac address from the entry is 128 * added to the bridge private HW address list and all required ports 129 * are then updated with the new information. 130 * Called under RTNL. 131 */ 132 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 133 { 134 int err; 135 struct net_bridge_port *p; 136 137 ASSERT_RTNL(); 138 139 list_for_each_entry(p, &br->port_list, list) { 140 if (!br_promisc_port(p)) { 141 err = dev_uc_add(p->dev, addr); 142 if (err) 143 goto undo; 144 } 145 } 146 147 return; 148 undo: 149 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 150 if (!br_promisc_port(p)) 151 dev_uc_del(p->dev, addr); 152 } 153 } 154 155 /* When a static FDB entry is deleted, the HW address from that entry is 156 * also removed from the bridge private HW address list and updates all 157 * the ports with needed information. 158 * Called under RTNL. 159 */ 160 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 161 { 162 struct net_bridge_port *p; 163 164 ASSERT_RTNL(); 165 166 list_for_each_entry(p, &br->port_list, list) { 167 if (!br_promisc_port(p)) 168 dev_uc_del(p->dev, addr); 169 } 170 } 171 172 static void fdb_del_external_learn(struct net_bridge_fdb_entry *f) 173 { 174 struct switchdev_obj_port_fdb fdb = { 175 .obj = { 176 .orig_dev = f->dst->dev, 177 .id = SWITCHDEV_OBJ_ID_PORT_FDB, 178 .flags = SWITCHDEV_F_DEFER, 179 }, 180 .vid = f->vlan_id, 181 }; 182 183 ether_addr_copy(fdb.addr, f->addr.addr); 184 switchdev_port_obj_del(f->dst->dev, &fdb.obj); 185 } 186 187 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 188 { 189 if (f->is_static) 190 fdb_del_hw_addr(br, f->addr.addr); 191 192 if (f->added_by_external_learn) 193 fdb_del_external_learn(f); 194 195 hlist_del_init_rcu(&f->hlist); 196 fdb_notify(br, f, RTM_DELNEIGH); 197 call_rcu(&f->rcu, fdb_rcu_free); 198 } 199 200 /* Delete a local entry if no other port had the same address. */ 201 static void fdb_delete_local(struct net_bridge *br, 202 const struct net_bridge_port *p, 203 struct net_bridge_fdb_entry *f) 204 { 205 const unsigned char *addr = f->addr.addr; 206 struct net_bridge_vlan_group *vg; 207 const struct net_bridge_vlan *v; 208 struct net_bridge_port *op; 209 u16 vid = f->vlan_id; 210 211 /* Maybe another port has same hw addr? */ 212 list_for_each_entry(op, &br->port_list, list) { 213 vg = nbp_vlan_group(op); 214 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 215 (!vid || br_vlan_find(vg, vid))) { 216 f->dst = op; 217 f->added_by_user = 0; 218 return; 219 } 220 } 221 222 vg = br_vlan_group(br); 223 v = br_vlan_find(vg, vid); 224 /* Maybe bridge device has same hw addr? */ 225 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 226 (!vid || (v && br_vlan_should_use(v)))) { 227 f->dst = NULL; 228 f->added_by_user = 0; 229 return; 230 } 231 232 fdb_delete(br, f); 233 } 234 235 void br_fdb_find_delete_local(struct net_bridge *br, 236 const struct net_bridge_port *p, 237 const unsigned char *addr, u16 vid) 238 { 239 struct net_bridge_fdb_entry *f; 240 241 spin_lock_bh(&br->hash_lock); 242 f = br_fdb_find(br, addr, vid); 243 if (f && f->is_local && !f->added_by_user && f->dst == p) 244 fdb_delete_local(br, p, f); 245 spin_unlock_bh(&br->hash_lock); 246 } 247 248 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 249 { 250 struct net_bridge_vlan_group *vg; 251 struct net_bridge *br = p->br; 252 struct net_bridge_vlan *v; 253 int i; 254 255 spin_lock_bh(&br->hash_lock); 256 257 vg = nbp_vlan_group(p); 258 /* Search all chains since old address/hash is unknown */ 259 for (i = 0; i < BR_HASH_SIZE; i++) { 260 struct hlist_node *h; 261 hlist_for_each(h, &br->hash[i]) { 262 struct net_bridge_fdb_entry *f; 263 264 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 265 if (f->dst == p && f->is_local && !f->added_by_user) { 266 /* delete old one */ 267 fdb_delete_local(br, p, f); 268 269 /* if this port has no vlan information 270 * configured, we can safely be done at 271 * this point. 272 */ 273 if (!vg || !vg->num_vlans) 274 goto insert; 275 } 276 } 277 } 278 279 insert: 280 /* insert new address, may fail if invalid address or dup. */ 281 fdb_insert(br, p, newaddr, 0); 282 283 if (!vg || !vg->num_vlans) 284 goto done; 285 286 /* Now add entries for every VLAN configured on the port. 287 * This function runs under RTNL so the bitmap will not change 288 * from under us. 289 */ 290 list_for_each_entry(v, &vg->vlan_list, vlist) 291 fdb_insert(br, p, newaddr, v->vid); 292 293 done: 294 spin_unlock_bh(&br->hash_lock); 295 } 296 297 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 298 { 299 struct net_bridge_vlan_group *vg; 300 struct net_bridge_fdb_entry *f; 301 struct net_bridge_vlan *v; 302 303 spin_lock_bh(&br->hash_lock); 304 305 /* If old entry was unassociated with any port, then delete it. */ 306 f = br_fdb_find(br, br->dev->dev_addr, 0); 307 if (f && f->is_local && !f->dst && !f->added_by_user) 308 fdb_delete_local(br, NULL, f); 309 310 fdb_insert(br, NULL, newaddr, 0); 311 vg = br_vlan_group(br); 312 if (!vg || !vg->num_vlans) 313 goto out; 314 /* Now remove and add entries for every VLAN configured on the 315 * bridge. This function runs under RTNL so the bitmap will not 316 * change from under us. 317 */ 318 list_for_each_entry(v, &vg->vlan_list, vlist) { 319 if (!br_vlan_should_use(v)) 320 continue; 321 f = br_fdb_find(br, br->dev->dev_addr, v->vid); 322 if (f && f->is_local && !f->dst && !f->added_by_user) 323 fdb_delete_local(br, NULL, f); 324 fdb_insert(br, NULL, newaddr, v->vid); 325 } 326 out: 327 spin_unlock_bh(&br->hash_lock); 328 } 329 330 void br_fdb_cleanup(struct work_struct *work) 331 { 332 struct net_bridge *br = container_of(work, struct net_bridge, 333 gc_work.work); 334 unsigned long delay = hold_time(br); 335 unsigned long work_delay = delay; 336 unsigned long now = jiffies; 337 int i; 338 339 for (i = 0; i < BR_HASH_SIZE; i++) { 340 struct net_bridge_fdb_entry *f; 341 struct hlist_node *n; 342 343 if (!br->hash[i].first) 344 continue; 345 346 spin_lock_bh(&br->hash_lock); 347 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 348 unsigned long this_timer; 349 350 if (f->is_static) 351 continue; 352 if (f->added_by_external_learn) 353 continue; 354 this_timer = f->updated + delay; 355 if (time_after(this_timer, now)) 356 work_delay = min(work_delay, this_timer - now); 357 else 358 fdb_delete(br, f); 359 } 360 spin_unlock_bh(&br->hash_lock); 361 cond_resched(); 362 } 363 364 /* Cleanup minimum 10 milliseconds apart */ 365 work_delay = max_t(unsigned long, work_delay, msecs_to_jiffies(10)); 366 mod_delayed_work(system_long_wq, &br->gc_work, work_delay); 367 } 368 369 /* Completely flush all dynamic entries in forwarding database.*/ 370 void br_fdb_flush(struct net_bridge *br) 371 { 372 int i; 373 374 spin_lock_bh(&br->hash_lock); 375 for (i = 0; i < BR_HASH_SIZE; i++) { 376 struct net_bridge_fdb_entry *f; 377 struct hlist_node *n; 378 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 379 if (!f->is_static) 380 fdb_delete(br, f); 381 } 382 } 383 spin_unlock_bh(&br->hash_lock); 384 } 385 386 /* Flush all entries referring to a specific port. 387 * if do_all is set also flush static entries 388 * if vid is set delete all entries that match the vlan_id 389 */ 390 void br_fdb_delete_by_port(struct net_bridge *br, 391 const struct net_bridge_port *p, 392 u16 vid, 393 int do_all) 394 { 395 int i; 396 397 spin_lock_bh(&br->hash_lock); 398 for (i = 0; i < BR_HASH_SIZE; i++) { 399 struct hlist_node *h, *g; 400 401 hlist_for_each_safe(h, g, &br->hash[i]) { 402 struct net_bridge_fdb_entry *f 403 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 404 if (f->dst != p) 405 continue; 406 407 if (!do_all) 408 if (f->is_static || (vid && f->vlan_id != vid)) 409 continue; 410 411 if (f->is_local) 412 fdb_delete_local(br, p, f); 413 else 414 fdb_delete(br, f); 415 } 416 } 417 spin_unlock_bh(&br->hash_lock); 418 } 419 420 #if IS_ENABLED(CONFIG_ATM_LANE) 421 /* Interface used by ATM LANE hook to test 422 * if an addr is on some other bridge port */ 423 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 424 { 425 struct net_bridge_fdb_entry *fdb; 426 struct net_bridge_port *port; 427 int ret; 428 429 rcu_read_lock(); 430 port = br_port_get_rcu(dev); 431 if (!port) 432 ret = 0; 433 else { 434 fdb = br_fdb_find_rcu(port->br, addr, 0); 435 ret = fdb && fdb->dst && fdb->dst->dev != dev && 436 fdb->dst->state == BR_STATE_FORWARDING; 437 } 438 rcu_read_unlock(); 439 440 return ret; 441 } 442 #endif /* CONFIG_ATM_LANE */ 443 444 /* 445 * Fill buffer with forwarding table records in 446 * the API format. 447 */ 448 int br_fdb_fillbuf(struct net_bridge *br, void *buf, 449 unsigned long maxnum, unsigned long skip) 450 { 451 struct __fdb_entry *fe = buf; 452 int i, num = 0; 453 struct net_bridge_fdb_entry *f; 454 455 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 456 457 rcu_read_lock(); 458 for (i = 0; i < BR_HASH_SIZE; i++) { 459 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 460 if (num >= maxnum) 461 goto out; 462 463 if (has_expired(br, f)) 464 continue; 465 466 /* ignore pseudo entry for local MAC address */ 467 if (!f->dst) 468 continue; 469 470 if (skip) { 471 --skip; 472 continue; 473 } 474 475 /* convert from internal format to API */ 476 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 477 478 /* due to ABI compat need to split into hi/lo */ 479 fe->port_no = f->dst->port_no; 480 fe->port_hi = f->dst->port_no >> 8; 481 482 fe->is_local = f->is_local; 483 if (!f->is_static) 484 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 485 ++fe; 486 ++num; 487 } 488 } 489 490 out: 491 rcu_read_unlock(); 492 493 return num; 494 } 495 496 static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 497 struct net_bridge_port *source, 498 const unsigned char *addr, 499 __u16 vid, 500 unsigned char is_local, 501 unsigned char is_static) 502 { 503 struct net_bridge_fdb_entry *fdb; 504 505 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 506 if (fdb) { 507 memcpy(fdb->addr.addr, addr, ETH_ALEN); 508 fdb->dst = source; 509 fdb->vlan_id = vid; 510 fdb->is_local = is_local; 511 fdb->is_static = is_static; 512 fdb->added_by_user = 0; 513 fdb->added_by_external_learn = 0; 514 fdb->updated = fdb->used = jiffies; 515 hlist_add_head_rcu(&fdb->hlist, head); 516 } 517 return fdb; 518 } 519 520 static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 521 const unsigned char *addr, u16 vid) 522 { 523 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 524 struct net_bridge_fdb_entry *fdb; 525 526 if (!is_valid_ether_addr(addr)) 527 return -EINVAL; 528 529 fdb = br_fdb_find(br, addr, vid); 530 if (fdb) { 531 /* it is okay to have multiple ports with same 532 * address, just use the first one. 533 */ 534 if (fdb->is_local) 535 return 0; 536 br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n", 537 source ? source->dev->name : br->dev->name, addr, vid); 538 fdb_delete(br, fdb); 539 } 540 541 fdb = fdb_create(head, source, addr, vid, 1, 1); 542 if (!fdb) 543 return -ENOMEM; 544 545 fdb_add_hw_addr(br, addr); 546 fdb_notify(br, fdb, RTM_NEWNEIGH); 547 return 0; 548 } 549 550 /* Add entry for local address of interface */ 551 int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 552 const unsigned char *addr, u16 vid) 553 { 554 int ret; 555 556 spin_lock_bh(&br->hash_lock); 557 ret = fdb_insert(br, source, addr, vid); 558 spin_unlock_bh(&br->hash_lock); 559 return ret; 560 } 561 562 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 563 const unsigned char *addr, u16 vid, bool added_by_user) 564 { 565 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 566 struct net_bridge_fdb_entry *fdb; 567 bool fdb_modified = false; 568 569 /* some users want to always flood. */ 570 if (hold_time(br) == 0) 571 return; 572 573 /* ignore packets unless we are using this port */ 574 if (!(source->state == BR_STATE_LEARNING || 575 source->state == BR_STATE_FORWARDING)) 576 return; 577 578 fdb = fdb_find_rcu(head, addr, vid); 579 if (likely(fdb)) { 580 /* attempt to update an entry for a local interface */ 581 if (unlikely(fdb->is_local)) { 582 if (net_ratelimit()) 583 br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n", 584 source->dev->name, addr, vid); 585 } else { 586 unsigned long now = jiffies; 587 588 /* fastpath: update of existing entry */ 589 if (unlikely(source != fdb->dst)) { 590 fdb->dst = source; 591 fdb_modified = true; 592 } 593 if (now != fdb->updated) 594 fdb->updated = now; 595 if (unlikely(added_by_user)) 596 fdb->added_by_user = 1; 597 if (unlikely(fdb_modified)) 598 fdb_notify(br, fdb, RTM_NEWNEIGH); 599 } 600 } else { 601 spin_lock(&br->hash_lock); 602 if (likely(!fdb_find_rcu(head, addr, vid))) { 603 fdb = fdb_create(head, source, addr, vid, 0, 0); 604 if (fdb) { 605 if (unlikely(added_by_user)) 606 fdb->added_by_user = 1; 607 fdb_notify(br, fdb, RTM_NEWNEIGH); 608 } 609 } 610 /* else we lose race and someone else inserts 611 * it first, don't bother updating 612 */ 613 spin_unlock(&br->hash_lock); 614 } 615 } 616 617 static int fdb_to_nud(const struct net_bridge *br, 618 const struct net_bridge_fdb_entry *fdb) 619 { 620 if (fdb->is_local) 621 return NUD_PERMANENT; 622 else if (fdb->is_static) 623 return NUD_NOARP; 624 else if (has_expired(br, fdb)) 625 return NUD_STALE; 626 else 627 return NUD_REACHABLE; 628 } 629 630 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 631 const struct net_bridge_fdb_entry *fdb, 632 u32 portid, u32 seq, int type, unsigned int flags) 633 { 634 unsigned long now = jiffies; 635 struct nda_cacheinfo ci; 636 struct nlmsghdr *nlh; 637 struct ndmsg *ndm; 638 639 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 640 if (nlh == NULL) 641 return -EMSGSIZE; 642 643 ndm = nlmsg_data(nlh); 644 ndm->ndm_family = AF_BRIDGE; 645 ndm->ndm_pad1 = 0; 646 ndm->ndm_pad2 = 0; 647 ndm->ndm_flags = fdb->added_by_external_learn ? NTF_EXT_LEARNED : 0; 648 ndm->ndm_type = 0; 649 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 650 ndm->ndm_state = fdb_to_nud(br, fdb); 651 652 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 653 goto nla_put_failure; 654 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 655 goto nla_put_failure; 656 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 657 ci.ndm_confirmed = 0; 658 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 659 ci.ndm_refcnt = 0; 660 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 661 goto nla_put_failure; 662 663 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 664 goto nla_put_failure; 665 666 nlmsg_end(skb, nlh); 667 return 0; 668 669 nla_put_failure: 670 nlmsg_cancel(skb, nlh); 671 return -EMSGSIZE; 672 } 673 674 static inline size_t fdb_nlmsg_size(void) 675 { 676 return NLMSG_ALIGN(sizeof(struct ndmsg)) 677 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 678 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 679 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 680 + nla_total_size(sizeof(struct nda_cacheinfo)); 681 } 682 683 static void fdb_notify(struct net_bridge *br, 684 const struct net_bridge_fdb_entry *fdb, int type) 685 { 686 struct net *net = dev_net(br->dev); 687 struct sk_buff *skb; 688 int err = -ENOBUFS; 689 690 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 691 if (skb == NULL) 692 goto errout; 693 694 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 695 if (err < 0) { 696 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 697 WARN_ON(err == -EMSGSIZE); 698 kfree_skb(skb); 699 goto errout; 700 } 701 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 702 return; 703 errout: 704 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 705 } 706 707 /* Dump information about entries, in response to GETNEIGH */ 708 int br_fdb_dump(struct sk_buff *skb, 709 struct netlink_callback *cb, 710 struct net_device *dev, 711 struct net_device *filter_dev, 712 int *idx) 713 { 714 struct net_bridge *br = netdev_priv(dev); 715 int err = 0; 716 int i; 717 718 if (!(dev->priv_flags & IFF_EBRIDGE)) 719 goto out; 720 721 if (!filter_dev) { 722 err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 723 if (err < 0) 724 goto out; 725 } 726 727 for (i = 0; i < BR_HASH_SIZE; i++) { 728 struct net_bridge_fdb_entry *f; 729 730 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 731 732 if (*idx < cb->args[2]) 733 goto skip; 734 735 if (filter_dev && 736 (!f->dst || f->dst->dev != filter_dev)) { 737 if (filter_dev != dev) 738 goto skip; 739 /* !f->dst is a special case for bridge 740 * It means the MAC belongs to the bridge 741 * Therefore need a little more filtering 742 * we only want to dump the !f->dst case 743 */ 744 if (f->dst) 745 goto skip; 746 } 747 if (!filter_dev && f->dst) 748 goto skip; 749 750 err = fdb_fill_info(skb, br, f, 751 NETLINK_CB(cb->skb).portid, 752 cb->nlh->nlmsg_seq, 753 RTM_NEWNEIGH, 754 NLM_F_MULTI); 755 if (err < 0) 756 goto out; 757 skip: 758 *idx += 1; 759 } 760 } 761 762 out: 763 return err; 764 } 765 766 /* Update (create or replace) forwarding database entry */ 767 static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source, 768 const __u8 *addr, __u16 state, __u16 flags, __u16 vid) 769 { 770 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 771 struct net_bridge_fdb_entry *fdb; 772 bool modified = false; 773 774 /* If the port cannot learn allow only local and static entries */ 775 if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 776 !(source->state == BR_STATE_LEARNING || 777 source->state == BR_STATE_FORWARDING)) 778 return -EPERM; 779 780 if (!source && !(state & NUD_PERMANENT)) { 781 pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n", 782 br->dev->name); 783 return -EINVAL; 784 } 785 786 fdb = br_fdb_find(br, addr, vid); 787 if (fdb == NULL) { 788 if (!(flags & NLM_F_CREATE)) 789 return -ENOENT; 790 791 fdb = fdb_create(head, source, addr, vid, 0, 0); 792 if (!fdb) 793 return -ENOMEM; 794 795 modified = true; 796 } else { 797 if (flags & NLM_F_EXCL) 798 return -EEXIST; 799 800 if (fdb->dst != source) { 801 fdb->dst = source; 802 modified = true; 803 } 804 } 805 806 if (fdb_to_nud(br, fdb) != state) { 807 if (state & NUD_PERMANENT) { 808 fdb->is_local = 1; 809 if (!fdb->is_static) { 810 fdb->is_static = 1; 811 fdb_add_hw_addr(br, addr); 812 } 813 } else if (state & NUD_NOARP) { 814 fdb->is_local = 0; 815 if (!fdb->is_static) { 816 fdb->is_static = 1; 817 fdb_add_hw_addr(br, addr); 818 } 819 } else { 820 fdb->is_local = 0; 821 if (fdb->is_static) { 822 fdb->is_static = 0; 823 fdb_del_hw_addr(br, addr); 824 } 825 } 826 827 modified = true; 828 } 829 fdb->added_by_user = 1; 830 831 fdb->used = jiffies; 832 if (modified) { 833 fdb->updated = jiffies; 834 fdb_notify(br, fdb, RTM_NEWNEIGH); 835 } 836 837 return 0; 838 } 839 840 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br, 841 struct net_bridge_port *p, const unsigned char *addr, 842 u16 nlh_flags, u16 vid) 843 { 844 int err = 0; 845 846 if (ndm->ndm_flags & NTF_USE) { 847 if (!p) { 848 pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n", 849 br->dev->name); 850 return -EINVAL; 851 } 852 local_bh_disable(); 853 rcu_read_lock(); 854 br_fdb_update(br, p, addr, vid, true); 855 rcu_read_unlock(); 856 local_bh_enable(); 857 } else { 858 spin_lock_bh(&br->hash_lock); 859 err = fdb_add_entry(br, p, addr, ndm->ndm_state, 860 nlh_flags, vid); 861 spin_unlock_bh(&br->hash_lock); 862 } 863 864 return err; 865 } 866 867 /* Add new permanent fdb entry with RTM_NEWNEIGH */ 868 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 869 struct net_device *dev, 870 const unsigned char *addr, u16 vid, u16 nlh_flags) 871 { 872 struct net_bridge_vlan_group *vg; 873 struct net_bridge_port *p = NULL; 874 struct net_bridge_vlan *v; 875 struct net_bridge *br = NULL; 876 int err = 0; 877 878 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 879 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 880 return -EINVAL; 881 } 882 883 if (is_zero_ether_addr(addr)) { 884 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 885 return -EINVAL; 886 } 887 888 if (dev->priv_flags & IFF_EBRIDGE) { 889 br = netdev_priv(dev); 890 vg = br_vlan_group(br); 891 } else { 892 p = br_port_get_rtnl(dev); 893 if (!p) { 894 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 895 dev->name); 896 return -EINVAL; 897 } 898 br = p->br; 899 vg = nbp_vlan_group(p); 900 } 901 902 if (vid) { 903 v = br_vlan_find(vg, vid); 904 if (!v || !br_vlan_should_use(v)) { 905 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 906 return -EINVAL; 907 } 908 909 /* VID was specified, so use it. */ 910 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid); 911 } else { 912 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0); 913 if (err || !vg || !vg->num_vlans) 914 goto out; 915 916 /* We have vlans configured on this port and user didn't 917 * specify a VLAN. To be nice, add/update entry for every 918 * vlan on this port. 919 */ 920 list_for_each_entry(v, &vg->vlan_list, vlist) { 921 if (!br_vlan_should_use(v)) 922 continue; 923 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid); 924 if (err) 925 goto out; 926 } 927 } 928 929 out: 930 return err; 931 } 932 933 static int fdb_delete_by_addr_and_port(struct net_bridge *br, 934 const struct net_bridge_port *p, 935 const u8 *addr, u16 vlan) 936 { 937 struct net_bridge_fdb_entry *fdb; 938 939 fdb = br_fdb_find(br, addr, vlan); 940 if (!fdb || fdb->dst != p) 941 return -ENOENT; 942 943 fdb_delete(br, fdb); 944 945 return 0; 946 } 947 948 static int __br_fdb_delete(struct net_bridge *br, 949 const struct net_bridge_port *p, 950 const unsigned char *addr, u16 vid) 951 { 952 int err; 953 954 spin_lock_bh(&br->hash_lock); 955 err = fdb_delete_by_addr_and_port(br, p, addr, vid); 956 spin_unlock_bh(&br->hash_lock); 957 958 return err; 959 } 960 961 /* Remove neighbor entry with RTM_DELNEIGH */ 962 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 963 struct net_device *dev, 964 const unsigned char *addr, u16 vid) 965 { 966 struct net_bridge_vlan_group *vg; 967 struct net_bridge_port *p = NULL; 968 struct net_bridge_vlan *v; 969 struct net_bridge *br; 970 int err; 971 972 if (dev->priv_flags & IFF_EBRIDGE) { 973 br = netdev_priv(dev); 974 vg = br_vlan_group(br); 975 } else { 976 p = br_port_get_rtnl(dev); 977 if (!p) { 978 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 979 dev->name); 980 return -EINVAL; 981 } 982 vg = nbp_vlan_group(p); 983 br = p->br; 984 } 985 986 if (vid) { 987 v = br_vlan_find(vg, vid); 988 if (!v) { 989 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 990 return -EINVAL; 991 } 992 993 err = __br_fdb_delete(br, p, addr, vid); 994 } else { 995 err = -ENOENT; 996 err &= __br_fdb_delete(br, p, addr, 0); 997 if (!vg || !vg->num_vlans) 998 return err; 999 1000 list_for_each_entry(v, &vg->vlan_list, vlist) { 1001 if (!br_vlan_should_use(v)) 1002 continue; 1003 err &= __br_fdb_delete(br, p, addr, v->vid); 1004 } 1005 } 1006 1007 return err; 1008 } 1009 1010 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1011 { 1012 struct net_bridge_fdb_entry *fdb, *tmp; 1013 int i; 1014 int err; 1015 1016 ASSERT_RTNL(); 1017 1018 for (i = 0; i < BR_HASH_SIZE; i++) { 1019 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 1020 /* We only care for static entries */ 1021 if (!fdb->is_static) 1022 continue; 1023 1024 err = dev_uc_add(p->dev, fdb->addr.addr); 1025 if (err) 1026 goto rollback; 1027 } 1028 } 1029 return 0; 1030 1031 rollback: 1032 for (i = 0; i < BR_HASH_SIZE; i++) { 1033 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 1034 /* If we reached the fdb that failed, we can stop */ 1035 if (tmp == fdb) 1036 break; 1037 1038 /* We only care for static entries */ 1039 if (!tmp->is_static) 1040 continue; 1041 1042 dev_uc_del(p->dev, tmp->addr.addr); 1043 } 1044 } 1045 return err; 1046 } 1047 1048 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1049 { 1050 struct net_bridge_fdb_entry *fdb; 1051 int i; 1052 1053 ASSERT_RTNL(); 1054 1055 for (i = 0; i < BR_HASH_SIZE; i++) { 1056 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1057 /* We only care for static entries */ 1058 if (!fdb->is_static) 1059 continue; 1060 1061 dev_uc_del(p->dev, fdb->addr.addr); 1062 } 1063 } 1064 } 1065 1066 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1067 const unsigned char *addr, u16 vid) 1068 { 1069 struct hlist_head *head; 1070 struct net_bridge_fdb_entry *fdb; 1071 int err = 0; 1072 1073 ASSERT_RTNL(); 1074 spin_lock_bh(&br->hash_lock); 1075 1076 head = &br->hash[br_mac_hash(addr, vid)]; 1077 fdb = br_fdb_find(br, addr, vid); 1078 if (!fdb) { 1079 fdb = fdb_create(head, p, addr, vid, 0, 0); 1080 if (!fdb) { 1081 err = -ENOMEM; 1082 goto err_unlock; 1083 } 1084 fdb->added_by_external_learn = 1; 1085 fdb_notify(br, fdb, RTM_NEWNEIGH); 1086 } else if (fdb->added_by_external_learn) { 1087 /* Refresh entry */ 1088 fdb->updated = fdb->used = jiffies; 1089 } else if (!fdb->added_by_user) { 1090 /* Take over SW learned entry */ 1091 fdb->added_by_external_learn = 1; 1092 fdb->updated = jiffies; 1093 fdb_notify(br, fdb, RTM_NEWNEIGH); 1094 } 1095 1096 err_unlock: 1097 spin_unlock_bh(&br->hash_lock); 1098 1099 return err; 1100 } 1101 1102 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1103 const unsigned char *addr, u16 vid) 1104 { 1105 struct net_bridge_fdb_entry *fdb; 1106 int err = 0; 1107 1108 ASSERT_RTNL(); 1109 spin_lock_bh(&br->hash_lock); 1110 1111 fdb = br_fdb_find(br, addr, vid); 1112 if (fdb && fdb->added_by_external_learn) 1113 fdb_delete(br, fdb); 1114 else 1115 err = -ENOENT; 1116 1117 spin_unlock_bh(&br->hash_lock); 1118 1119 return err; 1120 } 1121