/net/bridge/br_fdb.c
C | 1208 lines | 931 code | 185 blank | 92 comment | 205 complexity | e2b9bb89280007da717b26da203f40ed MD5 | raw file
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Forwarding database 4 * Linux ethernet bridge 5 * 6 * Authors: 7 * Lennert Buytenhek <buytenh@gnu.org> 8 */ 9 10#include <linux/kernel.h> 11#include <linux/init.h> 12#include <linux/rculist.h> 13#include <linux/spinlock.h> 14#include <linux/times.h> 15#include <linux/netdevice.h> 16#include <linux/etherdevice.h> 17#include <linux/jhash.h> 18#include <linux/random.h> 19#include <linux/slab.h> 20#include <linux/atomic.h> 21#include <asm/unaligned.h> 22#include <linux/if_vlan.h> 23#include <net/switchdev.h> 24#include <trace/events/bridge.h> 25#include "br_private.h" 26 27static const struct rhashtable_params br_fdb_rht_params = { 28 .head_offset = offsetof(struct net_bridge_fdb_entry, rhnode), 29 .key_offset = offsetof(struct net_bridge_fdb_entry, key), 30 .key_len = sizeof(struct net_bridge_fdb_key), 31 .automatic_shrinking = true, 32}; 33 34static struct kmem_cache *br_fdb_cache __read_mostly; 35static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 36 const unsigned char *addr, u16 vid); 37static void fdb_notify(struct net_bridge *br, 38 const struct net_bridge_fdb_entry *, int, bool); 39 40int __init br_fdb_init(void) 41{ 42 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 43 sizeof(struct net_bridge_fdb_entry), 44 0, 45 SLAB_HWCACHE_ALIGN, NULL); 46 if (!br_fdb_cache) 47 return -ENOMEM; 48 49 return 0; 50} 51 52void br_fdb_fini(void) 53{ 54 kmem_cache_destroy(br_fdb_cache); 55} 56 57int br_fdb_hash_init(struct net_bridge *br) 58{ 59 return rhashtable_init(&br->fdb_hash_tbl, &br_fdb_rht_params); 60} 61 62void br_fdb_hash_fini(struct net_bridge *br) 63{ 64 rhashtable_destroy(&br->fdb_hash_tbl); 65} 66 67/* if topology_changing then use forward_delay (default 15 sec) 68 * otherwise keep longer (default 5 minutes) 69 */ 70static inline unsigned long hold_time(const struct net_bridge *br) 71{ 72 return br->topology_change ? br->forward_delay : br->ageing_time; 73} 74 75static inline int has_expired(const struct net_bridge *br, 76 const struct net_bridge_fdb_entry *fdb) 77{ 78 return !test_bit(BR_FDB_STATIC, &fdb->flags) && 79 !test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags) && 80 time_before_eq(fdb->updated + hold_time(br), jiffies); 81} 82 83static void fdb_rcu_free(struct rcu_head *head) 84{ 85 struct net_bridge_fdb_entry *ent 86 = container_of(head, struct net_bridge_fdb_entry, rcu); 87 kmem_cache_free(br_fdb_cache, ent); 88} 89 90static struct net_bridge_fdb_entry *fdb_find_rcu(struct rhashtable *tbl, 91 const unsigned char *addr, 92 __u16 vid) 93{ 94 struct net_bridge_fdb_key key; 95 96 WARN_ON_ONCE(!rcu_read_lock_held()); 97 98 key.vlan_id = vid; 99 memcpy(key.addr.addr, addr, sizeof(key.addr.addr)); 100 101 return rhashtable_lookup(tbl, &key, br_fdb_rht_params); 102} 103 104/* requires bridge hash_lock */ 105static struct net_bridge_fdb_entry *br_fdb_find(struct net_bridge *br, 106 const unsigned char *addr, 107 __u16 vid) 108{ 109 struct net_bridge_fdb_entry *fdb; 110 111 lockdep_assert_held_once(&br->hash_lock); 112 113 rcu_read_lock(); 114 fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); 115 rcu_read_unlock(); 116 117 return fdb; 118} 119 120struct net_device *br_fdb_find_port(const struct net_device *br_dev, 121 const unsigned char *addr, 122 __u16 vid) 123{ 124 struct net_bridge_fdb_entry *f; 125 struct net_device *dev = NULL; 126 struct net_bridge *br; 127 128 ASSERT_RTNL(); 129 130 if (!netif_is_bridge_master(br_dev)) 131 return NULL; 132 133 br = netdev_priv(br_dev); 134 rcu_read_lock(); 135 f = br_fdb_find_rcu(br, addr, vid); 136 if (f && f->dst) 137 dev = f->dst->dev; 138 rcu_read_unlock(); 139 140 return dev; 141} 142EXPORT_SYMBOL_GPL(br_fdb_find_port); 143 144struct net_bridge_fdb_entry *br_fdb_find_rcu(struct net_bridge *br, 145 const unsigned char *addr, 146 __u16 vid) 147{ 148 return fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); 149} 150 151/* When a static FDB entry is added, the mac address from the entry is 152 * added to the bridge private HW address list and all required ports 153 * are then updated with the new information. 154 * Called under RTNL. 155 */ 156static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr) 157{ 158 int err; 159 struct net_bridge_port *p; 160 161 ASSERT_RTNL(); 162 163 list_for_each_entry(p, &br->port_list, list) { 164 if (!br_promisc_port(p)) { 165 err = dev_uc_add(p->dev, addr); 166 if (err) 167 goto undo; 168 } 169 } 170 171 return; 172undo: 173 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 174 if (!br_promisc_port(p)) 175 dev_uc_del(p->dev, addr); 176 } 177} 178 179/* When a static FDB entry is deleted, the HW address from that entry is 180 * also removed from the bridge private HW address list and updates all 181 * the ports with needed information. 182 * Called under RTNL. 183 */ 184static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr) 185{ 186 struct net_bridge_port *p; 187 188 ASSERT_RTNL(); 189 190 list_for_each_entry(p, &br->port_list, list) { 191 if (!br_promisc_port(p)) 192 dev_uc_del(p->dev, addr); 193 } 194} 195 196static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f, 197 bool swdev_notify) 198{ 199 trace_fdb_delete(br, f); 200 201 if (test_bit(BR_FDB_STATIC, &f->flags)) 202 fdb_del_hw_addr(br, f->key.addr.addr); 203 204 hlist_del_init_rcu(&f->fdb_node); 205 rhashtable_remove_fast(&br->fdb_hash_tbl, &f->rhnode, 206 br_fdb_rht_params); 207 fdb_notify(br, f, RTM_DELNEIGH, swdev_notify); 208 call_rcu(&f->rcu, fdb_rcu_free); 209} 210 211/* Delete a local entry if no other port had the same address. */ 212static void fdb_delete_local(struct net_bridge *br, 213 const struct net_bridge_port *p, 214 struct net_bridge_fdb_entry *f) 215{ 216 const unsigned char *addr = f->key.addr.addr; 217 struct net_bridge_vlan_group *vg; 218 const struct net_bridge_vlan *v; 219 struct net_bridge_port *op; 220 u16 vid = f->key.vlan_id; 221 222 /* Maybe another port has same hw addr? */ 223 list_for_each_entry(op, &br->port_list, list) { 224 vg = nbp_vlan_group(op); 225 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 226 (!vid || br_vlan_find(vg, vid))) { 227 f->dst = op; 228 clear_bit(BR_FDB_ADDED_BY_USER, &f->flags); 229 return; 230 } 231 } 232 233 vg = br_vlan_group(br); 234 v = br_vlan_find(vg, vid); 235 /* Maybe bridge device has same hw addr? */ 236 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 237 (!vid || (v && br_vlan_should_use(v)))) { 238 f->dst = NULL; 239 clear_bit(BR_FDB_ADDED_BY_USER, &f->flags); 240 return; 241 } 242 243 fdb_delete(br, f, true); 244} 245 246void br_fdb_find_delete_local(struct net_bridge *br, 247 const struct net_bridge_port *p, 248 const unsigned char *addr, u16 vid) 249{ 250 struct net_bridge_fdb_entry *f; 251 252 spin_lock_bh(&br->hash_lock); 253 f = br_fdb_find(br, addr, vid); 254 if (f && test_bit(BR_FDB_LOCAL, &f->flags) && 255 !test_bit(BR_FDB_ADDED_BY_USER, &f->flags) && f->dst == p) 256 fdb_delete_local(br, p, f); 257 spin_unlock_bh(&br->hash_lock); 258} 259 260void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 261{ 262 struct net_bridge_vlan_group *vg; 263 struct net_bridge_fdb_entry *f; 264 struct net_bridge *br = p->br; 265 struct net_bridge_vlan *v; 266 267 spin_lock_bh(&br->hash_lock); 268 vg = nbp_vlan_group(p); 269 hlist_for_each_entry(f, &br->fdb_list, fdb_node) { 270 if (f->dst == p && test_bit(BR_FDB_LOCAL, &f->flags) && 271 !test_bit(BR_FDB_ADDED_BY_USER, &f->flags)) { 272 /* delete old one */ 273 fdb_delete_local(br, p, f); 274 275 /* if this port has no vlan information 276 * configured, we can safely be done at 277 * this point. 278 */ 279 if (!vg || !vg->num_vlans) 280 goto insert; 281 } 282 } 283 284insert: 285 /* insert new address, may fail if invalid address or dup. */ 286 fdb_insert(br, p, newaddr, 0); 287 288 if (!vg || !vg->num_vlans) 289 goto done; 290 291 /* Now add entries for every VLAN configured on the port. 292 * This function runs under RTNL so the bitmap will not change 293 * from under us. 294 */ 295 list_for_each_entry(v, &vg->vlan_list, vlist) 296 fdb_insert(br, p, newaddr, v->vid); 297 298done: 299 spin_unlock_bh(&br->hash_lock); 300} 301 302void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 303{ 304 struct net_bridge_vlan_group *vg; 305 struct net_bridge_fdb_entry *f; 306 struct net_bridge_vlan *v; 307 308 spin_lock_bh(&br->hash_lock); 309 310 /* If old entry was unassociated with any port, then delete it. */ 311 f = br_fdb_find(br, br->dev->dev_addr, 0); 312 if (f && test_bit(BR_FDB_LOCAL, &f->flags) && 313 !f->dst && !test_bit(BR_FDB_ADDED_BY_USER, &f->flags)) 314 fdb_delete_local(br, NULL, f); 315 316 fdb_insert(br, NULL, newaddr, 0); 317 vg = br_vlan_group(br); 318 if (!vg || !vg->num_vlans) 319 goto out; 320 /* Now remove and add entries for every VLAN configured on the 321 * bridge. This function runs under RTNL so the bitmap will not 322 * change from under us. 323 */ 324 list_for_each_entry(v, &vg->vlan_list, vlist) { 325 if (!br_vlan_should_use(v)) 326 continue; 327 f = br_fdb_find(br, br->dev->dev_addr, v->vid); 328 if (f && test_bit(BR_FDB_LOCAL, &f->flags) && 329 !f->dst && !test_bit(BR_FDB_ADDED_BY_USER, &f->flags)) 330 fdb_delete_local(br, NULL, f); 331 fdb_insert(br, NULL, newaddr, v->vid); 332 } 333out: 334 spin_unlock_bh(&br->hash_lock); 335} 336 337void br_fdb_cleanup(struct work_struct *work) 338{ 339 struct net_bridge *br = container_of(work, struct net_bridge, 340 gc_work.work); 341 struct net_bridge_fdb_entry *f = NULL; 342 unsigned long delay = hold_time(br); 343 unsigned long work_delay = delay; 344 unsigned long now = jiffies; 345 346 /* this part is tricky, in order to avoid blocking learning and 347 * consequently forwarding, we rely on rcu to delete objects with 348 * delayed freeing allowing us to continue traversing 349 */ 350 rcu_read_lock(); 351 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 352 unsigned long this_timer; 353 354 if (test_bit(BR_FDB_STATIC, &f->flags) || 355 test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &f->flags)) 356 continue; 357 this_timer = f->updated + delay; 358 if (time_after(this_timer, now)) { 359 work_delay = min(work_delay, this_timer - now); 360 } else { 361 spin_lock_bh(&br->hash_lock); 362 if (!hlist_unhashed(&f->fdb_node)) 363 fdb_delete(br, f, true); 364 spin_unlock_bh(&br->hash_lock); 365 } 366 } 367 rcu_read_unlock(); 368 369 /* Cleanup minimum 10 milliseconds apart */ 370 work_delay = max_t(unsigned long, work_delay, msecs_to_jiffies(10)); 371 mod_delayed_work(system_long_wq, &br->gc_work, work_delay); 372} 373 374/* Completely flush all dynamic entries in forwarding database.*/ 375void br_fdb_flush(struct net_bridge *br) 376{ 377 struct net_bridge_fdb_entry *f; 378 struct hlist_node *tmp; 379 380 spin_lock_bh(&br->hash_lock); 381 hlist_for_each_entry_safe(f, tmp, &br->fdb_list, fdb_node) { 382 if (!test_bit(BR_FDB_STATIC, &f->flags)) 383 fdb_delete(br, f, true); 384 } 385 spin_unlock_bh(&br->hash_lock); 386} 387 388/* Flush all entries referring to a specific port. 389 * if do_all is set also flush static entries 390 * if vid is set delete all entries that match the vlan_id 391 */ 392void br_fdb_delete_by_port(struct net_bridge *br, 393 const struct net_bridge_port *p, 394 u16 vid, 395 int do_all) 396{ 397 struct net_bridge_fdb_entry *f; 398 struct hlist_node *tmp; 399 400 spin_lock_bh(&br->hash_lock); 401 hlist_for_each_entry_safe(f, tmp, &br->fdb_list, fdb_node) { 402 if (f->dst != p) 403 continue; 404 405 if (!do_all) 406 if (test_bit(BR_FDB_STATIC, &f->flags) || 407 (vid && f->key.vlan_id != vid)) 408 continue; 409 410 if (test_bit(BR_FDB_LOCAL, &f->flags)) 411 fdb_delete_local(br, p, f); 412 else 413 fdb_delete(br, f, true); 414 } 415 spin_unlock_bh(&br->hash_lock); 416} 417 418#if IS_ENABLED(CONFIG_ATM_LANE) 419/* Interface used by ATM LANE hook to test 420 * if an addr is on some other bridge port */ 421int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 422{ 423 struct net_bridge_fdb_entry *fdb; 424 struct net_bridge_port *port; 425 int ret; 426 427 rcu_read_lock(); 428 port = br_port_get_rcu(dev); 429 if (!port) 430 ret = 0; 431 else { 432 fdb = br_fdb_find_rcu(port->br, addr, 0); 433 ret = fdb && fdb->dst && fdb->dst->dev != dev && 434 fdb->dst->state == BR_STATE_FORWARDING; 435 } 436 rcu_read_unlock(); 437 438 return ret; 439} 440#endif /* CONFIG_ATM_LANE */ 441 442/* 443 * Fill buffer with forwarding table records in 444 * the API format. 445 */ 446int br_fdb_fillbuf(struct net_bridge *br, void *buf, 447 unsigned long maxnum, unsigned long skip) 448{ 449 struct net_bridge_fdb_entry *f; 450 struct __fdb_entry *fe = buf; 451 int num = 0; 452 453 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 454 455 rcu_read_lock(); 456 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 457 if (num >= maxnum) 458 break; 459 460 if (has_expired(br, f)) 461 continue; 462 463 /* ignore pseudo entry for local MAC address */ 464 if (!f->dst) 465 continue; 466 467 if (skip) { 468 --skip; 469 continue; 470 } 471 472 /* convert from internal format to API */ 473 memcpy(fe->mac_addr, f->key.addr.addr, ETH_ALEN); 474 475 /* due to ABI compat need to split into hi/lo */ 476 fe->port_no = f->dst->port_no; 477 fe->port_hi = f->dst->port_no >> 8; 478 479 fe->is_local = test_bit(BR_FDB_LOCAL, &f->flags); 480 if (!test_bit(BR_FDB_STATIC, &f->flags)) 481 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 482 ++fe; 483 ++num; 484 } 485 rcu_read_unlock(); 486 487 return num; 488} 489 490static struct net_bridge_fdb_entry *fdb_create(struct net_bridge *br, 491 struct net_bridge_port *source, 492 const unsigned char *addr, 493 __u16 vid, 494 unsigned long flags) 495{ 496 struct net_bridge_fdb_entry *fdb; 497 498 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 499 if (fdb) { 500 memcpy(fdb->key.addr.addr, addr, ETH_ALEN); 501 fdb->dst = source; 502 fdb->key.vlan_id = vid; 503 fdb->flags = flags; 504 fdb->updated = fdb->used = jiffies; 505 if (rhashtable_lookup_insert_fast(&br->fdb_hash_tbl, 506 &fdb->rhnode, 507 br_fdb_rht_params)) { 508 kmem_cache_free(br_fdb_cache, fdb); 509 fdb = NULL; 510 } else { 511 hlist_add_head_rcu(&fdb->fdb_node, &br->fdb_list); 512 } 513 } 514 return fdb; 515} 516 517static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 518 const unsigned char *addr, u16 vid) 519{ 520 struct net_bridge_fdb_entry *fdb; 521 522 if (!is_valid_ether_addr(addr)) 523 return -EINVAL; 524 525 fdb = br_fdb_find(br, addr, vid); 526 if (fdb) { 527 /* it is okay to have multiple ports with same 528 * address, just use the first one. 529 */ 530 if (test_bit(BR_FDB_LOCAL, &fdb->flags)) 531 return 0; 532 br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n", 533 source ? source->dev->name : br->dev->name, addr, vid); 534 fdb_delete(br, fdb, true); 535 } 536 537 fdb = fdb_create(br, source, addr, vid, 538 BIT(BR_FDB_LOCAL) | BIT(BR_FDB_STATIC)); 539 if (!fdb) 540 return -ENOMEM; 541 542 fdb_add_hw_addr(br, addr); 543 fdb_notify(br, fdb, RTM_NEWNEIGH, true); 544 return 0; 545} 546 547/* Add entry for local address of interface */ 548int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 549 const unsigned char *addr, u16 vid) 550{ 551 int ret; 552 553 spin_lock_bh(&br->hash_lock); 554 ret = fdb_insert(br, source, addr, vid); 555 spin_unlock_bh(&br->hash_lock); 556 return ret; 557} 558 559void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 560 const unsigned char *addr, u16 vid, unsigned long flags) 561{ 562 struct net_bridge_fdb_entry *fdb; 563 bool fdb_modified = false; 564 565 /* some users want to always flood. */ 566 if (hold_time(br) == 0) 567 return; 568 569 fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid); 570 if (likely(fdb)) { 571 /* attempt to update an entry for a local interface */ 572 if (unlikely(test_bit(BR_FDB_LOCAL, &fdb->flags))) { 573 if (net_ratelimit()) 574 br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n", 575 source->dev->name, addr, vid); 576 } else { 577 unsigned long now = jiffies; 578 579 /* fastpath: update of existing entry */ 580 if (unlikely(source != fdb->dst && 581 !test_bit(BR_FDB_STICKY, &fdb->flags))) { 582 fdb->dst = source; 583 fdb_modified = true; 584 /* Take over HW learned entry */ 585 if (unlikely(test_bit(BR_FDB_ADDED_BY_EXT_LEARN, 586 &fdb->flags))) 587 clear_bit(BR_FDB_ADDED_BY_EXT_LEARN, 588 &fdb->flags); 589 } 590 if (now != fdb->updated) 591 fdb->updated = now; 592 if (unlikely(test_bit(BR_FDB_ADDED_BY_USER, &flags))) 593 set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags); 594 if (unlikely(fdb_modified)) { 595 trace_br_fdb_update(br, source, addr, vid, flags); 596 fdb_notify(br, fdb, RTM_NEWNEIGH, true); 597 } 598 } 599 } else { 600 spin_lock(&br->hash_lock); 601 fdb = fdb_create(br, source, addr, vid, flags); 602 if (fdb) { 603 trace_br_fdb_update(br, source, addr, vid, flags); 604 fdb_notify(br, fdb, RTM_NEWNEIGH, true); 605 } 606 /* else we lose race and someone else inserts 607 * it first, don't bother updating 608 */ 609 spin_unlock(&br->hash_lock); 610 } 611} 612 613static int fdb_to_nud(const struct net_bridge *br, 614 const struct net_bridge_fdb_entry *fdb) 615{ 616 if (test_bit(BR_FDB_LOCAL, &fdb->flags)) 617 return NUD_PERMANENT; 618 else if (test_bit(BR_FDB_STATIC, &fdb->flags)) 619 return NUD_NOARP; 620 else if (has_expired(br, fdb)) 621 return NUD_STALE; 622 else 623 return NUD_REACHABLE; 624} 625 626static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 627 const struct net_bridge_fdb_entry *fdb, 628 u32 portid, u32 seq, int type, unsigned int flags) 629{ 630 unsigned long now = jiffies; 631 struct nda_cacheinfo ci; 632 struct nlmsghdr *nlh; 633 struct ndmsg *ndm; 634 635 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 636 if (nlh == NULL) 637 return -EMSGSIZE; 638 639 ndm = nlmsg_data(nlh); 640 ndm->ndm_family = AF_BRIDGE; 641 ndm->ndm_pad1 = 0; 642 ndm->ndm_pad2 = 0; 643 ndm->ndm_flags = 0; 644 ndm->ndm_type = 0; 645 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 646 ndm->ndm_state = fdb_to_nud(br, fdb); 647 648 if (test_bit(BR_FDB_OFFLOADED, &fdb->flags)) 649 ndm->ndm_flags |= NTF_OFFLOADED; 650 if (test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags)) 651 ndm->ndm_flags |= NTF_EXT_LEARNED; 652 if (test_bit(BR_FDB_STICKY, &fdb->flags)) 653 ndm->ndm_flags |= NTF_STICKY; 654 655 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->key.addr)) 656 goto nla_put_failure; 657 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 658 goto nla_put_failure; 659 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 660 ci.ndm_confirmed = 0; 661 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 662 ci.ndm_refcnt = 0; 663 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 664 goto nla_put_failure; 665 666 if (fdb->key.vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), 667 &fdb->key.vlan_id)) 668 goto nla_put_failure; 669 670 nlmsg_end(skb, nlh); 671 return 0; 672 673nla_put_failure: 674 nlmsg_cancel(skb, nlh); 675 return -EMSGSIZE; 676} 677 678static inline size_t fdb_nlmsg_size(void) 679{ 680 return NLMSG_ALIGN(sizeof(struct ndmsg)) 681 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 682 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 683 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 684 + nla_total_size(sizeof(struct nda_cacheinfo)); 685} 686 687static void fdb_notify(struct net_bridge *br, 688 const struct net_bridge_fdb_entry *fdb, int type, 689 bool swdev_notify) 690{ 691 struct net *net = dev_net(br->dev); 692 struct sk_buff *skb; 693 int err = -ENOBUFS; 694 695 if (swdev_notify) 696 br_switchdev_fdb_notify(fdb, type); 697 698 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 699 if (skb == NULL) 700 goto errout; 701 702 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 703 if (err < 0) { 704 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 705 WARN_ON(err == -EMSGSIZE); 706 kfree_skb(skb); 707 goto errout; 708 } 709 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 710 return; 711errout: 712 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 713} 714 715/* Dump information about entries, in response to GETNEIGH */ 716int br_fdb_dump(struct sk_buff *skb, 717 struct netlink_callback *cb, 718 struct net_device *dev, 719 struct net_device *filter_dev, 720 int *idx) 721{ 722 struct net_bridge *br = netdev_priv(dev); 723 struct net_bridge_fdb_entry *f; 724 int err = 0; 725 726 if (!(dev->priv_flags & IFF_EBRIDGE)) 727 return err; 728 729 if (!filter_dev) { 730 err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx); 731 if (err < 0) 732 return err; 733 } 734 735 rcu_read_lock(); 736 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 737 if (*idx < cb->args[2]) 738 goto skip; 739 if (filter_dev && (!f->dst || f->dst->dev != filter_dev)) { 740 if (filter_dev != dev) 741 goto skip; 742 /* !f->dst is a special case for bridge 743 * It means the MAC belongs to the bridge 744 * Therefore need a little more filtering 745 * we only want to dump the !f->dst case 746 */ 747 if (f->dst) 748 goto skip; 749 } 750 if (!filter_dev && f->dst) 751 goto skip; 752 753 err = fdb_fill_info(skb, br, f, 754 NETLINK_CB(cb->skb).portid, 755 cb->nlh->nlmsg_seq, 756 RTM_NEWNEIGH, 757 NLM_F_MULTI); 758 if (err < 0) 759 break; 760skip: 761 *idx += 1; 762 } 763 rcu_read_unlock(); 764 765 return err; 766} 767 768int br_fdb_get(struct sk_buff *skb, 769 struct nlattr *tb[], 770 struct net_device *dev, 771 const unsigned char *addr, 772 u16 vid, u32 portid, u32 seq, 773 struct netlink_ext_ack *extack) 774{ 775 struct net_bridge *br = netdev_priv(dev); 776 struct net_bridge_fdb_entry *f; 777 int err = 0; 778 779 rcu_read_lock(); 780 f = br_fdb_find_rcu(br, addr, vid); 781 if (!f) { 782 NL_SET_ERR_MSG(extack, "Fdb entry not found"); 783 err = -ENOENT; 784 goto errout; 785 } 786 787 err = fdb_fill_info(skb, br, f, portid, seq, 788 RTM_NEWNEIGH, 0); 789errout: 790 rcu_read_unlock(); 791 return err; 792} 793 794/* Update (create or replace) forwarding database entry */ 795static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source, 796 const u8 *addr, u16 state, u16 flags, u16 vid, 797 u8 ndm_flags) 798{ 799 bool is_sticky = !!(ndm_flags & NTF_STICKY); 800 struct net_bridge_fdb_entry *fdb; 801 bool modified = false; 802 803 /* If the port cannot learn allow only local and static entries */ 804 if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) && 805 !(source->state == BR_STATE_LEARNING || 806 source->state == BR_STATE_FORWARDING)) 807 return -EPERM; 808 809 if (!source && !(state & NUD_PERMANENT)) { 810 pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n", 811 br->dev->name); 812 return -EINVAL; 813 } 814 815 if (is_sticky && (state & NUD_PERMANENT)) 816 return -EINVAL; 817 818 fdb = br_fdb_find(br, addr, vid); 819 if (fdb == NULL) { 820 if (!(flags & NLM_F_CREATE)) 821 return -ENOENT; 822 823 fdb = fdb_create(br, source, addr, vid, 0); 824 if (!fdb) 825 return -ENOMEM; 826 827 modified = true; 828 } else { 829 if (flags & NLM_F_EXCL) 830 return -EEXIST; 831 832 if (fdb->dst != source) { 833 fdb->dst = source; 834 modified = true; 835 } 836 } 837 838 if (fdb_to_nud(br, fdb) != state) { 839 if (state & NUD_PERMANENT) { 840 set_bit(BR_FDB_LOCAL, &fdb->flags); 841 if (!test_and_set_bit(BR_FDB_STATIC, &fdb->flags)) 842 fdb_add_hw_addr(br, addr); 843 } else if (state & NUD_NOARP) { 844 clear_bit(BR_FDB_LOCAL, &fdb->flags); 845 if (!test_and_set_bit(BR_FDB_STATIC, &fdb->flags)) 846 fdb_add_hw_addr(br, addr); 847 } else { 848 clear_bit(BR_FDB_LOCAL, &fdb->flags); 849 if (test_and_clear_bit(BR_FDB_STATIC, &fdb->flags)) 850 fdb_del_hw_addr(br, addr); 851 } 852 853 modified = true; 854 } 855 856 if (is_sticky != test_bit(BR_FDB_STICKY, &fdb->flags)) { 857 change_bit(BR_FDB_STICKY, &fdb->flags); 858 modified = true; 859 } 860 861 set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags); 862 863 fdb->used = jiffies; 864 if (modified) { 865 fdb->updated = jiffies; 866 fdb_notify(br, fdb, RTM_NEWNEIGH, true); 867 } 868 869 return 0; 870} 871 872static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br, 873 struct net_bridge_port *p, const unsigned char *addr, 874 u16 nlh_flags, u16 vid) 875{ 876 int err = 0; 877 878 if (ndm->ndm_flags & NTF_USE) { 879 if (!p) { 880 pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n", 881 br->dev->name); 882 return -EINVAL; 883 } 884 if (!nbp_state_should_learn(p)) 885 return 0; 886 887 local_bh_disable(); 888 rcu_read_lock(); 889 br_fdb_update(br, p, addr, vid, BIT(BR_FDB_ADDED_BY_USER)); 890 rcu_read_unlock(); 891 local_bh_enable(); 892 } else if (ndm->ndm_flags & NTF_EXT_LEARNED) { 893 err = br_fdb_external_learn_add(br, p, addr, vid, true); 894 } else { 895 spin_lock_bh(&br->hash_lock); 896 err = fdb_add_entry(br, p, addr, ndm->ndm_state, 897 nlh_flags, vid, ndm->ndm_flags); 898 spin_unlock_bh(&br->hash_lock); 899 } 900 901 return err; 902} 903 904/* Add new permanent fdb entry with RTM_NEWNEIGH */ 905int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 906 struct net_device *dev, 907 const unsigned char *addr, u16 vid, u16 nlh_flags, 908 struct netlink_ext_ack *extack) 909{ 910 struct net_bridge_vlan_group *vg; 911 struct net_bridge_port *p = NULL; 912 struct net_bridge_vlan *v; 913 struct net_bridge *br = NULL; 914 int err = 0; 915 916 trace_br_fdb_add(ndm, dev, addr, vid, nlh_flags); 917 918 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 919 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 920 return -EINVAL; 921 } 922 923 if (is_zero_ether_addr(addr)) { 924 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 925 return -EINVAL; 926 } 927 928 if (dev->priv_flags & IFF_EBRIDGE) { 929 br = netdev_priv(dev); 930 vg = br_vlan_group(br); 931 } else { 932 p = br_port_get_rtnl(dev); 933 if (!p) { 934 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 935 dev->name); 936 return -EINVAL; 937 } 938 br = p->br; 939 vg = nbp_vlan_group(p); 940 } 941 942 if (vid) { 943 v = br_vlan_find(vg, vid); 944 if (!v || !br_vlan_should_use(v)) { 945 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 946 return -EINVAL; 947 } 948 949 /* VID was specified, so use it. */ 950 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid); 951 } else { 952 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0); 953 if (err || !vg || !vg->num_vlans) 954 goto out; 955 956 /* We have vlans configured on this port and user didn't 957 * specify a VLAN. To be nice, add/update entry for every 958 * vlan on this port. 959 */ 960 list_for_each_entry(v, &vg->vlan_list, vlist) { 961 if (!br_vlan_should_use(v)) 962 continue; 963 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid); 964 if (err) 965 goto out; 966 } 967 } 968 969out: 970 return err; 971} 972 973static int fdb_delete_by_addr_and_port(struct net_bridge *br, 974 const struct net_bridge_port *p, 975 const u8 *addr, u16 vlan) 976{ 977 struct net_bridge_fdb_entry *fdb; 978 979 fdb = br_fdb_find(br, addr, vlan); 980 if (!fdb || fdb->dst != p) 981 return -ENOENT; 982 983 fdb_delete(br, fdb, true); 984 985 return 0; 986} 987 988static int __br_fdb_delete(struct net_bridge *br, 989 const struct net_bridge_port *p, 990 const unsigned char *addr, u16 vid) 991{ 992 int err; 993 994 spin_lock_bh(&br->hash_lock); 995 err = fdb_delete_by_addr_and_port(br, p, addr, vid); 996 spin_unlock_bh(&br->hash_lock); 997 998 return err; 999} 1000 1001/* Remove neighbor entry with RTM_DELNEIGH */ 1002int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 1003 struct net_device *dev, 1004 const unsigned char *addr, u16 vid) 1005{ 1006 struct net_bridge_vlan_group *vg; 1007 struct net_bridge_port *p = NULL; 1008 struct net_bridge_vlan *v; 1009 struct net_bridge *br; 1010 int err; 1011 1012 if (dev->priv_flags & IFF_EBRIDGE) { 1013 br = netdev_priv(dev); 1014 vg = br_vlan_group(br); 1015 } else { 1016 p = br_port_get_rtnl(dev); 1017 if (!p) { 1018 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 1019 dev->name); 1020 return -EINVAL; 1021 } 1022 vg = nbp_vlan_group(p); 1023 br = p->br; 1024 } 1025 1026 if (vid) { 1027 v = br_vlan_find(vg, vid); 1028 if (!v) { 1029 pr_info("bridge: RTM_DELNEIGH with unconfigured vlan %d on %s\n", vid, dev->name); 1030 return -EINVAL; 1031 } 1032 1033 err = __br_fdb_delete(br, p, addr, vid); 1034 } else { 1035 err = -ENOENT; 1036 err &= __br_fdb_delete(br, p, addr, 0); 1037 if (!vg || !vg->num_vlans) 1038 return err; 1039 1040 list_for_each_entry(v, &vg->vlan_list, vlist) { 1041 if (!br_vlan_should_use(v)) 1042 continue; 1043 err &= __br_fdb_delete(br, p, addr, v->vid); 1044 } 1045 } 1046 1047 return err; 1048} 1049 1050int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 1051{ 1052 struct net_bridge_fdb_entry *f, *tmp; 1053 int err = 0; 1054 1055 ASSERT_RTNL(); 1056 1057 /* the key here is that static entries change only under rtnl */ 1058 rcu_read_lock(); 1059 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 1060 /* We only care for static entries */ 1061 if (!test_bit(BR_FDB_STATIC, &f->flags)) 1062 continue; 1063 err = dev_uc_add(p->dev, f->key.addr.addr); 1064 if (err) 1065 goto rollback; 1066 } 1067done: 1068 rcu_read_unlock(); 1069 1070 return err; 1071 1072rollback: 1073 hlist_for_each_entry_rcu(tmp, &br->fdb_list, fdb_node) { 1074 /* We only care for static entries */ 1075 if (!test_bit(BR_FDB_STATIC, &tmp->flags)) 1076 continue; 1077 if (tmp == f) 1078 break; 1079 dev_uc_del(p->dev, tmp->key.addr.addr); 1080 } 1081 1082 goto done; 1083} 1084 1085void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 1086{ 1087 struct net_bridge_fdb_entry *f; 1088 1089 ASSERT_RTNL(); 1090 1091 rcu_read_lock(); 1092 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { 1093 /* We only care for static entries */ 1094 if (!test_bit(BR_FDB_STATIC, &f->flags)) 1095 continue; 1096 1097 dev_uc_del(p->dev, f->key.addr.addr); 1098 } 1099 rcu_read_unlock(); 1100} 1101 1102int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, 1103 const unsigned char *addr, u16 vid, 1104 bool swdev_notify) 1105{ 1106 struct net_bridge_fdb_entry *fdb; 1107 bool modified = false; 1108 int err = 0; 1109 1110 trace_br_fdb_external_learn_add(br, p, addr, vid); 1111 1112 spin_lock_bh(&br->hash_lock); 1113 1114 fdb = br_fdb_find(br, addr, vid); 1115 if (!fdb) { 1116 unsigned long flags = BIT(BR_FDB_ADDED_BY_EXT_LEARN); 1117 1118 if (swdev_notify) 1119 flags |= BIT(BR_FDB_ADDED_BY_USER); 1120 fdb = fdb_create(br, p, addr, vid, flags); 1121 if (!fdb) { 1122 err = -ENOMEM; 1123 goto err_unlock; 1124 } 1125 fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify); 1126 } else { 1127 fdb->updated = jiffies; 1128 1129 if (fdb->dst != p) { 1130 fdb->dst = p; 1131 modified = true; 1132 } 1133 1134 if (test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags)) { 1135 /* Refresh entry */ 1136 fdb->used = jiffies; 1137 } else if (!test_bit(BR_FDB_ADDED_BY_USER, &fdb->flags)) { 1138 /* Take over SW learned entry */ 1139 set_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags); 1140 modified = true; 1141 } 1142 1143 if (swdev_notify) 1144 set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags); 1145 1146 if (modified) 1147 fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify); 1148 } 1149 1150err_unlock: 1151 spin_unlock_bh(&br->hash_lock); 1152 1153 return err; 1154} 1155 1156int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, 1157 const unsigned char *addr, u16 vid, 1158 bool swdev_notify) 1159{ 1160 struct net_bridge_fdb_entry *fdb; 1161 int err = 0; 1162 1163 spin_lock_bh(&br->hash_lock); 1164 1165 fdb = br_fdb_find(br, addr, vid); 1166 if (fdb && test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags)) 1167 fdb_delete(br, fdb, swdev_notify); 1168 else 1169 err = -ENOENT; 1170 1171 spin_unlock_bh(&br->hash_lock); 1172 1173 return err; 1174} 1175 1176void br_fdb_offloaded_set(struct net_bridge *br, struct net_bridge_port *p, 1177 const unsigned char *addr, u16 vid, bool offloaded) 1178{ 1179 struct net_bridge_fdb_entry *fdb; 1180 1181 spin_lock_bh(&br->hash_lock); 1182 1183 fdb = br_fdb_find(br, addr, vid); 1184 if (fdb && offloaded != test_bit(BR_FDB_OFFLOADED, &fdb->flags)) 1185 change_bit(BR_FDB_OFFLOADED, &fdb->flags); 1186 1187 spin_unlock_bh(&br->hash_lock); 1188} 1189 1190void br_fdb_clear_offload(const struct net_device *dev, u16 vid) 1191{ 1192 struct net_bridge_fdb_entry *f; 1193 struct net_bridge_port *p; 1194 1195 ASSERT_RTNL(); 1196 1197 p = br_port_get_rtnl(dev); 1198 if (!p) 1199 return; 1200 1201 spin_lock_bh(&p->br->hash_lock); 1202 hlist_for_each_entry(f, &p->br->fdb_list, fdb_node) { 1203 if (f->dst == p && f->key.vlan_id == vid) 1204 clear_bit(BR_FDB_OFFLOADED, &f->flags); 1205 } 1206 spin_unlock_bh(&p->br->hash_lock); 1207} 1208EXPORT_SYMBOL_GPL(br_fdb_clear_offload);