br_fdb.c revision 47fab41ab51a18a2e5fc4ec63f16b4c6702809b6
1/* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14#include <linux/kernel.h> 15#include <linux/init.h> 16#include <linux/rculist.h> 17#include <linux/spinlock.h> 18#include <linux/times.h> 19#include <linux/netdevice.h> 20#include <linux/etherdevice.h> 21#include <linux/jhash.h> 22#include <linux/random.h> 23#include <linux/slab.h> 24#include <linux/atomic.h> 25#include <asm/unaligned.h> 26#include <linux/if_vlan.h> 27#include "br_private.h" 28 29static struct kmem_cache *br_fdb_cache __read_mostly; 30static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 31 const unsigned char *addr, 32 __u16 vid); 33static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 34 const unsigned char *addr, u16 vid); 35static void fdb_notify(struct net_bridge *br, 36 const struct net_bridge_fdb_entry *, int); 37 38static u32 fdb_salt __read_mostly; 39 40int __init br_fdb_init(void) 41{ 42 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 43 sizeof(struct net_bridge_fdb_entry), 44 0, 45 SLAB_HWCACHE_ALIGN, NULL); 46 if (!br_fdb_cache) 47 return -ENOMEM; 48 49 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 50 return 0; 51} 52 53void br_fdb_fini(void) 54{ 55 kmem_cache_destroy(br_fdb_cache); 56} 57 58 59/* if topology_changing then use forward_delay (default 15 sec) 60 * otherwise keep longer (default 5 minutes) 61 */ 62static inline unsigned long hold_time(const struct net_bridge *br) 63{ 64 return br->topology_change ? br->forward_delay : br->ageing_time; 65} 66 67static inline int has_expired(const struct net_bridge *br, 68 const struct net_bridge_fdb_entry *fdb) 69{ 70 return !fdb->is_static && 71 time_before_eq(fdb->updated + hold_time(br), jiffies); 72} 73 74static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 75{ 76 /* use 1 byte of OUI and 3 bytes of NIC */ 77 u32 key = get_unaligned((u32 *)(mac + 2)); 78 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 79} 80 81static void fdb_rcu_free(struct rcu_head *head) 82{ 83 struct net_bridge_fdb_entry *ent 84 = container_of(head, struct net_bridge_fdb_entry, rcu); 85 kmem_cache_free(br_fdb_cache, ent); 86} 87 88/* When a static FDB entry is added, the mac address from the entry is 89 * added to the bridge private HW address list and all required ports 90 * are then updated with the new information. 91 * Called under RTNL. 92 */ 93static void fdb_add_hw(struct net_bridge *br, const unsigned char *addr) 94{ 95 int err; 96 struct net_bridge_port *p, *tmp; 97 98 ASSERT_RTNL(); 99 100 list_for_each_entry(p, &br->port_list, list) { 101 if (!br_promisc_port(p)) { 102 err = dev_uc_add(p->dev, addr); 103 if (err) 104 goto undo; 105 } 106 } 107 108 return; 109undo: 110 list_for_each_entry(tmp, &br->port_list, list) { 111 if (tmp == p) 112 break; 113 if (!br_promisc_port(tmp)) 114 dev_uc_del(tmp->dev, addr); 115 } 116} 117 118/* When a static FDB entry is deleted, the HW address from that entry is 119 * also removed from the bridge private HW address list and updates all 120 * the ports with needed information. 121 * Called under RTNL. 122 */ 123static void fdb_del_hw(struct net_bridge *br, const unsigned char *addr) 124{ 125 struct net_bridge_port *p; 126 127 ASSERT_RTNL(); 128 129 list_for_each_entry(p, &br->port_list, list) { 130 if (!br_promisc_port(p)) 131 dev_uc_del(p->dev, addr); 132 } 133} 134 135static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 136{ 137 if (f->is_static) 138 fdb_del_hw(br, f->addr.addr); 139 140 hlist_del_rcu(&f->hlist); 141 fdb_notify(br, f, RTM_DELNEIGH); 142 call_rcu(&f->rcu, fdb_rcu_free); 143} 144 145/* Delete a local entry if no other port had the same address. */ 146static void fdb_delete_local(struct net_bridge *br, 147 const struct net_bridge_port *p, 148 struct net_bridge_fdb_entry *f) 149{ 150 const unsigned char *addr = f->addr.addr; 151 u16 vid = f->vlan_id; 152 struct net_bridge_port *op; 153 154 /* Maybe another port has same hw addr? */ 155 list_for_each_entry(op, &br->port_list, list) { 156 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 157 (!vid || nbp_vlan_find(op, vid))) { 158 f->dst = op; 159 f->added_by_user = 0; 160 return; 161 } 162 } 163 164 /* Maybe bridge device has same hw addr? */ 165 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 166 (!vid || br_vlan_find(br, vid))) { 167 f->dst = NULL; 168 f->added_by_user = 0; 169 return; 170 } 171 172 fdb_delete(br, f); 173} 174 175void br_fdb_find_delete_local(struct net_bridge *br, 176 const struct net_bridge_port *p, 177 const unsigned char *addr, u16 vid) 178{ 179 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 180 struct net_bridge_fdb_entry *f; 181 182 spin_lock_bh(&br->hash_lock); 183 f = fdb_find(head, addr, vid); 184 if (f && f->is_local && !f->added_by_user && f->dst == p) 185 fdb_delete_local(br, p, f); 186 spin_unlock_bh(&br->hash_lock); 187} 188 189void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 190{ 191 struct net_bridge *br = p->br; 192 struct net_port_vlans *pv = nbp_get_vlan_info(p); 193 bool no_vlan = !pv; 194 int i; 195 u16 vid; 196 197 spin_lock_bh(&br->hash_lock); 198 199 /* Search all chains since old address/hash is unknown */ 200 for (i = 0; i < BR_HASH_SIZE; i++) { 201 struct hlist_node *h; 202 hlist_for_each(h, &br->hash[i]) { 203 struct net_bridge_fdb_entry *f; 204 205 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 206 if (f->dst == p && f->is_local && !f->added_by_user) { 207 /* delete old one */ 208 fdb_delete_local(br, p, f); 209 210 /* if this port has no vlan information 211 * configured, we can safely be done at 212 * this point. 213 */ 214 if (no_vlan) 215 goto insert; 216 } 217 } 218 } 219 220insert: 221 /* insert new address, may fail if invalid address or dup. */ 222 fdb_insert(br, p, newaddr, 0); 223 224 if (no_vlan) 225 goto done; 226 227 /* Now add entries for every VLAN configured on the port. 228 * This function runs under RTNL so the bitmap will not change 229 * from under us. 230 */ 231 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) 232 fdb_insert(br, p, newaddr, vid); 233 234done: 235 spin_unlock_bh(&br->hash_lock); 236} 237 238void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 239{ 240 struct net_bridge_fdb_entry *f; 241 struct net_port_vlans *pv; 242 u16 vid = 0; 243 244 spin_lock_bh(&br->hash_lock); 245 246 /* If old entry was unassociated with any port, then delete it. */ 247 f = __br_fdb_get(br, br->dev->dev_addr, 0); 248 if (f && f->is_local && !f->dst) 249 fdb_delete_local(br, NULL, f); 250 251 fdb_insert(br, NULL, newaddr, 0); 252 253 /* Now remove and add entries for every VLAN configured on the 254 * bridge. This function runs under RTNL so the bitmap will not 255 * change from under us. 256 */ 257 pv = br_get_vlan_info(br); 258 if (!pv) 259 goto out; 260 261 for_each_set_bit_from(vid, pv->vlan_bitmap, VLAN_N_VID) { 262 f = __br_fdb_get(br, br->dev->dev_addr, vid); 263 if (f && f->is_local && !f->dst) 264 fdb_delete_local(br, NULL, f); 265 fdb_insert(br, NULL, newaddr, vid); 266 } 267out: 268 spin_unlock_bh(&br->hash_lock); 269} 270 271void br_fdb_cleanup(unsigned long _data) 272{ 273 struct net_bridge *br = (struct net_bridge *)_data; 274 unsigned long delay = hold_time(br); 275 unsigned long next_timer = jiffies + br->ageing_time; 276 int i; 277 278 spin_lock(&br->hash_lock); 279 for (i = 0; i < BR_HASH_SIZE; i++) { 280 struct net_bridge_fdb_entry *f; 281 struct hlist_node *n; 282 283 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 284 unsigned long this_timer; 285 if (f->is_static) 286 continue; 287 this_timer = f->updated + delay; 288 if (time_before_eq(this_timer, jiffies)) 289 fdb_delete(br, f); 290 else if (time_before(this_timer, next_timer)) 291 next_timer = this_timer; 292 } 293 } 294 spin_unlock(&br->hash_lock); 295 296 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 297} 298 299/* Completely flush all dynamic entries in forwarding database.*/ 300void br_fdb_flush(struct net_bridge *br) 301{ 302 int i; 303 304 spin_lock_bh(&br->hash_lock); 305 for (i = 0; i < BR_HASH_SIZE; i++) { 306 struct net_bridge_fdb_entry *f; 307 struct hlist_node *n; 308 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 309 if (!f->is_static) 310 fdb_delete(br, f); 311 } 312 } 313 spin_unlock_bh(&br->hash_lock); 314} 315 316/* Flush all entries referring to a specific port. 317 * if do_all is set also flush static entries 318 */ 319void br_fdb_delete_by_port(struct net_bridge *br, 320 const struct net_bridge_port *p, 321 int do_all) 322{ 323 int i; 324 325 spin_lock_bh(&br->hash_lock); 326 for (i = 0; i < BR_HASH_SIZE; i++) { 327 struct hlist_node *h, *g; 328 329 hlist_for_each_safe(h, g, &br->hash[i]) { 330 struct net_bridge_fdb_entry *f 331 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 332 if (f->dst != p) 333 continue; 334 335 if (f->is_static && !do_all) 336 continue; 337 338 if (f->is_local) 339 fdb_delete_local(br, p, f); 340 else 341 fdb_delete(br, f); 342 } 343 } 344 spin_unlock_bh(&br->hash_lock); 345} 346 347/* No locking or refcounting, assumes caller has rcu_read_lock */ 348struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 349 const unsigned char *addr, 350 __u16 vid) 351{ 352 struct net_bridge_fdb_entry *fdb; 353 354 hlist_for_each_entry_rcu(fdb, 355 &br->hash[br_mac_hash(addr, vid)], hlist) { 356 if (ether_addr_equal(fdb->addr.addr, addr) && 357 fdb->vlan_id == vid) { 358 if (unlikely(has_expired(br, fdb))) 359 break; 360 return fdb; 361 } 362 } 363 364 return NULL; 365} 366 367#if IS_ENABLED(CONFIG_ATM_LANE) 368/* Interface used by ATM LANE hook to test 369 * if an addr is on some other bridge port */ 370int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 371{ 372 struct net_bridge_fdb_entry *fdb; 373 struct net_bridge_port *port; 374 int ret; 375 376 rcu_read_lock(); 377 port = br_port_get_rcu(dev); 378 if (!port) 379 ret = 0; 380 else { 381 fdb = __br_fdb_get(port->br, addr, 0); 382 ret = fdb && fdb->dst && fdb->dst->dev != dev && 383 fdb->dst->state == BR_STATE_FORWARDING; 384 } 385 rcu_read_unlock(); 386 387 return ret; 388} 389#endif /* CONFIG_ATM_LANE */ 390 391/* 392 * Fill buffer with forwarding table records in 393 * the API format. 394 */ 395int br_fdb_fillbuf(struct net_bridge *br, void *buf, 396 unsigned long maxnum, unsigned long skip) 397{ 398 struct __fdb_entry *fe = buf; 399 int i, num = 0; 400 struct net_bridge_fdb_entry *f; 401 402 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 403 404 rcu_read_lock(); 405 for (i = 0; i < BR_HASH_SIZE; i++) { 406 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 407 if (num >= maxnum) 408 goto out; 409 410 if (has_expired(br, f)) 411 continue; 412 413 /* ignore pseudo entry for local MAC address */ 414 if (!f->dst) 415 continue; 416 417 if (skip) { 418 --skip; 419 continue; 420 } 421 422 /* convert from internal format to API */ 423 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 424 425 /* due to ABI compat need to split into hi/lo */ 426 fe->port_no = f->dst->port_no; 427 fe->port_hi = f->dst->port_no >> 8; 428 429 fe->is_local = f->is_local; 430 if (!f->is_static) 431 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 432 ++fe; 433 ++num; 434 } 435 } 436 437 out: 438 rcu_read_unlock(); 439 440 return num; 441} 442 443static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 444 const unsigned char *addr, 445 __u16 vid) 446{ 447 struct net_bridge_fdb_entry *fdb; 448 449 hlist_for_each_entry(fdb, head, hlist) { 450 if (ether_addr_equal(fdb->addr.addr, addr) && 451 fdb->vlan_id == vid) 452 return fdb; 453 } 454 return NULL; 455} 456 457static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 458 const unsigned char *addr, 459 __u16 vid) 460{ 461 struct net_bridge_fdb_entry *fdb; 462 463 hlist_for_each_entry_rcu(fdb, head, hlist) { 464 if (ether_addr_equal(fdb->addr.addr, addr) && 465 fdb->vlan_id == vid) 466 return fdb; 467 } 468 return NULL; 469} 470 471static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 472 struct net_bridge_port *source, 473 const unsigned char *addr, 474 __u16 vid) 475{ 476 struct net_bridge_fdb_entry *fdb; 477 478 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 479 if (fdb) { 480 memcpy(fdb->addr.addr, addr, ETH_ALEN); 481 fdb->dst = source; 482 fdb->vlan_id = vid; 483 fdb->is_local = 0; 484 fdb->is_static = 0; 485 fdb->added_by_user = 0; 486 fdb->updated = fdb->used = jiffies; 487 hlist_add_head_rcu(&fdb->hlist, head); 488 } 489 return fdb; 490} 491 492static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 493 const unsigned char *addr, u16 vid) 494{ 495 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 496 struct net_bridge_fdb_entry *fdb; 497 498 if (!is_valid_ether_addr(addr)) 499 return -EINVAL; 500 501 fdb = fdb_find(head, addr, vid); 502 if (fdb) { 503 /* it is okay to have multiple ports with same 504 * address, just use the first one. 505 */ 506 if (fdb->is_local) 507 return 0; 508 br_warn(br, "adding interface %s with same address " 509 "as a received packet\n", 510 source ? source->dev->name : br->dev->name); 511 fdb_delete(br, fdb); 512 } 513 514 fdb = fdb_create(head, source, addr, vid); 515 if (!fdb) 516 return -ENOMEM; 517 518 fdb->is_local = fdb->is_static = 1; 519 fdb_add_hw(br, addr); 520 fdb_notify(br, fdb, RTM_NEWNEIGH); 521 return 0; 522} 523 524/* Add entry for local address of interface */ 525int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 526 const unsigned char *addr, u16 vid) 527{ 528 int ret; 529 530 spin_lock_bh(&br->hash_lock); 531 ret = fdb_insert(br, source, addr, vid); 532 spin_unlock_bh(&br->hash_lock); 533 return ret; 534} 535 536void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 537 const unsigned char *addr, u16 vid, bool added_by_user) 538{ 539 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 540 struct net_bridge_fdb_entry *fdb; 541 bool fdb_modified = false; 542 543 /* some users want to always flood. */ 544 if (hold_time(br) == 0) 545 return; 546 547 /* ignore packets unless we are using this port */ 548 if (!(source->state == BR_STATE_LEARNING || 549 source->state == BR_STATE_FORWARDING)) 550 return; 551 552 fdb = fdb_find_rcu(head, addr, vid); 553 if (likely(fdb)) { 554 /* attempt to update an entry for a local interface */ 555 if (unlikely(fdb->is_local)) { 556 if (net_ratelimit()) 557 br_warn(br, "received packet on %s with " 558 "own address as source address\n", 559 source->dev->name); 560 } else { 561 /* fastpath: update of existing entry */ 562 if (unlikely(source != fdb->dst)) { 563 fdb->dst = source; 564 fdb_modified = true; 565 } 566 fdb->updated = jiffies; 567 if (unlikely(added_by_user)) 568 fdb->added_by_user = 1; 569 if (unlikely(fdb_modified)) 570 fdb_notify(br, fdb, RTM_NEWNEIGH); 571 } 572 } else { 573 spin_lock(&br->hash_lock); 574 if (likely(!fdb_find(head, addr, vid))) { 575 fdb = fdb_create(head, source, addr, vid); 576 if (fdb) { 577 if (unlikely(added_by_user)) 578 fdb->added_by_user = 1; 579 fdb_notify(br, fdb, RTM_NEWNEIGH); 580 } 581 } 582 /* else we lose race and someone else inserts 583 * it first, don't bother updating 584 */ 585 spin_unlock(&br->hash_lock); 586 } 587} 588 589static int fdb_to_nud(const struct net_bridge_fdb_entry *fdb) 590{ 591 if (fdb->is_local) 592 return NUD_PERMANENT; 593 else if (fdb->is_static) 594 return NUD_NOARP; 595 else if (has_expired(fdb->dst->br, fdb)) 596 return NUD_STALE; 597 else 598 return NUD_REACHABLE; 599} 600 601static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 602 const struct net_bridge_fdb_entry *fdb, 603 u32 portid, u32 seq, int type, unsigned int flags) 604{ 605 unsigned long now = jiffies; 606 struct nda_cacheinfo ci; 607 struct nlmsghdr *nlh; 608 struct ndmsg *ndm; 609 610 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 611 if (nlh == NULL) 612 return -EMSGSIZE; 613 614 ndm = nlmsg_data(nlh); 615 ndm->ndm_family = AF_BRIDGE; 616 ndm->ndm_pad1 = 0; 617 ndm->ndm_pad2 = 0; 618 ndm->ndm_flags = 0; 619 ndm->ndm_type = 0; 620 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 621 ndm->ndm_state = fdb_to_nud(fdb); 622 623 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 624 goto nla_put_failure; 625 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 626 goto nla_put_failure; 627 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 628 ci.ndm_confirmed = 0; 629 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 630 ci.ndm_refcnt = 0; 631 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 632 goto nla_put_failure; 633 634 if (fdb->vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 635 goto nla_put_failure; 636 637 return nlmsg_end(skb, nlh); 638 639nla_put_failure: 640 nlmsg_cancel(skb, nlh); 641 return -EMSGSIZE; 642} 643 644static inline size_t fdb_nlmsg_size(void) 645{ 646 return NLMSG_ALIGN(sizeof(struct ndmsg)) 647 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 648 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 649 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 650 + nla_total_size(sizeof(struct nda_cacheinfo)); 651} 652 653static void fdb_notify(struct net_bridge *br, 654 const struct net_bridge_fdb_entry *fdb, int type) 655{ 656 struct net *net = dev_net(br->dev); 657 struct sk_buff *skb; 658 int err = -ENOBUFS; 659 660 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 661 if (skb == NULL) 662 goto errout; 663 664 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 665 if (err < 0) { 666 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 667 WARN_ON(err == -EMSGSIZE); 668 kfree_skb(skb); 669 goto errout; 670 } 671 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 672 return; 673errout: 674 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 675} 676 677/* Dump information about entries, in response to GETNEIGH */ 678int br_fdb_dump(struct sk_buff *skb, 679 struct netlink_callback *cb, 680 struct net_device *dev, 681 int idx) 682{ 683 struct net_bridge *br = netdev_priv(dev); 684 int i; 685 686 if (!(dev->priv_flags & IFF_EBRIDGE)) 687 goto out; 688 689 for (i = 0; i < BR_HASH_SIZE; i++) { 690 struct net_bridge_fdb_entry *f; 691 692 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 693 if (idx < cb->args[0]) 694 goto skip; 695 696 if (fdb_fill_info(skb, br, f, 697 NETLINK_CB(cb->skb).portid, 698 cb->nlh->nlmsg_seq, 699 RTM_NEWNEIGH, 700 NLM_F_MULTI) < 0) 701 break; 702skip: 703 ++idx; 704 } 705 } 706 707out: 708 return idx; 709} 710 711/* Update (create or replace) forwarding database entry */ 712static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 713 __u16 state, __u16 flags, __u16 vid) 714{ 715 struct net_bridge *br = source->br; 716 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 717 struct net_bridge_fdb_entry *fdb; 718 bool modified = false; 719 720 fdb = fdb_find(head, addr, vid); 721 if (fdb == NULL) { 722 if (!(flags & NLM_F_CREATE)) 723 return -ENOENT; 724 725 fdb = fdb_create(head, source, addr, vid); 726 if (!fdb) 727 return -ENOMEM; 728 729 modified = true; 730 } else { 731 if (flags & NLM_F_EXCL) 732 return -EEXIST; 733 734 if (fdb->dst != source) { 735 fdb->dst = source; 736 modified = true; 737 } 738 } 739 740 if (fdb_to_nud(fdb) != state) { 741 if (state & NUD_PERMANENT) { 742 fdb->is_local = 1; 743 if (!fdb->is_static) { 744 fdb->is_static = 1; 745 fdb_add_hw(br, addr); 746 } 747 } else if (state & NUD_NOARP) { 748 fdb->is_local = 0; 749 if (!fdb->is_static) { 750 fdb->is_static = 1; 751 fdb_add_hw(br, addr); 752 } 753 } else { 754 fdb->is_local = 0; 755 if (fdb->is_static) { 756 fdb->is_static = 0; 757 fdb_del_hw(br, addr); 758 } 759 } 760 761 modified = true; 762 } 763 fdb->added_by_user = 1; 764 765 fdb->used = jiffies; 766 if (modified) { 767 fdb->updated = jiffies; 768 fdb_notify(br, fdb, RTM_NEWNEIGH); 769 } 770 771 return 0; 772} 773 774static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 775 const unsigned char *addr, u16 nlh_flags, u16 vid) 776{ 777 int err = 0; 778 779 if (ndm->ndm_flags & NTF_USE) { 780 rcu_read_lock(); 781 br_fdb_update(p->br, p, addr, vid, true); 782 rcu_read_unlock(); 783 } else { 784 spin_lock_bh(&p->br->hash_lock); 785 err = fdb_add_entry(p, addr, ndm->ndm_state, 786 nlh_flags, vid); 787 spin_unlock_bh(&p->br->hash_lock); 788 } 789 790 return err; 791} 792 793/* Add new permanent fdb entry with RTM_NEWNEIGH */ 794int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 795 struct net_device *dev, 796 const unsigned char *addr, u16 nlh_flags) 797{ 798 struct net_bridge_port *p; 799 int err = 0; 800 struct net_port_vlans *pv; 801 unsigned short vid = VLAN_N_VID; 802 803 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 804 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 805 return -EINVAL; 806 } 807 808 if (tb[NDA_VLAN]) { 809 if (nla_len(tb[NDA_VLAN]) != sizeof(unsigned short)) { 810 pr_info("bridge: RTM_NEWNEIGH with invalid vlan\n"); 811 return -EINVAL; 812 } 813 814 vid = nla_get_u16(tb[NDA_VLAN]); 815 816 if (!vid || vid >= VLAN_VID_MASK) { 817 pr_info("bridge: RTM_NEWNEIGH with invalid vlan id %d\n", 818 vid); 819 return -EINVAL; 820 } 821 } 822 823 if (is_zero_ether_addr(addr)) { 824 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 825 return -EINVAL; 826 } 827 828 p = br_port_get_rtnl(dev); 829 if (p == NULL) { 830 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 831 dev->name); 832 return -EINVAL; 833 } 834 835 pv = nbp_get_vlan_info(p); 836 if (vid != VLAN_N_VID) { 837 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 838 pr_info("bridge: RTM_NEWNEIGH with unconfigured " 839 "vlan %d on port %s\n", vid, dev->name); 840 return -EINVAL; 841 } 842 843 /* VID was specified, so use it. */ 844 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 845 } else { 846 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 847 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 848 goto out; 849 } 850 851 /* We have vlans configured on this port and user didn't 852 * specify a VLAN. To be nice, add/update entry for every 853 * vlan on this port. 854 */ 855 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 856 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 857 if (err) 858 goto out; 859 } 860 } 861 862out: 863 return err; 864} 865 866static int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, u16 vlan) 867{ 868 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 869 struct net_bridge_fdb_entry *fdb; 870 871 fdb = fdb_find(head, addr, vlan); 872 if (!fdb) 873 return -ENOENT; 874 875 fdb_delete(br, fdb); 876 return 0; 877} 878 879static int __br_fdb_delete(struct net_bridge_port *p, 880 const unsigned char *addr, u16 vid) 881{ 882 int err; 883 884 spin_lock_bh(&p->br->hash_lock); 885 err = fdb_delete_by_addr(p->br, addr, vid); 886 spin_unlock_bh(&p->br->hash_lock); 887 888 return err; 889} 890 891/* Remove neighbor entry with RTM_DELNEIGH */ 892int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 893 struct net_device *dev, 894 const unsigned char *addr) 895{ 896 struct net_bridge_port *p; 897 int err; 898 struct net_port_vlans *pv; 899 unsigned short vid = VLAN_N_VID; 900 901 if (tb[NDA_VLAN]) { 902 if (nla_len(tb[NDA_VLAN]) != sizeof(unsigned short)) { 903 pr_info("bridge: RTM_NEWNEIGH with invalid vlan\n"); 904 return -EINVAL; 905 } 906 907 vid = nla_get_u16(tb[NDA_VLAN]); 908 909 if (!vid || vid >= VLAN_VID_MASK) { 910 pr_info("bridge: RTM_NEWNEIGH with invalid vlan id %d\n", 911 vid); 912 return -EINVAL; 913 } 914 } 915 p = br_port_get_rtnl(dev); 916 if (p == NULL) { 917 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 918 dev->name); 919 return -EINVAL; 920 } 921 922 pv = nbp_get_vlan_info(p); 923 if (vid != VLAN_N_VID) { 924 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 925 pr_info("bridge: RTM_DELNEIGH with unconfigured " 926 "vlan %d on port %s\n", vid, dev->name); 927 return -EINVAL; 928 } 929 930 err = __br_fdb_delete(p, addr, vid); 931 } else { 932 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 933 err = __br_fdb_delete(p, addr, 0); 934 goto out; 935 } 936 937 /* We have vlans configured on this port and user didn't 938 * specify a VLAN. To be nice, add/update entry for every 939 * vlan on this port. 940 */ 941 err = -ENOENT; 942 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 943 err &= __br_fdb_delete(p, addr, vid); 944 } 945 } 946out: 947 return err; 948} 949 950int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 951{ 952 struct net_bridge_fdb_entry *fdb, *tmp; 953 int i; 954 int err; 955 956 ASSERT_RTNL(); 957 958 for (i = 0; i < BR_HASH_SIZE; i++) { 959 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 960 /* We only care for static entries */ 961 if (!fdb->is_static) 962 continue; 963 964 err = dev_uc_add(p->dev, fdb->addr.addr); 965 if (err) 966 goto rollback; 967 } 968 } 969 return 0; 970 971rollback: 972 for (i = 0; i < BR_HASH_SIZE; i++) { 973 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 974 /* If we reached the fdb that failed, we can stop */ 975 if (tmp == fdb) 976 break; 977 978 /* We only care for static entries */ 979 if (!tmp->is_static) 980 continue; 981 982 dev_uc_del(p->dev, tmp->addr.addr); 983 } 984 } 985 return err; 986} 987 988void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 989{ 990 struct net_bridge_fdb_entry *fdb; 991 int i; 992 993 ASSERT_RTNL(); 994 995 for (i = 0; i < BR_HASH_SIZE; i++) { 996 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 997 /* We only care for static entries */ 998 if (!fdb->is_static) 999 continue; 1000 1001 dev_uc_del(p->dev, fdb->addr.addr); 1002 } 1003 } 1004} 1005