br_fdb.c revision 5d5eacb34c9e1fdc0a47b885d832eaa4de860dc7
1/* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14#include <linux/kernel.h> 15#include <linux/init.h> 16#include <linux/rculist.h> 17#include <linux/spinlock.h> 18#include <linux/times.h> 19#include <linux/netdevice.h> 20#include <linux/etherdevice.h> 21#include <linux/jhash.h> 22#include <linux/random.h> 23#include <linux/slab.h> 24#include <linux/atomic.h> 25#include <asm/unaligned.h> 26#include <linux/if_vlan.h> 27#include "br_private.h" 28 29static struct kmem_cache *br_fdb_cache __read_mostly; 30static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 31 const unsigned char *addr, 32 __u16 vid); 33static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 34 const unsigned char *addr, u16 vid); 35static void fdb_notify(struct net_bridge *br, 36 const struct net_bridge_fdb_entry *, int); 37 38static u32 fdb_salt __read_mostly; 39 40int __init br_fdb_init(void) 41{ 42 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 43 sizeof(struct net_bridge_fdb_entry), 44 0, 45 SLAB_HWCACHE_ALIGN, NULL); 46 if (!br_fdb_cache) 47 return -ENOMEM; 48 49 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 50 return 0; 51} 52 53void br_fdb_fini(void) 54{ 55 kmem_cache_destroy(br_fdb_cache); 56} 57 58 59/* if topology_changing then use forward_delay (default 15 sec) 60 * otherwise keep longer (default 5 minutes) 61 */ 62static inline unsigned long hold_time(const struct net_bridge *br) 63{ 64 return br->topology_change ? br->forward_delay : br->ageing_time; 65} 66 67static inline int has_expired(const struct net_bridge *br, 68 const struct net_bridge_fdb_entry *fdb) 69{ 70 return !fdb->is_static && 71 time_before_eq(fdb->updated + hold_time(br), jiffies); 72} 73 74static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 75{ 76 /* use 1 byte of OUI and 3 bytes of NIC */ 77 u32 key = get_unaligned((u32 *)(mac + 2)); 78 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 79} 80 81static void fdb_rcu_free(struct rcu_head *head) 82{ 83 struct net_bridge_fdb_entry *ent 84 = container_of(head, struct net_bridge_fdb_entry, rcu); 85 kmem_cache_free(br_fdb_cache, ent); 86} 87 88/* When a static FDB entry is added, the mac address from the entry is 89 * added to the bridge private HW address list and all required ports 90 * are then updated with the new information. 91 * Called under RTNL. 92 */ 93static void fdb_add_hw(struct net_bridge *br, const unsigned char *addr) 94{ 95 int err; 96 struct net_bridge_port *p; 97 98 ASSERT_RTNL(); 99 100 list_for_each_entry(p, &br->port_list, list) { 101 if (!br_promisc_port(p)) { 102 err = dev_uc_add(p->dev, addr); 103 if (err) 104 goto undo; 105 } 106 } 107 108 return; 109undo: 110 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 111 if (!br_promisc_port(p)) 112 dev_uc_del(p->dev, addr); 113 } 114} 115 116/* When a static FDB entry is deleted, the HW address from that entry is 117 * also removed from the bridge private HW address list and updates all 118 * the ports with needed information. 119 * Called under RTNL. 120 */ 121static void fdb_del_hw(struct net_bridge *br, const unsigned char *addr) 122{ 123 struct net_bridge_port *p; 124 125 ASSERT_RTNL(); 126 127 list_for_each_entry(p, &br->port_list, list) { 128 if (!br_promisc_port(p)) 129 dev_uc_del(p->dev, addr); 130 } 131} 132 133static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 134{ 135 if (f->is_static) 136 fdb_del_hw(br, f->addr.addr); 137 138 hlist_del_rcu(&f->hlist); 139 fdb_notify(br, f, RTM_DELNEIGH); 140 call_rcu(&f->rcu, fdb_rcu_free); 141} 142 143/* Delete a local entry if no other port had the same address. */ 144static void fdb_delete_local(struct net_bridge *br, 145 const struct net_bridge_port *p, 146 struct net_bridge_fdb_entry *f) 147{ 148 const unsigned char *addr = f->addr.addr; 149 u16 vid = f->vlan_id; 150 struct net_bridge_port *op; 151 152 /* Maybe another port has same hw addr? */ 153 list_for_each_entry(op, &br->port_list, list) { 154 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 155 (!vid || nbp_vlan_find(op, vid))) { 156 f->dst = op; 157 f->added_by_user = 0; 158 return; 159 } 160 } 161 162 /* Maybe bridge device has same hw addr? */ 163 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 164 (!vid || br_vlan_find(br, vid))) { 165 f->dst = NULL; 166 f->added_by_user = 0; 167 return; 168 } 169 170 fdb_delete(br, f); 171} 172 173void br_fdb_find_delete_local(struct net_bridge *br, 174 const struct net_bridge_port *p, 175 const unsigned char *addr, u16 vid) 176{ 177 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 178 struct net_bridge_fdb_entry *f; 179 180 spin_lock_bh(&br->hash_lock); 181 f = fdb_find(head, addr, vid); 182 if (f && f->is_local && !f->added_by_user && f->dst == p) 183 fdb_delete_local(br, p, f); 184 spin_unlock_bh(&br->hash_lock); 185} 186 187void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 188{ 189 struct net_bridge *br = p->br; 190 struct net_port_vlans *pv = nbp_get_vlan_info(p); 191 bool no_vlan = !pv; 192 int i; 193 u16 vid; 194 195 spin_lock_bh(&br->hash_lock); 196 197 /* Search all chains since old address/hash is unknown */ 198 for (i = 0; i < BR_HASH_SIZE; i++) { 199 struct hlist_node *h; 200 hlist_for_each(h, &br->hash[i]) { 201 struct net_bridge_fdb_entry *f; 202 203 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 204 if (f->dst == p && f->is_local && !f->added_by_user) { 205 /* delete old one */ 206 fdb_delete_local(br, p, f); 207 208 /* if this port has no vlan information 209 * configured, we can safely be done at 210 * this point. 211 */ 212 if (no_vlan) 213 goto insert; 214 } 215 } 216 } 217 218insert: 219 /* insert new address, may fail if invalid address or dup. */ 220 fdb_insert(br, p, newaddr, 0); 221 222 if (no_vlan) 223 goto done; 224 225 /* Now add entries for every VLAN configured on the port. 226 * This function runs under RTNL so the bitmap will not change 227 * from under us. 228 */ 229 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) 230 fdb_insert(br, p, newaddr, vid); 231 232done: 233 spin_unlock_bh(&br->hash_lock); 234} 235 236void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 237{ 238 struct net_bridge_fdb_entry *f; 239 struct net_port_vlans *pv; 240 u16 vid = 0; 241 242 spin_lock_bh(&br->hash_lock); 243 244 /* If old entry was unassociated with any port, then delete it. */ 245 f = __br_fdb_get(br, br->dev->dev_addr, 0); 246 if (f && f->is_local && !f->dst) 247 fdb_delete_local(br, NULL, f); 248 249 fdb_insert(br, NULL, newaddr, 0); 250 251 /* Now remove and add entries for every VLAN configured on the 252 * bridge. This function runs under RTNL so the bitmap will not 253 * change from under us. 254 */ 255 pv = br_get_vlan_info(br); 256 if (!pv) 257 goto out; 258 259 for_each_set_bit_from(vid, pv->vlan_bitmap, VLAN_N_VID) { 260 f = __br_fdb_get(br, br->dev->dev_addr, vid); 261 if (f && f->is_local && !f->dst) 262 fdb_delete_local(br, NULL, f); 263 fdb_insert(br, NULL, newaddr, vid); 264 } 265out: 266 spin_unlock_bh(&br->hash_lock); 267} 268 269void br_fdb_cleanup(unsigned long _data) 270{ 271 struct net_bridge *br = (struct net_bridge *)_data; 272 unsigned long delay = hold_time(br); 273 unsigned long next_timer = jiffies + br->ageing_time; 274 int i; 275 276 spin_lock(&br->hash_lock); 277 for (i = 0; i < BR_HASH_SIZE; i++) { 278 struct net_bridge_fdb_entry *f; 279 struct hlist_node *n; 280 281 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 282 unsigned long this_timer; 283 if (f->is_static) 284 continue; 285 this_timer = f->updated + delay; 286 if (time_before_eq(this_timer, jiffies)) 287 fdb_delete(br, f); 288 else if (time_before(this_timer, next_timer)) 289 next_timer = this_timer; 290 } 291 } 292 spin_unlock(&br->hash_lock); 293 294 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 295} 296 297/* Completely flush all dynamic entries in forwarding database.*/ 298void br_fdb_flush(struct net_bridge *br) 299{ 300 int i; 301 302 spin_lock_bh(&br->hash_lock); 303 for (i = 0; i < BR_HASH_SIZE; i++) { 304 struct net_bridge_fdb_entry *f; 305 struct hlist_node *n; 306 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 307 if (!f->is_static) 308 fdb_delete(br, f); 309 } 310 } 311 spin_unlock_bh(&br->hash_lock); 312} 313 314/* Flush all entries referring to a specific port. 315 * if do_all is set also flush static entries 316 */ 317void br_fdb_delete_by_port(struct net_bridge *br, 318 const struct net_bridge_port *p, 319 int do_all) 320{ 321 int i; 322 323 spin_lock_bh(&br->hash_lock); 324 for (i = 0; i < BR_HASH_SIZE; i++) { 325 struct hlist_node *h, *g; 326 327 hlist_for_each_safe(h, g, &br->hash[i]) { 328 struct net_bridge_fdb_entry *f 329 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 330 if (f->dst != p) 331 continue; 332 333 if (f->is_static && !do_all) 334 continue; 335 336 if (f->is_local) 337 fdb_delete_local(br, p, f); 338 else 339 fdb_delete(br, f); 340 } 341 } 342 spin_unlock_bh(&br->hash_lock); 343} 344 345/* No locking or refcounting, assumes caller has rcu_read_lock */ 346struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 347 const unsigned char *addr, 348 __u16 vid) 349{ 350 struct net_bridge_fdb_entry *fdb; 351 352 hlist_for_each_entry_rcu(fdb, 353 &br->hash[br_mac_hash(addr, vid)], hlist) { 354 if (ether_addr_equal(fdb->addr.addr, addr) && 355 fdb->vlan_id == vid) { 356 if (unlikely(has_expired(br, fdb))) 357 break; 358 return fdb; 359 } 360 } 361 362 return NULL; 363} 364 365#if IS_ENABLED(CONFIG_ATM_LANE) 366/* Interface used by ATM LANE hook to test 367 * if an addr is on some other bridge port */ 368int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 369{ 370 struct net_bridge_fdb_entry *fdb; 371 struct net_bridge_port *port; 372 int ret; 373 374 rcu_read_lock(); 375 port = br_port_get_rcu(dev); 376 if (!port) 377 ret = 0; 378 else { 379 fdb = __br_fdb_get(port->br, addr, 0); 380 ret = fdb && fdb->dst && fdb->dst->dev != dev && 381 fdb->dst->state == BR_STATE_FORWARDING; 382 } 383 rcu_read_unlock(); 384 385 return ret; 386} 387#endif /* CONFIG_ATM_LANE */ 388 389/* 390 * Fill buffer with forwarding table records in 391 * the API format. 392 */ 393int br_fdb_fillbuf(struct net_bridge *br, void *buf, 394 unsigned long maxnum, unsigned long skip) 395{ 396 struct __fdb_entry *fe = buf; 397 int i, num = 0; 398 struct net_bridge_fdb_entry *f; 399 400 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 401 402 rcu_read_lock(); 403 for (i = 0; i < BR_HASH_SIZE; i++) { 404 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 405 if (num >= maxnum) 406 goto out; 407 408 if (has_expired(br, f)) 409 continue; 410 411 /* ignore pseudo entry for local MAC address */ 412 if (!f->dst) 413 continue; 414 415 if (skip) { 416 --skip; 417 continue; 418 } 419 420 /* convert from internal format to API */ 421 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 422 423 /* due to ABI compat need to split into hi/lo */ 424 fe->port_no = f->dst->port_no; 425 fe->port_hi = f->dst->port_no >> 8; 426 427 fe->is_local = f->is_local; 428 if (!f->is_static) 429 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 430 ++fe; 431 ++num; 432 } 433 } 434 435 out: 436 rcu_read_unlock(); 437 438 return num; 439} 440 441static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 442 const unsigned char *addr, 443 __u16 vid) 444{ 445 struct net_bridge_fdb_entry *fdb; 446 447 hlist_for_each_entry(fdb, head, hlist) { 448 if (ether_addr_equal(fdb->addr.addr, addr) && 449 fdb->vlan_id == vid) 450 return fdb; 451 } 452 return NULL; 453} 454 455static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 456 const unsigned char *addr, 457 __u16 vid) 458{ 459 struct net_bridge_fdb_entry *fdb; 460 461 hlist_for_each_entry_rcu(fdb, head, hlist) { 462 if (ether_addr_equal(fdb->addr.addr, addr) && 463 fdb->vlan_id == vid) 464 return fdb; 465 } 466 return NULL; 467} 468 469static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 470 struct net_bridge_port *source, 471 const unsigned char *addr, 472 __u16 vid) 473{ 474 struct net_bridge_fdb_entry *fdb; 475 476 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 477 if (fdb) { 478 memcpy(fdb->addr.addr, addr, ETH_ALEN); 479 fdb->dst = source; 480 fdb->vlan_id = vid; 481 fdb->is_local = 0; 482 fdb->is_static = 0; 483 fdb->added_by_user = 0; 484 fdb->updated = fdb->used = jiffies; 485 hlist_add_head_rcu(&fdb->hlist, head); 486 } 487 return fdb; 488} 489 490static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 491 const unsigned char *addr, u16 vid) 492{ 493 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 494 struct net_bridge_fdb_entry *fdb; 495 496 if (!is_valid_ether_addr(addr)) 497 return -EINVAL; 498 499 fdb = fdb_find(head, addr, vid); 500 if (fdb) { 501 /* it is okay to have multiple ports with same 502 * address, just use the first one. 503 */ 504 if (fdb->is_local) 505 return 0; 506 br_warn(br, "adding interface %s with same address " 507 "as a received packet\n", 508 source ? source->dev->name : br->dev->name); 509 fdb_delete(br, fdb); 510 } 511 512 fdb = fdb_create(head, source, addr, vid); 513 if (!fdb) 514 return -ENOMEM; 515 516 fdb->is_local = fdb->is_static = 1; 517 fdb_add_hw(br, addr); 518 fdb_notify(br, fdb, RTM_NEWNEIGH); 519 return 0; 520} 521 522/* Add entry for local address of interface */ 523int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 524 const unsigned char *addr, u16 vid) 525{ 526 int ret; 527 528 spin_lock_bh(&br->hash_lock); 529 ret = fdb_insert(br, source, addr, vid); 530 spin_unlock_bh(&br->hash_lock); 531 return ret; 532} 533 534void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 535 const unsigned char *addr, u16 vid, bool added_by_user) 536{ 537 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 538 struct net_bridge_fdb_entry *fdb; 539 bool fdb_modified = false; 540 541 /* some users want to always flood. */ 542 if (hold_time(br) == 0) 543 return; 544 545 /* ignore packets unless we are using this port */ 546 if (!(source->state == BR_STATE_LEARNING || 547 source->state == BR_STATE_FORWARDING)) 548 return; 549 550 fdb = fdb_find_rcu(head, addr, vid); 551 if (likely(fdb)) { 552 /* attempt to update an entry for a local interface */ 553 if (unlikely(fdb->is_local)) { 554 if (net_ratelimit()) 555 br_warn(br, "received packet on %s with " 556 "own address as source address\n", 557 source->dev->name); 558 } else { 559 /* fastpath: update of existing entry */ 560 if (unlikely(source != fdb->dst)) { 561 fdb->dst = source; 562 fdb_modified = true; 563 } 564 fdb->updated = jiffies; 565 if (unlikely(added_by_user)) 566 fdb->added_by_user = 1; 567 if (unlikely(fdb_modified)) 568 fdb_notify(br, fdb, RTM_NEWNEIGH); 569 } 570 } else { 571 spin_lock(&br->hash_lock); 572 if (likely(!fdb_find(head, addr, vid))) { 573 fdb = fdb_create(head, source, addr, vid); 574 if (fdb) { 575 if (unlikely(added_by_user)) 576 fdb->added_by_user = 1; 577 fdb_notify(br, fdb, RTM_NEWNEIGH); 578 } 579 } 580 /* else we lose race and someone else inserts 581 * it first, don't bother updating 582 */ 583 spin_unlock(&br->hash_lock); 584 } 585} 586 587static int fdb_to_nud(const struct net_bridge_fdb_entry *fdb) 588{ 589 if (fdb->is_local) 590 return NUD_PERMANENT; 591 else if (fdb->is_static) 592 return NUD_NOARP; 593 else if (has_expired(fdb->dst->br, fdb)) 594 return NUD_STALE; 595 else 596 return NUD_REACHABLE; 597} 598 599static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 600 const struct net_bridge_fdb_entry *fdb, 601 u32 portid, u32 seq, int type, unsigned int flags) 602{ 603 unsigned long now = jiffies; 604 struct nda_cacheinfo ci; 605 struct nlmsghdr *nlh; 606 struct ndmsg *ndm; 607 608 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 609 if (nlh == NULL) 610 return -EMSGSIZE; 611 612 ndm = nlmsg_data(nlh); 613 ndm->ndm_family = AF_BRIDGE; 614 ndm->ndm_pad1 = 0; 615 ndm->ndm_pad2 = 0; 616 ndm->ndm_flags = 0; 617 ndm->ndm_type = 0; 618 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 619 ndm->ndm_state = fdb_to_nud(fdb); 620 621 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 622 goto nla_put_failure; 623 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex)) 624 goto nla_put_failure; 625 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 626 ci.ndm_confirmed = 0; 627 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 628 ci.ndm_refcnt = 0; 629 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 630 goto nla_put_failure; 631 632 if (nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 633 goto nla_put_failure; 634 635 return nlmsg_end(skb, nlh); 636 637nla_put_failure: 638 nlmsg_cancel(skb, nlh); 639 return -EMSGSIZE; 640} 641 642static inline size_t fdb_nlmsg_size(void) 643{ 644 return NLMSG_ALIGN(sizeof(struct ndmsg)) 645 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 646 + nla_total_size(sizeof(u32)) /* NDA_MASTER */ 647 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 648 + nla_total_size(sizeof(struct nda_cacheinfo)); 649} 650 651static void fdb_notify(struct net_bridge *br, 652 const struct net_bridge_fdb_entry *fdb, int type) 653{ 654 struct net *net = dev_net(br->dev); 655 struct sk_buff *skb; 656 int err = -ENOBUFS; 657 658 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 659 if (skb == NULL) 660 goto errout; 661 662 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 663 if (err < 0) { 664 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 665 WARN_ON(err == -EMSGSIZE); 666 kfree_skb(skb); 667 goto errout; 668 } 669 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 670 return; 671errout: 672 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 673} 674 675/* Dump information about entries, in response to GETNEIGH */ 676int br_fdb_dump(struct sk_buff *skb, 677 struct netlink_callback *cb, 678 struct net_device *dev, 679 struct net_device *filter_dev, 680 int idx) 681{ 682 struct net_bridge *br = netdev_priv(dev); 683 int i; 684 685 if (!(dev->priv_flags & IFF_EBRIDGE)) 686 goto out; 687 688 for (i = 0; i < BR_HASH_SIZE; i++) { 689 struct net_bridge_fdb_entry *f; 690 691 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 692 if (idx < cb->args[0]) 693 goto skip; 694 695 if (filter_dev && (!f->dst || !f->dst->dev || 696 f->dst->dev != filter_dev)) 697 goto skip; 698 699 if (fdb_fill_info(skb, br, f, 700 NETLINK_CB(cb->skb).portid, 701 cb->nlh->nlmsg_seq, 702 RTM_NEWNEIGH, 703 NLM_F_MULTI) < 0) 704 break; 705skip: 706 ++idx; 707 } 708 } 709 710out: 711 return idx; 712} 713 714/* Update (create or replace) forwarding database entry */ 715static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 716 __u16 state, __u16 flags, __u16 vid) 717{ 718 struct net_bridge *br = source->br; 719 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 720 struct net_bridge_fdb_entry *fdb; 721 bool modified = false; 722 723 fdb = fdb_find(head, addr, vid); 724 if (fdb == NULL) { 725 if (!(flags & NLM_F_CREATE)) 726 return -ENOENT; 727 728 fdb = fdb_create(head, source, addr, vid); 729 if (!fdb) 730 return -ENOMEM; 731 732 modified = true; 733 } else { 734 if (flags & NLM_F_EXCL) 735 return -EEXIST; 736 737 if (fdb->dst != source) { 738 fdb->dst = source; 739 modified = true; 740 } 741 } 742 743 if (fdb_to_nud(fdb) != state) { 744 if (state & NUD_PERMANENT) { 745 fdb->is_local = 1; 746 if (!fdb->is_static) { 747 fdb->is_static = 1; 748 fdb_add_hw(br, addr); 749 } 750 } else if (state & NUD_NOARP) { 751 fdb->is_local = 0; 752 if (!fdb->is_static) { 753 fdb->is_static = 1; 754 fdb_add_hw(br, addr); 755 } 756 } else { 757 fdb->is_local = 0; 758 if (fdb->is_static) { 759 fdb->is_static = 0; 760 fdb_del_hw(br, addr); 761 } 762 } 763 764 modified = true; 765 } 766 fdb->added_by_user = 1; 767 768 fdb->used = jiffies; 769 if (modified) { 770 fdb->updated = jiffies; 771 fdb_notify(br, fdb, RTM_NEWNEIGH); 772 } 773 774 return 0; 775} 776 777static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 778 const unsigned char *addr, u16 nlh_flags, u16 vid) 779{ 780 int err = 0; 781 782 if (ndm->ndm_flags & NTF_USE) { 783 rcu_read_lock(); 784 br_fdb_update(p->br, p, addr, vid, true); 785 rcu_read_unlock(); 786 } else { 787 spin_lock_bh(&p->br->hash_lock); 788 err = fdb_add_entry(p, addr, ndm->ndm_state, 789 nlh_flags, vid); 790 spin_unlock_bh(&p->br->hash_lock); 791 } 792 793 return err; 794} 795 796/* Add new permanent fdb entry with RTM_NEWNEIGH */ 797int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 798 struct net_device *dev, 799 const unsigned char *addr, u16 nlh_flags) 800{ 801 struct net_bridge_port *p; 802 int err = 0; 803 struct net_port_vlans *pv; 804 unsigned short vid = VLAN_N_VID; 805 806 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 807 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 808 return -EINVAL; 809 } 810 811 if (tb[NDA_VLAN]) { 812 if (nla_len(tb[NDA_VLAN]) != sizeof(unsigned short)) { 813 pr_info("bridge: RTM_NEWNEIGH with invalid vlan\n"); 814 return -EINVAL; 815 } 816 817 vid = nla_get_u16(tb[NDA_VLAN]); 818 819 if (!vid || vid >= VLAN_VID_MASK) { 820 pr_info("bridge: RTM_NEWNEIGH with invalid vlan id %d\n", 821 vid); 822 return -EINVAL; 823 } 824 } 825 826 if (is_zero_ether_addr(addr)) { 827 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 828 return -EINVAL; 829 } 830 831 p = br_port_get_rtnl(dev); 832 if (p == NULL) { 833 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 834 dev->name); 835 return -EINVAL; 836 } 837 838 pv = nbp_get_vlan_info(p); 839 if (vid != VLAN_N_VID) { 840 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 841 pr_info("bridge: RTM_NEWNEIGH with unconfigured " 842 "vlan %d on port %s\n", vid, dev->name); 843 return -EINVAL; 844 } 845 846 /* VID was specified, so use it. */ 847 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 848 } else { 849 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 850 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 851 goto out; 852 } 853 854 /* We have vlans configured on this port and user didn't 855 * specify a VLAN. To be nice, add/update entry for every 856 * vlan on this port. 857 */ 858 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 859 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 860 if (err) 861 goto out; 862 } 863 } 864 865out: 866 return err; 867} 868 869static int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, u16 vlan) 870{ 871 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 872 struct net_bridge_fdb_entry *fdb; 873 874 fdb = fdb_find(head, addr, vlan); 875 if (!fdb) 876 return -ENOENT; 877 878 fdb_delete(br, fdb); 879 return 0; 880} 881 882static int __br_fdb_delete(struct net_bridge_port *p, 883 const unsigned char *addr, u16 vid) 884{ 885 int err; 886 887 spin_lock_bh(&p->br->hash_lock); 888 err = fdb_delete_by_addr(p->br, addr, vid); 889 spin_unlock_bh(&p->br->hash_lock); 890 891 return err; 892} 893 894/* Remove neighbor entry with RTM_DELNEIGH */ 895int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 896 struct net_device *dev, 897 const unsigned char *addr) 898{ 899 struct net_bridge_port *p; 900 int err; 901 struct net_port_vlans *pv; 902 unsigned short vid = VLAN_N_VID; 903 904 if (tb[NDA_VLAN]) { 905 if (nla_len(tb[NDA_VLAN]) != sizeof(unsigned short)) { 906 pr_info("bridge: RTM_NEWNEIGH with invalid vlan\n"); 907 return -EINVAL; 908 } 909 910 vid = nla_get_u16(tb[NDA_VLAN]); 911 912 if (!vid || vid >= VLAN_VID_MASK) { 913 pr_info("bridge: RTM_NEWNEIGH with invalid vlan id %d\n", 914 vid); 915 return -EINVAL; 916 } 917 } 918 p = br_port_get_rtnl(dev); 919 if (p == NULL) { 920 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 921 dev->name); 922 return -EINVAL; 923 } 924 925 pv = nbp_get_vlan_info(p); 926 if (vid != VLAN_N_VID) { 927 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 928 pr_info("bridge: RTM_DELNEIGH with unconfigured " 929 "vlan %d on port %s\n", vid, dev->name); 930 return -EINVAL; 931 } 932 933 err = __br_fdb_delete(p, addr, vid); 934 } else { 935 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 936 err = __br_fdb_delete(p, addr, 0); 937 goto out; 938 } 939 940 /* We have vlans configured on this port and user didn't 941 * specify a VLAN. To be nice, add/update entry for every 942 * vlan on this port. 943 */ 944 err = -ENOENT; 945 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 946 err &= __br_fdb_delete(p, addr, vid); 947 } 948 } 949out: 950 return err; 951} 952 953int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p) 954{ 955 struct net_bridge_fdb_entry *fdb, *tmp; 956 int i; 957 int err; 958 959 ASSERT_RTNL(); 960 961 for (i = 0; i < BR_HASH_SIZE; i++) { 962 hlist_for_each_entry(fdb, &br->hash[i], hlist) { 963 /* We only care for static entries */ 964 if (!fdb->is_static) 965 continue; 966 967 err = dev_uc_add(p->dev, fdb->addr.addr); 968 if (err) 969 goto rollback; 970 } 971 } 972 return 0; 973 974rollback: 975 for (i = 0; i < BR_HASH_SIZE; i++) { 976 hlist_for_each_entry(tmp, &br->hash[i], hlist) { 977 /* If we reached the fdb that failed, we can stop */ 978 if (tmp == fdb) 979 break; 980 981 /* We only care for static entries */ 982 if (!tmp->is_static) 983 continue; 984 985 dev_uc_del(p->dev, tmp->addr.addr); 986 } 987 } 988 return err; 989} 990 991void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) 992{ 993 struct net_bridge_fdb_entry *fdb; 994 int i; 995 996 ASSERT_RTNL(); 997 998 for (i = 0; i < BR_HASH_SIZE; i++) { 999 hlist_for_each_entry_rcu(fdb, &br->hash[i], hlist) { 1000 /* We only care for static entries */ 1001 if (!fdb->is_static) 1002 continue; 1003 1004 dev_uc_del(p->dev, fdb->addr.addr); 1005 } 1006 } 1007} 1008