br_fdb.c revision ac4c8868837a7c70ebb3eaf2298324a3b61b214e
1/* 2 * Forwarding database 3 * Linux ethernet bridge 4 * 5 * Authors: 6 * Lennert Buytenhek <buytenh@gnu.org> 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License 10 * as published by the Free Software Foundation; either version 11 * 2 of the License, or (at your option) any later version. 12 */ 13 14#include <linux/kernel.h> 15#include <linux/init.h> 16#include <linux/rculist.h> 17#include <linux/spinlock.h> 18#include <linux/times.h> 19#include <linux/netdevice.h> 20#include <linux/etherdevice.h> 21#include <linux/jhash.h> 22#include <linux/random.h> 23#include <linux/slab.h> 24#include <linux/atomic.h> 25#include <asm/unaligned.h> 26#include <linux/if_vlan.h> 27#include "br_private.h" 28 29static struct kmem_cache *br_fdb_cache __read_mostly; 30static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 31 const unsigned char *addr, 32 __u16 vid); 33static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 34 const unsigned char *addr, u16 vid); 35static void fdb_notify(struct net_bridge *br, 36 const struct net_bridge_fdb_entry *, int); 37 38static u32 fdb_salt __read_mostly; 39 40int __init br_fdb_init(void) 41{ 42 br_fdb_cache = kmem_cache_create("bridge_fdb_cache", 43 sizeof(struct net_bridge_fdb_entry), 44 0, 45 SLAB_HWCACHE_ALIGN, NULL); 46 if (!br_fdb_cache) 47 return -ENOMEM; 48 49 get_random_bytes(&fdb_salt, sizeof(fdb_salt)); 50 return 0; 51} 52 53void br_fdb_fini(void) 54{ 55 kmem_cache_destroy(br_fdb_cache); 56} 57 58 59/* if topology_changing then use forward_delay (default 15 sec) 60 * otherwise keep longer (default 5 minutes) 61 */ 62static inline unsigned long hold_time(const struct net_bridge *br) 63{ 64 return br->topology_change ? br->forward_delay : br->ageing_time; 65} 66 67static inline int has_expired(const struct net_bridge *br, 68 const struct net_bridge_fdb_entry *fdb) 69{ 70 return !fdb->is_static && 71 time_before_eq(fdb->updated + hold_time(br), jiffies); 72} 73 74static inline int br_mac_hash(const unsigned char *mac, __u16 vid) 75{ 76 /* use 1 byte of OUI and 3 bytes of NIC */ 77 u32 key = get_unaligned((u32 *)(mac + 2)); 78 return jhash_2words(key, vid, fdb_salt) & (BR_HASH_SIZE - 1); 79} 80 81static void fdb_rcu_free(struct rcu_head *head) 82{ 83 struct net_bridge_fdb_entry *ent 84 = container_of(head, struct net_bridge_fdb_entry, rcu); 85 kmem_cache_free(br_fdb_cache, ent); 86} 87 88static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f) 89{ 90 hlist_del_rcu(&f->hlist); 91 fdb_notify(br, f, RTM_DELNEIGH); 92 call_rcu(&f->rcu, fdb_rcu_free); 93} 94 95/* Delete a local entry if no other port had the same address. */ 96static void fdb_delete_local(struct net_bridge *br, 97 const struct net_bridge_port *p, 98 struct net_bridge_fdb_entry *f) 99{ 100 const unsigned char *addr = f->addr.addr; 101 u16 vid = f->vlan_id; 102 struct net_bridge_port *op; 103 104 /* Maybe another port has same hw addr? */ 105 list_for_each_entry(op, &br->port_list, list) { 106 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) && 107 (!vid || nbp_vlan_find(op, vid))) { 108 f->dst = op; 109 f->added_by_user = 0; 110 return; 111 } 112 } 113 114 /* Maybe bridge device has same hw addr? */ 115 if (p && ether_addr_equal(br->dev->dev_addr, addr) && 116 (!vid || br_vlan_find(br, vid))) { 117 f->dst = NULL; 118 f->added_by_user = 0; 119 return; 120 } 121 122 fdb_delete(br, f); 123} 124 125void br_fdb_find_delete_local(struct net_bridge *br, 126 const struct net_bridge_port *p, 127 const unsigned char *addr, u16 vid) 128{ 129 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 130 struct net_bridge_fdb_entry *f; 131 132 spin_lock_bh(&br->hash_lock); 133 f = fdb_find(head, addr, vid); 134 if (f && f->is_local && !f->added_by_user && f->dst == p) 135 fdb_delete_local(br, p, f); 136 spin_unlock_bh(&br->hash_lock); 137} 138 139void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr) 140{ 141 struct net_bridge *br = p->br; 142 struct net_port_vlans *pv = nbp_get_vlan_info(p); 143 bool no_vlan = !pv; 144 int i; 145 u16 vid; 146 147 spin_lock_bh(&br->hash_lock); 148 149 /* Search all chains since old address/hash is unknown */ 150 for (i = 0; i < BR_HASH_SIZE; i++) { 151 struct hlist_node *h; 152 hlist_for_each(h, &br->hash[i]) { 153 struct net_bridge_fdb_entry *f; 154 155 f = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 156 if (f->dst == p && f->is_local && !f->added_by_user) { 157 /* delete old one */ 158 fdb_delete_local(br, p, f); 159 160 /* if this port has no vlan information 161 * configured, we can safely be done at 162 * this point. 163 */ 164 if (no_vlan) 165 goto insert; 166 } 167 } 168 } 169 170insert: 171 /* insert new address, may fail if invalid address or dup. */ 172 fdb_insert(br, p, newaddr, 0); 173 174 if (no_vlan) 175 goto done; 176 177 /* Now add entries for every VLAN configured on the port. 178 * This function runs under RTNL so the bitmap will not change 179 * from under us. 180 */ 181 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) 182 fdb_insert(br, p, newaddr, vid); 183 184done: 185 spin_unlock_bh(&br->hash_lock); 186} 187 188void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr) 189{ 190 struct net_bridge_fdb_entry *f; 191 struct net_port_vlans *pv; 192 u16 vid = 0; 193 194 spin_lock_bh(&br->hash_lock); 195 196 /* If old entry was unassociated with any port, then delete it. */ 197 f = __br_fdb_get(br, br->dev->dev_addr, 0); 198 if (f && f->is_local && !f->dst) 199 fdb_delete_local(br, NULL, f); 200 201 fdb_insert(br, NULL, newaddr, 0); 202 203 /* Now remove and add entries for every VLAN configured on the 204 * bridge. This function runs under RTNL so the bitmap will not 205 * change from under us. 206 */ 207 pv = br_get_vlan_info(br); 208 if (!pv) 209 goto out; 210 211 for_each_set_bit_from(vid, pv->vlan_bitmap, VLAN_N_VID) { 212 f = __br_fdb_get(br, br->dev->dev_addr, vid); 213 if (f && f->is_local && !f->dst) 214 fdb_delete_local(br, NULL, f); 215 fdb_insert(br, NULL, newaddr, vid); 216 } 217out: 218 spin_unlock_bh(&br->hash_lock); 219} 220 221void br_fdb_cleanup(unsigned long _data) 222{ 223 struct net_bridge *br = (struct net_bridge *)_data; 224 unsigned long delay = hold_time(br); 225 unsigned long next_timer = jiffies + br->ageing_time; 226 int i; 227 228 spin_lock(&br->hash_lock); 229 for (i = 0; i < BR_HASH_SIZE; i++) { 230 struct net_bridge_fdb_entry *f; 231 struct hlist_node *n; 232 233 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 234 unsigned long this_timer; 235 if (f->is_static) 236 continue; 237 this_timer = f->updated + delay; 238 if (time_before_eq(this_timer, jiffies)) 239 fdb_delete(br, f); 240 else if (time_before(this_timer, next_timer)) 241 next_timer = this_timer; 242 } 243 } 244 spin_unlock(&br->hash_lock); 245 246 mod_timer(&br->gc_timer, round_jiffies_up(next_timer)); 247} 248 249/* Completely flush all dynamic entries in forwarding database.*/ 250void br_fdb_flush(struct net_bridge *br) 251{ 252 int i; 253 254 spin_lock_bh(&br->hash_lock); 255 for (i = 0; i < BR_HASH_SIZE; i++) { 256 struct net_bridge_fdb_entry *f; 257 struct hlist_node *n; 258 hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { 259 if (!f->is_static) 260 fdb_delete(br, f); 261 } 262 } 263 spin_unlock_bh(&br->hash_lock); 264} 265 266/* Flush all entries referring to a specific port. 267 * if do_all is set also flush static entries 268 */ 269void br_fdb_delete_by_port(struct net_bridge *br, 270 const struct net_bridge_port *p, 271 int do_all) 272{ 273 int i; 274 275 spin_lock_bh(&br->hash_lock); 276 for (i = 0; i < BR_HASH_SIZE; i++) { 277 struct hlist_node *h, *g; 278 279 hlist_for_each_safe(h, g, &br->hash[i]) { 280 struct net_bridge_fdb_entry *f 281 = hlist_entry(h, struct net_bridge_fdb_entry, hlist); 282 if (f->dst != p) 283 continue; 284 285 if (f->is_static && !do_all) 286 continue; 287 288 if (f->is_local) 289 fdb_delete_local(br, p, f); 290 else 291 fdb_delete(br, f); 292 } 293 } 294 spin_unlock_bh(&br->hash_lock); 295} 296 297/* No locking or refcounting, assumes caller has rcu_read_lock */ 298struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br, 299 const unsigned char *addr, 300 __u16 vid) 301{ 302 struct net_bridge_fdb_entry *fdb; 303 304 hlist_for_each_entry_rcu(fdb, 305 &br->hash[br_mac_hash(addr, vid)], hlist) { 306 if (ether_addr_equal(fdb->addr.addr, addr) && 307 fdb->vlan_id == vid) { 308 if (unlikely(has_expired(br, fdb))) 309 break; 310 return fdb; 311 } 312 } 313 314 return NULL; 315} 316 317#if IS_ENABLED(CONFIG_ATM_LANE) 318/* Interface used by ATM LANE hook to test 319 * if an addr is on some other bridge port */ 320int br_fdb_test_addr(struct net_device *dev, unsigned char *addr) 321{ 322 struct net_bridge_fdb_entry *fdb; 323 struct net_bridge_port *port; 324 int ret; 325 326 rcu_read_lock(); 327 port = br_port_get_rcu(dev); 328 if (!port) 329 ret = 0; 330 else { 331 fdb = __br_fdb_get(port->br, addr, 0); 332 ret = fdb && fdb->dst && fdb->dst->dev != dev && 333 fdb->dst->state == BR_STATE_FORWARDING; 334 } 335 rcu_read_unlock(); 336 337 return ret; 338} 339#endif /* CONFIG_ATM_LANE */ 340 341/* 342 * Fill buffer with forwarding table records in 343 * the API format. 344 */ 345int br_fdb_fillbuf(struct net_bridge *br, void *buf, 346 unsigned long maxnum, unsigned long skip) 347{ 348 struct __fdb_entry *fe = buf; 349 int i, num = 0; 350 struct net_bridge_fdb_entry *f; 351 352 memset(buf, 0, maxnum*sizeof(struct __fdb_entry)); 353 354 rcu_read_lock(); 355 for (i = 0; i < BR_HASH_SIZE; i++) { 356 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 357 if (num >= maxnum) 358 goto out; 359 360 if (has_expired(br, f)) 361 continue; 362 363 /* ignore pseudo entry for local MAC address */ 364 if (!f->dst) 365 continue; 366 367 if (skip) { 368 --skip; 369 continue; 370 } 371 372 /* convert from internal format to API */ 373 memcpy(fe->mac_addr, f->addr.addr, ETH_ALEN); 374 375 /* due to ABI compat need to split into hi/lo */ 376 fe->port_no = f->dst->port_no; 377 fe->port_hi = f->dst->port_no >> 8; 378 379 fe->is_local = f->is_local; 380 if (!f->is_static) 381 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated); 382 ++fe; 383 ++num; 384 } 385 } 386 387 out: 388 rcu_read_unlock(); 389 390 return num; 391} 392 393static struct net_bridge_fdb_entry *fdb_find(struct hlist_head *head, 394 const unsigned char *addr, 395 __u16 vid) 396{ 397 struct net_bridge_fdb_entry *fdb; 398 399 hlist_for_each_entry(fdb, head, hlist) { 400 if (ether_addr_equal(fdb->addr.addr, addr) && 401 fdb->vlan_id == vid) 402 return fdb; 403 } 404 return NULL; 405} 406 407static struct net_bridge_fdb_entry *fdb_find_rcu(struct hlist_head *head, 408 const unsigned char *addr, 409 __u16 vid) 410{ 411 struct net_bridge_fdb_entry *fdb; 412 413 hlist_for_each_entry_rcu(fdb, head, hlist) { 414 if (ether_addr_equal(fdb->addr.addr, addr) && 415 fdb->vlan_id == vid) 416 return fdb; 417 } 418 return NULL; 419} 420 421static struct net_bridge_fdb_entry *fdb_create(struct hlist_head *head, 422 struct net_bridge_port *source, 423 const unsigned char *addr, 424 __u16 vid) 425{ 426 struct net_bridge_fdb_entry *fdb; 427 428 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC); 429 if (fdb) { 430 memcpy(fdb->addr.addr, addr, ETH_ALEN); 431 fdb->dst = source; 432 fdb->vlan_id = vid; 433 fdb->is_local = 0; 434 fdb->is_static = 0; 435 fdb->added_by_user = 0; 436 fdb->updated = fdb->used = jiffies; 437 hlist_add_head_rcu(&fdb->hlist, head); 438 } 439 return fdb; 440} 441 442static int fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 443 const unsigned char *addr, u16 vid) 444{ 445 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 446 struct net_bridge_fdb_entry *fdb; 447 448 if (!is_valid_ether_addr(addr)) 449 return -EINVAL; 450 451 fdb = fdb_find(head, addr, vid); 452 if (fdb) { 453 /* it is okay to have multiple ports with same 454 * address, just use the first one. 455 */ 456 if (fdb->is_local) 457 return 0; 458 br_warn(br, "adding interface %s with same address " 459 "as a received packet\n", 460 source ? source->dev->name : br->dev->name); 461 fdb_delete(br, fdb); 462 } 463 464 fdb = fdb_create(head, source, addr, vid); 465 if (!fdb) 466 return -ENOMEM; 467 468 fdb->is_local = fdb->is_static = 1; 469 fdb_notify(br, fdb, RTM_NEWNEIGH); 470 return 0; 471} 472 473/* Add entry for local address of interface */ 474int br_fdb_insert(struct net_bridge *br, struct net_bridge_port *source, 475 const unsigned char *addr, u16 vid) 476{ 477 int ret; 478 479 spin_lock_bh(&br->hash_lock); 480 ret = fdb_insert(br, source, addr, vid); 481 spin_unlock_bh(&br->hash_lock); 482 return ret; 483} 484 485void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, 486 const unsigned char *addr, u16 vid, bool added_by_user) 487{ 488 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 489 struct net_bridge_fdb_entry *fdb; 490 491 /* some users want to always flood. */ 492 if (hold_time(br) == 0) 493 return; 494 495 /* ignore packets unless we are using this port */ 496 if (!(source->state == BR_STATE_LEARNING || 497 source->state == BR_STATE_FORWARDING)) 498 return; 499 500 fdb = fdb_find_rcu(head, addr, vid); 501 if (likely(fdb)) { 502 /* attempt to update an entry for a local interface */ 503 if (unlikely(fdb->is_local)) { 504 if (net_ratelimit()) 505 br_warn(br, "received packet on %s with " 506 "own address as source address\n", 507 source->dev->name); 508 } else { 509 /* fastpath: update of existing entry */ 510 fdb->dst = source; 511 fdb->updated = jiffies; 512 if (unlikely(added_by_user)) 513 fdb->added_by_user = 1; 514 } 515 } else { 516 spin_lock(&br->hash_lock); 517 if (likely(!fdb_find(head, addr, vid))) { 518 fdb = fdb_create(head, source, addr, vid); 519 if (fdb) { 520 if (unlikely(added_by_user)) 521 fdb->added_by_user = 1; 522 fdb_notify(br, fdb, RTM_NEWNEIGH); 523 } 524 } 525 /* else we lose race and someone else inserts 526 * it first, don't bother updating 527 */ 528 spin_unlock(&br->hash_lock); 529 } 530} 531 532static int fdb_to_nud(const struct net_bridge_fdb_entry *fdb) 533{ 534 if (fdb->is_local) 535 return NUD_PERMANENT; 536 else if (fdb->is_static) 537 return NUD_NOARP; 538 else if (has_expired(fdb->dst->br, fdb)) 539 return NUD_STALE; 540 else 541 return NUD_REACHABLE; 542} 543 544static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br, 545 const struct net_bridge_fdb_entry *fdb, 546 u32 portid, u32 seq, int type, unsigned int flags) 547{ 548 unsigned long now = jiffies; 549 struct nda_cacheinfo ci; 550 struct nlmsghdr *nlh; 551 struct ndmsg *ndm; 552 553 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags); 554 if (nlh == NULL) 555 return -EMSGSIZE; 556 557 ndm = nlmsg_data(nlh); 558 ndm->ndm_family = AF_BRIDGE; 559 ndm->ndm_pad1 = 0; 560 ndm->ndm_pad2 = 0; 561 ndm->ndm_flags = 0; 562 ndm->ndm_type = 0; 563 ndm->ndm_ifindex = fdb->dst ? fdb->dst->dev->ifindex : br->dev->ifindex; 564 ndm->ndm_state = fdb_to_nud(fdb); 565 566 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->addr)) 567 goto nla_put_failure; 568 ci.ndm_used = jiffies_to_clock_t(now - fdb->used); 569 ci.ndm_confirmed = 0; 570 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated); 571 ci.ndm_refcnt = 0; 572 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci)) 573 goto nla_put_failure; 574 575 if (nla_put(skb, NDA_VLAN, sizeof(u16), &fdb->vlan_id)) 576 goto nla_put_failure; 577 578 return nlmsg_end(skb, nlh); 579 580nla_put_failure: 581 nlmsg_cancel(skb, nlh); 582 return -EMSGSIZE; 583} 584 585static inline size_t fdb_nlmsg_size(void) 586{ 587 return NLMSG_ALIGN(sizeof(struct ndmsg)) 588 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */ 589 + nla_total_size(sizeof(u16)) /* NDA_VLAN */ 590 + nla_total_size(sizeof(struct nda_cacheinfo)); 591} 592 593static void fdb_notify(struct net_bridge *br, 594 const struct net_bridge_fdb_entry *fdb, int type) 595{ 596 struct net *net = dev_net(br->dev); 597 struct sk_buff *skb; 598 int err = -ENOBUFS; 599 600 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC); 601 if (skb == NULL) 602 goto errout; 603 604 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0); 605 if (err < 0) { 606 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */ 607 WARN_ON(err == -EMSGSIZE); 608 kfree_skb(skb); 609 goto errout; 610 } 611 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC); 612 return; 613errout: 614 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err); 615} 616 617/* Dump information about entries, in response to GETNEIGH */ 618int br_fdb_dump(struct sk_buff *skb, 619 struct netlink_callback *cb, 620 struct net_device *dev, 621 int idx) 622{ 623 struct net_bridge *br = netdev_priv(dev); 624 int i; 625 626 if (!(dev->priv_flags & IFF_EBRIDGE)) 627 goto out; 628 629 for (i = 0; i < BR_HASH_SIZE; i++) { 630 struct net_bridge_fdb_entry *f; 631 632 hlist_for_each_entry_rcu(f, &br->hash[i], hlist) { 633 if (idx < cb->args[0]) 634 goto skip; 635 636 if (fdb_fill_info(skb, br, f, 637 NETLINK_CB(cb->skb).portid, 638 cb->nlh->nlmsg_seq, 639 RTM_NEWNEIGH, 640 NLM_F_MULTI) < 0) 641 break; 642skip: 643 ++idx; 644 } 645 } 646 647out: 648 return idx; 649} 650 651/* Update (create or replace) forwarding database entry */ 652static int fdb_add_entry(struct net_bridge_port *source, const __u8 *addr, 653 __u16 state, __u16 flags, __u16 vid) 654{ 655 struct net_bridge *br = source->br; 656 struct hlist_head *head = &br->hash[br_mac_hash(addr, vid)]; 657 struct net_bridge_fdb_entry *fdb; 658 bool modified = false; 659 660 fdb = fdb_find(head, addr, vid); 661 if (fdb == NULL) { 662 if (!(flags & NLM_F_CREATE)) 663 return -ENOENT; 664 665 fdb = fdb_create(head, source, addr, vid); 666 if (!fdb) 667 return -ENOMEM; 668 669 modified = true; 670 } else { 671 if (flags & NLM_F_EXCL) 672 return -EEXIST; 673 674 if (fdb->dst != source) { 675 fdb->dst = source; 676 modified = true; 677 } 678 } 679 680 if (fdb_to_nud(fdb) != state) { 681 if (state & NUD_PERMANENT) 682 fdb->is_local = fdb->is_static = 1; 683 else if (state & NUD_NOARP) { 684 fdb->is_local = 0; 685 fdb->is_static = 1; 686 } else 687 fdb->is_local = fdb->is_static = 0; 688 689 modified = true; 690 } 691 fdb->added_by_user = 1; 692 693 fdb->used = jiffies; 694 if (modified) { 695 fdb->updated = jiffies; 696 fdb_notify(br, fdb, RTM_NEWNEIGH); 697 } 698 699 return 0; 700} 701 702static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge_port *p, 703 const unsigned char *addr, u16 nlh_flags, u16 vid) 704{ 705 int err = 0; 706 707 if (ndm->ndm_flags & NTF_USE) { 708 rcu_read_lock(); 709 br_fdb_update(p->br, p, addr, vid, true); 710 rcu_read_unlock(); 711 } else { 712 spin_lock_bh(&p->br->hash_lock); 713 err = fdb_add_entry(p, addr, ndm->ndm_state, 714 nlh_flags, vid); 715 spin_unlock_bh(&p->br->hash_lock); 716 } 717 718 return err; 719} 720 721/* Add new permanent fdb entry with RTM_NEWNEIGH */ 722int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[], 723 struct net_device *dev, 724 const unsigned char *addr, u16 nlh_flags) 725{ 726 struct net_bridge_port *p; 727 int err = 0; 728 struct net_port_vlans *pv; 729 unsigned short vid = VLAN_N_VID; 730 731 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) { 732 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state); 733 return -EINVAL; 734 } 735 736 if (tb[NDA_VLAN]) { 737 if (nla_len(tb[NDA_VLAN]) != sizeof(unsigned short)) { 738 pr_info("bridge: RTM_NEWNEIGH with invalid vlan\n"); 739 return -EINVAL; 740 } 741 742 vid = nla_get_u16(tb[NDA_VLAN]); 743 744 if (!vid || vid >= VLAN_VID_MASK) { 745 pr_info("bridge: RTM_NEWNEIGH with invalid vlan id %d\n", 746 vid); 747 return -EINVAL; 748 } 749 } 750 751 if (is_zero_ether_addr(addr)) { 752 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n"); 753 return -EINVAL; 754 } 755 756 p = br_port_get_rtnl(dev); 757 if (p == NULL) { 758 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n", 759 dev->name); 760 return -EINVAL; 761 } 762 763 pv = nbp_get_vlan_info(p); 764 if (vid != VLAN_N_VID) { 765 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 766 pr_info("bridge: RTM_NEWNEIGH with unconfigured " 767 "vlan %d on port %s\n", vid, dev->name); 768 return -EINVAL; 769 } 770 771 /* VID was specified, so use it. */ 772 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 773 } else { 774 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 775 err = __br_fdb_add(ndm, p, addr, nlh_flags, 0); 776 goto out; 777 } 778 779 /* We have vlans configured on this port and user didn't 780 * specify a VLAN. To be nice, add/update entry for every 781 * vlan on this port. 782 */ 783 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 784 err = __br_fdb_add(ndm, p, addr, nlh_flags, vid); 785 if (err) 786 goto out; 787 } 788 } 789 790out: 791 return err; 792} 793 794static int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, u16 vlan) 795{ 796 struct hlist_head *head = &br->hash[br_mac_hash(addr, vlan)]; 797 struct net_bridge_fdb_entry *fdb; 798 799 fdb = fdb_find(head, addr, vlan); 800 if (!fdb) 801 return -ENOENT; 802 803 fdb_delete(br, fdb); 804 return 0; 805} 806 807static int __br_fdb_delete(struct net_bridge_port *p, 808 const unsigned char *addr, u16 vid) 809{ 810 int err; 811 812 spin_lock_bh(&p->br->hash_lock); 813 err = fdb_delete_by_addr(p->br, addr, vid); 814 spin_unlock_bh(&p->br->hash_lock); 815 816 return err; 817} 818 819/* Remove neighbor entry with RTM_DELNEIGH */ 820int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[], 821 struct net_device *dev, 822 const unsigned char *addr) 823{ 824 struct net_bridge_port *p; 825 int err; 826 struct net_port_vlans *pv; 827 unsigned short vid = VLAN_N_VID; 828 829 if (tb[NDA_VLAN]) { 830 if (nla_len(tb[NDA_VLAN]) != sizeof(unsigned short)) { 831 pr_info("bridge: RTM_NEWNEIGH with invalid vlan\n"); 832 return -EINVAL; 833 } 834 835 vid = nla_get_u16(tb[NDA_VLAN]); 836 837 if (!vid || vid >= VLAN_VID_MASK) { 838 pr_info("bridge: RTM_NEWNEIGH with invalid vlan id %d\n", 839 vid); 840 return -EINVAL; 841 } 842 } 843 p = br_port_get_rtnl(dev); 844 if (p == NULL) { 845 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n", 846 dev->name); 847 return -EINVAL; 848 } 849 850 pv = nbp_get_vlan_info(p); 851 if (vid != VLAN_N_VID) { 852 if (!pv || !test_bit(vid, pv->vlan_bitmap)) { 853 pr_info("bridge: RTM_DELNEIGH with unconfigured " 854 "vlan %d on port %s\n", vid, dev->name); 855 return -EINVAL; 856 } 857 858 err = __br_fdb_delete(p, addr, vid); 859 } else { 860 if (!pv || bitmap_empty(pv->vlan_bitmap, VLAN_N_VID)) { 861 err = __br_fdb_delete(p, addr, 0); 862 goto out; 863 } 864 865 /* We have vlans configured on this port and user didn't 866 * specify a VLAN. To be nice, add/update entry for every 867 * vlan on this port. 868 */ 869 err = -ENOENT; 870 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) { 871 err &= __br_fdb_delete(p, addr, vid); 872 } 873 } 874out: 875 return err; 876} 877