search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge tag 'hwmon-for-v6.13-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git...
[linux.git] / net / bridge / br_fdb.c
blob82bac2426631bcea63ea834e72f074fa2eaf0cee
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Forwarding database
4 * Linux ethernet bridge
5 *
6 * Authors:
7 * Lennert Buytenhek <buytenh@gnu.org>
8 */
9
10 #include <linux/kernel.h>
11 #include <linux/init.h>
12 #include <linux/rculist.h>
13 #include <linux/spinlock.h>
14 #include <linux/times.h>
15 #include <linux/netdevice.h>
16 #include <linux/etherdevice.h>
17 #include <linux/jhash.h>
18 #include <linux/random.h>
19 #include <linux/slab.h>
20 #include <linux/atomic.h>
21 #include <linux/unaligned.h>
22 #include <linux/if_vlan.h>
23 #include <net/switchdev.h>
24 #include <trace/events/bridge.h>
25 #include "br_private.h"
26
27 static const struct rhashtable_params br_fdb_rht_params = {
28 .head_offset = offsetof(struct net_bridge_fdb_entry, rhnode),
29 .key_offset = offsetof(struct net_bridge_fdb_entry, key),
30 .key_len = sizeof(struct net_bridge_fdb_key),
31 .automatic_shrinking = true,
32 };
33
34 static struct kmem_cache *br_fdb_cache __read_mostly;
35
36 int __init br_fdb_init(void)
37 {
38 br_fdb_cache = KMEM_CACHE(net_bridge_fdb_entry, SLAB_HWCACHE_ALIGN);
39 if (!br_fdb_cache)
40 return -ENOMEM;
41
42 return 0;
43 }
44
45 void br_fdb_fini(void)
46 {
47 kmem_cache_destroy(br_fdb_cache);
48 }
49
50 int br_fdb_hash_init(struct net_bridge *br)
51 {
52 return rhashtable_init(&br->fdb_hash_tbl, &br_fdb_rht_params);
53 }
54
55 void br_fdb_hash_fini(struct net_bridge *br)
56 {
57 rhashtable_destroy(&br->fdb_hash_tbl);
58 }
59
60 /* if topology_changing then use forward_delay (default 15 sec)
61 * otherwise keep longer (default 5 minutes)
62 */
63 static inline unsigned long hold_time(const struct net_bridge *br)
64 {
65 return br->topology_change ? br->forward_delay : br->ageing_time;
66 }
67
68 static inline int has_expired(const struct net_bridge *br,
69 const struct net_bridge_fdb_entry *fdb)
70 {
71 return !test_bit(BR_FDB_STATIC, &fdb->flags) &&
72 !test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags) &&
73 time_before_eq(fdb->updated + hold_time(br), jiffies);
74 }
75
76 static int fdb_to_nud(const struct net_bridge *br,
77 const struct net_bridge_fdb_entry *fdb)
78 {
79 if (test_bit(BR_FDB_LOCAL, &fdb->flags))
80 return NUD_PERMANENT;
81 else if (test_bit(BR_FDB_STATIC, &fdb->flags))
82 return NUD_NOARP;
83 else if (has_expired(br, fdb))
84 return NUD_STALE;
85 else
86 return NUD_REACHABLE;
87 }
88
89 static int fdb_fill_info(struct sk_buff *skb, const struct net_bridge *br,
90 const struct net_bridge_fdb_entry *fdb,
91 u32 portid, u32 seq, int type, unsigned int flags)
92 {
93 const struct net_bridge_port *dst = READ_ONCE(fdb->dst);
94 unsigned long now = jiffies;
95 struct nda_cacheinfo ci;
96 struct nlmsghdr *nlh;
97 struct ndmsg *ndm;
98 u32 ext_flags = 0;
99
100 nlh = nlmsg_put(skb, portid, seq, type, sizeof(*ndm), flags);
101 if (nlh == NULL)
102 return -EMSGSIZE;
103
104 ndm = nlmsg_data(nlh);
105 ndm->ndm_family = AF_BRIDGE;
106 ndm->ndm_pad1 = 0;
107 ndm->ndm_pad2 = 0;
108 ndm->ndm_flags = 0;
109 ndm->ndm_type = 0;
110 ndm->ndm_ifindex = dst ? dst->dev->ifindex : br->dev->ifindex;
111 ndm->ndm_state = fdb_to_nud(br, fdb);
112
113 if (test_bit(BR_FDB_OFFLOADED, &fdb->flags))
114 ndm->ndm_flags |= NTF_OFFLOADED;
115 if (test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags))
116 ndm->ndm_flags |= NTF_EXT_LEARNED;
117 if (test_bit(BR_FDB_STICKY, &fdb->flags))
118 ndm->ndm_flags |= NTF_STICKY;
119 if (test_bit(BR_FDB_LOCKED, &fdb->flags))
120 ext_flags |= NTF_EXT_LOCKED;
121
122 if (nla_put(skb, NDA_LLADDR, ETH_ALEN, &fdb->key.addr))
123 goto nla_put_failure;
124 if (nla_put_u32(skb, NDA_MASTER, br->dev->ifindex))
125 goto nla_put_failure;
126 if (nla_put_u32(skb, NDA_FLAGS_EXT, ext_flags))
127 goto nla_put_failure;
128
129 ci.ndm_used = jiffies_to_clock_t(now - fdb->used);
130 ci.ndm_confirmed = 0;
131 ci.ndm_updated = jiffies_to_clock_t(now - fdb->updated);
132 ci.ndm_refcnt = 0;
133 if (nla_put(skb, NDA_CACHEINFO, sizeof(ci), &ci))
134 goto nla_put_failure;
135
136 if (fdb->key.vlan_id && nla_put(skb, NDA_VLAN, sizeof(u16),
137 &fdb->key.vlan_id))
138 goto nla_put_failure;
139
140 if (test_bit(BR_FDB_NOTIFY, &fdb->flags)) {
141 struct nlattr *nest = nla_nest_start(skb, NDA_FDB_EXT_ATTRS);
142 u8 notify_bits = FDB_NOTIFY_BIT;
143
144 if (!nest)
145 goto nla_put_failure;
146 if (test_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags))
147 notify_bits |= FDB_NOTIFY_INACTIVE_BIT;
148
149 if (nla_put_u8(skb, NFEA_ACTIVITY_NOTIFY, notify_bits)) {
150 nla_nest_cancel(skb, nest);
151 goto nla_put_failure;
152 }
153
154 nla_nest_end(skb, nest);
155 }
156
157 nlmsg_end(skb, nlh);
158 return 0;
159
160 nla_put_failure:
161 nlmsg_cancel(skb, nlh);
162 return -EMSGSIZE;
163 }
164
165 static inline size_t fdb_nlmsg_size(void)
166 {
167 return NLMSG_ALIGN(sizeof(struct ndmsg))
168 + nla_total_size(ETH_ALEN) /* NDA_LLADDR */
169 + nla_total_size(sizeof(u32)) /* NDA_MASTER */
170 + nla_total_size(sizeof(u32)) /* NDA_FLAGS_EXT */
171 + nla_total_size(sizeof(u16)) /* NDA_VLAN */
172 + nla_total_size(sizeof(struct nda_cacheinfo))
173 + nla_total_size(0) /* NDA_FDB_EXT_ATTRS */
174 + nla_total_size(sizeof(u8)); /* NFEA_ACTIVITY_NOTIFY */
175 }
176
177 static void fdb_notify(struct net_bridge *br,
178 const struct net_bridge_fdb_entry *fdb, int type,
179 bool swdev_notify)
180 {
181 struct net *net = dev_net(br->dev);
182 struct sk_buff *skb;
183 int err = -ENOBUFS;
184
185 if (swdev_notify)
186 br_switchdev_fdb_notify(br, fdb, type);
187
188 skb = nlmsg_new(fdb_nlmsg_size(), GFP_ATOMIC);
189 if (skb == NULL)
190 goto errout;
191
192 err = fdb_fill_info(skb, br, fdb, 0, 0, type, 0);
193 if (err < 0) {
194 /* -EMSGSIZE implies BUG in fdb_nlmsg_size() */
195 WARN_ON(err == -EMSGSIZE);
196 kfree_skb(skb);
197 goto errout;
198 }
199 rtnl_notify(skb, net, 0, RTNLGRP_NEIGH, NULL, GFP_ATOMIC);
200 return;
201 errout:
202 rtnl_set_sk_err(net, RTNLGRP_NEIGH, err);
203 }
204
205 static struct net_bridge_fdb_entry *fdb_find_rcu(struct rhashtable *tbl,
206 const unsigned char *addr,
207 __u16 vid)
208 {
209 struct net_bridge_fdb_key key;
210
211 WARN_ON_ONCE(!rcu_read_lock_held());
212
213 key.vlan_id = vid;
214 memcpy(key.addr.addr, addr, sizeof(key.addr.addr));
215
216 return rhashtable_lookup(tbl, &key, br_fdb_rht_params);
217 }
218
219 /* requires bridge hash_lock */
220 static struct net_bridge_fdb_entry *br_fdb_find(struct net_bridge *br,
221 const unsigned char *addr,
222 __u16 vid)
223 {
224 struct net_bridge_fdb_entry *fdb;
225
226 lockdep_assert_held_once(&br->hash_lock);
227
228 rcu_read_lock();
229 fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid);
230 rcu_read_unlock();
231
232 return fdb;
233 }
234
235 struct net_device *br_fdb_find_port(const struct net_device *br_dev,
236 const unsigned char *addr,
237 __u16 vid)
238 {
239 struct net_bridge_fdb_entry *f;
240 struct net_device *dev = NULL;
241 struct net_bridge *br;
242
243 ASSERT_RTNL();
244
245 if (!netif_is_bridge_master(br_dev))
246 return NULL;
247
248 br = netdev_priv(br_dev);
249 rcu_read_lock();
250 f = br_fdb_find_rcu(br, addr, vid);
251 if (f && f->dst)
252 dev = f->dst->dev;
253 rcu_read_unlock();
254
255 return dev;
256 }
257 EXPORT_SYMBOL_GPL(br_fdb_find_port);
258
259 struct net_bridge_fdb_entry *br_fdb_find_rcu(struct net_bridge *br,
260 const unsigned char *addr,
261 __u16 vid)
262 {
263 return fdb_find_rcu(&br->fdb_hash_tbl, addr, vid);
264 }
265
266 /* When a static FDB entry is added, the mac address from the entry is
267 * added to the bridge private HW address list and all required ports
268 * are then updated with the new information.
269 * Called under RTNL.
270 */
271 static void fdb_add_hw_addr(struct net_bridge *br, const unsigned char *addr)
272 {
273 int err;
274 struct net_bridge_port *p;
275
276 ASSERT_RTNL();
277
278 list_for_each_entry(p, &br->port_list, list) {
279 if (!br_promisc_port(p)) {
280 err = dev_uc_add(p->dev, addr);
281 if (err)
282 goto undo;
283 }
284 }
285
286 return;
287 undo:
288 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
289 if (!br_promisc_port(p))
290 dev_uc_del(p->dev, addr);
291 }
292 }
293
294 /* When a static FDB entry is deleted, the HW address from that entry is
295 * also removed from the bridge private HW address list and updates all
296 * the ports with needed information.
297 * Called under RTNL.
298 */
299 static void fdb_del_hw_addr(struct net_bridge *br, const unsigned char *addr)
300 {
301 struct net_bridge_port *p;
302
303 ASSERT_RTNL();
304
305 list_for_each_entry(p, &br->port_list, list) {
306 if (!br_promisc_port(p))
307 dev_uc_del(p->dev, addr);
308 }
309 }
310
311 static void fdb_delete(struct net_bridge *br, struct net_bridge_fdb_entry *f,
312 bool swdev_notify)
313 {
314 trace_fdb_delete(br, f);
315
316 if (test_bit(BR_FDB_STATIC, &f->flags))
317 fdb_del_hw_addr(br, f->key.addr.addr);
318
319 hlist_del_init_rcu(&f->fdb_node);
320 rhashtable_remove_fast(&br->fdb_hash_tbl, &f->rhnode,
321 br_fdb_rht_params);
322 if (test_and_clear_bit(BR_FDB_DYNAMIC_LEARNED, &f->flags))
323 atomic_dec(&br->fdb_n_learned);
324 fdb_notify(br, f, RTM_DELNEIGH, swdev_notify);
325 kfree_rcu(f, rcu);
326 }
327
328 /* Delete a local entry if no other port had the same address.
329 *
330 * This function should only be called on entries with BR_FDB_LOCAL set,
331 * so even with BR_FDB_ADDED_BY_USER cleared we never need to increase
332 * the accounting for dynamically learned entries again.
333 */
334 static void fdb_delete_local(struct net_bridge *br,
335 const struct net_bridge_port *p,
336 struct net_bridge_fdb_entry *f)
337 {
338 const unsigned char *addr = f->key.addr.addr;
339 struct net_bridge_vlan_group *vg;
340 const struct net_bridge_vlan *v;
341 struct net_bridge_port *op;
342 u16 vid = f->key.vlan_id;
343
344 /* Maybe another port has same hw addr? */
345 list_for_each_entry(op, &br->port_list, list) {
346 vg = nbp_vlan_group(op);
347 if (op != p && ether_addr_equal(op->dev->dev_addr, addr) &&
348 (!vid || br_vlan_find(vg, vid))) {
349 f->dst = op;
350 clear_bit(BR_FDB_ADDED_BY_USER, &f->flags);
351 return;
352 }
353 }
354
355 vg = br_vlan_group(br);
356 v = br_vlan_find(vg, vid);
357 /* Maybe bridge device has same hw addr? */
358 if (p && ether_addr_equal(br->dev->dev_addr, addr) &&
359 (!vid || (v && br_vlan_should_use(v)))) {
360 f->dst = NULL;
361 clear_bit(BR_FDB_ADDED_BY_USER, &f->flags);
362 return;
363 }
364
365 fdb_delete(br, f, true);
366 }
367
368 void br_fdb_find_delete_local(struct net_bridge *br,
369 const struct net_bridge_port *p,
370 const unsigned char *addr, u16 vid)
371 {
372 struct net_bridge_fdb_entry *f;
373
374 spin_lock_bh(&br->hash_lock);
375 f = br_fdb_find(br, addr, vid);
376 if (f && test_bit(BR_FDB_LOCAL, &f->flags) &&
377 !test_bit(BR_FDB_ADDED_BY_USER, &f->flags) && f->dst == p)
378 fdb_delete_local(br, p, f);
379 spin_unlock_bh(&br->hash_lock);
380 }
381
382 static struct net_bridge_fdb_entry *fdb_create(struct net_bridge *br,
383 struct net_bridge_port *source,
384 const unsigned char *addr,
385 __u16 vid,
386 unsigned long flags)
387 {
388 bool learned = !test_bit(BR_FDB_ADDED_BY_USER, &flags) &&
389 !test_bit(BR_FDB_LOCAL, &flags);
390 u32 max_learned = READ_ONCE(br->fdb_max_learned);
391 struct net_bridge_fdb_entry *fdb;
392 int err;
393
394 if (likely(learned)) {
395 int n_learned = atomic_read(&br->fdb_n_learned);
396
397 if (unlikely(max_learned && n_learned >= max_learned))
398 return NULL;
399 __set_bit(BR_FDB_DYNAMIC_LEARNED, &flags);
400 }
401
402 fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC);
403 if (!fdb)
404 return NULL;
405
406 memcpy(fdb->key.addr.addr, addr, ETH_ALEN);
407 WRITE_ONCE(fdb->dst, source);
408 fdb->key.vlan_id = vid;
409 fdb->flags = flags;
410 fdb->updated = fdb->used = jiffies;
411 err = rhashtable_lookup_insert_fast(&br->fdb_hash_tbl, &fdb->rhnode,
412 br_fdb_rht_params);
413 if (err) {
414 kmem_cache_free(br_fdb_cache, fdb);
415 return NULL;
416 }
417
418 if (likely(learned))
419 atomic_inc(&br->fdb_n_learned);
420
421 hlist_add_head_rcu(&fdb->fdb_node, &br->fdb_list);
422
423 return fdb;
424 }
425
426 static int fdb_add_local(struct net_bridge *br, struct net_bridge_port *source,
427 const unsigned char *addr, u16 vid)
428 {
429 struct net_bridge_fdb_entry *fdb;
430
431 if (!is_valid_ether_addr(addr))
432 return -EINVAL;
433
434 fdb = br_fdb_find(br, addr, vid);
435 if (fdb) {
436 /* it is okay to have multiple ports with same
437 * address, just use the first one.
438 */
439 if (test_bit(BR_FDB_LOCAL, &fdb->flags))
440 return 0;
441 br_warn(br, "adding interface %s with same address as a received packet (addr:%pM, vlan:%u)\n",
442 source ? source->dev->name : br->dev->name, addr, vid);
443 fdb_delete(br, fdb, true);
444 }
445
446 fdb = fdb_create(br, source, addr, vid,
447 BIT(BR_FDB_LOCAL) | BIT(BR_FDB_STATIC));
448 if (!fdb)
449 return -ENOMEM;
450
451 fdb_add_hw_addr(br, addr);
452 fdb_notify(br, fdb, RTM_NEWNEIGH, true);
453 return 0;
454 }
455
456 void br_fdb_changeaddr(struct net_bridge_port *p, const unsigned char *newaddr)
457 {
458 struct net_bridge_vlan_group *vg;
459 struct net_bridge_fdb_entry *f;
460 struct net_bridge *br = p->br;
461 struct net_bridge_vlan *v;
462
463 spin_lock_bh(&br->hash_lock);
464 vg = nbp_vlan_group(p);
465 hlist_for_each_entry(f, &br->fdb_list, fdb_node) {
466 if (f->dst == p && test_bit(BR_FDB_LOCAL, &f->flags) &&
467 !test_bit(BR_FDB_ADDED_BY_USER, &f->flags)) {
468 /* delete old one */
469 fdb_delete_local(br, p, f);
470
471 /* if this port has no vlan information
472 * configured, we can safely be done at
473 * this point.
474 */
475 if (!vg || !vg->num_vlans)
476 goto insert;
477 }
478 }
479
480 insert:
481 /* insert new address, may fail if invalid address or dup. */
482 fdb_add_local(br, p, newaddr, 0);
483
484 if (!vg || !vg->num_vlans)
485 goto done;
486
487 /* Now add entries for every VLAN configured on the port.
488 * This function runs under RTNL so the bitmap will not change
489 * from under us.
490 */
491 list_for_each_entry(v, &vg->vlan_list, vlist)
492 fdb_add_local(br, p, newaddr, v->vid);
493
494 done:
495 spin_unlock_bh(&br->hash_lock);
496 }
497
498 void br_fdb_change_mac_address(struct net_bridge *br, const u8 *newaddr)
499 {
500 struct net_bridge_vlan_group *vg;
501 struct net_bridge_fdb_entry *f;
502 struct net_bridge_vlan *v;
503
504 spin_lock_bh(&br->hash_lock);
505
506 /* If old entry was unassociated with any port, then delete it. */
507 f = br_fdb_find(br, br->dev->dev_addr, 0);
508 if (f && test_bit(BR_FDB_LOCAL, &f->flags) &&
509 !f->dst && !test_bit(BR_FDB_ADDED_BY_USER, &f->flags))
510 fdb_delete_local(br, NULL, f);
511
512 fdb_add_local(br, NULL, newaddr, 0);
513 vg = br_vlan_group(br);
514 if (!vg || !vg->num_vlans)
515 goto out;
516 /* Now remove and add entries for every VLAN configured on the
517 * bridge. This function runs under RTNL so the bitmap will not
518 * change from under us.
519 */
520 list_for_each_entry(v, &vg->vlan_list, vlist) {
521 if (!br_vlan_should_use(v))
522 continue;
523 f = br_fdb_find(br, br->dev->dev_addr, v->vid);
524 if (f && test_bit(BR_FDB_LOCAL, &f->flags) &&
525 !f->dst && !test_bit(BR_FDB_ADDED_BY_USER, &f->flags))
526 fdb_delete_local(br, NULL, f);
527 fdb_add_local(br, NULL, newaddr, v->vid);
528 }
529 out:
530 spin_unlock_bh(&br->hash_lock);
531 }
532
533 void br_fdb_cleanup(struct work_struct *work)
534 {
535 struct net_bridge *br = container_of(work, struct net_bridge,
536 gc_work.work);
537 struct net_bridge_fdb_entry *f = NULL;
538 unsigned long delay = hold_time(br);
539 unsigned long work_delay = delay;
540 unsigned long now = jiffies;
541
542 /* this part is tricky, in order to avoid blocking learning and
543 * consequently forwarding, we rely on rcu to delete objects with
544 * delayed freeing allowing us to continue traversing
545 */
546 rcu_read_lock();
547 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
548 unsigned long this_timer = f->updated + delay;
549
550 if (test_bit(BR_FDB_STATIC, &f->flags) ||
551 test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &f->flags)) {
552 if (test_bit(BR_FDB_NOTIFY, &f->flags)) {
553 if (time_after(this_timer, now))
554 work_delay = min(work_delay,
555 this_timer - now);
556 else if (!test_and_set_bit(BR_FDB_NOTIFY_INACTIVE,
557 &f->flags))
558 fdb_notify(br, f, RTM_NEWNEIGH, false);
559 }
560 continue;
561 }
562
563 if (time_after(this_timer, now)) {
564 work_delay = min(work_delay, this_timer - now);
565 } else {
566 spin_lock_bh(&br->hash_lock);
567 if (!hlist_unhashed(&f->fdb_node))
568 fdb_delete(br, f, true);
569 spin_unlock_bh(&br->hash_lock);
570 }
571 }
572 rcu_read_unlock();
573
574 /* Cleanup minimum 10 milliseconds apart */
575 work_delay = max_t(unsigned long, work_delay, msecs_to_jiffies(10));
576 mod_delayed_work(system_long_wq, &br->gc_work, work_delay);
577 }
578
579 static bool __fdb_flush_matches(const struct net_bridge *br,
580 const struct net_bridge_fdb_entry *f,
581 const struct net_bridge_fdb_flush_desc *desc)
582 {
583 const struct net_bridge_port *dst = READ_ONCE(f->dst);
584 int port_ifidx = dst ? dst->dev->ifindex : br->dev->ifindex;
585
586 if (desc->vlan_id && desc->vlan_id != f->key.vlan_id)
587 return false;
588 if (desc->port_ifindex && desc->port_ifindex != port_ifidx)
589 return false;
590 if (desc->flags_mask && (f->flags & desc->flags_mask) != desc->flags)
591 return false;
592
593 return true;
594 }
595
596 /* Flush forwarding database entries matching the description */
597 void br_fdb_flush(struct net_bridge *br,
598 const struct net_bridge_fdb_flush_desc *desc)
599 {
600 struct net_bridge_fdb_entry *f;
601
602 rcu_read_lock();
603 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
604 if (!__fdb_flush_matches(br, f, desc))
605 continue;
606
607 spin_lock_bh(&br->hash_lock);
608 if (!hlist_unhashed(&f->fdb_node))
609 fdb_delete(br, f, true);
610 spin_unlock_bh(&br->hash_lock);
611 }
612 rcu_read_unlock();
613 }
614
615 static unsigned long __ndm_state_to_fdb_flags(u16 ndm_state)
616 {
617 unsigned long flags = 0;
618
619 if (ndm_state & NUD_PERMANENT)
620 __set_bit(BR_FDB_LOCAL, &flags);
621 if (ndm_state & NUD_NOARP)
622 __set_bit(BR_FDB_STATIC, &flags);
623
624 return flags;
625 }
626
627 static unsigned long __ndm_flags_to_fdb_flags(u8 ndm_flags)
628 {
629 unsigned long flags = 0;
630
631 if (ndm_flags & NTF_USE)
632 __set_bit(BR_FDB_ADDED_BY_USER, &flags);
633 if (ndm_flags & NTF_EXT_LEARNED)
634 __set_bit(BR_FDB_ADDED_BY_EXT_LEARN, &flags);
635 if (ndm_flags & NTF_OFFLOADED)
636 __set_bit(BR_FDB_OFFLOADED, &flags);
637 if (ndm_flags & NTF_STICKY)
638 __set_bit(BR_FDB_STICKY, &flags);
639
640 return flags;
641 }
642
643 static int __fdb_flush_validate_ifindex(const struct net_bridge *br,
644 int ifindex,
645 struct netlink_ext_ack *extack)
646 {
647 const struct net_device *dev;
648
649 dev = __dev_get_by_index(dev_net(br->dev), ifindex);
650 if (!dev) {
651 NL_SET_ERR_MSG_MOD(extack, "Unknown flush device ifindex");
652 return -ENODEV;
653 }
654 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) {
655 NL_SET_ERR_MSG_MOD(extack, "Flush device is not a bridge or bridge port");
656 return -EINVAL;
657 }
658 if (netif_is_bridge_master(dev) && dev != br->dev) {
659 NL_SET_ERR_MSG_MOD(extack,
660 "Flush bridge device does not match target bridge device");
661 return -EINVAL;
662 }
663 if (netif_is_bridge_port(dev)) {
664 struct net_bridge_port *p = br_port_get_rtnl(dev);
665
666 if (p->br != br) {
667 NL_SET_ERR_MSG_MOD(extack, "Port belongs to a different bridge device");
668 return -EINVAL;
669 }
670 }
671
672 return 0;
673 }
674
675 static const struct nla_policy br_fdb_del_bulk_policy[NDA_MAX + 1] = {
676 [NDA_VLAN] = NLA_POLICY_RANGE(NLA_U16, 1, VLAN_N_VID - 2),
677 [NDA_IFINDEX] = NLA_POLICY_MIN(NLA_S32, 1),
678 [NDA_NDM_STATE_MASK] = { .type = NLA_U16 },
679 [NDA_NDM_FLAGS_MASK] = { .type = NLA_U8 },
680 };
681
682 int br_fdb_delete_bulk(struct nlmsghdr *nlh, struct net_device *dev,
683 struct netlink_ext_ack *extack)
684 {
685 struct net_bridge_fdb_flush_desc desc = {};
686 struct ndmsg *ndm = nlmsg_data(nlh);
687 struct net_bridge_port *p = NULL;
688 struct nlattr *tb[NDA_MAX + 1];
689 struct net_bridge *br;
690 u8 ndm_flags;
691 int err;
692
693 ndm_flags = ndm->ndm_flags & ~FDB_FLUSH_IGNORED_NDM_FLAGS;
694
695 err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX,
696 br_fdb_del_bulk_policy, extack);
697 if (err)
698 return err;
699
700 if (netif_is_bridge_master(dev)) {
701 br = netdev_priv(dev);
702 } else {
703 p = br_port_get_rtnl(dev);
704 if (!p) {
705 NL_SET_ERR_MSG_MOD(extack, "Device is not a bridge port");
706 return -EINVAL;
707 }
708 br = p->br;
709 }
710
711 if (tb[NDA_VLAN])
712 desc.vlan_id = nla_get_u16(tb[NDA_VLAN]);
713
714 if (ndm_flags & ~FDB_FLUSH_ALLOWED_NDM_FLAGS) {
715 NL_SET_ERR_MSG(extack, "Unsupported fdb flush ndm flag bits set");
716 return -EINVAL;
717 }
718 if (ndm->ndm_state & ~FDB_FLUSH_ALLOWED_NDM_STATES) {
719 NL_SET_ERR_MSG(extack, "Unsupported fdb flush ndm state bits set");
720 return -EINVAL;
721 }
722
723 desc.flags |= __ndm_state_to_fdb_flags(ndm->ndm_state);
724 desc.flags |= __ndm_flags_to_fdb_flags(ndm_flags);
725 if (tb[NDA_NDM_STATE_MASK]) {
726 u16 ndm_state_mask = nla_get_u16(tb[NDA_NDM_STATE_MASK]);
727
728 desc.flags_mask |= __ndm_state_to_fdb_flags(ndm_state_mask);
729 }
730 if (tb[NDA_NDM_FLAGS_MASK]) {
731 u8 ndm_flags_mask = nla_get_u8(tb[NDA_NDM_FLAGS_MASK]);
732
733 desc.flags_mask |= __ndm_flags_to_fdb_flags(ndm_flags_mask);
734 }
735 if (tb[NDA_IFINDEX]) {
736 int ifidx = nla_get_s32(tb[NDA_IFINDEX]);
737
738 err = __fdb_flush_validate_ifindex(br, ifidx, extack);
739 if (err)
740 return err;
741 desc.port_ifindex = ifidx;
742 } else if (p) {
743 /* flush was invoked with port device and NTF_MASTER */
744 desc.port_ifindex = p->dev->ifindex;
745 }
746
747 br_debug(br, "flushing port ifindex: %d vlan id: %u flags: 0x%lx flags mask: 0x%lx\n",
748 desc.port_ifindex, desc.vlan_id, desc.flags, desc.flags_mask);
749
750 br_fdb_flush(br, &desc);
751
752 return 0;
753 }
754
755 /* Flush all entries referring to a specific port.
756 * if do_all is set also flush static entries
757 * if vid is set delete all entries that match the vlan_id
758 */
759 void br_fdb_delete_by_port(struct net_bridge *br,
760 const struct net_bridge_port *p,
761 u16 vid,
762 int do_all)
763 {
764 struct net_bridge_fdb_entry *f;
765 struct hlist_node *tmp;
766
767 spin_lock_bh(&br->hash_lock);
768 hlist_for_each_entry_safe(f, tmp, &br->fdb_list, fdb_node) {
769 if (f->dst != p)
770 continue;
771
772 if (!do_all)
773 if (test_bit(BR_FDB_STATIC, &f->flags) ||
774 (test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &f->flags) &&
775 !test_bit(BR_FDB_OFFLOADED, &f->flags)) ||
776 (vid && f->key.vlan_id != vid))
777 continue;
778
779 if (test_bit(BR_FDB_LOCAL, &f->flags))
780 fdb_delete_local(br, p, f);
781 else
782 fdb_delete(br, f, true);
783 }
784 spin_unlock_bh(&br->hash_lock);
785 }
786
787 #if IS_ENABLED(CONFIG_ATM_LANE)
788 /* Interface used by ATM LANE hook to test
789 * if an addr is on some other bridge port */
790 int br_fdb_test_addr(struct net_device *dev, unsigned char *addr)
791 {
792 struct net_bridge_fdb_entry *fdb;
793 struct net_bridge_port *port;
794 int ret;
795
796 rcu_read_lock();
797 port = br_port_get_rcu(dev);
798 if (!port)
799 ret = 0;
800 else {
801 const struct net_bridge_port *dst = NULL;
802
803 fdb = br_fdb_find_rcu(port->br, addr, 0);
804 if (fdb)
805 dst = READ_ONCE(fdb->dst);
806
807 ret = dst && dst->dev != dev &&
808 dst->state == BR_STATE_FORWARDING;
809 }
810 rcu_read_unlock();
811
812 return ret;
813 }
814 #endif /* CONFIG_ATM_LANE */
815
816 /*
817 * Fill buffer with forwarding table records in
818 * the API format.
819 */
820 int br_fdb_fillbuf(struct net_bridge *br, void *buf,
821 unsigned long maxnum, unsigned long skip)
822 {
823 struct net_bridge_fdb_entry *f;
824 struct __fdb_entry *fe = buf;
825 int num = 0;
826
827 memset(buf, 0, maxnum*sizeof(struct __fdb_entry));
828
829 rcu_read_lock();
830 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
831 if (num >= maxnum)
832 break;
833
834 if (has_expired(br, f))
835 continue;
836
837 /* ignore pseudo entry for local MAC address */
838 if (!f->dst)
839 continue;
840
841 if (skip) {
842 --skip;
843 continue;
844 }
845
846 /* convert from internal format to API */
847 memcpy(fe->mac_addr, f->key.addr.addr, ETH_ALEN);
848
849 /* due to ABI compat need to split into hi/lo */
850 fe->port_no = f->dst->port_no;
851 fe->port_hi = f->dst->port_no >> 8;
852
853 fe->is_local = test_bit(BR_FDB_LOCAL, &f->flags);
854 if (!test_bit(BR_FDB_STATIC, &f->flags))
855 fe->ageing_timer_value = jiffies_delta_to_clock_t(jiffies - f->updated);
856 ++fe;
857 ++num;
858 }
859 rcu_read_unlock();
860
861 return num;
862 }
863
864 /* Add entry for local address of interface */
865 int br_fdb_add_local(struct net_bridge *br, struct net_bridge_port *source,
866 const unsigned char *addr, u16 vid)
867 {
868 int ret;
869
870 spin_lock_bh(&br->hash_lock);
871 ret = fdb_add_local(br, source, addr, vid);
872 spin_unlock_bh(&br->hash_lock);
873 return ret;
874 }
875
876 /* returns true if the fdb was modified */
877 static bool __fdb_mark_active(struct net_bridge_fdb_entry *fdb)
878 {
879 return !!(test_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags) &&
880 test_and_clear_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags));
881 }
882
883 void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source,
884 const unsigned char *addr, u16 vid, unsigned long flags)
885 {
886 struct net_bridge_fdb_entry *fdb;
887
888 /* some users want to always flood. */
889 if (hold_time(br) == 0)
890 return;
891
892 fdb = fdb_find_rcu(&br->fdb_hash_tbl, addr, vid);
893 if (likely(fdb)) {
894 /* attempt to update an entry for a local interface */
895 if (unlikely(test_bit(BR_FDB_LOCAL, &fdb->flags))) {
896 if (net_ratelimit())
897 br_warn(br, "received packet on %s with own address as source address (addr:%pM, vlan:%u)\n",
898 source->dev->name, addr, vid);
899 } else {
900 unsigned long now = jiffies;
901 bool fdb_modified = false;
902
903 if (now != fdb->updated) {
904 fdb->updated = now;
905 fdb_modified = __fdb_mark_active(fdb);
906 }
907
908 /* fastpath: update of existing entry */
909 if (unlikely(source != READ_ONCE(fdb->dst) &&
910 !test_bit(BR_FDB_STICKY, &fdb->flags))) {
911 br_switchdev_fdb_notify(br, fdb, RTM_DELNEIGH);
912 WRITE_ONCE(fdb->dst, source);
913 fdb_modified = true;
914 /* Take over HW learned entry */
915 if (unlikely(test_bit(BR_FDB_ADDED_BY_EXT_LEARN,
916 &fdb->flags)))
917 clear_bit(BR_FDB_ADDED_BY_EXT_LEARN,
918 &fdb->flags);
919 /* Clear locked flag when roaming to an
920 * unlocked port.
921 */
922 if (unlikely(test_bit(BR_FDB_LOCKED, &fdb->flags)))
923 clear_bit(BR_FDB_LOCKED, &fdb->flags);
924 }
925
926 if (unlikely(test_bit(BR_FDB_ADDED_BY_USER, &flags))) {
927 set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags);
928 if (test_and_clear_bit(BR_FDB_DYNAMIC_LEARNED,
929 &fdb->flags))
930 atomic_dec(&br->fdb_n_learned);
931 }
932 if (unlikely(fdb_modified)) {
933 trace_br_fdb_update(br, source, addr, vid, flags);
934 fdb_notify(br, fdb, RTM_NEWNEIGH, true);
935 }
936 }
937 } else {
938 spin_lock(&br->hash_lock);
939 fdb = fdb_create(br, source, addr, vid, flags);
940 if (fdb) {
941 trace_br_fdb_update(br, source, addr, vid, flags);
942 fdb_notify(br, fdb, RTM_NEWNEIGH, true);
943 }
944 /* else we lose race and someone else inserts
945 * it first, don't bother updating
946 */
947 spin_unlock(&br->hash_lock);
948 }
949 }
950
951 /* Dump information about entries, in response to GETNEIGH */
952 int br_fdb_dump(struct sk_buff *skb,
953 struct netlink_callback *cb,
954 struct net_device *dev,
955 struct net_device *filter_dev,
956 int *idx)
957 {
958 struct net_bridge *br = netdev_priv(dev);
959 struct net_bridge_fdb_entry *f;
960 int err = 0;
961
962 if (!netif_is_bridge_master(dev))
963 return err;
964
965 if (!filter_dev) {
966 err = ndo_dflt_fdb_dump(skb, cb, dev, NULL, idx);
967 if (err < 0)
968 return err;
969 }
970
971 rcu_read_lock();
972 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
973 if (*idx < cb->args[2])
974 goto skip;
975 if (filter_dev && (!f->dst || f->dst->dev != filter_dev)) {
976 if (filter_dev != dev)
977 goto skip;
978 /* !f->dst is a special case for bridge
979 * It means the MAC belongs to the bridge
980 * Therefore need a little more filtering
981 * we only want to dump the !f->dst case
982 */
983 if (f->dst)
984 goto skip;
985 }
986 if (!filter_dev && f->dst)
987 goto skip;
988
989 err = fdb_fill_info(skb, br, f,
990 NETLINK_CB(cb->skb).portid,
991 cb->nlh->nlmsg_seq,
992 RTM_NEWNEIGH,
993 NLM_F_MULTI);
994 if (err < 0)
995 break;
996 skip:
997 *idx += 1;
998 }
999 rcu_read_unlock();
1000
1001 return err;
1002 }
1003
1004 int br_fdb_get(struct sk_buff *skb,
1005 struct nlattr *tb[],
1006 struct net_device *dev,
1007 const unsigned char *addr,
1008 u16 vid, u32 portid, u32 seq,
1009 struct netlink_ext_ack *extack)
1010 {
1011 struct net_bridge *br = netdev_priv(dev);
1012 struct net_bridge_fdb_entry *f;
1013 int err = 0;
1014
1015 rcu_read_lock();
1016 f = br_fdb_find_rcu(br, addr, vid);
1017 if (!f) {
1018 NL_SET_ERR_MSG(extack, "Fdb entry not found");
1019 err = -ENOENT;
1020 goto errout;
1021 }
1022
1023 err = fdb_fill_info(skb, br, f, portid, seq,
1024 RTM_NEWNEIGH, 0);
1025 errout:
1026 rcu_read_unlock();
1027 return err;
1028 }
1029
1030 /* returns true if the fdb is modified */
1031 static bool fdb_handle_notify(struct net_bridge_fdb_entry *fdb, u8 notify)
1032 {
1033 bool modified = false;
1034
1035 /* allow to mark an entry as inactive, usually done on creation */
1036 if ((notify & FDB_NOTIFY_INACTIVE_BIT) &&
1037 !test_and_set_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags))
1038 modified = true;
1039
1040 if ((notify & FDB_NOTIFY_BIT) &&
1041 !test_and_set_bit(BR_FDB_NOTIFY, &fdb->flags)) {
1042 /* enabled activity tracking */
1043 modified = true;
1044 } else if (!(notify & FDB_NOTIFY_BIT) &&
1045 test_and_clear_bit(BR_FDB_NOTIFY, &fdb->flags)) {
1046 /* disabled activity tracking, clear notify state */
1047 clear_bit(BR_FDB_NOTIFY_INACTIVE, &fdb->flags);
1048 modified = true;
1049 }
1050
1051 return modified;
1052 }
1053
1054 /* Update (create or replace) forwarding database entry */
1055 static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source,
1056 const u8 *addr, struct ndmsg *ndm, u16 flags, u16 vid,
1057 struct nlattr *nfea_tb[])
1058 {
1059 bool is_sticky = !!(ndm->ndm_flags & NTF_STICKY);
1060 bool refresh = !nfea_tb[NFEA_DONT_REFRESH];
1061 struct net_bridge_fdb_entry *fdb;
1062 u16 state = ndm->ndm_state;
1063 bool modified = false;
1064 u8 notify = 0;
1065
1066 /* If the port cannot learn allow only local and static entries */
1067 if (source && !(state & NUD_PERMANENT) && !(state & NUD_NOARP) &&
1068 !(source->state == BR_STATE_LEARNING ||
1069 source->state == BR_STATE_FORWARDING))
1070 return -EPERM;
1071
1072 if (!source && !(state & NUD_PERMANENT)) {
1073 pr_info("bridge: RTM_NEWNEIGH %s without NUD_PERMANENT\n",
1074 br->dev->name);
1075 return -EINVAL;
1076 }
1077
1078 if (is_sticky && (state & NUD_PERMANENT))
1079 return -EINVAL;
1080
1081 if (nfea_tb[NFEA_ACTIVITY_NOTIFY]) {
1082 notify = nla_get_u8(nfea_tb[NFEA_ACTIVITY_NOTIFY]);
1083 if ((notify & ~BR_FDB_NOTIFY_SETTABLE_BITS) ||
1084 (notify & BR_FDB_NOTIFY_SETTABLE_BITS) == FDB_NOTIFY_INACTIVE_BIT)
1085 return -EINVAL;
1086 }
1087
1088 fdb = br_fdb_find(br, addr, vid);
1089 if (fdb == NULL) {
1090 if (!(flags & NLM_F_CREATE))
1091 return -ENOENT;
1092
1093 fdb = fdb_create(br, source, addr, vid,
1094 BIT(BR_FDB_ADDED_BY_USER));
1095 if (!fdb)
1096 return -ENOMEM;
1097
1098 modified = true;
1099 } else {
1100 if (flags & NLM_F_EXCL)
1101 return -EEXIST;
1102
1103 if (READ_ONCE(fdb->dst) != source) {
1104 WRITE_ONCE(fdb->dst, source);
1105 modified = true;
1106 }
1107
1108 set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags);
1109 if (test_and_clear_bit(BR_FDB_DYNAMIC_LEARNED, &fdb->flags))
1110 atomic_dec(&br->fdb_n_learned);
1111 }
1112
1113 if (fdb_to_nud(br, fdb) != state) {
1114 if (state & NUD_PERMANENT) {
1115 set_bit(BR_FDB_LOCAL, &fdb->flags);
1116 if (!test_and_set_bit(BR_FDB_STATIC, &fdb->flags))
1117 fdb_add_hw_addr(br, addr);
1118 } else if (state & NUD_NOARP) {
1119 clear_bit(BR_FDB_LOCAL, &fdb->flags);
1120 if (!test_and_set_bit(BR_FDB_STATIC, &fdb->flags))
1121 fdb_add_hw_addr(br, addr);
1122 } else {
1123 clear_bit(BR_FDB_LOCAL, &fdb->flags);
1124 if (test_and_clear_bit(BR_FDB_STATIC, &fdb->flags))
1125 fdb_del_hw_addr(br, addr);
1126 }
1127
1128 modified = true;
1129 }
1130
1131 if (is_sticky != test_bit(BR_FDB_STICKY, &fdb->flags)) {
1132 change_bit(BR_FDB_STICKY, &fdb->flags);
1133 modified = true;
1134 }
1135
1136 if (test_and_clear_bit(BR_FDB_LOCKED, &fdb->flags))
1137 modified = true;
1138
1139 if (fdb_handle_notify(fdb, notify))
1140 modified = true;
1141
1142 fdb->used = jiffies;
1143 if (modified) {
1144 if (refresh)
1145 fdb->updated = jiffies;
1146 fdb_notify(br, fdb, RTM_NEWNEIGH, true);
1147 }
1148
1149 return 0;
1150 }
1151
1152 static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br,
1153 struct net_bridge_port *p, const unsigned char *addr,
1154 u16 nlh_flags, u16 vid, struct nlattr *nfea_tb[],
1155 bool *notified, struct netlink_ext_ack *extack)
1156 {
1157 int err = 0;
1158
1159 if (ndm->ndm_flags & NTF_USE) {
1160 if (!p) {
1161 pr_info("bridge: RTM_NEWNEIGH %s with NTF_USE is not supported\n",
1162 br->dev->name);
1163 return -EINVAL;
1164 }
1165 if (!nbp_state_should_learn(p))
1166 return 0;
1167
1168 local_bh_disable();
1169 rcu_read_lock();
1170 br_fdb_update(br, p, addr, vid, BIT(BR_FDB_ADDED_BY_USER));
1171 rcu_read_unlock();
1172 local_bh_enable();
1173 } else if (ndm->ndm_flags & NTF_EXT_LEARNED) {
1174 if (!p && !(ndm->ndm_state & NUD_PERMANENT)) {
1175 NL_SET_ERR_MSG_MOD(extack,
1176 "FDB entry towards bridge must be permanent");
1177 return -EINVAL;
1178 }
1179 err = br_fdb_external_learn_add(br, p, addr, vid, false, true);
1180 } else {
1181 spin_lock_bh(&br->hash_lock);
1182 err = fdb_add_entry(br, p, addr, ndm, nlh_flags, vid, nfea_tb);
1183 spin_unlock_bh(&br->hash_lock);
1184 }
1185
1186 if (!err)
1187 *notified = true;
1188 return err;
1189 }
1190
1191 static const struct nla_policy br_nda_fdb_pol[NFEA_MAX + 1] = {
1192 [NFEA_ACTIVITY_NOTIFY] = { .type = NLA_U8 },
1193 [NFEA_DONT_REFRESH] = { .type = NLA_FLAG },
1194 };
1195
1196 /* Add new permanent fdb entry with RTM_NEWNEIGH */
1197 int br_fdb_add(struct ndmsg *ndm, struct nlattr *tb[],
1198 struct net_device *dev,
1199 const unsigned char *addr, u16 vid, u16 nlh_flags,
1200 bool *notified, struct netlink_ext_ack *extack)
1201 {
1202 struct nlattr *nfea_tb[NFEA_MAX + 1], *attr;
1203 struct net_bridge_vlan_group *vg;
1204 struct net_bridge_port *p = NULL;
1205 struct net_bridge_vlan *v;
1206 struct net_bridge *br = NULL;
1207 u32 ext_flags = 0;
1208 int err = 0;
1209
1210 trace_br_fdb_add(ndm, dev, addr, vid, nlh_flags);
1211
1212 if (!(ndm->ndm_state & (NUD_PERMANENT|NUD_NOARP|NUD_REACHABLE))) {
1213 pr_info("bridge: RTM_NEWNEIGH with invalid state %#x\n", ndm->ndm_state);
1214 return -EINVAL;
1215 }
1216
1217 if (is_zero_ether_addr(addr)) {
1218 pr_info("bridge: RTM_NEWNEIGH with invalid ether address\n");
1219 return -EINVAL;
1220 }
1221
1222 if (netif_is_bridge_master(dev)) {
1223 br = netdev_priv(dev);
1224 vg = br_vlan_group(br);
1225 } else {
1226 p = br_port_get_rtnl(dev);
1227 if (!p) {
1228 pr_info("bridge: RTM_NEWNEIGH %s not a bridge port\n",
1229 dev->name);
1230 return -EINVAL;
1231 }
1232 br = p->br;
1233 vg = nbp_vlan_group(p);
1234 }
1235
1236 if (tb[NDA_FLAGS_EXT])
1237 ext_flags = nla_get_u32(tb[NDA_FLAGS_EXT]);
1238
1239 if (ext_flags & NTF_EXT_LOCKED) {
1240 NL_SET_ERR_MSG_MOD(extack, "Cannot add FDB entry with \"locked\" flag set");
1241 return -EINVAL;
1242 }
1243
1244 if (tb[NDA_FDB_EXT_ATTRS]) {
1245 attr = tb[NDA_FDB_EXT_ATTRS];
1246 err = nla_parse_nested(nfea_tb, NFEA_MAX, attr,
1247 br_nda_fdb_pol, extack);
1248 if (err)
1249 return err;
1250 } else {
1251 memset(nfea_tb, 0, sizeof(struct nlattr *) * (NFEA_MAX + 1));
1252 }
1253
1254 if (vid) {
1255 v = br_vlan_find(vg, vid);
1256 if (!v || !br_vlan_should_use(v)) {
1257 pr_info("bridge: RTM_NEWNEIGH with unconfigured vlan %d on %s\n", vid, dev->name);
1258 return -EINVAL;
1259 }
1260
1261 /* VID was specified, so use it. */
1262 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, vid, nfea_tb,
1263 notified, extack);
1264 } else {
1265 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, 0, nfea_tb,
1266 notified, extack);
1267 if (err || !vg || !vg->num_vlans)
1268 goto out;
1269
1270 /* We have vlans configured on this port and user didn't
1271 * specify a VLAN. To be nice, add/update entry for every
1272 * vlan on this port.
1273 */
1274 list_for_each_entry(v, &vg->vlan_list, vlist) {
1275 if (!br_vlan_should_use(v))
1276 continue;
1277 err = __br_fdb_add(ndm, br, p, addr, nlh_flags, v->vid,
1278 nfea_tb, notified, extack);
1279 if (err)
1280 goto out;
1281 }
1282 }
1283
1284 out:
1285 return err;
1286 }
1287
1288 static int fdb_delete_by_addr_and_port(struct net_bridge *br,
1289 const struct net_bridge_port *p,
1290 const u8 *addr, u16 vlan, bool *notified)
1291 {
1292 struct net_bridge_fdb_entry *fdb;
1293
1294 fdb = br_fdb_find(br, addr, vlan);
1295 if (!fdb || READ_ONCE(fdb->dst) != p)
1296 return -ENOENT;
1297
1298 fdb_delete(br, fdb, true);
1299 *notified = true;
1300
1301 return 0;
1302 }
1303
1304 static int __br_fdb_delete(struct net_bridge *br,
1305 const struct net_bridge_port *p,
1306 const unsigned char *addr, u16 vid, bool *notified)
1307 {
1308 int err;
1309
1310 spin_lock_bh(&br->hash_lock);
1311 err = fdb_delete_by_addr_and_port(br, p, addr, vid, notified);
1312 spin_unlock_bh(&br->hash_lock);
1313
1314 return err;
1315 }
1316
1317 /* Remove neighbor entry with RTM_DELNEIGH */
1318 int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[],
1319 struct net_device *dev,
1320 const unsigned char *addr, u16 vid, bool *notified,
1321 struct netlink_ext_ack *extack)
1322 {
1323 struct net_bridge_vlan_group *vg;
1324 struct net_bridge_port *p = NULL;
1325 struct net_bridge *br;
1326 int err;
1327
1328 if (netif_is_bridge_master(dev)) {
1329 br = netdev_priv(dev);
1330 vg = br_vlan_group(br);
1331 } else {
1332 p = br_port_get_rtnl(dev);
1333 if (!p) {
1334 pr_info("bridge: RTM_DELNEIGH %s not a bridge port\n",
1335 dev->name);
1336 return -EINVAL;
1337 }
1338 vg = nbp_vlan_group(p);
1339 br = p->br;
1340 }
1341
1342 if (vid) {
1343 err = __br_fdb_delete(br, p, addr, vid, notified);
1344 } else {
1345 struct net_bridge_vlan *v;
1346
1347 err = -ENOENT;
1348 err &= __br_fdb_delete(br, p, addr, 0, notified);
1349 if (!vg || !vg->num_vlans)
1350 return err;
1351
1352 list_for_each_entry(v, &vg->vlan_list, vlist) {
1353 if (!br_vlan_should_use(v))
1354 continue;
1355 err &= __br_fdb_delete(br, p, addr, v->vid, notified);
1356 }
1357 }
1358
1359 return err;
1360 }
1361
1362 int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p)
1363 {
1364 struct net_bridge_fdb_entry *f, *tmp;
1365 int err = 0;
1366
1367 ASSERT_RTNL();
1368
1369 /* the key here is that static entries change only under rtnl */
1370 rcu_read_lock();
1371 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
1372 /* We only care for static entries */
1373 if (!test_bit(BR_FDB_STATIC, &f->flags))
1374 continue;
1375 err = dev_uc_add(p->dev, f->key.addr.addr);
1376 if (err)
1377 goto rollback;
1378 }
1379 done:
1380 rcu_read_unlock();
1381
1382 return err;
1383
1384 rollback:
1385 hlist_for_each_entry_rcu(tmp, &br->fdb_list, fdb_node) {
1386 /* We only care for static entries */
1387 if (!test_bit(BR_FDB_STATIC, &tmp->flags))
1388 continue;
1389 if (tmp == f)
1390 break;
1391 dev_uc_del(p->dev, tmp->key.addr.addr);
1392 }
1393
1394 goto done;
1395 }
1396
1397 void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p)
1398 {
1399 struct net_bridge_fdb_entry *f;
1400
1401 ASSERT_RTNL();
1402
1403 rcu_read_lock();
1404 hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) {
1405 /* We only care for static entries */
1406 if (!test_bit(BR_FDB_STATIC, &f->flags))
1407 continue;
1408
1409 dev_uc_del(p->dev, f->key.addr.addr);
1410 }
1411 rcu_read_unlock();
1412 }
1413
1414 int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p,
1415 const unsigned char *addr, u16 vid, bool locked,
1416 bool swdev_notify)
1417 {
1418 struct net_bridge_fdb_entry *fdb;
1419 bool modified = false;
1420 int err = 0;
1421
1422 trace_br_fdb_external_learn_add(br, p, addr, vid);
1423
1424 if (locked && (!p || !(p->flags & BR_PORT_MAB)))
1425 return -EINVAL;
1426
1427 spin_lock_bh(&br->hash_lock);
1428
1429 fdb = br_fdb_find(br, addr, vid);
1430 if (!fdb) {
1431 unsigned long flags = BIT(BR_FDB_ADDED_BY_EXT_LEARN);
1432
1433 if (swdev_notify)
1434 flags |= BIT(BR_FDB_ADDED_BY_USER);
1435
1436 if (!p)
1437 flags |= BIT(BR_FDB_LOCAL);
1438
1439 if (locked)
1440 flags |= BIT(BR_FDB_LOCKED);
1441
1442 fdb = fdb_create(br, p, addr, vid, flags);
1443 if (!fdb) {
1444 err = -ENOMEM;
1445 goto err_unlock;
1446 }
1447 fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify);
1448 } else {
1449 if (locked &&
1450 (!test_bit(BR_FDB_LOCKED, &fdb->flags) ||
1451 READ_ONCE(fdb->dst) != p)) {
1452 err = -EINVAL;
1453 goto err_unlock;
1454 }
1455
1456 fdb->updated = jiffies;
1457
1458 if (READ_ONCE(fdb->dst) != p) {
1459 WRITE_ONCE(fdb->dst, p);
1460 modified = true;
1461 }
1462
1463 if (test_and_set_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags)) {
1464 /* Refresh entry */
1465 fdb->used = jiffies;
1466 } else {
1467 modified = true;
1468 }
1469
1470 if (locked != test_bit(BR_FDB_LOCKED, &fdb->flags)) {
1471 change_bit(BR_FDB_LOCKED, &fdb->flags);
1472 modified = true;
1473 }
1474
1475 if (swdev_notify)
1476 set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags);
1477
1478 if (!p)
1479 set_bit(BR_FDB_LOCAL, &fdb->flags);
1480
1481 if ((swdev_notify || !p) &&
1482 test_and_clear_bit(BR_FDB_DYNAMIC_LEARNED, &fdb->flags))
1483 atomic_dec(&br->fdb_n_learned);
1484
1485 if (modified)
1486 fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify);
1487 }
1488
1489 err_unlock:
1490 spin_unlock_bh(&br->hash_lock);
1491
1492 return err;
1493 }
1494
1495 int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p,
1496 const unsigned char *addr, u16 vid,
1497 bool swdev_notify)
1498 {
1499 struct net_bridge_fdb_entry *fdb;
1500 int err = 0;
1501
1502 spin_lock_bh(&br->hash_lock);
1503
1504 fdb = br_fdb_find(br, addr, vid);
1505 if (fdb && test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags))
1506 fdb_delete(br, fdb, swdev_notify);
1507 else
1508 err = -ENOENT;
1509
1510 spin_unlock_bh(&br->hash_lock);
1511
1512 return err;
1513 }
1514
1515 void br_fdb_offloaded_set(struct net_bridge *br, struct net_bridge_port *p,
1516 const unsigned char *addr, u16 vid, bool offloaded)
1517 {
1518 struct net_bridge_fdb_entry *fdb;
1519
1520 spin_lock_bh(&br->hash_lock);
1521
1522 fdb = br_fdb_find(br, addr, vid);
1523 if (fdb && offloaded != test_bit(BR_FDB_OFFLOADED, &fdb->flags))
1524 change_bit(BR_FDB_OFFLOADED, &fdb->flags);
1525
1526 spin_unlock_bh(&br->hash_lock);
1527 }
1528
1529 void br_fdb_clear_offload(const struct net_device *dev, u16 vid)
1530 {
1531 struct net_bridge_fdb_entry *f;
1532 struct net_bridge_port *p;
1533
1534 ASSERT_RTNL();
1535
1536 p = br_port_get_rtnl(dev);
1537 if (!p)
1538 return;
1539
1540 spin_lock_bh(&p->br->hash_lock);
1541 hlist_for_each_entry(f, &p->br->fdb_list, fdb_node) {
1542 if (f->dst == p && f->key.vlan_id == vid)
1543 clear_bit(BR_FDB_OFFLOADED, &f->flags);
1544 }
1545 spin_unlock_bh(&p->br->hash_lock);
1546 }
1547 EXPORT_SYMBOL_GPL(br_fdb_clear_offload);
Linux Kernel