br_mdb.c 42 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722
  1. // SPDX-License-Identifier: GPL-2.0
  2. #include <linux/err.h>
  3. #include <linux/igmp.h>
  4. #include <linux/kernel.h>
  5. #include <linux/netdevice.h>
  6. #include <linux/rculist.h>
  7. #include <linux/skbuff.h>
  8. #include <linux/if_ether.h>
  9. #include <net/ip.h>
  10. #include <net/netlink.h>
  11. #include <net/switchdev.h>
  12. #if IS_ENABLED(CONFIG_IPV6)
  13. #include <net/ipv6.h>
  14. #include <net/addrconf.h>
  15. #endif
  16. #include "br_private.h"
  17. static bool
  18. br_ip4_rports_get_timer(struct net_bridge_mcast_port *pmctx,
  19. unsigned long *timer)
  20. {
  21. *timer = br_timer_value(&pmctx->ip4_mc_router_timer);
  22. return !hlist_unhashed(&pmctx->ip4_rlist);
  23. }
  24. static bool
  25. br_ip6_rports_get_timer(struct net_bridge_mcast_port *pmctx,
  26. unsigned long *timer)
  27. {
  28. #if IS_ENABLED(CONFIG_IPV6)
  29. *timer = br_timer_value(&pmctx->ip6_mc_router_timer);
  30. return !hlist_unhashed(&pmctx->ip6_rlist);
  31. #else
  32. *timer = 0;
  33. return false;
  34. #endif
  35. }
  36. static size_t __br_rports_one_size(void)
  37. {
  38. return nla_total_size(sizeof(u32)) + /* MDBA_ROUTER_PORT */
  39. nla_total_size(sizeof(u32)) + /* MDBA_ROUTER_PATTR_TIMER */
  40. nla_total_size(sizeof(u8)) + /* MDBA_ROUTER_PATTR_TYPE */
  41. nla_total_size(sizeof(u32)) + /* MDBA_ROUTER_PATTR_INET_TIMER */
  42. nla_total_size(sizeof(u32)) + /* MDBA_ROUTER_PATTR_INET6_TIMER */
  43. nla_total_size(sizeof(u32)); /* MDBA_ROUTER_PATTR_VID */
  44. }
  45. size_t br_rports_size(const struct net_bridge_mcast *brmctx)
  46. {
  47. struct net_bridge_mcast_port *pmctx;
  48. size_t size = nla_total_size(0); /* MDBA_ROUTER */
  49. rcu_read_lock();
  50. hlist_for_each_entry_rcu(pmctx, &brmctx->ip4_mc_router_list,
  51. ip4_rlist)
  52. size += __br_rports_one_size();
  53. #if IS_ENABLED(CONFIG_IPV6)
  54. hlist_for_each_entry_rcu(pmctx, &brmctx->ip6_mc_router_list,
  55. ip6_rlist)
  56. size += __br_rports_one_size();
  57. #endif
  58. rcu_read_unlock();
  59. return size;
  60. }
  61. int br_rports_fill_info(struct sk_buff *skb,
  62. const struct net_bridge_mcast *brmctx)
  63. {
  64. u16 vid = brmctx->vlan ? brmctx->vlan->vid : 0;
  65. bool have_ip4_mc_rtr, have_ip6_mc_rtr;
  66. unsigned long ip4_timer, ip6_timer;
  67. struct nlattr *nest, *port_nest;
  68. struct net_bridge_port *p;
  69. if (!brmctx->multicast_router || !br_rports_have_mc_router(brmctx))
  70. return 0;
  71. nest = nla_nest_start_noflag(skb, MDBA_ROUTER);
  72. if (nest == NULL)
  73. return -EMSGSIZE;
  74. list_for_each_entry_rcu(p, &brmctx->br->port_list, list) {
  75. struct net_bridge_mcast_port *pmctx;
  76. if (vid) {
  77. struct net_bridge_vlan *v;
  78. v = br_vlan_find(nbp_vlan_group(p), vid);
  79. if (!v)
  80. continue;
  81. pmctx = &v->port_mcast_ctx;
  82. } else {
  83. pmctx = &p->multicast_ctx;
  84. }
  85. have_ip4_mc_rtr = br_ip4_rports_get_timer(pmctx, &ip4_timer);
  86. have_ip6_mc_rtr = br_ip6_rports_get_timer(pmctx, &ip6_timer);
  87. if (!have_ip4_mc_rtr && !have_ip6_mc_rtr)
  88. continue;
  89. port_nest = nla_nest_start_noflag(skb, MDBA_ROUTER_PORT);
  90. if (!port_nest)
  91. goto fail;
  92. if (nla_put_nohdr(skb, sizeof(u32), &p->dev->ifindex) ||
  93. nla_put_u32(skb, MDBA_ROUTER_PATTR_TIMER,
  94. max(ip4_timer, ip6_timer)) ||
  95. nla_put_u8(skb, MDBA_ROUTER_PATTR_TYPE,
  96. p->multicast_ctx.multicast_router) ||
  97. (have_ip4_mc_rtr &&
  98. nla_put_u32(skb, MDBA_ROUTER_PATTR_INET_TIMER,
  99. ip4_timer)) ||
  100. (have_ip6_mc_rtr &&
  101. nla_put_u32(skb, MDBA_ROUTER_PATTR_INET6_TIMER,
  102. ip6_timer)) ||
  103. (vid && nla_put_u16(skb, MDBA_ROUTER_PATTR_VID, vid))) {
  104. nla_nest_cancel(skb, port_nest);
  105. goto fail;
  106. }
  107. nla_nest_end(skb, port_nest);
  108. }
  109. nla_nest_end(skb, nest);
  110. return 0;
  111. fail:
  112. nla_nest_cancel(skb, nest);
  113. return -EMSGSIZE;
  114. }
  115. static void __mdb_entry_fill_flags(struct br_mdb_entry *e, unsigned char flags)
  116. {
  117. e->state = flags & MDB_PG_FLAGS_PERMANENT;
  118. e->flags = 0;
  119. if (flags & MDB_PG_FLAGS_OFFLOAD)
  120. e->flags |= MDB_FLAGS_OFFLOAD;
  121. if (flags & MDB_PG_FLAGS_FAST_LEAVE)
  122. e->flags |= MDB_FLAGS_FAST_LEAVE;
  123. if (flags & MDB_PG_FLAGS_STAR_EXCL)
  124. e->flags |= MDB_FLAGS_STAR_EXCL;
  125. if (flags & MDB_PG_FLAGS_BLOCKED)
  126. e->flags |= MDB_FLAGS_BLOCKED;
  127. if (flags & MDB_PG_FLAGS_OFFLOAD_FAILED)
  128. e->flags |= MDB_FLAGS_OFFLOAD_FAILED;
  129. }
  130. static void __mdb_entry_to_br_ip(struct br_mdb_entry *entry, struct br_ip *ip,
  131. struct nlattr **mdb_attrs)
  132. {
  133. memset(ip, 0, sizeof(struct br_ip));
  134. ip->vid = entry->vid;
  135. ip->proto = entry->addr.proto;
  136. switch (ip->proto) {
  137. case htons(ETH_P_IP):
  138. ip->dst.ip4 = entry->addr.u.ip4;
  139. if (mdb_attrs && mdb_attrs[MDBE_ATTR_SOURCE])
  140. ip->src.ip4 = nla_get_in_addr(mdb_attrs[MDBE_ATTR_SOURCE]);
  141. break;
  142. #if IS_ENABLED(CONFIG_IPV6)
  143. case htons(ETH_P_IPV6):
  144. ip->dst.ip6 = entry->addr.u.ip6;
  145. if (mdb_attrs && mdb_attrs[MDBE_ATTR_SOURCE])
  146. ip->src.ip6 = nla_get_in6_addr(mdb_attrs[MDBE_ATTR_SOURCE]);
  147. break;
  148. #endif
  149. default:
  150. ether_addr_copy(ip->dst.mac_addr, entry->addr.u.mac_addr);
  151. }
  152. }
  153. static int __mdb_fill_srcs(struct sk_buff *skb,
  154. struct net_bridge_port_group *p)
  155. {
  156. struct net_bridge_group_src *ent;
  157. struct nlattr *nest, *nest_ent;
  158. if (hlist_empty(&p->src_list))
  159. return 0;
  160. nest = nla_nest_start(skb, MDBA_MDB_EATTR_SRC_LIST);
  161. if (!nest)
  162. return -EMSGSIZE;
  163. hlist_for_each_entry_rcu(ent, &p->src_list, node,
  164. lockdep_is_held(&p->key.port->br->multicast_lock)) {
  165. nest_ent = nla_nest_start(skb, MDBA_MDB_SRCLIST_ENTRY);
  166. if (!nest_ent)
  167. goto out_cancel_err;
  168. switch (ent->addr.proto) {
  169. case htons(ETH_P_IP):
  170. if (nla_put_in_addr(skb, MDBA_MDB_SRCATTR_ADDRESS,
  171. ent->addr.src.ip4)) {
  172. nla_nest_cancel(skb, nest_ent);
  173. goto out_cancel_err;
  174. }
  175. break;
  176. #if IS_ENABLED(CONFIG_IPV6)
  177. case htons(ETH_P_IPV6):
  178. if (nla_put_in6_addr(skb, MDBA_MDB_SRCATTR_ADDRESS,
  179. &ent->addr.src.ip6)) {
  180. nla_nest_cancel(skb, nest_ent);
  181. goto out_cancel_err;
  182. }
  183. break;
  184. #endif
  185. default:
  186. nla_nest_cancel(skb, nest_ent);
  187. continue;
  188. }
  189. if (nla_put_u32(skb, MDBA_MDB_SRCATTR_TIMER,
  190. br_timer_value(&ent->timer))) {
  191. nla_nest_cancel(skb, nest_ent);
  192. goto out_cancel_err;
  193. }
  194. nla_nest_end(skb, nest_ent);
  195. }
  196. nla_nest_end(skb, nest);
  197. return 0;
  198. out_cancel_err:
  199. nla_nest_cancel(skb, nest);
  200. return -EMSGSIZE;
  201. }
  202. static int __mdb_fill_info(struct sk_buff *skb,
  203. struct net_bridge_mdb_entry *mp,
  204. struct net_bridge_port_group *p)
  205. {
  206. bool dump_srcs_mode = false;
  207. struct timer_list *mtimer;
  208. struct nlattr *nest_ent;
  209. struct br_mdb_entry e;
  210. u8 flags = 0;
  211. int ifindex;
  212. memset(&e, 0, sizeof(e));
  213. if (p) {
  214. ifindex = p->key.port->dev->ifindex;
  215. mtimer = &p->timer;
  216. flags = p->flags;
  217. } else {
  218. ifindex = mp->br->dev->ifindex;
  219. mtimer = &mp->timer;
  220. }
  221. __mdb_entry_fill_flags(&e, flags);
  222. e.ifindex = ifindex;
  223. e.vid = mp->addr.vid;
  224. if (mp->addr.proto == htons(ETH_P_IP)) {
  225. e.addr.u.ip4 = mp->addr.dst.ip4;
  226. #if IS_ENABLED(CONFIG_IPV6)
  227. } else if (mp->addr.proto == htons(ETH_P_IPV6)) {
  228. e.addr.u.ip6 = mp->addr.dst.ip6;
  229. #endif
  230. } else {
  231. ether_addr_copy(e.addr.u.mac_addr, mp->addr.dst.mac_addr);
  232. e.state = MDB_PERMANENT;
  233. }
  234. e.addr.proto = mp->addr.proto;
  235. nest_ent = nla_nest_start_noflag(skb,
  236. MDBA_MDB_ENTRY_INFO);
  237. if (!nest_ent)
  238. return -EMSGSIZE;
  239. if (nla_put_nohdr(skb, sizeof(e), &e) ||
  240. nla_put_u32(skb,
  241. MDBA_MDB_EATTR_TIMER,
  242. br_timer_value(mtimer)))
  243. goto nest_err;
  244. switch (mp->addr.proto) {
  245. case htons(ETH_P_IP):
  246. dump_srcs_mode = !!(mp->br->multicast_ctx.multicast_igmp_version == 3);
  247. if (mp->addr.src.ip4) {
  248. if (nla_put_in_addr(skb, MDBA_MDB_EATTR_SOURCE,
  249. mp->addr.src.ip4))
  250. goto nest_err;
  251. break;
  252. }
  253. break;
  254. #if IS_ENABLED(CONFIG_IPV6)
  255. case htons(ETH_P_IPV6):
  256. dump_srcs_mode = !!(mp->br->multicast_ctx.multicast_mld_version == 2);
  257. if (!ipv6_addr_any(&mp->addr.src.ip6)) {
  258. if (nla_put_in6_addr(skb, MDBA_MDB_EATTR_SOURCE,
  259. &mp->addr.src.ip6))
  260. goto nest_err;
  261. break;
  262. }
  263. break;
  264. #endif
  265. default:
  266. ether_addr_copy(e.addr.u.mac_addr, mp->addr.dst.mac_addr);
  267. }
  268. if (p) {
  269. if (nla_put_u8(skb, MDBA_MDB_EATTR_RTPROT, p->rt_protocol))
  270. goto nest_err;
  271. if (dump_srcs_mode &&
  272. (__mdb_fill_srcs(skb, p) ||
  273. nla_put_u8(skb, MDBA_MDB_EATTR_GROUP_MODE,
  274. p->filter_mode)))
  275. goto nest_err;
  276. }
  277. nla_nest_end(skb, nest_ent);
  278. return 0;
  279. nest_err:
  280. nla_nest_cancel(skb, nest_ent);
  281. return -EMSGSIZE;
  282. }
  283. static int br_mdb_fill_info(struct sk_buff *skb, struct netlink_callback *cb,
  284. struct net_device *dev)
  285. {
  286. int idx = 0, s_idx = cb->args[1], err = 0, pidx = 0, s_pidx = cb->args[2];
  287. struct net_bridge *br = netdev_priv(dev);
  288. struct net_bridge_mdb_entry *mp;
  289. struct nlattr *nest, *nest2;
  290. nest = nla_nest_start_noflag(skb, MDBA_MDB);
  291. if (nest == NULL)
  292. return -EMSGSIZE;
  293. hlist_for_each_entry_rcu(mp, &br->mdb_list, mdb_node) {
  294. struct net_bridge_port_group *p;
  295. struct net_bridge_port_group __rcu **pp;
  296. if (idx < s_idx)
  297. goto skip;
  298. nest2 = nla_nest_start_noflag(skb, MDBA_MDB_ENTRY);
  299. if (!nest2) {
  300. err = -EMSGSIZE;
  301. break;
  302. }
  303. if (!s_pidx && mp->host_joined) {
  304. err = __mdb_fill_info(skb, mp, NULL);
  305. if (err) {
  306. nla_nest_cancel(skb, nest2);
  307. break;
  308. }
  309. }
  310. for (pp = &mp->ports; (p = rcu_dereference(*pp)) != NULL;
  311. pp = &p->next) {
  312. if (!p->key.port)
  313. continue;
  314. if (pidx < s_pidx)
  315. goto skip_pg;
  316. err = __mdb_fill_info(skb, mp, p);
  317. if (err) {
  318. nla_nest_end(skb, nest2);
  319. goto out;
  320. }
  321. skip_pg:
  322. pidx++;
  323. }
  324. pidx = 0;
  325. s_pidx = 0;
  326. nla_nest_end(skb, nest2);
  327. skip:
  328. idx++;
  329. }
  330. out:
  331. cb->args[1] = idx;
  332. cb->args[2] = pidx;
  333. nla_nest_end(skb, nest);
  334. return err;
  335. }
  336. int br_mdb_dump(struct net_device *dev, struct sk_buff *skb,
  337. struct netlink_callback *cb)
  338. {
  339. struct net_bridge *br = netdev_priv(dev);
  340. struct br_port_msg *bpm;
  341. struct nlmsghdr *nlh;
  342. int err;
  343. nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid,
  344. cb->nlh->nlmsg_seq, RTM_GETMDB, sizeof(*bpm),
  345. NLM_F_MULTI);
  346. if (!nlh)
  347. return -EMSGSIZE;
  348. bpm = nlmsg_data(nlh);
  349. memset(bpm, 0, sizeof(*bpm));
  350. bpm->ifindex = dev->ifindex;
  351. rcu_read_lock();
  352. err = br_mdb_fill_info(skb, cb, dev);
  353. if (err)
  354. goto out;
  355. err = br_rports_fill_info(skb, &br->multicast_ctx);
  356. if (err)
  357. goto out;
  358. out:
  359. rcu_read_unlock();
  360. nlmsg_end(skb, nlh);
  361. return err;
  362. }
  363. static int nlmsg_populate_mdb_fill(struct sk_buff *skb,
  364. struct net_device *dev,
  365. struct net_bridge_mdb_entry *mp,
  366. struct net_bridge_port_group *pg,
  367. int type)
  368. {
  369. struct nlmsghdr *nlh;
  370. struct br_port_msg *bpm;
  371. struct nlattr *nest, *nest2;
  372. nlh = nlmsg_put(skb, 0, 0, type, sizeof(*bpm), 0);
  373. if (!nlh)
  374. return -EMSGSIZE;
  375. bpm = nlmsg_data(nlh);
  376. memset(bpm, 0, sizeof(*bpm));
  377. bpm->family = AF_BRIDGE;
  378. bpm->ifindex = dev->ifindex;
  379. nest = nla_nest_start_noflag(skb, MDBA_MDB);
  380. if (nest == NULL)
  381. goto cancel;
  382. nest2 = nla_nest_start_noflag(skb, MDBA_MDB_ENTRY);
  383. if (nest2 == NULL)
  384. goto end;
  385. if (__mdb_fill_info(skb, mp, pg))
  386. goto end;
  387. nla_nest_end(skb, nest2);
  388. nla_nest_end(skb, nest);
  389. nlmsg_end(skb, nlh);
  390. return 0;
  391. end:
  392. nla_nest_end(skb, nest);
  393. cancel:
  394. nlmsg_cancel(skb, nlh);
  395. return -EMSGSIZE;
  396. }
  397. static size_t rtnl_mdb_nlmsg_pg_size(const struct net_bridge_port_group *pg)
  398. {
  399. struct net_bridge_group_src *ent;
  400. size_t nlmsg_size, addr_size = 0;
  401. /* MDBA_MDB_ENTRY_INFO */
  402. nlmsg_size = nla_total_size(sizeof(struct br_mdb_entry)) +
  403. /* MDBA_MDB_EATTR_TIMER */
  404. nla_total_size(sizeof(u32));
  405. if (!pg)
  406. goto out;
  407. /* MDBA_MDB_EATTR_RTPROT */
  408. nlmsg_size += nla_total_size(sizeof(u8));
  409. switch (pg->key.addr.proto) {
  410. case htons(ETH_P_IP):
  411. /* MDBA_MDB_EATTR_SOURCE */
  412. if (pg->key.addr.src.ip4)
  413. nlmsg_size += nla_total_size(sizeof(__be32));
  414. if (pg->key.port->br->multicast_ctx.multicast_igmp_version == 2)
  415. goto out;
  416. addr_size = sizeof(__be32);
  417. break;
  418. #if IS_ENABLED(CONFIG_IPV6)
  419. case htons(ETH_P_IPV6):
  420. /* MDBA_MDB_EATTR_SOURCE */
  421. if (!ipv6_addr_any(&pg->key.addr.src.ip6))
  422. nlmsg_size += nla_total_size(sizeof(struct in6_addr));
  423. if (pg->key.port->br->multicast_ctx.multicast_mld_version == 1)
  424. goto out;
  425. addr_size = sizeof(struct in6_addr);
  426. break;
  427. #endif
  428. }
  429. /* MDBA_MDB_EATTR_GROUP_MODE */
  430. nlmsg_size += nla_total_size(sizeof(u8));
  431. /* MDBA_MDB_EATTR_SRC_LIST nested attr */
  432. if (!hlist_empty(&pg->src_list))
  433. nlmsg_size += nla_total_size(0);
  434. hlist_for_each_entry(ent, &pg->src_list, node) {
  435. /* MDBA_MDB_SRCLIST_ENTRY nested attr +
  436. * MDBA_MDB_SRCATTR_ADDRESS + MDBA_MDB_SRCATTR_TIMER
  437. */
  438. nlmsg_size += nla_total_size(0) +
  439. nla_total_size(addr_size) +
  440. nla_total_size(sizeof(u32));
  441. }
  442. out:
  443. return nlmsg_size;
  444. }
  445. static size_t rtnl_mdb_nlmsg_size(const struct net_bridge_port_group *pg)
  446. {
  447. return NLMSG_ALIGN(sizeof(struct br_port_msg)) +
  448. /* MDBA_MDB */
  449. nla_total_size(0) +
  450. /* MDBA_MDB_ENTRY */
  451. nla_total_size(0) +
  452. /* Port group entry */
  453. rtnl_mdb_nlmsg_pg_size(pg);
  454. }
  455. static void __br_mdb_notify(struct net_device *dev,
  456. struct net_bridge_mdb_entry *mp,
  457. struct net_bridge_port_group *pg,
  458. int type, bool notify_switchdev)
  459. {
  460. struct net *net = dev_net(dev);
  461. struct sk_buff *skb;
  462. int err = -ENOBUFS;
  463. if (notify_switchdev)
  464. br_switchdev_mdb_notify(dev, mp, pg, type);
  465. skb = nlmsg_new(rtnl_mdb_nlmsg_size(pg), GFP_ATOMIC);
  466. if (!skb)
  467. goto errout;
  468. err = nlmsg_populate_mdb_fill(skb, dev, mp, pg, type);
  469. if (err < 0) {
  470. kfree_skb(skb);
  471. goto errout;
  472. }
  473. rtnl_notify(skb, net, 0, RTNLGRP_MDB, NULL, GFP_ATOMIC);
  474. return;
  475. errout:
  476. rtnl_set_sk_err(net, RTNLGRP_MDB, err);
  477. }
  478. void br_mdb_notify(struct net_device *dev,
  479. struct net_bridge_mdb_entry *mp,
  480. struct net_bridge_port_group *pg,
  481. int type)
  482. {
  483. __br_mdb_notify(dev, mp, pg, type, true);
  484. }
  485. void br_mdb_flag_change_notify(struct net_device *dev,
  486. struct net_bridge_mdb_entry *mp,
  487. struct net_bridge_port_group *pg)
  488. {
  489. __br_mdb_notify(dev, mp, pg, RTM_NEWMDB, false);
  490. }
  491. static int nlmsg_populate_rtr_fill(struct sk_buff *skb,
  492. struct net_device *dev,
  493. int ifindex, u16 vid, u32 pid,
  494. u32 seq, int type, unsigned int flags)
  495. {
  496. struct nlattr *nest, *port_nest;
  497. struct br_port_msg *bpm;
  498. struct nlmsghdr *nlh;
  499. nlh = nlmsg_put(skb, pid, seq, type, sizeof(*bpm), 0);
  500. if (!nlh)
  501. return -EMSGSIZE;
  502. bpm = nlmsg_data(nlh);
  503. memset(bpm, 0, sizeof(*bpm));
  504. bpm->family = AF_BRIDGE;
  505. bpm->ifindex = dev->ifindex;
  506. nest = nla_nest_start_noflag(skb, MDBA_ROUTER);
  507. if (!nest)
  508. goto cancel;
  509. port_nest = nla_nest_start_noflag(skb, MDBA_ROUTER_PORT);
  510. if (!port_nest)
  511. goto end;
  512. if (nla_put_nohdr(skb, sizeof(u32), &ifindex)) {
  513. nla_nest_cancel(skb, port_nest);
  514. goto end;
  515. }
  516. if (vid && nla_put_u16(skb, MDBA_ROUTER_PATTR_VID, vid)) {
  517. nla_nest_cancel(skb, port_nest);
  518. goto end;
  519. }
  520. nla_nest_end(skb, port_nest);
  521. nla_nest_end(skb, nest);
  522. nlmsg_end(skb, nlh);
  523. return 0;
  524. end:
  525. nla_nest_end(skb, nest);
  526. cancel:
  527. nlmsg_cancel(skb, nlh);
  528. return -EMSGSIZE;
  529. }
  530. static inline size_t rtnl_rtr_nlmsg_size(void)
  531. {
  532. return NLMSG_ALIGN(sizeof(struct br_port_msg))
  533. + nla_total_size(sizeof(__u32))
  534. + nla_total_size(sizeof(u16));
  535. }
  536. void br_rtr_notify(struct net_device *dev, struct net_bridge_mcast_port *pmctx,
  537. int type)
  538. {
  539. struct net *net = dev_net(dev);
  540. struct sk_buff *skb;
  541. int err = -ENOBUFS;
  542. int ifindex;
  543. u16 vid;
  544. ifindex = pmctx ? pmctx->port->dev->ifindex : 0;
  545. vid = pmctx && br_multicast_port_ctx_is_vlan(pmctx) ? pmctx->vlan->vid :
  546. 0;
  547. skb = nlmsg_new(rtnl_rtr_nlmsg_size(), GFP_ATOMIC);
  548. if (!skb)
  549. goto errout;
  550. err = nlmsg_populate_rtr_fill(skb, dev, ifindex, vid, 0, 0, type,
  551. NTF_SELF);
  552. if (err < 0) {
  553. kfree_skb(skb);
  554. goto errout;
  555. }
  556. rtnl_notify(skb, net, 0, RTNLGRP_MDB, NULL, GFP_ATOMIC);
  557. return;
  558. errout:
  559. rtnl_set_sk_err(net, RTNLGRP_MDB, err);
  560. }
  561. static const struct nla_policy
  562. br_mdbe_src_list_entry_pol[MDBE_SRCATTR_MAX + 1] = {
  563. [MDBE_SRCATTR_ADDRESS] = NLA_POLICY_RANGE(NLA_BINARY,
  564. sizeof(struct in_addr),
  565. sizeof(struct in6_addr)),
  566. };
  567. static const struct nla_policy
  568. br_mdbe_src_list_pol[MDBE_SRC_LIST_MAX + 1] = {
  569. [MDBE_SRC_LIST_ENTRY] = NLA_POLICY_NESTED(br_mdbe_src_list_entry_pol),
  570. };
  571. static const struct nla_policy br_mdbe_attrs_pol[MDBE_ATTR_MAX + 1] = {
  572. [MDBE_ATTR_SOURCE] = NLA_POLICY_RANGE(NLA_BINARY,
  573. sizeof(struct in_addr),
  574. sizeof(struct in6_addr)),
  575. [MDBE_ATTR_GROUP_MODE] = NLA_POLICY_RANGE(NLA_U8, MCAST_EXCLUDE,
  576. MCAST_INCLUDE),
  577. [MDBE_ATTR_SRC_LIST] = NLA_POLICY_NESTED(br_mdbe_src_list_pol),
  578. [MDBE_ATTR_RTPROT] = NLA_POLICY_MIN(NLA_U8, RTPROT_STATIC),
  579. };
  580. static bool is_valid_mdb_source(struct nlattr *attr, __be16 proto,
  581. struct netlink_ext_ack *extack)
  582. {
  583. switch (proto) {
  584. case htons(ETH_P_IP):
  585. if (nla_len(attr) != sizeof(struct in_addr)) {
  586. NL_SET_ERR_MSG_MOD(extack, "IPv4 invalid source address length");
  587. return false;
  588. }
  589. if (ipv4_is_multicast(nla_get_in_addr(attr))) {
  590. NL_SET_ERR_MSG_MOD(extack, "IPv4 multicast source address is not allowed");
  591. return false;
  592. }
  593. break;
  594. #if IS_ENABLED(CONFIG_IPV6)
  595. case htons(ETH_P_IPV6): {
  596. struct in6_addr src;
  597. if (nla_len(attr) != sizeof(struct in6_addr)) {
  598. NL_SET_ERR_MSG_MOD(extack, "IPv6 invalid source address length");
  599. return false;
  600. }
  601. src = nla_get_in6_addr(attr);
  602. if (ipv6_addr_is_multicast(&src)) {
  603. NL_SET_ERR_MSG_MOD(extack, "IPv6 multicast source address is not allowed");
  604. return false;
  605. }
  606. break;
  607. }
  608. #endif
  609. default:
  610. NL_SET_ERR_MSG_MOD(extack, "Invalid protocol used with source address");
  611. return false;
  612. }
  613. return true;
  614. }
  615. static struct net_bridge_mcast *
  616. __br_mdb_choose_context(struct net_bridge *br,
  617. const struct br_mdb_entry *entry,
  618. struct netlink_ext_ack *extack)
  619. {
  620. struct net_bridge_mcast *brmctx = NULL;
  621. struct net_bridge_vlan *v;
  622. if (!br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) {
  623. brmctx = &br->multicast_ctx;
  624. goto out;
  625. }
  626. if (!entry->vid) {
  627. NL_SET_ERR_MSG_MOD(extack, "Cannot add an entry without a vlan when vlan snooping is enabled");
  628. goto out;
  629. }
  630. v = br_vlan_find(br_vlan_group(br), entry->vid);
  631. if (!v) {
  632. NL_SET_ERR_MSG_MOD(extack, "Vlan is not configured");
  633. goto out;
  634. }
  635. if (br_multicast_ctx_vlan_global_disabled(&v->br_mcast_ctx)) {
  636. NL_SET_ERR_MSG_MOD(extack, "Vlan's multicast processing is disabled");
  637. goto out;
  638. }
  639. brmctx = &v->br_mcast_ctx;
  640. out:
  641. return brmctx;
  642. }
  643. static int br_mdb_replace_group_sg(const struct br_mdb_config *cfg,
  644. struct net_bridge_mdb_entry *mp,
  645. struct net_bridge_port_group *pg,
  646. struct net_bridge_mcast *brmctx,
  647. unsigned char flags)
  648. {
  649. unsigned long now = jiffies;
  650. pg->flags = flags;
  651. pg->rt_protocol = cfg->rt_protocol;
  652. if (!(flags & MDB_PG_FLAGS_PERMANENT) && !cfg->src_entry)
  653. mod_timer(&pg->timer,
  654. now + brmctx->multicast_membership_interval);
  655. else
  656. timer_delete(&pg->timer);
  657. br_mdb_notify(cfg->br->dev, mp, pg, RTM_NEWMDB);
  658. return 0;
  659. }
  660. static int br_mdb_add_group_sg(const struct br_mdb_config *cfg,
  661. struct net_bridge_mdb_entry *mp,
  662. struct net_bridge_mcast *brmctx,
  663. unsigned char flags,
  664. struct netlink_ext_ack *extack)
  665. {
  666. struct net_bridge_port_group __rcu **pp;
  667. struct net_bridge_port_group *p;
  668. unsigned long now = jiffies;
  669. for (pp = &mp->ports;
  670. (p = mlock_dereference(*pp, cfg->br)) != NULL;
  671. pp = &p->next) {
  672. if (p->key.port == cfg->p) {
  673. if (!(cfg->nlflags & NLM_F_REPLACE)) {
  674. NL_SET_ERR_MSG_MOD(extack, "(S, G) group is already joined by port");
  675. return -EEXIST;
  676. }
  677. return br_mdb_replace_group_sg(cfg, mp, p, brmctx,
  678. flags);
  679. }
  680. if ((unsigned long)p->key.port < (unsigned long)cfg->p)
  681. break;
  682. }
  683. p = br_multicast_new_port_group(cfg->p, &cfg->group, *pp, flags, NULL,
  684. MCAST_INCLUDE, cfg->rt_protocol, extack);
  685. if (unlikely(!p))
  686. return -ENOMEM;
  687. rcu_assign_pointer(*pp, p);
  688. if (!(flags & MDB_PG_FLAGS_PERMANENT) && !cfg->src_entry)
  689. mod_timer(&p->timer,
  690. now + brmctx->multicast_membership_interval);
  691. br_mdb_notify(cfg->br->dev, mp, p, RTM_NEWMDB);
  692. /* All of (*, G) EXCLUDE ports need to be added to the new (S, G) for
  693. * proper replication.
  694. */
  695. if (br_multicast_should_handle_mode(brmctx, cfg->group.proto)) {
  696. struct net_bridge_mdb_entry *star_mp;
  697. struct br_ip star_group;
  698. star_group = p->key.addr;
  699. memset(&star_group.src, 0, sizeof(star_group.src));
  700. star_mp = br_mdb_ip_get(cfg->br, &star_group);
  701. if (star_mp)
  702. br_multicast_sg_add_exclude_ports(star_mp, p);
  703. }
  704. return 0;
  705. }
  706. static int br_mdb_add_group_src_fwd(const struct br_mdb_config *cfg,
  707. struct br_ip *src_ip,
  708. struct net_bridge_mcast *brmctx,
  709. struct netlink_ext_ack *extack)
  710. {
  711. struct net_bridge_mdb_entry *sgmp;
  712. struct br_mdb_config sg_cfg;
  713. struct br_ip sg_ip;
  714. u8 flags = 0;
  715. sg_ip = cfg->group;
  716. sg_ip.src = src_ip->src;
  717. sgmp = br_multicast_new_group(cfg->br, &sg_ip);
  718. if (IS_ERR(sgmp)) {
  719. NL_SET_ERR_MSG_MOD(extack, "Failed to add (S, G) MDB entry");
  720. return PTR_ERR(sgmp);
  721. }
  722. if (cfg->entry->state == MDB_PERMANENT)
  723. flags |= MDB_PG_FLAGS_PERMANENT;
  724. if (cfg->filter_mode == MCAST_EXCLUDE)
  725. flags |= MDB_PG_FLAGS_BLOCKED;
  726. memset(&sg_cfg, 0, sizeof(sg_cfg));
  727. sg_cfg.br = cfg->br;
  728. sg_cfg.p = cfg->p;
  729. sg_cfg.entry = cfg->entry;
  730. sg_cfg.group = sg_ip;
  731. sg_cfg.src_entry = true;
  732. sg_cfg.filter_mode = MCAST_INCLUDE;
  733. sg_cfg.rt_protocol = cfg->rt_protocol;
  734. sg_cfg.nlflags = cfg->nlflags;
  735. return br_mdb_add_group_sg(&sg_cfg, sgmp, brmctx, flags, extack);
  736. }
  737. static int br_mdb_add_group_src(const struct br_mdb_config *cfg,
  738. struct net_bridge_port_group *pg,
  739. struct net_bridge_mcast *brmctx,
  740. struct br_mdb_src_entry *src,
  741. struct netlink_ext_ack *extack)
  742. {
  743. struct net_bridge_group_src *ent;
  744. unsigned long now = jiffies;
  745. int err;
  746. ent = br_multicast_find_group_src(pg, &src->addr);
  747. if (!ent) {
  748. ent = br_multicast_new_group_src(pg, &src->addr);
  749. if (!ent) {
  750. NL_SET_ERR_MSG_MOD(extack, "Failed to add new source entry");
  751. return -ENOSPC;
  752. }
  753. } else if (!(cfg->nlflags & NLM_F_REPLACE)) {
  754. NL_SET_ERR_MSG_MOD(extack, "Source entry already exists");
  755. return -EEXIST;
  756. }
  757. if (cfg->filter_mode == MCAST_INCLUDE &&
  758. cfg->entry->state == MDB_TEMPORARY)
  759. mod_timer(&ent->timer, now + br_multicast_gmi(brmctx));
  760. else
  761. timer_delete(&ent->timer);
  762. /* Install a (S, G) forwarding entry for the source. */
  763. err = br_mdb_add_group_src_fwd(cfg, &src->addr, brmctx, extack);
  764. if (err)
  765. goto err_del_sg;
  766. ent->flags = BR_SGRP_F_INSTALLED | BR_SGRP_F_USER_ADDED;
  767. return 0;
  768. err_del_sg:
  769. __br_multicast_del_group_src(ent);
  770. return err;
  771. }
  772. static void br_mdb_del_group_src(struct net_bridge_port_group *pg,
  773. struct br_mdb_src_entry *src)
  774. {
  775. struct net_bridge_group_src *ent;
  776. ent = br_multicast_find_group_src(pg, &src->addr);
  777. if (WARN_ON_ONCE(!ent))
  778. return;
  779. br_multicast_del_group_src(ent, false);
  780. }
  781. static int br_mdb_add_group_srcs(const struct br_mdb_config *cfg,
  782. struct net_bridge_port_group *pg,
  783. struct net_bridge_mcast *brmctx,
  784. struct netlink_ext_ack *extack)
  785. {
  786. int i, err;
  787. for (i = 0; i < cfg->num_src_entries; i++) {
  788. err = br_mdb_add_group_src(cfg, pg, brmctx,
  789. &cfg->src_entries[i], extack);
  790. if (err)
  791. goto err_del_group_srcs;
  792. }
  793. return 0;
  794. err_del_group_srcs:
  795. for (i--; i >= 0; i--)
  796. br_mdb_del_group_src(pg, &cfg->src_entries[i]);
  797. return err;
  798. }
  799. static int br_mdb_replace_group_srcs(const struct br_mdb_config *cfg,
  800. struct net_bridge_port_group *pg,
  801. struct net_bridge_mcast *brmctx,
  802. struct netlink_ext_ack *extack)
  803. {
  804. struct net_bridge_group_src *ent;
  805. struct hlist_node *tmp;
  806. int err;
  807. hlist_for_each_entry(ent, &pg->src_list, node)
  808. ent->flags |= BR_SGRP_F_DELETE;
  809. err = br_mdb_add_group_srcs(cfg, pg, brmctx, extack);
  810. if (err)
  811. goto err_clear_delete;
  812. hlist_for_each_entry_safe(ent, tmp, &pg->src_list, node) {
  813. if (ent->flags & BR_SGRP_F_DELETE)
  814. br_multicast_del_group_src(ent, false);
  815. }
  816. return 0;
  817. err_clear_delete:
  818. hlist_for_each_entry(ent, &pg->src_list, node)
  819. ent->flags &= ~BR_SGRP_F_DELETE;
  820. return err;
  821. }
  822. static int br_mdb_replace_group_star_g(const struct br_mdb_config *cfg,
  823. struct net_bridge_mdb_entry *mp,
  824. struct net_bridge_port_group *pg,
  825. struct net_bridge_mcast *brmctx,
  826. unsigned char flags,
  827. struct netlink_ext_ack *extack)
  828. {
  829. unsigned long now = jiffies;
  830. int err;
  831. err = br_mdb_replace_group_srcs(cfg, pg, brmctx, extack);
  832. if (err)
  833. return err;
  834. pg->flags = flags;
  835. pg->filter_mode = cfg->filter_mode;
  836. pg->rt_protocol = cfg->rt_protocol;
  837. if (!(flags & MDB_PG_FLAGS_PERMANENT) &&
  838. cfg->filter_mode == MCAST_EXCLUDE)
  839. mod_timer(&pg->timer,
  840. now + brmctx->multicast_membership_interval);
  841. else
  842. timer_delete(&pg->timer);
  843. br_mdb_notify(cfg->br->dev, mp, pg, RTM_NEWMDB);
  844. if (br_multicast_should_handle_mode(brmctx, cfg->group.proto))
  845. br_multicast_star_g_handle_mode(pg, cfg->filter_mode);
  846. return 0;
  847. }
  848. static int br_mdb_add_group_star_g(const struct br_mdb_config *cfg,
  849. struct net_bridge_mdb_entry *mp,
  850. struct net_bridge_mcast *brmctx,
  851. unsigned char flags,
  852. struct netlink_ext_ack *extack)
  853. {
  854. struct net_bridge_port_group __rcu **pp;
  855. struct net_bridge_port_group *p;
  856. unsigned long now = jiffies;
  857. int err;
  858. for (pp = &mp->ports;
  859. (p = mlock_dereference(*pp, cfg->br)) != NULL;
  860. pp = &p->next) {
  861. if (p->key.port == cfg->p) {
  862. if (!(cfg->nlflags & NLM_F_REPLACE)) {
  863. NL_SET_ERR_MSG_MOD(extack, "(*, G) group is already joined by port");
  864. return -EEXIST;
  865. }
  866. return br_mdb_replace_group_star_g(cfg, mp, p, brmctx,
  867. flags, extack);
  868. }
  869. if ((unsigned long)p->key.port < (unsigned long)cfg->p)
  870. break;
  871. }
  872. p = br_multicast_new_port_group(cfg->p, &cfg->group, *pp, flags, NULL,
  873. cfg->filter_mode, cfg->rt_protocol,
  874. extack);
  875. if (unlikely(!p))
  876. return -ENOMEM;
  877. err = br_mdb_add_group_srcs(cfg, p, brmctx, extack);
  878. if (err)
  879. goto err_del_port_group;
  880. rcu_assign_pointer(*pp, p);
  881. if (!(flags & MDB_PG_FLAGS_PERMANENT) &&
  882. cfg->filter_mode == MCAST_EXCLUDE)
  883. mod_timer(&p->timer,
  884. now + brmctx->multicast_membership_interval);
  885. br_mdb_notify(cfg->br->dev, mp, p, RTM_NEWMDB);
  886. /* If we are adding a new EXCLUDE port group (*, G), it needs to be
  887. * also added to all (S, G) entries for proper replication.
  888. */
  889. if (br_multicast_should_handle_mode(brmctx, cfg->group.proto) &&
  890. cfg->filter_mode == MCAST_EXCLUDE)
  891. br_multicast_star_g_handle_mode(p, MCAST_EXCLUDE);
  892. return 0;
  893. err_del_port_group:
  894. br_multicast_del_port_group(p);
  895. return err;
  896. }
  897. static int br_mdb_add_group(const struct br_mdb_config *cfg,
  898. struct netlink_ext_ack *extack)
  899. {
  900. struct br_mdb_entry *entry = cfg->entry;
  901. struct net_bridge_port *port = cfg->p;
  902. struct net_bridge_mdb_entry *mp;
  903. struct net_bridge *br = cfg->br;
  904. struct net_bridge_mcast *brmctx;
  905. struct br_ip group = cfg->group;
  906. unsigned char flags = 0;
  907. brmctx = __br_mdb_choose_context(br, entry, extack);
  908. if (!brmctx)
  909. return -EINVAL;
  910. mp = br_multicast_new_group(br, &group);
  911. if (IS_ERR(mp))
  912. return PTR_ERR(mp);
  913. /* host join */
  914. if (!port) {
  915. if (mp->host_joined && !(cfg->nlflags & NLM_F_REPLACE)) {
  916. NL_SET_ERR_MSG_MOD(extack, "Group is already joined by host");
  917. return -EEXIST;
  918. }
  919. br_multicast_host_join(brmctx, mp, false);
  920. br_mdb_notify(br->dev, mp, NULL, RTM_NEWMDB);
  921. return 0;
  922. }
  923. if (entry->state == MDB_PERMANENT)
  924. flags |= MDB_PG_FLAGS_PERMANENT;
  925. if (br_multicast_is_star_g(&group))
  926. return br_mdb_add_group_star_g(cfg, mp, brmctx, flags, extack);
  927. else
  928. return br_mdb_add_group_sg(cfg, mp, brmctx, flags, extack);
  929. }
  930. static int __br_mdb_add(const struct br_mdb_config *cfg,
  931. struct netlink_ext_ack *extack)
  932. {
  933. int ret;
  934. spin_lock_bh(&cfg->br->multicast_lock);
  935. ret = br_mdb_add_group(cfg, extack);
  936. spin_unlock_bh(&cfg->br->multicast_lock);
  937. return ret;
  938. }
  939. static int br_mdb_config_src_entry_init(struct nlattr *src_entry,
  940. struct br_mdb_src_entry *src,
  941. __be16 proto,
  942. struct netlink_ext_ack *extack)
  943. {
  944. struct nlattr *tb[MDBE_SRCATTR_MAX + 1];
  945. int err;
  946. err = nla_parse_nested(tb, MDBE_SRCATTR_MAX, src_entry,
  947. br_mdbe_src_list_entry_pol, extack);
  948. if (err)
  949. return err;
  950. if (NL_REQ_ATTR_CHECK(extack, src_entry, tb, MDBE_SRCATTR_ADDRESS))
  951. return -EINVAL;
  952. if (!is_valid_mdb_source(tb[MDBE_SRCATTR_ADDRESS], proto, extack))
  953. return -EINVAL;
  954. src->addr.proto = proto;
  955. nla_memcpy(&src->addr.src, tb[MDBE_SRCATTR_ADDRESS],
  956. nla_len(tb[MDBE_SRCATTR_ADDRESS]));
  957. return 0;
  958. }
  959. static int br_mdb_config_src_list_init(struct nlattr *src_list,
  960. struct br_mdb_config *cfg,
  961. struct netlink_ext_ack *extack)
  962. {
  963. struct nlattr *src_entry;
  964. int rem, err;
  965. int i = 0;
  966. nla_for_each_nested(src_entry, src_list, rem)
  967. cfg->num_src_entries++;
  968. if (cfg->num_src_entries >= PG_SRC_ENT_LIMIT) {
  969. NL_SET_ERR_MSG_FMT_MOD(extack, "Exceeded maximum number of source entries (%u)",
  970. PG_SRC_ENT_LIMIT - 1);
  971. return -EINVAL;
  972. }
  973. cfg->src_entries = kzalloc_objs(struct br_mdb_src_entry,
  974. cfg->num_src_entries);
  975. if (!cfg->src_entries)
  976. return -ENOMEM;
  977. nla_for_each_nested(src_entry, src_list, rem) {
  978. err = br_mdb_config_src_entry_init(src_entry,
  979. &cfg->src_entries[i],
  980. cfg->entry->addr.proto,
  981. extack);
  982. if (err)
  983. goto err_src_entry_init;
  984. i++;
  985. }
  986. return 0;
  987. err_src_entry_init:
  988. kfree(cfg->src_entries);
  989. return err;
  990. }
  991. static void br_mdb_config_src_list_fini(struct br_mdb_config *cfg)
  992. {
  993. kfree(cfg->src_entries);
  994. }
  995. static int br_mdb_config_attrs_init(struct nlattr *set_attrs,
  996. struct br_mdb_config *cfg,
  997. struct netlink_ext_ack *extack)
  998. {
  999. struct nlattr *mdb_attrs[MDBE_ATTR_MAX + 1];
  1000. int err;
  1001. err = nla_parse_nested(mdb_attrs, MDBE_ATTR_MAX, set_attrs,
  1002. br_mdbe_attrs_pol, extack);
  1003. if (err)
  1004. return err;
  1005. if (mdb_attrs[MDBE_ATTR_SOURCE] &&
  1006. !is_valid_mdb_source(mdb_attrs[MDBE_ATTR_SOURCE],
  1007. cfg->entry->addr.proto, extack))
  1008. return -EINVAL;
  1009. __mdb_entry_to_br_ip(cfg->entry, &cfg->group, mdb_attrs);
  1010. if (mdb_attrs[MDBE_ATTR_GROUP_MODE]) {
  1011. if (!cfg->p) {
  1012. NL_SET_ERR_MSG_MOD(extack, "Filter mode cannot be set for host groups");
  1013. return -EINVAL;
  1014. }
  1015. if (!br_multicast_is_star_g(&cfg->group)) {
  1016. NL_SET_ERR_MSG_MOD(extack, "Filter mode can only be set for (*, G) entries");
  1017. return -EINVAL;
  1018. }
  1019. cfg->filter_mode = nla_get_u8(mdb_attrs[MDBE_ATTR_GROUP_MODE]);
  1020. } else {
  1021. cfg->filter_mode = MCAST_EXCLUDE;
  1022. }
  1023. if (mdb_attrs[MDBE_ATTR_SRC_LIST]) {
  1024. if (!cfg->p) {
  1025. NL_SET_ERR_MSG_MOD(extack, "Source list cannot be set for host groups");
  1026. return -EINVAL;
  1027. }
  1028. if (!br_multicast_is_star_g(&cfg->group)) {
  1029. NL_SET_ERR_MSG_MOD(extack, "Source list can only be set for (*, G) entries");
  1030. return -EINVAL;
  1031. }
  1032. if (!mdb_attrs[MDBE_ATTR_GROUP_MODE]) {
  1033. NL_SET_ERR_MSG_MOD(extack, "Source list cannot be set without filter mode");
  1034. return -EINVAL;
  1035. }
  1036. err = br_mdb_config_src_list_init(mdb_attrs[MDBE_ATTR_SRC_LIST],
  1037. cfg, extack);
  1038. if (err)
  1039. return err;
  1040. }
  1041. if (!cfg->num_src_entries && cfg->filter_mode == MCAST_INCLUDE) {
  1042. NL_SET_ERR_MSG_MOD(extack, "Cannot add (*, G) INCLUDE with an empty source list");
  1043. return -EINVAL;
  1044. }
  1045. if (mdb_attrs[MDBE_ATTR_RTPROT]) {
  1046. if (!cfg->p) {
  1047. NL_SET_ERR_MSG_MOD(extack, "Protocol cannot be set for host groups");
  1048. return -EINVAL;
  1049. }
  1050. cfg->rt_protocol = nla_get_u8(mdb_attrs[MDBE_ATTR_RTPROT]);
  1051. }
  1052. return 0;
  1053. }
  1054. static int br_mdb_config_init(struct br_mdb_config *cfg, struct net_device *dev,
  1055. struct nlattr *tb[], u16 nlmsg_flags,
  1056. struct netlink_ext_ack *extack)
  1057. {
  1058. struct net *net = dev_net(dev);
  1059. memset(cfg, 0, sizeof(*cfg));
  1060. cfg->filter_mode = MCAST_EXCLUDE;
  1061. cfg->rt_protocol = RTPROT_STATIC;
  1062. cfg->nlflags = nlmsg_flags;
  1063. cfg->br = netdev_priv(dev);
  1064. if (!netif_running(cfg->br->dev)) {
  1065. NL_SET_ERR_MSG_MOD(extack, "Bridge device is not running");
  1066. return -EINVAL;
  1067. }
  1068. if (!br_opt_get(cfg->br, BROPT_MULTICAST_ENABLED)) {
  1069. NL_SET_ERR_MSG_MOD(extack, "Bridge's multicast processing is disabled");
  1070. return -EINVAL;
  1071. }
  1072. cfg->entry = nla_data(tb[MDBA_SET_ENTRY]);
  1073. if (cfg->entry->ifindex != cfg->br->dev->ifindex) {
  1074. struct net_device *pdev;
  1075. pdev = __dev_get_by_index(net, cfg->entry->ifindex);
  1076. if (!pdev) {
  1077. NL_SET_ERR_MSG_MOD(extack, "Port net device doesn't exist");
  1078. return -ENODEV;
  1079. }
  1080. cfg->p = br_port_get_rtnl(pdev);
  1081. if (!cfg->p) {
  1082. NL_SET_ERR_MSG_MOD(extack, "Net device is not a bridge port");
  1083. return -EINVAL;
  1084. }
  1085. if (cfg->p->br != cfg->br) {
  1086. NL_SET_ERR_MSG_MOD(extack, "Port belongs to a different bridge device");
  1087. return -EINVAL;
  1088. }
  1089. }
  1090. if (cfg->entry->addr.proto == htons(ETH_P_IP) &&
  1091. ipv4_is_zeronet(cfg->entry->addr.u.ip4)) {
  1092. NL_SET_ERR_MSG_MOD(extack, "IPv4 entry group address 0.0.0.0 is not allowed");
  1093. return -EINVAL;
  1094. }
  1095. if (tb[MDBA_SET_ENTRY_ATTRS])
  1096. return br_mdb_config_attrs_init(tb[MDBA_SET_ENTRY_ATTRS], cfg,
  1097. extack);
  1098. else
  1099. __mdb_entry_to_br_ip(cfg->entry, &cfg->group, NULL);
  1100. return 0;
  1101. }
  1102. static void br_mdb_config_fini(struct br_mdb_config *cfg)
  1103. {
  1104. br_mdb_config_src_list_fini(cfg);
  1105. }
  1106. int br_mdb_add(struct net_device *dev, struct nlattr *tb[], u16 nlmsg_flags,
  1107. struct netlink_ext_ack *extack)
  1108. {
  1109. struct net_bridge_vlan_group *vg;
  1110. struct net_bridge_vlan *v;
  1111. struct br_mdb_config cfg;
  1112. int err;
  1113. err = br_mdb_config_init(&cfg, dev, tb, nlmsg_flags, extack);
  1114. if (err)
  1115. return err;
  1116. err = -EINVAL;
  1117. /* host join errors which can happen before creating the group */
  1118. if (!cfg.p && !br_group_is_l2(&cfg.group)) {
  1119. /* don't allow any flags for host-joined IP groups */
  1120. if (cfg.entry->state) {
  1121. NL_SET_ERR_MSG_MOD(extack, "Flags are not allowed for host groups");
  1122. goto out;
  1123. }
  1124. if (!br_multicast_is_star_g(&cfg.group)) {
  1125. NL_SET_ERR_MSG_MOD(extack, "Groups with sources cannot be manually host joined");
  1126. goto out;
  1127. }
  1128. }
  1129. if (br_group_is_l2(&cfg.group) && cfg.entry->state != MDB_PERMANENT) {
  1130. NL_SET_ERR_MSG_MOD(extack, "Only permanent L2 entries allowed");
  1131. goto out;
  1132. }
  1133. if (cfg.p) {
  1134. if (cfg.p->state == BR_STATE_DISABLED && cfg.entry->state != MDB_PERMANENT) {
  1135. NL_SET_ERR_MSG_MOD(extack, "Port is in disabled state and entry is not permanent");
  1136. goto out;
  1137. }
  1138. vg = nbp_vlan_group(cfg.p);
  1139. } else {
  1140. vg = br_vlan_group(cfg.br);
  1141. }
  1142. /* If vlan filtering is enabled and VLAN is not specified
  1143. * install mdb entry on all vlans configured on the port.
  1144. */
  1145. if (br_vlan_enabled(cfg.br->dev) && vg && cfg.entry->vid == 0) {
  1146. list_for_each_entry(v, &vg->vlan_list, vlist) {
  1147. cfg.entry->vid = v->vid;
  1148. cfg.group.vid = v->vid;
  1149. err = __br_mdb_add(&cfg, extack);
  1150. if (err)
  1151. break;
  1152. }
  1153. } else {
  1154. err = __br_mdb_add(&cfg, extack);
  1155. }
  1156. out:
  1157. br_mdb_config_fini(&cfg);
  1158. return err;
  1159. }
  1160. static int __br_mdb_del(const struct br_mdb_config *cfg)
  1161. {
  1162. struct br_mdb_entry *entry = cfg->entry;
  1163. struct net_bridge *br = cfg->br;
  1164. struct net_bridge_mdb_entry *mp;
  1165. struct net_bridge_port_group *p;
  1166. struct net_bridge_port_group __rcu **pp;
  1167. struct br_ip ip = cfg->group;
  1168. int err = -EINVAL;
  1169. spin_lock_bh(&br->multicast_lock);
  1170. mp = br_mdb_ip_get(br, &ip);
  1171. if (!mp)
  1172. goto unlock;
  1173. /* host leave */
  1174. if (entry->ifindex == mp->br->dev->ifindex && mp->host_joined) {
  1175. br_multicast_host_leave(mp, false);
  1176. err = 0;
  1177. br_mdb_notify(br->dev, mp, NULL, RTM_DELMDB);
  1178. if (!mp->ports && netif_running(br->dev))
  1179. mod_timer(&mp->timer, jiffies);
  1180. goto unlock;
  1181. }
  1182. for (pp = &mp->ports;
  1183. (p = mlock_dereference(*pp, br)) != NULL;
  1184. pp = &p->next) {
  1185. if (!p->key.port || p->key.port->dev->ifindex != entry->ifindex)
  1186. continue;
  1187. br_multicast_del_pg(mp, p, pp);
  1188. err = 0;
  1189. break;
  1190. }
  1191. unlock:
  1192. spin_unlock_bh(&br->multicast_lock);
  1193. return err;
  1194. }
  1195. int br_mdb_del(struct net_device *dev, struct nlattr *tb[],
  1196. struct netlink_ext_ack *extack)
  1197. {
  1198. struct net_bridge_vlan_group *vg;
  1199. struct net_bridge_vlan *v;
  1200. struct br_mdb_config cfg;
  1201. int err;
  1202. err = br_mdb_config_init(&cfg, dev, tb, 0, extack);
  1203. if (err)
  1204. return err;
  1205. if (cfg.p)
  1206. vg = nbp_vlan_group(cfg.p);
  1207. else
  1208. vg = br_vlan_group(cfg.br);
  1209. /* If vlan filtering is enabled and VLAN is not specified
  1210. * delete mdb entry on all vlans configured on the port.
  1211. */
  1212. if (br_vlan_enabled(cfg.br->dev) && vg && cfg.entry->vid == 0) {
  1213. list_for_each_entry(v, &vg->vlan_list, vlist) {
  1214. cfg.entry->vid = v->vid;
  1215. cfg.group.vid = v->vid;
  1216. err = __br_mdb_del(&cfg);
  1217. }
  1218. } else {
  1219. err = __br_mdb_del(&cfg);
  1220. }
  1221. br_mdb_config_fini(&cfg);
  1222. return err;
  1223. }
  1224. struct br_mdb_flush_desc {
  1225. u32 port_ifindex;
  1226. u16 vid;
  1227. u8 rt_protocol;
  1228. u8 state;
  1229. u8 state_mask;
  1230. };
  1231. static const struct nla_policy br_mdbe_attrs_del_bulk_pol[MDBE_ATTR_MAX + 1] = {
  1232. [MDBE_ATTR_RTPROT] = NLA_POLICY_MIN(NLA_U8, RTPROT_STATIC),
  1233. [MDBE_ATTR_STATE_MASK] = NLA_POLICY_MASK(NLA_U8, MDB_PERMANENT),
  1234. };
  1235. static int br_mdb_flush_desc_init(struct br_mdb_flush_desc *desc,
  1236. struct nlattr *tb[],
  1237. struct netlink_ext_ack *extack)
  1238. {
  1239. struct br_mdb_entry *entry = nla_data(tb[MDBA_SET_ENTRY]);
  1240. struct nlattr *mdbe_attrs[MDBE_ATTR_MAX + 1];
  1241. int err;
  1242. desc->port_ifindex = entry->ifindex;
  1243. desc->vid = entry->vid;
  1244. desc->state = entry->state;
  1245. if (!tb[MDBA_SET_ENTRY_ATTRS])
  1246. return 0;
  1247. err = nla_parse_nested(mdbe_attrs, MDBE_ATTR_MAX,
  1248. tb[MDBA_SET_ENTRY_ATTRS],
  1249. br_mdbe_attrs_del_bulk_pol, extack);
  1250. if (err)
  1251. return err;
  1252. if (mdbe_attrs[MDBE_ATTR_STATE_MASK])
  1253. desc->state_mask = nla_get_u8(mdbe_attrs[MDBE_ATTR_STATE_MASK]);
  1254. if (mdbe_attrs[MDBE_ATTR_RTPROT])
  1255. desc->rt_protocol = nla_get_u8(mdbe_attrs[MDBE_ATTR_RTPROT]);
  1256. return 0;
  1257. }
  1258. static void br_mdb_flush_host(struct net_bridge *br,
  1259. struct net_bridge_mdb_entry *mp,
  1260. const struct br_mdb_flush_desc *desc)
  1261. {
  1262. u8 state;
  1263. if (desc->port_ifindex && desc->port_ifindex != br->dev->ifindex)
  1264. return;
  1265. if (desc->rt_protocol)
  1266. return;
  1267. state = br_group_is_l2(&mp->addr) ? MDB_PERMANENT : 0;
  1268. if (desc->state_mask && (state & desc->state_mask) != desc->state)
  1269. return;
  1270. br_multicast_host_leave(mp, true);
  1271. if (!mp->ports && netif_running(br->dev))
  1272. mod_timer(&mp->timer, jiffies);
  1273. }
  1274. static void br_mdb_flush_pgs(struct net_bridge *br,
  1275. struct net_bridge_mdb_entry *mp,
  1276. const struct br_mdb_flush_desc *desc)
  1277. {
  1278. struct net_bridge_port_group __rcu **pp;
  1279. struct net_bridge_port_group *p;
  1280. for (pp = &mp->ports; (p = mlock_dereference(*pp, br)) != NULL;) {
  1281. u8 state;
  1282. if (desc->port_ifindex &&
  1283. desc->port_ifindex != p->key.port->dev->ifindex) {
  1284. pp = &p->next;
  1285. continue;
  1286. }
  1287. if (desc->rt_protocol && desc->rt_protocol != p->rt_protocol) {
  1288. pp = &p->next;
  1289. continue;
  1290. }
  1291. state = p->flags & MDB_PG_FLAGS_PERMANENT ? MDB_PERMANENT : 0;
  1292. if (desc->state_mask &&
  1293. (state & desc->state_mask) != desc->state) {
  1294. pp = &p->next;
  1295. continue;
  1296. }
  1297. br_multicast_del_pg(mp, p, pp);
  1298. }
  1299. }
  1300. static void br_mdb_flush(struct net_bridge *br,
  1301. const struct br_mdb_flush_desc *desc)
  1302. {
  1303. struct net_bridge_mdb_entry *mp;
  1304. spin_lock_bh(&br->multicast_lock);
  1305. /* Safe variant is not needed because entries are removed from the list
  1306. * upon group timer expiration or bridge deletion.
  1307. */
  1308. hlist_for_each_entry(mp, &br->mdb_list, mdb_node) {
  1309. if (desc->vid && desc->vid != mp->addr.vid)
  1310. continue;
  1311. br_mdb_flush_host(br, mp, desc);
  1312. br_mdb_flush_pgs(br, mp, desc);
  1313. }
  1314. spin_unlock_bh(&br->multicast_lock);
  1315. }
  1316. int br_mdb_del_bulk(struct net_device *dev, struct nlattr *tb[],
  1317. struct netlink_ext_ack *extack)
  1318. {
  1319. struct net_bridge *br = netdev_priv(dev);
  1320. struct br_mdb_flush_desc desc = {};
  1321. int err;
  1322. err = br_mdb_flush_desc_init(&desc, tb, extack);
  1323. if (err)
  1324. return err;
  1325. br_mdb_flush(br, &desc);
  1326. return 0;
  1327. }
  1328. static const struct nla_policy br_mdbe_attrs_get_pol[MDBE_ATTR_MAX + 1] = {
  1329. [MDBE_ATTR_SOURCE] = NLA_POLICY_RANGE(NLA_BINARY,
  1330. sizeof(struct in_addr),
  1331. sizeof(struct in6_addr)),
  1332. };
  1333. static int br_mdb_get_parse(struct net_device *dev, struct nlattr *tb[],
  1334. struct br_ip *group, struct netlink_ext_ack *extack)
  1335. {
  1336. struct br_mdb_entry *entry = nla_data(tb[MDBA_GET_ENTRY]);
  1337. struct nlattr *mdbe_attrs[MDBE_ATTR_MAX + 1];
  1338. int err;
  1339. if (!tb[MDBA_GET_ENTRY_ATTRS]) {
  1340. __mdb_entry_to_br_ip(entry, group, NULL);
  1341. return 0;
  1342. }
  1343. err = nla_parse_nested(mdbe_attrs, MDBE_ATTR_MAX,
  1344. tb[MDBA_GET_ENTRY_ATTRS], br_mdbe_attrs_get_pol,
  1345. extack);
  1346. if (err)
  1347. return err;
  1348. if (mdbe_attrs[MDBE_ATTR_SOURCE] &&
  1349. !is_valid_mdb_source(mdbe_attrs[MDBE_ATTR_SOURCE],
  1350. entry->addr.proto, extack))
  1351. return -EINVAL;
  1352. __mdb_entry_to_br_ip(entry, group, mdbe_attrs);
  1353. return 0;
  1354. }
  1355. static struct sk_buff *
  1356. br_mdb_get_reply_alloc(const struct net_bridge_mdb_entry *mp)
  1357. {
  1358. struct net_bridge_port_group *pg;
  1359. size_t nlmsg_size;
  1360. nlmsg_size = NLMSG_ALIGN(sizeof(struct br_port_msg)) +
  1361. /* MDBA_MDB */
  1362. nla_total_size(0) +
  1363. /* MDBA_MDB_ENTRY */
  1364. nla_total_size(0);
  1365. if (mp->host_joined)
  1366. nlmsg_size += rtnl_mdb_nlmsg_pg_size(NULL);
  1367. for (pg = mlock_dereference(mp->ports, mp->br); pg;
  1368. pg = mlock_dereference(pg->next, mp->br))
  1369. nlmsg_size += rtnl_mdb_nlmsg_pg_size(pg);
  1370. return nlmsg_new(nlmsg_size, GFP_ATOMIC);
  1371. }
  1372. static int br_mdb_get_reply_fill(struct sk_buff *skb,
  1373. struct net_bridge_mdb_entry *mp, u32 portid,
  1374. u32 seq)
  1375. {
  1376. struct nlattr *mdb_nest, *mdb_entry_nest;
  1377. struct net_bridge_port_group *pg;
  1378. struct br_port_msg *bpm;
  1379. struct nlmsghdr *nlh;
  1380. int err;
  1381. nlh = nlmsg_put(skb, portid, seq, RTM_NEWMDB, sizeof(*bpm), 0);
  1382. if (!nlh)
  1383. return -EMSGSIZE;
  1384. bpm = nlmsg_data(nlh);
  1385. memset(bpm, 0, sizeof(*bpm));
  1386. bpm->family = AF_BRIDGE;
  1387. bpm->ifindex = mp->br->dev->ifindex;
  1388. mdb_nest = nla_nest_start_noflag(skb, MDBA_MDB);
  1389. if (!mdb_nest) {
  1390. err = -EMSGSIZE;
  1391. goto cancel;
  1392. }
  1393. mdb_entry_nest = nla_nest_start_noflag(skb, MDBA_MDB_ENTRY);
  1394. if (!mdb_entry_nest) {
  1395. err = -EMSGSIZE;
  1396. goto cancel;
  1397. }
  1398. if (mp->host_joined) {
  1399. err = __mdb_fill_info(skb, mp, NULL);
  1400. if (err)
  1401. goto cancel;
  1402. }
  1403. for (pg = mlock_dereference(mp->ports, mp->br); pg;
  1404. pg = mlock_dereference(pg->next, mp->br)) {
  1405. err = __mdb_fill_info(skb, mp, pg);
  1406. if (err)
  1407. goto cancel;
  1408. }
  1409. nla_nest_end(skb, mdb_entry_nest);
  1410. nla_nest_end(skb, mdb_nest);
  1411. nlmsg_end(skb, nlh);
  1412. return 0;
  1413. cancel:
  1414. nlmsg_cancel(skb, nlh);
  1415. return err;
  1416. }
  1417. int br_mdb_get(struct net_device *dev, struct nlattr *tb[], u32 portid, u32 seq,
  1418. struct netlink_ext_ack *extack)
  1419. {
  1420. struct net_bridge *br = netdev_priv(dev);
  1421. struct net_bridge_mdb_entry *mp;
  1422. struct sk_buff *skb;
  1423. struct br_ip group;
  1424. int err;
  1425. err = br_mdb_get_parse(dev, tb, &group, extack);
  1426. if (err)
  1427. return err;
  1428. /* Hold the multicast lock to ensure that the MDB entry does not change
  1429. * between the time the reply size is determined and when the reply is
  1430. * filled in.
  1431. */
  1432. spin_lock_bh(&br->multicast_lock);
  1433. mp = br_mdb_ip_get(br, &group);
  1434. if (!mp || (!mp->ports && !mp->host_joined)) {
  1435. NL_SET_ERR_MSG_MOD(extack, "MDB entry not found");
  1436. err = -ENOENT;
  1437. goto unlock;
  1438. }
  1439. skb = br_mdb_get_reply_alloc(mp);
  1440. if (!skb) {
  1441. err = -ENOMEM;
  1442. goto unlock;
  1443. }
  1444. err = br_mdb_get_reply_fill(skb, mp, portid, seq);
  1445. if (err) {
  1446. NL_SET_ERR_MSG_MOD(extack, "Failed to fill MDB get reply");
  1447. goto free;
  1448. }
  1449. spin_unlock_bh(&br->multicast_lock);
  1450. return rtnl_unicast(skb, dev_net(dev), portid);
  1451. free:
  1452. kfree_skb(skb);
  1453. unlock:
  1454. spin_unlock_bh(&br->multicast_lock);
  1455. return err;
  1456. }