3 * Linux ethernet bridge
6 * Lennert Buytenhek <buytenh@gnu.org>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
14 #include <linux/kernel.h>
15 #include <linux/netdevice.h>
16 #include <linux/etherdevice.h>
17 #include <linux/netpoll.h>
18 #include <linux/ethtool.h>
19 #include <linux/if_arp.h>
20 #include <linux/module.h>
21 #include <linux/init.h>
22 #include <linux/rtnetlink.h>
23 #include <linux/if_ether.h>
24 #include <linux/slab.h>
27 #include <linux/if_vlan.h>
28 #include <net/switchdev.h>
29 #include <net/net_namespace.h>
31 #include "br_private.h"
34 * Determine initial path cost based on speed.
35 * using recommendations from 802.1d standard
37 * Since driver might sleep need to not be holding any locks.
39 static int port_cost(struct net_device *dev)
41 struct ethtool_link_ksettings ecmd;
43 if (!__ethtool_get_link_ksettings(dev, &ecmd)) {
44 switch (ecmd.base.speed) {
56 /* Old silly heuristics based on name */
57 if (!strncmp(dev->name, "lec", 3))
60 if (!strncmp(dev->name, "plip", 4))
63 return 100; /* assume old 10Mbps */
67 /* Check for port carrier transitions. */
68 void br_port_carrier_check(struct net_bridge_port *p, bool *notified)
70 struct net_device *dev = p->dev;
71 struct net_bridge *br = p->br;
73 if (!(p->flags & BR_ADMIN_COST) &&
74 netif_running(dev) && netif_oper_up(dev))
75 p->path_cost = port_cost(dev);
78 if (!netif_running(br->dev))
81 spin_lock_bh(&br->lock);
82 if (netif_running(dev) && netif_oper_up(dev)) {
83 if (p->state == BR_STATE_DISABLED) {
84 br_stp_enable_port(p);
88 if (p->state != BR_STATE_DISABLED) {
89 br_stp_disable_port(p);
93 spin_unlock_bh(&br->lock);
96 static void br_port_set_promisc(struct net_bridge_port *p)
100 if (br_promisc_port(p))
103 err = dev_set_promiscuity(p->dev, 1);
107 br_fdb_unsync_static(p->br, p);
108 p->flags |= BR_PROMISC;
111 static void br_port_clear_promisc(struct net_bridge_port *p)
115 /* Check if the port is already non-promisc or if it doesn't
116 * support UNICAST filtering. Without unicast filtering support
117 * we'll end up re-enabling promisc mode anyway, so just check for
120 if (!br_promisc_port(p) || !(p->dev->priv_flags & IFF_UNICAST_FLT))
123 /* Since we'll be clearing the promisc mode, program the port
124 * first so that we don't have interruption in traffic.
126 err = br_fdb_sync_static(p->br, p);
130 dev_set_promiscuity(p->dev, -1);
131 p->flags &= ~BR_PROMISC;
134 /* When a port is added or removed or when certain port flags
135 * change, this function is called to automatically manage
136 * promiscuity setting of all the bridge ports. We are always called
137 * under RTNL so can skip using rcu primitives.
139 void br_manage_promisc(struct net_bridge *br)
141 struct net_bridge_port *p;
142 bool set_all = false;
144 /* If vlan filtering is disabled or bridge interface is placed
145 * into promiscuous mode, place all ports in promiscuous mode.
147 if ((br->dev->flags & IFF_PROMISC) || !br_vlan_enabled(br->dev))
150 list_for_each_entry(p, &br->port_list, list) {
152 br_port_set_promisc(p);
154 /* If the number of auto-ports is <= 1, then all other
155 * ports will have their output configuration
156 * statically specified through fdbs. Since ingress
157 * on the auto-port becomes forwarding/egress to other
158 * ports and egress configuration is statically known,
159 * we can say that ingress configuration of the
160 * auto-port is also statically known.
161 * This lets us disable promiscuous mode and write
164 if ((p->dev->priv_flags & IFF_UNICAST_FLT) &&
165 (br->auto_cnt == 0 ||
166 (br->auto_cnt == 1 && br_auto_port(p))))
167 br_port_clear_promisc(p);
169 br_port_set_promisc(p);
174 int nbp_backup_change(struct net_bridge_port *p,
175 struct net_device *backup_dev)
177 struct net_bridge_port *old_backup = rtnl_dereference(p->backup_port);
178 struct net_bridge_port *backup_p = NULL;
183 if (!br_port_exists(backup_dev))
186 backup_p = br_port_get_rtnl(backup_dev);
187 if (backup_p->br != p->br)
194 if (old_backup == backup_p)
197 /* if the backup link is already set, clear it */
199 old_backup->backup_redirected_cnt--;
202 backup_p->backup_redirected_cnt++;
203 rcu_assign_pointer(p->backup_port, backup_p);
208 static void nbp_backup_clear(struct net_bridge_port *p)
210 nbp_backup_change(p, NULL);
211 if (p->backup_redirected_cnt) {
212 struct net_bridge_port *cur_p;
214 list_for_each_entry(cur_p, &p->br->port_list, list) {
215 struct net_bridge_port *backup_p;
217 backup_p = rtnl_dereference(cur_p->backup_port);
219 nbp_backup_change(cur_p, NULL);
223 WARN_ON(rcu_access_pointer(p->backup_port) || p->backup_redirected_cnt);
226 static void nbp_update_port_count(struct net_bridge *br)
228 struct net_bridge_port *p;
231 list_for_each_entry(p, &br->port_list, list) {
235 if (br->auto_cnt != cnt) {
237 br_manage_promisc(br);
241 static void nbp_delete_promisc(struct net_bridge_port *p)
243 /* If port is currently promiscuous, unset promiscuity.
244 * Otherwise, it is a static port so remove all addresses
247 dev_set_allmulti(p->dev, -1);
248 if (br_promisc_port(p))
249 dev_set_promiscuity(p->dev, -1);
251 br_fdb_unsync_static(p->br, p);
254 static void release_nbp(struct kobject *kobj)
256 struct net_bridge_port *p
257 = container_of(kobj, struct net_bridge_port, kobj);
261 static void brport_get_ownership(struct kobject *kobj, kuid_t *uid, kgid_t *gid)
263 struct net_bridge_port *p = kobj_to_brport(kobj);
265 net_ns_get_ownership(dev_net(p->dev), uid, gid);
268 static struct kobj_type brport_ktype = {
270 .sysfs_ops = &brport_sysfs_ops,
272 .release = release_nbp,
273 .get_ownership = brport_get_ownership,
276 static void destroy_nbp(struct net_bridge_port *p)
278 struct net_device *dev = p->dev;
284 kobject_put(&p->kobj);
287 static void destroy_nbp_rcu(struct rcu_head *head)
289 struct net_bridge_port *p =
290 container_of(head, struct net_bridge_port, rcu);
294 static unsigned get_max_headroom(struct net_bridge *br)
296 unsigned max_headroom = 0;
297 struct net_bridge_port *p;
299 list_for_each_entry(p, &br->port_list, list) {
300 unsigned dev_headroom = netdev_get_fwd_headroom(p->dev);
302 if (dev_headroom > max_headroom)
303 max_headroom = dev_headroom;
309 static void update_headroom(struct net_bridge *br, int new_hr)
311 struct net_bridge_port *p;
313 list_for_each_entry(p, &br->port_list, list)
314 netdev_set_rx_headroom(p->dev, new_hr);
316 br->dev->needed_headroom = new_hr;
319 /* Delete port(interface) from bridge is done in two steps.
320 * via RCU. First step, marks device as down. That deletes
321 * all the timers and stops new packets from flowing through.
323 * Final cleanup doesn't occur until after all CPU's finished
324 * processing packets.
326 * Protected from multiple admin operations by RTNL mutex
328 static void del_nbp(struct net_bridge_port *p)
330 struct net_bridge *br = p->br;
331 struct net_device *dev = p->dev;
333 sysfs_remove_link(br->ifobj, p->dev->name);
335 nbp_delete_promisc(p);
337 spin_lock_bh(&br->lock);
338 br_stp_disable_port(p);
339 spin_unlock_bh(&br->lock);
341 br_ifinfo_notify(RTM_DELLINK, NULL, p);
343 list_del_rcu(&p->list);
344 if (netdev_get_fwd_headroom(dev) == br->dev->needed_headroom)
345 update_headroom(br, get_max_headroom(br));
346 netdev_reset_rx_headroom(dev);
349 br_fdb_delete_by_port(br, p, 0, 1);
350 switchdev_deferred_process();
353 nbp_update_port_count(br);
355 netdev_upper_dev_unlink(dev, br->dev);
357 dev->priv_flags &= ~IFF_BRIDGE_PORT;
359 netdev_rx_handler_unregister(dev);
361 br_multicast_del_port(p);
363 kobject_uevent(&p->kobj, KOBJ_REMOVE);
364 kobject_del(&p->kobj);
366 br_netpoll_disable(p);
368 call_rcu(&p->rcu, destroy_nbp_rcu);
371 /* Delete bridge device */
372 void br_dev_delete(struct net_device *dev, struct list_head *head)
374 struct net_bridge *br = netdev_priv(dev);
375 struct net_bridge_port *p, *n;
377 list_for_each_entry_safe(p, n, &br->port_list, list) {
381 br_recalculate_neigh_suppress_enabled(br);
383 br_fdb_delete_by_port(br, NULL, 0, 1);
385 cancel_delayed_work_sync(&br->gc_work);
387 br_sysfs_delbr(br->dev);
388 unregister_netdevice_queue(br->dev, head);
391 /* find an available port number */
392 static int find_portno(struct net_bridge *br)
395 struct net_bridge_port *p;
396 unsigned long *inuse;
398 inuse = kcalloc(BITS_TO_LONGS(BR_MAX_PORTS), sizeof(unsigned long),
403 set_bit(0, inuse); /* zero is reserved */
404 list_for_each_entry(p, &br->port_list, list) {
405 set_bit(p->port_no, inuse);
407 index = find_first_zero_bit(inuse, BR_MAX_PORTS);
410 return (index >= BR_MAX_PORTS) ? -EXFULL : index;
413 /* called with RTNL but without bridge lock */
414 static struct net_bridge_port *new_nbp(struct net_bridge *br,
415 struct net_device *dev)
417 struct net_bridge_port *p;
420 index = find_portno(br);
422 return ERR_PTR(index);
424 p = kzalloc(sizeof(*p), GFP_KERNEL);
426 return ERR_PTR(-ENOMEM);
431 p->path_cost = port_cost(dev);
432 p->priority = 0x8000 >> BR_PORT_BITS;
434 p->flags = BR_LEARNING | BR_FLOOD | BR_MCAST_FLOOD | BR_BCAST_FLOOD;
436 br_set_state(p, BR_STATE_DISABLED);
437 br_stp_port_timer_init(p);
438 err = br_multicast_add_port(p);
448 int br_add_bridge(struct net *net, const char *name)
450 struct net_device *dev;
453 dev = alloc_netdev(sizeof(struct net_bridge), name, NET_NAME_UNKNOWN,
459 dev_net_set(dev, net);
460 dev->rtnl_link_ops = &br_link_ops;
462 res = register_netdev(dev);
468 int br_del_bridge(struct net *net, const char *name)
470 struct net_device *dev;
474 dev = __dev_get_by_name(net, name);
476 ret = -ENXIO; /* Could not find device */
478 else if (!(dev->priv_flags & IFF_EBRIDGE)) {
479 /* Attempt to delete non bridge device! */
483 else if (dev->flags & IFF_UP) {
484 /* Not shutdown yet. */
489 br_dev_delete(dev, NULL);
495 /* MTU of the bridge pseudo-device: ETH_DATA_LEN or the minimum of the ports */
496 static int br_mtu_min(const struct net_bridge *br)
498 const struct net_bridge_port *p;
501 list_for_each_entry(p, &br->port_list, list)
502 if (!ret_mtu || ret_mtu > p->dev->mtu)
503 ret_mtu = p->dev->mtu;
505 return ret_mtu ? ret_mtu : ETH_DATA_LEN;
508 void br_mtu_auto_adjust(struct net_bridge *br)
512 /* if the bridge MTU was manually configured don't mess with it */
513 if (br->mtu_set_by_user)
516 /* change to the minimum MTU and clear the flag which was set by
517 * the bridge ndo_change_mtu callback
519 dev_set_mtu(br->dev, br_mtu_min(br));
520 br->mtu_set_by_user = false;
523 static void br_set_gso_limits(struct net_bridge *br)
525 unsigned int gso_max_size = GSO_MAX_SIZE;
526 u16 gso_max_segs = GSO_MAX_SEGS;
527 const struct net_bridge_port *p;
529 list_for_each_entry(p, &br->port_list, list) {
530 gso_max_size = min(gso_max_size, p->dev->gso_max_size);
531 gso_max_segs = min(gso_max_segs, p->dev->gso_max_segs);
533 br->dev->gso_max_size = gso_max_size;
534 br->dev->gso_max_segs = gso_max_segs;
538 * Recomputes features using slave's features
540 netdev_features_t br_features_recompute(struct net_bridge *br,
541 netdev_features_t features)
543 struct net_bridge_port *p;
544 netdev_features_t mask;
546 if (list_empty(&br->port_list))
550 features &= ~NETIF_F_ONE_FOR_ALL;
552 list_for_each_entry(p, &br->port_list, list) {
553 features = netdev_increment_features(features,
554 p->dev->features, mask);
556 features = netdev_add_tso_features(features, mask);
561 /* called with RTNL */
562 int br_add_if(struct net_bridge *br, struct net_device *dev,
563 struct netlink_ext_ack *extack)
565 struct net_bridge_port *p;
567 unsigned br_hr, dev_hr;
568 bool changed_addr, fdb_synced = false;
570 /* Don't allow bridging non-ethernet like devices, or DSA-enabled
571 * master network devices since the bridge layer rx_handler prevents
572 * the DSA fake ethertype handler to be invoked, so we do not strip off
573 * the DSA switch tag protocol header and the bridge layer just return
574 * RX_HANDLER_CONSUMED, stopping RX processing for these frames.
576 if ((dev->flags & IFF_LOOPBACK) ||
577 dev->type != ARPHRD_ETHER || dev->addr_len != ETH_ALEN ||
578 !is_valid_ether_addr(dev->dev_addr) ||
579 netdev_uses_dsa(dev))
582 /* No bridging of bridges */
583 if (dev->netdev_ops->ndo_start_xmit == br_dev_xmit) {
584 NL_SET_ERR_MSG(extack,
585 "Can not enslave a bridge to a bridge");
589 /* Device has master upper dev */
590 if (netdev_master_upper_dev_get(dev))
593 /* No bridging devices that dislike that (e.g. wireless) */
594 if (dev->priv_flags & IFF_DONT_BRIDGE) {
595 NL_SET_ERR_MSG(extack,
596 "Device does not allow enslaving to a bridge");
600 p = new_nbp(br, dev);
604 call_netdevice_notifiers(NETDEV_JOIN, dev);
606 err = dev_set_allmulti(dev, 1);
608 br_multicast_del_port(p);
609 kfree(p); /* kobject not yet init'd, manually free */
613 err = kobject_init_and_add(&p->kobj, &brport_ktype, &(dev->dev.kobj),
614 SYSFS_BRIDGE_PORT_ATTR);
618 err = br_sysfs_addif(p);
622 err = br_netpoll_enable(p);
626 err = netdev_rx_handler_register(dev, br_handle_frame, p);
630 dev->priv_flags |= IFF_BRIDGE_PORT;
632 err = netdev_master_upper_dev_link(dev, br->dev, NULL, NULL, extack);
636 err = nbp_switchdev_mark_set(p);
640 dev_disable_lro(dev);
642 list_add_rcu(&p->list, &br->port_list);
644 nbp_update_port_count(br);
645 if (!br_promisc_port(p) && (p->dev->priv_flags & IFF_UNICAST_FLT)) {
646 /* When updating the port count we also update all ports'
648 * A port leaving promiscuous mode normally gets the bridge's
649 * fdb synced to the unicast filter (if supported), however,
650 * `br_port_clear_promisc` does not distinguish between
651 * non-promiscuous ports and *new* ports, so we need to
652 * sync explicitly here.
654 fdb_synced = br_fdb_sync_static(br, p) == 0;
656 netdev_err(dev, "failed to sync bridge static fdb addresses to this port\n");
659 netdev_update_features(br->dev);
661 br_hr = br->dev->needed_headroom;
662 dev_hr = netdev_get_fwd_headroom(dev);
664 update_headroom(br, dev_hr);
666 netdev_set_rx_headroom(dev, br_hr);
668 if (br_fdb_insert(br, p, dev->dev_addr, 0))
669 netdev_err(dev, "failed insert local address bridge forwarding table\n");
671 err = nbp_vlan_init(p);
673 netdev_err(dev, "failed to initialize vlan filtering on this port\n");
677 spin_lock_bh(&br->lock);
678 changed_addr = br_stp_recalculate_bridge_id(br);
680 if (netif_running(dev) && netif_oper_up(dev) &&
681 (br->dev->flags & IFF_UP))
682 br_stp_enable_port(p);
683 spin_unlock_bh(&br->lock);
685 br_ifinfo_notify(RTM_NEWLINK, NULL, p);
688 call_netdevice_notifiers(NETDEV_CHANGEADDR, br->dev);
690 br_mtu_auto_adjust(br);
691 br_set_gso_limits(br);
693 kobject_uevent(&p->kobj, KOBJ_ADD);
699 br_fdb_unsync_static(br, p);
700 list_del_rcu(&p->list);
701 br_fdb_delete_by_port(br, p, 0, 1);
702 nbp_update_port_count(br);
704 netdev_upper_dev_unlink(dev, br->dev);
706 dev->priv_flags &= ~IFF_BRIDGE_PORT;
707 netdev_rx_handler_unregister(dev);
709 br_netpoll_disable(p);
711 sysfs_remove_link(br->ifobj, p->dev->name);
713 br_multicast_del_port(p);
714 kobject_put(&p->kobj);
715 dev_set_allmulti(dev, -1);
721 /* called with RTNL */
722 int br_del_if(struct net_bridge *br, struct net_device *dev)
724 struct net_bridge_port *p;
727 p = br_port_get_rtnl(dev);
728 if (!p || p->br != br)
731 /* Since more than one interface can be attached to a bridge,
732 * there still maybe an alternate path for netconsole to use;
733 * therefore there is no reason for a NETDEV_RELEASE event.
737 br_mtu_auto_adjust(br);
738 br_set_gso_limits(br);
740 spin_lock_bh(&br->lock);
741 changed_addr = br_stp_recalculate_bridge_id(br);
742 spin_unlock_bh(&br->lock);
745 call_netdevice_notifiers(NETDEV_CHANGEADDR, br->dev);
747 netdev_update_features(br->dev);
752 void br_port_flags_change(struct net_bridge_port *p, unsigned long mask)
754 struct net_bridge *br = p->br;
756 if (mask & BR_AUTO_MASK)
757 nbp_update_port_count(br);
759 if (mask & BR_NEIGH_SUPPRESS)
760 br_recalculate_neigh_suppress_enabled(br);
projects / releases.git / blob