]> git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/blob - net/bridge/br_input.c
projects / mirror_ubuntu-hirsute-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UBUNTU: Ubuntu-5.11.0-22.23
[mirror_ubuntu-hirsute-kernel.git] / net / bridge / br_input.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Handle incoming frames
4 * Linux ethernet bridge
5 *
6 * Authors:
7 * Lennert Buytenhek <buytenh@gnu.org>
8 */
9
10 #include <linux/slab.h>
11 #include <linux/kernel.h>
12 #include <linux/netdevice.h>
13 #include <linux/etherdevice.h>
14 #include <linux/netfilter_bridge.h>
15 #ifdef CONFIG_NETFILTER_FAMILY_BRIDGE
16 #include <net/netfilter/nf_queue.h>
17 #endif
18 #include <linux/neighbour.h>
19 #include <net/arp.h>
20 #include <net/dsa.h>
21 #include <linux/export.h>
22 #include <linux/rculist.h>
23 #include "br_private.h"
24 #include "br_private_tunnel.h"
25
26 static int
27 br_netif_receive_skb(struct net *net, struct sock *sk, struct sk_buff *skb)
28 {
29 br_drop_fake_rtable(skb);
30 return netif_receive_skb(skb);
31 }
32
33 static int br_pass_frame_up(struct sk_buff *skb)
34 {
35 struct net_device *indev, *brdev = BR_INPUT_SKB_CB(skb)->brdev;
36 struct net_bridge *br = netdev_priv(brdev);
37 struct net_bridge_vlan_group *vg;
38
39 dev_sw_netstats_rx_add(brdev, skb->len);
40
41 vg = br_vlan_group_rcu(br);
42 /* Bridge is just like any other port. Make sure the
43 * packet is allowed except in promisc modue when someone
44 * may be running packet capture.
45 */
46 if (!(brdev->flags & IFF_PROMISC) &&
47 !br_allowed_egress(vg, skb)) {
48 kfree_skb(skb);
49 return NET_RX_DROP;
50 }
51
52 indev = skb->dev;
53 skb->dev = brdev;
54 skb = br_handle_vlan(br, NULL, vg, skb);
55 if (!skb)
56 return NET_RX_DROP;
57 /* update the multicast stats if the packet is IGMP/MLD */
58 br_multicast_count(br, NULL, skb, br_multicast_igmp_type(skb),
59 BR_MCAST_DIR_TX);
60
61 return NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_IN,
62 dev_net(indev), NULL, skb, indev, NULL,
63 br_netif_receive_skb);
64 }
65
66 /* note: already called with rcu_read_lock */
67 int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
68 {
69 struct net_bridge_port *p = br_port_get_rcu(skb->dev);
70 enum br_pkt_type pkt_type = BR_PKT_UNICAST;
71 struct net_bridge_fdb_entry *dst = NULL;
72 struct net_bridge_mdb_entry *mdst;
73 bool local_rcv, mcast_hit = false;
74 struct net_bridge *br;
75 u16 vid = 0;
76 u8 state;
77
78 if (!p || p->state == BR_STATE_DISABLED)
79 goto drop;
80
81 state = p->state;
82 if (!br_allowed_ingress(p->br, nbp_vlan_group_rcu(p), skb, &vid,
83 &state))
84 goto out;
85
86 nbp_switchdev_frame_mark(p, skb);
87
88 /* insert into forwarding database after filtering to avoid spoofing */
89 br = p->br;
90 if (p->flags & BR_LEARNING)
91 br_fdb_update(br, p, eth_hdr(skb)->h_source, vid, 0);
92
93 local_rcv = !!(br->dev->flags & IFF_PROMISC);
94 if (is_multicast_ether_addr(eth_hdr(skb)->h_dest)) {
95 /* by definition the broadcast is also a multicast address */
96 if (is_broadcast_ether_addr(eth_hdr(skb)->h_dest)) {
97 pkt_type = BR_PKT_BROADCAST;
98 local_rcv = true;
99 } else {
100 pkt_type = BR_PKT_MULTICAST;
101 if (br_multicast_rcv(br, p, skb, vid))
102 goto drop;
103 }
104 }
105
106 if (state == BR_STATE_LEARNING)
107 goto drop;
108
109 BR_INPUT_SKB_CB(skb)->brdev = br->dev;
110 BR_INPUT_SKB_CB(skb)->src_port_isolated = !!(p->flags & BR_ISOLATED);
111
112 if (IS_ENABLED(CONFIG_INET) &&
113 (skb->protocol == htons(ETH_P_ARP) ||
114 skb->protocol == htons(ETH_P_RARP))) {
115 br_do_proxy_suppress_arp(skb, br, vid, p);
116 } else if (IS_ENABLED(CONFIG_IPV6) &&
117 skb->protocol == htons(ETH_P_IPV6) &&
118 br_opt_get(br, BROPT_NEIGH_SUPPRESS_ENABLED) &&
119 pskb_may_pull(skb, sizeof(struct ipv6hdr) +
120 sizeof(struct nd_msg)) &&
121 ipv6_hdr(skb)->nexthdr == IPPROTO_ICMPV6) {
122 struct nd_msg *msg, _msg;
123
124 msg = br_is_nd_neigh_msg(skb, &_msg);
125 if (msg)
126 br_do_suppress_nd(skb, br, vid, p, msg);
127 }
128
129 switch (pkt_type) {
130 case BR_PKT_MULTICAST:
131 mdst = br_mdb_get(br, skb, vid);
132 if ((mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) &&
133 br_multicast_querier_exists(br, eth_hdr(skb), mdst)) {
134 if ((mdst && mdst->host_joined) ||
135 br_multicast_is_router(br)) {
136 local_rcv = true;
137 br->dev->stats.multicast++;
138 }
139 mcast_hit = true;
140 } else {
141 local_rcv = true;
142 br->dev->stats.multicast++;
143 }
144 break;
145 case BR_PKT_UNICAST:
146 dst = br_fdb_find_rcu(br, eth_hdr(skb)->h_dest, vid);
147 default:
148 break;
149 }
150
151 if (dst) {
152 unsigned long now = jiffies;
153
154 if (test_bit(BR_FDB_LOCAL, &dst->flags))
155 return br_pass_frame_up(skb);
156
157 if (now != dst->used)
158 dst->used = now;
159 br_forward(dst->dst, skb, local_rcv, false);
160 } else {
161 if (!mcast_hit)
162 br_flood(br, skb, pkt_type, local_rcv, false);
163 else
164 br_multicast_flood(mdst, skb, local_rcv, false);
165 }
166
167 if (local_rcv)
168 return br_pass_frame_up(skb);
169
170 out:
171 return 0;
172 drop:
173 kfree_skb(skb);
174 goto out;
175 }
176 EXPORT_SYMBOL_GPL(br_handle_frame_finish);
177
178 static void __br_handle_local_finish(struct sk_buff *skb)
179 {
180 struct net_bridge_port *p = br_port_get_rcu(skb->dev);
181 u16 vid = 0;
182
183 /* check if vlan is allowed, to avoid spoofing */
184 if ((p->flags & BR_LEARNING) &&
185 nbp_state_should_learn(p) &&
186 !br_opt_get(p->br, BROPT_NO_LL_LEARN) &&
187 br_should_learn(p, skb, &vid))
188 br_fdb_update(p->br, p, eth_hdr(skb)->h_source, vid, 0);
189 }
190
191 /* note: already called with rcu_read_lock */
192 static int br_handle_local_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
193 {
194 __br_handle_local_finish(skb);
195
196 /* return 1 to signal the okfn() was called so it's ok to use the skb */
197 return 1;
198 }
199
200 static int nf_hook_bridge_pre(struct sk_buff *skb, struct sk_buff **pskb)
201 {
202 #ifdef CONFIG_NETFILTER_FAMILY_BRIDGE
203 struct nf_hook_entries *e = NULL;
204 struct nf_hook_state state;
205 unsigned int verdict, i;
206 struct net *net;
207 int ret;
208
209 net = dev_net(skb->dev);
210 #ifdef HAVE_JUMP_LABEL
211 if (!static_key_false(&nf_hooks_needed[NFPROTO_BRIDGE][NF_BR_PRE_ROUTING]))
212 goto frame_finish;
213 #endif
214
215 e = rcu_dereference(net->nf.hooks_bridge[NF_BR_PRE_ROUTING]);
216 if (!e)
217 goto frame_finish;
218
219 nf_hook_state_init(&state, NF_BR_PRE_ROUTING,
220 NFPROTO_BRIDGE, skb->dev, NULL, NULL,
221 net, br_handle_frame_finish);
222
223 for (i = 0; i < e->num_hook_entries; i++) {
224 verdict = nf_hook_entry_hookfn(&e->hooks[i], skb, &state);
225 switch (verdict & NF_VERDICT_MASK) {
226 case NF_ACCEPT:
227 if (BR_INPUT_SKB_CB(skb)->br_netfilter_broute) {
228 *pskb = skb;
229 return RX_HANDLER_PASS;
230 }
231 break;
232 case NF_DROP:
233 kfree_skb(skb);
234 return RX_HANDLER_CONSUMED;
235 case NF_QUEUE:
236 ret = nf_queue(skb, &state, i, verdict);
237 if (ret == 1)
238 continue;
239 return RX_HANDLER_CONSUMED;
240 default: /* STOLEN */
241 return RX_HANDLER_CONSUMED;
242 }
243 }
244 frame_finish:
245 net = dev_net(skb->dev);
246 br_handle_frame_finish(net, NULL, skb);
247 #else
248 br_handle_frame_finish(dev_net(skb->dev), NULL, skb);
249 #endif
250 return RX_HANDLER_CONSUMED;
251 }
252
253 /* Return 0 if the frame was not processed otherwise 1
254 * note: already called with rcu_read_lock
255 */
256 static int br_process_frame_type(struct net_bridge_port *p,
257 struct sk_buff *skb)
258 {
259 struct br_frame_type *tmp;
260
261 hlist_for_each_entry_rcu(tmp, &p->br->frame_type_list, list)
262 if (unlikely(tmp->type == skb->protocol))
263 return tmp->frame_handler(p, skb);
264
265 return 0;
266 }
267
268 /*
269 * Return NULL if skb is handled
270 * note: already called with rcu_read_lock
271 */
272 static rx_handler_result_t br_handle_frame(struct sk_buff **pskb)
273 {
274 struct net_bridge_port *p;
275 struct sk_buff *skb = *pskb;
276 const unsigned char *dest = eth_hdr(skb)->h_dest;
277
278 if (unlikely(skb->pkt_type == PACKET_LOOPBACK))
279 return RX_HANDLER_PASS;
280
281 if (!is_valid_ether_addr(eth_hdr(skb)->h_source))
282 goto drop;
283
284 skb = skb_share_check(skb, GFP_ATOMIC);
285 if (!skb)
286 return RX_HANDLER_CONSUMED;
287
288 memset(skb->cb, 0, sizeof(struct br_input_skb_cb));
289
290 p = br_port_get_rcu(skb->dev);
291 if (p->flags & BR_VLAN_TUNNEL) {
292 if (br_handle_ingress_vlan_tunnel(skb, p,
293 nbp_vlan_group_rcu(p)))
294 goto drop;
295 }
296
297 if (unlikely(is_link_local_ether_addr(dest))) {
298 u16 fwd_mask = p->br->group_fwd_mask_required;
299
300 /*
301 * See IEEE 802.1D Table 7-10 Reserved addresses
302 *
303 * Assignment Value
304 * Bridge Group Address 01-80-C2-00-00-00
305 * (MAC Control) 802.3 01-80-C2-00-00-01
306 * (Link Aggregation) 802.3 01-80-C2-00-00-02
307 * 802.1X PAE address 01-80-C2-00-00-03
308 *
309 * 802.1AB LLDP 01-80-C2-00-00-0E
310 *
311 * Others reserved for future standardization
312 */
313 fwd_mask |= p->group_fwd_mask;
314 switch (dest[5]) {
315 case 0x00: /* Bridge Group Address */
316 /* If STP is turned off,
317 then must forward to keep loop detection */
318 if (p->br->stp_enabled == BR_NO_STP ||
319 fwd_mask & (1u << dest[5]))
320 goto forward;
321 *pskb = skb;
322 __br_handle_local_finish(skb);
323 return RX_HANDLER_PASS;
324
325 case 0x01: /* IEEE MAC (Pause) */
326 goto drop;
327
328 case 0x0E: /* 802.1AB LLDP */
329 fwd_mask |= p->br->group_fwd_mask;
330 if (fwd_mask & (1u << dest[5]))
331 goto forward;
332 *pskb = skb;
333 __br_handle_local_finish(skb);
334 return RX_HANDLER_PASS;
335
336 default:
337 /* Allow selective forwarding for most other protocols */
338 fwd_mask |= p->br->group_fwd_mask;
339 if (fwd_mask & (1u << dest[5]))
340 goto forward;
341 }
342
343 /* The else clause should be hit when nf_hook():
344 * - returns < 0 (drop/error)
345 * - returns = 0 (stolen/nf_queue)
346 * Thus return 1 from the okfn() to signal the skb is ok to pass
347 */
348 if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_IN,
349 dev_net(skb->dev), NULL, skb, skb->dev, NULL,
350 br_handle_local_finish) == 1) {
351 return RX_HANDLER_PASS;
352 } else {
353 return RX_HANDLER_CONSUMED;
354 }
355 }
356
357 if (unlikely(br_process_frame_type(p, skb)))
358 return RX_HANDLER_PASS;
359
360 forward:
361 switch (p->state) {
362 case BR_STATE_FORWARDING:
363 case BR_STATE_LEARNING:
364 if (ether_addr_equal(p->br->dev->dev_addr, dest))
365 skb->pkt_type = PACKET_HOST;
366
367 return nf_hook_bridge_pre(skb, pskb);
368 default:
369 drop:
370 kfree_skb(skb);
371 }
372 return RX_HANDLER_CONSUMED;
373 }
374
375 /* This function has no purpose other than to appease the br_port_get_rcu/rtnl
376 * helpers which identify bridged ports according to the rx_handler installed
377 * on them (so there _needs_ to be a bridge rx_handler even if we don't need it
378 * to do anything useful). This bridge won't support traffic to/from the stack,
379 * but only hardware bridging. So return RX_HANDLER_PASS so we don't steal
380 * frames from the ETH_P_XDSA packet_type handler.
381 */
382 static rx_handler_result_t br_handle_frame_dummy(struct sk_buff **pskb)
383 {
384 return RX_HANDLER_PASS;
385 }
386
387 rx_handler_func_t *br_get_rx_handler(const struct net_device *dev)
388 {
389 if (netdev_uses_dsa(dev))
390 return br_handle_frame_dummy;
391
392 return br_handle_frame;
393 }
394
395 void br_add_frame(struct net_bridge *br, struct br_frame_type *ft)
396 {
397 hlist_add_head_rcu(&ft->list, &br->frame_type_list);
398 }
399
400 void br_del_frame(struct net_bridge *br, struct br_frame_type *ft)
401 {
402 struct br_frame_type *tmp;
403
404 hlist_for_each_entry(tmp, &br->frame_type_list, list)
405 if (ft == tmp) {
406 hlist_del_rcu(&ft->list);
407 return;
408 }
409 }
Ubuntu Hirsute Linux kernel mirror