From patchwork Mon Apr 11 17:29:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 12809457 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BD39CC433EF for ; Mon, 11 Apr 2022 17:30:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348893AbiDKRc1 (ORCPT ); Mon, 11 Apr 2022 13:32:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48584 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348955AbiDKRcR (ORCPT ); Mon, 11 Apr 2022 13:32:17 -0400 Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0DFB22E6B3 for ; Mon, 11 Apr 2022 10:29:59 -0700 (PDT) Received: by mail-ed1-x52c.google.com with SMTP id c64so7192582edf.11 for ; Mon, 11 Apr 2022 10:29:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=G4Lf3IeHTYSBP2jBlrEzBtLYrCtWftbohLvXAydSyEo=; b=S5NtrlUiP9am+mfWWs0tdCtoJF8LvNMfNHuBR0cH25+Xpn3ZnLgDT87648YbKHJ1/i 0w0gru0NSrKVP38xmgX+es38tXRq1lmxRK/A7qXb9LaBBrcmt0gakCd3bfwwL1CvUUWT abEqtMI0job1tDc+M8I/C3ZpW8mK5ejPKawnfxxQEZwg1lmITGg16vsJGeF3JRx8W6fX PjQCCBVPSeTF8tmwS2uhHXNRfPOSAjlJI8F9Lh2YeKfwvFOlro59hJSoikLGiHJqaPA+ HXfFFQPlSRLnHhEXB0856jTQwYzGKOBnCGyPGG/PLJkO9BzzsEd79CvZGhROfPjo6LIR Z4lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=G4Lf3IeHTYSBP2jBlrEzBtLYrCtWftbohLvXAydSyEo=; b=gcXJubIP2GDu+pqKozcEy4sqhSAsIGh8J1ELwjmXUuQ3jut11dp0Xj8TnLxiPEdUeP iYduibHfnL2ILMGnBlJvFLYg5EI3A3Ra//AUN0z5ddI0LoNPq1xW3eWPMwchJjNp9ETc ZSibsYPl4DvpbR+mnXcDBK0zM3gcRrL7kFrAW/Tk+2JWr1jeJNkhqPwQkEuj71BjDByH Msyvzp9hFx3XqJTM01F5lEvqFcX7JjFOPN8effPVBG/5U47XC6Iu5zOTJozNr7K9oJOA wGLSvKd6otG634IC9LvpbeQWk7NY/Wha1GOUs2kjnL17UFbUNtxq4dnhWfrU1TqxtAFv GqLA== X-Gm-Message-State: AOAM532bKwGoEXJE4fPVd3joxTkEsSunxIbWZdWO0q84qJcpnRlSCDb9 JaKQXZIxQ4r4aXf/+3lqt8k864dBH4GcNwm6 X-Google-Smtp-Source: ABdhPJyqbmLSnA/vica9jN3RGzm1kJTGmzUhb2chcIrxH4cfEsWv5+bKSxCLe1vGXHL//QtYy97QRw== X-Received: by 2002:a05:6402:51c6:b0:41d:196a:27a9 with SMTP id r6-20020a05640251c600b0041d196a27a9mr19718535edd.55.1649698197555; Mon, 11 Apr 2022 10:29:57 -0700 (PDT) Received: from debil.. (87-243-81-1.ip.btc-net.bg. [87.243.81.1]) by smtp.gmail.com with ESMTPSA id u6-20020a17090626c600b006e74ef7f092sm10325084ejc.176.2022.04.11.10.29.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Apr 2022 10:29:57 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: roopa@nvidia.com, idosch@idosch.org, kuba@kernel.org, davem@davemloft.net, bridge@lists.linux-foundation.org, Nikolay Aleksandrov Subject: [PATCH net-next v2 1/8] net: rtnetlink: add RTM_FLUSHNEIGH Date: Mon, 11 Apr 2022 20:29:27 +0300 Message-Id: <20220411172934.1813604-2-razor@blackwall.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220411172934.1813604-1-razor@blackwall.org> References: <20220411172934.1813604-1-razor@blackwall.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Add a new rtnetlink type used to flush neigh objects. It will be initially used to add flush with filtering support for bridge fdbs, but it also opens the door to add similar support to others (e.g. vxlan). Signed-off-by: Nikolay Aleksandrov --- include/uapi/linux/rtnetlink.h | 3 +++ security/selinux/nlmsgtab.c | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/include/uapi/linux/rtnetlink.h b/include/uapi/linux/rtnetlink.h index 83849a37db5b..06001cfd404b 100644 --- a/include/uapi/linux/rtnetlink.h +++ b/include/uapi/linux/rtnetlink.h @@ -194,6 +194,9 @@ enum { RTM_GETTUNNEL, #define RTM_GETTUNNEL RTM_GETTUNNEL + RTM_FLUSHNEIGH = 124, +#define RTM_FLUSHNEIGH RTM_FLUSHNEIGH + __RTM_MAX, #define RTM_MAX (((__RTM_MAX + 3) & ~3) - 1) }; diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index d8ceee9e0d6f..ff53aea8790f 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -95,6 +95,7 @@ static const struct nlmsg_perm nlmsg_route_perms[] = { RTM_NEWTUNNEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, { RTM_DELTUNNEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, { RTM_GETTUNNEL, NETLINK_ROUTE_SOCKET__NLMSG_READ }, + { RTM_FLUSHNEIGH, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, }; static const struct nlmsg_perm nlmsg_tcpdiag_perms[] = @@ -180,7 +181,7 @@ int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) * structures at the top of this file with the new mappings * before updating the BUILD_BUG_ON() macro! */ - BUILD_BUG_ON(RTM_MAX != (RTM_NEWTUNNEL + 3)); + BUILD_BUG_ON(RTM_MAX != (RTM_FLUSHNEIGH + 3)); err = nlmsg_perm(nlmsg_type, perm, nlmsg_route_perms, sizeof(nlmsg_route_perms)); break; From patchwork Mon Apr 11 17:29:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 12809454 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6DBFAC433EF for ; Mon, 11 Apr 2022 17:30:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348910AbiDKRcV (ORCPT ); Mon, 11 Apr 2022 13:32:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48456 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348928AbiDKRcR (ORCPT ); Mon, 11 Apr 2022 13:32:17 -0400 Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AD9A02E9FD for ; Mon, 11 Apr 2022 10:30:00 -0700 (PDT) Received: by mail-ej1-x62e.google.com with SMTP id bh17so32319662ejb.8 for ; Mon, 11 Apr 2022 10:30:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=RIR/ZHl5ZiFHgx6+6/Rsb1UvqXAuRfjaxLhenAF2JJI=; b=lpBHWyld2PQijqIzQlkNniBq/I0nMhLWr2VIsEI0rkRZH1/1whYuvxToynpfR7JTr5 3Xgl4SqVJO1JjsR1wAcpuCjm70v+RkS/Hg7T1jUdGNFz3itNqosbMCgH69NppQtGNUgC 76yH6xcKdP1HtO2P/Ej+k3uq/Z4kGHVszJONO/OSs/aYeRXWE53tUUS0R/11uO5yNBpe Yc2oYqneWejwOmgK5lsYaGiFEb/8aX4Noc4sK5Mb6liMatA9CeKrQQGn4Jdf22pJkHC/ W0DkiN/F4VlOr2bd4c0pcZ53pJ6Oc61NvB32f/yLut7P2SwK7pqK+Fn0C5u5HMolx/jJ iukA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=RIR/ZHl5ZiFHgx6+6/Rsb1UvqXAuRfjaxLhenAF2JJI=; b=LlxMywQ7SQZo33WOD9iIz6wjohff3D5/tsGNY19h76glrM/bESyGCR9omoVjCcz1Qk Bw42l5ZQLzvYmkAt9akyMYbPozC9MlF9OgTroqBOlPi8qtGm14NQnbtF1peqCYa7FVTU 94Bc+7AgXdPLbCcAmFh1bFqGwSUxMsYsNlVAW6BGfFerJsCByancoqzyzwcKt5qgFMA3 UsU4MxIduuwpeZa16UUgKvBgQeGDqkbS9d8x/6+fCiRWvs6td5XozP9FTyA3ob8fII4V e9bfmCygDjqx47ZRdnlntOO1hCA/cpRQCAdxI6iVTK3v9qNfDA676kZW5pt8gmsTV8vp 217A== X-Gm-Message-State: AOAM533JRRDNs8Cch7G/4ouYnY1CIP2uCTQuU/Sb85RrpDphrpSea1Ox 5N3dBA+54vuOMxEVr0zW4/ZGOTLf52LuLpgn X-Google-Smtp-Source: ABdhPJzjiQfYrrqu8a4iy9n5tirV+dTQgnN0Pytlq+0lx9yxVIqKtYbtUj7/GJRaUPWTHrfjX2q/zQ== X-Received: by 2002:a17:906:7304:b0:6e0:6918:ef6f with SMTP id di4-20020a170906730400b006e06918ef6fmr30501107ejc.370.1649698198740; Mon, 11 Apr 2022 10:29:58 -0700 (PDT) Received: from debil.. (87-243-81-1.ip.btc-net.bg. [87.243.81.1]) by smtp.gmail.com with ESMTPSA id u6-20020a17090626c600b006e74ef7f092sm10325084ejc.176.2022.04.11.10.29.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Apr 2022 10:29:58 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: roopa@nvidia.com, idosch@idosch.org, kuba@kernel.org, davem@davemloft.net, bridge@lists.linux-foundation.org, Nikolay Aleksandrov Subject: [PATCH net-next v2 2/8] net: add ndo_fdb_flush op Date: Mon, 11 Apr 2022 20:29:28 +0300 Message-Id: <20220411172934.1813604-3-razor@blackwall.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220411172934.1813604-1-razor@blackwall.org> References: <20220411172934.1813604-1-razor@blackwall.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Add a new netdev op called ndo_fdb_flush, it will be later used for driver-specific flush implementation dispatched from rtnetlink. The first user will be the bridge. Signed-off-by: Nikolay Aleksandrov --- include/linux/netdevice.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 28ea4f8269d4..16d67e40053c 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -1265,6 +1265,12 @@ struct netdev_net_notifier { * int *idx) * Used to add FDB entries to dump requests. Implementers should add * entries to skb and update idx with the number of entries. + * int (*ndo_fdb_flush)(struct ndmsg *ndm, struct nlattr *tb[], + * struct net_device *dev, + * u16 vid, + * struct netlink_ext_ack *extack); + * Used to flush FDB entries. Filter attributes can be specified to delete + * only matching FDB entries if implementers support it. * * int (*ndo_bridge_setlink)(struct net_device *dev, struct nlmsghdr *nlh, * u16 flags, struct netlink_ext_ack *extack) @@ -1515,6 +1521,11 @@ struct net_device_ops { struct net_device *dev, struct net_device *filter_dev, int *idx); + int (*ndo_fdb_flush)(struct ndmsg *ndm, + struct nlattr *tb[], + struct net_device *dev, + u16 vid, + struct netlink_ext_ack *extack); int (*ndo_fdb_get)(struct sk_buff *skb, struct nlattr *tb[], struct net_device *dev, From patchwork Mon Apr 11 17:29:29 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 12809456 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 68A73C433F5 for ; Mon, 11 Apr 2022 17:30:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344058AbiDKRc0 (ORCPT ); Mon, 11 Apr 2022 13:32:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48458 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348938AbiDKRcR (ORCPT ); Mon, 11 Apr 2022 13:32:17 -0400 Received: from mail-ej1-x636.google.com (mail-ej1-x636.google.com [IPv6:2a00:1450:4864:20::636]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ADAC92E9FE for ; Mon, 11 Apr 2022 10:30:01 -0700 (PDT) Received: by mail-ej1-x636.google.com with SMTP id s18so9881880ejr.0 for ; Mon, 11 Apr 2022 10:30:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=B5S8XFRnGS4ZuUwwM582W5V1tDhecUOXpZ4BPJOGbzU=; b=IgONo8IR+mPW+pBo96EoLpsMBSlaoliTJ80GEJ4cI2aamHqnxEvremcO0WUtzXOfpv 8e/TREd3DDQVzzDe9PaA7g57+WIDuZjWgY0NECehgdmLB/gY0SGEm1Z/eYuLJmlXxkB+ cZ0yPBZOEM4rYjCa8JL9On1ASJaznbSxjrnrf8+Aa4h78FEw+N9D4tmzMSrLmX1ylASZ 9hiMa9Ei/bikJEdX5nkwMEQAsH8dUy7FII7eWGy/GsVqs7xGZ5QFESeJOxQaZzEcOQh9 XI2rPv6ETi8vTrXV8R5M4UbcOyRCFfvxZ2xZm+rht7LxEzFDhvLjYMyaIc+FbFXF/f1D reUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=B5S8XFRnGS4ZuUwwM582W5V1tDhecUOXpZ4BPJOGbzU=; b=UD9+9NPgLjrRu+8VUxKEB8YmT/iZjmz+IoNq1CEuW2r3wd1k1nf0HykqPHp641JCs0 njOczlADbmBSGdbRfwrDRmsMjtctrK+2j2FR8x8jEpg4x2VwjsTpvAIPOBEDt93nIQjo bCeSsICkMGJAQHOanZEJYwYk9jn3aSyxfqQRjC4cvyLuPZxKBp8i2GYqZldALhxE5CxB WMD8nWPcrFDdP43TE3z2S22KFWsKtuNR4XhO9UNn6zwS8hMPmWU0N1yFjpB/mGNb0Nma lqjH64/NxAklmQa/V9I3yHlU508WIN+4e3eWKiRhqm4xVeURhoEmbEgEYL6ja83nyXP9 HE6g== X-Gm-Message-State: AOAM530RzbyZ9OETAXeH4A+k1HiorgIV2SyCLXBNHazwJHPotkenkVcD nbQE6it2Nax53+5ILpxS/MDzHD9dD8n5leAt X-Google-Smtp-Source: ABdhPJx0rBGHTyNa11mn+yvRXnLrQNT6EirEP7Vexyk2a1eeyeWQJRXNGTLf7IAtUsmcyPePMmTvMQ== X-Received: by 2002:a17:907:6296:b0:6da:64ee:1031 with SMTP id nd22-20020a170907629600b006da64ee1031mr31462695ejc.601.1649698199623; Mon, 11 Apr 2022 10:29:59 -0700 (PDT) Received: from debil.. (87-243-81-1.ip.btc-net.bg. [87.243.81.1]) by smtp.gmail.com with ESMTPSA id u6-20020a17090626c600b006e74ef7f092sm10325084ejc.176.2022.04.11.10.29.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Apr 2022 10:29:59 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: roopa@nvidia.com, idosch@idosch.org, kuba@kernel.org, davem@davemloft.net, bridge@lists.linux-foundation.org, Nikolay Aleksandrov Subject: [PATCH net-next v2 3/8] net: bridge: fdb: add ndo_fdb_flush op Date: Mon, 11 Apr 2022 20:29:29 +0300 Message-Id: <20220411172934.1813604-4-razor@blackwall.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220411172934.1813604-1-razor@blackwall.org> References: <20220411172934.1813604-1-razor@blackwall.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Add a minimal ndo_fdb_flush implementation which flushes all entries. Support for more fine-grained filtering will be added in the following patches. Signed-off-by: Nikolay Aleksandrov --- net/bridge/br_device.c | 1 + net/bridge/br_fdb.c | 25 ++++++++++++++++++++++++- net/bridge/br_netlink.c | 2 +- net/bridge/br_private.h | 6 +++++- net/bridge/br_sysfs_br.c | 2 +- 5 files changed, 32 insertions(+), 4 deletions(-) diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 8d6bab244c4a..76ee2675457a 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -466,6 +466,7 @@ static const struct net_device_ops br_netdev_ops = { .ndo_fdb_add = br_fdb_add, .ndo_fdb_del = br_fdb_delete, .ndo_fdb_dump = br_fdb_dump, + .ndo_fdb_flush = br_fdb_flush, .ndo_fdb_get = br_fdb_get, .ndo_bridge_getlink = br_getlink, .ndo_bridge_setlink = br_setlink, diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c index 6ccda68bd473..64a549acdac8 100644 --- a/net/bridge/br_fdb.c +++ b/net/bridge/br_fdb.c @@ -559,7 +559,7 @@ void br_fdb_cleanup(struct work_struct *work) } /* Completely flush all dynamic entries in forwarding database.*/ -void br_fdb_flush(struct net_bridge *br) +void __br_fdb_flush(struct net_bridge *br) { struct net_bridge_fdb_entry *f; struct hlist_node *tmp; @@ -572,6 +572,29 @@ void br_fdb_flush(struct net_bridge *br) spin_unlock_bh(&br->hash_lock); } +int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[], + struct net_device *dev, u16 vid, + struct netlink_ext_ack *extack) +{ + struct net_bridge *br; + + if (netif_is_bridge_master(dev)) { + br = netdev_priv(dev); + } else { + struct net_bridge_port *p = br_port_get_rtnl(dev); + + if (!p) { + NL_SET_ERR_MSG_MOD(extack, "Device is not a bridge port"); + return -EINVAL; + } + br = p->br; + } + + __br_fdb_flush(br); + + return 0; +} + /* Flush all entries referring to a specific port. * if do_all is set also flush static entries * if vid is set delete all entries that match the vlan_id diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c index 200ad05b296f..c59c775730bb 100644 --- a/net/bridge/br_netlink.c +++ b/net/bridge/br_netlink.c @@ -1327,7 +1327,7 @@ static int br_changelink(struct net_device *brdev, struct nlattr *tb[], } if (data[IFLA_BR_FDB_FLUSH]) - br_fdb_flush(br); + __br_fdb_flush(br); #ifdef CONFIG_BRIDGE_IGMP_SNOOPING if (data[IFLA_BR_MCAST_ROUTER]) { diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 6e62af2e07e9..23ef2982d1bc 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -759,7 +759,11 @@ int br_fdb_init(void); void br_fdb_fini(void); int br_fdb_hash_init(struct net_bridge *br); void br_fdb_hash_fini(struct net_bridge *br); -void br_fdb_flush(struct net_bridge *br); +void __br_fdb_flush(struct net_bridge *br); +int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[], + struct net_device *dev, u16 vid, + struct netlink_ext_ack *extack); + void br_fdb_find_delete_local(struct net_bridge *br, const struct net_bridge_port *p, const unsigned char *addr, u16 vid); diff --git a/net/bridge/br_sysfs_br.c b/net/bridge/br_sysfs_br.c index 3f7ca88c2aa3..7a2cf3aebc84 100644 --- a/net/bridge/br_sysfs_br.c +++ b/net/bridge/br_sysfs_br.c @@ -344,7 +344,7 @@ static DEVICE_ATTR_RW(group_addr); static int set_flush(struct net_bridge *br, unsigned long val, struct netlink_ext_ack *extack) { - br_fdb_flush(br); + __br_fdb_flush(br); return 0; } From patchwork Mon Apr 11 17:29:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 12809455 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 46E58C433EF for ; Mon, 11 Apr 2022 17:30:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348968AbiDKRcY (ORCPT ); Mon, 11 Apr 2022 13:32:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48534 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348939AbiDKRcR (ORCPT ); Mon, 11 Apr 2022 13:32:17 -0400 Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [IPv6:2a00:1450:4864:20::62b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5B10F2ED6E for ; Mon, 11 Apr 2022 10:30:02 -0700 (PDT) Received: by mail-ej1-x62b.google.com with SMTP id bg10so32370517ejb.4 for ; Mon, 11 Apr 2022 10:30:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=dNyNzOzmDc1f/pBDx4/a2ruUbQq4AUD3l7VG1GzL5dE=; b=DjoyoEa5SBJt3hqwkb9DF+bYBRu/wLQsubSS2953Gkp4QRuJGRUbRTJIqT/76L2o7q LIj4IsVyTbEKPYKxQFo8gbjxVn1aZM0XAAjabs6CRiIzZRRpAtPjjGZaF8BnWZXgg1lg rsqmH5r6esv/3MlJcXaXb7el2YwVANoDkyI+WX7IIMsSql+S4JzT+epU3z37FDU3srFA 2m7RMEQP3CNrBDdkZsfFpaQdVZlTyG/6mUAAVrAJYQLN0/tpRokYODZmAPtrQLQ1DaBv KcESQyYDfFe2FFqSdCCCmLuRDNb+Ubn/dN13hAV3ar10OHYm9EK7bGvFHbfglNgQOKxx LUCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=dNyNzOzmDc1f/pBDx4/a2ruUbQq4AUD3l7VG1GzL5dE=; b=oNIvk4McevjpjoXKDTALpt1j0KWOd9hnUiT7vHg1OjiJx5aB4Sao2n9GF6bimuzLWJ AmayUnIr2eHmNnshkUhbIqInh6QfWavciGGbeDVeLM7nGbc3qG39jT7PaIl8CV1z1PDo SxXrHwW21DxeDXOuL+RUyd4kFKWLApLHPODvG26Qs1iE0jkjUaZL9VKJsQztLI6YuxPI 2QUVNxYVjkgILr1lQXCvYC5Rm+mcmKnI2KoZryPMqCd1dOrrCNGzsOdREvGCYVNGJrbX tcY7Yc9zCQUVjU8GqR5kCI3TGly9nyiVAuFUJRKPp3Kb/gDTbG3D5nkamea7Ny5d9+3+ hILg== X-Gm-Message-State: AOAM533se674+DkfJ7VE2WAGG6EZLJxIBLuMB1QIVHQr+ul9MfKWreOI OYRW3ejUlYTfUWK0S1ySq4HGo895QxKDQojh X-Google-Smtp-Source: ABdhPJzNbJycALTMkxA7fQ3oUTeI057Xp772m0xbK5FuefZeOSgbvUJ61y2QofojBMhi0UkKgHepjg== X-Received: by 2002:a17:906:7314:b0:6df:839f:af7 with SMTP id di20-20020a170906731400b006df839f0af7mr30909242ejc.65.1649698200609; Mon, 11 Apr 2022 10:30:00 -0700 (PDT) Received: from debil.. (87-243-81-1.ip.btc-net.bg. [87.243.81.1]) by smtp.gmail.com with ESMTPSA id u6-20020a17090626c600b006e74ef7f092sm10325084ejc.176.2022.04.11.10.29.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Apr 2022 10:30:00 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: roopa@nvidia.com, idosch@idosch.org, kuba@kernel.org, davem@davemloft.net, bridge@lists.linux-foundation.org, Nikolay Aleksandrov Subject: [PATCH net-next v2 4/8] net: rtnetlink: register a generic rtnl_fdb_flush call Date: Mon, 11 Apr 2022 20:29:30 +0300 Message-Id: <20220411172934.1813604-5-razor@blackwall.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220411172934.1813604-1-razor@blackwall.org> References: <20220411172934.1813604-1-razor@blackwall.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Register a generic PF_BRIDGE rtnl_fdb_flush call which does basic validation and dispatches the call to the appropriate device based on ndm flags (NTF_MASTER and NTF_SELF). The flags are interepreted in a similar way to the already existing fdb add and del. Signed-off-by: Nikolay Aleksandrov --- include/uapi/linux/neighbour.h | 6 ++++ net/core/rtnetlink.c | 52 ++++++++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/include/uapi/linux/neighbour.h b/include/uapi/linux/neighbour.h index db05fb55055e..60e728319a50 100644 --- a/include/uapi/linux/neighbour.h +++ b/include/uapi/linux/neighbour.h @@ -212,4 +212,10 @@ enum { }; #define NFEA_MAX (__NFEA_MAX - 1) +enum { + NDFA_UNSPEC, + __NDFA_MAX +}; +#define NDFA_MAX (__NDFA_MAX - 1) + #endif diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index 4041b3e2e8ec..7325b60d1aa2 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -4659,6 +4659,56 @@ static int rtnl_fdb_get(struct sk_buff *in_skb, struct nlmsghdr *nlh, return err; } +static const struct nla_policy fdb_flush_policy[NDFA_MAX + 1] = { + [NDFA_UNSPEC] = { .type = NLA_REJECT }, +}; + +static int rtnl_fdb_flush(struct sk_buff *skb, struct nlmsghdr *nlh, + struct netlink_ext_ack *extack) +{ + struct net *net = sock_net(skb->sk); + struct nlattr *tb[NDFA_MAX + 1]; + struct net_device *dev; + struct ndmsg *ndm; + int err; + + err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDFA_MAX, fdb_flush_policy, + extack); + if (err < 0) + return err; + + ndm = nlmsg_data(nlh); + if (ndm->ndm_ifindex == 0) { + NL_SET_ERR_MSG(extack, "Invalid ifindex"); + return -EINVAL; + } + + dev = __dev_get_by_index(net, ndm->ndm_ifindex); + if (!dev) { + NL_SET_ERR_MSG(extack, "Unknown ifindex"); + return -ENODEV; + } + + err = -EOPNOTSUPP; + if ((!ndm->ndm_flags || ndm->ndm_flags & NTF_MASTER) && + netif_is_bridge_port(dev)) { + struct net_device *br_dev = netdev_master_upper_dev_get(dev); + + err = br_dev->netdev_ops->ndo_fdb_flush(ndm, tb, dev, 0, extack); + if (err) + goto out; + else + ndm->ndm_flags &= ~NTF_MASTER; + } + if ((ndm->ndm_flags & NTF_SELF) && dev->netdev_ops->ndo_fdb_flush) { + err = dev->netdev_ops->ndo_fdb_flush(ndm, tb, dev, 0, extack); + if (!err) + ndm->ndm_flags &= ~NTF_SELF; + } +out: + return err; +} + static int brport_nla_put_flag(struct sk_buff *skb, u32 flags, u32 mask, unsigned int attrnum, unsigned int flag) { @@ -6144,6 +6194,8 @@ void __init rtnetlink_init(void) rtnl_register(PF_BRIDGE, RTM_DELLINK, rtnl_bridge_dellink, NULL, 0); rtnl_register(PF_BRIDGE, RTM_SETLINK, rtnl_bridge_setlink, NULL, 0); + rtnl_register(PF_BRIDGE, RTM_FLUSHNEIGH, rtnl_fdb_flush, NULL, 0); + rtnl_register(PF_UNSPEC, RTM_GETSTATS, rtnl_stats_get, rtnl_stats_dump, 0); rtnl_register(PF_UNSPEC, RTM_SETSTATS, rtnl_stats_set, NULL, 0); From patchwork Mon Apr 11 17:29:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 12809458 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0BD8FC433F5 for ; Mon, 11 Apr 2022 17:30:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348903AbiDKRdD (ORCPT ); Mon, 11 Apr 2022 13:33:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48502 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348963AbiDKRcT (ORCPT ); Mon, 11 Apr 2022 13:32:19 -0400 Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [IPv6:2a00:1450:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 836232F000 for ; Mon, 11 Apr 2022 10:30:03 -0700 (PDT) Received: by mail-ej1-x630.google.com with SMTP id t11so5353825eju.13 for ; Mon, 11 Apr 2022 10:30:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=gXs4PLlNleG26f62x9RTRqzIlUWK/kMjrVCPwUa1nnA=; b=h/abJgZ7Xi7Z8GrRRVLZ9oJrGOddEMunkLHKWxtlp+fwN2PldD4vnxb64qRFtcMtnG 7ud6gDPS5htQEfOasOEaqV0IoLDMIXOci2yXz8OFVmtmDnfKNvwzGMnJulOiXwzC836r KIa2tpBzt5Vczm85ycT/Vqm3OEmiP4b+rNwaETRlpMR4qjgNEz8Sha3JQStB77hSerJW sA2GNp+VhAACxEbyKUdL/tByb2bkkeV+8AwxBPtrWvCnpMJn6JZ892xznxuHHPsrNm+J ocw0SDU6unmkqZ+1XBsrzaDoKF4nTfV4XZ1gi5yN5aTo07U4LsirxK/7ELhNecAscgbf SM1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=gXs4PLlNleG26f62x9RTRqzIlUWK/kMjrVCPwUa1nnA=; b=fsCIRm8VsA3AHlpcu/hVZvbwmERIyy/J8ymRq20rG0QQ9+4Cj26SD/qpFy5RN9IuK5 KaW7dcKXsivPf3MAs8FFnSbdJWNmIhhF1DqaRR0e2oVeBQXfAyGwJ3GP9sKL5XN4QGP0 8HfNOvV7d+jONrhO1cxSAq5IM75H0oDkF2feCClfHI1GWkIYgbTt2J3Klj+aXRjjXfuR lnRWxoKhrTckwgXZY4g3YCb/pBIXGzAgsn4W4NkbahX5ckbcyr0UQnl1qKFjZ9GFj1/3 ygYFRf8dqT94Gavs2ouYi3S8oewhePGlmhPZZODFFLF2LzbiJBcBfoyIEwT5TLFPp1IH 7R6Q== X-Gm-Message-State: AOAM533W3TZE1FCcDEmNt3BA9MhOAjfBNaJsbIKGa9C3qzqbvugpa0Ym gOshFVtu0LGQFnkL3S+44UYOeYw5kUUSuXWg X-Google-Smtp-Source: ABdhPJxZYIAj/HLnAQxh3UKtNigoheZ0fMk5P//AeQTYV1XdQ+ppgUYTl9GsPboO3KbWvuzyXzrRSQ== X-Received: by 2002:a17:906:d555:b0:6db:148e:5cc with SMTP id cr21-20020a170906d55500b006db148e05ccmr29965894ejc.63.1649698201585; Mon, 11 Apr 2022 10:30:01 -0700 (PDT) Received: from debil.. (87-243-81-1.ip.btc-net.bg. [87.243.81.1]) by smtp.gmail.com with ESMTPSA id u6-20020a17090626c600b006e74ef7f092sm10325084ejc.176.2022.04.11.10.30.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Apr 2022 10:30:01 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: roopa@nvidia.com, idosch@idosch.org, kuba@kernel.org, davem@davemloft.net, bridge@lists.linux-foundation.org, Nikolay Aleksandrov Subject: [PATCH net-next v2 5/8] net: rtnetlink: add common flush attributes Date: Mon, 11 Apr 2022 20:29:31 +0300 Message-Id: <20220411172934.1813604-6-razor@blackwall.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220411172934.1813604-1-razor@blackwall.org> References: <20220411172934.1813604-1-razor@blackwall.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Add common fdb flush attributes - ifindex, vlan id, ndm flags/state masks. All of these are used by the bridge and vxlan drivers. Also minimal attr policy validation is added, it is up to ndo_fdb_flush implementers to further validate them. Signed-off-by: Nikolay Aleksandrov --- include/uapi/linux/neighbour.h | 4 ++++ net/core/rtnetlink.c | 16 +++++++++++++--- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/include/uapi/linux/neighbour.h b/include/uapi/linux/neighbour.h index 60e728319a50..5ab4e9b5edc8 100644 --- a/include/uapi/linux/neighbour.h +++ b/include/uapi/linux/neighbour.h @@ -214,6 +214,10 @@ enum { enum { NDFA_UNSPEC, + NDFA_IFINDEX, + NDFA_VLAN, + NDFA_NDM_STATE_MASK, + NDFA_NDM_FLAGS_MASK, __NDFA_MAX }; #define NDFA_MAX (__NDFA_MAX - 1) diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index 7325b60d1aa2..379b6a066fbd 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -4660,7 +4660,11 @@ static int rtnl_fdb_get(struct sk_buff *in_skb, struct nlmsghdr *nlh, } static const struct nla_policy fdb_flush_policy[NDFA_MAX + 1] = { - [NDFA_UNSPEC] = { .type = NLA_REJECT }, + [NDFA_UNSPEC] = { .type = NLA_REJECT }, + [NDFA_IFINDEX] = NLA_POLICY_MIN(NLA_S32, 1), + [NDFA_VLAN] = { .type = NLA_U16 }, + [NDFA_NDM_STATE_MASK] = { .type = NLA_U16 }, + [NDFA_NDM_FLAGS_MASK] = { .type = NLA_U8 }, }; static int rtnl_fdb_flush(struct sk_buff *skb, struct nlmsghdr *nlh, @@ -4670,6 +4674,7 @@ static int rtnl_fdb_flush(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr *tb[NDFA_MAX + 1]; struct net_device *dev; struct ndmsg *ndm; + u16 vid; int err; err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDFA_MAX, fdb_flush_policy, @@ -4689,19 +4694,24 @@ static int rtnl_fdb_flush(struct sk_buff *skb, struct nlmsghdr *nlh, return -ENODEV; } + err = fdb_vid_parse(tb[NDFA_VLAN], &vid, extack); + if (err) + return err; + err = -EOPNOTSUPP; if ((!ndm->ndm_flags || ndm->ndm_flags & NTF_MASTER) && netif_is_bridge_port(dev)) { struct net_device *br_dev = netdev_master_upper_dev_get(dev); - err = br_dev->netdev_ops->ndo_fdb_flush(ndm, tb, dev, 0, extack); + err = br_dev->netdev_ops->ndo_fdb_flush(ndm, tb, dev, vid, + extack); if (err) goto out; else ndm->ndm_flags &= ~NTF_MASTER; } if ((ndm->ndm_flags & NTF_SELF) && dev->netdev_ops->ndo_fdb_flush) { - err = dev->netdev_ops->ndo_fdb_flush(ndm, tb, dev, 0, extack); + err = dev->netdev_ops->ndo_fdb_flush(ndm, tb, dev, vid, extack); if (!err) ndm->ndm_flags &= ~NTF_SELF; } From patchwork Mon Apr 11 17:29:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 12809459 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1D741C4332F for ; Mon, 11 Apr 2022 17:30:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348939AbiDKRdF (ORCPT ); Mon, 11 Apr 2022 13:33:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48520 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348969AbiDKRcT (ORCPT ); Mon, 11 Apr 2022 13:32:19 -0400 Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 810AF2F009 for ; Mon, 11 Apr 2022 10:30:04 -0700 (PDT) Received: by mail-ej1-x631.google.com with SMTP id bg10so32370686ejb.4 for ; Mon, 11 Apr 2022 10:30:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=fjc7yh9BABEAcWYSv/wz9ajmM8BNqoc42tZ1SpXSbXE=; b=Oj3zp3IneXaC6o+Kceh7QeX/CLUGp2OlRLD1CM20EAPW4gj6k7pQmlpObukOT9BU7n 6uq/oeNEiaaONOfZ01fv3gLO1Ey/Rattn+Wg6gsfU8GZTd3iM87A6xlIbYpqBIQUxELb W2cPXicI5EdAd8hXxtjbGkvIidY2ochvP2Ky122vfdhr3r6opwL47k7FjFDTbjQ84lIC 0NANWcIclRZtRe7HKUvCR0pems0HRYwebAl6PmLgqfmr/yTZFGsdab3OKtJtdMoLqZrz 1eiJeA8Mkr6051oInD5fWV/qf/3aP9sUYrW51xSqi/ByZZn7peRzXUmfq3VqZnZ5xFtn 2SrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=fjc7yh9BABEAcWYSv/wz9ajmM8BNqoc42tZ1SpXSbXE=; b=OwPt2zBoDln2KDP/KJn5994h8c4YX2kz5JlgLwiJTgRt0qa4CeTB4TEtHNS90q+l2n 92rqnxsa8UQ0xzdjOCuNl1lrrqK6j9SZ6qBu9/WIpDtG+CCanR/G43tbljyhFFniUL3z hIYAJzFRXWy+U3GRgxc/PWpnGfJ0fYKqBwU50e+W88XFdXQelv4MrLy4SjRkjTst44xw 0JBwF0tyjH/hsFMgNBJaPpfAGydO0jN44mZT89n03QFNf2J4dOmSBvRe0Nx5XQYjHE4F 1DKcBl5zSKzFUibx5KxfDVDC5D7spy4J9pi5bZhEAueVfj8XKGJJ/eZHNf9aNVPig5PH IXjw== X-Gm-Message-State: AOAM530VMUxgPRcVXGAJmufY9wp3mgd3RR4AzMNN11ZDinrmFZ8xWa8j EpjNQgBrZCUzSdjTykqFT2tnVftl+IwVWNDH X-Google-Smtp-Source: ABdhPJzo4J9TYxxUDp3FRICrBNSdx4BQSbolHbWynt5O1ClXlkmDK6MabH9nzxh/9O6nIQcuNS3Vkw== X-Received: by 2002:a17:907:97d3:b0:6e8:3c07:3107 with SMTP id js19-20020a17090797d300b006e83c073107mr20710847ejc.630.1649698202554; Mon, 11 Apr 2022 10:30:02 -0700 (PDT) Received: from debil.. (87-243-81-1.ip.btc-net.bg. [87.243.81.1]) by smtp.gmail.com with ESMTPSA id u6-20020a17090626c600b006e74ef7f092sm10325084ejc.176.2022.04.11.10.30.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Apr 2022 10:30:02 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: roopa@nvidia.com, idosch@idosch.org, kuba@kernel.org, davem@davemloft.net, bridge@lists.linux-foundation.org, Nikolay Aleksandrov Subject: [PATCH net-next v2 6/8] net: bridge: fdb: add support for fine-grained flushing Date: Mon, 11 Apr 2022 20:29:32 +0300 Message-Id: <20220411172934.1813604-7-razor@blackwall.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220411172934.1813604-1-razor@blackwall.org> References: <20220411172934.1813604-1-razor@blackwall.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Add the ability to specify exactly which fdbs to be flushed. They are described by a new structure - net_bridge_fdb_flush_desc. Currently it can match on port/bridge ifindex, vlan id and fdb flags. It is used to describe the existing dynamic fdb flush operation. Note that this flush operation doesn't treat permanent entries in a special way (fdb_delete vs fdb_delete_local), it will delete them regardless if any port is using them, so currently it can't directly replace deletes which need to handle that case, although we can extend it later for that too. Signed-off-by: Nikolay Aleksandrov --- v2: changed the flush matches func for better readability (Ido) net/bridge/br_fdb.c | 41 ++++++++++++++++++++++++++++++++-------- net/bridge/br_netlink.c | 9 +++++++-- net/bridge/br_private.h | 10 +++++++++- net/bridge/br_sysfs_br.c | 6 +++++- 4 files changed, 54 insertions(+), 12 deletions(-) diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c index 64a549acdac8..045eb61e833e 100644 --- a/net/bridge/br_fdb.c +++ b/net/bridge/br_fdb.c @@ -558,24 +558,49 @@ void br_fdb_cleanup(struct work_struct *work) mod_delayed_work(system_long_wq, &br->gc_work, work_delay); } -/* Completely flush all dynamic entries in forwarding database.*/ -void __br_fdb_flush(struct net_bridge *br) +static bool __fdb_flush_matches(const struct net_bridge *br, + const struct net_bridge_fdb_entry *f, + const struct net_bridge_fdb_flush_desc *desc) +{ + const struct net_bridge_port *dst = READ_ONCE(f->dst); + int port_ifidx = dst ? dst->dev->ifindex : br->dev->ifindex; + + if (desc->vlan_id && desc->vlan_id != f->key.vlan_id) + return false; + if (desc->port_ifindex && desc->port_ifindex != port_ifidx) + return false; + if (desc->flags_mask && (f->flags & desc->flags_mask) != desc->flags) + return false; + + return true; +} + +/* Flush forwarding database entries matching the description */ +void __br_fdb_flush(struct net_bridge *br, + const struct net_bridge_fdb_flush_desc *desc) { struct net_bridge_fdb_entry *f; - struct hlist_node *tmp; - spin_lock_bh(&br->hash_lock); - hlist_for_each_entry_safe(f, tmp, &br->fdb_list, fdb_node) { - if (!test_bit(BR_FDB_STATIC, &f->flags)) + rcu_read_lock(); + hlist_for_each_entry_rcu(f, &br->fdb_list, fdb_node) { + if (!__fdb_flush_matches(br, f, desc)) + continue; + + spin_lock_bh(&br->hash_lock); + if (!hlist_unhashed(&f->fdb_node)) fdb_delete(br, f, true); + spin_unlock_bh(&br->hash_lock); } - spin_unlock_bh(&br->hash_lock); + rcu_read_unlock(); } int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[], struct net_device *dev, u16 vid, struct netlink_ext_ack *extack) { + struct net_bridge_fdb_flush_desc desc = { + .flags_mask = BR_FDB_STATIC + }; struct net_bridge *br; if (netif_is_bridge_master(dev)) { @@ -590,7 +615,7 @@ int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[], br = p->br; } - __br_fdb_flush(br); + __br_fdb_flush(br, &desc); return 0; } diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c index c59c775730bb..accab38b0b6a 100644 --- a/net/bridge/br_netlink.c +++ b/net/bridge/br_netlink.c @@ -1326,8 +1326,13 @@ static int br_changelink(struct net_device *brdev, struct nlattr *tb[], br_recalculate_fwd_mask(br); } - if (data[IFLA_BR_FDB_FLUSH]) - __br_fdb_flush(br); + if (data[IFLA_BR_FDB_FLUSH]) { + struct net_bridge_fdb_flush_desc desc = { + .flags_mask = BR_FDB_STATIC + }; + + __br_fdb_flush(br, &desc); + } #ifdef CONFIG_BRIDGE_IGMP_SNOOPING if (data[IFLA_BR_MCAST_ROUTER]) { diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 23ef2982d1bc..9fb9abdbd3f4 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -274,6 +274,13 @@ struct net_bridge_fdb_entry { struct rcu_head rcu; }; +struct net_bridge_fdb_flush_desc { + unsigned long flags; + unsigned long flags_mask; + int port_ifindex; + u16 vlan_id; +}; + #define MDB_PG_FLAGS_PERMANENT BIT(0) #define MDB_PG_FLAGS_OFFLOAD BIT(1) #define MDB_PG_FLAGS_FAST_LEAVE BIT(2) @@ -759,7 +766,8 @@ int br_fdb_init(void); void br_fdb_fini(void); int br_fdb_hash_init(struct net_bridge *br); void br_fdb_hash_fini(struct net_bridge *br); -void __br_fdb_flush(struct net_bridge *br); +void __br_fdb_flush(struct net_bridge *br, + const struct net_bridge_fdb_flush_desc *desc); int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[], struct net_device *dev, u16 vid, struct netlink_ext_ack *extack); diff --git a/net/bridge/br_sysfs_br.c b/net/bridge/br_sysfs_br.c index 7a2cf3aebc84..c863151f1cde 100644 --- a/net/bridge/br_sysfs_br.c +++ b/net/bridge/br_sysfs_br.c @@ -344,7 +344,11 @@ static DEVICE_ATTR_RW(group_addr); static int set_flush(struct net_bridge *br, unsigned long val, struct netlink_ext_ack *extack) { - __br_fdb_flush(br); + struct net_bridge_fdb_flush_desc desc = { + .flags_mask = BR_FDB_STATIC + }; + + __br_fdb_flush(br, &desc); return 0; } From patchwork Mon Apr 11 17:29:33 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 12809460 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CE3CAC433EF for ; Mon, 11 Apr 2022 17:30:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235326AbiDKRdH (ORCPT ); Mon, 11 Apr 2022 13:33:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48490 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348959AbiDKRcV (ORCPT ); Mon, 11 Apr 2022 13:32:21 -0400 Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D9552E0AA for ; Mon, 11 Apr 2022 10:30:05 -0700 (PDT) Received: by mail-ej1-x62f.google.com with SMTP id ks6so7713223ejb.1 for ; Mon, 11 Apr 2022 10:30:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4pZGl1wOEf7Qv3VZG+DB1PDq+c4kDTX/aMWvmPeV+KQ=; b=I1YA9Xc9lyeZ5hUtEQiOREQlD9bTjb3CHHxPkiPiQvv4qw+JwijFa5Vr/qe15UrGsG 5FQoTiFLJbSlhqkLxpYhrMvsPvPS8w1vlzqL+irD+AiTXGh86sRtefkoodiAhtAkyjms QBIaLOGMPgm4w36JTiKn2+vP7TH//56RMuBQ7fi7Clcj7DQB/l3wY5+iWQqqUmyXR+qC Hr76h5BVPnPmrmwGHHv3Nh7ZLTzK4ILrQnROOj+UtxfGBmytXdlUeo649vdOs243b16z 6qsdIshaoFwM8jUYdy15jGX15FObz8C352chK99eDFH5iCBZWx7qX/zS22x2mfkjMNKh NQLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4pZGl1wOEf7Qv3VZG+DB1PDq+c4kDTX/aMWvmPeV+KQ=; b=R4Yo9uz9lF2Ns48EArX5UA6CQJkVkpGPV+rCPpvFHK/ey3g+TtDUjVxsDTwA2EmKeb ShbC3uUpUWIBheIAg0e1oSZN9lgkE9MFzB9nQXsgFjAy830vJ43IiZe3QH77/9Vj+mBy 8KaO3HvOdSeg1wB77bz8vJaUgr6RQe6ly8ixAMlLb1cDt7sEaDu+OTANORA746pikDEu Vtwd+JT5p/+7R+gFjQ8KoPq6gawjuWnGs5+jcPy5c+6o+6b+FqbmfuSiWCA2BnmXeMeu AFNpFKFWimOBN+MvTwlZxB6/tCCrxaEeuFeJMeUkUqrhwgJJ+qE7XG80yXjQKAPI52Sw Xiog== X-Gm-Message-State: AOAM530igLEKPuAGUyLshLpQioTlxqcUFGYCKCm3LeyiB+MG/hDG0ysF vAmTIhoFj8SUmEtBwWRvQ4XSV8aTaPJE8mN4 X-Google-Smtp-Source: ABdhPJy+tAX6NtjZxMVDpD+T1GIkuvjN+DnrXDB7NMxQULs1GKLE6sZ49HWkT+IP1gCHrD0WmnzW5g== X-Received: by 2002:a17:907:3f86:b0:6db:b745:f761 with SMTP id hr6-20020a1709073f8600b006dbb745f761mr30264401ejc.610.1649698203595; Mon, 11 Apr 2022 10:30:03 -0700 (PDT) Received: from debil.. (87-243-81-1.ip.btc-net.bg. [87.243.81.1]) by smtp.gmail.com with ESMTPSA id u6-20020a17090626c600b006e74ef7f092sm10325084ejc.176.2022.04.11.10.30.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Apr 2022 10:30:03 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: roopa@nvidia.com, idosch@idosch.org, kuba@kernel.org, davem@davemloft.net, bridge@lists.linux-foundation.org, Nikolay Aleksandrov Subject: [PATCH net-next v2 7/8] net: bridge: fdb: add support for flush filtering based on ndm flags and state Date: Mon, 11 Apr 2022 20:29:33 +0300 Message-Id: <20220411172934.1813604-8-razor@blackwall.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220411172934.1813604-1-razor@blackwall.org> References: <20220411172934.1813604-1-razor@blackwall.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Add support for fdb flush filtering based on ndm flags and state. NDM state and flags are mapped to bridge-specific flags and matched according to the specified masks. NTF_USE is used to represent added_by_user flag since it sets it on fdb add and we don't have a 1:1 mapping for it. Only allowed bits can be set, NTF_USE and NTF_MASTER are ignored. Signed-off-by: Nikolay Aleksandrov --- v2: ignore NTF_USE/NTF_MASTER and reject unknown flags net/bridge/br_fdb.c | 58 ++++++++++++++++++++++++++++++++++++++--- net/bridge/br_private.h | 5 ++++ 2 files changed, 60 insertions(+), 3 deletions(-) diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c index 045eb61e833e..2cea03cbc55f 100644 --- a/net/bridge/br_fdb.c +++ b/net/bridge/br_fdb.c @@ -594,13 +594,40 @@ void __br_fdb_flush(struct net_bridge *br, rcu_read_unlock(); } +static unsigned long __ndm_state_to_fdb_flags(u16 ndm_state) +{ + unsigned long flags = 0; + + if (ndm_state & NUD_PERMANENT) + __set_bit(BR_FDB_LOCAL, &flags); + if (ndm_state & NUD_NOARP) + __set_bit(BR_FDB_STATIC, &flags); + + return flags; +} + +static unsigned long __ndm_flags_to_fdb_flags(u8 ndm_flags) +{ + unsigned long flags = 0; + + if (ndm_flags & NTF_USE) + __set_bit(BR_FDB_ADDED_BY_USER, &flags); + if (ndm_flags & NTF_EXT_LEARNED) + __set_bit(BR_FDB_ADDED_BY_EXT_LEARN, &flags); + if (ndm_flags & NTF_OFFLOADED) + __set_bit(BR_FDB_OFFLOADED, &flags); + if (ndm_flags & NTF_STICKY) + __set_bit(BR_FDB_STICKY, &flags); + + return flags; +} + int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[], struct net_device *dev, u16 vid, struct netlink_ext_ack *extack) { - struct net_bridge_fdb_flush_desc desc = { - .flags_mask = BR_FDB_STATIC - }; + u8 ndm_flags = ndm->ndm_flags & ~FDB_FLUSH_IGNORED_NDM_FLAGS; + struct net_bridge_fdb_flush_desc desc = {}; struct net_bridge *br; if (netif_is_bridge_master(dev)) { @@ -615,6 +642,31 @@ int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[], br = p->br; } + if (ndm_flags & ~FDB_FLUSH_ALLOWED_NDM_FLAGS) { + NL_SET_ERR_MSG(extack, "Unsupported fdb flush ndm flag bits set"); + return -EINVAL; + } + if (ndm->ndm_state & ~FDB_FLUSH_ALLOWED_NDM_STATES) { + NL_SET_ERR_MSG(extack, "Unsupported fdb flush ndm state bits set"); + return -EINVAL; + } + + desc.flags |= __ndm_state_to_fdb_flags(ndm->ndm_state); + desc.flags |= __ndm_flags_to_fdb_flags(ndm_flags); + if (tb[NDFA_NDM_STATE_MASK]) { + u16 ndm_state_mask = nla_get_u16(tb[NDFA_NDM_STATE_MASK]); + + desc.flags_mask |= __ndm_state_to_fdb_flags(ndm_state_mask); + } + if (tb[NDFA_NDM_FLAGS_MASK]) { + u8 ndm_flags_mask = nla_get_u8(tb[NDFA_NDM_FLAGS_MASK]); + + desc.flags_mask |= __ndm_flags_to_fdb_flags(ndm_flags_mask); + } + + br_debug(br, "flushing port ifindex: %d vlan id: %u flags: 0x%lx flags mask: 0x%lx\n", + desc.port_ifindex, desc.vlan_id, desc.flags, desc.flags_mask); + __br_fdb_flush(br, &desc); return 0; diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 9fb9abdbd3f4..fd5cbd00e12d 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -762,6 +762,11 @@ static inline void br_netpoll_disable(struct net_bridge_port *p) #endif /* br_fdb.c */ +#define FDB_FLUSH_IGNORED_NDM_FLAGS (NTF_MASTER | NTF_SELF) +#define FDB_FLUSH_ALLOWED_NDM_STATES (NUD_PERMANENT | NUD_NOARP) +#define FDB_FLUSH_ALLOWED_NDM_FLAGS (NTF_USE | NTF_EXT_LEARNED | \ + NTF_STICKY | NTF_OFFLOADED) + int br_fdb_init(void); void br_fdb_fini(void); int br_fdb_hash_init(struct net_bridge *br); From patchwork Mon Apr 11 17:29:34 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nikolay Aleksandrov X-Patchwork-Id: 12809461 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EF6F0C433FE for ; Mon, 11 Apr 2022 17:30:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348956AbiDKRdI (ORCPT ); Mon, 11 Apr 2022 13:33:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48740 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348958AbiDKRcV (ORCPT ); Mon, 11 Apr 2022 13:32:21 -0400 Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 38AE32E696 for ; Mon, 11 Apr 2022 10:30:06 -0700 (PDT) Received: by mail-ej1-x631.google.com with SMTP id ks6so7713320ejb.1 for ; Mon, 11 Apr 2022 10:30:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackwall-org.20210112.gappssmtp.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=O/VZLSKKUr9Ihqy6S3wZzx57tDuzGbENOM9GV5qAtjA=; b=fFAeWA901r46qOOdPqJ4hjzi3NDTcPdGTCrShzVqlrXGohdJz5OqOhbR53eJj+8/Mz jNsj1Ll+69KR3nuryXJWdWkkpKWIrq0tGF98iH4JSZiXpx9yrldzFYvXmWU2LU35kGxI 2a0zL+wy9JNmACu4OFV0CW+eoeI6F723MISF2PvEnIHToEZ9xwXZtYYRS9/FFpY97Z9d L3z1fX9r31aAfIgro65HkUnPXsAkNUU5O+x+VOr+pCw9pmQaThoJ1+usUZFN8fxTEpbw DXGDKEZe1rK0SoyB953x362v9H+VCZ7WHPKRd3soJS63WL6Jh7M/9EjYA34boDNsiCU/ DuzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=O/VZLSKKUr9Ihqy6S3wZzx57tDuzGbENOM9GV5qAtjA=; b=oIe61mVJ5ND2g0UYPohpOMstCKDbOhqmd5HRLfBOusnzw9QJCNnmSTvmCl6vbPI11R Fi4UsLg9YcN5mGoMcABtk2RwPGgGRhO3Mleyqmdk4T5fFibB+kjZnn2KPaPzZjQXISeX c0SCWOigrwxJREi7PrDPoJMzTFcTvib00n3PhFr+N7B9msTrSz/uC3J5HrSH5vhVgwoz SWParoCKc/77nCSFwkFSCLB2l5Zd1v0JkI5Xwfs+gOZVnUI+69bSjvFwxKbV57cN6reZ onZFKY98W9KuaubfObzS9uziFiYboMQcxoN65ppYtJuQ66HzC6AWrhv/Y7s2oTwaOO/2 j2gw== X-Gm-Message-State: AOAM5330ZxTWb5GPDzQwY22bHem/4BpfVBEQOsunepMt1TWLCC/l1A43 e2VZ/9g273u1e9rwwkk6KJ7VeLSzsE8qAfOr X-Google-Smtp-Source: ABdhPJx3nKeCKQpSmaPdqh76RCSsXmqoKXzgCblRjdLmXrHbv2xJUhepqMv+qlK5mBnORk9EyAvm6A== X-Received: by 2002:a17:906:2c0d:b0:6e8:979c:be8 with SMTP id e13-20020a1709062c0d00b006e8979c0be8mr4246836ejh.239.1649698204541; Mon, 11 Apr 2022 10:30:04 -0700 (PDT) Received: from debil.. (87-243-81-1.ip.btc-net.bg. [87.243.81.1]) by smtp.gmail.com with ESMTPSA id u6-20020a17090626c600b006e74ef7f092sm10325084ejc.176.2022.04.11.10.30.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Apr 2022 10:30:04 -0700 (PDT) From: Nikolay Aleksandrov To: netdev@vger.kernel.org Cc: roopa@nvidia.com, idosch@idosch.org, kuba@kernel.org, davem@davemloft.net, bridge@lists.linux-foundation.org, Nikolay Aleksandrov Subject: [PATCH net-next v2 8/8] net: bridge: fdb: add support for flush filtering based on ifindex and vlan Date: Mon, 11 Apr 2022 20:29:34 +0300 Message-Id: <20220411172934.1813604-9-razor@blackwall.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220411172934.1813604-1-razor@blackwall.org> References: <20220411172934.1813604-1-razor@blackwall.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Add support for fdb flush filtering based on destination ifindex and vlan id. The ifindex must either match a port's device ifindex or the bridge's. The vlan support is trivial since it's already validated by rtnl_fdb_flush, we just need to fill it in. Signed-off-by: Nikolay Aleksandrov --- v2: validate ifindex and fill in vlan id net/bridge/br_fdb.c | 42 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 41 insertions(+), 1 deletion(-) diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c index 2cea03cbc55f..b078a656776a 100644 --- a/net/bridge/br_fdb.c +++ b/net/bridge/br_fdb.c @@ -622,12 +622,44 @@ static unsigned long __ndm_flags_to_fdb_flags(u8 ndm_flags) return flags; } +static int __fdb_flush_validate_ifindex(const struct net_bridge *br, + int ifindex, + struct netlink_ext_ack *extack) +{ + const struct net_device *dev; + + dev = __dev_get_by_index(dev_net(br->dev), ifindex); + if (!dev) { + NL_SET_ERR_MSG_MOD(extack, "Unknown flush device ifindex"); + return -ENODEV; + } + if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) { + NL_SET_ERR_MSG_MOD(extack, "Flush device is not a bridge or bridge port"); + return -EINVAL; + } + if (netif_is_bridge_master(dev) && dev != br->dev) { + NL_SET_ERR_MSG_MOD(extack, + "Flush bridge device does not match target bridge device"); + return -EINVAL; + } + if (netif_is_bridge_port(dev)) { + struct net_bridge_port *p = br_port_get_rtnl(dev); + + if (p->br != br) { + NL_SET_ERR_MSG_MOD(extack, "Port belongs to a different bridge device"); + return -EINVAL; + } + } + + return 0; +} + int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[], struct net_device *dev, u16 vid, struct netlink_ext_ack *extack) { u8 ndm_flags = ndm->ndm_flags & ~FDB_FLUSH_IGNORED_NDM_FLAGS; - struct net_bridge_fdb_flush_desc desc = {}; + struct net_bridge_fdb_flush_desc desc = { .vlan_id = vid }; struct net_bridge *br; if (netif_is_bridge_master(dev)) { @@ -663,6 +695,14 @@ int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[], desc.flags_mask |= __ndm_flags_to_fdb_flags(ndm_flags_mask); } + if (tb[NDFA_IFINDEX]) { + int err, ifidx = nla_get_s32(tb[NDFA_IFINDEX]); + + err = __fdb_flush_validate_ifindex(br, ifidx, extack); + if (err) + return err; + desc.port_ifindex = ifidx; + } br_debug(br, "flushing port ifindex: %d vlan id: %u flags: 0x%lx flags mask: 0x%lx\n", desc.port_ifindex, desc.vlan_id, desc.flags, desc.flags_mask);