Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Spanning tree protocol; BPDU handling
4 * Linux ethernet bridge
5 *
6 * Authors:
7 * Lennert Buytenhek <buytenh@gnu.org>
8 */
9
10#include <linux/kernel.h>
11#include <linux/netfilter_bridge.h>
12#include <linux/etherdevice.h>
13#include <linux/llc.h>
14#include <linux/slab.h>
15#include <linux/pkt_sched.h>
16#include <net/net_namespace.h>
17#include <net/llc.h>
18#include <net/llc_pdu.h>
19#include <net/stp.h>
20#include <asm/unaligned.h>
21
22#include "br_private.h"
23#include "br_private_stp.h"
24
25#define STP_HZ 256
26
27#define LLC_RESERVE sizeof(struct llc_pdu_un)
28
29static int br_send_bpdu_finish(struct net *net, struct sock *sk,
30 struct sk_buff *skb)
31{
32 return dev_queue_xmit(skb);
33}
34
35static void br_send_bpdu(struct net_bridge_port *p,
36 const unsigned char *data, int length)
37{
38 struct sk_buff *skb;
39
40 skb = dev_alloc_skb(length+LLC_RESERVE);
41 if (!skb)
42 return;
43
44 skb->dev = p->dev;
45 skb->protocol = htons(ETH_P_802_2);
46 skb->priority = TC_PRIO_CONTROL;
47
48 skb_reserve(skb, LLC_RESERVE);
49 __skb_put_data(skb, data, length);
50
51 llc_pdu_header_init(skb, LLC_PDU_TYPE_U, LLC_SAP_BSPAN,
52 LLC_SAP_BSPAN, LLC_PDU_CMD);
53 llc_pdu_init_as_ui_cmd(skb);
54
55 llc_mac_hdr_init(skb, p->dev->dev_addr, p->br->group_addr);
56
57 skb_reset_mac_header(skb);
58
59 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT,
60 dev_net(p->dev), NULL, skb, NULL, skb->dev,
61 br_send_bpdu_finish);
62}
63
64static inline void br_set_ticks(unsigned char *dest, int j)
65{
66 unsigned long ticks = (STP_HZ * j)/ HZ;
67
68 put_unaligned_be16(ticks, dest);
69}
70
71static inline int br_get_ticks(const unsigned char *src)
72{
73 unsigned long ticks = get_unaligned_be16(src);
74
75 return DIV_ROUND_UP(ticks * HZ, STP_HZ);
76}
77
78/* called under bridge lock */
79void br_send_config_bpdu(struct net_bridge_port *p, struct br_config_bpdu *bpdu)
80{
81 unsigned char buf[35];
82
83 if (p->br->stp_enabled != BR_KERNEL_STP)
84 return;
85
86 buf[0] = 0;
87 buf[1] = 0;
88 buf[2] = 0;
89 buf[3] = BPDU_TYPE_CONFIG;
90 buf[4] = (bpdu->topology_change ? 0x01 : 0) |
91 (bpdu->topology_change_ack ? 0x80 : 0);
92 buf[5] = bpdu->root.prio[0];
93 buf[6] = bpdu->root.prio[1];
94 buf[7] = bpdu->root.addr[0];
95 buf[8] = bpdu->root.addr[1];
96 buf[9] = bpdu->root.addr[2];
97 buf[10] = bpdu->root.addr[3];
98 buf[11] = bpdu->root.addr[4];
99 buf[12] = bpdu->root.addr[5];
100 buf[13] = (bpdu->root_path_cost >> 24) & 0xFF;
101 buf[14] = (bpdu->root_path_cost >> 16) & 0xFF;
102 buf[15] = (bpdu->root_path_cost >> 8) & 0xFF;
103 buf[16] = bpdu->root_path_cost & 0xFF;
104 buf[17] = bpdu->bridge_id.prio[0];
105 buf[18] = bpdu->bridge_id.prio[1];
106 buf[19] = bpdu->bridge_id.addr[0];
107 buf[20] = bpdu->bridge_id.addr[1];
108 buf[21] = bpdu->bridge_id.addr[2];
109 buf[22] = bpdu->bridge_id.addr[3];
110 buf[23] = bpdu->bridge_id.addr[4];
111 buf[24] = bpdu->bridge_id.addr[5];
112 buf[25] = (bpdu->port_id >> 8) & 0xFF;
113 buf[26] = bpdu->port_id & 0xFF;
114
115 br_set_ticks(buf+27, bpdu->message_age);
116 br_set_ticks(buf+29, bpdu->max_age);
117 br_set_ticks(buf+31, bpdu->hello_time);
118 br_set_ticks(buf+33, bpdu->forward_delay);
119
120 br_send_bpdu(p, buf, 35);
121
122 p->stp_xstats.tx_bpdu++;
123}
124
125/* called under bridge lock */
126void br_send_tcn_bpdu(struct net_bridge_port *p)
127{
128 unsigned char buf[4];
129
130 if (p->br->stp_enabled != BR_KERNEL_STP)
131 return;
132
133 buf[0] = 0;
134 buf[1] = 0;
135 buf[2] = 0;
136 buf[3] = BPDU_TYPE_TCN;
137 br_send_bpdu(p, buf, 4);
138
139 p->stp_xstats.tx_tcn++;
140}
141
142/*
143 * Called from llc.
144 *
145 * NO locks, but rcu_read_lock
146 */
147void br_stp_rcv(const struct stp_proto *proto, struct sk_buff *skb,
148 struct net_device *dev)
149{
150 struct net_bridge_port *p;
151 struct net_bridge *br;
152 const unsigned char *buf;
153
154 if (!pskb_may_pull(skb, 4))
155 goto err;
156
157 /* compare of protocol id and version */
158 buf = skb->data;
159 if (buf[0] != 0 || buf[1] != 0 || buf[2] != 0)
160 goto err;
161
162 p = br_port_get_check_rcu(dev);
163 if (!p)
164 goto err;
165
166 br = p->br;
167 spin_lock(&br->lock);
168
169 if (br->stp_enabled != BR_KERNEL_STP)
170 goto out;
171
172 if (!(br->dev->flags & IFF_UP))
173 goto out;
174
175 if (p->state == BR_STATE_DISABLED)
176 goto out;
177
178 if (!ether_addr_equal(eth_hdr(skb)->h_dest, br->group_addr))
179 goto out;
180
181 if (p->flags & BR_BPDU_GUARD) {
182 br_notice(br, "BPDU received on blocked port %u(%s)\n",
183 (unsigned int) p->port_no, p->dev->name);
184 br_stp_disable_port(p);
185 goto out;
186 }
187
188 buf = skb_pull(skb, 3);
189
190 if (buf[0] == BPDU_TYPE_CONFIG) {
191 struct br_config_bpdu bpdu;
192
193 if (!pskb_may_pull(skb, 32))
194 goto out;
195
196 buf = skb->data;
197 bpdu.topology_change = (buf[1] & 0x01) ? 1 : 0;
198 bpdu.topology_change_ack = (buf[1] & 0x80) ? 1 : 0;
199
200 bpdu.root.prio[0] = buf[2];
201 bpdu.root.prio[1] = buf[3];
202 bpdu.root.addr[0] = buf[4];
203 bpdu.root.addr[1] = buf[5];
204 bpdu.root.addr[2] = buf[6];
205 bpdu.root.addr[3] = buf[7];
206 bpdu.root.addr[4] = buf[8];
207 bpdu.root.addr[5] = buf[9];
208 bpdu.root_path_cost =
209 (buf[10] << 24) |
210 (buf[11] << 16) |
211 (buf[12] << 8) |
212 buf[13];
213 bpdu.bridge_id.prio[0] = buf[14];
214 bpdu.bridge_id.prio[1] = buf[15];
215 bpdu.bridge_id.addr[0] = buf[16];
216 bpdu.bridge_id.addr[1] = buf[17];
217 bpdu.bridge_id.addr[2] = buf[18];
218 bpdu.bridge_id.addr[3] = buf[19];
219 bpdu.bridge_id.addr[4] = buf[20];
220 bpdu.bridge_id.addr[5] = buf[21];
221 bpdu.port_id = (buf[22] << 8) | buf[23];
222
223 bpdu.message_age = br_get_ticks(buf+24);
224 bpdu.max_age = br_get_ticks(buf+26);
225 bpdu.hello_time = br_get_ticks(buf+28);
226 bpdu.forward_delay = br_get_ticks(buf+30);
227
228 if (bpdu.message_age > bpdu.max_age) {
229 if (net_ratelimit())
230 br_notice(p->br,
231 "port %u config from %pM"
232 " (message_age %ul > max_age %ul)\n",
233 p->port_no,
234 eth_hdr(skb)->h_source,
235 bpdu.message_age, bpdu.max_age);
236 goto out;
237 }
238
239 br_received_config_bpdu(p, &bpdu);
240 } else if (buf[0] == BPDU_TYPE_TCN) {
241 br_received_tcn_bpdu(p);
242 }
243 out:
244 spin_unlock(&br->lock);
245 err:
246 kfree_skb(skb);
247}
1/*
2 * Spanning tree protocol; BPDU handling
3 * Linux ethernet bridge
4 *
5 * Authors:
6 * Lennert Buytenhek <buytenh@gnu.org>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14#include <linux/kernel.h>
15#include <linux/netfilter_bridge.h>
16#include <linux/etherdevice.h>
17#include <linux/llc.h>
18#include <linux/slab.h>
19#include <linux/pkt_sched.h>
20#include <net/net_namespace.h>
21#include <net/llc.h>
22#include <net/llc_pdu.h>
23#include <net/stp.h>
24#include <asm/unaligned.h>
25
26#include "br_private.h"
27#include "br_private_stp.h"
28
29#define STP_HZ 256
30
31#define LLC_RESERVE sizeof(struct llc_pdu_un)
32
33static void br_send_bpdu(struct net_bridge_port *p,
34 const unsigned char *data, int length)
35{
36 struct sk_buff *skb;
37
38 skb = dev_alloc_skb(length+LLC_RESERVE);
39 if (!skb)
40 return;
41
42 skb->dev = p->dev;
43 skb->protocol = htons(ETH_P_802_2);
44 skb->priority = TC_PRIO_CONTROL;
45
46 skb_reserve(skb, LLC_RESERVE);
47 memcpy(__skb_put(skb, length), data, length);
48
49 llc_pdu_header_init(skb, LLC_PDU_TYPE_U, LLC_SAP_BSPAN,
50 LLC_SAP_BSPAN, LLC_PDU_CMD);
51 llc_pdu_init_as_ui_cmd(skb);
52
53 llc_mac_hdr_init(skb, p->dev->dev_addr, p->br->group_addr);
54
55 skb_reset_mac_header(skb);
56
57 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev,
58 dev_queue_xmit);
59}
60
61static inline void br_set_ticks(unsigned char *dest, int j)
62{
63 unsigned long ticks = (STP_HZ * j)/ HZ;
64
65 put_unaligned_be16(ticks, dest);
66}
67
68static inline int br_get_ticks(const unsigned char *src)
69{
70 unsigned long ticks = get_unaligned_be16(src);
71
72 return DIV_ROUND_UP(ticks * HZ, STP_HZ);
73}
74
75/* called under bridge lock */
76void br_send_config_bpdu(struct net_bridge_port *p, struct br_config_bpdu *bpdu)
77{
78 unsigned char buf[35];
79
80 if (p->br->stp_enabled != BR_KERNEL_STP)
81 return;
82
83 buf[0] = 0;
84 buf[1] = 0;
85 buf[2] = 0;
86 buf[3] = BPDU_TYPE_CONFIG;
87 buf[4] = (bpdu->topology_change ? 0x01 : 0) |
88 (bpdu->topology_change_ack ? 0x80 : 0);
89 buf[5] = bpdu->root.prio[0];
90 buf[6] = bpdu->root.prio[1];
91 buf[7] = bpdu->root.addr[0];
92 buf[8] = bpdu->root.addr[1];
93 buf[9] = bpdu->root.addr[2];
94 buf[10] = bpdu->root.addr[3];
95 buf[11] = bpdu->root.addr[4];
96 buf[12] = bpdu->root.addr[5];
97 buf[13] = (bpdu->root_path_cost >> 24) & 0xFF;
98 buf[14] = (bpdu->root_path_cost >> 16) & 0xFF;
99 buf[15] = (bpdu->root_path_cost >> 8) & 0xFF;
100 buf[16] = bpdu->root_path_cost & 0xFF;
101 buf[17] = bpdu->bridge_id.prio[0];
102 buf[18] = bpdu->bridge_id.prio[1];
103 buf[19] = bpdu->bridge_id.addr[0];
104 buf[20] = bpdu->bridge_id.addr[1];
105 buf[21] = bpdu->bridge_id.addr[2];
106 buf[22] = bpdu->bridge_id.addr[3];
107 buf[23] = bpdu->bridge_id.addr[4];
108 buf[24] = bpdu->bridge_id.addr[5];
109 buf[25] = (bpdu->port_id >> 8) & 0xFF;
110 buf[26] = bpdu->port_id & 0xFF;
111
112 br_set_ticks(buf+27, bpdu->message_age);
113 br_set_ticks(buf+29, bpdu->max_age);
114 br_set_ticks(buf+31, bpdu->hello_time);
115 br_set_ticks(buf+33, bpdu->forward_delay);
116
117 br_send_bpdu(p, buf, 35);
118}
119
120/* called under bridge lock */
121void br_send_tcn_bpdu(struct net_bridge_port *p)
122{
123 unsigned char buf[4];
124
125 if (p->br->stp_enabled != BR_KERNEL_STP)
126 return;
127
128 buf[0] = 0;
129 buf[1] = 0;
130 buf[2] = 0;
131 buf[3] = BPDU_TYPE_TCN;
132 br_send_bpdu(p, buf, 4);
133}
134
135/*
136 * Called from llc.
137 *
138 * NO locks, but rcu_read_lock
139 */
140void br_stp_rcv(const struct stp_proto *proto, struct sk_buff *skb,
141 struct net_device *dev)
142{
143 const unsigned char *dest = eth_hdr(skb)->h_dest;
144 struct net_bridge_port *p;
145 struct net_bridge *br;
146 const unsigned char *buf;
147
148 if (!pskb_may_pull(skb, 4))
149 goto err;
150
151 /* compare of protocol id and version */
152 buf = skb->data;
153 if (buf[0] != 0 || buf[1] != 0 || buf[2] != 0)
154 goto err;
155
156 p = br_port_get_check_rcu(dev);
157 if (!p)
158 goto err;
159
160 br = p->br;
161 spin_lock(&br->lock);
162
163 if (br->stp_enabled != BR_KERNEL_STP)
164 goto out;
165
166 if (!(br->dev->flags & IFF_UP))
167 goto out;
168
169 if (p->state == BR_STATE_DISABLED)
170 goto out;
171
172 if (!ether_addr_equal(dest, br->group_addr))
173 goto out;
174
175 if (p->flags & BR_BPDU_GUARD) {
176 br_notice(br, "BPDU received on blocked port %u(%s)\n",
177 (unsigned int) p->port_no, p->dev->name);
178 br_stp_disable_port(p);
179 goto out;
180 }
181
182 buf = skb_pull(skb, 3);
183
184 if (buf[0] == BPDU_TYPE_CONFIG) {
185 struct br_config_bpdu bpdu;
186
187 if (!pskb_may_pull(skb, 32))
188 goto out;
189
190 buf = skb->data;
191 bpdu.topology_change = (buf[1] & 0x01) ? 1 : 0;
192 bpdu.topology_change_ack = (buf[1] & 0x80) ? 1 : 0;
193
194 bpdu.root.prio[0] = buf[2];
195 bpdu.root.prio[1] = buf[3];
196 bpdu.root.addr[0] = buf[4];
197 bpdu.root.addr[1] = buf[5];
198 bpdu.root.addr[2] = buf[6];
199 bpdu.root.addr[3] = buf[7];
200 bpdu.root.addr[4] = buf[8];
201 bpdu.root.addr[5] = buf[9];
202 bpdu.root_path_cost =
203 (buf[10] << 24) |
204 (buf[11] << 16) |
205 (buf[12] << 8) |
206 buf[13];
207 bpdu.bridge_id.prio[0] = buf[14];
208 bpdu.bridge_id.prio[1] = buf[15];
209 bpdu.bridge_id.addr[0] = buf[16];
210 bpdu.bridge_id.addr[1] = buf[17];
211 bpdu.bridge_id.addr[2] = buf[18];
212 bpdu.bridge_id.addr[3] = buf[19];
213 bpdu.bridge_id.addr[4] = buf[20];
214 bpdu.bridge_id.addr[5] = buf[21];
215 bpdu.port_id = (buf[22] << 8) | buf[23];
216
217 bpdu.message_age = br_get_ticks(buf+24);
218 bpdu.max_age = br_get_ticks(buf+26);
219 bpdu.hello_time = br_get_ticks(buf+28);
220 bpdu.forward_delay = br_get_ticks(buf+30);
221
222 if (bpdu.message_age > bpdu.max_age) {
223 if (net_ratelimit())
224 br_notice(p->br,
225 "port %u config from %pM"
226 " (message_age %ul > max_age %ul)\n",
227 p->port_no,
228 eth_hdr(skb)->h_source,
229 bpdu.message_age, bpdu.max_age);
230 goto out;
231 }
232
233 br_received_config_bpdu(p, &bpdu);
234 } else if (buf[0] == BPDU_TYPE_TCN) {
235 br_received_tcn_bpdu(p);
236 }
237 out:
238 spin_unlock(&br->lock);
239 err:
240 kfree_skb(skb);
241}