Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Spanning tree protocol; BPDU handling
4 * Linux ethernet bridge
5 *
6 * Authors:
7 * Lennert Buytenhek <buytenh@gnu.org>
8 */
9
10#include <linux/kernel.h>
11#include <linux/netfilter_bridge.h>
12#include <linux/etherdevice.h>
13#include <linux/llc.h>
14#include <linux/slab.h>
15#include <linux/pkt_sched.h>
16#include <net/net_namespace.h>
17#include <net/llc.h>
18#include <net/llc_pdu.h>
19#include <net/stp.h>
20#include <asm/unaligned.h>
21
22#include "br_private.h"
23#include "br_private_stp.h"
24
25#define STP_HZ 256
26
27#define LLC_RESERVE sizeof(struct llc_pdu_un)
28
29static int br_send_bpdu_finish(struct net *net, struct sock *sk,
30 struct sk_buff *skb)
31{
32 return dev_queue_xmit(skb);
33}
34
35static void br_send_bpdu(struct net_bridge_port *p,
36 const unsigned char *data, int length)
37{
38 struct sk_buff *skb;
39
40 skb = dev_alloc_skb(length+LLC_RESERVE);
41 if (!skb)
42 return;
43
44 skb->dev = p->dev;
45 skb->protocol = htons(ETH_P_802_2);
46 skb->priority = TC_PRIO_CONTROL;
47
48 skb_reserve(skb, LLC_RESERVE);
49 __skb_put_data(skb, data, length);
50
51 llc_pdu_header_init(skb, LLC_PDU_TYPE_U, LLC_SAP_BSPAN,
52 LLC_SAP_BSPAN, LLC_PDU_CMD);
53 llc_pdu_init_as_ui_cmd(skb);
54
55 llc_mac_hdr_init(skb, p->dev->dev_addr, p->br->group_addr);
56
57 skb_reset_mac_header(skb);
58
59 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT,
60 dev_net(p->dev), NULL, skb, NULL, skb->dev,
61 br_send_bpdu_finish);
62}
63
64static inline void br_set_ticks(unsigned char *dest, int j)
65{
66 unsigned long ticks = (STP_HZ * j)/ HZ;
67
68 put_unaligned_be16(ticks, dest);
69}
70
71static inline int br_get_ticks(const unsigned char *src)
72{
73 unsigned long ticks = get_unaligned_be16(src);
74
75 return DIV_ROUND_UP(ticks * HZ, STP_HZ);
76}
77
78/* called under bridge lock */
79void br_send_config_bpdu(struct net_bridge_port *p, struct br_config_bpdu *bpdu)
80{
81 unsigned char buf[35];
82
83 if (p->br->stp_enabled != BR_KERNEL_STP)
84 return;
85
86 buf[0] = 0;
87 buf[1] = 0;
88 buf[2] = 0;
89 buf[3] = BPDU_TYPE_CONFIG;
90 buf[4] = (bpdu->topology_change ? 0x01 : 0) |
91 (bpdu->topology_change_ack ? 0x80 : 0);
92 buf[5] = bpdu->root.prio[0];
93 buf[6] = bpdu->root.prio[1];
94 buf[7] = bpdu->root.addr[0];
95 buf[8] = bpdu->root.addr[1];
96 buf[9] = bpdu->root.addr[2];
97 buf[10] = bpdu->root.addr[3];
98 buf[11] = bpdu->root.addr[4];
99 buf[12] = bpdu->root.addr[5];
100 buf[13] = (bpdu->root_path_cost >> 24) & 0xFF;
101 buf[14] = (bpdu->root_path_cost >> 16) & 0xFF;
102 buf[15] = (bpdu->root_path_cost >> 8) & 0xFF;
103 buf[16] = bpdu->root_path_cost & 0xFF;
104 buf[17] = bpdu->bridge_id.prio[0];
105 buf[18] = bpdu->bridge_id.prio[1];
106 buf[19] = bpdu->bridge_id.addr[0];
107 buf[20] = bpdu->bridge_id.addr[1];
108 buf[21] = bpdu->bridge_id.addr[2];
109 buf[22] = bpdu->bridge_id.addr[3];
110 buf[23] = bpdu->bridge_id.addr[4];
111 buf[24] = bpdu->bridge_id.addr[5];
112 buf[25] = (bpdu->port_id >> 8) & 0xFF;
113 buf[26] = bpdu->port_id & 0xFF;
114
115 br_set_ticks(buf+27, bpdu->message_age);
116 br_set_ticks(buf+29, bpdu->max_age);
117 br_set_ticks(buf+31, bpdu->hello_time);
118 br_set_ticks(buf+33, bpdu->forward_delay);
119
120 br_send_bpdu(p, buf, 35);
121
122 p->stp_xstats.tx_bpdu++;
123}
124
125/* called under bridge lock */
126void br_send_tcn_bpdu(struct net_bridge_port *p)
127{
128 unsigned char buf[4];
129
130 if (p->br->stp_enabled != BR_KERNEL_STP)
131 return;
132
133 buf[0] = 0;
134 buf[1] = 0;
135 buf[2] = 0;
136 buf[3] = BPDU_TYPE_TCN;
137 br_send_bpdu(p, buf, 4);
138
139 p->stp_xstats.tx_tcn++;
140}
141
142/*
143 * Called from llc.
144 *
145 * NO locks, but rcu_read_lock
146 */
147void br_stp_rcv(const struct stp_proto *proto, struct sk_buff *skb,
148 struct net_device *dev)
149{
150 struct net_bridge_port *p;
151 struct net_bridge *br;
152 const unsigned char *buf;
153
154 if (!pskb_may_pull(skb, 4))
155 goto err;
156
157 /* compare of protocol id and version */
158 buf = skb->data;
159 if (buf[0] != 0 || buf[1] != 0 || buf[2] != 0)
160 goto err;
161
162 p = br_port_get_check_rcu(dev);
163 if (!p)
164 goto err;
165
166 br = p->br;
167 spin_lock(&br->lock);
168
169 if (br->stp_enabled != BR_KERNEL_STP)
170 goto out;
171
172 if (!(br->dev->flags & IFF_UP))
173 goto out;
174
175 if (p->state == BR_STATE_DISABLED)
176 goto out;
177
178 if (!ether_addr_equal(eth_hdr(skb)->h_dest, br->group_addr))
179 goto out;
180
181 if (p->flags & BR_BPDU_GUARD) {
182 br_notice(br, "BPDU received on blocked port %u(%s)\n",
183 (unsigned int) p->port_no, p->dev->name);
184 br_stp_disable_port(p);
185 goto out;
186 }
187
188 buf = skb_pull(skb, 3);
189
190 if (buf[0] == BPDU_TYPE_CONFIG) {
191 struct br_config_bpdu bpdu;
192
193 if (!pskb_may_pull(skb, 32))
194 goto out;
195
196 buf = skb->data;
197 bpdu.topology_change = (buf[1] & 0x01) ? 1 : 0;
198 bpdu.topology_change_ack = (buf[1] & 0x80) ? 1 : 0;
199
200 bpdu.root.prio[0] = buf[2];
201 bpdu.root.prio[1] = buf[3];
202 bpdu.root.addr[0] = buf[4];
203 bpdu.root.addr[1] = buf[5];
204 bpdu.root.addr[2] = buf[6];
205 bpdu.root.addr[3] = buf[7];
206 bpdu.root.addr[4] = buf[8];
207 bpdu.root.addr[5] = buf[9];
208 bpdu.root_path_cost =
209 (buf[10] << 24) |
210 (buf[11] << 16) |
211 (buf[12] << 8) |
212 buf[13];
213 bpdu.bridge_id.prio[0] = buf[14];
214 bpdu.bridge_id.prio[1] = buf[15];
215 bpdu.bridge_id.addr[0] = buf[16];
216 bpdu.bridge_id.addr[1] = buf[17];
217 bpdu.bridge_id.addr[2] = buf[18];
218 bpdu.bridge_id.addr[3] = buf[19];
219 bpdu.bridge_id.addr[4] = buf[20];
220 bpdu.bridge_id.addr[5] = buf[21];
221 bpdu.port_id = (buf[22] << 8) | buf[23];
222
223 bpdu.message_age = br_get_ticks(buf+24);
224 bpdu.max_age = br_get_ticks(buf+26);
225 bpdu.hello_time = br_get_ticks(buf+28);
226 bpdu.forward_delay = br_get_ticks(buf+30);
227
228 if (bpdu.message_age > bpdu.max_age) {
229 if (net_ratelimit())
230 br_notice(p->br,
231 "port %u config from %pM"
232 " (message_age %ul > max_age %ul)\n",
233 p->port_no,
234 eth_hdr(skb)->h_source,
235 bpdu.message_age, bpdu.max_age);
236 goto out;
237 }
238
239 br_received_config_bpdu(p, &bpdu);
240 } else if (buf[0] == BPDU_TYPE_TCN) {
241 br_received_tcn_bpdu(p);
242 }
243 out:
244 spin_unlock(&br->lock);
245 err:
246 kfree_skb(skb);
247}
1/*
2 * Spanning tree protocol; BPDU handling
3 * Linux ethernet bridge
4 *
5 * Authors:
6 * Lennert Buytenhek <buytenh@gnu.org>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14#include <linux/kernel.h>
15#include <linux/netfilter_bridge.h>
16#include <linux/etherdevice.h>
17#include <linux/llc.h>
18#include <linux/slab.h>
19#include <linux/pkt_sched.h>
20#include <net/net_namespace.h>
21#include <net/llc.h>
22#include <net/llc_pdu.h>
23#include <net/stp.h>
24#include <asm/unaligned.h>
25
26#include "br_private.h"
27#include "br_private_stp.h"
28
29#define STP_HZ 256
30
31#define LLC_RESERVE sizeof(struct llc_pdu_un)
32
33static int br_send_bpdu_finish(struct net *net, struct sock *sk,
34 struct sk_buff *skb)
35{
36 return dev_queue_xmit(skb);
37}
38
39static void br_send_bpdu(struct net_bridge_port *p,
40 const unsigned char *data, int length)
41{
42 struct sk_buff *skb;
43
44 skb = dev_alloc_skb(length+LLC_RESERVE);
45 if (!skb)
46 return;
47
48 skb->dev = p->dev;
49 skb->protocol = htons(ETH_P_802_2);
50 skb->priority = TC_PRIO_CONTROL;
51
52 skb_reserve(skb, LLC_RESERVE);
53 memcpy(__skb_put(skb, length), data, length);
54
55 llc_pdu_header_init(skb, LLC_PDU_TYPE_U, LLC_SAP_BSPAN,
56 LLC_SAP_BSPAN, LLC_PDU_CMD);
57 llc_pdu_init_as_ui_cmd(skb);
58
59 llc_mac_hdr_init(skb, p->dev->dev_addr, p->br->group_addr);
60
61 skb_reset_mac_header(skb);
62
63 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT,
64 dev_net(p->dev), NULL, skb, NULL, skb->dev,
65 br_send_bpdu_finish);
66}
67
68static inline void br_set_ticks(unsigned char *dest, int j)
69{
70 unsigned long ticks = (STP_HZ * j)/ HZ;
71
72 put_unaligned_be16(ticks, dest);
73}
74
75static inline int br_get_ticks(const unsigned char *src)
76{
77 unsigned long ticks = get_unaligned_be16(src);
78
79 return DIV_ROUND_UP(ticks * HZ, STP_HZ);
80}
81
82/* called under bridge lock */
83void br_send_config_bpdu(struct net_bridge_port *p, struct br_config_bpdu *bpdu)
84{
85 unsigned char buf[35];
86
87 if (p->br->stp_enabled != BR_KERNEL_STP)
88 return;
89
90 buf[0] = 0;
91 buf[1] = 0;
92 buf[2] = 0;
93 buf[3] = BPDU_TYPE_CONFIG;
94 buf[4] = (bpdu->topology_change ? 0x01 : 0) |
95 (bpdu->topology_change_ack ? 0x80 : 0);
96 buf[5] = bpdu->root.prio[0];
97 buf[6] = bpdu->root.prio[1];
98 buf[7] = bpdu->root.addr[0];
99 buf[8] = bpdu->root.addr[1];
100 buf[9] = bpdu->root.addr[2];
101 buf[10] = bpdu->root.addr[3];
102 buf[11] = bpdu->root.addr[4];
103 buf[12] = bpdu->root.addr[5];
104 buf[13] = (bpdu->root_path_cost >> 24) & 0xFF;
105 buf[14] = (bpdu->root_path_cost >> 16) & 0xFF;
106 buf[15] = (bpdu->root_path_cost >> 8) & 0xFF;
107 buf[16] = bpdu->root_path_cost & 0xFF;
108 buf[17] = bpdu->bridge_id.prio[0];
109 buf[18] = bpdu->bridge_id.prio[1];
110 buf[19] = bpdu->bridge_id.addr[0];
111 buf[20] = bpdu->bridge_id.addr[1];
112 buf[21] = bpdu->bridge_id.addr[2];
113 buf[22] = bpdu->bridge_id.addr[3];
114 buf[23] = bpdu->bridge_id.addr[4];
115 buf[24] = bpdu->bridge_id.addr[5];
116 buf[25] = (bpdu->port_id >> 8) & 0xFF;
117 buf[26] = bpdu->port_id & 0xFF;
118
119 br_set_ticks(buf+27, bpdu->message_age);
120 br_set_ticks(buf+29, bpdu->max_age);
121 br_set_ticks(buf+31, bpdu->hello_time);
122 br_set_ticks(buf+33, bpdu->forward_delay);
123
124 br_send_bpdu(p, buf, 35);
125}
126
127/* called under bridge lock */
128void br_send_tcn_bpdu(struct net_bridge_port *p)
129{
130 unsigned char buf[4];
131
132 if (p->br->stp_enabled != BR_KERNEL_STP)
133 return;
134
135 buf[0] = 0;
136 buf[1] = 0;
137 buf[2] = 0;
138 buf[3] = BPDU_TYPE_TCN;
139 br_send_bpdu(p, buf, 4);
140}
141
142/*
143 * Called from llc.
144 *
145 * NO locks, but rcu_read_lock
146 */
147void br_stp_rcv(const struct stp_proto *proto, struct sk_buff *skb,
148 struct net_device *dev)
149{
150 const unsigned char *dest = eth_hdr(skb)->h_dest;
151 struct net_bridge_port *p;
152 struct net_bridge *br;
153 const unsigned char *buf;
154
155 if (!pskb_may_pull(skb, 4))
156 goto err;
157
158 /* compare of protocol id and version */
159 buf = skb->data;
160 if (buf[0] != 0 || buf[1] != 0 || buf[2] != 0)
161 goto err;
162
163 p = br_port_get_check_rcu(dev);
164 if (!p)
165 goto err;
166
167 br = p->br;
168 spin_lock(&br->lock);
169
170 if (br->stp_enabled != BR_KERNEL_STP)
171 goto out;
172
173 if (!(br->dev->flags & IFF_UP))
174 goto out;
175
176 if (p->state == BR_STATE_DISABLED)
177 goto out;
178
179 if (!ether_addr_equal(dest, br->group_addr))
180 goto out;
181
182 if (p->flags & BR_BPDU_GUARD) {
183 br_notice(br, "BPDU received on blocked port %u(%s)\n",
184 (unsigned int) p->port_no, p->dev->name);
185 br_stp_disable_port(p);
186 goto out;
187 }
188
189 buf = skb_pull(skb, 3);
190
191 if (buf[0] == BPDU_TYPE_CONFIG) {
192 struct br_config_bpdu bpdu;
193
194 if (!pskb_may_pull(skb, 32))
195 goto out;
196
197 buf = skb->data;
198 bpdu.topology_change = (buf[1] & 0x01) ? 1 : 0;
199 bpdu.topology_change_ack = (buf[1] & 0x80) ? 1 : 0;
200
201 bpdu.root.prio[0] = buf[2];
202 bpdu.root.prio[1] = buf[3];
203 bpdu.root.addr[0] = buf[4];
204 bpdu.root.addr[1] = buf[5];
205 bpdu.root.addr[2] = buf[6];
206 bpdu.root.addr[3] = buf[7];
207 bpdu.root.addr[4] = buf[8];
208 bpdu.root.addr[5] = buf[9];
209 bpdu.root_path_cost =
210 (buf[10] << 24) |
211 (buf[11] << 16) |
212 (buf[12] << 8) |
213 buf[13];
214 bpdu.bridge_id.prio[0] = buf[14];
215 bpdu.bridge_id.prio[1] = buf[15];
216 bpdu.bridge_id.addr[0] = buf[16];
217 bpdu.bridge_id.addr[1] = buf[17];
218 bpdu.bridge_id.addr[2] = buf[18];
219 bpdu.bridge_id.addr[3] = buf[19];
220 bpdu.bridge_id.addr[4] = buf[20];
221 bpdu.bridge_id.addr[5] = buf[21];
222 bpdu.port_id = (buf[22] << 8) | buf[23];
223
224 bpdu.message_age = br_get_ticks(buf+24);
225 bpdu.max_age = br_get_ticks(buf+26);
226 bpdu.hello_time = br_get_ticks(buf+28);
227 bpdu.forward_delay = br_get_ticks(buf+30);
228
229 if (bpdu.message_age > bpdu.max_age) {
230 if (net_ratelimit())
231 br_notice(p->br,
232 "port %u config from %pM"
233 " (message_age %ul > max_age %ul)\n",
234 p->port_no,
235 eth_hdr(skb)->h_source,
236 bpdu.message_age, bpdu.max_age);
237 goto out;
238 }
239
240 br_received_config_bpdu(p, &bpdu);
241 } else if (buf[0] == BPDU_TYPE_TCN) {
242 br_received_tcn_bpdu(p);
243 }
244 out:
245 spin_unlock(&br->lock);
246 err:
247 kfree_skb(skb);
248}