1 /*
2 * Spanning tree protocol; BPDU handling
3 * Linux ethernet bridge
4 *
5 * Authors:
6 * Lennert Buytenhek <buytenh@gnu.org>
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version
11 * 2 of the License, or (at your option) any later version.
12 */
13
14 #include <linux/kernel.h>
15 #include <linux/netfilter_bridge.h>
16 #include <linux/etherdevice.h>
17 #include <linux/llc.h>
18 #include <linux/slab.h>
19 #include <linux/pkt_sched.h>
20 #include <net/net_namespace.h>
21 #include <net/llc.h>
22 #include <net/llc_pdu.h>
23 #include <net/stp.h>
24 #include <asm/unaligned.h>
25
26 #include "br_private.h"
27 #include "br_private_stp.h"
28
29 #define STP_HZ 256
30
31 #define LLC_RESERVE sizeof(struct llc_pdu_un)
32
br_send_bpdu_finish(struct net * net,struct sock * sk,struct sk_buff * skb)33 static int br_send_bpdu_finish(struct net *net, struct sock *sk,
34 struct sk_buff *skb)
35 {
36 return dev_queue_xmit(skb);
37 }
38
br_send_bpdu(struct net_bridge_port * p,const unsigned char * data,int length)39 static void br_send_bpdu(struct net_bridge_port *p,
40 const unsigned char *data, int length)
41 {
42 struct sk_buff *skb;
43
44 skb = dev_alloc_skb(length+LLC_RESERVE);
45 if (!skb)
46 return;
47
48 skb->dev = p->dev;
49 skb->protocol = htons(ETH_P_802_2);
50 skb->priority = TC_PRIO_CONTROL;
51
52 skb_reserve(skb, LLC_RESERVE);
53 memcpy(__skb_put(skb, length), data, length);
54
55 llc_pdu_header_init(skb, LLC_PDU_TYPE_U, LLC_SAP_BSPAN,
56 LLC_SAP_BSPAN, LLC_PDU_CMD);
57 llc_pdu_init_as_ui_cmd(skb);
58
59 llc_mac_hdr_init(skb, p->dev->dev_addr, p->br->group_addr);
60
61 skb_reset_mac_header(skb);
62
63 NF_HOOK(NFPROTO_BRIDGE, NF_BR_LOCAL_OUT,
64 dev_net(p->dev), NULL, skb, NULL, skb->dev,
65 br_send_bpdu_finish);
66 }
67
br_set_ticks(unsigned char * dest,int j)68 static inline void br_set_ticks(unsigned char *dest, int j)
69 {
70 unsigned long ticks = (STP_HZ * j)/ HZ;
71
72 put_unaligned_be16(ticks, dest);
73 }
74
br_get_ticks(const unsigned char * src)75 static inline int br_get_ticks(const unsigned char *src)
76 {
77 unsigned long ticks = get_unaligned_be16(src);
78
79 return DIV_ROUND_UP(ticks * HZ, STP_HZ);
80 }
81
82 /* called under bridge lock */
br_send_config_bpdu(struct net_bridge_port * p,struct br_config_bpdu * bpdu)83 void br_send_config_bpdu(struct net_bridge_port *p, struct br_config_bpdu *bpdu)
84 {
85 unsigned char buf[35];
86
87 if (p->br->stp_enabled != BR_KERNEL_STP)
88 return;
89
90 buf[0] = 0;
91 buf[1] = 0;
92 buf[2] = 0;
93 buf[3] = BPDU_TYPE_CONFIG;
94 buf[4] = (bpdu->topology_change ? 0x01 : 0) |
95 (bpdu->topology_change_ack ? 0x80 : 0);
96 buf[5] = bpdu->root.prio[0];
97 buf[6] = bpdu->root.prio[1];
98 buf[7] = bpdu->root.addr[0];
99 buf[8] = bpdu->root.addr[1];
100 buf[9] = bpdu->root.addr[2];
101 buf[10] = bpdu->root.addr[3];
102 buf[11] = bpdu->root.addr[4];
103 buf[12] = bpdu->root.addr[5];
104 buf[13] = (bpdu->root_path_cost >> 24) & 0xFF;
105 buf[14] = (bpdu->root_path_cost >> 16) & 0xFF;
106 buf[15] = (bpdu->root_path_cost >> 8) & 0xFF;
107 buf[16] = bpdu->root_path_cost & 0xFF;
108 buf[17] = bpdu->bridge_id.prio[0];
109 buf[18] = bpdu->bridge_id.prio[1];
110 buf[19] = bpdu->bridge_id.addr[0];
111 buf[20] = bpdu->bridge_id.addr[1];
112 buf[21] = bpdu->bridge_id.addr[2];
113 buf[22] = bpdu->bridge_id.addr[3];
114 buf[23] = bpdu->bridge_id.addr[4];
115 buf[24] = bpdu->bridge_id.addr[5];
116 buf[25] = (bpdu->port_id >> 8) & 0xFF;
117 buf[26] = bpdu->port_id & 0xFF;
118
119 br_set_ticks(buf+27, bpdu->message_age);
120 br_set_ticks(buf+29, bpdu->max_age);
121 br_set_ticks(buf+31, bpdu->hello_time);
122 br_set_ticks(buf+33, bpdu->forward_delay);
123
124 br_send_bpdu(p, buf, 35);
125 }
126
127 /* called under bridge lock */
br_send_tcn_bpdu(struct net_bridge_port * p)128 void br_send_tcn_bpdu(struct net_bridge_port *p)
129 {
130 unsigned char buf[4];
131
132 if (p->br->stp_enabled != BR_KERNEL_STP)
133 return;
134
135 buf[0] = 0;
136 buf[1] = 0;
137 buf[2] = 0;
138 buf[3] = BPDU_TYPE_TCN;
139 br_send_bpdu(p, buf, 4);
140 }
141
142 /*
143 * Called from llc.
144 *
145 * NO locks, but rcu_read_lock
146 */
br_stp_rcv(const struct stp_proto * proto,struct sk_buff * skb,struct net_device * dev)147 void br_stp_rcv(const struct stp_proto *proto, struct sk_buff *skb,
148 struct net_device *dev)
149 {
150 const unsigned char *dest = eth_hdr(skb)->h_dest;
151 struct net_bridge_port *p;
152 struct net_bridge *br;
153 const unsigned char *buf;
154
155 if (!pskb_may_pull(skb, 4))
156 goto err;
157
158 /* compare of protocol id and version */
159 buf = skb->data;
160 if (buf[0] != 0 || buf[1] != 0 || buf[2] != 0)
161 goto err;
162
163 p = br_port_get_check_rcu(dev);
164 if (!p)
165 goto err;
166
167 br = p->br;
168 spin_lock(&br->lock);
169
170 if (br->stp_enabled != BR_KERNEL_STP)
171 goto out;
172
173 if (!(br->dev->flags & IFF_UP))
174 goto out;
175
176 if (p->state == BR_STATE_DISABLED)
177 goto out;
178
179 if (!ether_addr_equal(dest, br->group_addr))
180 goto out;
181
182 if (p->flags & BR_BPDU_GUARD) {
183 br_notice(br, "BPDU received on blocked port %u(%s)\n",
184 (unsigned int) p->port_no, p->dev->name);
185 br_stp_disable_port(p);
186 goto out;
187 }
188
189 buf = skb_pull(skb, 3);
190
191 if (buf[0] == BPDU_TYPE_CONFIG) {
192 struct br_config_bpdu bpdu;
193
194 if (!pskb_may_pull(skb, 32))
195 goto out;
196
197 buf = skb->data;
198 bpdu.topology_change = (buf[1] & 0x01) ? 1 : 0;
199 bpdu.topology_change_ack = (buf[1] & 0x80) ? 1 : 0;
200
201 bpdu.root.prio[0] = buf[2];
202 bpdu.root.prio[1] = buf[3];
203 bpdu.root.addr[0] = buf[4];
204 bpdu.root.addr[1] = buf[5];
205 bpdu.root.addr[2] = buf[6];
206 bpdu.root.addr[3] = buf[7];
207 bpdu.root.addr[4] = buf[8];
208 bpdu.root.addr[5] = buf[9];
209 bpdu.root_path_cost =
210 (buf[10] << 24) |
211 (buf[11] << 16) |
212 (buf[12] << 8) |
213 buf[13];
214 bpdu.bridge_id.prio[0] = buf[14];
215 bpdu.bridge_id.prio[1] = buf[15];
216 bpdu.bridge_id.addr[0] = buf[16];
217 bpdu.bridge_id.addr[1] = buf[17];
218 bpdu.bridge_id.addr[2] = buf[18];
219 bpdu.bridge_id.addr[3] = buf[19];
220 bpdu.bridge_id.addr[4] = buf[20];
221 bpdu.bridge_id.addr[5] = buf[21];
222 bpdu.port_id = (buf[22] << 8) | buf[23];
223
224 bpdu.message_age = br_get_ticks(buf+24);
225 bpdu.max_age = br_get_ticks(buf+26);
226 bpdu.hello_time = br_get_ticks(buf+28);
227 bpdu.forward_delay = br_get_ticks(buf+30);
228
229 if (bpdu.message_age > bpdu.max_age) {
230 if (net_ratelimit())
231 br_notice(p->br,
232 "port %u config from %pM"
233 " (message_age %ul > max_age %ul)\n",
234 p->port_no,
235 eth_hdr(skb)->h_source,
236 bpdu.message_age, bpdu.max_age);
237 goto out;
238 }
239
240 br_received_config_bpdu(p, &bpdu);
241 } else if (buf[0] == BPDU_TYPE_TCN) {
242 br_received_tcn_bpdu(p);
243 }
244 out:
245 spin_unlock(&br->lock);
246 err:
247 kfree_skb(skb);
248 }
249