src/network/networkd-bridge-fdb.c

   1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
   2 /***
   3   Copyright © 2014 Intel Corporation. All rights reserved.
   4 ***/
   5
   6 #include <net/ethernet.h>
   7 #include <net/if.h>
   8
   9 #include "alloc-util.h"
  10 #include "bridge.h"
  11 #include "netlink-util.h"
  12 #include "networkd-bridge-fdb.h"
  13 #include "networkd-link.h"
  14 #include "networkd-manager.h"
  15 #include "networkd-network.h"
  16 #include "networkd-queue.h"
  17 #include "networkd-util.h"
  18 #include "parse-util.h"
  19 #include "string-table.h"
  20 #include "vlan-util.h"
  21 #include "vxlan.h"
  22
  23 #define STATIC_BRIDGE_FDB_ENTRIES_PER_NETWORK_MAX 1024U
  24
  25 /* remove and FDB entry. */
  26 BridgeFDB *bridge_fdb_free(BridgeFDB *fdb) {
  27         if (!fdb)
  28                 return NULL;
  29
  30         if (fdb->network) {
  31                 assert(fdb->section);
  32                 hashmap_remove(fdb->network->bridge_fdb_entries_by_section, fdb->section);
  33         }
  34
  35         network_config_section_free(fdb->section);
  36
  37         free(fdb->outgoing_ifname);
  38         return mfree(fdb);
  39 }
  40
  41 DEFINE_NETWORK_SECTION_FUNCTIONS(BridgeFDB, bridge_fdb_free);
  42
  43 /* create a new FDB entry or get an existing one. */
  44 static int bridge_fdb_new_static(
  45                 Network *network,
  46                 const char *filename,
  47                 unsigned section_line,
  48                 BridgeFDB **ret) {
  49
  50         _cleanup_(network_config_section_freep) NetworkConfigSection *n = NULL;
  51         _cleanup_(bridge_fdb_freep) BridgeFDB *fdb = NULL;
  52         int r;
  53
  54         assert(network);
  55         assert(ret);
  56         assert(filename);
  57         assert(section_line > 0);
  58
  59         r = network_config_section_new(filename, section_line, &n);
  60         if (r < 0)
  61                 return r;
  62
  63         /* search entry in hashmap first. */
  64         fdb = hashmap_get(network->bridge_fdb_entries_by_section, n);
  65         if (fdb) {
  66                 *ret = TAKE_PTR(fdb);
  67                 return 0;
  68         }
  69
  70         if (hashmap_size(network->bridge_fdb_entries_by_section) >= STATIC_BRIDGE_FDB_ENTRIES_PER_NETWORK_MAX)
  71                 return -E2BIG;
  72
  73         /* allocate space for and FDB entry. */
  74         fdb = new(BridgeFDB, 1);
  75         if (!fdb)
  76                 return -ENOMEM;
  77
  78         /* init FDB structure. */
  79         *fdb = (BridgeFDB) {
  80                 .network = network,
  81                 .section = TAKE_PTR(n),
  82                 .vni = VXLAN_VID_MAX + 1,
  83                 .ntf_flags = NEIGHBOR_CACHE_ENTRY_FLAGS_SELF,
  84         };
  85
  86         r = hashmap_ensure_put(&network->bridge_fdb_entries_by_section, &network_config_hash_ops, fdb->section, fdb);
  87         if (r < 0)
  88                 return r;
  89
  90         /* return allocated FDB structure. */
  91         *ret = TAKE_PTR(fdb);
  92
  93         return 0;
  94 }
  95
  96 static int bridge_fdb_configure_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
  97         int r;
  98
  99         assert(link);
 100         assert(link->static_bridge_fdb_messages > 0);
 101
 102         link->static_bridge_fdb_messages--;
 103
 104         if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER))
 105                 return 0;
 106
 107         r = sd_netlink_message_get_errno(m);
 108         if (r < 0 && r != -EEXIST) {
 109                 log_link_message_warning_errno(link, m, r, "Could not add bridge FDB entry");
 110                 link_enter_failed(link);
 111                 return 0;
 112         }
 113
 114         if (link->static_bridge_fdb_messages == 0) {
 115                 log_link_debug(link, "Bridge FDB entries set");
 116                 link->static_bridge_fdb_configured = true;
 117                 link_check_ready(link);
 118         }
 119
 120         return 0;
 121 }
 122
 123 /* send a request to the kernel to add a FDB entry in its static MAC table. */
 124 static int bridge_fdb_configure(const BridgeFDB *fdb, Link *link, link_netlink_message_handler_t callback) {
 125         _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
 126         int r;
 127
 128         assert(fdb);
 129         assert(link);
 130         assert(link->manager);
 131         assert(link->manager->rtnl);
 132         assert(callback);
 133
 134         /* create new RTM message */
 135         r = sd_rtnl_message_new_neigh(link->manager->rtnl, &req, RTM_NEWNEIGH, link->ifindex, AF_BRIDGE);
 136         if (r < 0)
 137                 return log_link_error_errno(link, r, "Could not create RTM_NEWNEIGH message: %m");
 138
 139         r = sd_rtnl_message_neigh_set_flags(req, fdb->ntf_flags);
 140         if (r < 0)
 141                 return log_link_error_errno(link, r, "Could not set neighbor flags: %m");
 142
 143         /* only NUD_PERMANENT state supported. */
 144         r = sd_rtnl_message_neigh_set_state(req, NUD_NOARP | NUD_PERMANENT);
 145         if (r < 0)
 146                 return log_link_error_errno(link, r, "Could not set neighbor state: %m");
 147
 148         r = sd_netlink_message_append_data(req, NDA_LLADDR, &fdb->mac_addr, sizeof(fdb->mac_addr));
 149         if (r < 0)
 150                 return log_link_error_errno(link, r, "Could not append NDA_LLADDR attribute: %m");
 151
 152         /* VLAN Id is optional. We'll add VLAN Id only if it's specified. */
 153         if (fdb->vlan_id > 0) {
 154                 r = sd_netlink_message_append_u16(req, NDA_VLAN, fdb->vlan_id);
 155                 if (r < 0)
 156                         return log_link_error_errno(link, r, "Could not append NDA_VLAN attribute: %m");
 157         }
 158
 159         if (fdb->outgoing_ifindex > 0) {
 160                 r = sd_netlink_message_append_u32(req, NDA_IFINDEX, fdb->outgoing_ifindex);
 161                 if (r < 0)
 162                         return log_link_error_errno(link, r, "Could not append NDA_IFINDEX attribute: %m");
 163         }
 164
 165         if (in_addr_is_set(fdb->family, &fdb->destination_addr)) {
 166                 r = netlink_message_append_in_addr_union(req, NDA_DST, fdb->family, &fdb->destination_addr);
 167                 if (r < 0)
 168                         return log_link_error_errno(link, r, "Could not append NDA_DST attribute: %m");
 169         }
 170
 171         if (fdb->vni <= VXLAN_VID_MAX) {
 172                 r = sd_netlink_message_append_u32(req, NDA_VNI, fdb->vni);
 173                 if (r < 0)
 174                         return log_link_error_errno(link, r, "Could not append NDA_VNI attribute: %m");
 175         }
 176
 177         /* send message to the kernel to update its internal static MAC table. */
 178         r = netlink_call_async(link->manager->rtnl, NULL, req, callback,
 179                                link_netlink_destroy_callback, link);
 180         if (r < 0)
 181                 return log_link_error_errno(link, r, "Could not send rtnetlink message: %m");
 182
 183         link_ref(link);
 184
 185         return 1;
 186 }
 187
 188 int link_request_static_bridge_fdb(Link *link) {
 189         BridgeFDB *fdb;
 190         int r;
 191
 192         assert(link);
 193         assert(link->network);
 194
 195         link->static_bridge_fdb_configured = false;
 196
 197         HASHMAP_FOREACH(fdb, link->network->bridge_fdb_entries_by_section) {
 198                 r = link_queue_request(link, REQUEST_TYPE_BRIDGE_FDB, fdb, false,
 199                                        &link->static_bridge_fdb_messages, bridge_fdb_configure_handler, NULL);
 200                 if (r < 0)
 201                         return log_link_error_errno(link, r, "Failed to request static bridge FDB entry: %m");
 202         }
 203
 204         if (link->static_bridge_fdb_messages == 0) {
 205                 link->static_bridge_fdb_configured = true;
 206                 link_check_ready(link);
 207         } else {
 208                 log_link_debug(link, "Setting bridge FDB entries");
 209                 link_set_state(link, LINK_STATE_CONFIGURING);
 210         }
 211
 212         return 0;
 213 }
 214
 215 static bool bridge_fdb_is_ready_to_configure(BridgeFDB *fdb, Link *link) {
 216         Link *out = NULL;
 217
 218         assert(fdb);
 219         assert(link);
 220         assert(link->manager);
 221
 222         if (!link_is_ready_to_configure(link, false))
 223                 return false;
 224
 225         if (fdb->outgoing_ifname) {
 226                 if (link_get_by_name(link->manager, fdb->outgoing_ifname, &out) < 0)
 227                         return false;
 228
 229                 fdb->outgoing_ifindex = out->ifindex;
 230         } else if (fdb->outgoing_ifindex > 0) {
 231                 if (link_get_by_index(link->manager, fdb->outgoing_ifindex, &out) < 0)
 232                         return false;
 233         }
 234         if (out && !link_is_ready_to_configure(out, false))
 235                 return false;
 236
 237         return true;
 238 }
 239
 240 int request_process_bridge_fdb(Request *req) {
 241         assert(req);
 242         assert(req->link);
 243         assert(req->fdb);
 244         assert(req->type == REQUEST_TYPE_BRIDGE_FDB);
 245
 246         if (!bridge_fdb_is_ready_to_configure(req->fdb, req->link))
 247                 return 0;
 248
 249         return bridge_fdb_configure(req->fdb, req->link, req->netlink_handler);
 250 }
 251
 252 void network_drop_invalid_bridge_fdb_entries(Network *network) {
 253         BridgeFDB *fdb;
 254
 255         assert(network);
 256
 257         HASHMAP_FOREACH(fdb, network->bridge_fdb_entries_by_section)
 258                 if (section_is_invalid(fdb->section))
 259                         bridge_fdb_free(fdb);
 260 }
 261
 262 /* parse the HW address from config files. */
 263 int config_parse_fdb_hwaddr(
 264                 const char *unit,
 265                 const char *filename,
 266                 unsigned line,
 267                 const char *section,
 268                 unsigned section_line,
 269                 const char *lvalue,
 270                 int ltype,
 271                 const char *rvalue,
 272                 void *data,
 273                 void *userdata) {
 274
 275         _cleanup_(bridge_fdb_free_or_set_invalidp) BridgeFDB *fdb = NULL;
 276         Network *network = userdata;
 277         int r;
 278
 279         assert(filename);
 280         assert(section);
 281         assert(lvalue);
 282         assert(rvalue);
 283         assert(data);
 284
 285         r = bridge_fdb_new_static(network, filename, section_line, &fdb);
 286         if (r < 0)
 287                 return log_oom();
 288
 289         r = parse_ether_addr(rvalue, &fdb->mac_addr);
 290         if (r < 0) {
 291                 log_syntax(unit, LOG_WARNING, filename, line, r, "Not a valid MAC address, ignoring assignment: %s", rvalue);
 292                 return 0;
 293         }
 294
 295         TAKE_PTR(fdb);
 296         return 0;
 297 }
 298
 299 /* parse the VLAN Id from config files. */
 300 int config_parse_fdb_vlan_id(
 301                 const char *unit,
 302                 const char *filename,
 303                 unsigned line,
 304                 const char *section,
 305                 unsigned section_line,
 306                 const char *lvalue,
 307                 int ltype,
 308                 const char *rvalue,
 309                 void *data,
 310                 void *userdata) {
 311
 312         _cleanup_(bridge_fdb_free_or_set_invalidp) BridgeFDB *fdb = NULL;
 313         Network *network = userdata;
 314         int r;
 315
 316         assert(filename);
 317         assert(section);
 318         assert(lvalue);
 319         assert(rvalue);
 320         assert(data);
 321
 322         r = bridge_fdb_new_static(network, filename, section_line, &fdb);
 323         if (r < 0)
 324                 return log_oom();
 325
 326         r = config_parse_vlanid(unit, filename, line, section,
 327                                 section_line, lvalue, ltype,
 328                                 rvalue, &fdb->vlan_id, userdata);
 329         if (r < 0)
 330                 return r;
 331
 332         TAKE_PTR(fdb);
 333         return 0;
 334 }
 335
 336 int config_parse_fdb_destination(
 337                 const char *unit,
 338                 const char *filename,
 339                 unsigned line,
 340                 const char *section,
 341                 unsigned section_line,
 342                 const char *lvalue,
 343                 int ltype,
 344                 const char *rvalue,
 345                 void *data,
 346                 void *userdata) {
 347
 348         _cleanup_(bridge_fdb_free_or_set_invalidp) BridgeFDB *fdb = NULL;
 349         Network *network = userdata;
 350         int r;
 351
 352         assert(filename);
 353         assert(section);
 354         assert(lvalue);
 355         assert(rvalue);
 356         assert(data);
 357
 358         r = bridge_fdb_new_static(network, filename, section_line, &fdb);
 359         if (r < 0)
 360                 return log_oom();
 361
 362         r = in_addr_from_string_auto(rvalue, &fdb->family, &fdb->destination_addr);
 363         if (r < 0) {
 364                 log_syntax(unit, LOG_WARNING, filename, line, r,
 365                            "FDB destination IP address is invalid, ignoring assignment: %s",
 366                            rvalue);
 367                 return 0;
 368         }
 369
 370         TAKE_PTR(fdb);
 371         return 0;
 372 }
 373
 374 int config_parse_fdb_vxlan_vni(
 375                 const char *unit,
 376                 const char *filename,
 377                 unsigned line,
 378                 const char *section,
 379                 unsigned section_line,
 380                 const char *lvalue,
 381                 int ltype,
 382                 const char *rvalue,
 383                 void *data,
 384                 void *userdata) {
 385
 386         _cleanup_(bridge_fdb_free_or_set_invalidp) BridgeFDB *fdb = NULL;
 387         Network *network = userdata;
 388         uint32_t vni;
 389         int r;
 390
 391         assert(filename);
 392         assert(section);
 393         assert(lvalue);
 394         assert(rvalue);
 395         assert(data);
 396
 397         r = bridge_fdb_new_static(network, filename, section_line, &fdb);
 398         if (r < 0)
 399                 return log_oom();
 400
 401         r = safe_atou32(rvalue, &vni);
 402         if (r < 0) {
 403                 log_syntax(unit, LOG_WARNING, filename, line, r,
 404                            "Failed to parse VXLAN Network Identifier (VNI), ignoring assignment: %s",
 405                            rvalue);
 406                 return 0;
 407         }
 408
 409         if (vni > VXLAN_VID_MAX) {
 410                 log_syntax(unit, LOG_WARNING, filename, line, 0,
 411                            "FDB invalid VXLAN Network Identifier (VNI), ignoring assignment: %s",
 412                            rvalue);
 413                 return 0;
 414         }
 415
 416         fdb->vni = vni;
 417
 418         TAKE_PTR(fdb);
 419         return 0;
 420 }
 421
 422 static const char* const ntf_flags_table[_NEIGHBOR_CACHE_ENTRY_FLAGS_MAX] = {
 423         [NEIGHBOR_CACHE_ENTRY_FLAGS_USE] = "use",
 424         [NEIGHBOR_CACHE_ENTRY_FLAGS_SELF] = "self",
 425         [NEIGHBOR_CACHE_ENTRY_FLAGS_MASTER] = "master",
 426         [NEIGHBOR_CACHE_ENTRY_FLAGS_ROUTER] = "router",
 427 };
 428
 429 DEFINE_PRIVATE_STRING_TABLE_LOOKUP_FROM_STRING(ntf_flags, NeighborCacheEntryFlags);
 430
 431 int config_parse_fdb_ntf_flags(
 432                 const char *unit,
 433                 const char *filename,
 434                 unsigned line,
 435                 const char *section,
 436                 unsigned section_line,
 437                 const char *lvalue,
 438                 int ltype,
 439                 const char *rvalue,
 440                 void *data,
 441                 void *userdata) {
 442
 443         _cleanup_(bridge_fdb_free_or_set_invalidp) BridgeFDB *fdb = NULL;
 444         Network *network = userdata;
 445         NeighborCacheEntryFlags f;
 446         int r;
 447
 448         assert(filename);
 449         assert(section);
 450         assert(lvalue);
 451         assert(rvalue);
 452         assert(data);
 453
 454         r = bridge_fdb_new_static(network, filename, section_line, &fdb);
 455         if (r < 0)
 456                 return log_oom();
 457
 458         f = ntf_flags_from_string(rvalue);
 459         if (f < 0) {
 460                 log_syntax(unit, LOG_WARNING, filename, line, f,
 461                            "FDB failed to parse AssociatedWith=, ignoring assignment: %s",
 462                            rvalue);
 463                 return 0;
 464         }
 465
 466         fdb->ntf_flags = f;
 467
 468         TAKE_PTR(fdb);
 469         return 0;
 470 }
 471
 472 int config_parse_fdb_interface(
 473                 const char *unit,
 474                 const char *filename,
 475                 unsigned line,
 476                 const char *section,
 477                 unsigned section_line,
 478                 const char *lvalue,
 479                 int ltype,
 480                 const char *rvalue,
 481                 void *data,
 482                 void *userdata) {
 483
 484         _cleanup_(bridge_fdb_free_or_set_invalidp) BridgeFDB *fdb = NULL;
 485         Network *network = userdata;
 486         int r;
 487
 488         assert(filename);
 489         assert(section);
 490         assert(lvalue);
 491         assert(rvalue);
 492         assert(data);
 493
 494         r = bridge_fdb_new_static(network, filename, section_line, &fdb);
 495         if (r < 0)
 496                 return log_oom();
 497
 498         if (isempty(rvalue)) {
 499                 fdb->outgoing_ifname = mfree(fdb->outgoing_ifname);
 500                 fdb->outgoing_ifindex = 0;
 501                 TAKE_PTR(fdb);
 502                 return 0;
 503         }
 504
 505         r = parse_ifindex(rvalue);
 506         if (r > 0) {
 507                 fdb->outgoing_ifname = mfree(fdb->outgoing_ifname);
 508                 fdb->outgoing_ifindex = r;
 509                 TAKE_PTR(fdb);
 510                 return 0;
 511         }
 512
 513         if (!ifname_valid_full(rvalue, IFNAME_VALID_ALTERNATIVE)) {
 514                 log_syntax(unit, LOG_WARNING, filename, line, 0,
 515                            "Invalid interface name in %s=, ignoring assignment: %s", lvalue, rvalue);
 516                 return 0;
 517         }
 518
 519         r = free_and_strdup(&fdb->outgoing_ifname, rvalue);
 520         if (r < 0)
 521                 return log_oom();
 522         fdb->outgoing_ifindex = 0;
 523
 524         TAKE_PTR(fdb);
 525         return 0;
 526 }