Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Spanning tree protocol; BPDU handling |
| 3 | * Linux ethernet bridge |
| 4 | * |
| 5 | * Authors: |
| 6 | * Lennert Buytenhek <buytenh@gnu.org> |
| 7 | * |
| 8 | * $Id: br_stp_bpdu.c,v 1.3 2001/11/10 02:35:25 davem Exp $ |
| 9 | * |
| 10 | * This program is free software; you can redistribute it and/or |
| 11 | * modify it under the terms of the GNU General Public License |
| 12 | * as published by the Free Software Foundation; either version |
| 13 | * 2 of the License, or (at your option) any later version. |
| 14 | */ |
| 15 | |
| 16 | #include <linux/kernel.h> |
| 17 | #include <linux/netfilter_bridge.h> |
| 18 | |
| 19 | #include "br_private.h" |
| 20 | #include "br_private_stp.h" |
| 21 | |
| 22 | #define JIFFIES_TO_TICKS(j) (((j) << 8) / HZ) |
| 23 | #define TICKS_TO_JIFFIES(j) (((j) * HZ) >> 8) |
| 24 | |
| 25 | static void br_send_bpdu(struct net_bridge_port *p, unsigned char *data, int length) |
| 26 | { |
| 27 | struct net_device *dev; |
| 28 | struct sk_buff *skb; |
| 29 | int size; |
| 30 | |
| 31 | if (!p->br->stp_enabled) |
| 32 | return; |
| 33 | |
| 34 | size = length + 2*ETH_ALEN + 2; |
| 35 | if (size < 60) |
| 36 | size = 60; |
| 37 | |
| 38 | dev = p->dev; |
| 39 | |
| 40 | if ((skb = dev_alloc_skb(size)) == NULL) { |
| 41 | printk(KERN_INFO "br: memory squeeze!\n"); |
| 42 | return; |
| 43 | } |
| 44 | |
| 45 | skb->dev = dev; |
| 46 | skb->protocol = htons(ETH_P_802_2); |
| 47 | skb->mac.raw = skb_put(skb, size); |
| 48 | memcpy(skb->mac.raw, bridge_ula, ETH_ALEN); |
| 49 | memcpy(skb->mac.raw+ETH_ALEN, dev->dev_addr, ETH_ALEN); |
| 50 | skb->mac.raw[2*ETH_ALEN] = 0; |
| 51 | skb->mac.raw[2*ETH_ALEN+1] = length; |
| 52 | skb->nh.raw = skb->mac.raw + 2*ETH_ALEN + 2; |
| 53 | memcpy(skb->nh.raw, data, length); |
| 54 | memset(skb->nh.raw + length, 0xa5, size - length - 2*ETH_ALEN - 2); |
| 55 | |
| 56 | NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, |
| 57 | dev_queue_xmit); |
| 58 | } |
| 59 | |
| 60 | static __inline__ void br_set_ticks(unsigned char *dest, int jiff) |
| 61 | { |
| 62 | __u16 ticks; |
| 63 | |
| 64 | ticks = JIFFIES_TO_TICKS(jiff); |
| 65 | dest[0] = (ticks >> 8) & 0xFF; |
| 66 | dest[1] = ticks & 0xFF; |
| 67 | } |
| 68 | |
| 69 | static __inline__ int br_get_ticks(unsigned char *dest) |
| 70 | { |
| 71 | return TICKS_TO_JIFFIES((dest[0] << 8) | dest[1]); |
| 72 | } |
| 73 | |
| 74 | /* called under bridge lock */ |
| 75 | void br_send_config_bpdu(struct net_bridge_port *p, struct br_config_bpdu *bpdu) |
| 76 | { |
| 77 | unsigned char buf[38]; |
| 78 | |
| 79 | buf[0] = 0x42; |
| 80 | buf[1] = 0x42; |
| 81 | buf[2] = 0x03; |
| 82 | buf[3] = 0; |
| 83 | buf[4] = 0; |
| 84 | buf[5] = 0; |
| 85 | buf[6] = BPDU_TYPE_CONFIG; |
| 86 | buf[7] = (bpdu->topology_change ? 0x01 : 0) | |
| 87 | (bpdu->topology_change_ack ? 0x80 : 0); |
| 88 | buf[8] = bpdu->root.prio[0]; |
| 89 | buf[9] = bpdu->root.prio[1]; |
| 90 | buf[10] = bpdu->root.addr[0]; |
| 91 | buf[11] = bpdu->root.addr[1]; |
| 92 | buf[12] = bpdu->root.addr[2]; |
| 93 | buf[13] = bpdu->root.addr[3]; |
| 94 | buf[14] = bpdu->root.addr[4]; |
| 95 | buf[15] = bpdu->root.addr[5]; |
| 96 | buf[16] = (bpdu->root_path_cost >> 24) & 0xFF; |
| 97 | buf[17] = (bpdu->root_path_cost >> 16) & 0xFF; |
| 98 | buf[18] = (bpdu->root_path_cost >> 8) & 0xFF; |
| 99 | buf[19] = bpdu->root_path_cost & 0xFF; |
| 100 | buf[20] = bpdu->bridge_id.prio[0]; |
| 101 | buf[21] = bpdu->bridge_id.prio[1]; |
| 102 | buf[22] = bpdu->bridge_id.addr[0]; |
| 103 | buf[23] = bpdu->bridge_id.addr[1]; |
| 104 | buf[24] = bpdu->bridge_id.addr[2]; |
| 105 | buf[25] = bpdu->bridge_id.addr[3]; |
| 106 | buf[26] = bpdu->bridge_id.addr[4]; |
| 107 | buf[27] = bpdu->bridge_id.addr[5]; |
| 108 | buf[28] = (bpdu->port_id >> 8) & 0xFF; |
| 109 | buf[29] = bpdu->port_id & 0xFF; |
| 110 | |
| 111 | br_set_ticks(buf+30, bpdu->message_age); |
| 112 | br_set_ticks(buf+32, bpdu->max_age); |
| 113 | br_set_ticks(buf+34, bpdu->hello_time); |
| 114 | br_set_ticks(buf+36, bpdu->forward_delay); |
| 115 | |
| 116 | br_send_bpdu(p, buf, 38); |
| 117 | } |
| 118 | |
| 119 | /* called under bridge lock */ |
| 120 | void br_send_tcn_bpdu(struct net_bridge_port *p) |
| 121 | { |
| 122 | unsigned char buf[7]; |
| 123 | |
| 124 | buf[0] = 0x42; |
| 125 | buf[1] = 0x42; |
| 126 | buf[2] = 0x03; |
| 127 | buf[3] = 0; |
| 128 | buf[4] = 0; |
| 129 | buf[5] = 0; |
| 130 | buf[6] = BPDU_TYPE_TCN; |
| 131 | br_send_bpdu(p, buf, 7); |
| 132 | } |
| 133 | |
| 134 | static const unsigned char header[6] = {0x42, 0x42, 0x03, 0x00, 0x00, 0x00}; |
| 135 | |
| 136 | /* NO locks */ |
| 137 | int br_stp_handle_bpdu(struct sk_buff *skb) |
| 138 | { |
| 139 | struct net_bridge_port *p = skb->dev->br_port; |
| 140 | struct net_bridge *br = p->br; |
| 141 | unsigned char *buf; |
| 142 | |
Stephen Hemminger | 85967bb | 2005-05-29 14:15:55 -0700 | [diff] [blame^] | 143 | /* insert into forwarding database after filtering to avoid spoofing */ |
| 144 | br_fdb_update(p->br, p, eth_hdr(skb)->h_source); |
| 145 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 146 | /* need at least the 802 and STP headers */ |
| 147 | if (!pskb_may_pull(skb, sizeof(header)+1) || |
| 148 | memcmp(skb->data, header, sizeof(header))) |
| 149 | goto err; |
| 150 | |
| 151 | buf = skb_pull(skb, sizeof(header)); |
| 152 | |
| 153 | spin_lock_bh(&br->lock); |
| 154 | if (p->state == BR_STATE_DISABLED |
| 155 | || !(br->dev->flags & IFF_UP) |
| 156 | || !br->stp_enabled) |
| 157 | goto out; |
| 158 | |
| 159 | if (buf[0] == BPDU_TYPE_CONFIG) { |
| 160 | struct br_config_bpdu bpdu; |
| 161 | |
| 162 | if (!pskb_may_pull(skb, 32)) |
| 163 | goto out; |
| 164 | |
| 165 | buf = skb->data; |
| 166 | bpdu.topology_change = (buf[1] & 0x01) ? 1 : 0; |
| 167 | bpdu.topology_change_ack = (buf[1] & 0x80) ? 1 : 0; |
| 168 | |
| 169 | bpdu.root.prio[0] = buf[2]; |
| 170 | bpdu.root.prio[1] = buf[3]; |
| 171 | bpdu.root.addr[0] = buf[4]; |
| 172 | bpdu.root.addr[1] = buf[5]; |
| 173 | bpdu.root.addr[2] = buf[6]; |
| 174 | bpdu.root.addr[3] = buf[7]; |
| 175 | bpdu.root.addr[4] = buf[8]; |
| 176 | bpdu.root.addr[5] = buf[9]; |
| 177 | bpdu.root_path_cost = |
| 178 | (buf[10] << 24) | |
| 179 | (buf[11] << 16) | |
| 180 | (buf[12] << 8) | |
| 181 | buf[13]; |
| 182 | bpdu.bridge_id.prio[0] = buf[14]; |
| 183 | bpdu.bridge_id.prio[1] = buf[15]; |
| 184 | bpdu.bridge_id.addr[0] = buf[16]; |
| 185 | bpdu.bridge_id.addr[1] = buf[17]; |
| 186 | bpdu.bridge_id.addr[2] = buf[18]; |
| 187 | bpdu.bridge_id.addr[3] = buf[19]; |
| 188 | bpdu.bridge_id.addr[4] = buf[20]; |
| 189 | bpdu.bridge_id.addr[5] = buf[21]; |
| 190 | bpdu.port_id = (buf[22] << 8) | buf[23]; |
| 191 | |
| 192 | bpdu.message_age = br_get_ticks(buf+24); |
| 193 | bpdu.max_age = br_get_ticks(buf+26); |
| 194 | bpdu.hello_time = br_get_ticks(buf+28); |
| 195 | bpdu.forward_delay = br_get_ticks(buf+30); |
| 196 | |
| 197 | br_received_config_bpdu(p, &bpdu); |
| 198 | } |
| 199 | |
| 200 | else if (buf[0] == BPDU_TYPE_TCN) { |
| 201 | br_received_tcn_bpdu(p); |
| 202 | } |
| 203 | out: |
| 204 | spin_unlock_bh(&br->lock); |
| 205 | err: |
| 206 | kfree_skb(skb); |
| 207 | return 0; |
| 208 | } |