Merge branch 'bridge-add-a-limit-on-learned-fdb-entries'

	IFLA_BR_VLAN_STATS_PER_PORT,

	IFLA_BR_MULTI_BOOLOPT,

	IFLA_BR_MCAST_QUERIER_STATE,

	IFLA_BR_FDB_N_LEARNED,

	IFLA_BR_FDB_MAX_LEARNED,

	__IFLA_BR_MAX,

};

	hlist_del_init_rcu(&f->fdb_node);

	rhashtable_remove_fast(&br->fdb_hash_tbl, &f->rhnode,

			       br_fdb_rht_params);

	if (test_and_clear_bit(BR_FDB_DYNAMIC_LEARNED, &f->flags))

		atomic_dec(&br->fdb_n_learned);

	fdb_notify(br, f, RTM_DELNEIGH, swdev_notify);

	call_rcu(&f->rcu, fdb_rcu_free);

}

/* Delete a local entry if no other port had the same address. */

/* Delete a local entry if no other port had the same address.

 *

 * This function should only be called on entries with BR_FDB_LOCAL set,

 * so even with BR_FDB_ADDED_BY_USER cleared we never need to increase

 * the accounting for dynamically learned entries again.

 */

static void fdb_delete_local(struct net_bridge *br,

			     const struct net_bridge_port *p,

			     struct net_bridge_fdb_entry *f)

					       __u16 vid,

					       unsigned long flags)

{

	bool learned = !test_bit(BR_FDB_ADDED_BY_USER, &flags) &&

		       !test_bit(BR_FDB_LOCAL, &flags);

	u32 max_learned = READ_ONCE(br->fdb_max_learned);

	struct net_bridge_fdb_entry *fdb;

	int err;

	if (likely(learned)) {

		int n_learned = atomic_read(&br->fdb_n_learned);

		if (unlikely(max_learned && n_learned >= max_learned))

			return NULL;

		__set_bit(BR_FDB_DYNAMIC_LEARNED, &flags);

	}

	fdb = kmem_cache_alloc(br_fdb_cache, GFP_ATOMIC);

	if (!fdb)

		return NULL;

		return NULL;

	}

	if (likely(learned))

		atomic_inc(&br->fdb_n_learned);

	hlist_add_head_rcu(&fdb->fdb_node, &br->fdb_list);

	return fdb;

					clear_bit(BR_FDB_LOCKED, &fdb->flags);

			}

			if (unlikely(test_bit(BR_FDB_ADDED_BY_USER, &flags)))

			if (unlikely(test_bit(BR_FDB_ADDED_BY_USER, &flags))) {

				set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags);

				if (test_and_clear_bit(BR_FDB_DYNAMIC_LEARNED,

						       &fdb->flags))

					atomic_dec(&br->fdb_n_learned);

			}

			if (unlikely(fdb_modified)) {

				trace_br_fdb_update(br, source, addr, vid, flags);

				fdb_notify(br, fdb, RTM_NEWNEIGH, true);

		if (!(flags & NLM_F_CREATE))

			return -ENOENT;

		fdb = fdb_create(br, source, addr, vid, 0);

		fdb = fdb_create(br, source, addr, vid,

				 BIT(BR_FDB_ADDED_BY_USER));

		if (!fdb)

			return -ENOMEM;

			WRITE_ONCE(fdb->dst, source);

			modified = true;

		}

		set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags);

		if (test_and_clear_bit(BR_FDB_DYNAMIC_LEARNED, &fdb->flags))

			atomic_dec(&br->fdb_n_learned);

	}

	if (fdb_to_nud(br, fdb) != state) {

	if (fdb_handle_notify(fdb, notify))

		modified = true;

	set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags);

	fdb->used = jiffies;

	if (modified) {

		if (refresh)

		if (!p)

			set_bit(BR_FDB_LOCAL, &fdb->flags);

		if ((swdev_notify || !p) &&

		    test_and_clear_bit(BR_FDB_DYNAMIC_LEARNED, &fdb->flags))

			atomic_dec(&br->fdb_n_learned);

		if (modified)

			fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify);

	}

}

static const struct nla_policy br_policy[IFLA_BR_MAX + 1] = {

	[IFLA_BR_UNSPEC]	= { .strict_start_type =

				    IFLA_BR_FDB_N_LEARNED },

	[IFLA_BR_FORWARD_DELAY]	= { .type = NLA_U32 },

	[IFLA_BR_HELLO_TIME]	= { .type = NLA_U32 },

	[IFLA_BR_MAX_AGE]	= { .type = NLA_U32 },

	[IFLA_BR_VLAN_STATS_PER_PORT] = { .type = NLA_U8 },

	[IFLA_BR_MULTI_BOOLOPT] =

		NLA_POLICY_EXACT_LEN(sizeof(struct br_boolopt_multi)),

	[IFLA_BR_FDB_N_LEARNED] = { .type = NLA_REJECT },

	[IFLA_BR_FDB_MAX_LEARNED] = { .type = NLA_U32 },

};

static int br_changelink(struct net_device *brdev, struct nlattr *tb[],

			return err;

	}

	if (data[IFLA_BR_FDB_MAX_LEARNED]) {

		u32 val = nla_get_u32(data[IFLA_BR_FDB_MAX_LEARNED]);

		WRITE_ONCE(br->fdb_max_learned, val);

	}

	return 0;

}

	       nla_total_size_64bit(sizeof(u64)) + /* IFLA_BR_TOPOLOGY_CHANGE_TIMER */

	       nla_total_size_64bit(sizeof(u64)) + /* IFLA_BR_GC_TIMER */

	       nla_total_size(ETH_ALEN) +       /* IFLA_BR_GROUP_ADDR */

	       nla_total_size(sizeof(u32)) +    /* IFLA_BR_FDB_N_LEARNED */

	       nla_total_size(sizeof(u32)) +    /* IFLA_BR_FDB_MAX_LEARNED */

#ifdef CONFIG_BRIDGE_IGMP_SNOOPING

	       nla_total_size(sizeof(u8)) +     /* IFLA_BR_MCAST_ROUTER */

	       nla_total_size(sizeof(u8)) +     /* IFLA_BR_MCAST_SNOOPING */

	    nla_put_u8(skb, IFLA_BR_TOPOLOGY_CHANGE_DETECTED,

		       br->topology_change_detected) ||

	    nla_put(skb, IFLA_BR_GROUP_ADDR, ETH_ALEN, br->group_addr) ||

	    nla_put(skb, IFLA_BR_MULTI_BOOLOPT, sizeof(bm), &bm))

	    nla_put(skb, IFLA_BR_MULTI_BOOLOPT, sizeof(bm), &bm) ||

	    nla_put_u32(skb, IFLA_BR_FDB_N_LEARNED,

			atomic_read(&br->fdb_n_learned)) ||

	    nla_put_u32(skb, IFLA_BR_FDB_MAX_LEARNED, br->fdb_max_learned))

		return -EMSGSIZE;

#ifdef CONFIG_BRIDGE_VLAN_FILTERING

	BR_FDB_NOTIFY,

	BR_FDB_NOTIFY_INACTIVE,

	BR_FDB_LOCKED,

	BR_FDB_DYNAMIC_LEARNED,

};

struct net_bridge_fdb_key {

	struct kobject			*ifobj;

	u32				auto_cnt;

	atomic_t			fdb_n_learned;

	u32				fdb_max_learned;

#ifdef CONFIG_NET_SWITCHDEV

	/* Counter used to make sure that hardware domains get unique

	 * identifiers in case a bridge spans multiple switchdev instances.

# SPDX-License-Identifier: GPL-2.0+ OR MIT

TEST_PROGS = bridge_igmp.sh \

TEST_PROGS = bridge_fdb_learning_limit.sh \

	bridge_igmp.sh \

	bridge_locked_port.sh \

	bridge_mdb.sh \

	bridge_mdb_host.sh \