1 #include <linux/kernel.h>
2 #include <linux/netdevice.h>
3 #include <linux/rtnetlink.h>
4 #include <linux/slab.h>
6 #include "br_private.h"
8 static void __vlan_add_pvid(struct net_port_vlans *v, u16 vid)
17 static void __vlan_delete_pvid(struct net_port_vlans *v, u16 vid)
26 static void __vlan_add_flags(struct net_port_vlans *v, u16 vid, u16 flags)
28 if (flags & BRIDGE_VLAN_INFO_PVID)
29 __vlan_add_pvid(v, vid);
31 __vlan_delete_pvid(v, vid);
33 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
34 set_bit(vid, v->untagged_bitmap);
36 clear_bit(vid, v->untagged_bitmap);
39 static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags)
41 struct net_bridge_port *p = NULL;
42 struct net_bridge *br;
43 struct net_device *dev;
46 if (test_bit(vid, v->vlan_bitmap)) {
47 __vlan_add_flags(v, vid, flags);
61 /* Add VLAN to the device filter if it is supported.
62 * This ensures tagged traffic enters the bridge when
63 * promiscuous mode is disabled by br_manage_promisc().
65 err = vlan_vid_add(dev, br->vlan_proto, vid);
70 err = br_fdb_insert(br, p, dev->dev_addr, vid);
72 br_err(br, "failed insert local address into bridge "
73 "forwarding table\n");
77 set_bit(vid, v->vlan_bitmap);
79 __vlan_add_flags(v, vid, flags);
85 vlan_vid_del(dev, br->vlan_proto, vid);
89 static int __vlan_del(struct net_port_vlans *v, u16 vid)
91 if (!test_bit(vid, v->vlan_bitmap))
94 __vlan_delete_pvid(v, vid);
95 clear_bit(vid, v->untagged_bitmap);
98 struct net_bridge_port *p = v->parent.port;
99 vlan_vid_del(p->dev, p->br->vlan_proto, vid);
102 clear_bit(vid, v->vlan_bitmap);
104 if (bitmap_empty(v->vlan_bitmap, VLAN_N_VID)) {
106 RCU_INIT_POINTER(v->parent.port->vlan_info, NULL);
108 RCU_INIT_POINTER(v->parent.br->vlan_info, NULL);
114 static void __vlan_flush(struct net_port_vlans *v)
118 bitmap_zero(v->vlan_bitmap, VLAN_N_VID);
120 RCU_INIT_POINTER(v->parent.port->vlan_info, NULL);
122 RCU_INIT_POINTER(v->parent.br->vlan_info, NULL);
126 struct sk_buff *br_handle_vlan(struct net_bridge *br,
127 const struct net_port_vlans *pv,
132 /* If this packet was not filtered at input, let it pass */
133 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
136 /* Vlan filter table must be configured at this point. The
137 * only exception is the bridge is set in promisc mode and the
138 * packet is destined for the bridge device. In this case
139 * pass the packet as is.
142 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) {
150 /* At this point, we know that the frame was filtered and contains
151 * a valid vlan id. If the vlan id is set in the untagged bitmap,
152 * send untagged; otherwise, send tagged.
154 br_vlan_get_tag(skb, &vid);
155 if (test_bit(vid, pv->untagged_bitmap))
162 /* Called under RCU */
163 bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
164 struct sk_buff *skb, u16 *vid)
169 /* If VLAN filtering is disabled on the bridge, all packets are
172 if (!br->vlan_enabled) {
173 BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
177 /* If there are no vlan in the permitted list, all packets are
183 BR_INPUT_SKB_CB(skb)->vlan_filtered = true;
184 proto = br->vlan_proto;
186 /* If vlan tx offload is disabled on bridge device and frame was
187 * sent from vlan device on the bridge device, it does not have
188 * HW accelerated vlan tag.
190 if (unlikely(!skb_vlan_tag_present(skb) &&
191 skb->protocol == proto)) {
192 skb = skb_vlan_untag(skb);
197 if (!br_vlan_get_tag(skb, vid)) {
199 if (skb->vlan_proto != proto) {
200 /* Protocol-mismatch, empty out vlan_tci for new tag */
201 skb_push(skb, ETH_HLEN);
202 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto,
203 skb_vlan_tag_get(skb));
207 skb_pull(skb, ETH_HLEN);
208 skb_reset_mac_len(skb);
220 u16 pvid = br_get_pvid(v);
222 /* Frame had a tag with VID 0 or did not have a tag.
223 * See if pvid is set on this port. That tells us which
224 * vlan untagged or priority-tagged traffic belongs to.
229 /* PVID is set on this port. Any untagged or priority-tagged
230 * ingress frame is considered to belong to this vlan.
234 /* Untagged Frame. */
235 __vlan_hwaccel_put_tag(skb, proto, pvid);
237 /* Priority-tagged Frame.
238 * At this point, We know that skb->vlan_tci had
239 * VLAN_TAG_PRESENT bit and its VID field was 0x000.
240 * We update only VID field and preserve PCP field.
242 skb->vlan_tci |= pvid;
247 /* Frame had a valid vlan tag. See if vlan is allowed */
248 if (test_bit(*vid, v->vlan_bitmap))
255 /* Called under RCU. */
256 bool br_allowed_egress(struct net_bridge *br,
257 const struct net_port_vlans *v,
258 const struct sk_buff *skb)
262 /* If this packet was not filtered at input, let it pass */
263 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
269 br_vlan_get_tag(skb, &vid);
270 if (test_bit(vid, v->vlan_bitmap))
276 /* Called under RCU */
277 bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
279 struct net_bridge *br = p->br;
280 struct net_port_vlans *v;
282 /* If filtering was disabled at input, let it pass. */
283 if (!br->vlan_enabled)
286 v = rcu_dereference(p->vlan_info);
290 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto)
294 *vid = br_get_pvid(v);
301 if (test_bit(*vid, v->vlan_bitmap))
307 /* Must be protected by RTNL.
308 * Must be called with vid in range from 1 to 4094 inclusive.
310 int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
312 struct net_port_vlans *pv = NULL;
317 pv = rtnl_dereference(br->vlan_info);
319 return __vlan_add(pv, vid, flags);
321 /* Create port vlan infomration
323 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
328 err = __vlan_add(pv, vid, flags);
332 rcu_assign_pointer(br->vlan_info, pv);
339 /* Must be protected by RTNL.
340 * Must be called with vid in range from 1 to 4094 inclusive.
342 int br_vlan_delete(struct net_bridge *br, u16 vid)
344 struct net_port_vlans *pv;
348 pv = rtnl_dereference(br->vlan_info);
352 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid);
358 void br_vlan_flush(struct net_bridge *br)
360 struct net_port_vlans *pv;
363 pv = rtnl_dereference(br->vlan_info);
370 bool br_vlan_find(struct net_bridge *br, u16 vid)
372 struct net_port_vlans *pv;
376 pv = rcu_dereference(br->vlan_info);
381 if (test_bit(vid, pv->vlan_bitmap))
389 /* Must be protected by RTNL. */
390 static void recalculate_group_addr(struct net_bridge *br)
392 if (br->group_addr_set)
395 spin_lock_bh(&br->lock);
396 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q)) {
397 /* Bridge Group Address */
398 br->group_addr[5] = 0x00;
399 } else { /* vlan_enabled && ETH_P_8021AD */
400 /* Provider Bridge Group Address */
401 br->group_addr[5] = 0x08;
403 spin_unlock_bh(&br->lock);
406 /* Must be protected by RTNL. */
407 void br_recalculate_fwd_mask(struct net_bridge *br)
409 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q))
410 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT;
411 else /* vlan_enabled && ETH_P_8021AD */
412 br->group_fwd_mask_required = BR_GROUPFWD_8021AD &
413 ~(1u << br->group_addr[5]);
416 int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
419 return restart_syscall();
421 if (br->vlan_enabled == val)
424 br->vlan_enabled = val;
425 br_manage_promisc(br);
426 recalculate_group_addr(br);
427 br_recalculate_fwd_mask(br);
434 int br_vlan_set_proto(struct net_bridge *br, unsigned long val)
437 struct net_bridge_port *p;
438 struct net_port_vlans *pv;
439 __be16 proto, oldproto;
442 if (val != ETH_P_8021Q && val != ETH_P_8021AD)
443 return -EPROTONOSUPPORT;
446 return restart_syscall();
449 if (br->vlan_proto == proto)
452 /* Add VLANs for the new proto to the device filter. */
453 list_for_each_entry(p, &br->port_list, list) {
454 pv = rtnl_dereference(p->vlan_info);
458 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) {
459 err = vlan_vid_add(p->dev, proto, vid);
465 oldproto = br->vlan_proto;
466 br->vlan_proto = proto;
468 recalculate_group_addr(br);
469 br_recalculate_fwd_mask(br);
471 /* Delete VLANs for the old proto from the device filter. */
472 list_for_each_entry(p, &br->port_list, list) {
473 pv = rtnl_dereference(p->vlan_info);
477 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
478 vlan_vid_del(p->dev, oldproto, vid);
487 for_each_set_bit(vid, pv->vlan_bitmap, errvid)
488 vlan_vid_del(p->dev, proto, vid);
490 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
491 pv = rtnl_dereference(p->vlan_info);
495 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
496 vlan_vid_del(p->dev, proto, vid);
502 static bool vlan_default_pvid(struct net_port_vlans *pv, u16 vid)
504 return pv && vid == pv->pvid && test_bit(vid, pv->untagged_bitmap);
507 static void br_vlan_disable_default_pvid(struct net_bridge *br)
509 struct net_bridge_port *p;
510 u16 pvid = br->default_pvid;
512 /* Disable default_pvid on all ports where it is still
515 if (vlan_default_pvid(br_get_vlan_info(br), pvid))
516 br_vlan_delete(br, pvid);
518 list_for_each_entry(p, &br->port_list, list) {
519 if (vlan_default_pvid(nbp_get_vlan_info(p), pvid))
520 nbp_vlan_delete(p, pvid);
523 br->default_pvid = 0;
526 static int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid)
528 struct net_bridge_port *p;
531 unsigned long *changed;
533 changed = kcalloc(BITS_TO_LONGS(BR_MAX_PORTS), sizeof(unsigned long),
538 old_pvid = br->default_pvid;
540 /* Update default_pvid config only if we do not conflict with
541 * user configuration.
543 if ((!old_pvid || vlan_default_pvid(br_get_vlan_info(br), old_pvid)) &&
544 !br_vlan_find(br, pvid)) {
545 err = br_vlan_add(br, pvid,
546 BRIDGE_VLAN_INFO_PVID |
547 BRIDGE_VLAN_INFO_UNTAGGED);
550 br_vlan_delete(br, old_pvid);
554 list_for_each_entry(p, &br->port_list, list) {
555 /* Update default_pvid config only if we do not conflict with
556 * user configuration.
559 !vlan_default_pvid(nbp_get_vlan_info(p), old_pvid)) ||
560 nbp_vlan_find(p, pvid))
563 err = nbp_vlan_add(p, pvid,
564 BRIDGE_VLAN_INFO_PVID |
565 BRIDGE_VLAN_INFO_UNTAGGED);
568 nbp_vlan_delete(p, old_pvid);
569 set_bit(p->port_no, changed);
572 br->default_pvid = pvid;
579 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
580 if (!test_bit(p->port_no, changed))
584 nbp_vlan_add(p, old_pvid,
585 BRIDGE_VLAN_INFO_PVID |
586 BRIDGE_VLAN_INFO_UNTAGGED);
587 nbp_vlan_delete(p, pvid);
590 if (test_bit(0, changed)) {
592 br_vlan_add(br, old_pvid,
593 BRIDGE_VLAN_INFO_PVID |
594 BRIDGE_VLAN_INFO_UNTAGGED);
595 br_vlan_delete(br, pvid);
600 int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val)
605 if (val >= VLAN_VID_MASK)
609 return restart_syscall();
611 if (pvid == br->default_pvid)
614 /* Only allow default pvid change when filtering is disabled */
615 if (br->vlan_enabled) {
616 pr_info_once("Please disable vlan filtering to change default_pvid\n");
622 br_vlan_disable_default_pvid(br);
624 err = __br_vlan_set_default_pvid(br, pvid);
631 int br_vlan_init(struct net_bridge *br)
633 br->vlan_proto = htons(ETH_P_8021Q);
634 br->default_pvid = 1;
635 return br_vlan_add(br, 1,
636 BRIDGE_VLAN_INFO_PVID | BRIDGE_VLAN_INFO_UNTAGGED);
639 /* Must be protected by RTNL.
640 * Must be called with vid in range from 1 to 4094 inclusive.
642 int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
644 struct net_port_vlans *pv = NULL;
649 pv = rtnl_dereference(port->vlan_info);
651 return __vlan_add(pv, vid, flags);
653 /* Create port vlan infomration
655 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
661 pv->port_idx = port->port_no;
662 pv->parent.port = port;
663 err = __vlan_add(pv, vid, flags);
667 rcu_assign_pointer(port->vlan_info, pv);
675 /* Must be protected by RTNL.
676 * Must be called with vid in range from 1 to 4094 inclusive.
678 int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
680 struct net_port_vlans *pv;
684 pv = rtnl_dereference(port->vlan_info);
688 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid);
690 return __vlan_del(pv, vid);
693 void nbp_vlan_flush(struct net_bridge_port *port)
695 struct net_port_vlans *pv;
700 pv = rtnl_dereference(port->vlan_info);
704 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
705 vlan_vid_del(port->dev, port->br->vlan_proto, vid);
710 bool nbp_vlan_find(struct net_bridge_port *port, u16 vid)
712 struct net_port_vlans *pv;
716 pv = rcu_dereference(port->vlan_info);
721 if (test_bit(vid, pv->vlan_bitmap))
729 int nbp_vlan_init(struct net_bridge_port *p)
731 return p->br->default_pvid ?
732 nbp_vlan_add(p, p->br->default_pvid,
733 BRIDGE_VLAN_INFO_PVID |
734 BRIDGE_VLAN_INFO_UNTAGGED) :
Code Review / kvmfornfv.git / blob