1 #include <linux/kernel.h>
2 #include <linux/netdevice.h>
3 #include <linux/rtnetlink.h>
4 #include <linux/slab.h>
5 #include <net/switchdev.h>
7 #include "br_private.h"
9 static void __vlan_add_pvid(struct net_port_vlans *v, u16 vid)
18 static void __vlan_delete_pvid(struct net_port_vlans *v, u16 vid)
27 static void __vlan_add_flags(struct net_port_vlans *v, u16 vid, u16 flags)
29 if (flags & BRIDGE_VLAN_INFO_PVID)
30 __vlan_add_pvid(v, vid);
32 __vlan_delete_pvid(v, vid);
34 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
35 set_bit(vid, v->untagged_bitmap);
37 clear_bit(vid, v->untagged_bitmap);
40 static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br,
43 const struct net_device_ops *ops = dev->netdev_ops;
46 /* If driver uses VLAN ndo ops, use 8021q to install vid
47 * on device, otherwise try switchdev ops to install vid.
50 if (ops->ndo_vlan_rx_add_vid) {
51 err = vlan_vid_add(dev, br->vlan_proto, vid);
53 struct switchdev_obj vlan_obj = {
54 .id = SWITCHDEV_OBJ_PORT_VLAN,
62 err = switchdev_port_obj_add(dev, &vlan_obj);
63 if (err == -EOPNOTSUPP)
70 static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags)
72 struct net_bridge_port *p = NULL;
73 struct net_bridge *br;
74 struct net_device *dev;
77 if (test_bit(vid, v->vlan_bitmap)) {
78 __vlan_add_flags(v, vid, flags);
92 /* Add VLAN to the device filter if it is supported.
93 * This ensures tagged traffic enters the bridge when
94 * promiscuous mode is disabled by br_manage_promisc().
96 err = __vlan_vid_add(dev, br, vid, flags);
101 err = br_fdb_insert(br, p, dev->dev_addr, vid);
103 br_err(br, "failed insert local address into bridge "
104 "forwarding table\n");
108 set_bit(vid, v->vlan_bitmap);
110 __vlan_add_flags(v, vid, flags);
116 vlan_vid_del(dev, br->vlan_proto, vid);
120 static void __vlan_vid_del(struct net_device *dev, struct net_bridge *br,
123 const struct net_device_ops *ops = dev->netdev_ops;
125 /* If driver uses VLAN ndo ops, use 8021q to delete vid
126 * on device, otherwise try switchdev ops to delete vid.
129 if (ops->ndo_vlan_rx_kill_vid) {
130 vlan_vid_del(dev, br->vlan_proto, vid);
132 struct switchdev_obj vlan_obj = {
133 .id = SWITCHDEV_OBJ_PORT_VLAN,
140 switchdev_port_obj_del(dev, &vlan_obj);
144 static int __vlan_del(struct net_port_vlans *v, u16 vid)
146 if (!test_bit(vid, v->vlan_bitmap))
149 __vlan_delete_pvid(v, vid);
150 clear_bit(vid, v->untagged_bitmap);
153 struct net_bridge_port *p = v->parent.port;
154 __vlan_vid_del(p->dev, p->br, vid);
157 clear_bit(vid, v->vlan_bitmap);
159 if (bitmap_empty(v->vlan_bitmap, VLAN_N_VID)) {
161 RCU_INIT_POINTER(v->parent.port->vlan_info, NULL);
163 RCU_INIT_POINTER(v->parent.br->vlan_info, NULL);
169 static void __vlan_flush(struct net_port_vlans *v)
173 bitmap_zero(v->vlan_bitmap, VLAN_N_VID);
175 RCU_INIT_POINTER(v->parent.port->vlan_info, NULL);
177 RCU_INIT_POINTER(v->parent.br->vlan_info, NULL);
181 struct sk_buff *br_handle_vlan(struct net_bridge *br,
182 const struct net_port_vlans *pv,
187 /* If this packet was not filtered at input, let it pass */
188 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
191 /* Vlan filter table must be configured at this point. The
192 * only exception is the bridge is set in promisc mode and the
193 * packet is destined for the bridge device. In this case
194 * pass the packet as is.
197 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) {
205 /* At this point, we know that the frame was filtered and contains
206 * a valid vlan id. If the vlan id is set in the untagged bitmap,
207 * send untagged; otherwise, send tagged.
209 br_vlan_get_tag(skb, &vid);
210 if (test_bit(vid, pv->untagged_bitmap))
217 /* Called under RCU */
218 bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
219 struct sk_buff *skb, u16 *vid)
224 /* If VLAN filtering is disabled on the bridge, all packets are
227 if (!br->vlan_enabled) {
228 BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
232 /* If there are no vlan in the permitted list, all packets are
238 BR_INPUT_SKB_CB(skb)->vlan_filtered = true;
239 proto = br->vlan_proto;
241 /* If vlan tx offload is disabled on bridge device and frame was
242 * sent from vlan device on the bridge device, it does not have
243 * HW accelerated vlan tag.
245 if (unlikely(!skb_vlan_tag_present(skb) &&
246 skb->protocol == proto)) {
247 skb = skb_vlan_untag(skb);
252 if (!br_vlan_get_tag(skb, vid)) {
254 if (skb->vlan_proto != proto) {
255 /* Protocol-mismatch, empty out vlan_tci for new tag */
256 skb_push(skb, ETH_HLEN);
257 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto,
258 skb_vlan_tag_get(skb));
262 skb_pull(skb, ETH_HLEN);
263 skb_reset_mac_len(skb);
275 u16 pvid = br_get_pvid(v);
277 /* Frame had a tag with VID 0 or did not have a tag.
278 * See if pvid is set on this port. That tells us which
279 * vlan untagged or priority-tagged traffic belongs to.
284 /* PVID is set on this port. Any untagged or priority-tagged
285 * ingress frame is considered to belong to this vlan.
289 /* Untagged Frame. */
290 __vlan_hwaccel_put_tag(skb, proto, pvid);
292 /* Priority-tagged Frame.
293 * At this point, We know that skb->vlan_tci had
294 * VLAN_TAG_PRESENT bit and its VID field was 0x000.
295 * We update only VID field and preserve PCP field.
297 skb->vlan_tci |= pvid;
302 /* Frame had a valid vlan tag. See if vlan is allowed */
303 if (test_bit(*vid, v->vlan_bitmap))
310 /* Called under RCU. */
311 bool br_allowed_egress(struct net_bridge *br,
312 const struct net_port_vlans *v,
313 const struct sk_buff *skb)
317 /* If this packet was not filtered at input, let it pass */
318 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
324 br_vlan_get_tag(skb, &vid);
325 if (test_bit(vid, v->vlan_bitmap))
331 /* Called under RCU */
332 bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
334 struct net_bridge *br = p->br;
335 struct net_port_vlans *v;
337 /* If filtering was disabled at input, let it pass. */
338 if (!br->vlan_enabled)
341 v = rcu_dereference(p->vlan_info);
345 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto)
349 *vid = br_get_pvid(v);
356 if (test_bit(*vid, v->vlan_bitmap))
362 /* Must be protected by RTNL.
363 * Must be called with vid in range from 1 to 4094 inclusive.
365 int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
367 struct net_port_vlans *pv = NULL;
372 pv = rtnl_dereference(br->vlan_info);
374 return __vlan_add(pv, vid, flags);
376 /* Create port vlan infomration
378 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
383 err = __vlan_add(pv, vid, flags);
387 rcu_assign_pointer(br->vlan_info, pv);
394 /* Must be protected by RTNL.
395 * Must be called with vid in range from 1 to 4094 inclusive.
397 int br_vlan_delete(struct net_bridge *br, u16 vid)
399 struct net_port_vlans *pv;
403 pv = rtnl_dereference(br->vlan_info);
407 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid);
413 void br_vlan_flush(struct net_bridge *br)
415 struct net_port_vlans *pv;
418 pv = rtnl_dereference(br->vlan_info);
425 bool br_vlan_find(struct net_bridge *br, u16 vid)
427 struct net_port_vlans *pv;
431 pv = rcu_dereference(br->vlan_info);
436 if (test_bit(vid, pv->vlan_bitmap))
444 /* Must be protected by RTNL. */
445 static void recalculate_group_addr(struct net_bridge *br)
447 if (br->group_addr_set)
450 spin_lock_bh(&br->lock);
451 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q)) {
452 /* Bridge Group Address */
453 br->group_addr[5] = 0x00;
454 } else { /* vlan_enabled && ETH_P_8021AD */
455 /* Provider Bridge Group Address */
456 br->group_addr[5] = 0x08;
458 spin_unlock_bh(&br->lock);
461 /* Must be protected by RTNL. */
462 void br_recalculate_fwd_mask(struct net_bridge *br)
464 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q))
465 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT;
466 else /* vlan_enabled && ETH_P_8021AD */
467 br->group_fwd_mask_required = BR_GROUPFWD_8021AD &
468 ~(1u << br->group_addr[5]);
471 int __br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
473 if (br->vlan_enabled == val)
476 br->vlan_enabled = val;
477 br_manage_promisc(br);
478 recalculate_group_addr(br);
479 br_recalculate_fwd_mask(br);
484 int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
487 return restart_syscall();
489 __br_vlan_filter_toggle(br, val);
495 int br_vlan_set_proto(struct net_bridge *br, unsigned long val)
498 struct net_bridge_port *p;
499 struct net_port_vlans *pv;
500 __be16 proto, oldproto;
503 if (val != ETH_P_8021Q && val != ETH_P_8021AD)
504 return -EPROTONOSUPPORT;
507 return restart_syscall();
510 if (br->vlan_proto == proto)
513 /* Add VLANs for the new proto to the device filter. */
514 list_for_each_entry(p, &br->port_list, list) {
515 pv = rtnl_dereference(p->vlan_info);
519 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) {
520 err = vlan_vid_add(p->dev, proto, vid);
526 oldproto = br->vlan_proto;
527 br->vlan_proto = proto;
529 recalculate_group_addr(br);
530 br_recalculate_fwd_mask(br);
532 /* Delete VLANs for the old proto from the device filter. */
533 list_for_each_entry(p, &br->port_list, list) {
534 pv = rtnl_dereference(p->vlan_info);
538 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
539 vlan_vid_del(p->dev, oldproto, vid);
548 for_each_set_bit(vid, pv->vlan_bitmap, errvid)
549 vlan_vid_del(p->dev, proto, vid);
551 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
552 pv = rtnl_dereference(p->vlan_info);
556 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
557 vlan_vid_del(p->dev, proto, vid);
563 static bool vlan_default_pvid(struct net_port_vlans *pv, u16 vid)
565 return pv && vid == pv->pvid && test_bit(vid, pv->untagged_bitmap);
568 static void br_vlan_disable_default_pvid(struct net_bridge *br)
570 struct net_bridge_port *p;
571 u16 pvid = br->default_pvid;
573 /* Disable default_pvid on all ports where it is still
576 if (vlan_default_pvid(br_get_vlan_info(br), pvid))
577 br_vlan_delete(br, pvid);
579 list_for_each_entry(p, &br->port_list, list) {
580 if (vlan_default_pvid(nbp_get_vlan_info(p), pvid))
581 nbp_vlan_delete(p, pvid);
584 br->default_pvid = 0;
587 static int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid)
589 struct net_bridge_port *p;
592 unsigned long *changed;
594 changed = kcalloc(BITS_TO_LONGS(BR_MAX_PORTS), sizeof(unsigned long),
599 old_pvid = br->default_pvid;
601 /* Update default_pvid config only if we do not conflict with
602 * user configuration.
604 if ((!old_pvid || vlan_default_pvid(br_get_vlan_info(br), old_pvid)) &&
605 !br_vlan_find(br, pvid)) {
606 err = br_vlan_add(br, pvid,
607 BRIDGE_VLAN_INFO_PVID |
608 BRIDGE_VLAN_INFO_UNTAGGED);
611 br_vlan_delete(br, old_pvid);
615 list_for_each_entry(p, &br->port_list, list) {
616 /* Update default_pvid config only if we do not conflict with
617 * user configuration.
620 !vlan_default_pvid(nbp_get_vlan_info(p), old_pvid)) ||
621 nbp_vlan_find(p, pvid))
624 err = nbp_vlan_add(p, pvid,
625 BRIDGE_VLAN_INFO_PVID |
626 BRIDGE_VLAN_INFO_UNTAGGED);
629 nbp_vlan_delete(p, old_pvid);
630 set_bit(p->port_no, changed);
633 br->default_pvid = pvid;
640 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
641 if (!test_bit(p->port_no, changed))
645 nbp_vlan_add(p, old_pvid,
646 BRIDGE_VLAN_INFO_PVID |
647 BRIDGE_VLAN_INFO_UNTAGGED);
648 nbp_vlan_delete(p, pvid);
651 if (test_bit(0, changed)) {
653 br_vlan_add(br, old_pvid,
654 BRIDGE_VLAN_INFO_PVID |
655 BRIDGE_VLAN_INFO_UNTAGGED);
656 br_vlan_delete(br, pvid);
661 int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val)
666 if (val >= VLAN_VID_MASK)
670 return restart_syscall();
672 if (pvid == br->default_pvid)
675 /* Only allow default pvid change when filtering is disabled */
676 if (br->vlan_enabled) {
677 pr_info_once("Please disable vlan filtering to change default_pvid\n");
683 br_vlan_disable_default_pvid(br);
685 err = __br_vlan_set_default_pvid(br, pvid);
692 int br_vlan_init(struct net_bridge *br)
694 br->vlan_proto = htons(ETH_P_8021Q);
695 br->default_pvid = 1;
696 return br_vlan_add(br, 1,
697 BRIDGE_VLAN_INFO_PVID | BRIDGE_VLAN_INFO_UNTAGGED);
700 /* Must be protected by RTNL.
701 * Must be called with vid in range from 1 to 4094 inclusive.
703 int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
705 struct net_port_vlans *pv = NULL;
710 pv = rtnl_dereference(port->vlan_info);
712 return __vlan_add(pv, vid, flags);
714 /* Create port vlan infomration
716 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
722 pv->port_idx = port->port_no;
723 pv->parent.port = port;
724 err = __vlan_add(pv, vid, flags);
728 rcu_assign_pointer(port->vlan_info, pv);
736 /* Must be protected by RTNL.
737 * Must be called with vid in range from 1 to 4094 inclusive.
739 int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
741 struct net_port_vlans *pv;
745 pv = rtnl_dereference(port->vlan_info);
749 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid);
750 br_fdb_delete_by_port(port->br, port, vid, 0);
752 return __vlan_del(pv, vid);
755 void nbp_vlan_flush(struct net_bridge_port *port)
757 struct net_port_vlans *pv;
762 pv = rtnl_dereference(port->vlan_info);
766 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
767 vlan_vid_del(port->dev, port->br->vlan_proto, vid);
772 bool nbp_vlan_find(struct net_bridge_port *port, u16 vid)
774 struct net_port_vlans *pv;
778 pv = rcu_dereference(port->vlan_info);
783 if (test_bit(vid, pv->vlan_bitmap))
791 int nbp_vlan_init(struct net_bridge_port *p)
793 return p->br->default_pvid ?
794 nbp_vlan_add(p, p->br->default_pvid,
795 BRIDGE_VLAN_INFO_PVID |
796 BRIDGE_VLAN_INFO_UNTAGGED) :
projects / firefly-linux-kernel-4.4.55.git / blob