1 #include <linux/kernel.h>
2 #include <linux/netdevice.h>
3 #include <linux/rtnetlink.h>
4 #include <linux/slab.h>
6 #include "br_private.h"
8 static void __vlan_add_pvid(struct net_port_vlans *v, u16 vid)
17 static void __vlan_delete_pvid(struct net_port_vlans *v, u16 vid)
26 static void __vlan_add_flags(struct net_port_vlans *v, u16 vid, u16 flags)
28 if (flags & BRIDGE_VLAN_INFO_PVID)
29 __vlan_add_pvid(v, vid);
31 __vlan_delete_pvid(v, vid);
33 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
34 set_bit(vid, v->untagged_bitmap);
36 clear_bit(vid, v->untagged_bitmap);
39 static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags)
41 struct net_bridge_port *p = NULL;
42 struct net_bridge *br;
43 struct net_device *dev;
46 if (test_bit(vid, v->vlan_bitmap)) {
47 __vlan_add_flags(v, vid, flags);
61 /* Add VLAN to the device filter if it is supported.
62 * This ensures tagged traffic enters the bridge when
63 * promiscuous mode is disabled by br_manage_promisc().
65 err = vlan_vid_add(dev, br->vlan_proto, vid);
70 err = br_fdb_insert(br, p, dev->dev_addr, vid);
72 br_err(br, "failed insert local address into bridge "
73 "forwarding table\n");
77 set_bit(vid, v->vlan_bitmap);
79 __vlan_add_flags(v, vid, flags);
85 vlan_vid_del(dev, br->vlan_proto, vid);
89 static int __vlan_del(struct net_port_vlans *v, u16 vid)
91 if (!test_bit(vid, v->vlan_bitmap))
94 __vlan_delete_pvid(v, vid);
95 clear_bit(vid, v->untagged_bitmap);
98 struct net_bridge_port *p = v->parent.port;
99 vlan_vid_del(p->dev, p->br->vlan_proto, vid);
102 clear_bit(vid, v->vlan_bitmap);
104 if (bitmap_empty(v->vlan_bitmap, VLAN_N_VID)) {
106 RCU_INIT_POINTER(v->parent.port->vlan_info, NULL);
108 RCU_INIT_POINTER(v->parent.br->vlan_info, NULL);
114 static void __vlan_flush(struct net_port_vlans *v)
118 bitmap_zero(v->vlan_bitmap, VLAN_N_VID);
120 RCU_INIT_POINTER(v->parent.port->vlan_info, NULL);
122 RCU_INIT_POINTER(v->parent.br->vlan_info, NULL);
126 struct sk_buff *br_handle_vlan(struct net_bridge *br,
127 const struct net_port_vlans *pv,
132 /* If this packet was not filtered at input, let it pass */
133 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
136 /* Vlan filter table must be configured at this point. The
137 * only exception is the bridge is set in promisc mode and the
138 * packet is destined for the bridge device. In this case
139 * pass the packet as is.
142 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) {
150 /* At this point, we know that the frame was filtered and contains
151 * a valid vlan id. If the vlan id is set in the untagged bitmap,
152 * send untagged; otherwise, send tagged.
154 br_vlan_get_tag(skb, &vid);
155 if (test_bit(vid, pv->untagged_bitmap))
162 /* Called under RCU */
163 bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
164 struct sk_buff *skb, u16 *vid)
169 /* If VLAN filtering is disabled on the bridge, all packets are
172 if (!br->vlan_enabled) {
173 BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
177 /* If there are no vlan in the permitted list, all packets are
183 BR_INPUT_SKB_CB(skb)->vlan_filtered = true;
184 proto = br->vlan_proto;
186 /* If vlan tx offload is disabled on bridge device and frame was
187 * sent from vlan device on the bridge device, it does not have
188 * HW accelerated vlan tag.
190 if (unlikely(!vlan_tx_tag_present(skb) &&
191 skb->protocol == proto)) {
192 skb = skb_vlan_untag(skb);
197 if (!br_vlan_get_tag(skb, vid)) {
199 if (skb->vlan_proto != proto) {
200 /* Protocol-mismatch, empty out vlan_tci for new tag */
201 skb_push(skb, ETH_HLEN);
202 skb = __vlan_put_tag(skb, skb->vlan_proto,
203 vlan_tx_tag_get(skb));
207 skb_pull(skb, ETH_HLEN);
208 skb_reset_mac_len(skb);
220 u16 pvid = br_get_pvid(v);
222 /* Frame had a tag with VID 0 or did not have a tag.
223 * See if pvid is set on this port. That tells us which
224 * vlan untagged or priority-tagged traffic belongs to.
226 if (pvid == VLAN_N_VID)
229 /* PVID is set on this port. Any untagged or priority-tagged
230 * ingress frame is considered to belong to this vlan.
234 /* Untagged Frame. */
235 __vlan_hwaccel_put_tag(skb, proto, pvid);
237 /* Priority-tagged Frame.
238 * At this point, We know that skb->vlan_tci had
239 * VLAN_TAG_PRESENT bit and its VID field was 0x000.
240 * We update only VID field and preserve PCP field.
242 skb->vlan_tci |= pvid;
247 /* Frame had a valid vlan tag. See if vlan is allowed */
248 if (test_bit(*vid, v->vlan_bitmap))
255 /* Called under RCU. */
256 bool br_allowed_egress(struct net_bridge *br,
257 const struct net_port_vlans *v,
258 const struct sk_buff *skb)
262 /* If this packet was not filtered at input, let it pass */
263 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
269 br_vlan_get_tag(skb, &vid);
270 if (test_bit(vid, v->vlan_bitmap))
276 /* Called under RCU */
277 bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
279 struct net_bridge *br = p->br;
280 struct net_port_vlans *v;
282 /* If filtering was disabled at input, let it pass. */
283 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
286 v = rcu_dereference(p->vlan_info);
290 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto)
294 *vid = br_get_pvid(v);
295 if (*vid == VLAN_N_VID)
301 if (test_bit(*vid, v->vlan_bitmap))
307 /* Must be protected by RTNL.
308 * Must be called with vid in range from 1 to 4094 inclusive.
310 int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
312 struct net_port_vlans *pv = NULL;
317 pv = rtnl_dereference(br->vlan_info);
319 return __vlan_add(pv, vid, flags);
321 /* Create port vlan infomration
323 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
328 err = __vlan_add(pv, vid, flags);
332 rcu_assign_pointer(br->vlan_info, pv);
339 /* Must be protected by RTNL.
340 * Must be called with vid in range from 1 to 4094 inclusive.
342 int br_vlan_delete(struct net_bridge *br, u16 vid)
344 struct net_port_vlans *pv;
348 pv = rtnl_dereference(br->vlan_info);
352 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid);
358 void br_vlan_flush(struct net_bridge *br)
360 struct net_port_vlans *pv;
363 pv = rtnl_dereference(br->vlan_info);
370 bool br_vlan_find(struct net_bridge *br, u16 vid)
372 struct net_port_vlans *pv;
376 pv = rcu_dereference(br->vlan_info);
381 if (test_bit(vid, pv->vlan_bitmap))
389 /* Must be protected by RTNL. */
390 static void recalculate_group_addr(struct net_bridge *br)
392 if (br->group_addr_set)
395 spin_lock_bh(&br->lock);
396 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q)) {
397 /* Bridge Group Address */
398 br->group_addr[5] = 0x00;
399 } else { /* vlan_enabled && ETH_P_8021AD */
400 /* Provider Bridge Group Address */
401 br->group_addr[5] = 0x08;
403 spin_unlock_bh(&br->lock);
406 /* Must be protected by RTNL. */
407 void br_recalculate_fwd_mask(struct net_bridge *br)
409 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q))
410 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT;
411 else /* vlan_enabled && ETH_P_8021AD */
412 br->group_fwd_mask_required = BR_GROUPFWD_8021AD &
413 ~(1u << br->group_addr[5]);
416 int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
419 return restart_syscall();
421 if (br->vlan_enabled == val)
424 br->vlan_enabled = val;
425 br_manage_promisc(br);
426 recalculate_group_addr(br);
427 br_recalculate_fwd_mask(br);
434 int br_vlan_set_proto(struct net_bridge *br, unsigned long val)
437 struct net_bridge_port *p;
438 struct net_port_vlans *pv;
439 __be16 proto, oldproto;
442 if (val != ETH_P_8021Q && val != ETH_P_8021AD)
443 return -EPROTONOSUPPORT;
446 return restart_syscall();
449 if (br->vlan_proto == proto)
452 /* Add VLANs for the new proto to the device filter. */
453 list_for_each_entry(p, &br->port_list, list) {
454 pv = rtnl_dereference(p->vlan_info);
458 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) {
459 err = vlan_vid_add(p->dev, proto, vid);
465 oldproto = br->vlan_proto;
466 br->vlan_proto = proto;
468 recalculate_group_addr(br);
469 br_recalculate_fwd_mask(br);
471 /* Delete VLANs for the old proto from the device filter. */
472 list_for_each_entry(p, &br->port_list, list) {
473 pv = rtnl_dereference(p->vlan_info);
477 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
478 vlan_vid_del(p->dev, oldproto, vid);
487 for_each_set_bit(vid, pv->vlan_bitmap, errvid)
488 vlan_vid_del(p->dev, proto, vid);
490 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
491 pv = rtnl_dereference(p->vlan_info);
495 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
496 vlan_vid_del(p->dev, proto, vid);
502 void br_vlan_init(struct net_bridge *br)
504 br->vlan_proto = htons(ETH_P_8021Q);
507 /* Must be protected by RTNL.
508 * Must be called with vid in range from 1 to 4094 inclusive.
510 int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
512 struct net_port_vlans *pv = NULL;
517 pv = rtnl_dereference(port->vlan_info);
519 return __vlan_add(pv, vid, flags);
521 /* Create port vlan infomration
523 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
529 pv->port_idx = port->port_no;
530 pv->parent.port = port;
531 err = __vlan_add(pv, vid, flags);
535 rcu_assign_pointer(port->vlan_info, pv);
543 /* Must be protected by RTNL.
544 * Must be called with vid in range from 1 to 4094 inclusive.
546 int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
548 struct net_port_vlans *pv;
552 pv = rtnl_dereference(port->vlan_info);
556 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid);
558 return __vlan_del(pv, vid);
561 void nbp_vlan_flush(struct net_bridge_port *port)
563 struct net_port_vlans *pv;
568 pv = rtnl_dereference(port->vlan_info);
572 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
573 vlan_vid_del(port->dev, port->br->vlan_proto, vid);
578 bool nbp_vlan_find(struct net_bridge_port *port, u16 vid)
580 struct net_port_vlans *pv;
584 pv = rcu_dereference(port->vlan_info);
589 if (test_bit(vid, pv->vlan_bitmap))