1 #include <linux/kernel.h>
2 #include <linux/netdevice.h>
3 #include <linux/rtnetlink.h>
4 #include <linux/slab.h>
5 #include <net/switchdev.h>
7 #include "br_private.h"
9 static inline int br_vlan_cmp(struct rhashtable_compare_arg *arg,
12 const struct net_bridge_vlan *vle = ptr;
13 u16 vid = *(u16 *)arg->key;
15 return vle->vid != vid;
18 static const struct rhashtable_params br_vlan_rht_params = {
19 .head_offset = offsetof(struct net_bridge_vlan, vnode),
20 .key_offset = offsetof(struct net_bridge_vlan, vid),
21 .key_len = sizeof(u16),
24 .max_size = VLAN_N_VID,
25 .obj_cmpfn = br_vlan_cmp,
26 .automatic_shrinking = true,
29 static struct net_bridge_vlan *br_vlan_lookup(struct rhashtable *tbl, u16 vid)
31 return rhashtable_lookup_fast(tbl, &vid, br_vlan_rht_params);
34 static void __vlan_add_pvid(struct net_bridge_vlan_group *vg, u16 vid)
43 static void __vlan_delete_pvid(struct net_bridge_vlan_group *vg, u16 vid)
52 static void __vlan_add_flags(struct net_bridge_vlan *v, u16 flags)
54 struct net_bridge_vlan_group *vg;
56 if (br_vlan_is_master(v))
61 if (flags & BRIDGE_VLAN_INFO_PVID)
62 __vlan_add_pvid(vg, v->vid);
64 __vlan_delete_pvid(vg, v->vid);
66 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
67 v->flags |= BRIDGE_VLAN_INFO_UNTAGGED;
69 v->flags &= ~BRIDGE_VLAN_INFO_UNTAGGED;
72 static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br,
75 struct switchdev_obj_port_vlan v = {
76 .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN,
83 /* Try switchdev op first. In case it is not supported, fallback to
86 err = switchdev_port_obj_add(dev, &v.obj);
87 if (err == -EOPNOTSUPP)
88 return vlan_vid_add(dev, br->vlan_proto, vid);
92 static void __vlan_add_list(struct net_bridge_vlan *v)
94 struct list_head *headp, *hpos;
95 struct net_bridge_vlan *vent;
97 headp = br_vlan_is_master(v) ? &v->br->vlgrp->vlan_list :
98 &v->port->vlgrp->vlan_list;
99 list_for_each_prev(hpos, headp) {
100 vent = list_entry(hpos, struct net_bridge_vlan, vlist);
101 if (v->vid < vent->vid)
106 list_add_rcu(&v->vlist, hpos);
109 static void __vlan_del_list(struct net_bridge_vlan *v)
111 list_del_rcu(&v->vlist);
114 static int __vlan_vid_del(struct net_device *dev, struct net_bridge *br,
117 struct switchdev_obj_port_vlan v = {
118 .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN,
124 /* Try switchdev op first. In case it is not supported, fallback to
127 err = switchdev_port_obj_del(dev, &v.obj);
128 if (err == -EOPNOTSUPP) {
129 vlan_vid_del(dev, br->vlan_proto, vid);
135 /* Returns a master vlan, if it didn't exist it gets created. In all cases a
136 * a reference is taken to the master vlan before returning.
138 static struct net_bridge_vlan *br_vlan_get_master(struct net_bridge *br, u16 vid)
140 struct net_bridge_vlan *masterv;
142 masterv = br_vlan_find(br->vlgrp, vid);
144 /* missing global ctx, create it now */
145 if (br_vlan_add(br, vid, 0))
147 masterv = br_vlan_find(br->vlgrp, vid);
148 if (WARN_ON(!masterv))
151 atomic_inc(&masterv->refcnt);
156 static void br_vlan_put_master(struct net_bridge_vlan *masterv)
158 if (!br_vlan_is_master(masterv))
161 if (atomic_dec_and_test(&masterv->refcnt)) {
162 rhashtable_remove_fast(&masterv->br->vlgrp->vlan_hash,
163 &masterv->vnode, br_vlan_rht_params);
164 __vlan_del_list(masterv);
165 kfree_rcu(masterv, rcu);
169 /* This is the shared VLAN add function which works for both ports and bridge
170 * devices. There are four possible calls to this function in terms of the
172 * 1. vlan is being added on a port (no master flags, global entry exists)
173 * 2. vlan is being added on a bridge (both master and brvlan flags)
174 * 3. vlan is being added on a port, but a global entry didn't exist which
175 * is being created right now (master flag set, brvlan flag unset), the
176 * global entry is used for global per-vlan features, but not for filtering
177 * 4. same as 3 but with both master and brvlan flags set so the entry
178 * will be used for filtering in both the port and the bridge
180 static int __vlan_add(struct net_bridge_vlan *v, u16 flags)
182 struct net_bridge_vlan *masterv = NULL;
183 struct net_bridge_port *p = NULL;
184 struct net_bridge_vlan_group *vg;
185 struct net_device *dev;
186 struct net_bridge *br;
189 if (br_vlan_is_master(v)) {
201 /* Add VLAN to the device filter if it is supported.
202 * This ensures tagged traffic enters the bridge when
203 * promiscuous mode is disabled by br_manage_promisc().
205 err = __vlan_vid_add(dev, br, v->vid, flags);
209 /* need to work on the master vlan too */
210 if (flags & BRIDGE_VLAN_INFO_MASTER) {
211 err = br_vlan_add(br, v->vid, flags |
212 BRIDGE_VLAN_INFO_BRENTRY);
217 masterv = br_vlan_get_master(br, v->vid);
223 /* Add the dev mac and count the vlan only if it's usable */
224 if (br_vlan_should_use(v)) {
225 err = br_fdb_insert(br, p, dev->dev_addr, v->vid);
227 br_err(br, "failed insert local address into bridge forwarding table\n");
233 err = rhashtable_lookup_insert_fast(&vg->vlan_hash, &v->vnode,
239 __vlan_add_flags(v, flags);
244 if (br_vlan_should_use(v)) {
245 br_fdb_find_delete_local(br, p, dev->dev_addr, v->vid);
251 __vlan_vid_del(dev, br, v->vid);
253 br_vlan_put_master(masterv);
261 static int __vlan_del(struct net_bridge_vlan *v)
263 struct net_bridge_vlan *masterv = v;
264 struct net_bridge_vlan_group *vg;
265 struct net_bridge_port *p = NULL;
268 if (br_vlan_is_master(v)) {
276 __vlan_delete_pvid(vg, v->vid);
278 err = __vlan_vid_del(p->dev, p->br, v->vid);
283 if (br_vlan_should_use(v)) {
284 v->flags &= ~BRIDGE_VLAN_INFO_BRENTRY;
289 rhashtable_remove_fast(&vg->vlan_hash, &v->vnode,
295 br_vlan_put_master(masterv);
300 static void __vlan_flush(struct net_bridge_vlan_group *vlgrp)
302 struct net_bridge_vlan *vlan, *tmp;
304 __vlan_delete_pvid(vlgrp, vlgrp->pvid);
305 list_for_each_entry_safe(vlan, tmp, &vlgrp->vlan_list, vlist)
307 rhashtable_destroy(&vlgrp->vlan_hash);
311 struct sk_buff *br_handle_vlan(struct net_bridge *br,
312 struct net_bridge_vlan_group *vg,
315 struct net_bridge_vlan *v;
318 /* If this packet was not filtered at input, let it pass */
319 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
322 /* At this point, we know that the frame was filtered and contains
323 * a valid vlan id. If the vlan id has untagged flag set,
324 * send untagged; otherwise, send tagged.
326 br_vlan_get_tag(skb, &vid);
327 v = br_vlan_find(vg, vid);
328 /* Vlan entry must be configured at this point. The
329 * only exception is the bridge is set in promisc mode and the
330 * packet is destined for the bridge device. In this case
331 * pass the packet as is.
333 if (!v || !br_vlan_should_use(v)) {
334 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) {
341 if (v->flags & BRIDGE_VLAN_INFO_UNTAGGED)
348 /* Called under RCU */
349 static bool __allowed_ingress(struct net_bridge_vlan_group *vg, __be16 proto,
350 struct sk_buff *skb, u16 *vid)
352 const struct net_bridge_vlan *v;
355 BR_INPUT_SKB_CB(skb)->vlan_filtered = true;
356 /* If vlan tx offload is disabled on bridge device and frame was
357 * sent from vlan device on the bridge device, it does not have
358 * HW accelerated vlan tag.
360 if (unlikely(!skb_vlan_tag_present(skb) &&
361 skb->protocol == proto)) {
362 skb = skb_vlan_untag(skb);
367 if (!br_vlan_get_tag(skb, vid)) {
369 if (skb->vlan_proto != proto) {
370 /* Protocol-mismatch, empty out vlan_tci for new tag */
371 skb_push(skb, ETH_HLEN);
372 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto,
373 skb_vlan_tag_get(skb));
377 skb_pull(skb, ETH_HLEN);
378 skb_reset_mac_len(skb);
390 u16 pvid = br_get_pvid(vg);
392 /* Frame had a tag with VID 0 or did not have a tag.
393 * See if pvid is set on this port. That tells us which
394 * vlan untagged or priority-tagged traffic belongs to.
399 /* PVID is set on this port. Any untagged or priority-tagged
400 * ingress frame is considered to belong to this vlan.
404 /* Untagged Frame. */
405 __vlan_hwaccel_put_tag(skb, proto, pvid);
407 /* Priority-tagged Frame.
408 * At this point, We know that skb->vlan_tci had
409 * VLAN_TAG_PRESENT bit and its VID field was 0x000.
410 * We update only VID field and preserve PCP field.
412 skb->vlan_tci |= pvid;
417 /* Frame had a valid vlan tag. See if vlan is allowed */
418 v = br_vlan_find(vg, *vid);
419 if (v && br_vlan_should_use(v))
426 bool br_allowed_ingress(const struct net_bridge *br,
427 struct net_bridge_vlan_group *vg, struct sk_buff *skb,
430 /* If VLAN filtering is disabled on the bridge, all packets are
433 if (!br->vlan_enabled) {
434 BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
438 return __allowed_ingress(vg, br->vlan_proto, skb, vid);
441 /* Called under RCU. */
442 bool br_allowed_egress(struct net_bridge_vlan_group *vg,
443 const struct sk_buff *skb)
445 const struct net_bridge_vlan *v;
448 /* If this packet was not filtered at input, let it pass */
449 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
452 br_vlan_get_tag(skb, &vid);
453 v = br_vlan_find(vg, vid);
454 if (v && br_vlan_should_use(v))
460 /* Called under RCU */
461 bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
463 struct net_bridge_vlan_group *vg;
464 struct net_bridge *br = p->br;
466 /* If filtering was disabled at input, let it pass. */
467 if (!br->vlan_enabled)
471 if (!vg || !vg->num_vlans)
474 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto)
478 *vid = br_get_pvid(vg);
485 if (br_vlan_find(vg, *vid))
491 /* Must be protected by RTNL.
492 * Must be called with vid in range from 1 to 4094 inclusive.
494 int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
496 struct net_bridge_vlan *vlan;
501 vlan = br_vlan_find(br->vlgrp, vid);
503 if (!br_vlan_is_brentry(vlan)) {
504 /* Trying to change flags of non-existent bridge vlan */
505 if (!(flags & BRIDGE_VLAN_INFO_BRENTRY))
507 /* It was only kept for port vlans, now make it real */
508 ret = br_fdb_insert(br, NULL, br->dev->dev_addr,
511 br_err(br, "failed insert local address into bridge forwarding table\n");
514 atomic_inc(&vlan->refcnt);
515 vlan->flags |= BRIDGE_VLAN_INFO_BRENTRY;
516 br->vlgrp->num_vlans++;
518 __vlan_add_flags(vlan, flags);
522 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL);
527 vlan->flags = flags | BRIDGE_VLAN_INFO_MASTER;
528 vlan->flags &= ~BRIDGE_VLAN_INFO_PVID;
530 if (flags & BRIDGE_VLAN_INFO_BRENTRY)
531 atomic_set(&vlan->refcnt, 1);
532 ret = __vlan_add(vlan, flags);
539 /* Must be protected by RTNL.
540 * Must be called with vid in range from 1 to 4094 inclusive.
542 int br_vlan_delete(struct net_bridge *br, u16 vid)
544 struct net_bridge_vlan *v;
548 v = br_vlan_find(br->vlgrp, vid);
549 if (!v || !br_vlan_is_brentry(v))
552 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid);
553 br_fdb_delete_by_port(br, NULL, vid, 0);
555 return __vlan_del(v);
558 void br_vlan_flush(struct net_bridge *br)
562 __vlan_flush(br_vlan_group(br));
565 struct net_bridge_vlan *br_vlan_find(struct net_bridge_vlan_group *vg, u16 vid)
570 return br_vlan_lookup(&vg->vlan_hash, vid);
573 /* Must be protected by RTNL. */
574 static void recalculate_group_addr(struct net_bridge *br)
576 if (br->group_addr_set)
579 spin_lock_bh(&br->lock);
580 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q)) {
581 /* Bridge Group Address */
582 br->group_addr[5] = 0x00;
583 } else { /* vlan_enabled && ETH_P_8021AD */
584 /* Provider Bridge Group Address */
585 br->group_addr[5] = 0x08;
587 spin_unlock_bh(&br->lock);
590 /* Must be protected by RTNL. */
591 void br_recalculate_fwd_mask(struct net_bridge *br)
593 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q))
594 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT;
595 else /* vlan_enabled && ETH_P_8021AD */
596 br->group_fwd_mask_required = BR_GROUPFWD_8021AD &
597 ~(1u << br->group_addr[5]);
600 int __br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
602 if (br->vlan_enabled == val)
605 br->vlan_enabled = val;
606 br_manage_promisc(br);
607 recalculate_group_addr(br);
608 br_recalculate_fwd_mask(br);
613 int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
616 return restart_syscall();
618 __br_vlan_filter_toggle(br, val);
624 int __br_vlan_set_proto(struct net_bridge *br, __be16 proto)
627 struct net_bridge_port *p;
628 struct net_bridge_vlan *vlan;
631 if (br->vlan_proto == proto)
634 /* Add VLANs for the new proto to the device filter. */
635 list_for_each_entry(p, &br->port_list, list) {
636 list_for_each_entry(vlan, &p->vlgrp->vlan_list, vlist) {
637 err = vlan_vid_add(p->dev, proto, vlan->vid);
643 oldproto = br->vlan_proto;
644 br->vlan_proto = proto;
646 recalculate_group_addr(br);
647 br_recalculate_fwd_mask(br);
649 /* Delete VLANs for the old proto from the device filter. */
650 list_for_each_entry(p, &br->port_list, list)
651 list_for_each_entry(vlan, &p->vlgrp->vlan_list, vlist)
652 vlan_vid_del(p->dev, oldproto, vlan->vid);
657 list_for_each_entry_continue_reverse(vlan, &p->vlgrp->vlan_list, vlist)
658 vlan_vid_del(p->dev, proto, vlan->vid);
660 list_for_each_entry_continue_reverse(p, &br->port_list, list)
661 list_for_each_entry(vlan, &p->vlgrp->vlan_list, vlist)
662 vlan_vid_del(p->dev, proto, vlan->vid);
667 int br_vlan_set_proto(struct net_bridge *br, unsigned long val)
671 if (val != ETH_P_8021Q && val != ETH_P_8021AD)
672 return -EPROTONOSUPPORT;
675 return restart_syscall();
677 err = __br_vlan_set_proto(br, htons(val));
683 static bool vlan_default_pvid(struct net_bridge_vlan_group *vg, u16 vid)
685 struct net_bridge_vlan *v;
690 v = br_vlan_lookup(&vg->vlan_hash, vid);
691 if (v && br_vlan_should_use(v) &&
692 (v->flags & BRIDGE_VLAN_INFO_UNTAGGED))
698 static void br_vlan_disable_default_pvid(struct net_bridge *br)
700 struct net_bridge_port *p;
701 u16 pvid = br->default_pvid;
703 /* Disable default_pvid on all ports where it is still
706 if (vlan_default_pvid(br->vlgrp, pvid))
707 br_vlan_delete(br, pvid);
709 list_for_each_entry(p, &br->port_list, list) {
710 if (vlan_default_pvid(p->vlgrp, pvid))
711 nbp_vlan_delete(p, pvid);
714 br->default_pvid = 0;
717 int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid)
719 const struct net_bridge_vlan *pvent;
720 struct net_bridge_port *p;
723 unsigned long *changed;
726 br_vlan_disable_default_pvid(br);
730 changed = kcalloc(BITS_TO_LONGS(BR_MAX_PORTS), sizeof(unsigned long),
735 old_pvid = br->default_pvid;
737 /* Update default_pvid config only if we do not conflict with
738 * user configuration.
740 pvent = br_vlan_find(br->vlgrp, pvid);
741 if ((!old_pvid || vlan_default_pvid(br->vlgrp, old_pvid)) &&
742 (!pvent || !br_vlan_should_use(pvent))) {
743 err = br_vlan_add(br, pvid,
744 BRIDGE_VLAN_INFO_PVID |
745 BRIDGE_VLAN_INFO_UNTAGGED |
746 BRIDGE_VLAN_INFO_BRENTRY);
749 br_vlan_delete(br, old_pvid);
753 list_for_each_entry(p, &br->port_list, list) {
754 /* Update default_pvid config only if we do not conflict with
755 * user configuration.
758 !vlan_default_pvid(p->vlgrp, old_pvid)) ||
759 br_vlan_find(p->vlgrp, pvid))
762 err = nbp_vlan_add(p, pvid,
763 BRIDGE_VLAN_INFO_PVID |
764 BRIDGE_VLAN_INFO_UNTAGGED);
767 nbp_vlan_delete(p, old_pvid);
768 set_bit(p->port_no, changed);
771 br->default_pvid = pvid;
778 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
779 if (!test_bit(p->port_no, changed))
783 nbp_vlan_add(p, old_pvid,
784 BRIDGE_VLAN_INFO_PVID |
785 BRIDGE_VLAN_INFO_UNTAGGED);
786 nbp_vlan_delete(p, pvid);
789 if (test_bit(0, changed)) {
791 br_vlan_add(br, old_pvid,
792 BRIDGE_VLAN_INFO_PVID |
793 BRIDGE_VLAN_INFO_UNTAGGED |
794 BRIDGE_VLAN_INFO_BRENTRY);
795 br_vlan_delete(br, pvid);
800 int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val)
805 if (val >= VLAN_VID_MASK)
809 return restart_syscall();
811 if (pvid == br->default_pvid)
814 /* Only allow default pvid change when filtering is disabled */
815 if (br->vlan_enabled) {
816 pr_info_once("Please disable vlan filtering to change default_pvid\n");
820 err = __br_vlan_set_default_pvid(br, pvid);
826 int br_vlan_init(struct net_bridge *br)
830 br->vlgrp = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL);
833 ret = rhashtable_init(&br->vlgrp->vlan_hash, &br_vlan_rht_params);
836 INIT_LIST_HEAD(&br->vlgrp->vlan_list);
837 br->vlan_proto = htons(ETH_P_8021Q);
838 br->default_pvid = 1;
839 ret = br_vlan_add(br, 1,
840 BRIDGE_VLAN_INFO_PVID | BRIDGE_VLAN_INFO_UNTAGGED |
841 BRIDGE_VLAN_INFO_BRENTRY);
849 rhashtable_destroy(&br->vlgrp->vlan_hash);
856 int nbp_vlan_init(struct net_bridge_port *p)
858 struct net_bridge_vlan_group *vg;
861 vg = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL);
865 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params);
868 INIT_LIST_HEAD(&vg->vlan_list);
869 /* Make sure everything's committed before publishing vg */
872 if (p->br->default_pvid) {
873 ret = nbp_vlan_add(p, p->br->default_pvid,
874 BRIDGE_VLAN_INFO_PVID |
875 BRIDGE_VLAN_INFO_UNTAGGED);
883 rhashtable_destroy(&vg->vlan_hash);
890 /* Must be protected by RTNL.
891 * Must be called with vid in range from 1 to 4094 inclusive.
893 int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
895 struct net_bridge_vlan *vlan;
900 vlan = br_vlan_find(port->vlgrp, vid);
902 __vlan_add_flags(vlan, flags);
906 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL);
912 ret = __vlan_add(vlan, flags);
919 /* Must be protected by RTNL.
920 * Must be called with vid in range from 1 to 4094 inclusive.
922 int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
924 struct net_bridge_vlan *v;
928 v = br_vlan_find(port->vlgrp, vid);
931 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid);
932 br_fdb_delete_by_port(port->br, port, vid, 0);
934 return __vlan_del(v);
937 void nbp_vlan_flush(struct net_bridge_port *port)
939 struct net_bridge_vlan *vlan;
943 list_for_each_entry(vlan, &port->vlgrp->vlan_list, vlist)
944 vlan_vid_del(port->dev, port->br->vlan_proto, vlan->vid);
946 __vlan_flush(nbp_vlan_group(port));
projects / firefly-linux-kernel-4.4.55.git / blob