1 #include <linux/kernel.h>
2 #include <linux/netdevice.h>
3 #include <linux/rtnetlink.h>
4 #include <linux/slab.h>
6 #include "br_private.h"
8 static void __vlan_add_pvid(struct net_port_vlans
*v
, u16 vid
)
17 static void __vlan_delete_pvid(struct net_port_vlans
*v
, u16 vid
)
26 static void __vlan_add_flags(struct net_port_vlans
*v
, u16 vid
, u16 flags
)
28 if (flags
& BRIDGE_VLAN_INFO_PVID
)
29 __vlan_add_pvid(v
, vid
);
31 __vlan_delete_pvid(v
, vid
);
33 if (flags
& BRIDGE_VLAN_INFO_UNTAGGED
)
34 set_bit(vid
, v
->untagged_bitmap
);
36 clear_bit(vid
, v
->untagged_bitmap
);
39 static int __vlan_add(struct net_port_vlans
*v
, u16 vid
, u16 flags
)
41 struct net_bridge_port
*p
= NULL
;
42 struct net_bridge
*br
;
43 struct net_device
*dev
;
46 if (test_bit(vid
, v
->vlan_bitmap
)) {
47 __vlan_add_flags(v
, vid
, flags
);
61 /* Add VLAN to the device filter if it is supported.
62 * This ensures tagged traffic enters the bridge when
63 * promiscuous mode is disabled by br_manage_promisc().
65 err
= vlan_vid_add(dev
, br
->vlan_proto
, vid
);
70 err
= br_fdb_insert(br
, p
, dev
->dev_addr
, vid
);
72 br_err(br
, "failed insert local address into bridge "
73 "forwarding table\n");
77 set_bit(vid
, v
->vlan_bitmap
);
79 __vlan_add_flags(v
, vid
, flags
);
85 vlan_vid_del(dev
, br
->vlan_proto
, vid
);
89 static int __vlan_del(struct net_port_vlans
*v
, u16 vid
)
91 if (!test_bit(vid
, v
->vlan_bitmap
))
94 __vlan_delete_pvid(v
, vid
);
95 clear_bit(vid
, v
->untagged_bitmap
);
98 struct net_bridge_port
*p
= v
->parent
.port
;
99 vlan_vid_del(p
->dev
, p
->br
->vlan_proto
, vid
);
102 clear_bit(vid
, v
->vlan_bitmap
);
104 if (bitmap_empty(v
->vlan_bitmap
, VLAN_N_VID
)) {
106 RCU_INIT_POINTER(v
->parent
.port
->vlan_info
, NULL
);
108 RCU_INIT_POINTER(v
->parent
.br
->vlan_info
, NULL
);
114 static void __vlan_flush(struct net_port_vlans
*v
)
118 bitmap_zero(v
->vlan_bitmap
, VLAN_N_VID
);
120 RCU_INIT_POINTER(v
->parent
.port
->vlan_info
, NULL
);
122 RCU_INIT_POINTER(v
->parent
.br
->vlan_info
, NULL
);
126 struct sk_buff
*br_handle_vlan(struct net_bridge
*br
,
127 const struct net_port_vlans
*pv
,
132 /* If this packet was not filtered at input, let it pass */
133 if (!BR_INPUT_SKB_CB(skb
)->vlan_filtered
)
136 /* Vlan filter table must be configured at this point. The
137 * only exception is the bridge is set in promisc mode and the
138 * packet is destined for the bridge device. In this case
139 * pass the packet as is.
142 if ((br
->dev
->flags
& IFF_PROMISC
) && skb
->dev
== br
->dev
) {
150 /* At this point, we know that the frame was filtered and contains
151 * a valid vlan id. If the vlan id is set in the untagged bitmap,
152 * send untagged; otherwise, send tagged.
154 br_vlan_get_tag(skb
, &vid
);
155 if (test_bit(vid
, pv
->untagged_bitmap
))
162 /* Called under RCU */
163 bool br_allowed_ingress(struct net_bridge
*br
, struct net_port_vlans
*v
,
164 struct sk_buff
*skb
, u16
*vid
)
169 /* If VLAN filtering is disabled on the bridge, all packets are
172 if (!br
->vlan_enabled
) {
173 BR_INPUT_SKB_CB(skb
)->vlan_filtered
= false;
177 /* If there are no vlan in the permitted list, all packets are
183 BR_INPUT_SKB_CB(skb
)->vlan_filtered
= true;
184 proto
= br
->vlan_proto
;
186 /* If vlan tx offload is disabled on bridge device and frame was
187 * sent from vlan device on the bridge device, it does not have
188 * HW accelerated vlan tag.
190 if (unlikely(!skb_vlan_tag_present(skb
) &&
191 skb
->protocol
== proto
)) {
192 skb
= skb_vlan_untag(skb
);
197 if (!br_vlan_get_tag(skb
, vid
)) {
199 if (skb
->vlan_proto
!= proto
) {
200 /* Protocol-mismatch, empty out vlan_tci for new tag */
201 skb_push(skb
, ETH_HLEN
);
202 skb
= vlan_insert_tag_set_proto(skb
, skb
->vlan_proto
,
203 skb_vlan_tag_get(skb
));
207 skb_pull(skb
, ETH_HLEN
);
208 skb_reset_mac_len(skb
);
220 u16 pvid
= br_get_pvid(v
);
222 /* Frame had a tag with VID 0 or did not have a tag.
223 * See if pvid is set on this port. That tells us which
224 * vlan untagged or priority-tagged traffic belongs to.
229 /* PVID is set on this port. Any untagged or priority-tagged
230 * ingress frame is considered to belong to this vlan.
234 /* Untagged Frame. */
235 __vlan_hwaccel_put_tag(skb
, proto
, pvid
);
237 /* Priority-tagged Frame.
238 * At this point, We know that skb->vlan_tci had
239 * VLAN_TAG_PRESENT bit and its VID field was 0x000.
240 * We update only VID field and preserve PCP field.
242 skb
->vlan_tci
|= pvid
;
247 /* Frame had a valid vlan tag. See if vlan is allowed */
248 if (test_bit(*vid
, v
->vlan_bitmap
))
255 /* Called under RCU. */
256 bool br_allowed_egress(struct net_bridge
*br
,
257 const struct net_port_vlans
*v
,
258 const struct sk_buff
*skb
)
262 /* If this packet was not filtered at input, let it pass */
263 if (!BR_INPUT_SKB_CB(skb
)->vlan_filtered
)
269 br_vlan_get_tag(skb
, &vid
);
270 if (test_bit(vid
, v
->vlan_bitmap
))
276 /* Called under RCU */
277 bool br_should_learn(struct net_bridge_port
*p
, struct sk_buff
*skb
, u16
*vid
)
279 struct net_bridge
*br
= p
->br
;
280 struct net_port_vlans
*v
;
282 /* If filtering was disabled at input, let it pass. */
283 if (!br
->vlan_enabled
)
286 v
= rcu_dereference(p
->vlan_info
);
290 if (!br_vlan_get_tag(skb
, vid
) && skb
->vlan_proto
!= br
->vlan_proto
)
294 *vid
= br_get_pvid(v
);
301 if (test_bit(*vid
, v
->vlan_bitmap
))
307 /* Must be protected by RTNL.
308 * Must be called with vid in range from 1 to 4094 inclusive.
310 int br_vlan_add(struct net_bridge
*br
, u16 vid
, u16 flags
)
312 struct net_port_vlans
*pv
= NULL
;
317 pv
= rtnl_dereference(br
->vlan_info
);
319 return __vlan_add(pv
, vid
, flags
);
321 /* Create port vlan infomration
323 pv
= kzalloc(sizeof(*pv
), GFP_KERNEL
);
328 err
= __vlan_add(pv
, vid
, flags
);
332 rcu_assign_pointer(br
->vlan_info
, pv
);
339 /* Must be protected by RTNL.
340 * Must be called with vid in range from 1 to 4094 inclusive.
342 int br_vlan_delete(struct net_bridge
*br
, u16 vid
)
344 struct net_port_vlans
*pv
;
348 pv
= rtnl_dereference(br
->vlan_info
);
352 br_fdb_find_delete_local(br
, NULL
, br
->dev
->dev_addr
, vid
);
358 void br_vlan_flush(struct net_bridge
*br
)
360 struct net_port_vlans
*pv
;
363 pv
= rtnl_dereference(br
->vlan_info
);
370 bool br_vlan_find(struct net_bridge
*br
, u16 vid
)
372 struct net_port_vlans
*pv
;
376 pv
= rcu_dereference(br
->vlan_info
);
381 if (test_bit(vid
, pv
->vlan_bitmap
))
389 /* Must be protected by RTNL. */
390 static void recalculate_group_addr(struct net_bridge
*br
)
392 if (br
->group_addr_set
)
395 spin_lock_bh(&br
->lock
);
396 if (!br
->vlan_enabled
|| br
->vlan_proto
== htons(ETH_P_8021Q
)) {
397 /* Bridge Group Address */
398 br
->group_addr
[5] = 0x00;
399 } else { /* vlan_enabled && ETH_P_8021AD */
400 /* Provider Bridge Group Address */
401 br
->group_addr
[5] = 0x08;
403 spin_unlock_bh(&br
->lock
);
406 /* Must be protected by RTNL. */
407 void br_recalculate_fwd_mask(struct net_bridge
*br
)
409 if (!br
->vlan_enabled
|| br
->vlan_proto
== htons(ETH_P_8021Q
))
410 br
->group_fwd_mask_required
= BR_GROUPFWD_DEFAULT
;
411 else /* vlan_enabled && ETH_P_8021AD */
412 br
->group_fwd_mask_required
= BR_GROUPFWD_8021AD
&
413 ~(1u << br
->group_addr
[5]);
416 int br_vlan_filter_toggle(struct net_bridge
*br
, unsigned long val
)
419 return restart_syscall();
421 if (br
->vlan_enabled
== val
)
424 br
->vlan_enabled
= val
;
425 br_manage_promisc(br
);
426 recalculate_group_addr(br
);
427 br_recalculate_fwd_mask(br
);
434 int br_vlan_set_proto(struct net_bridge
*br
, unsigned long val
)
437 struct net_bridge_port
*p
;
438 struct net_port_vlans
*pv
;
439 __be16 proto
, oldproto
;
442 if (val
!= ETH_P_8021Q
&& val
!= ETH_P_8021AD
)
443 return -EPROTONOSUPPORT
;
446 return restart_syscall();
449 if (br
->vlan_proto
== proto
)
452 /* Add VLANs for the new proto to the device filter. */
453 list_for_each_entry(p
, &br
->port_list
, list
) {
454 pv
= rtnl_dereference(p
->vlan_info
);
458 for_each_set_bit(vid
, pv
->vlan_bitmap
, VLAN_N_VID
) {
459 err
= vlan_vid_add(p
->dev
, proto
, vid
);
465 oldproto
= br
->vlan_proto
;
466 br
->vlan_proto
= proto
;
468 recalculate_group_addr(br
);
469 br_recalculate_fwd_mask(br
);
471 /* Delete VLANs for the old proto from the device filter. */
472 list_for_each_entry(p
, &br
->port_list
, list
) {
473 pv
= rtnl_dereference(p
->vlan_info
);
477 for_each_set_bit(vid
, pv
->vlan_bitmap
, VLAN_N_VID
)
478 vlan_vid_del(p
->dev
, oldproto
, vid
);
487 for_each_set_bit(vid
, pv
->vlan_bitmap
, errvid
)
488 vlan_vid_del(p
->dev
, proto
, vid
);
490 list_for_each_entry_continue_reverse(p
, &br
->port_list
, list
) {
491 pv
= rtnl_dereference(p
->vlan_info
);
495 for_each_set_bit(vid
, pv
->vlan_bitmap
, VLAN_N_VID
)
496 vlan_vid_del(p
->dev
, proto
, vid
);
502 static bool vlan_default_pvid(struct net_port_vlans
*pv
, u16 vid
)
504 return pv
&& vid
== pv
->pvid
&& test_bit(vid
, pv
->untagged_bitmap
);
507 static void br_vlan_disable_default_pvid(struct net_bridge
*br
)
509 struct net_bridge_port
*p
;
510 u16 pvid
= br
->default_pvid
;
512 /* Disable default_pvid on all ports where it is still
515 if (vlan_default_pvid(br_get_vlan_info(br
), pvid
))
516 br_vlan_delete(br
, pvid
);
518 list_for_each_entry(p
, &br
->port_list
, list
) {
519 if (vlan_default_pvid(nbp_get_vlan_info(p
), pvid
))
520 nbp_vlan_delete(p
, pvid
);
523 br
->default_pvid
= 0;
526 static int __br_vlan_set_default_pvid(struct net_bridge
*br
, u16 pvid
)
528 struct net_bridge_port
*p
;
531 unsigned long *changed
;
533 changed
= kcalloc(BITS_TO_LONGS(BR_MAX_PORTS
), sizeof(unsigned long),
538 old_pvid
= br
->default_pvid
;
540 /* Update default_pvid config only if we do not conflict with
541 * user configuration.
543 if ((!old_pvid
|| vlan_default_pvid(br_get_vlan_info(br
), old_pvid
)) &&
544 !br_vlan_find(br
, pvid
)) {
545 err
= br_vlan_add(br
, pvid
,
546 BRIDGE_VLAN_INFO_PVID
|
547 BRIDGE_VLAN_INFO_UNTAGGED
);
550 br_vlan_delete(br
, old_pvid
);
554 list_for_each_entry(p
, &br
->port_list
, list
) {
555 /* Update default_pvid config only if we do not conflict with
556 * user configuration.
559 !vlan_default_pvid(nbp_get_vlan_info(p
), old_pvid
)) ||
560 nbp_vlan_find(p
, pvid
))
563 err
= nbp_vlan_add(p
, pvid
,
564 BRIDGE_VLAN_INFO_PVID
|
565 BRIDGE_VLAN_INFO_UNTAGGED
);
568 nbp_vlan_delete(p
, old_pvid
);
569 set_bit(p
->port_no
, changed
);
572 br
->default_pvid
= pvid
;
579 list_for_each_entry_continue_reverse(p
, &br
->port_list
, list
) {
580 if (!test_bit(p
->port_no
, changed
))
584 nbp_vlan_add(p
, old_pvid
,
585 BRIDGE_VLAN_INFO_PVID
|
586 BRIDGE_VLAN_INFO_UNTAGGED
);
587 nbp_vlan_delete(p
, pvid
);
590 if (test_bit(0, changed
)) {
592 br_vlan_add(br
, old_pvid
,
593 BRIDGE_VLAN_INFO_PVID
|
594 BRIDGE_VLAN_INFO_UNTAGGED
);
595 br_vlan_delete(br
, pvid
);
600 int br_vlan_set_default_pvid(struct net_bridge
*br
, unsigned long val
)
605 if (val
>= VLAN_VID_MASK
)
609 return restart_syscall();
611 if (pvid
== br
->default_pvid
)
614 /* Only allow default pvid change when filtering is disabled */
615 if (br
->vlan_enabled
) {
616 pr_info_once("Please disable vlan filtering to change default_pvid\n");
622 br_vlan_disable_default_pvid(br
);
624 err
= __br_vlan_set_default_pvid(br
, pvid
);
631 int br_vlan_init(struct net_bridge
*br
)
633 br
->vlan_proto
= htons(ETH_P_8021Q
);
634 br
->default_pvid
= 1;
635 return br_vlan_add(br
, 1,
636 BRIDGE_VLAN_INFO_PVID
| BRIDGE_VLAN_INFO_UNTAGGED
);
639 /* Must be protected by RTNL.
640 * Must be called with vid in range from 1 to 4094 inclusive.
642 int nbp_vlan_add(struct net_bridge_port
*port
, u16 vid
, u16 flags
)
644 struct net_port_vlans
*pv
= NULL
;
649 pv
= rtnl_dereference(port
->vlan_info
);
651 return __vlan_add(pv
, vid
, flags
);
653 /* Create port vlan infomration
655 pv
= kzalloc(sizeof(*pv
), GFP_KERNEL
);
661 pv
->port_idx
= port
->port_no
;
662 pv
->parent
.port
= port
;
663 err
= __vlan_add(pv
, vid
, flags
);
667 rcu_assign_pointer(port
->vlan_info
, pv
);
675 /* Must be protected by RTNL.
676 * Must be called with vid in range from 1 to 4094 inclusive.
678 int nbp_vlan_delete(struct net_bridge_port
*port
, u16 vid
)
680 struct net_port_vlans
*pv
;
684 pv
= rtnl_dereference(port
->vlan_info
);
688 br_fdb_find_delete_local(port
->br
, port
, port
->dev
->dev_addr
, vid
);
690 return __vlan_del(pv
, vid
);
693 void nbp_vlan_flush(struct net_bridge_port
*port
)
695 struct net_port_vlans
*pv
;
700 pv
= rtnl_dereference(port
->vlan_info
);
704 for_each_set_bit(vid
, pv
->vlan_bitmap
, VLAN_N_VID
)
705 vlan_vid_del(port
->dev
, port
->br
->vlan_proto
, vid
);
710 bool nbp_vlan_find(struct net_bridge_port
*port
, u16 vid
)
712 struct net_port_vlans
*pv
;
716 pv
= rcu_dereference(port
->vlan_info
);
721 if (test_bit(vid
, pv
->vlan_bitmap
))
729 int nbp_vlan_init(struct net_bridge_port
*p
)
731 return p
->br
->default_pvid
?
732 nbp_vlan_add(p
, p
->br
->default_pvid
,
733 BRIDGE_VLAN_INFO_PVID
|
734 BRIDGE_VLAN_INFO_UNTAGGED
) :