]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blame - net/bridge/br_vlan.c
projects / mirror_ubuntu-zesty-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'vrf-ipv6'
[mirror_ubuntu-zesty-kernel.git] / net / bridge / br_vlan.c
CommitLineData
243a2e63
VY		 1#include <linux/kernel.h>
2#include <linux/netdevice.h>
3#include <linux/rtnetlink.h>
4#include <linux/slab.h>
7f109539 5#include <net/switchdev.h>
243a2e63
VY		 6
7#include "br_private.h"
8
2594e906
NA		 9static inline int br_vlan_cmp(struct rhashtable_compare_arg *arg,
10 const void *ptr)
552406c4 11{
2594e906
NA		 12 const struct net_bridge_vlan *vle = ptr;
13 u16 vid = *(u16 *)arg->key;
14
15 return vle->vid != vid;
16}
17
18static const struct rhashtable_params br_vlan_rht_params = {
19 .head_offset = offsetof(struct net_bridge_vlan, vnode),
20 .key_offset = offsetof(struct net_bridge_vlan, vid),
21 .key_len = sizeof(u16),
8af78b64
NA		 22 .nelem_hint = 3,
23 .locks_mul = 1,
2594e906
NA		 24 .max_size = VLAN_N_VID,
25 .obj_cmpfn = br_vlan_cmp,
26 .automatic_shrinking = true,
27};
28
29static struct net_bridge_vlan *br_vlan_lookup(struct rhashtable *tbl, u16 vid)
30{
31 return rhashtable_lookup_fast(tbl, &vid, br_vlan_rht_params);
32}
33
77751ee8 34static void __vlan_add_pvid(struct net_bridge_vlan_group *vg, u16 vid)
2594e906 35{
77751ee8 36 if (vg->pvid == vid)
552406c4
VY		 37 return;
38
39 smp_wmb();
77751ee8 40 vg->pvid = vid;
552406c4
VY		 41}
42
77751ee8 43static void __vlan_delete_pvid(struct net_bridge_vlan_group *vg, u16 vid)
552406c4 44{
77751ee8 45 if (vg->pvid != vid)
552406c4
VY		 46 return;
47
48 smp_wmb();
77751ee8 49 vg->pvid = 0;
552406c4
VY		 50}
51
2594e906 52static void __vlan_add_flags(struct net_bridge_vlan *v, u16 flags)
35e03f3a 53{
77751ee8
NA		 54 struct net_bridge_vlan_group *vg;
55
56 if (br_vlan_is_master(v))
57 vg = v->br->vlgrp;
58 else
59 vg = v->port->vlgrp;
60
61 if (flags & BRIDGE_VLAN_INFO_PVID)
62 __vlan_add_pvid(vg, v->vid);
63 else
64 __vlan_delete_pvid(vg, v->vid);
35e03f3a
VY		 65
66 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
2594e906 67 v->flags |= BRIDGE_VLAN_INFO_UNTAGGED;
635126b7 68 else
2594e906 69 v->flags &= ~BRIDGE_VLAN_INFO_UNTAGGED;
35e03f3a
VY		 70}
71
7f109539
SF		 72static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br,
73 u16 vid, u16 flags)
74{
0944d6b5
JP		 75 struct switchdev_obj_port_vlan v = {
76 .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN,
77 .flags = flags,
78 .vid_begin = vid,
79 .vid_end = vid,
80 };
7f109539
SF		 81 int err;
82
0944d6b5
JP		 83 /* Try switchdev op first. In case it is not supported, fallback to
84 * 8021q add.
7f109539 85 */
0944d6b5
JP		 86 err = switchdev_port_obj_add(dev, &v.obj);
87 if (err == -EOPNOTSUPP)
88 return vlan_vid_add(dev, br->vlan_proto, vid);
7f109539
SF		 89 return err;
90}
91
2594e906 92static void __vlan_add_list(struct net_bridge_vlan *v)
243a2e63 93{
2594e906
NA		 94 struct list_head *headp, *hpos;
95 struct net_bridge_vlan *vent;
bc9a25d2 96
2594e906
NA		 97 headp = br_vlan_is_master(v) ? &v->br->vlgrp->vlan_list :
98 &v->port->vlgrp->vlan_list;
99 list_for_each_prev(hpos, headp) {
100 vent = list_entry(hpos, struct net_bridge_vlan, vlist);
101 if (v->vid < vent->vid)
102 continue;
103 else
104 break;
243a2e63 105 }
586c2b57 106 list_add_rcu(&v->vlist, hpos);
2594e906 107}
243a2e63 108
2594e906
NA		 109static void __vlan_del_list(struct net_bridge_vlan *v)
110{
586c2b57 111 list_del_rcu(&v->vlist);
243a2e63
VY		 112}
113
bf361ad3
VD		 114static int __vlan_vid_del(struct net_device *dev, struct net_bridge *br,
115 u16 vid)
7f109539 116{
0944d6b5
JP		 117 struct switchdev_obj_port_vlan v = {
118 .obj.id = SWITCHDEV_OBJ_ID_PORT_VLAN,
119 .vid_begin = vid,
120 .vid_end = vid,
121 };
122 int err;
7f109539 123
0944d6b5
JP		 124 /* Try switchdev op first. In case it is not supported, fallback to
125 * 8021q del.
7f109539 126 */
0944d6b5
JP		 127 err = switchdev_port_obj_del(dev, &v.obj);
128 if (err == -EOPNOTSUPP) {
7f109539 129 vlan_vid_del(dev, br->vlan_proto, vid);
0944d6b5 130 return 0;
7f109539 131 }
bf361ad3 132 return err;
7f109539
SF		 133}
134
f8ed289f
NA		 135/* Returns a master vlan, if it didn't exist it gets created. In all cases a
136 * a reference is taken to the master vlan before returning.
137 */
138static struct net_bridge_vlan *br_vlan_get_master(struct net_bridge *br, u16 vid)
139{
140 struct net_bridge_vlan *masterv;
141
142 masterv = br_vlan_find(br->vlgrp, vid);
143 if (!masterv) {
144 /* missing global ctx, create it now */
145 if (br_vlan_add(br, vid, 0))
146 return NULL;
147 masterv = br_vlan_find(br->vlgrp, vid);
148 if (WARN_ON(!masterv))
149 return NULL;
150 }
151 atomic_inc(&masterv->refcnt);
152
153 return masterv;
154}
155
156static void br_vlan_put_master(struct net_bridge_vlan *masterv)
157{
158 if (!br_vlan_is_master(masterv))
159 return;
160
161 if (atomic_dec_and_test(&masterv->refcnt)) {
162 rhashtable_remove_fast(&masterv->br->vlgrp->vlan_hash,
163 &masterv->vnode, br_vlan_rht_params);
164 __vlan_del_list(masterv);
165 kfree_rcu(masterv, rcu);
166 }
167}
168
2594e906
NA		 169/* This is the shared VLAN add function which works for both ports and bridge
170 * devices. There are four possible calls to this function in terms of the
171 * vlan entry type:
172 * 1. vlan is being added on a port (no master flags, global entry exists)
173 * 2. vlan is being added on a bridge (both master and brvlan flags)
174 * 3. vlan is being added on a port, but a global entry didn't exist which
175 * is being created right now (master flag set, brvlan flag unset), the
176 * global entry is used for global per-vlan features, but not for filtering
177 * 4. same as 3 but with both master and brvlan flags set so the entry
178 * will be used for filtering in both the port and the bridge
179 */
180static int __vlan_add(struct net_bridge_vlan *v, u16 flags)
243a2e63 181{
2594e906
NA		 182 struct net_bridge_vlan *masterv = NULL;
183 struct net_bridge_port *p = NULL;
6be144f6 184 struct net_bridge_vlan_group *vg;
2594e906
NA		 185 struct net_device *dev;
186 struct net_bridge *br;
187 int err;
188
189 if (br_vlan_is_master(v)) {
190 br = v->br;
191 dev = br->dev;
6be144f6 192 vg = br->vlgrp;
2594e906
NA		 193 } else {
194 p = v->port;
195 br = p->br;
196 dev = p->dev;
6be144f6 197 vg = p->vlgrp;
2594e906
NA		 198 }
199
200 if (p) {
2594e906
NA		 201 /* Add VLAN to the device filter if it is supported.
202 * This ensures tagged traffic enters the bridge when
203 * promiscuous mode is disabled by br_manage_promisc().
204 */
205 err = __vlan_vid_add(dev, br, v->vid, flags);
206 if (err)
207 goto out;
208
209 /* need to work on the master vlan too */
210 if (flags & BRIDGE_VLAN_INFO_MASTER) {
2ffdf508
NA		 211 err = br_vlan_add(br, v->vid, flags |
212 BRIDGE_VLAN_INFO_BRENTRY);
2594e906
NA		 213 if (err)
214 goto out_filt;
215 }
216
f8ed289f
NA		 217 masterv = br_vlan_get_master(br, v->vid);
218 if (!masterv)
219 goto out_filt;
2594e906
NA		 220 v->brvlan = masterv;
221 }
222
6be144f6 223 /* Add the dev mac and count the vlan only if it's usable */
2594e906
NA		 224 if (br_vlan_should_use(v)) {
225 err = br_fdb_insert(br, p, dev->dev_addr, v->vid);
226 if (err) {
227 br_err(br, "failed insert local address into bridge forwarding table\n");
228 goto out_filt;
229 }
6be144f6 230 vg->num_vlans++;
2594e906
NA		 231 }
232
6be144f6
NA		 233 err = rhashtable_lookup_insert_fast(&vg->vlan_hash, &v->vnode,
234 br_vlan_rht_params);
2594e906
NA		 235 if (err)
236 goto out_fdb_insert;
243a2e63 237
2594e906
NA		 238 __vlan_add_list(v);
239 __vlan_add_flags(v, flags);
2594e906
NA		 240out:
241 return err;
242
243out_fdb_insert:
6be144f6
NA		 244 if (br_vlan_should_use(v)) {
245 br_fdb_find_delete_local(br, p, dev->dev_addr, v->vid);
246 vg->num_vlans--;
247 }
2594e906
NA		 248
249out_filt:
250 if (p) {
251 __vlan_vid_del(dev, br, v->vid);
252 if (masterv) {
f8ed289f 253 br_vlan_put_master(masterv);
2594e906
NA		 254 v->brvlan = NULL;
255 }
256 }
257
258 goto out;
259}
260
261static int __vlan_del(struct net_bridge_vlan *v)
262{
263 struct net_bridge_vlan *masterv = v;
77751ee8 264 struct net_bridge_vlan_group *vg;
2594e906 265 struct net_bridge_port *p = NULL;
2594e906 266 int err = 0;
552406c4 267
2594e906 268 if (br_vlan_is_master(v)) {
77751ee8 269 vg = v->br->vlgrp;
2594e906
NA		 270 } else {
271 p = v->port;
77751ee8 272 vg = v->port->vlgrp;
2594e906 273 masterv = v->brvlan;
2594e906 274 }
bf361ad3 275
77751ee8 276 __vlan_delete_pvid(vg, v->vid);
2594e906
NA		 277 if (p) {
278 err = __vlan_vid_del(p->dev, p->br, v->vid);
bf361ad3 279 if (err)
2594e906 280 goto out;
8580e211 281 }
243a2e63 282
6be144f6
NA		 283 if (br_vlan_should_use(v)) {
284 v->flags &= ~BRIDGE_VLAN_INFO_BRENTRY;
285 vg->num_vlans--;
2594e906
NA		 286 }
287
288 if (masterv != v) {
77751ee8
NA		 289 rhashtable_remove_fast(&vg->vlan_hash, &v->vnode,
290 br_vlan_rht_params);
2594e906 291 __vlan_del_list(v);
243a2e63
VY		 292 kfree_rcu(v, rcu);
293 }
2594e906 294
f8ed289f 295 br_vlan_put_master(masterv);
2594e906
NA		 296out:
297 return err;
243a2e63
VY		 298}
299
77751ee8 300static void __vlan_flush(struct net_bridge_vlan_group *vlgrp)
243a2e63 301{
2594e906
NA		 302 struct net_bridge_vlan *vlan, *tmp;
303
77751ee8 304 __vlan_delete_pvid(vlgrp, vlgrp->pvid);
2594e906
NA		 305 list_for_each_entry_safe(vlan, tmp, &vlgrp->vlan_list, vlist)
306 __vlan_del(vlan);
307 rhashtable_destroy(&vlgrp->vlan_hash);
308 kfree(vlgrp);
243a2e63
VY		 309}
310
78851988 311struct sk_buff *br_handle_vlan(struct net_bridge *br,
2594e906 312 struct net_bridge_vlan_group *vg,
78851988 313 struct sk_buff *skb)
a37b85c9 314{
2594e906 315 struct net_bridge_vlan *v;
a37b85c9
VY		 316 u16 vid;
317
20adfa1a
VY		 318 /* If this packet was not filtered at input, let it pass */
319 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
78851988
VY		 320 goto out;
321
2594e906
NA		 322 /* At this point, we know that the frame was filtered and contains
323 * a valid vlan id. If the vlan id has untagged flag set,
324 * send untagged; otherwise, send tagged.
325 */
326 br_vlan_get_tag(skb, &vid);
327 v = br_vlan_find(vg, vid);
328 /* Vlan entry must be configured at this point. The
fc92f745
VY		 329 * only exception is the bridge is set in promisc mode and the
330 * packet is destined for the bridge device. In this case
331 * pass the packet as is.
332 */
2594e906 333 if (!v || !br_vlan_should_use(v)) {
fc92f745
VY		 334 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) {
335 goto out;
336 } else {
337 kfree_skb(skb);
338 return NULL;
339 }
340 }
2594e906 341 if (v->flags & BRIDGE_VLAN_INFO_UNTAGGED)
99b192da 342 skb->vlan_tci = 0;
78851988
VY		 343
344out:
345 return skb;
346}
347
348/* Called under RCU */
77751ee8 349static bool __allowed_ingress(struct net_bridge_vlan_group *vg, __be16 proto,
2594e906 350 struct sk_buff *skb, u16 *vid)
78851988 351{
2594e906 352 const struct net_bridge_vlan *v;
8580e211 353 bool tagged;
a37b85c9 354
20adfa1a 355 BR_INPUT_SKB_CB(skb)->vlan_filtered = true;
12464bb8
TM		 356 /* If vlan tx offload is disabled on bridge device and frame was
357 * sent from vlan device on the bridge device, it does not have
358 * HW accelerated vlan tag.
359 */
df8a39de 360 if (unlikely(!skb_vlan_tag_present(skb) &&
8580e211 361 skb->protocol == proto)) {
0d5501c1 362 skb = skb_vlan_untag(skb);
12464bb8
TM		 363 if (unlikely(!skb))
364 return false;
365 }
366
8580e211
TM		 367 if (!br_vlan_get_tag(skb, vid)) {
368 /* Tagged frame */
369 if (skb->vlan_proto != proto) {
370 /* Protocol-mismatch, empty out vlan_tci for new tag */
371 skb_push(skb, ETH_HLEN);
62749e2c 372 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto,
df8a39de 373 skb_vlan_tag_get(skb));
8580e211
TM		 374 if (unlikely(!skb))
375 return false;
376
377 skb_pull(skb, ETH_HLEN);
378 skb_reset_mac_len(skb);
379 *vid = 0;
380 tagged = false;
381 } else {
382 tagged = true;
383 }
384 } else {
385 /* Untagged frame */
386 tagged = false;
387 }
388
b90356ce 389 if (!*vid) {
77751ee8
NA		 390 u16 pvid = br_get_pvid(vg);
391
b90356ce
TM		 392 /* Frame had a tag with VID 0 or did not have a tag.
393 * See if pvid is set on this port. That tells us which
394 * vlan untagged or priority-tagged traffic belongs to.
78851988 395 */
3df6bf45 396 if (!pvid)
eb707618 397 goto drop;
78851988 398
b90356ce
TM		 399 /* PVID is set on this port. Any untagged or priority-tagged
400 * ingress frame is considered to belong to this vlan.
78851988 401 */
dfb5fa32 402 *vid = pvid;
8580e211 403 if (likely(!tagged))
b90356ce 404 /* Untagged Frame. */
8580e211 405 __vlan_hwaccel_put_tag(skb, proto, pvid);
b90356ce
TM		 406 else
407 /* Priority-tagged Frame.
408 * At this point, We know that skb->vlan_tci had
409 * VLAN_TAG_PRESENT bit and its VID field was 0x000.
410 * We update only VID field and preserve PCP field.
411 */
412 skb->vlan_tci |= pvid;
413
78851988
VY		 414 return true;
415 }
416
417 /* Frame had a valid vlan tag. See if vlan is allowed */
77751ee8 418 v = br_vlan_find(vg, *vid);
2594e906 419 if (v && br_vlan_should_use(v))
a37b85c9 420 return true;
eb707618
TM		 421drop:
422 kfree_skb(skb);
a37b85c9
VY		 423 return false;
424}
425
77751ee8
NA		 426bool br_allowed_ingress(const struct net_bridge *br,
427 struct net_bridge_vlan_group *vg, struct sk_buff *skb,
428 u16 *vid)
2594e906
NA		 429{
430 /* If VLAN filtering is disabled on the bridge, all packets are
431 * permitted.
432 */
433 if (!br->vlan_enabled) {
434 BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
435 return true;
436 }
437
77751ee8 438 return __allowed_ingress(vg, br->vlan_proto, skb, vid);
2594e906
NA		 439}
440
85f46c6b 441/* Called under RCU. */
2594e906 442bool br_allowed_egress(struct net_bridge_vlan_group *vg,
85f46c6b
VY		 443 const struct sk_buff *skb)
444{
2594e906 445 const struct net_bridge_vlan *v;
85f46c6b
VY		 446 u16 vid;
447
20adfa1a
VY		 448 /* If this packet was not filtered at input, let it pass */
449 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
85f46c6b
VY		 450 return true;
451
85f46c6b 452 br_vlan_get_tag(skb, &vid);
2594e906
NA		 453 v = br_vlan_find(vg, vid);
454 if (v && br_vlan_should_use(v))
85f46c6b
VY		 455 return true;
456
457 return false;
458}
459
e0d7968a
TM		 460/* Called under RCU */
461bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
462{
468e7944 463 struct net_bridge_vlan_group *vg;
e0d7968a 464 struct net_bridge *br = p->br;
e0d7968a 465
20adfa1a 466 /* If filtering was disabled at input, let it pass. */
c095f248 467 if (!br->vlan_enabled)
e0d7968a
TM		 468 return true;
469
468e7944
NA		 470 vg = p->vlgrp;
471 if (!vg || !vg->num_vlans)
e0d7968a
TM		 472 return false;
473
8580e211
TM		 474 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto)
475 *vid = 0;
476
e0d7968a 477 if (!*vid) {
77751ee8 478 *vid = br_get_pvid(vg);
3df6bf45 479 if (!*vid)
e0d7968a
TM		 480 return false;
481
482 return true;
483 }
484
77751ee8 485 if (br_vlan_find(vg, *vid))
e0d7968a
TM		 486 return true;
487
488 return false;
489}
490
8adff41c
TM		 491/* Must be protected by RTNL.
492 * Must be called with vid in range from 1 to 4094 inclusive.
493 */
552406c4 494int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
243a2e63 495{
2594e906
NA		 496 struct net_bridge_vlan *vlan;
497 int ret;
243a2e63
VY		 498
499 ASSERT_RTNL();
500
2594e906
NA		 501 vlan = br_vlan_find(br->vlgrp, vid);
502 if (vlan) {
503 if (!br_vlan_is_brentry(vlan)) {
504 /* Trying to change flags of non-existent bridge vlan */
505 if (!(flags & BRIDGE_VLAN_INFO_BRENTRY))
506 return -EINVAL;
507 /* It was only kept for port vlans, now make it real */
508 ret = br_fdb_insert(br, NULL, br->dev->dev_addr,
509 vlan->vid);
510 if (ret) {
511 br_err(br, "failed insert local address into bridge forwarding table\n");
512 return ret;
513 }
514 atomic_inc(&vlan->refcnt);
515 vlan->flags |= BRIDGE_VLAN_INFO_BRENTRY;
516 br->vlgrp->num_vlans++;
517 }
518 __vlan_add_flags(vlan, flags);
519 return 0;
520 }
243a2e63 521
2594e906
NA		 522 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL);
523 if (!vlan)
243a2e63
VY		 524 return -ENOMEM;
525
2594e906
NA		 526 vlan->vid = vid;
527 vlan->flags = flags | BRIDGE_VLAN_INFO_MASTER;
528 vlan->flags &= ~BRIDGE_VLAN_INFO_PVID;
529 vlan->br = br;
530 if (flags & BRIDGE_VLAN_INFO_BRENTRY)
531 atomic_set(&vlan->refcnt, 1);
532 ret = __vlan_add(vlan, flags);
533 if (ret)
534 kfree(vlan);
243a2e63 535
2594e906 536 return ret;
243a2e63
VY		 537}
538
8adff41c
TM		 539/* Must be protected by RTNL.
540 * Must be called with vid in range from 1 to 4094 inclusive.
541 */
243a2e63
VY		 542int br_vlan_delete(struct net_bridge *br, u16 vid)
543{
2594e906 544 struct net_bridge_vlan *v;
243a2e63
VY		 545
546 ASSERT_RTNL();
547
2594e906
NA		 548 v = br_vlan_find(br->vlgrp, vid);
549 if (!v || !br_vlan_is_brentry(v))
550 return -ENOENT;
243a2e63 551
424bb9c9 552 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid);
3741873b 553 br_fdb_delete_by_port(br, NULL, vid, 0);
bc9a25d2 554
2594e906 555 return __vlan_del(v);
243a2e63
VY		 556}
557
558void br_vlan_flush(struct net_bridge *br)
559{
243a2e63 560 ASSERT_RTNL();
243a2e63 561
77751ee8 562 __vlan_flush(br_vlan_group(br));
243a2e63
VY		 563}
564
2594e906 565struct net_bridge_vlan *br_vlan_find(struct net_bridge_vlan_group *vg, u16 vid)
2b292fb4 566{
2594e906
NA		 567 if (!vg)
568 return NULL;
2b292fb4 569
2594e906 570 return br_vlan_lookup(&vg->vlan_hash, vid);
2b292fb4
TM		 571}
572
204177f3
TM		 573/* Must be protected by RTNL. */
574static void recalculate_group_addr(struct net_bridge *br)
575{
576 if (br->group_addr_set)
577 return;
578
579 spin_lock_bh(&br->lock);
580 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q)) {
581 /* Bridge Group Address */
582 br->group_addr[5] = 0x00;
583 } else { /* vlan_enabled && ETH_P_8021AD */
584 /* Provider Bridge Group Address */
585 br->group_addr[5] = 0x08;
586 }
587 spin_unlock_bh(&br->lock);
588}
589
590/* Must be protected by RTNL. */
591void br_recalculate_fwd_mask(struct net_bridge *br)
592{
593 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q))
594 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT;
595 else /* vlan_enabled && ETH_P_8021AD */
596 br->group_fwd_mask_required = BR_GROUPFWD_8021AD &
597 ~(1u << br->group_addr[5]);
598}
599
a7854037 600int __br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
243a2e63 601{
243a2e63 602 if (br->vlan_enabled == val)
a7854037 603 return 0;
243a2e63
VY		 604
605 br->vlan_enabled = val;
2796d0c6 606 br_manage_promisc(br);
204177f3
TM		 607 recalculate_group_addr(br);
608 br_recalculate_fwd_mask(br);
243a2e63 609
a7854037
NA		 610 return 0;
611}
612
613int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
614{
615 if (!rtnl_trylock())
616 return restart_syscall();
617
618 __br_vlan_filter_toggle(br, val);
243a2e63 619 rtnl_unlock();
a7854037 620
243a2e63
VY		 621 return 0;
622}
623
d2d427b3 624int __br_vlan_set_proto(struct net_bridge *br, __be16 proto)
204177f3
TM		 625{
626 int err = 0;
627 struct net_bridge_port *p;
2594e906 628 struct net_bridge_vlan *vlan;
d2d427b3 629 __be16 oldproto;
204177f3 630
204177f3 631 if (br->vlan_proto == proto)
d2d427b3 632 return 0;
204177f3
TM		 633
634 /* Add VLANs for the new proto to the device filter. */
635 list_for_each_entry(p, &br->port_list, list) {
2594e906
NA		 636 list_for_each_entry(vlan, &p->vlgrp->vlan_list, vlist) {
637 err = vlan_vid_add(p->dev, proto, vlan->vid);
204177f3
TM		 638 if (err)
639 goto err_filt;
640 }
641 }
642
643 oldproto = br->vlan_proto;
644 br->vlan_proto = proto;
645
646 recalculate_group_addr(br);
647 br_recalculate_fwd_mask(br);
648
649 /* Delete VLANs for the old proto from the device filter. */
2594e906
NA		 650 list_for_each_entry(p, &br->port_list, list)
651 list_for_each_entry(vlan, &p->vlgrp->vlan_list, vlist)
652 vlan_vid_del(p->dev, oldproto, vlan->vid);
204177f3 653
d2d427b3 654 return 0;
204177f3
TM		 655
656err_filt:
2594e906
NA		 657 list_for_each_entry_continue_reverse(vlan, &p->vlgrp->vlan_list, vlist)
658 vlan_vid_del(p->dev, proto, vlan->vid);
204177f3 659
2594e906
NA		 660 list_for_each_entry_continue_reverse(p, &br->port_list, list)
661 list_for_each_entry(vlan, &p->vlgrp->vlan_list, vlist)
662 vlan_vid_del(p->dev, proto, vlan->vid);
204177f3 663
d2d427b3
TM		 664 return err;
665}
666
667int br_vlan_set_proto(struct net_bridge *br, unsigned long val)
668{
669 int err;
670
671 if (val != ETH_P_8021Q && val != ETH_P_8021AD)
672 return -EPROTONOSUPPORT;
673
674 if (!rtnl_trylock())
675 return restart_syscall();
676
677 err = __br_vlan_set_proto(br, htons(val));
678 rtnl_unlock();
679
680 return err;
204177f3
TM		 681}
682
77751ee8 683static bool vlan_default_pvid(struct net_bridge_vlan_group *vg, u16 vid)
5be5a2df 684{
2594e906
NA		 685 struct net_bridge_vlan *v;
686
77751ee8 687 if (vid != vg->pvid)
2594e906
NA		 688 return false;
689
690 v = br_vlan_lookup(&vg->vlan_hash, vid);
691 if (v && br_vlan_should_use(v) &&
692 (v->flags & BRIDGE_VLAN_INFO_UNTAGGED))
693 return true;
694
695 return false;
5be5a2df
VY		 696}
697
698static void br_vlan_disable_default_pvid(struct net_bridge *br)
699{
700 struct net_bridge_port *p;
701 u16 pvid = br->default_pvid;
702
703 /* Disable default_pvid on all ports where it is still
704 * configured.
705 */
77751ee8 706 if (vlan_default_pvid(br->vlgrp, pvid))
5be5a2df
VY		 707 br_vlan_delete(br, pvid);
708
709 list_for_each_entry(p, &br->port_list, list) {
77751ee8 710 if (vlan_default_pvid(p->vlgrp, pvid))
5be5a2df
VY		 711 nbp_vlan_delete(p, pvid);
712 }
713
714 br->default_pvid = 0;
715}
716
0f963b75 717int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid)
5be5a2df 718{
2594e906 719 const struct net_bridge_vlan *pvent;
5be5a2df
VY		 720 struct net_bridge_port *p;
721 u16 old_pvid;
722 int err = 0;
723 unsigned long *changed;
724
0f963b75
NA		 725 if (!pvid) {
726 br_vlan_disable_default_pvid(br);
727 return 0;
728 }
729
5be5a2df
VY		 730 changed = kcalloc(BITS_TO_LONGS(BR_MAX_PORTS), sizeof(unsigned long),
731 GFP_KERNEL);
732 if (!changed)
733 return -ENOMEM;
734
735 old_pvid = br->default_pvid;
736
737 /* Update default_pvid config only if we do not conflict with
738 * user configuration.
739 */
2594e906 740 pvent = br_vlan_find(br->vlgrp, pvid);
77751ee8 741 if ((!old_pvid || vlan_default_pvid(br->vlgrp, old_pvid)) &&
2594e906 742 (!pvent || !br_vlan_should_use(pvent))) {
5be5a2df
VY		 743 err = br_vlan_add(br, pvid,
744 BRIDGE_VLAN_INFO_PVID |
2594e906
NA		 745 BRIDGE_VLAN_INFO_UNTAGGED |
746 BRIDGE_VLAN_INFO_BRENTRY);
5be5a2df
VY		 747 if (err)
748 goto out;
749 br_vlan_delete(br, old_pvid);
750 set_bit(0, changed);
751 }
752
753 list_for_each_entry(p, &br->port_list, list) {
754 /* Update default_pvid config only if we do not conflict with
755 * user configuration.
756 */
757 if ((old_pvid &&
77751ee8 758 !vlan_default_pvid(p->vlgrp, old_pvid)) ||
2594e906 759 br_vlan_find(p->vlgrp, pvid))
5be5a2df
VY		 760 continue;
761
762 err = nbp_vlan_add(p, pvid,
763 BRIDGE_VLAN_INFO_PVID |
764 BRIDGE_VLAN_INFO_UNTAGGED);
765 if (err)
766 goto err_port;
767 nbp_vlan_delete(p, old_pvid);
768 set_bit(p->port_no, changed);
769 }
770
771 br->default_pvid = pvid;
772
773out:
774 kfree(changed);
775 return err;
776
777err_port:
778 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
779 if (!test_bit(p->port_no, changed))
780 continue;
781
782 if (old_pvid)
783 nbp_vlan_add(p, old_pvid,
784 BRIDGE_VLAN_INFO_PVID |
785 BRIDGE_VLAN_INFO_UNTAGGED);
786 nbp_vlan_delete(p, pvid);
787 }
788
789 if (test_bit(0, changed)) {
790 if (old_pvid)
791 br_vlan_add(br, old_pvid,
792 BRIDGE_VLAN_INFO_PVID |
2594e906
NA		 793 BRIDGE_VLAN_INFO_UNTAGGED |
794 BRIDGE_VLAN_INFO_BRENTRY);
5be5a2df
VY		 795 br_vlan_delete(br, pvid);
796 }
797 goto out;
798}
799
96a20d9d
VY		 800int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val)
801{
802 u16 pvid = val;
803 int err = 0;
804
5be5a2df 805 if (val >= VLAN_VID_MASK)
96a20d9d
VY		 806 return -EINVAL;
807
808 if (!rtnl_trylock())
809 return restart_syscall();
810
811 if (pvid == br->default_pvid)
812 goto unlock;
813
814 /* Only allow default pvid change when filtering is disabled */
815 if (br->vlan_enabled) {
816 pr_info_once("Please disable vlan filtering to change default_pvid\n");
817 err = -EPERM;
818 goto unlock;
819 }
0f963b75 820 err = __br_vlan_set_default_pvid(br, pvid);
96a20d9d
VY		 821unlock:
822 rtnl_unlock();
823 return err;
824}
825
5be5a2df 826int br_vlan_init(struct net_bridge *br)
8580e211 827{
2594e906
NA		 828 int ret = -ENOMEM;
829
830 br->vlgrp = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL);
831 if (!br->vlgrp)
832 goto out;
833 ret = rhashtable_init(&br->vlgrp->vlan_hash, &br_vlan_rht_params);
834 if (ret)
835 goto err_rhtbl;
836 INIT_LIST_HEAD(&br->vlgrp->vlan_list);
8580e211 837 br->vlan_proto = htons(ETH_P_8021Q);
96a20d9d 838 br->default_pvid = 1;
2594e906
NA		 839 ret = br_vlan_add(br, 1,
840 BRIDGE_VLAN_INFO_PVID | BRIDGE_VLAN_INFO_UNTAGGED |
841 BRIDGE_VLAN_INFO_BRENTRY);
842 if (ret)
843 goto err_vlan_add;
844
845out:
846 return ret;
847
848err_vlan_add:
849 rhashtable_destroy(&br->vlgrp->vlan_hash);
850err_rhtbl:
851 kfree(br->vlgrp);
852
853 goto out;
854}
855
856int nbp_vlan_init(struct net_bridge_port *p)
857{
263344e6 858 struct net_bridge_vlan_group *vg;
2594e906
NA		 859 int ret = -ENOMEM;
860
263344e6
NA		 861 vg = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL);
862 if (!vg)
2594e906
NA		 863 goto out;
864
263344e6 865 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params);
2594e906
NA		 866 if (ret)
867 goto err_rhtbl;
263344e6
NA		 868 INIT_LIST_HEAD(&vg->vlan_list);
869 /* Make sure everything's committed before publishing vg */
870 smp_wmb();
871 p->vlgrp = vg;
2594e906
NA		 872 if (p->br->default_pvid) {
873 ret = nbp_vlan_add(p, p->br->default_pvid,
874 BRIDGE_VLAN_INFO_PVID |
875 BRIDGE_VLAN_INFO_UNTAGGED);
876 if (ret)
877 goto err_vlan_add;
878 }
879out:
880 return ret;
881
882err_vlan_add:
263344e6 883 rhashtable_destroy(&vg->vlan_hash);
2594e906 884err_rhtbl:
263344e6 885 kfree(vg);
2594e906
NA		 886
887 goto out;
8580e211
TM		 888}
889
8adff41c
TM		 890/* Must be protected by RTNL.
891 * Must be called with vid in range from 1 to 4094 inclusive.
892 */
552406c4 893int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
243a2e63 894{
2594e906
NA		 895 struct net_bridge_vlan *vlan;
896 int ret;
243a2e63
VY		 897
898 ASSERT_RTNL();
899
2594e906
NA		 900 vlan = br_vlan_find(port->vlgrp, vid);
901 if (vlan) {
902 __vlan_add_flags(vlan, flags);
903 return 0;
243a2e63
VY		 904 }
905
2594e906
NA		 906 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL);
907 if (!vlan)
908 return -ENOMEM;
243a2e63 909
2594e906
NA		 910 vlan->vid = vid;
911 vlan->port = port;
912 ret = __vlan_add(vlan, flags);
913 if (ret)
914 kfree(vlan);
243a2e63 915
2594e906 916 return ret;
243a2e63
VY		 917}
918
8adff41c
TM		 919/* Must be protected by RTNL.
920 * Must be called with vid in range from 1 to 4094 inclusive.
921 */
243a2e63
VY		 922int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
923{
2594e906 924 struct net_bridge_vlan *v;
243a2e63
VY		 925
926 ASSERT_RTNL();
927
2594e906
NA		 928 v = br_vlan_find(port->vlgrp, vid);
929 if (!v)
930 return -ENOENT;
424bb9c9 931 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid);
1ea2d020 932 br_fdb_delete_by_port(port->br, port, vid, 0);
bc9a25d2 933
2594e906 934 return __vlan_del(v);
243a2e63
VY		 935}
936
937void nbp_vlan_flush(struct net_bridge_port *port)
938{
2594e906 939 struct net_bridge_vlan *vlan;
243a2e63
VY		 940
941 ASSERT_RTNL();
942
2594e906
NA		 943 list_for_each_entry(vlan, &port->vlgrp->vlan_list, vlist)
944 vlan_vid_del(port->dev, port->br->vlan_proto, vlan->vid);
bc9a25d2 945
77751ee8 946 __vlan_flush(nbp_vlan_group(port));
5be5a2df 947}
ubuntu-zesty-kernel mirror