]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - net/bridge/br_vlan.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
net: vlan: rename NETIF_F_HW_VLAN_* feature flags to NETIF_F_HW_VLAN_CTAG_*
[mirror_ubuntu-artful-kernel.git] / net / bridge / br_vlan.c
1 #include <linux/kernel.h>
2 #include <linux/netdevice.h>
3 #include <linux/rtnetlink.h>
4 #include <linux/slab.h>
5
6 #include "br_private.h"
7
8 static void __vlan_add_pvid(struct net_port_vlans *v, u16 vid)
9 {
10 if (v->pvid == vid)
11 return;
12
13 smp_wmb();
14 v->pvid = vid;
15 }
16
17 static void __vlan_delete_pvid(struct net_port_vlans *v, u16 vid)
18 {
19 if (v->pvid != vid)
20 return;
21
22 smp_wmb();
23 v->pvid = 0;
24 }
25
26 static void __vlan_add_flags(struct net_port_vlans *v, u16 vid, u16 flags)
27 {
28 if (flags & BRIDGE_VLAN_INFO_PVID)
29 __vlan_add_pvid(v, vid);
30
31 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
32 set_bit(vid, v->untagged_bitmap);
33 }
34
35 static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags)
36 {
37 struct net_bridge_port *p = NULL;
38 struct net_bridge *br;
39 struct net_device *dev;
40 int err;
41
42 if (test_bit(vid, v->vlan_bitmap)) {
43 __vlan_add_flags(v, vid, flags);
44 return 0;
45 }
46
47 if (vid) {
48 if (v->port_idx) {
49 p = v->parent.port;
50 br = p->br;
51 dev = p->dev;
52 } else {
53 br = v->parent.br;
54 dev = br->dev;
55 }
56
57 if (p && (dev->features & NETIF_F_HW_VLAN_CTAG_FILTER)) {
58 /* Add VLAN to the device filter if it is supported.
59 * Stricly speaking, this is not necessary now, since
60 * devices are made promiscuous by the bridge, but if
61 * that ever changes this code will allow tagged
62 * traffic to enter the bridge.
63 */
64 err = dev->netdev_ops->ndo_vlan_rx_add_vid(dev, vid);
65 if (err)
66 return err;
67 }
68
69 err = br_fdb_insert(br, p, dev->dev_addr, vid);
70 if (err) {
71 br_err(br, "failed insert local address into bridge "
72 "forwarding table\n");
73 goto out_filt;
74 }
75
76 }
77
78 set_bit(vid, v->vlan_bitmap);
79 v->num_vlans++;
80 __vlan_add_flags(v, vid, flags);
81
82 return 0;
83
84 out_filt:
85 if (p && (dev->features & NETIF_F_HW_VLAN_CTAG_FILTER))
86 dev->netdev_ops->ndo_vlan_rx_kill_vid(dev, vid);
87 return err;
88 }
89
90 static int __vlan_del(struct net_port_vlans *v, u16 vid)
91 {
92 if (!test_bit(vid, v->vlan_bitmap))
93 return -EINVAL;
94
95 __vlan_delete_pvid(v, vid);
96 clear_bit(vid, v->untagged_bitmap);
97
98 if (v->port_idx && vid) {
99 struct net_device *dev = v->parent.port->dev;
100
101 if (dev->features & NETIF_F_HW_VLAN_CTAG_FILTER)
102 dev->netdev_ops->ndo_vlan_rx_kill_vid(dev, vid);
103 }
104
105 clear_bit(vid, v->vlan_bitmap);
106 v->num_vlans--;
107 if (bitmap_empty(v->vlan_bitmap, BR_VLAN_BITMAP_LEN)) {
108 if (v->port_idx)
109 rcu_assign_pointer(v->parent.port->vlan_info, NULL);
110 else
111 rcu_assign_pointer(v->parent.br->vlan_info, NULL);
112 kfree_rcu(v, rcu);
113 }
114 return 0;
115 }
116
117 static void __vlan_flush(struct net_port_vlans *v)
118 {
119 smp_wmb();
120 v->pvid = 0;
121 bitmap_zero(v->vlan_bitmap, BR_VLAN_BITMAP_LEN);
122 if (v->port_idx)
123 rcu_assign_pointer(v->parent.port->vlan_info, NULL);
124 else
125 rcu_assign_pointer(v->parent.br->vlan_info, NULL);
126 kfree_rcu(v, rcu);
127 }
128
129 /* Strip the tag from the packet. Will return skb with tci set 0. */
130 static struct sk_buff *br_vlan_untag(struct sk_buff *skb)
131 {
132 if (skb->protocol != htons(ETH_P_8021Q)) {
133 skb->vlan_tci = 0;
134 return skb;
135 }
136
137 skb->vlan_tci = 0;
138 skb = vlan_untag(skb);
139 if (skb)
140 skb->vlan_tci = 0;
141
142 return skb;
143 }
144
145 struct sk_buff *br_handle_vlan(struct net_bridge *br,
146 const struct net_port_vlans *pv,
147 struct sk_buff *skb)
148 {
149 u16 vid;
150
151 if (!br->vlan_enabled)
152 goto out;
153
154 /* At this point, we know that the frame was filtered and contains
155 * a valid vlan id. If the vlan id is set in the untagged bitmap,
156 * send untagged; otherwise, send taged.
157 */
158 br_vlan_get_tag(skb, &vid);
159 if (test_bit(vid, pv->untagged_bitmap))
160 skb = br_vlan_untag(skb);
161 else {
162 /* Egress policy says "send tagged". If output device
163 * is the bridge, we need to add the VLAN header
164 * ourselves since we'll be going through the RX path.
165 * Sending to ports puts the frame on the TX path and
166 * we let dev_hard_start_xmit() add the header.
167 */
168 if (skb->protocol != htons(ETH_P_8021Q) &&
169 pv->port_idx == 0) {
170 /* vlan_put_tag expects skb->data to point to
171 * mac header.
172 */
173 skb_push(skb, ETH_HLEN);
174 skb = __vlan_put_tag(skb, skb->vlan_tci);
175 if (!skb)
176 goto out;
177 /* put skb->data back to where it was */
178 skb_pull(skb, ETH_HLEN);
179 skb->vlan_tci = 0;
180 }
181 }
182
183 out:
184 return skb;
185 }
186
187 /* Called under RCU */
188 bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
189 struct sk_buff *skb, u16 *vid)
190 {
191 /* If VLAN filtering is disabled on the bridge, all packets are
192 * permitted.
193 */
194 if (!br->vlan_enabled)
195 return true;
196
197 /* If there are no vlan in the permitted list, all packets are
198 * rejected.
199 */
200 if (!v)
201 return false;
202
203 if (br_vlan_get_tag(skb, vid)) {
204 u16 pvid = br_get_pvid(v);
205
206 /* Frame did not have a tag. See if pvid is set
207 * on this port. That tells us which vlan untagged
208 * traffic belongs to.
209 */
210 if (pvid == VLAN_N_VID)
211 return false;
212
213 /* PVID is set on this port. Any untagged ingress
214 * frame is considered to belong to this vlan.
215 */
216 __vlan_hwaccel_put_tag(skb, pvid);
217 return true;
218 }
219
220 /* Frame had a valid vlan tag. See if vlan is allowed */
221 if (test_bit(*vid, v->vlan_bitmap))
222 return true;
223
224 return false;
225 }
226
227 /* Called under RCU. */
228 bool br_allowed_egress(struct net_bridge *br,
229 const struct net_port_vlans *v,
230 const struct sk_buff *skb)
231 {
232 u16 vid;
233
234 if (!br->vlan_enabled)
235 return true;
236
237 if (!v)
238 return false;
239
240 br_vlan_get_tag(skb, &vid);
241 if (test_bit(vid, v->vlan_bitmap))
242 return true;
243
244 return false;
245 }
246
247 /* Must be protected by RTNL */
248 int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
249 {
250 struct net_port_vlans *pv = NULL;
251 int err;
252
253 ASSERT_RTNL();
254
255 pv = rtnl_dereference(br->vlan_info);
256 if (pv)
257 return __vlan_add(pv, vid, flags);
258
259 /* Create port vlan infomration
260 */
261 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
262 if (!pv)
263 return -ENOMEM;
264
265 pv->parent.br = br;
266 err = __vlan_add(pv, vid, flags);
267 if (err)
268 goto out;
269
270 rcu_assign_pointer(br->vlan_info, pv);
271 return 0;
272 out:
273 kfree(pv);
274 return err;
275 }
276
277 /* Must be protected by RTNL */
278 int br_vlan_delete(struct net_bridge *br, u16 vid)
279 {
280 struct net_port_vlans *pv;
281
282 ASSERT_RTNL();
283
284 pv = rtnl_dereference(br->vlan_info);
285 if (!pv)
286 return -EINVAL;
287
288 if (vid) {
289 /* If the VID !=0 remove fdb for this vid. VID 0 is special
290 * in that it's the default and is always there in the fdb.
291 */
292 spin_lock_bh(&br->hash_lock);
293 fdb_delete_by_addr(br, br->dev->dev_addr, vid);
294 spin_unlock_bh(&br->hash_lock);
295 }
296
297 __vlan_del(pv, vid);
298 return 0;
299 }
300
301 void br_vlan_flush(struct net_bridge *br)
302 {
303 struct net_port_vlans *pv;
304
305 ASSERT_RTNL();
306 pv = rtnl_dereference(br->vlan_info);
307 if (!pv)
308 return;
309
310 __vlan_flush(pv);
311 }
312
313 int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
314 {
315 if (!rtnl_trylock())
316 return restart_syscall();
317
318 if (br->vlan_enabled == val)
319 goto unlock;
320
321 br->vlan_enabled = val;
322
323 unlock:
324 rtnl_unlock();
325 return 0;
326 }
327
328 /* Must be protected by RTNL */
329 int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
330 {
331 struct net_port_vlans *pv = NULL;
332 int err;
333
334 ASSERT_RTNL();
335
336 pv = rtnl_dereference(port->vlan_info);
337 if (pv)
338 return __vlan_add(pv, vid, flags);
339
340 /* Create port vlan infomration
341 */
342 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
343 if (!pv) {
344 err = -ENOMEM;
345 goto clean_up;
346 }
347
348 pv->port_idx = port->port_no;
349 pv->parent.port = port;
350 err = __vlan_add(pv, vid, flags);
351 if (err)
352 goto clean_up;
353
354 rcu_assign_pointer(port->vlan_info, pv);
355 return 0;
356
357 clean_up:
358 kfree(pv);
359 return err;
360 }
361
362 /* Must be protected by RTNL */
363 int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
364 {
365 struct net_port_vlans *pv;
366
367 ASSERT_RTNL();
368
369 pv = rtnl_dereference(port->vlan_info);
370 if (!pv)
371 return -EINVAL;
372
373 if (vid) {
374 /* If the VID !=0 remove fdb for this vid. VID 0 is special
375 * in that it's the default and is always there in the fdb.
376 */
377 spin_lock_bh(&port->br->hash_lock);
378 fdb_delete_by_addr(port->br, port->dev->dev_addr, vid);
379 spin_unlock_bh(&port->br->hash_lock);
380 }
381
382 return __vlan_del(pv, vid);
383 }
384
385 void nbp_vlan_flush(struct net_bridge_port *port)
386 {
387 struct net_port_vlans *pv;
388
389 ASSERT_RTNL();
390
391 pv = rtnl_dereference(port->vlan_info);
392 if (!pv)
393 return;
394
395 __vlan_flush(pv);
396 }
397
398 bool nbp_vlan_find(struct net_bridge_port *port, u16 vid)
399 {
400 struct net_port_vlans *pv;
401 bool found = false;
402
403 rcu_read_lock();
404 pv = rcu_dereference(port->vlan_info);
405
406 if (!pv)
407 goto out;
408
409 if (test_bit(vid, pv->vlan_bitmap))
410 found = true;
411
412 out:
413 rcu_read_unlock();
414 return found;
415 }
Ubuntu Artful kernel mirror