projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
bridge: vlan: fix possible null vlgrp deref while registering new port
[deliverable/linux.git] / net / bridge / br_vlan.c
CommitLineData
243a2e63
VY		 1#include <linux/kernel.h>
2#include <linux/netdevice.h>
3#include <linux/rtnetlink.h>
4#include <linux/slab.h>
7f109539 5#include <net/switchdev.h>
243a2e63
VY		 6
7#include "br_private.h"
8
2594e906
NA		 9static inline int br_vlan_cmp(struct rhashtable_compare_arg *arg,
10 const void *ptr)
552406c4 11{
2594e906
NA		 12 const struct net_bridge_vlan *vle = ptr;
13 u16 vid = *(u16 *)arg->key;
14
15 return vle->vid != vid;
16}
17
18static const struct rhashtable_params br_vlan_rht_params = {
19 .head_offset = offsetof(struct net_bridge_vlan, vnode),
20 .key_offset = offsetof(struct net_bridge_vlan, vid),
21 .key_len = sizeof(u16),
8af78b64
NA		 22 .nelem_hint = 3,
23 .locks_mul = 1,
2594e906
NA		 24 .max_size = VLAN_N_VID,
25 .obj_cmpfn = br_vlan_cmp,
26 .automatic_shrinking = true,
27};
28
29static struct net_bridge_vlan *br_vlan_lookup(struct rhashtable *tbl, u16 vid)
30{
31 return rhashtable_lookup_fast(tbl, &vid, br_vlan_rht_params);
32}
33
34static void __vlan_add_pvid(u16 *pvid, u16 vid)
35{
36 if (*pvid == vid)
552406c4
VY		 37 return;
38
39 smp_wmb();
2594e906 40 *pvid = vid;
552406c4
VY		 41}
42
2594e906 43static void __vlan_delete_pvid(u16 *pvid, u16 vid)
552406c4 44{
2594e906 45 if (*pvid != vid)
552406c4
VY		 46 return;
47
48 smp_wmb();
2594e906 49 *pvid = 0;
552406c4
VY		 50}
51
2594e906 52static void __vlan_add_flags(struct net_bridge_vlan *v, u16 flags)
35e03f3a 53{
2594e906
NA		 54 if (flags & BRIDGE_VLAN_INFO_PVID) {
55 if (br_vlan_is_master(v))
56 __vlan_add_pvid(&v->br->pvid, v->vid);
57 else
58 __vlan_add_pvid(&v->port->pvid, v->vid);
59 } else {
60 if (br_vlan_is_master(v))
61 __vlan_delete_pvid(&v->br->pvid, v->vid);
62 else
63 __vlan_delete_pvid(&v->port->pvid, v->vid);
64 }
35e03f3a
VY		 65
66 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
2594e906 67 v->flags |= BRIDGE_VLAN_INFO_UNTAGGED;
635126b7 68 else
2594e906 69 v->flags &= ~BRIDGE_VLAN_INFO_UNTAGGED;
35e03f3a
VY		 70}
71
7f109539
SF		 72static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br,
73 u16 vid, u16 flags)
74{
75 const struct net_device_ops *ops = dev->netdev_ops;
76 int err;
77
78 /* If driver uses VLAN ndo ops, use 8021q to install vid
79 * on device, otherwise try switchdev ops to install vid.
80 */
81
82 if (ops->ndo_vlan_rx_add_vid) {
83 err = vlan_vid_add(dev, br->vlan_proto, vid);
84 } else {
ab069002
VD		 85 struct switchdev_obj_vlan v = {
86 .flags = flags,
87 .vid_begin = vid,
88 .vid_end = vid,
7f109539
SF		 89 };
90
ab069002 91 err = switchdev_port_obj_add(dev, SWITCHDEV_OBJ_PORT_VLAN, &v);
7f109539
SF		 92 if (err == -EOPNOTSUPP)
93 err = 0;
94 }
95
96 return err;
97}
98
2594e906 99static void __vlan_add_list(struct net_bridge_vlan *v)
243a2e63 100{
2594e906
NA		 101 struct list_head *headp, *hpos;
102 struct net_bridge_vlan *vent;
bc9a25d2 103
2594e906
NA		 104 headp = br_vlan_is_master(v) ? &v->br->vlgrp->vlan_list :
105 &v->port->vlgrp->vlan_list;
106 list_for_each_prev(hpos, headp) {
107 vent = list_entry(hpos, struct net_bridge_vlan, vlist);
108 if (v->vid < vent->vid)
109 continue;
110 else
111 break;
243a2e63 112 }
2594e906
NA		 113 list_add(&v->vlist, hpos);
114}
243a2e63 115
2594e906
NA		 116static void __vlan_del_list(struct net_bridge_vlan *v)
117{
118 list_del(&v->vlist);
243a2e63
VY		 119}
120
bf361ad3
VD		 121static int __vlan_vid_del(struct net_device *dev, struct net_bridge *br,
122 u16 vid)
7f109539
SF		 123{
124 const struct net_device_ops *ops = dev->netdev_ops;
bf361ad3 125 int err = 0;
7f109539
SF		 126
127 /* If driver uses VLAN ndo ops, use 8021q to delete vid
128 * on device, otherwise try switchdev ops to delete vid.
129 */
130
131 if (ops->ndo_vlan_rx_kill_vid) {
132 vlan_vid_del(dev, br->vlan_proto, vid);
133 } else {
ab069002
VD		 134 struct switchdev_obj_vlan v = {
135 .vid_begin = vid,
136 .vid_end = vid,
7f109539
SF		 137 };
138
ab069002 139 err = switchdev_port_obj_del(dev, SWITCHDEV_OBJ_PORT_VLAN, &v);
bf361ad3
VD		 140 if (err == -EOPNOTSUPP)
141 err = 0;
7f109539 142 }
bf361ad3
VD		 143
144 return err;
7f109539
SF		 145}
146
2594e906
NA		 147/* This is the shared VLAN add function which works for both ports and bridge
148 * devices. There are four possible calls to this function in terms of the
149 * vlan entry type:
150 * 1. vlan is being added on a port (no master flags, global entry exists)
151 * 2. vlan is being added on a bridge (both master and brvlan flags)
152 * 3. vlan is being added on a port, but a global entry didn't exist which
153 * is being created right now (master flag set, brvlan flag unset), the
154 * global entry is used for global per-vlan features, but not for filtering
155 * 4. same as 3 but with both master and brvlan flags set so the entry
156 * will be used for filtering in both the port and the bridge
157 */
158static int __vlan_add(struct net_bridge_vlan *v, u16 flags)
243a2e63 159{
2594e906
NA		 160 struct net_bridge_vlan *masterv = NULL;
161 struct net_bridge_port *p = NULL;
162 struct rhashtable *tbl;
163 struct net_device *dev;
164 struct net_bridge *br;
165 int err;
166
167 if (br_vlan_is_master(v)) {
168 br = v->br;
169 dev = br->dev;
170 tbl = &br->vlgrp->vlan_hash;
171 } else {
172 p = v->port;
173 br = p->br;
174 dev = p->dev;
175 tbl = &p->vlgrp->vlan_hash;
176 }
177
178 if (p) {
179 u16 master_flags = flags;
180
181 /* Add VLAN to the device filter if it is supported.
182 * This ensures tagged traffic enters the bridge when
183 * promiscuous mode is disabled by br_manage_promisc().
184 */
185 err = __vlan_vid_add(dev, br, v->vid, flags);
186 if (err)
187 goto out;
188
189 /* need to work on the master vlan too */
190 if (flags & BRIDGE_VLAN_INFO_MASTER) {
191 master_flags |= BRIDGE_VLAN_INFO_BRENTRY;
192 err = br_vlan_add(br, v->vid, master_flags);
193 if (err)
194 goto out_filt;
195 }
196
197 masterv = br_vlan_find(br->vlgrp, v->vid);
198 if (!masterv) {
199 /* missing global ctx, create it now */
200 err = br_vlan_add(br, v->vid, master_flags);
201 if (err)
202 goto out_filt;
203 masterv = br_vlan_find(br->vlgrp, v->vid);
204 WARN_ON(!masterv);
205 }
206 atomic_inc(&masterv->refcnt);
207 v->brvlan = masterv;
208 }
209
210 /* Add the dev mac only if it's a usable vlan */
211 if (br_vlan_should_use(v)) {
212 err = br_fdb_insert(br, p, dev->dev_addr, v->vid);
213 if (err) {
214 br_err(br, "failed insert local address into bridge forwarding table\n");
215 goto out_filt;
216 }
217 }
218
219 err = rhashtable_lookup_insert_fast(tbl, &v->vnode, br_vlan_rht_params);
220 if (err)
221 goto out_fdb_insert;
243a2e63 222
2594e906
NA		 223 __vlan_add_list(v);
224 __vlan_add_flags(v, flags);
225 if (br_vlan_is_master(v)) {
226 if (br_vlan_is_brentry(v))
227 br->vlgrp->num_vlans++;
228 } else {
229 p->vlgrp->num_vlans++;
230 }
231out:
232 return err;
233
234out_fdb_insert:
235 br_fdb_find_delete_local(br, p, br->dev->dev_addr, v->vid);
236
237out_filt:
238 if (p) {
239 __vlan_vid_del(dev, br, v->vid);
240 if (masterv) {
241 atomic_dec(&masterv->refcnt);
242 v->brvlan = NULL;
243 }
244 }
245
246 goto out;
247}
248
249static int __vlan_del(struct net_bridge_vlan *v)
250{
251 struct net_bridge_vlan *masterv = v;
252 struct net_bridge_port *p = NULL;
253 struct net_bridge *br;
254 int err = 0;
255 struct rhashtable *tbl;
256 u16 *pvid;
552406c4 257
2594e906
NA		 258 if (br_vlan_is_master(v)) {
259 br = v->br;
260 tbl = &v->br->vlgrp->vlan_hash;
261 pvid = &v->br->pvid;
262 } else {
263 p = v->port;
264 br = p->br;
265 tbl = &p->vlgrp->vlan_hash;
266 masterv = v->brvlan;
267 pvid = &p->pvid;
268 }
bf361ad3 269
2594e906
NA		 270 __vlan_delete_pvid(pvid, v->vid);
271 if (p) {
272 err = __vlan_vid_del(p->dev, p->br, v->vid);
bf361ad3 273 if (err)
2594e906 274 goto out;
8580e211 275 }
243a2e63 276
2594e906
NA		 277 if (br_vlan_is_master(v)) {
278 if (br_vlan_is_brentry(v)) {
279 v->flags &= ~BRIDGE_VLAN_INFO_BRENTRY;
280 br->vlgrp->num_vlans--;
281 }
282 } else {
283 p->vlgrp->num_vlans--;
284 }
285
286 if (masterv != v) {
287 rhashtable_remove_fast(tbl, &v->vnode, br_vlan_rht_params);
288 __vlan_del_list(v);
243a2e63
VY		 289 kfree_rcu(v, rcu);
290 }
2594e906
NA		 291
292 if (atomic_dec_and_test(&masterv->refcnt)) {
293 rhashtable_remove_fast(&masterv->br->vlgrp->vlan_hash,
294 &masterv->vnode, br_vlan_rht_params);
295 __vlan_del_list(masterv);
296 kfree_rcu(masterv, rcu);
297 }
298out:
299 return err;
243a2e63
VY		 300}
301
2594e906 302static void __vlan_flush(struct net_bridge_vlan_group *vlgrp, u16 *pvid)
243a2e63 303{
2594e906
NA		 304 struct net_bridge_vlan *vlan, *tmp;
305
306 __vlan_delete_pvid(pvid, *pvid);
307 list_for_each_entry_safe(vlan, tmp, &vlgrp->vlan_list, vlist)
308 __vlan_del(vlan);
309 rhashtable_destroy(&vlgrp->vlan_hash);
310 kfree(vlgrp);
243a2e63
VY		 311}
312
78851988 313struct sk_buff *br_handle_vlan(struct net_bridge *br,
2594e906 314 struct net_bridge_vlan_group *vg,
78851988 315 struct sk_buff *skb)
a37b85c9 316{
2594e906 317 struct net_bridge_vlan *v;
a37b85c9
VY		 318 u16 vid;
319
20adfa1a
VY		 320 /* If this packet was not filtered at input, let it pass */
321 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
78851988
VY		 322 goto out;
323
2594e906
NA		 324 /* At this point, we know that the frame was filtered and contains
325 * a valid vlan id. If the vlan id has untagged flag set,
326 * send untagged; otherwise, send tagged.
327 */
328 br_vlan_get_tag(skb, &vid);
329 v = br_vlan_find(vg, vid);
330 /* Vlan entry must be configured at this point. The
fc92f745
VY		 331 * only exception is the bridge is set in promisc mode and the
332 * packet is destined for the bridge device. In this case
333 * pass the packet as is.
334 */
2594e906 335 if (!v || !br_vlan_should_use(v)) {
fc92f745
VY		 336 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) {
337 goto out;
338 } else {
339 kfree_skb(skb);
340 return NULL;
341 }
342 }
2594e906 343 if (v->flags & BRIDGE_VLAN_INFO_UNTAGGED)
99b192da 344 skb->vlan_tci = 0;
78851988
VY		 345
346out:
347 return skb;
348}
349
350/* Called under RCU */
2594e906
NA		 351static bool __allowed_ingress(struct rhashtable *tbl, u16 pvid, __be16 proto,
352 struct sk_buff *skb, u16 *vid)
78851988 353{
2594e906 354 const struct net_bridge_vlan *v;
8580e211 355 bool tagged;
a37b85c9 356
20adfa1a 357 BR_INPUT_SKB_CB(skb)->vlan_filtered = true;
12464bb8
TM		 358 /* If vlan tx offload is disabled on bridge device and frame was
359 * sent from vlan device on the bridge device, it does not have
360 * HW accelerated vlan tag.
361 */
df8a39de 362 if (unlikely(!skb_vlan_tag_present(skb) &&
8580e211 363 skb->protocol == proto)) {
0d5501c1 364 skb = skb_vlan_untag(skb);
12464bb8
TM		 365 if (unlikely(!skb))
366 return false;
367 }
368
8580e211
TM		 369 if (!br_vlan_get_tag(skb, vid)) {
370 /* Tagged frame */
371 if (skb->vlan_proto != proto) {
372 /* Protocol-mismatch, empty out vlan_tci for new tag */
373 skb_push(skb, ETH_HLEN);
62749e2c 374 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto,
df8a39de 375 skb_vlan_tag_get(skb));
8580e211
TM		 376 if (unlikely(!skb))
377 return false;
378
379 skb_pull(skb, ETH_HLEN);
380 skb_reset_mac_len(skb);
381 *vid = 0;
382 tagged = false;
383 } else {
384 tagged = true;
385 }
386 } else {
387 /* Untagged frame */
388 tagged = false;
389 }
390
b90356ce 391 if (!*vid) {
b90356ce
TM		 392 /* Frame had a tag with VID 0 or did not have a tag.
393 * See if pvid is set on this port. That tells us which
394 * vlan untagged or priority-tagged traffic belongs to.
78851988 395 */
3df6bf45 396 if (!pvid)
eb707618 397 goto drop;
78851988 398
b90356ce
TM		 399 /* PVID is set on this port. Any untagged or priority-tagged
400 * ingress frame is considered to belong to this vlan.
78851988 401 */
dfb5fa32 402 *vid = pvid;
8580e211 403 if (likely(!tagged))
b90356ce 404 /* Untagged Frame. */
8580e211 405 __vlan_hwaccel_put_tag(skb, proto, pvid);
b90356ce
TM		 406 else
407 /* Priority-tagged Frame.
408 * At this point, We know that skb->vlan_tci had
409 * VLAN_TAG_PRESENT bit and its VID field was 0x000.
410 * We update only VID field and preserve PCP field.
411 */
412 skb->vlan_tci |= pvid;
413
78851988
VY		 414 return true;
415 }
416
417 /* Frame had a valid vlan tag. See if vlan is allowed */
2594e906
NA		 418 v = br_vlan_lookup(tbl, *vid);
419 if (v && br_vlan_should_use(v))
a37b85c9 420 return true;
eb707618
TM		 421drop:
422 kfree_skb(skb);
a37b85c9
VY		 423 return false;
424}
425
2594e906
NA		 426bool br_allowed_ingress(struct net_bridge *br, struct sk_buff *skb, u16 *vid)
427{
428 /* If VLAN filtering is disabled on the bridge, all packets are
429 * permitted.
430 */
431 if (!br->vlan_enabled) {
432 BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
433 return true;
434 }
435
436 return __allowed_ingress(&br->vlgrp->vlan_hash, br->pvid,
437 br->vlan_proto, skb, vid);
438}
439
440bool nbp_allowed_ingress(struct net_bridge_port *p, struct sk_buff *skb,
441 u16 *vid)
442{
443 struct net_bridge *br = p->br;
444
445 /* If VLAN filtering is disabled on the bridge, all packets are
446 * permitted.
447 */
448 if (!br->vlan_enabled) {
449 BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
450 return true;
451 }
452
453 return __allowed_ingress(&p->vlgrp->vlan_hash, p->pvid, br->vlan_proto,
454 skb, vid);
455}
456
85f46c6b 457/* Called under RCU. */
2594e906 458bool br_allowed_egress(struct net_bridge_vlan_group *vg,
85f46c6b
VY		 459 const struct sk_buff *skb)
460{
2594e906 461 const struct net_bridge_vlan *v;
85f46c6b
VY		 462 u16 vid;
463
20adfa1a
VY		 464 /* If this packet was not filtered at input, let it pass */
465 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
85f46c6b
VY		 466 return true;
467
85f46c6b 468 br_vlan_get_tag(skb, &vid);
2594e906
NA		 469 v = br_vlan_find(vg, vid);
470 if (v && br_vlan_should_use(v))
85f46c6b
VY		 471 return true;
472
473 return false;
474}
475
e0d7968a
TM		 476/* Called under RCU */
477bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
478{
468e7944 479 struct net_bridge_vlan_group *vg;
e0d7968a 480 struct net_bridge *br = p->br;
e0d7968a 481
20adfa1a 482 /* If filtering was disabled at input, let it pass. */
c095f248 483 if (!br->vlan_enabled)
e0d7968a
TM		 484 return true;
485
468e7944
NA		 486 vg = p->vlgrp;
487 if (!vg || !vg->num_vlans)
e0d7968a
TM		 488 return false;
489
8580e211
TM		 490 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto)
491 *vid = 0;
492
e0d7968a 493 if (!*vid) {
2594e906 494 *vid = nbp_get_pvid(p);
3df6bf45 495 if (!*vid)
e0d7968a
TM		 496 return false;
497
498 return true;
499 }
500
2594e906 501 if (br_vlan_find(p->vlgrp, *vid))
e0d7968a
TM		 502 return true;
503
504 return false;
505}
506
8adff41c
TM		 507/* Must be protected by RTNL.
508 * Must be called with vid in range from 1 to 4094 inclusive.
509 */
552406c4 510int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
243a2e63 511{
2594e906
NA		 512 struct net_bridge_vlan *vlan;
513 int ret;
243a2e63
VY		 514
515 ASSERT_RTNL();
516
2594e906
NA		 517 vlan = br_vlan_find(br->vlgrp, vid);
518 if (vlan) {
519 if (!br_vlan_is_brentry(vlan)) {
520 /* Trying to change flags of non-existent bridge vlan */
521 if (!(flags & BRIDGE_VLAN_INFO_BRENTRY))
522 return -EINVAL;
523 /* It was only kept for port vlans, now make it real */
524 ret = br_fdb_insert(br, NULL, br->dev->dev_addr,
525 vlan->vid);
526 if (ret) {
527 br_err(br, "failed insert local address into bridge forwarding table\n");
528 return ret;
529 }
530 atomic_inc(&vlan->refcnt);
531 vlan->flags |= BRIDGE_VLAN_INFO_BRENTRY;
532 br->vlgrp->num_vlans++;
533 }
534 __vlan_add_flags(vlan, flags);
535 return 0;
536 }
243a2e63 537
2594e906
NA		 538 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL);
539 if (!vlan)
243a2e63
VY		 540 return -ENOMEM;
541
2594e906
NA		 542 vlan->vid = vid;
543 vlan->flags = flags | BRIDGE_VLAN_INFO_MASTER;
544 vlan->flags &= ~BRIDGE_VLAN_INFO_PVID;
545 vlan->br = br;
546 if (flags & BRIDGE_VLAN_INFO_BRENTRY)
547 atomic_set(&vlan->refcnt, 1);
548 ret = __vlan_add(vlan, flags);
549 if (ret)
550 kfree(vlan);
243a2e63 551
2594e906 552 return ret;
243a2e63
VY		 553}
554
8adff41c
TM		 555/* Must be protected by RTNL.
556 * Must be called with vid in range from 1 to 4094 inclusive.
557 */
243a2e63
VY		 558int br_vlan_delete(struct net_bridge *br, u16 vid)
559{
2594e906 560 struct net_bridge_vlan *v;
243a2e63
VY		 561
562 ASSERT_RTNL();
563
2594e906
NA		 564 v = br_vlan_find(br->vlgrp, vid);
565 if (!v || !br_vlan_is_brentry(v))
566 return -ENOENT;
243a2e63 567
424bb9c9 568 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid);
bc9a25d2 569
2594e906 570 return __vlan_del(v);
243a2e63
VY		 571}
572
573void br_vlan_flush(struct net_bridge *br)
574{
243a2e63 575 ASSERT_RTNL();
243a2e63 576
2594e906 577 __vlan_flush(br_vlan_group(br), &br->pvid);
243a2e63
VY		 578}
579
2594e906 580struct net_bridge_vlan *br_vlan_find(struct net_bridge_vlan_group *vg, u16 vid)
2b292fb4 581{
2594e906
NA		 582 if (!vg)
583 return NULL;
2b292fb4 584
2594e906 585 return br_vlan_lookup(&vg->vlan_hash, vid);
2b292fb4
TM		 586}
587
204177f3
TM		 588/* Must be protected by RTNL. */
589static void recalculate_group_addr(struct net_bridge *br)
590{
591 if (br->group_addr_set)
592 return;
593
594 spin_lock_bh(&br->lock);
595 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q)) {
596 /* Bridge Group Address */
597 br->group_addr[5] = 0x00;
598 } else { /* vlan_enabled && ETH_P_8021AD */
599 /* Provider Bridge Group Address */
600 br->group_addr[5] = 0x08;
601 }
602 spin_unlock_bh(&br->lock);
603}
604
605/* Must be protected by RTNL. */
606void br_recalculate_fwd_mask(struct net_bridge *br)
607{
608 if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q))
609 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT;
610 else /* vlan_enabled && ETH_P_8021AD */
611 br->group_fwd_mask_required = BR_GROUPFWD_8021AD &
612 ~(1u << br->group_addr[5]);
613}
614
a7854037 615int __br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
243a2e63 616{
243a2e63 617 if (br->vlan_enabled == val)
a7854037 618 return 0;
243a2e63
VY		 619
620 br->vlan_enabled = val;
2796d0c6 621 br_manage_promisc(br);
204177f3
TM		 622 recalculate_group_addr(br);
623 br_recalculate_fwd_mask(br);
243a2e63 624
a7854037
NA		 625 return 0;
626}
627
628int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
629{
630 if (!rtnl_trylock())
631 return restart_syscall();
632
633 __br_vlan_filter_toggle(br, val);
243a2e63 634 rtnl_unlock();
a7854037 635
243a2e63
VY		 636 return 0;
637}
638
d2d427b3 639int __br_vlan_set_proto(struct net_bridge *br, __be16 proto)
204177f3
TM		 640{
641 int err = 0;
642 struct net_bridge_port *p;
2594e906 643 struct net_bridge_vlan *vlan;
d2d427b3 644 __be16 oldproto;
204177f3 645
204177f3 646 if (br->vlan_proto == proto)
d2d427b3 647 return 0;
204177f3
TM		 648
649 /* Add VLANs for the new proto to the device filter. */
650 list_for_each_entry(p, &br->port_list, list) {
2594e906
NA		 651 list_for_each_entry(vlan, &p->vlgrp->vlan_list, vlist) {
652 err = vlan_vid_add(p->dev, proto, vlan->vid);
204177f3
TM		 653 if (err)
654 goto err_filt;
655 }
656 }
657
658 oldproto = br->vlan_proto;
659 br->vlan_proto = proto;
660
661 recalculate_group_addr(br);
662 br_recalculate_fwd_mask(br);
663
664 /* Delete VLANs for the old proto from the device filter. */
2594e906
NA		 665 list_for_each_entry(p, &br->port_list, list)
666 list_for_each_entry(vlan, &p->vlgrp->vlan_list, vlist)
667 vlan_vid_del(p->dev, oldproto, vlan->vid);
204177f3 668
d2d427b3 669 return 0;
204177f3
TM		 670
671err_filt:
2594e906
NA		 672 list_for_each_entry_continue_reverse(vlan, &p->vlgrp->vlan_list, vlist)
673 vlan_vid_del(p->dev, proto, vlan->vid);
204177f3 674
2594e906
NA		 675 list_for_each_entry_continue_reverse(p, &br->port_list, list)
676 list_for_each_entry(vlan, &p->vlgrp->vlan_list, vlist)
677 vlan_vid_del(p->dev, proto, vlan->vid);
204177f3 678
d2d427b3
TM		 679 return err;
680}
681
682int br_vlan_set_proto(struct net_bridge *br, unsigned long val)
683{
684 int err;
685
686 if (val != ETH_P_8021Q && val != ETH_P_8021AD)
687 return -EPROTONOSUPPORT;
688
689 if (!rtnl_trylock())
690 return restart_syscall();
691
692 err = __br_vlan_set_proto(br, htons(val));
693 rtnl_unlock();
694
695 return err;
204177f3
TM		 696}
697
2594e906
NA		 698static bool vlan_default_pvid(struct net_bridge_vlan_group *vg, u16 pvid,
699 u16 vid)
5be5a2df 700{
2594e906
NA		 701 struct net_bridge_vlan *v;
702
703 if (vid != pvid)
704 return false;
705
706 v = br_vlan_lookup(&vg->vlan_hash, vid);
707 if (v && br_vlan_should_use(v) &&
708 (v->flags & BRIDGE_VLAN_INFO_UNTAGGED))
709 return true;
710
711 return false;
5be5a2df
VY		 712}
713
714static void br_vlan_disable_default_pvid(struct net_bridge *br)
715{
716 struct net_bridge_port *p;
717 u16 pvid = br->default_pvid;
718
719 /* Disable default_pvid on all ports where it is still
720 * configured.
721 */
2594e906 722 if (vlan_default_pvid(br->vlgrp, br->pvid, pvid))
5be5a2df
VY		 723 br_vlan_delete(br, pvid);
724
725 list_for_each_entry(p, &br->port_list, list) {
2594e906 726 if (vlan_default_pvid(p->vlgrp, p->pvid, pvid))
5be5a2df
VY		 727 nbp_vlan_delete(p, pvid);
728 }
729
730 br->default_pvid = 0;
731}
732
733static int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid)
734{
2594e906 735 const struct net_bridge_vlan *pvent;
5be5a2df
VY		 736 struct net_bridge_port *p;
737 u16 old_pvid;
738 int err = 0;
739 unsigned long *changed;
740
741 changed = kcalloc(BITS_TO_LONGS(BR_MAX_PORTS), sizeof(unsigned long),
742 GFP_KERNEL);
743 if (!changed)
744 return -ENOMEM;
745
746 old_pvid = br->default_pvid;
747
748 /* Update default_pvid config only if we do not conflict with
749 * user configuration.
750 */
2594e906
NA		 751 pvent = br_vlan_find(br->vlgrp, pvid);
752 if ((!old_pvid || vlan_default_pvid(br->vlgrp, br->pvid, old_pvid)) &&
753 (!pvent || !br_vlan_should_use(pvent))) {
5be5a2df
VY		 754 err = br_vlan_add(br, pvid,
755 BRIDGE_VLAN_INFO_PVID |
2594e906
NA		 756 BRIDGE_VLAN_INFO_UNTAGGED |
757 BRIDGE_VLAN_INFO_BRENTRY);
5be5a2df
VY		 758 if (err)
759 goto out;
760 br_vlan_delete(br, old_pvid);
761 set_bit(0, changed);
762 }
763
764 list_for_each_entry(p, &br->port_list, list) {
765 /* Update default_pvid config only if we do not conflict with
766 * user configuration.
767 */
768 if ((old_pvid &&
2594e906
NA		 769 !vlan_default_pvid(p->vlgrp, p->pvid, old_pvid)) ||
770 br_vlan_find(p->vlgrp, pvid))
5be5a2df
VY		 771 continue;
772
773 err = nbp_vlan_add(p, pvid,
774 BRIDGE_VLAN_INFO_PVID |
775 BRIDGE_VLAN_INFO_UNTAGGED);
776 if (err)
777 goto err_port;
778 nbp_vlan_delete(p, old_pvid);
779 set_bit(p->port_no, changed);
780 }
781
782 br->default_pvid = pvid;
783
784out:
785 kfree(changed);
786 return err;
787
788err_port:
789 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
790 if (!test_bit(p->port_no, changed))
791 continue;
792
793 if (old_pvid)
794 nbp_vlan_add(p, old_pvid,
795 BRIDGE_VLAN_INFO_PVID |
796 BRIDGE_VLAN_INFO_UNTAGGED);
797 nbp_vlan_delete(p, pvid);
798 }
799
800 if (test_bit(0, changed)) {
801 if (old_pvid)
802 br_vlan_add(br, old_pvid,
803 BRIDGE_VLAN_INFO_PVID |
2594e906
NA		 804 BRIDGE_VLAN_INFO_UNTAGGED |
805 BRIDGE_VLAN_INFO_BRENTRY);
5be5a2df
VY		 806 br_vlan_delete(br, pvid);
807 }
808 goto out;
809}
810
96a20d9d
VY		 811int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val)
812{
813 u16 pvid = val;
814 int err = 0;
815
5be5a2df 816 if (val >= VLAN_VID_MASK)
96a20d9d
VY		 817 return -EINVAL;
818
819 if (!rtnl_trylock())
820 return restart_syscall();
821
822 if (pvid == br->default_pvid)
823 goto unlock;
824
825 /* Only allow default pvid change when filtering is disabled */
826 if (br->vlan_enabled) {
827 pr_info_once("Please disable vlan filtering to change default_pvid\n");
828 err = -EPERM;
829 goto unlock;
830 }
831
5be5a2df
VY		 832 if (!pvid)
833 br_vlan_disable_default_pvid(br);
834 else
835 err = __br_vlan_set_default_pvid(br, pvid);
96a20d9d
VY		 836
837unlock:
838 rtnl_unlock();
839 return err;
840}
841
5be5a2df 842int br_vlan_init(struct net_bridge *br)
8580e211 843{
2594e906
NA		 844 int ret = -ENOMEM;
845
846 br->vlgrp = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL);
847 if (!br->vlgrp)
848 goto out;
849 ret = rhashtable_init(&br->vlgrp->vlan_hash, &br_vlan_rht_params);
850 if (ret)
851 goto err_rhtbl;
852 INIT_LIST_HEAD(&br->vlgrp->vlan_list);
8580e211 853 br->vlan_proto = htons(ETH_P_8021Q);
96a20d9d 854 br->default_pvid = 1;
2594e906
NA		 855 ret = br_vlan_add(br, 1,
856 BRIDGE_VLAN_INFO_PVID | BRIDGE_VLAN_INFO_UNTAGGED |
857 BRIDGE_VLAN_INFO_BRENTRY);
858 if (ret)
859 goto err_vlan_add;
860
861out:
862 return ret;
863
864err_vlan_add:
865 rhashtable_destroy(&br->vlgrp->vlan_hash);
866err_rhtbl:
867 kfree(br->vlgrp);
868
869 goto out;
870}
871
872int nbp_vlan_init(struct net_bridge_port *p)
873{
874 int ret = -ENOMEM;
875
876 p->vlgrp = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL);
877 if (!p->vlgrp)
878 goto out;
879
880 ret = rhashtable_init(&p->vlgrp->vlan_hash, &br_vlan_rht_params);
881 if (ret)
882 goto err_rhtbl;
883 INIT_LIST_HEAD(&p->vlgrp->vlan_list);
884 if (p->br->default_pvid) {
885 ret = nbp_vlan_add(p, p->br->default_pvid,
886 BRIDGE_VLAN_INFO_PVID |
887 BRIDGE_VLAN_INFO_UNTAGGED);
888 if (ret)
889 goto err_vlan_add;
890 }
891out:
892 return ret;
893
894err_vlan_add:
895 rhashtable_destroy(&p->vlgrp->vlan_hash);
896err_rhtbl:
897 kfree(p->vlgrp);
898
899 goto out;
8580e211
TM		 900}
901
8adff41c
TM		 902/* Must be protected by RTNL.
903 * Must be called with vid in range from 1 to 4094 inclusive.
904 */
552406c4 905int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
243a2e63 906{
2594e906
NA		 907 struct net_bridge_vlan *vlan;
908 int ret;
243a2e63
VY		 909
910 ASSERT_RTNL();
911
2594e906
NA		 912 vlan = br_vlan_find(port->vlgrp, vid);
913 if (vlan) {
914 __vlan_add_flags(vlan, flags);
915 return 0;
243a2e63
VY		 916 }
917
2594e906
NA		 918 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL);
919 if (!vlan)
920 return -ENOMEM;
243a2e63 921
2594e906
NA		 922 vlan->vid = vid;
923 vlan->port = port;
924 ret = __vlan_add(vlan, flags);
925 if (ret)
926 kfree(vlan);
243a2e63 927
2594e906 928 return ret;
243a2e63
VY		 929}
930
8adff41c
TM		 931/* Must be protected by RTNL.
932 * Must be called with vid in range from 1 to 4094 inclusive.
933 */
243a2e63
VY		 934int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
935{
2594e906 936 struct net_bridge_vlan *v;
243a2e63
VY		 937
938 ASSERT_RTNL();
939
2594e906
NA		 940 v = br_vlan_find(port->vlgrp, vid);
941 if (!v)
942 return -ENOENT;
424bb9c9 943 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid);
1ea2d020 944 br_fdb_delete_by_port(port->br, port, vid, 0);
bc9a25d2 945
2594e906 946 return __vlan_del(v);
243a2e63
VY		 947}
948
949void nbp_vlan_flush(struct net_bridge_port *port)
950{
2594e906 951 struct net_bridge_vlan *vlan;
243a2e63
VY		 952
953 ASSERT_RTNL();
954
2594e906
NA		 955 list_for_each_entry(vlan, &port->vlgrp->vlan_list, vlist)
956 vlan_vid_del(port->dev, port->br->vlan_proto, vlan->vid);
bc9a25d2 957
2594e906 958 __vlan_flush(nbp_vlan_group(port), &port->pvid);
5be5a2df 959}
Linux kernel - Deliverables
This page took 0.448531 seconds and 5 git commands to generate.