projects / cascardo / linux.git / blob
? search:


febb0f87fa37a1840d8ad470fb2491348da53bd3
[cascardo/linux.git] / net / bridge / br_vlan.c
1 #include <linux/kernel.h>
2 #include <linux/netdevice.h>
3 #include <linux/rtnetlink.h>
4 #include <linux/slab.h>
5
6 #include "br_private.h"
7
8 static void __vlan_add_pvid(struct net_port_vlans *v, u16 vid)
9 {
10         if (v->pvid == vid)
11                 return;
12
13         smp_wmb();
14         v->pvid = vid;
15 }
16
17 static void __vlan_delete_pvid(struct net_port_vlans *v, u16 vid)
18 {
19         if (v->pvid != vid)
20                 return;
21
22         smp_wmb();
23         v->pvid = 0;
24 }
25
26 static void __vlan_add_flags(struct net_port_vlans *v, u16 vid, u16 flags)
27 {
28         if (flags & BRIDGE_VLAN_INFO_PVID)
29                 __vlan_add_pvid(v, vid);
30
31         if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
32                 set_bit(vid, v->untagged_bitmap);
33 }
34
35 static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags)
36 {
37         struct net_bridge_port *p = NULL;
38         struct net_bridge *br;
39         struct net_device *dev;
40         int err;
41
42         if (test_bit(vid, v->vlan_bitmap)) {
43                 __vlan_add_flags(v, vid, flags);
44                 return 0;
45         }
46
47         if (v->port_idx) {
48                 p = v->parent.port;
49                 br = p->br;
50                 dev = p->dev;
51         } else {
52                 br = v->parent.br;
53                 dev = br->dev;
54         }
55
56         if (p) {
57                 /* Add VLAN to the device filter if it is supported.
58                  * This ensures tagged traffic enters the bridge when
59                  * promiscuous mode is disabled by br_manage_promisc().
60                  */
61                 err = vlan_vid_add(dev, br->vlan_proto, vid);
62                 if (err)
63                         return err;
64         }
65
66         err = br_fdb_insert(br, p, dev->dev_addr, vid);
67         if (err) {
68                 br_err(br, "failed insert local address into bridge "
69                        "forwarding table\n");
70                 goto out_filt;
71         }
72
73         set_bit(vid, v->vlan_bitmap);
74         v->num_vlans++;
75         __vlan_add_flags(v, vid, flags);
76
77         return 0;
78
79 out_filt:
80         if (p)
81                 vlan_vid_del(dev, br->vlan_proto, vid);
82         return err;
83 }
84
85 static int __vlan_del(struct net_port_vlans *v, u16 vid)
86 {
87         if (!test_bit(vid, v->vlan_bitmap))
88                 return -EINVAL;
89
90         __vlan_delete_pvid(v, vid);
91         clear_bit(vid, v->untagged_bitmap);
92
93         if (v->port_idx) {
94                 struct net_bridge_port *p = v->parent.port;
95                 vlan_vid_del(p->dev, p->br->vlan_proto, vid);
96         }
97
98         clear_bit(vid, v->vlan_bitmap);
99         v->num_vlans--;
100         if (bitmap_empty(v->vlan_bitmap, VLAN_N_VID)) {
101                 if (v->port_idx)
102                         RCU_INIT_POINTER(v->parent.port->vlan_info, NULL);
103                 else
104                         RCU_INIT_POINTER(v->parent.br->vlan_info, NULL);
105                 kfree_rcu(v, rcu);
106         }
107         return 0;
108 }
109
110 static void __vlan_flush(struct net_port_vlans *v)
111 {
112         smp_wmb();
113         v->pvid = 0;
114         bitmap_zero(v->vlan_bitmap, VLAN_N_VID);
115         if (v->port_idx)
116                 RCU_INIT_POINTER(v->parent.port->vlan_info, NULL);
117         else
118                 RCU_INIT_POINTER(v->parent.br->vlan_info, NULL);
119         kfree_rcu(v, rcu);
120 }
121
122 struct sk_buff *br_handle_vlan(struct net_bridge *br,
123                                const struct net_port_vlans *pv,
124                                struct sk_buff *skb)
125 {
126         u16 vid;
127
128         if (!br->vlan_enabled)
129                 goto out;
130
131         /* Vlan filter table must be configured at this point.  The
132          * only exception is the bridge is set in promisc mode and the
133          * packet is destined for the bridge device.  In this case
134          * pass the packet as is.
135          */
136         if (!pv) {
137                 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) {
138                         goto out;
139                 } else {
140                         kfree_skb(skb);
141                         return NULL;
142                 }
143         }
144
145         /* At this point, we know that the frame was filtered and contains
146          * a valid vlan id.  If the vlan id is set in the untagged bitmap,
147          * send untagged; otherwise, send tagged.
148          */
149         br_vlan_get_tag(skb, &vid);
150         if (test_bit(vid, pv->untagged_bitmap))
151                 skb->vlan_tci = 0;
152
153 out:
154         return skb;
155 }
156
157 /* Called under RCU */
158 bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
159                         struct sk_buff *skb, u16 *vid)
160 {
161         bool tagged;
162         __be16 proto;
163
164         /* If VLAN filtering is disabled on the bridge, all packets are
165          * permitted.
166          */
167         if (!br->vlan_enabled)
168                 return true;
169
170         /* If there are no vlan in the permitted list, all packets are
171          * rejected.
172          */
173         if (!v)
174                 goto drop;
175
176         proto = br->vlan_proto;
177
178         /* If vlan tx offload is disabled on bridge device and frame was
179          * sent from vlan device on the bridge device, it does not have
180          * HW accelerated vlan tag.
181          */
182         if (unlikely(!vlan_tx_tag_present(skb) &&
183                      skb->protocol == proto)) {
184                 skb = vlan_untag(skb);
185                 if (unlikely(!skb))
186                         return false;
187         }
188
189         if (!br_vlan_get_tag(skb, vid)) {
190                 /* Tagged frame */
191                 if (skb->vlan_proto != proto) {
192                         /* Protocol-mismatch, empty out vlan_tci for new tag */
193                         skb_push(skb, ETH_HLEN);
194                         skb = __vlan_put_tag(skb, skb->vlan_proto,
195                                              vlan_tx_tag_get(skb));
196                         if (unlikely(!skb))
197                                 return false;
198
199                         skb_pull(skb, ETH_HLEN);
200                         skb_reset_mac_len(skb);
201                         *vid = 0;
202                         tagged = false;
203                 } else {
204                         tagged = true;
205                 }
206         } else {
207                 /* Untagged frame */
208                 tagged = false;
209         }
210
211         if (!*vid) {
212                 u16 pvid = br_get_pvid(v);
213
214                 /* Frame had a tag with VID 0 or did not have a tag.
215                  * See if pvid is set on this port.  That tells us which
216                  * vlan untagged or priority-tagged traffic belongs to.
217                  */
218                 if (pvid == VLAN_N_VID)
219                         goto drop;
220
221                 /* PVID is set on this port.  Any untagged or priority-tagged
222                  * ingress frame is considered to belong to this vlan.
223                  */
224                 *vid = pvid;
225                 if (likely(!tagged))
226                         /* Untagged Frame. */
227                         __vlan_hwaccel_put_tag(skb, proto, pvid);
228                 else
229                         /* Priority-tagged Frame.
230                          * At this point, We know that skb->vlan_tci had
231                          * VLAN_TAG_PRESENT bit and its VID field was 0x000.
232                          * We update only VID field and preserve PCP field.
233                          */
234                         skb->vlan_tci |= pvid;
235
236                 return true;
237         }
238
239         /* Frame had a valid vlan tag.  See if vlan is allowed */
240         if (test_bit(*vid, v->vlan_bitmap))
241                 return true;
242 drop:
243         kfree_skb(skb);
244         return false;
245 }
246
247 /* Called under RCU. */
248 bool br_allowed_egress(struct net_bridge *br,
249                        const struct net_port_vlans *v,
250                        const struct sk_buff *skb)
251 {
252         u16 vid;
253
254         if (!br->vlan_enabled)
255                 return true;
256
257         if (!v)
258                 return false;
259
260         br_vlan_get_tag(skb, &vid);
261         if (test_bit(vid, v->vlan_bitmap))
262                 return true;
263
264         return false;
265 }
266
267 /* Called under RCU */
268 bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
269 {
270         struct net_bridge *br = p->br;
271         struct net_port_vlans *v;
272
273         if (!br->vlan_enabled)
274                 return true;
275
276         v = rcu_dereference(p->vlan_info);
277         if (!v)
278                 return false;
279
280         if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto)
281                 *vid = 0;
282
283         if (!*vid) {
284                 *vid = br_get_pvid(v);
285                 if (*vid == VLAN_N_VID)
286                         return false;
287
288                 return true;
289         }
290
291         if (test_bit(*vid, v->vlan_bitmap))
292                 return true;
293
294         return false;
295 }
296
297 /* Must be protected by RTNL.
298  * Must be called with vid in range from 1 to 4094 inclusive.
299  */
300 int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
301 {
302         struct net_port_vlans *pv = NULL;
303         int err;
304
305         ASSERT_RTNL();
306
307         pv = rtnl_dereference(br->vlan_info);
308         if (pv)
309                 return __vlan_add(pv, vid, flags);
310
311         /* Create port vlan infomration
312          */
313         pv = kzalloc(sizeof(*pv), GFP_KERNEL);
314         if (!pv)
315                 return -ENOMEM;
316
317         pv->parent.br = br;
318         err = __vlan_add(pv, vid, flags);
319         if (err)
320                 goto out;
321
322         rcu_assign_pointer(br->vlan_info, pv);
323         return 0;
324 out:
325         kfree(pv);
326         return err;
327 }
328
329 /* Must be protected by RTNL.
330  * Must be called with vid in range from 1 to 4094 inclusive.
331  */
332 int br_vlan_delete(struct net_bridge *br, u16 vid)
333 {
334         struct net_port_vlans *pv;
335
336         ASSERT_RTNL();
337
338         pv = rtnl_dereference(br->vlan_info);
339         if (!pv)
340                 return -EINVAL;
341
342         br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid);
343
344         __vlan_del(pv, vid);
345         return 0;
346 }
347
348 void br_vlan_flush(struct net_bridge *br)
349 {
350         struct net_port_vlans *pv;
351
352         ASSERT_RTNL();
353         pv = rtnl_dereference(br->vlan_info);
354         if (!pv)
355                 return;
356
357         __vlan_flush(pv);
358 }
359
360 bool br_vlan_find(struct net_bridge *br, u16 vid)
361 {
362         struct net_port_vlans *pv;
363         bool found = false;
364
365         rcu_read_lock();
366         pv = rcu_dereference(br->vlan_info);
367
368         if (!pv)
369                 goto out;
370
371         if (test_bit(vid, pv->vlan_bitmap))
372                 found = true;
373
374 out:
375         rcu_read_unlock();
376         return found;
377 }
378
379 /* Must be protected by RTNL. */
380 static void recalculate_group_addr(struct net_bridge *br)
381 {
382         if (br->group_addr_set)
383                 return;
384
385         spin_lock_bh(&br->lock);
386         if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q)) {
387                 /* Bridge Group Address */
388                 br->group_addr[5] = 0x00;
389         } else { /* vlan_enabled && ETH_P_8021AD */
390                 /* Provider Bridge Group Address */
391                 br->group_addr[5] = 0x08;
392         }
393         spin_unlock_bh(&br->lock);
394 }
395
396 /* Must be protected by RTNL. */
397 void br_recalculate_fwd_mask(struct net_bridge *br)
398 {
399         if (!br->vlan_enabled || br->vlan_proto == htons(ETH_P_8021Q))
400                 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT;
401         else /* vlan_enabled && ETH_P_8021AD */
402                 br->group_fwd_mask_required = BR_GROUPFWD_8021AD &
403                                               ~(1u << br->group_addr[5]);
404 }
405
406 int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
407 {
408         if (!rtnl_trylock())
409                 return restart_syscall();
410
411         if (br->vlan_enabled == val)
412                 goto unlock;
413
414         br->vlan_enabled = val;
415         br_manage_promisc(br);
416         recalculate_group_addr(br);
417         br_recalculate_fwd_mask(br);
418
419 unlock:
420         rtnl_unlock();
421         return 0;
422 }
423
424 int br_vlan_set_proto(struct net_bridge *br, unsigned long val)
425 {
426         int err = 0;
427         struct net_bridge_port *p;
428         struct net_port_vlans *pv;
429         __be16 proto, oldproto;
430         u16 vid, errvid;
431
432         if (val != ETH_P_8021Q && val != ETH_P_8021AD)
433                 return -EPROTONOSUPPORT;
434
435         if (!rtnl_trylock())
436                 return restart_syscall();
437
438         proto = htons(val);
439         if (br->vlan_proto == proto)
440                 goto unlock;
441
442         /* Add VLANs for the new proto to the device filter. */
443         list_for_each_entry(p, &br->port_list, list) {
444                 pv = rtnl_dereference(p->vlan_info);
445                 if (!pv)
446                         continue;
447
448                 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID) {
449                         err = vlan_vid_add(p->dev, proto, vid);
450                         if (err)
451                                 goto err_filt;
452                 }
453         }
454
455         oldproto = br->vlan_proto;
456         br->vlan_proto = proto;
457
458         recalculate_group_addr(br);
459         br_recalculate_fwd_mask(br);
460
461         /* Delete VLANs for the old proto from the device filter. */
462         list_for_each_entry(p, &br->port_list, list) {
463                 pv = rtnl_dereference(p->vlan_info);
464                 if (!pv)
465                         continue;
466
467                 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
468                         vlan_vid_del(p->dev, oldproto, vid);
469         }
470
471 unlock:
472         rtnl_unlock();
473         return err;
474
475 err_filt:
476         errvid = vid;
477         for_each_set_bit(vid, pv->vlan_bitmap, errvid)
478                 vlan_vid_del(p->dev, proto, vid);
479
480         list_for_each_entry_continue_reverse(p, &br->port_list, list) {
481                 pv = rtnl_dereference(p->vlan_info);
482                 if (!pv)
483                         continue;
484
485                 for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
486                         vlan_vid_del(p->dev, proto, vid);
487         }
488
489         goto unlock;
490 }
491
492 void br_vlan_init(struct net_bridge *br)
493 {
494         br->vlan_proto = htons(ETH_P_8021Q);
495 }
496
497 /* Must be protected by RTNL.
498  * Must be called with vid in range from 1 to 4094 inclusive.
499  */
500 int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
501 {
502         struct net_port_vlans *pv = NULL;
503         int err;
504
505         ASSERT_RTNL();
506
507         pv = rtnl_dereference(port->vlan_info);
508         if (pv)
509                 return __vlan_add(pv, vid, flags);
510
511         /* Create port vlan infomration
512          */
513         pv = kzalloc(sizeof(*pv), GFP_KERNEL);
514         if (!pv) {
515                 err = -ENOMEM;
516                 goto clean_up;
517         }
518
519         pv->port_idx = port->port_no;
520         pv->parent.port = port;
521         err = __vlan_add(pv, vid, flags);
522         if (err)
523                 goto clean_up;
524
525         rcu_assign_pointer(port->vlan_info, pv);
526         return 0;
527
528 clean_up:
529         kfree(pv);
530         return err;
531 }
532
533 /* Must be protected by RTNL.
534  * Must be called with vid in range from 1 to 4094 inclusive.
535  */
536 int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
537 {
538         struct net_port_vlans *pv;
539
540         ASSERT_RTNL();
541
542         pv = rtnl_dereference(port->vlan_info);
543         if (!pv)
544                 return -EINVAL;
545
546         br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid);
547
548         return __vlan_del(pv, vid);
549 }
550
551 void nbp_vlan_flush(struct net_bridge_port *port)
552 {
553         struct net_port_vlans *pv;
554         u16 vid;
555
556         ASSERT_RTNL();
557
558         pv = rtnl_dereference(port->vlan_info);
559         if (!pv)
560                 return;
561
562         for_each_set_bit(vid, pv->vlan_bitmap, VLAN_N_VID)
563                 vlan_vid_del(port->dev, port->br->vlan_proto, vid);
564
565         __vlan_flush(pv);
566 }
567
568 bool nbp_vlan_find(struct net_bridge_port *port, u16 vid)
569 {
570         struct net_port_vlans *pv;
571         bool found = false;
572
573         rcu_read_lock();
574         pv = rcu_dereference(port->vlan_info);
575
576         if (!pv)
577                 goto out;
578
579         if (test_bit(vid, pv->vlan_bitmap))
580                 found = true;
581
582 out:
583         rcu_read_unlock();
584         return found;
585 }
Unnamed repository; edit this file 'description' to name the repository.