blob: bd58b45f5f901fd4c6a3ad00abe068baeba8d898 [file] [log] [blame]
Vlad Yasevich243a2e62013-02-13 12:00:09 +00001#include <linux/kernel.h>
2#include <linux/netdevice.h>
3#include <linux/rtnetlink.h>
4#include <linux/slab.h>
5
6#include "br_private.h"
7
Vlad Yasevich552406c2013-02-13 12:00:15 +00008static void __vlan_add_pvid(struct net_port_vlans *v, u16 vid)
9{
10 if (v->pvid == vid)
11 return;
12
13 smp_wmb();
14 v->pvid = vid;
15}
16
17static void __vlan_delete_pvid(struct net_port_vlans *v, u16 vid)
18{
19 if (v->pvid != vid)
20 return;
21
22 smp_wmb();
23 v->pvid = 0;
24}
25
Vlad Yasevich35e03f32013-02-13 12:00:20 +000026static void __vlan_add_flags(struct net_port_vlans *v, u16 vid, u16 flags)
27{
28 if (flags & BRIDGE_VLAN_INFO_PVID)
29 __vlan_add_pvid(v, vid);
30
31 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
32 set_bit(vid, v->untagged_bitmap);
33}
34
Vlad Yasevich552406c2013-02-13 12:00:15 +000035static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags)
Vlad Yasevich243a2e62013-02-13 12:00:09 +000036{
Patrick McHardy80d5c362013-04-19 02:04:28 +000037 const struct net_device_ops *ops;
Vlad Yasevichbc9a25d2013-02-13 12:00:19 +000038 struct net_bridge_port *p = NULL;
39 struct net_bridge *br;
40 struct net_device *dev;
Vlad Yasevich243a2e62013-02-13 12:00:09 +000041 int err;
42
Vlad Yasevich552406c2013-02-13 12:00:15 +000043 if (test_bit(vid, v->vlan_bitmap)) {
Vlad Yasevich35e03f32013-02-13 12:00:20 +000044 __vlan_add_flags(v, vid, flags);
Vlad Yasevich552406c2013-02-13 12:00:15 +000045 return 0;
46 }
Vlad Yasevich243a2e62013-02-13 12:00:09 +000047
Vlad Yasevichbc9a25d2013-02-13 12:00:19 +000048 if (vid) {
49 if (v->port_idx) {
50 p = v->parent.port;
51 br = p->br;
52 dev = p->dev;
53 } else {
54 br = v->parent.br;
55 dev = br->dev;
56 }
Patrick McHardy80d5c362013-04-19 02:04:28 +000057 ops = dev->netdev_ops;
Vlad Yasevich243a2e62013-02-13 12:00:09 +000058
Patrick McHardyf6469682013-04-19 02:04:27 +000059 if (p && (dev->features & NETIF_F_HW_VLAN_CTAG_FILTER)) {
Vlad Yasevichbc9a25d2013-02-13 12:00:19 +000060 /* Add VLAN to the device filter if it is supported.
61 * Stricly speaking, this is not necessary now, since
62 * devices are made promiscuous by the bridge, but if
63 * that ever changes this code will allow tagged
64 * traffic to enter the bridge.
65 */
Patrick McHardy80d5c362013-04-19 02:04:28 +000066 err = ops->ndo_vlan_rx_add_vid(dev, htons(ETH_P_8021Q),
67 vid);
Vlad Yasevich243a2e62013-02-13 12:00:09 +000068 if (err)
69 return err;
70 }
Vlad Yasevichbc9a25d2013-02-13 12:00:19 +000071
72 err = br_fdb_insert(br, p, dev->dev_addr, vid);
73 if (err) {
74 br_err(br, "failed insert local address into bridge "
75 "forwarding table\n");
76 goto out_filt;
77 }
78
Vlad Yasevich243a2e62013-02-13 12:00:09 +000079 }
80
81 set_bit(vid, v->vlan_bitmap);
Vlad Yasevich6cbdcee2013-02-13 12:00:13 +000082 v->num_vlans++;
Vlad Yasevich35e03f32013-02-13 12:00:20 +000083 __vlan_add_flags(v, vid, flags);
Vlad Yasevich552406c2013-02-13 12:00:15 +000084
Vlad Yasevich243a2e62013-02-13 12:00:09 +000085 return 0;
Vlad Yasevichbc9a25d2013-02-13 12:00:19 +000086
87out_filt:
Patrick McHardyf6469682013-04-19 02:04:27 +000088 if (p && (dev->features & NETIF_F_HW_VLAN_CTAG_FILTER))
Patrick McHardy80d5c362013-04-19 02:04:28 +000089 ops->ndo_vlan_rx_kill_vid(dev, htons(ETH_P_8021Q), vid);
Vlad Yasevichbc9a25d2013-02-13 12:00:19 +000090 return err;
Vlad Yasevich243a2e62013-02-13 12:00:09 +000091}
92
93static int __vlan_del(struct net_port_vlans *v, u16 vid)
94{
95 if (!test_bit(vid, v->vlan_bitmap))
96 return -EINVAL;
97
Vlad Yasevich552406c2013-02-13 12:00:15 +000098 __vlan_delete_pvid(v, vid);
Vlad Yasevich35e03f32013-02-13 12:00:20 +000099 clear_bit(vid, v->untagged_bitmap);
Vlad Yasevich552406c2013-02-13 12:00:15 +0000100
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000101 if (v->port_idx && vid) {
102 struct net_device *dev = v->parent.port->dev;
Patrick McHardy80d5c362013-04-19 02:04:28 +0000103 const struct net_device_ops *ops = dev->netdev_ops;
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000104
Patrick McHardyf6469682013-04-19 02:04:27 +0000105 if (dev->features & NETIF_F_HW_VLAN_CTAG_FILTER)
Patrick McHardy80d5c362013-04-19 02:04:28 +0000106 ops->ndo_vlan_rx_kill_vid(dev, htons(ETH_P_8021Q), vid);
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000107 }
108
109 clear_bit(vid, v->vlan_bitmap);
Vlad Yasevich6cbdcee2013-02-13 12:00:13 +0000110 v->num_vlans--;
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000111 if (bitmap_empty(v->vlan_bitmap, BR_VLAN_BITMAP_LEN)) {
112 if (v->port_idx)
113 rcu_assign_pointer(v->parent.port->vlan_info, NULL);
114 else
115 rcu_assign_pointer(v->parent.br->vlan_info, NULL);
116 kfree_rcu(v, rcu);
117 }
118 return 0;
119}
120
121static void __vlan_flush(struct net_port_vlans *v)
122{
Vlad Yasevich552406c2013-02-13 12:00:15 +0000123 smp_wmb();
124 v->pvid = 0;
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000125 bitmap_zero(v->vlan_bitmap, BR_VLAN_BITMAP_LEN);
126 if (v->port_idx)
127 rcu_assign_pointer(v->parent.port->vlan_info, NULL);
128 else
129 rcu_assign_pointer(v->parent.br->vlan_info, NULL);
130 kfree_rcu(v, rcu);
131}
132
Vlad Yasevich78851982013-02-13 12:00:14 +0000133/* Strip the tag from the packet. Will return skb with tci set 0. */
134static struct sk_buff *br_vlan_untag(struct sk_buff *skb)
135{
136 if (skb->protocol != htons(ETH_P_8021Q)) {
137 skb->vlan_tci = 0;
138 return skb;
139 }
140
141 skb->vlan_tci = 0;
142 skb = vlan_untag(skb);
143 if (skb)
144 skb->vlan_tci = 0;
145
146 return skb;
147}
148
149struct sk_buff *br_handle_vlan(struct net_bridge *br,
150 const struct net_port_vlans *pv,
151 struct sk_buff *skb)
Vlad Yasevicha37b85c2013-02-13 12:00:10 +0000152{
153 u16 vid;
154
Vlad Yasevich78851982013-02-13 12:00:14 +0000155 if (!br->vlan_enabled)
156 goto out;
157
158 /* At this point, we know that the frame was filtered and contains
Vlad Yasevich35e03f32013-02-13 12:00:20 +0000159 * a valid vlan id. If the vlan id is set in the untagged bitmap,
Vlad Yasevich78851982013-02-13 12:00:14 +0000160 * send untagged; otherwise, send taged.
161 */
162 br_vlan_get_tag(skb, &vid);
Vlad Yasevich35e03f32013-02-13 12:00:20 +0000163 if (test_bit(vid, pv->untagged_bitmap))
Vlad Yasevich78851982013-02-13 12:00:14 +0000164 skb = br_vlan_untag(skb);
165 else {
166 /* Egress policy says "send tagged". If output device
167 * is the bridge, we need to add the VLAN header
168 * ourselves since we'll be going through the RX path.
169 * Sending to ports puts the frame on the TX path and
170 * we let dev_hard_start_xmit() add the header.
171 */
172 if (skb->protocol != htons(ETH_P_8021Q) &&
173 pv->port_idx == 0) {
174 /* vlan_put_tag expects skb->data to point to
175 * mac header.
176 */
177 skb_push(skb, ETH_HLEN);
Patrick McHardy86a9bad2013-04-19 02:04:30 +0000178 skb = __vlan_put_tag(skb, skb->vlan_proto, skb->vlan_tci);
Vlad Yasevich78851982013-02-13 12:00:14 +0000179 if (!skb)
180 goto out;
181 /* put skb->data back to where it was */
182 skb_pull(skb, ETH_HLEN);
183 skb->vlan_tci = 0;
184 }
185 }
186
187out:
188 return skb;
189}
190
191/* Called under RCU */
192bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
193 struct sk_buff *skb, u16 *vid)
194{
Vlad Yasevicha37b85c2013-02-13 12:00:10 +0000195 /* If VLAN filtering is disabled on the bridge, all packets are
196 * permitted.
197 */
198 if (!br->vlan_enabled)
199 return true;
200
201 /* If there are no vlan in the permitted list, all packets are
202 * rejected.
203 */
204 if (!v)
205 return false;
206
Vlad Yasevich78851982013-02-13 12:00:14 +0000207 if (br_vlan_get_tag(skb, vid)) {
208 u16 pvid = br_get_pvid(v);
209
210 /* Frame did not have a tag. See if pvid is set
211 * on this port. That tells us which vlan untagged
212 * traffic belongs to.
213 */
214 if (pvid == VLAN_N_VID)
215 return false;
216
217 /* PVID is set on this port. Any untagged ingress
218 * frame is considered to belong to this vlan.
219 */
Patrick McHardy86a9bad2013-04-19 02:04:30 +0000220 __vlan_hwaccel_put_tag(skb, htons(ETH_P_8021Q), pvid);
Vlad Yasevich78851982013-02-13 12:00:14 +0000221 return true;
222 }
223
224 /* Frame had a valid vlan tag. See if vlan is allowed */
225 if (test_bit(*vid, v->vlan_bitmap))
Vlad Yasevicha37b85c2013-02-13 12:00:10 +0000226 return true;
227
228 return false;
229}
230
Vlad Yasevich85f46c62013-02-13 12:00:11 +0000231/* Called under RCU. */
232bool br_allowed_egress(struct net_bridge *br,
233 const struct net_port_vlans *v,
234 const struct sk_buff *skb)
235{
236 u16 vid;
237
238 if (!br->vlan_enabled)
239 return true;
240
241 if (!v)
242 return false;
243
244 br_vlan_get_tag(skb, &vid);
245 if (test_bit(vid, v->vlan_bitmap))
246 return true;
247
248 return false;
249}
250
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000251/* Must be protected by RTNL */
Vlad Yasevich552406c2013-02-13 12:00:15 +0000252int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000253{
254 struct net_port_vlans *pv = NULL;
255 int err;
256
257 ASSERT_RTNL();
258
259 pv = rtnl_dereference(br->vlan_info);
260 if (pv)
Vlad Yasevich552406c2013-02-13 12:00:15 +0000261 return __vlan_add(pv, vid, flags);
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000262
263 /* Create port vlan infomration
264 */
265 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
266 if (!pv)
267 return -ENOMEM;
268
269 pv->parent.br = br;
Vlad Yasevich552406c2013-02-13 12:00:15 +0000270 err = __vlan_add(pv, vid, flags);
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000271 if (err)
272 goto out;
273
274 rcu_assign_pointer(br->vlan_info, pv);
275 return 0;
276out:
277 kfree(pv);
278 return err;
279}
280
281/* Must be protected by RTNL */
282int br_vlan_delete(struct net_bridge *br, u16 vid)
283{
284 struct net_port_vlans *pv;
285
286 ASSERT_RTNL();
287
288 pv = rtnl_dereference(br->vlan_info);
289 if (!pv)
290 return -EINVAL;
291
Vlad Yasevichbc9a25d2013-02-13 12:00:19 +0000292 if (vid) {
293 /* If the VID !=0 remove fdb for this vid. VID 0 is special
294 * in that it's the default and is always there in the fdb.
295 */
296 spin_lock_bh(&br->hash_lock);
297 fdb_delete_by_addr(br, br->dev->dev_addr, vid);
298 spin_unlock_bh(&br->hash_lock);
299 }
300
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000301 __vlan_del(pv, vid);
302 return 0;
303}
304
305void br_vlan_flush(struct net_bridge *br)
306{
307 struct net_port_vlans *pv;
308
309 ASSERT_RTNL();
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000310 pv = rtnl_dereference(br->vlan_info);
311 if (!pv)
312 return;
313
314 __vlan_flush(pv);
315}
316
317int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
318{
319 if (!rtnl_trylock())
320 return restart_syscall();
321
322 if (br->vlan_enabled == val)
323 goto unlock;
324
325 br->vlan_enabled = val;
326
327unlock:
328 rtnl_unlock();
329 return 0;
330}
331
332/* Must be protected by RTNL */
Vlad Yasevich552406c2013-02-13 12:00:15 +0000333int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000334{
335 struct net_port_vlans *pv = NULL;
336 int err;
337
338 ASSERT_RTNL();
339
340 pv = rtnl_dereference(port->vlan_info);
341 if (pv)
Vlad Yasevich552406c2013-02-13 12:00:15 +0000342 return __vlan_add(pv, vid, flags);
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000343
344 /* Create port vlan infomration
345 */
346 pv = kzalloc(sizeof(*pv), GFP_KERNEL);
347 if (!pv) {
348 err = -ENOMEM;
349 goto clean_up;
350 }
351
352 pv->port_idx = port->port_no;
353 pv->parent.port = port;
Vlad Yasevich552406c2013-02-13 12:00:15 +0000354 err = __vlan_add(pv, vid, flags);
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000355 if (err)
356 goto clean_up;
357
358 rcu_assign_pointer(port->vlan_info, pv);
359 return 0;
360
361clean_up:
362 kfree(pv);
363 return err;
364}
365
366/* Must be protected by RTNL */
367int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
368{
369 struct net_port_vlans *pv;
370
371 ASSERT_RTNL();
372
373 pv = rtnl_dereference(port->vlan_info);
374 if (!pv)
375 return -EINVAL;
376
Vlad Yasevichbc9a25d2013-02-13 12:00:19 +0000377 if (vid) {
378 /* If the VID !=0 remove fdb for this vid. VID 0 is special
379 * in that it's the default and is always there in the fdb.
380 */
381 spin_lock_bh(&port->br->hash_lock);
382 fdb_delete_by_addr(port->br, port->dev->dev_addr, vid);
383 spin_unlock_bh(&port->br->hash_lock);
384 }
385
Vlad Yasevich243a2e62013-02-13 12:00:09 +0000386 return __vlan_del(pv, vid);
387}
388
389void nbp_vlan_flush(struct net_bridge_port *port)
390{
391 struct net_port_vlans *pv;
392
393 ASSERT_RTNL();
394
395 pv = rtnl_dereference(port->vlan_info);
396 if (!pv)
397 return;
398
399 __vlan_flush(pv);
400}
Vlad Yasevichbc9a25d2013-02-13 12:00:19 +0000401
402bool nbp_vlan_find(struct net_bridge_port *port, u16 vid)
403{
404 struct net_port_vlans *pv;
405 bool found = false;
406
407 rcu_read_lock();
408 pv = rcu_dereference(port->vlan_info);
409
410 if (!pv)
411 goto out;
412
413 if (test_bit(vid, pv->vlan_bitmap))
414 found = true;
415
416out:
417 rcu_read_unlock();
418 return found;
419}