br_vlan.c (55612B)
1// SPDX-License-Identifier: GPL-2.0-only 2#include <linux/kernel.h> 3#include <linux/netdevice.h> 4#include <linux/rtnetlink.h> 5#include <linux/slab.h> 6#include <net/switchdev.h> 7 8#include "br_private.h" 9#include "br_private_tunnel.h" 10 11static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid); 12 13static inline int br_vlan_cmp(struct rhashtable_compare_arg *arg, 14 const void *ptr) 15{ 16 const struct net_bridge_vlan *vle = ptr; 17 u16 vid = *(u16 *)arg->key; 18 19 return vle->vid != vid; 20} 21 22static const struct rhashtable_params br_vlan_rht_params = { 23 .head_offset = offsetof(struct net_bridge_vlan, vnode), 24 .key_offset = offsetof(struct net_bridge_vlan, vid), 25 .key_len = sizeof(u16), 26 .nelem_hint = 3, 27 .max_size = VLAN_N_VID, 28 .obj_cmpfn = br_vlan_cmp, 29 .automatic_shrinking = true, 30}; 31 32static struct net_bridge_vlan *br_vlan_lookup(struct rhashtable *tbl, u16 vid) 33{ 34 return rhashtable_lookup_fast(tbl, &vid, br_vlan_rht_params); 35} 36 37static void __vlan_add_pvid(struct net_bridge_vlan_group *vg, 38 const struct net_bridge_vlan *v) 39{ 40 if (vg->pvid == v->vid) 41 return; 42 43 smp_wmb(); 44 br_vlan_set_pvid_state(vg, v->state); 45 vg->pvid = v->vid; 46} 47 48static void __vlan_delete_pvid(struct net_bridge_vlan_group *vg, u16 vid) 49{ 50 if (vg->pvid != vid) 51 return; 52 53 smp_wmb(); 54 vg->pvid = 0; 55} 56 57/* Update the BRIDGE_VLAN_INFO_PVID and BRIDGE_VLAN_INFO_UNTAGGED flags of @v. 58 * If @commit is false, return just whether the BRIDGE_VLAN_INFO_PVID and 59 * BRIDGE_VLAN_INFO_UNTAGGED bits of @flags would produce any change onto @v. 60 */ 61static bool __vlan_flags_update(struct net_bridge_vlan *v, u16 flags, 62 bool commit) 63{ 64 struct net_bridge_vlan_group *vg; 65 bool change; 66 67 if (br_vlan_is_master(v)) 68 vg = br_vlan_group(v->br); 69 else 70 vg = nbp_vlan_group(v->port); 71 72 /* check if anything would be changed on commit */ 73 change = !!(flags & BRIDGE_VLAN_INFO_PVID) == !!(vg->pvid != v->vid) || 74 ((flags ^ v->flags) & BRIDGE_VLAN_INFO_UNTAGGED); 75 76 if (!commit) 77 goto out; 78 79 if (flags & BRIDGE_VLAN_INFO_PVID) 80 __vlan_add_pvid(vg, v); 81 else 82 __vlan_delete_pvid(vg, v->vid); 83 84 if (flags & BRIDGE_VLAN_INFO_UNTAGGED) 85 v->flags |= BRIDGE_VLAN_INFO_UNTAGGED; 86 else 87 v->flags &= ~BRIDGE_VLAN_INFO_UNTAGGED; 88 89out: 90 return change; 91} 92 93static bool __vlan_flags_would_change(struct net_bridge_vlan *v, u16 flags) 94{ 95 return __vlan_flags_update(v, flags, false); 96} 97 98static void __vlan_flags_commit(struct net_bridge_vlan *v, u16 flags) 99{ 100 __vlan_flags_update(v, flags, true); 101} 102 103static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, 104 struct net_bridge_vlan *v, u16 flags, 105 struct netlink_ext_ack *extack) 106{ 107 int err; 108 109 /* Try switchdev op first. In case it is not supported, fallback to 110 * 8021q add. 111 */ 112 err = br_switchdev_port_vlan_add(dev, v->vid, flags, false, extack); 113 if (err == -EOPNOTSUPP) 114 return vlan_vid_add(dev, br->vlan_proto, v->vid); 115 v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV; 116 return err; 117} 118 119static void __vlan_add_list(struct net_bridge_vlan *v) 120{ 121 struct net_bridge_vlan_group *vg; 122 struct list_head *headp, *hpos; 123 struct net_bridge_vlan *vent; 124 125 if (br_vlan_is_master(v)) 126 vg = br_vlan_group(v->br); 127 else 128 vg = nbp_vlan_group(v->port); 129 130 headp = &vg->vlan_list; 131 list_for_each_prev(hpos, headp) { 132 vent = list_entry(hpos, struct net_bridge_vlan, vlist); 133 if (v->vid >= vent->vid) 134 break; 135 } 136 list_add_rcu(&v->vlist, hpos); 137} 138 139static void __vlan_del_list(struct net_bridge_vlan *v) 140{ 141 list_del_rcu(&v->vlist); 142} 143 144static int __vlan_vid_del(struct net_device *dev, struct net_bridge *br, 145 const struct net_bridge_vlan *v) 146{ 147 int err; 148 149 /* Try switchdev op first. In case it is not supported, fallback to 150 * 8021q del. 151 */ 152 err = br_switchdev_port_vlan_del(dev, v->vid); 153 if (!(v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV)) 154 vlan_vid_del(dev, br->vlan_proto, v->vid); 155 return err == -EOPNOTSUPP ? 0 : err; 156} 157 158/* Returns a master vlan, if it didn't exist it gets created. In all cases 159 * a reference is taken to the master vlan before returning. 160 */ 161static struct net_bridge_vlan * 162br_vlan_get_master(struct net_bridge *br, u16 vid, 163 struct netlink_ext_ack *extack) 164{ 165 struct net_bridge_vlan_group *vg; 166 struct net_bridge_vlan *masterv; 167 168 vg = br_vlan_group(br); 169 masterv = br_vlan_find(vg, vid); 170 if (!masterv) { 171 bool changed; 172 173 /* missing global ctx, create it now */ 174 if (br_vlan_add(br, vid, 0, &changed, extack)) 175 return NULL; 176 masterv = br_vlan_find(vg, vid); 177 if (WARN_ON(!masterv)) 178 return NULL; 179 refcount_set(&masterv->refcnt, 1); 180 return masterv; 181 } 182 refcount_inc(&masterv->refcnt); 183 184 return masterv; 185} 186 187static void br_master_vlan_rcu_free(struct rcu_head *rcu) 188{ 189 struct net_bridge_vlan *v; 190 191 v = container_of(rcu, struct net_bridge_vlan, rcu); 192 WARN_ON(!br_vlan_is_master(v)); 193 free_percpu(v->stats); 194 v->stats = NULL; 195 kfree(v); 196} 197 198static void br_vlan_put_master(struct net_bridge_vlan *masterv) 199{ 200 struct net_bridge_vlan_group *vg; 201 202 if (!br_vlan_is_master(masterv)) 203 return; 204 205 vg = br_vlan_group(masterv->br); 206 if (refcount_dec_and_test(&masterv->refcnt)) { 207 rhashtable_remove_fast(&vg->vlan_hash, 208 &masterv->vnode, br_vlan_rht_params); 209 __vlan_del_list(masterv); 210 br_multicast_toggle_one_vlan(masterv, false); 211 br_multicast_ctx_deinit(&masterv->br_mcast_ctx); 212 call_rcu(&masterv->rcu, br_master_vlan_rcu_free); 213 } 214} 215 216static void nbp_vlan_rcu_free(struct rcu_head *rcu) 217{ 218 struct net_bridge_vlan *v; 219 220 v = container_of(rcu, struct net_bridge_vlan, rcu); 221 WARN_ON(br_vlan_is_master(v)); 222 /* if we had per-port stats configured then free them here */ 223 if (v->priv_flags & BR_VLFLAG_PER_PORT_STATS) 224 free_percpu(v->stats); 225 v->stats = NULL; 226 kfree(v); 227} 228 229static void br_vlan_init_state(struct net_bridge_vlan *v) 230{ 231 struct net_bridge *br; 232 233 if (br_vlan_is_master(v)) 234 br = v->br; 235 else 236 br = v->port->br; 237 238 if (br_opt_get(br, BROPT_MST_ENABLED)) { 239 br_mst_vlan_init_state(v); 240 return; 241 } 242 243 v->state = BR_STATE_FORWARDING; 244 v->msti = 0; 245} 246 247/* This is the shared VLAN add function which works for both ports and bridge 248 * devices. There are four possible calls to this function in terms of the 249 * vlan entry type: 250 * 1. vlan is being added on a port (no master flags, global entry exists) 251 * 2. vlan is being added on a bridge (both master and brentry flags) 252 * 3. vlan is being added on a port, but a global entry didn't exist which 253 * is being created right now (master flag set, brentry flag unset), the 254 * global entry is used for global per-vlan features, but not for filtering 255 * 4. same as 3 but with both master and brentry flags set so the entry 256 * will be used for filtering in both the port and the bridge 257 */ 258static int __vlan_add(struct net_bridge_vlan *v, u16 flags, 259 struct netlink_ext_ack *extack) 260{ 261 struct net_bridge_vlan *masterv = NULL; 262 struct net_bridge_port *p = NULL; 263 struct net_bridge_vlan_group *vg; 264 struct net_device *dev; 265 struct net_bridge *br; 266 int err; 267 268 if (br_vlan_is_master(v)) { 269 br = v->br; 270 dev = br->dev; 271 vg = br_vlan_group(br); 272 } else { 273 p = v->port; 274 br = p->br; 275 dev = p->dev; 276 vg = nbp_vlan_group(p); 277 } 278 279 if (p) { 280 /* Add VLAN to the device filter if it is supported. 281 * This ensures tagged traffic enters the bridge when 282 * promiscuous mode is disabled by br_manage_promisc(). 283 */ 284 err = __vlan_vid_add(dev, br, v, flags, extack); 285 if (err) 286 goto out; 287 288 /* need to work on the master vlan too */ 289 if (flags & BRIDGE_VLAN_INFO_MASTER) { 290 bool changed; 291 292 err = br_vlan_add(br, v->vid, 293 flags | BRIDGE_VLAN_INFO_BRENTRY, 294 &changed, extack); 295 if (err) 296 goto out_filt; 297 298 if (changed) 299 br_vlan_notify(br, NULL, v->vid, 0, 300 RTM_NEWVLAN); 301 } 302 303 masterv = br_vlan_get_master(br, v->vid, extack); 304 if (!masterv) { 305 err = -ENOMEM; 306 goto out_filt; 307 } 308 v->brvlan = masterv; 309 if (br_opt_get(br, BROPT_VLAN_STATS_PER_PORT)) { 310 v->stats = 311 netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); 312 if (!v->stats) { 313 err = -ENOMEM; 314 goto out_filt; 315 } 316 v->priv_flags |= BR_VLFLAG_PER_PORT_STATS; 317 } else { 318 v->stats = masterv->stats; 319 } 320 br_multicast_port_ctx_init(p, v, &v->port_mcast_ctx); 321 } else { 322 if (br_vlan_should_use(v)) { 323 err = br_switchdev_port_vlan_add(dev, v->vid, flags, 324 false, extack); 325 if (err && err != -EOPNOTSUPP) 326 goto out; 327 } 328 br_multicast_ctx_init(br, v, &v->br_mcast_ctx); 329 v->priv_flags |= BR_VLFLAG_GLOBAL_MCAST_ENABLED; 330 } 331 332 /* Add the dev mac and count the vlan only if it's usable */ 333 if (br_vlan_should_use(v)) { 334 err = br_fdb_add_local(br, p, dev->dev_addr, v->vid); 335 if (err) { 336 br_err(br, "failed insert local address into bridge forwarding table\n"); 337 goto out_filt; 338 } 339 vg->num_vlans++; 340 } 341 342 /* set the state before publishing */ 343 br_vlan_init_state(v); 344 345 err = rhashtable_lookup_insert_fast(&vg->vlan_hash, &v->vnode, 346 br_vlan_rht_params); 347 if (err) 348 goto out_fdb_insert; 349 350 __vlan_add_list(v); 351 __vlan_flags_commit(v, flags); 352 br_multicast_toggle_one_vlan(v, true); 353 354 if (p) 355 nbp_vlan_set_vlan_dev_state(p, v->vid); 356out: 357 return err; 358 359out_fdb_insert: 360 if (br_vlan_should_use(v)) { 361 br_fdb_find_delete_local(br, p, dev->dev_addr, v->vid); 362 vg->num_vlans--; 363 } 364 365out_filt: 366 if (p) { 367 __vlan_vid_del(dev, br, v); 368 if (masterv) { 369 if (v->stats && masterv->stats != v->stats) 370 free_percpu(v->stats); 371 v->stats = NULL; 372 373 br_vlan_put_master(masterv); 374 v->brvlan = NULL; 375 } 376 } else { 377 br_switchdev_port_vlan_del(dev, v->vid); 378 } 379 380 goto out; 381} 382 383static int __vlan_del(struct net_bridge_vlan *v) 384{ 385 struct net_bridge_vlan *masterv = v; 386 struct net_bridge_vlan_group *vg; 387 struct net_bridge_port *p = NULL; 388 int err = 0; 389 390 if (br_vlan_is_master(v)) { 391 vg = br_vlan_group(v->br); 392 } else { 393 p = v->port; 394 vg = nbp_vlan_group(v->port); 395 masterv = v->brvlan; 396 } 397 398 __vlan_delete_pvid(vg, v->vid); 399 if (p) { 400 err = __vlan_vid_del(p->dev, p->br, v); 401 if (err) 402 goto out; 403 } else { 404 err = br_switchdev_port_vlan_del(v->br->dev, v->vid); 405 if (err && err != -EOPNOTSUPP) 406 goto out; 407 err = 0; 408 } 409 410 if (br_vlan_should_use(v)) { 411 v->flags &= ~BRIDGE_VLAN_INFO_BRENTRY; 412 vg->num_vlans--; 413 } 414 415 if (masterv != v) { 416 vlan_tunnel_info_del(vg, v); 417 rhashtable_remove_fast(&vg->vlan_hash, &v->vnode, 418 br_vlan_rht_params); 419 __vlan_del_list(v); 420 nbp_vlan_set_vlan_dev_state(p, v->vid); 421 br_multicast_toggle_one_vlan(v, false); 422 br_multicast_port_ctx_deinit(&v->port_mcast_ctx); 423 call_rcu(&v->rcu, nbp_vlan_rcu_free); 424 } 425 426 br_vlan_put_master(masterv); 427out: 428 return err; 429} 430 431static void __vlan_group_free(struct net_bridge_vlan_group *vg) 432{ 433 WARN_ON(!list_empty(&vg->vlan_list)); 434 rhashtable_destroy(&vg->vlan_hash); 435 vlan_tunnel_deinit(vg); 436 kfree(vg); 437} 438 439static void __vlan_flush(const struct net_bridge *br, 440 const struct net_bridge_port *p, 441 struct net_bridge_vlan_group *vg) 442{ 443 struct net_bridge_vlan *vlan, *tmp; 444 u16 v_start = 0, v_end = 0; 445 int err; 446 447 __vlan_delete_pvid(vg, vg->pvid); 448 list_for_each_entry_safe(vlan, tmp, &vg->vlan_list, vlist) { 449 /* take care of disjoint ranges */ 450 if (!v_start) { 451 v_start = vlan->vid; 452 } else if (vlan->vid - v_end != 1) { 453 /* found range end, notify and start next one */ 454 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN); 455 v_start = vlan->vid; 456 } 457 v_end = vlan->vid; 458 459 err = __vlan_del(vlan); 460 if (err) { 461 br_err(br, 462 "port %u(%s) failed to delete vlan %d: %pe\n", 463 (unsigned int) p->port_no, p->dev->name, 464 vlan->vid, ERR_PTR(err)); 465 } 466 } 467 468 /* notify about the last/whole vlan range */ 469 if (v_start) 470 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN); 471} 472 473struct sk_buff *br_handle_vlan(struct net_bridge *br, 474 const struct net_bridge_port *p, 475 struct net_bridge_vlan_group *vg, 476 struct sk_buff *skb) 477{ 478 struct pcpu_sw_netstats *stats; 479 struct net_bridge_vlan *v; 480 u16 vid; 481 482 /* If this packet was not filtered at input, let it pass */ 483 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered) 484 goto out; 485 486 /* At this point, we know that the frame was filtered and contains 487 * a valid vlan id. If the vlan id has untagged flag set, 488 * send untagged; otherwise, send tagged. 489 */ 490 br_vlan_get_tag(skb, &vid); 491 v = br_vlan_find(vg, vid); 492 /* Vlan entry must be configured at this point. The 493 * only exception is the bridge is set in promisc mode and the 494 * packet is destined for the bridge device. In this case 495 * pass the packet as is. 496 */ 497 if (!v || !br_vlan_should_use(v)) { 498 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) { 499 goto out; 500 } else { 501 kfree_skb(skb); 502 return NULL; 503 } 504 } 505 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 506 stats = this_cpu_ptr(v->stats); 507 u64_stats_update_begin(&stats->syncp); 508 stats->tx_bytes += skb->len; 509 stats->tx_packets++; 510 u64_stats_update_end(&stats->syncp); 511 } 512 513 /* If the skb will be sent using forwarding offload, the assumption is 514 * that the switchdev will inject the packet into hardware together 515 * with the bridge VLAN, so that it can be forwarded according to that 516 * VLAN. The switchdev should deal with popping the VLAN header in 517 * hardware on each egress port as appropriate. So only strip the VLAN 518 * header if forwarding offload is not being used. 519 */ 520 if (v->flags & BRIDGE_VLAN_INFO_UNTAGGED && 521 !br_switchdev_frame_uses_tx_fwd_offload(skb)) 522 __vlan_hwaccel_clear_tag(skb); 523 524 if (p && (p->flags & BR_VLAN_TUNNEL) && 525 br_handle_egress_vlan_tunnel(skb, v)) { 526 kfree_skb(skb); 527 return NULL; 528 } 529out: 530 return skb; 531} 532 533/* Called under RCU */ 534static bool __allowed_ingress(const struct net_bridge *br, 535 struct net_bridge_vlan_group *vg, 536 struct sk_buff *skb, u16 *vid, 537 u8 *state, 538 struct net_bridge_vlan **vlan) 539{ 540 struct pcpu_sw_netstats *stats; 541 struct net_bridge_vlan *v; 542 bool tagged; 543 544 BR_INPUT_SKB_CB(skb)->vlan_filtered = true; 545 /* If vlan tx offload is disabled on bridge device and frame was 546 * sent from vlan device on the bridge device, it does not have 547 * HW accelerated vlan tag. 548 */ 549 if (unlikely(!skb_vlan_tag_present(skb) && 550 skb->protocol == br->vlan_proto)) { 551 skb = skb_vlan_untag(skb); 552 if (unlikely(!skb)) 553 return false; 554 } 555 556 if (!br_vlan_get_tag(skb, vid)) { 557 /* Tagged frame */ 558 if (skb->vlan_proto != br->vlan_proto) { 559 /* Protocol-mismatch, empty out vlan_tci for new tag */ 560 skb_push(skb, ETH_HLEN); 561 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto, 562 skb_vlan_tag_get(skb)); 563 if (unlikely(!skb)) 564 return false; 565 566 skb_pull(skb, ETH_HLEN); 567 skb_reset_mac_len(skb); 568 *vid = 0; 569 tagged = false; 570 } else { 571 tagged = true; 572 } 573 } else { 574 /* Untagged frame */ 575 tagged = false; 576 } 577 578 if (!*vid) { 579 u16 pvid = br_get_pvid(vg); 580 581 /* Frame had a tag with VID 0 or did not have a tag. 582 * See if pvid is set on this port. That tells us which 583 * vlan untagged or priority-tagged traffic belongs to. 584 */ 585 if (!pvid) 586 goto drop; 587 588 /* PVID is set on this port. Any untagged or priority-tagged 589 * ingress frame is considered to belong to this vlan. 590 */ 591 *vid = pvid; 592 if (likely(!tagged)) 593 /* Untagged Frame. */ 594 __vlan_hwaccel_put_tag(skb, br->vlan_proto, pvid); 595 else 596 /* Priority-tagged Frame. 597 * At this point, we know that skb->vlan_tci VID 598 * field was 0. 599 * We update only VID field and preserve PCP field. 600 */ 601 skb->vlan_tci |= pvid; 602 603 /* if snooping and stats are disabled we can avoid the lookup */ 604 if (!br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED) && 605 !br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 606 if (*state == BR_STATE_FORWARDING) { 607 *state = br_vlan_get_pvid_state(vg); 608 if (!br_vlan_state_allowed(*state, true)) 609 goto drop; 610 } 611 return true; 612 } 613 } 614 v = br_vlan_find(vg, *vid); 615 if (!v || !br_vlan_should_use(v)) 616 goto drop; 617 618 if (*state == BR_STATE_FORWARDING) { 619 *state = br_vlan_get_state(v); 620 if (!br_vlan_state_allowed(*state, true)) 621 goto drop; 622 } 623 624 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 625 stats = this_cpu_ptr(v->stats); 626 u64_stats_update_begin(&stats->syncp); 627 stats->rx_bytes += skb->len; 628 stats->rx_packets++; 629 u64_stats_update_end(&stats->syncp); 630 } 631 632 *vlan = v; 633 634 return true; 635 636drop: 637 kfree_skb(skb); 638 return false; 639} 640 641bool br_allowed_ingress(const struct net_bridge *br, 642 struct net_bridge_vlan_group *vg, struct sk_buff *skb, 643 u16 *vid, u8 *state, 644 struct net_bridge_vlan **vlan) 645{ 646 /* If VLAN filtering is disabled on the bridge, all packets are 647 * permitted. 648 */ 649 *vlan = NULL; 650 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) { 651 BR_INPUT_SKB_CB(skb)->vlan_filtered = false; 652 return true; 653 } 654 655 return __allowed_ingress(br, vg, skb, vid, state, vlan); 656} 657 658/* Called under RCU. */ 659bool br_allowed_egress(struct net_bridge_vlan_group *vg, 660 const struct sk_buff *skb) 661{ 662 const struct net_bridge_vlan *v; 663 u16 vid; 664 665 /* If this packet was not filtered at input, let it pass */ 666 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered) 667 return true; 668 669 br_vlan_get_tag(skb, &vid); 670 v = br_vlan_find(vg, vid); 671 if (v && br_vlan_should_use(v) && 672 br_vlan_state_allowed(br_vlan_get_state(v), false)) 673 return true; 674 675 return false; 676} 677 678/* Called under RCU */ 679bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid) 680{ 681 struct net_bridge_vlan_group *vg; 682 struct net_bridge *br = p->br; 683 struct net_bridge_vlan *v; 684 685 /* If filtering was disabled at input, let it pass. */ 686 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 687 return true; 688 689 vg = nbp_vlan_group_rcu(p); 690 if (!vg || !vg->num_vlans) 691 return false; 692 693 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto) 694 *vid = 0; 695 696 if (!*vid) { 697 *vid = br_get_pvid(vg); 698 if (!*vid || 699 !br_vlan_state_allowed(br_vlan_get_pvid_state(vg), true)) 700 return false; 701 702 return true; 703 } 704 705 v = br_vlan_find(vg, *vid); 706 if (v && br_vlan_state_allowed(br_vlan_get_state(v), true)) 707 return true; 708 709 return false; 710} 711 712static int br_vlan_add_existing(struct net_bridge *br, 713 struct net_bridge_vlan_group *vg, 714 struct net_bridge_vlan *vlan, 715 u16 flags, bool *changed, 716 struct netlink_ext_ack *extack) 717{ 718 bool would_change = __vlan_flags_would_change(vlan, flags); 719 bool becomes_brentry = false; 720 int err; 721 722 if (!br_vlan_is_brentry(vlan)) { 723 /* Trying to change flags of non-existent bridge vlan */ 724 if (!(flags & BRIDGE_VLAN_INFO_BRENTRY)) 725 return -EINVAL; 726 727 becomes_brentry = true; 728 } 729 730 /* Master VLANs that aren't brentries weren't notified before, 731 * time to notify them now. 732 */ 733 if (becomes_brentry || would_change) { 734 err = br_switchdev_port_vlan_add(br->dev, vlan->vid, flags, 735 would_change, extack); 736 if (err && err != -EOPNOTSUPP) 737 return err; 738 } 739 740 if (becomes_brentry) { 741 /* It was only kept for port vlans, now make it real */ 742 err = br_fdb_add_local(br, NULL, br->dev->dev_addr, vlan->vid); 743 if (err) { 744 br_err(br, "failed to insert local address into bridge forwarding table\n"); 745 goto err_fdb_insert; 746 } 747 748 refcount_inc(&vlan->refcnt); 749 vlan->flags |= BRIDGE_VLAN_INFO_BRENTRY; 750 vg->num_vlans++; 751 *changed = true; 752 br_multicast_toggle_one_vlan(vlan, true); 753 } 754 755 __vlan_flags_commit(vlan, flags); 756 if (would_change) 757 *changed = true; 758 759 return 0; 760 761err_fdb_insert: 762 br_switchdev_port_vlan_del(br->dev, vlan->vid); 763 return err; 764} 765 766/* Must be protected by RTNL. 767 * Must be called with vid in range from 1 to 4094 inclusive. 768 * changed must be true only if the vlan was created or updated 769 */ 770int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags, bool *changed, 771 struct netlink_ext_ack *extack) 772{ 773 struct net_bridge_vlan_group *vg; 774 struct net_bridge_vlan *vlan; 775 int ret; 776 777 ASSERT_RTNL(); 778 779 *changed = false; 780 vg = br_vlan_group(br); 781 vlan = br_vlan_find(vg, vid); 782 if (vlan) 783 return br_vlan_add_existing(br, vg, vlan, flags, changed, 784 extack); 785 786 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL); 787 if (!vlan) 788 return -ENOMEM; 789 790 vlan->stats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); 791 if (!vlan->stats) { 792 kfree(vlan); 793 return -ENOMEM; 794 } 795 vlan->vid = vid; 796 vlan->flags = flags | BRIDGE_VLAN_INFO_MASTER; 797 vlan->flags &= ~BRIDGE_VLAN_INFO_PVID; 798 vlan->br = br; 799 if (flags & BRIDGE_VLAN_INFO_BRENTRY) 800 refcount_set(&vlan->refcnt, 1); 801 ret = __vlan_add(vlan, flags, extack); 802 if (ret) { 803 free_percpu(vlan->stats); 804 kfree(vlan); 805 } else { 806 *changed = true; 807 } 808 809 return ret; 810} 811 812/* Must be protected by RTNL. 813 * Must be called with vid in range from 1 to 4094 inclusive. 814 */ 815int br_vlan_delete(struct net_bridge *br, u16 vid) 816{ 817 struct net_bridge_vlan_group *vg; 818 struct net_bridge_vlan *v; 819 820 ASSERT_RTNL(); 821 822 vg = br_vlan_group(br); 823 v = br_vlan_find(vg, vid); 824 if (!v || !br_vlan_is_brentry(v)) 825 return -ENOENT; 826 827 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid); 828 br_fdb_delete_by_port(br, NULL, vid, 0); 829 830 vlan_tunnel_info_del(vg, v); 831 832 return __vlan_del(v); 833} 834 835void br_vlan_flush(struct net_bridge *br) 836{ 837 struct net_bridge_vlan_group *vg; 838 839 ASSERT_RTNL(); 840 841 vg = br_vlan_group(br); 842 __vlan_flush(br, NULL, vg); 843 RCU_INIT_POINTER(br->vlgrp, NULL); 844 synchronize_rcu(); 845 __vlan_group_free(vg); 846} 847 848struct net_bridge_vlan *br_vlan_find(struct net_bridge_vlan_group *vg, u16 vid) 849{ 850 if (!vg) 851 return NULL; 852 853 return br_vlan_lookup(&vg->vlan_hash, vid); 854} 855 856/* Must be protected by RTNL. */ 857static void recalculate_group_addr(struct net_bridge *br) 858{ 859 if (br_opt_get(br, BROPT_GROUP_ADDR_SET)) 860 return; 861 862 spin_lock_bh(&br->lock); 863 if (!br_opt_get(br, BROPT_VLAN_ENABLED) || 864 br->vlan_proto == htons(ETH_P_8021Q)) { 865 /* Bridge Group Address */ 866 br->group_addr[5] = 0x00; 867 } else { /* vlan_enabled && ETH_P_8021AD */ 868 /* Provider Bridge Group Address */ 869 br->group_addr[5] = 0x08; 870 } 871 spin_unlock_bh(&br->lock); 872} 873 874/* Must be protected by RTNL. */ 875void br_recalculate_fwd_mask(struct net_bridge *br) 876{ 877 if (!br_opt_get(br, BROPT_VLAN_ENABLED) || 878 br->vlan_proto == htons(ETH_P_8021Q)) 879 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT; 880 else /* vlan_enabled && ETH_P_8021AD */ 881 br->group_fwd_mask_required = BR_GROUPFWD_8021AD & 882 ~(1u << br->group_addr[5]); 883} 884 885int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val, 886 struct netlink_ext_ack *extack) 887{ 888 struct switchdev_attr attr = { 889 .orig_dev = br->dev, 890 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING, 891 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 892 .u.vlan_filtering = val, 893 }; 894 int err; 895 896 if (br_opt_get(br, BROPT_VLAN_ENABLED) == !!val) 897 return 0; 898 899 br_opt_toggle(br, BROPT_VLAN_ENABLED, !!val); 900 901 err = switchdev_port_attr_set(br->dev, &attr, extack); 902 if (err && err != -EOPNOTSUPP) { 903 br_opt_toggle(br, BROPT_VLAN_ENABLED, !val); 904 return err; 905 } 906 907 br_manage_promisc(br); 908 recalculate_group_addr(br); 909 br_recalculate_fwd_mask(br); 910 if (!val && br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) { 911 br_info(br, "vlan filtering disabled, automatically disabling multicast vlan snooping\n"); 912 br_multicast_toggle_vlan_snooping(br, false, NULL); 913 } 914 915 return 0; 916} 917 918bool br_vlan_enabled(const struct net_device *dev) 919{ 920 struct net_bridge *br = netdev_priv(dev); 921 922 return br_opt_get(br, BROPT_VLAN_ENABLED); 923} 924EXPORT_SYMBOL_GPL(br_vlan_enabled); 925 926int br_vlan_get_proto(const struct net_device *dev, u16 *p_proto) 927{ 928 struct net_bridge *br = netdev_priv(dev); 929 930 *p_proto = ntohs(br->vlan_proto); 931 932 return 0; 933} 934EXPORT_SYMBOL_GPL(br_vlan_get_proto); 935 936int __br_vlan_set_proto(struct net_bridge *br, __be16 proto, 937 struct netlink_ext_ack *extack) 938{ 939 struct switchdev_attr attr = { 940 .orig_dev = br->dev, 941 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_PROTOCOL, 942 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 943 .u.vlan_protocol = ntohs(proto), 944 }; 945 int err = 0; 946 struct net_bridge_port *p; 947 struct net_bridge_vlan *vlan; 948 struct net_bridge_vlan_group *vg; 949 __be16 oldproto = br->vlan_proto; 950 951 if (br->vlan_proto == proto) 952 return 0; 953 954 err = switchdev_port_attr_set(br->dev, &attr, extack); 955 if (err && err != -EOPNOTSUPP) 956 return err; 957 958 /* Add VLANs for the new proto to the device filter. */ 959 list_for_each_entry(p, &br->port_list, list) { 960 vg = nbp_vlan_group(p); 961 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 962 err = vlan_vid_add(p->dev, proto, vlan->vid); 963 if (err) 964 goto err_filt; 965 } 966 } 967 968 br->vlan_proto = proto; 969 970 recalculate_group_addr(br); 971 br_recalculate_fwd_mask(br); 972 973 /* Delete VLANs for the old proto from the device filter. */ 974 list_for_each_entry(p, &br->port_list, list) { 975 vg = nbp_vlan_group(p); 976 list_for_each_entry(vlan, &vg->vlan_list, vlist) 977 vlan_vid_del(p->dev, oldproto, vlan->vid); 978 } 979 980 return 0; 981 982err_filt: 983 attr.u.vlan_protocol = ntohs(oldproto); 984 switchdev_port_attr_set(br->dev, &attr, NULL); 985 986 list_for_each_entry_continue_reverse(vlan, &vg->vlan_list, vlist) 987 vlan_vid_del(p->dev, proto, vlan->vid); 988 989 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 990 vg = nbp_vlan_group(p); 991 list_for_each_entry(vlan, &vg->vlan_list, vlist) 992 vlan_vid_del(p->dev, proto, vlan->vid); 993 } 994 995 return err; 996} 997 998int br_vlan_set_proto(struct net_bridge *br, unsigned long val, 999 struct netlink_ext_ack *extack) 1000{ 1001 if (!eth_type_vlan(htons(val))) 1002 return -EPROTONOSUPPORT; 1003 1004 return __br_vlan_set_proto(br, htons(val), extack); 1005} 1006 1007int br_vlan_set_stats(struct net_bridge *br, unsigned long val) 1008{ 1009 switch (val) { 1010 case 0: 1011 case 1: 1012 br_opt_toggle(br, BROPT_VLAN_STATS_ENABLED, !!val); 1013 break; 1014 default: 1015 return -EINVAL; 1016 } 1017 1018 return 0; 1019} 1020 1021int br_vlan_set_stats_per_port(struct net_bridge *br, unsigned long val) 1022{ 1023 struct net_bridge_port *p; 1024 1025 /* allow to change the option if there are no port vlans configured */ 1026 list_for_each_entry(p, &br->port_list, list) { 1027 struct net_bridge_vlan_group *vg = nbp_vlan_group(p); 1028 1029 if (vg->num_vlans) 1030 return -EBUSY; 1031 } 1032 1033 switch (val) { 1034 case 0: 1035 case 1: 1036 br_opt_toggle(br, BROPT_VLAN_STATS_PER_PORT, !!val); 1037 break; 1038 default: 1039 return -EINVAL; 1040 } 1041 1042 return 0; 1043} 1044 1045static bool vlan_default_pvid(struct net_bridge_vlan_group *vg, u16 vid) 1046{ 1047 struct net_bridge_vlan *v; 1048 1049 if (vid != vg->pvid) 1050 return false; 1051 1052 v = br_vlan_lookup(&vg->vlan_hash, vid); 1053 if (v && br_vlan_should_use(v) && 1054 (v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) 1055 return true; 1056 1057 return false; 1058} 1059 1060static void br_vlan_disable_default_pvid(struct net_bridge *br) 1061{ 1062 struct net_bridge_port *p; 1063 u16 pvid = br->default_pvid; 1064 1065 /* Disable default_pvid on all ports where it is still 1066 * configured. 1067 */ 1068 if (vlan_default_pvid(br_vlan_group(br), pvid)) { 1069 if (!br_vlan_delete(br, pvid)) 1070 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN); 1071 } 1072 1073 list_for_each_entry(p, &br->port_list, list) { 1074 if (vlan_default_pvid(nbp_vlan_group(p), pvid) && 1075 !nbp_vlan_delete(p, pvid)) 1076 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN); 1077 } 1078 1079 br->default_pvid = 0; 1080} 1081 1082int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid, 1083 struct netlink_ext_ack *extack) 1084{ 1085 const struct net_bridge_vlan *pvent; 1086 struct net_bridge_vlan_group *vg; 1087 struct net_bridge_port *p; 1088 unsigned long *changed; 1089 bool vlchange; 1090 u16 old_pvid; 1091 int err = 0; 1092 1093 if (!pvid) { 1094 br_vlan_disable_default_pvid(br); 1095 return 0; 1096 } 1097 1098 changed = bitmap_zalloc(BR_MAX_PORTS, GFP_KERNEL); 1099 if (!changed) 1100 return -ENOMEM; 1101 1102 old_pvid = br->default_pvid; 1103 1104 /* Update default_pvid config only if we do not conflict with 1105 * user configuration. 1106 */ 1107 vg = br_vlan_group(br); 1108 pvent = br_vlan_find(vg, pvid); 1109 if ((!old_pvid || vlan_default_pvid(vg, old_pvid)) && 1110 (!pvent || !br_vlan_should_use(pvent))) { 1111 err = br_vlan_add(br, pvid, 1112 BRIDGE_VLAN_INFO_PVID | 1113 BRIDGE_VLAN_INFO_UNTAGGED | 1114 BRIDGE_VLAN_INFO_BRENTRY, 1115 &vlchange, extack); 1116 if (err) 1117 goto out; 1118 1119 if (br_vlan_delete(br, old_pvid)) 1120 br_vlan_notify(br, NULL, old_pvid, 0, RTM_DELVLAN); 1121 br_vlan_notify(br, NULL, pvid, 0, RTM_NEWVLAN); 1122 __set_bit(0, changed); 1123 } 1124 1125 list_for_each_entry(p, &br->port_list, list) { 1126 /* Update default_pvid config only if we do not conflict with 1127 * user configuration. 1128 */ 1129 vg = nbp_vlan_group(p); 1130 if ((old_pvid && 1131 !vlan_default_pvid(vg, old_pvid)) || 1132 br_vlan_find(vg, pvid)) 1133 continue; 1134 1135 err = nbp_vlan_add(p, pvid, 1136 BRIDGE_VLAN_INFO_PVID | 1137 BRIDGE_VLAN_INFO_UNTAGGED, 1138 &vlchange, extack); 1139 if (err) 1140 goto err_port; 1141 if (nbp_vlan_delete(p, old_pvid)) 1142 br_vlan_notify(br, p, old_pvid, 0, RTM_DELVLAN); 1143 br_vlan_notify(p->br, p, pvid, 0, RTM_NEWVLAN); 1144 __set_bit(p->port_no, changed); 1145 } 1146 1147 br->default_pvid = pvid; 1148 1149out: 1150 bitmap_free(changed); 1151 return err; 1152 1153err_port: 1154 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 1155 if (!test_bit(p->port_no, changed)) 1156 continue; 1157 1158 if (old_pvid) { 1159 nbp_vlan_add(p, old_pvid, 1160 BRIDGE_VLAN_INFO_PVID | 1161 BRIDGE_VLAN_INFO_UNTAGGED, 1162 &vlchange, NULL); 1163 br_vlan_notify(p->br, p, old_pvid, 0, RTM_NEWVLAN); 1164 } 1165 nbp_vlan_delete(p, pvid); 1166 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN); 1167 } 1168 1169 if (test_bit(0, changed)) { 1170 if (old_pvid) { 1171 br_vlan_add(br, old_pvid, 1172 BRIDGE_VLAN_INFO_PVID | 1173 BRIDGE_VLAN_INFO_UNTAGGED | 1174 BRIDGE_VLAN_INFO_BRENTRY, 1175 &vlchange, NULL); 1176 br_vlan_notify(br, NULL, old_pvid, 0, RTM_NEWVLAN); 1177 } 1178 br_vlan_delete(br, pvid); 1179 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN); 1180 } 1181 goto out; 1182} 1183 1184int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val, 1185 struct netlink_ext_ack *extack) 1186{ 1187 u16 pvid = val; 1188 int err = 0; 1189 1190 if (val >= VLAN_VID_MASK) 1191 return -EINVAL; 1192 1193 if (pvid == br->default_pvid) 1194 goto out; 1195 1196 /* Only allow default pvid change when filtering is disabled */ 1197 if (br_opt_get(br, BROPT_VLAN_ENABLED)) { 1198 pr_info_once("Please disable vlan filtering to change default_pvid\n"); 1199 err = -EPERM; 1200 goto out; 1201 } 1202 err = __br_vlan_set_default_pvid(br, pvid, extack); 1203out: 1204 return err; 1205} 1206 1207int br_vlan_init(struct net_bridge *br) 1208{ 1209 struct net_bridge_vlan_group *vg; 1210 int ret = -ENOMEM; 1211 1212 vg = kzalloc(sizeof(*vg), GFP_KERNEL); 1213 if (!vg) 1214 goto out; 1215 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params); 1216 if (ret) 1217 goto err_rhtbl; 1218 ret = vlan_tunnel_init(vg); 1219 if (ret) 1220 goto err_tunnel_init; 1221 INIT_LIST_HEAD(&vg->vlan_list); 1222 br->vlan_proto = htons(ETH_P_8021Q); 1223 br->default_pvid = 1; 1224 rcu_assign_pointer(br->vlgrp, vg); 1225 1226out: 1227 return ret; 1228 1229err_tunnel_init: 1230 rhashtable_destroy(&vg->vlan_hash); 1231err_rhtbl: 1232 kfree(vg); 1233 1234 goto out; 1235} 1236 1237int nbp_vlan_init(struct net_bridge_port *p, struct netlink_ext_ack *extack) 1238{ 1239 struct switchdev_attr attr = { 1240 .orig_dev = p->br->dev, 1241 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING, 1242 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 1243 .u.vlan_filtering = br_opt_get(p->br, BROPT_VLAN_ENABLED), 1244 }; 1245 struct net_bridge_vlan_group *vg; 1246 int ret = -ENOMEM; 1247 1248 vg = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL); 1249 if (!vg) 1250 goto out; 1251 1252 ret = switchdev_port_attr_set(p->dev, &attr, extack); 1253 if (ret && ret != -EOPNOTSUPP) 1254 goto err_vlan_enabled; 1255 1256 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params); 1257 if (ret) 1258 goto err_rhtbl; 1259 ret = vlan_tunnel_init(vg); 1260 if (ret) 1261 goto err_tunnel_init; 1262 INIT_LIST_HEAD(&vg->vlan_list); 1263 rcu_assign_pointer(p->vlgrp, vg); 1264 if (p->br->default_pvid) { 1265 bool changed; 1266 1267 ret = nbp_vlan_add(p, p->br->default_pvid, 1268 BRIDGE_VLAN_INFO_PVID | 1269 BRIDGE_VLAN_INFO_UNTAGGED, 1270 &changed, extack); 1271 if (ret) 1272 goto err_vlan_add; 1273 br_vlan_notify(p->br, p, p->br->default_pvid, 0, RTM_NEWVLAN); 1274 } 1275out: 1276 return ret; 1277 1278err_vlan_add: 1279 RCU_INIT_POINTER(p->vlgrp, NULL); 1280 synchronize_rcu(); 1281 vlan_tunnel_deinit(vg); 1282err_tunnel_init: 1283 rhashtable_destroy(&vg->vlan_hash); 1284err_rhtbl: 1285err_vlan_enabled: 1286 kfree(vg); 1287 1288 goto out; 1289} 1290 1291/* Must be protected by RTNL. 1292 * Must be called with vid in range from 1 to 4094 inclusive. 1293 * changed must be true only if the vlan was created or updated 1294 */ 1295int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags, 1296 bool *changed, struct netlink_ext_ack *extack) 1297{ 1298 struct net_bridge_vlan *vlan; 1299 int ret; 1300 1301 ASSERT_RTNL(); 1302 1303 *changed = false; 1304 vlan = br_vlan_find(nbp_vlan_group(port), vid); 1305 if (vlan) { 1306 bool would_change = __vlan_flags_would_change(vlan, flags); 1307 1308 if (would_change) { 1309 /* Pass the flags to the hardware bridge */ 1310 ret = br_switchdev_port_vlan_add(port->dev, vid, flags, 1311 true, extack); 1312 if (ret && ret != -EOPNOTSUPP) 1313 return ret; 1314 } 1315 1316 __vlan_flags_commit(vlan, flags); 1317 *changed = would_change; 1318 1319 return 0; 1320 } 1321 1322 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL); 1323 if (!vlan) 1324 return -ENOMEM; 1325 1326 vlan->vid = vid; 1327 vlan->port = port; 1328 ret = __vlan_add(vlan, flags, extack); 1329 if (ret) 1330 kfree(vlan); 1331 else 1332 *changed = true; 1333 1334 return ret; 1335} 1336 1337/* Must be protected by RTNL. 1338 * Must be called with vid in range from 1 to 4094 inclusive. 1339 */ 1340int nbp_vlan_delete(struct net_bridge_port *port, u16 vid) 1341{ 1342 struct net_bridge_vlan *v; 1343 1344 ASSERT_RTNL(); 1345 1346 v = br_vlan_find(nbp_vlan_group(port), vid); 1347 if (!v) 1348 return -ENOENT; 1349 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid); 1350 br_fdb_delete_by_port(port->br, port, vid, 0); 1351 1352 return __vlan_del(v); 1353} 1354 1355void nbp_vlan_flush(struct net_bridge_port *port) 1356{ 1357 struct net_bridge_vlan_group *vg; 1358 1359 ASSERT_RTNL(); 1360 1361 vg = nbp_vlan_group(port); 1362 __vlan_flush(port->br, port, vg); 1363 RCU_INIT_POINTER(port->vlgrp, NULL); 1364 synchronize_rcu(); 1365 __vlan_group_free(vg); 1366} 1367 1368void br_vlan_get_stats(const struct net_bridge_vlan *v, 1369 struct pcpu_sw_netstats *stats) 1370{ 1371 int i; 1372 1373 memset(stats, 0, sizeof(*stats)); 1374 for_each_possible_cpu(i) { 1375 u64 rxpackets, rxbytes, txpackets, txbytes; 1376 struct pcpu_sw_netstats *cpu_stats; 1377 unsigned int start; 1378 1379 cpu_stats = per_cpu_ptr(v->stats, i); 1380 do { 1381 start = u64_stats_fetch_begin_irq(&cpu_stats->syncp); 1382 rxpackets = cpu_stats->rx_packets; 1383 rxbytes = cpu_stats->rx_bytes; 1384 txbytes = cpu_stats->tx_bytes; 1385 txpackets = cpu_stats->tx_packets; 1386 } while (u64_stats_fetch_retry_irq(&cpu_stats->syncp, start)); 1387 1388 stats->rx_packets += rxpackets; 1389 stats->rx_bytes += rxbytes; 1390 stats->tx_bytes += txbytes; 1391 stats->tx_packets += txpackets; 1392 } 1393} 1394 1395int br_vlan_get_pvid(const struct net_device *dev, u16 *p_pvid) 1396{ 1397 struct net_bridge_vlan_group *vg; 1398 struct net_bridge_port *p; 1399 1400 ASSERT_RTNL(); 1401 p = br_port_get_check_rtnl(dev); 1402 if (p) 1403 vg = nbp_vlan_group(p); 1404 else if (netif_is_bridge_master(dev)) 1405 vg = br_vlan_group(netdev_priv(dev)); 1406 else 1407 return -EINVAL; 1408 1409 *p_pvid = br_get_pvid(vg); 1410 return 0; 1411} 1412EXPORT_SYMBOL_GPL(br_vlan_get_pvid); 1413 1414int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) 1415{ 1416 struct net_bridge_vlan_group *vg; 1417 struct net_bridge_port *p; 1418 1419 p = br_port_get_check_rcu(dev); 1420 if (p) 1421 vg = nbp_vlan_group_rcu(p); 1422 else if (netif_is_bridge_master(dev)) 1423 vg = br_vlan_group_rcu(netdev_priv(dev)); 1424 else 1425 return -EINVAL; 1426 1427 *p_pvid = br_get_pvid(vg); 1428 return 0; 1429} 1430EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); 1431 1432void br_vlan_fill_forward_path_pvid(struct net_bridge *br, 1433 struct net_device_path_ctx *ctx, 1434 struct net_device_path *path) 1435{ 1436 struct net_bridge_vlan_group *vg; 1437 int idx = ctx->num_vlans - 1; 1438 u16 vid; 1439 1440 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; 1441 1442 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 1443 return; 1444 1445 vg = br_vlan_group(br); 1446 1447 if (idx >= 0 && 1448 ctx->vlan[idx].proto == br->vlan_proto) { 1449 vid = ctx->vlan[idx].id; 1450 } else { 1451 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_TAG; 1452 vid = br_get_pvid(vg); 1453 } 1454 1455 path->bridge.vlan_id = vid; 1456 path->bridge.vlan_proto = br->vlan_proto; 1457} 1458 1459int br_vlan_fill_forward_path_mode(struct net_bridge *br, 1460 struct net_bridge_port *dst, 1461 struct net_device_path *path) 1462{ 1463 struct net_bridge_vlan_group *vg; 1464 struct net_bridge_vlan *v; 1465 1466 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 1467 return 0; 1468 1469 vg = nbp_vlan_group_rcu(dst); 1470 v = br_vlan_find(vg, path->bridge.vlan_id); 1471 if (!v || !br_vlan_should_use(v)) 1472 return -EINVAL; 1473 1474 if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) 1475 return 0; 1476 1477 if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) 1478 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; 1479 else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) 1480 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; 1481 else 1482 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; 1483 1484 return 0; 1485} 1486 1487int br_vlan_get_info(const struct net_device *dev, u16 vid, 1488 struct bridge_vlan_info *p_vinfo) 1489{ 1490 struct net_bridge_vlan_group *vg; 1491 struct net_bridge_vlan *v; 1492 struct net_bridge_port *p; 1493 1494 ASSERT_RTNL(); 1495 p = br_port_get_check_rtnl(dev); 1496 if (p) 1497 vg = nbp_vlan_group(p); 1498 else if (netif_is_bridge_master(dev)) 1499 vg = br_vlan_group(netdev_priv(dev)); 1500 else 1501 return -EINVAL; 1502 1503 v = br_vlan_find(vg, vid); 1504 if (!v) 1505 return -ENOENT; 1506 1507 p_vinfo->vid = vid; 1508 p_vinfo->flags = v->flags; 1509 if (vid == br_get_pvid(vg)) 1510 p_vinfo->flags |= BRIDGE_VLAN_INFO_PVID; 1511 return 0; 1512} 1513EXPORT_SYMBOL_GPL(br_vlan_get_info); 1514 1515int br_vlan_get_info_rcu(const struct net_device *dev, u16 vid, 1516 struct bridge_vlan_info *p_vinfo) 1517{ 1518 struct net_bridge_vlan_group *vg; 1519 struct net_bridge_vlan *v; 1520 struct net_bridge_port *p; 1521 1522 p = br_port_get_check_rcu(dev); 1523 if (p) 1524 vg = nbp_vlan_group_rcu(p); 1525 else if (netif_is_bridge_master(dev)) 1526 vg = br_vlan_group_rcu(netdev_priv(dev)); 1527 else 1528 return -EINVAL; 1529 1530 v = br_vlan_find(vg, vid); 1531 if (!v) 1532 return -ENOENT; 1533 1534 p_vinfo->vid = vid; 1535 p_vinfo->flags = v->flags; 1536 if (vid == br_get_pvid(vg)) 1537 p_vinfo->flags |= BRIDGE_VLAN_INFO_PVID; 1538 return 0; 1539} 1540EXPORT_SYMBOL_GPL(br_vlan_get_info_rcu); 1541 1542static int br_vlan_is_bind_vlan_dev(const struct net_device *dev) 1543{ 1544 return is_vlan_dev(dev) && 1545 !!(vlan_dev_priv(dev)->flags & VLAN_FLAG_BRIDGE_BINDING); 1546} 1547 1548static int br_vlan_is_bind_vlan_dev_fn(struct net_device *dev, 1549 __always_unused struct netdev_nested_priv *priv) 1550{ 1551 return br_vlan_is_bind_vlan_dev(dev); 1552} 1553 1554static bool br_vlan_has_upper_bind_vlan_dev(struct net_device *dev) 1555{ 1556 int found; 1557 1558 rcu_read_lock(); 1559 found = netdev_walk_all_upper_dev_rcu(dev, br_vlan_is_bind_vlan_dev_fn, 1560 NULL); 1561 rcu_read_unlock(); 1562 1563 return !!found; 1564} 1565 1566struct br_vlan_bind_walk_data { 1567 u16 vid; 1568 struct net_device *result; 1569}; 1570 1571static int br_vlan_match_bind_vlan_dev_fn(struct net_device *dev, 1572 struct netdev_nested_priv *priv) 1573{ 1574 struct br_vlan_bind_walk_data *data = priv->data; 1575 int found = 0; 1576 1577 if (br_vlan_is_bind_vlan_dev(dev) && 1578 vlan_dev_priv(dev)->vlan_id == data->vid) { 1579 data->result = dev; 1580 found = 1; 1581 } 1582 1583 return found; 1584} 1585 1586static struct net_device * 1587br_vlan_get_upper_bind_vlan_dev(struct net_device *dev, u16 vid) 1588{ 1589 struct br_vlan_bind_walk_data data = { 1590 .vid = vid, 1591 }; 1592 struct netdev_nested_priv priv = { 1593 .data = (void *)&data, 1594 }; 1595 1596 rcu_read_lock(); 1597 netdev_walk_all_upper_dev_rcu(dev, br_vlan_match_bind_vlan_dev_fn, 1598 &priv); 1599 rcu_read_unlock(); 1600 1601 return data.result; 1602} 1603 1604static bool br_vlan_is_dev_up(const struct net_device *dev) 1605{ 1606 return !!(dev->flags & IFF_UP) && netif_oper_up(dev); 1607} 1608 1609static void br_vlan_set_vlan_dev_state(const struct net_bridge *br, 1610 struct net_device *vlan_dev) 1611{ 1612 u16 vid = vlan_dev_priv(vlan_dev)->vlan_id; 1613 struct net_bridge_vlan_group *vg; 1614 struct net_bridge_port *p; 1615 bool has_carrier = false; 1616 1617 if (!netif_carrier_ok(br->dev)) { 1618 netif_carrier_off(vlan_dev); 1619 return; 1620 } 1621 1622 list_for_each_entry(p, &br->port_list, list) { 1623 vg = nbp_vlan_group(p); 1624 if (br_vlan_find(vg, vid) && br_vlan_is_dev_up(p->dev)) { 1625 has_carrier = true; 1626 break; 1627 } 1628 } 1629 1630 if (has_carrier) 1631 netif_carrier_on(vlan_dev); 1632 else 1633 netif_carrier_off(vlan_dev); 1634} 1635 1636static void br_vlan_set_all_vlan_dev_state(struct net_bridge_port *p) 1637{ 1638 struct net_bridge_vlan_group *vg = nbp_vlan_group(p); 1639 struct net_bridge_vlan *vlan; 1640 struct net_device *vlan_dev; 1641 1642 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 1643 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev, 1644 vlan->vid); 1645 if (vlan_dev) { 1646 if (br_vlan_is_dev_up(p->dev)) { 1647 if (netif_carrier_ok(p->br->dev)) 1648 netif_carrier_on(vlan_dev); 1649 } else { 1650 br_vlan_set_vlan_dev_state(p->br, vlan_dev); 1651 } 1652 } 1653 } 1654} 1655 1656static void br_vlan_upper_change(struct net_device *dev, 1657 struct net_device *upper_dev, 1658 bool linking) 1659{ 1660 struct net_bridge *br = netdev_priv(dev); 1661 1662 if (!br_vlan_is_bind_vlan_dev(upper_dev)) 1663 return; 1664 1665 if (linking) { 1666 br_vlan_set_vlan_dev_state(br, upper_dev); 1667 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING, true); 1668 } else { 1669 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING, 1670 br_vlan_has_upper_bind_vlan_dev(dev)); 1671 } 1672} 1673 1674struct br_vlan_link_state_walk_data { 1675 struct net_bridge *br; 1676}; 1677 1678static int br_vlan_link_state_change_fn(struct net_device *vlan_dev, 1679 struct netdev_nested_priv *priv) 1680{ 1681 struct br_vlan_link_state_walk_data *data = priv->data; 1682 1683 if (br_vlan_is_bind_vlan_dev(vlan_dev)) 1684 br_vlan_set_vlan_dev_state(data->br, vlan_dev); 1685 1686 return 0; 1687} 1688 1689static void br_vlan_link_state_change(struct net_device *dev, 1690 struct net_bridge *br) 1691{ 1692 struct br_vlan_link_state_walk_data data = { 1693 .br = br 1694 }; 1695 struct netdev_nested_priv priv = { 1696 .data = (void *)&data, 1697 }; 1698 1699 rcu_read_lock(); 1700 netdev_walk_all_upper_dev_rcu(dev, br_vlan_link_state_change_fn, 1701 &priv); 1702 rcu_read_unlock(); 1703} 1704 1705/* Must be protected by RTNL. */ 1706static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid) 1707{ 1708 struct net_device *vlan_dev; 1709 1710 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING)) 1711 return; 1712 1713 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev, vid); 1714 if (vlan_dev) 1715 br_vlan_set_vlan_dev_state(p->br, vlan_dev); 1716} 1717 1718/* Must be protected by RTNL. */ 1719int br_vlan_bridge_event(struct net_device *dev, unsigned long event, void *ptr) 1720{ 1721 struct netdev_notifier_changeupper_info *info; 1722 struct net_bridge *br = netdev_priv(dev); 1723 int vlcmd = 0, ret = 0; 1724 bool changed = false; 1725 1726 switch (event) { 1727 case NETDEV_REGISTER: 1728 ret = br_vlan_add(br, br->default_pvid, 1729 BRIDGE_VLAN_INFO_PVID | 1730 BRIDGE_VLAN_INFO_UNTAGGED | 1731 BRIDGE_VLAN_INFO_BRENTRY, &changed, NULL); 1732 vlcmd = RTM_NEWVLAN; 1733 break; 1734 case NETDEV_UNREGISTER: 1735 changed = !br_vlan_delete(br, br->default_pvid); 1736 vlcmd = RTM_DELVLAN; 1737 break; 1738 case NETDEV_CHANGEUPPER: 1739 info = ptr; 1740 br_vlan_upper_change(dev, info->upper_dev, info->linking); 1741 break; 1742 1743 case NETDEV_CHANGE: 1744 case NETDEV_UP: 1745 if (!br_opt_get(br, BROPT_VLAN_BRIDGE_BINDING)) 1746 break; 1747 br_vlan_link_state_change(dev, br); 1748 break; 1749 } 1750 if (changed) 1751 br_vlan_notify(br, NULL, br->default_pvid, 0, vlcmd); 1752 1753 return ret; 1754} 1755 1756/* Must be protected by RTNL. */ 1757void br_vlan_port_event(struct net_bridge_port *p, unsigned long event) 1758{ 1759 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING)) 1760 return; 1761 1762 switch (event) { 1763 case NETDEV_CHANGE: 1764 case NETDEV_DOWN: 1765 case NETDEV_UP: 1766 br_vlan_set_all_vlan_dev_state(p); 1767 break; 1768 } 1769} 1770 1771static bool br_vlan_stats_fill(struct sk_buff *skb, 1772 const struct net_bridge_vlan *v) 1773{ 1774 struct pcpu_sw_netstats stats; 1775 struct nlattr *nest; 1776 1777 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY_STATS); 1778 if (!nest) 1779 return false; 1780 1781 br_vlan_get_stats(v, &stats); 1782 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_BYTES, stats.rx_bytes, 1783 BRIDGE_VLANDB_STATS_PAD) || 1784 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_PACKETS, 1785 stats.rx_packets, BRIDGE_VLANDB_STATS_PAD) || 1786 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_BYTES, stats.tx_bytes, 1787 BRIDGE_VLANDB_STATS_PAD) || 1788 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_PACKETS, 1789 stats.tx_packets, BRIDGE_VLANDB_STATS_PAD)) 1790 goto out_err; 1791 1792 nla_nest_end(skb, nest); 1793 1794 return true; 1795 1796out_err: 1797 nla_nest_cancel(skb, nest); 1798 return false; 1799} 1800 1801/* v_opts is used to dump the options which must be equal in the whole range */ 1802static bool br_vlan_fill_vids(struct sk_buff *skb, u16 vid, u16 vid_range, 1803 const struct net_bridge_vlan *v_opts, 1804 u16 flags, 1805 bool dump_stats) 1806{ 1807 struct bridge_vlan_info info; 1808 struct nlattr *nest; 1809 1810 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY); 1811 if (!nest) 1812 return false; 1813 1814 memset(&info, 0, sizeof(info)); 1815 info.vid = vid; 1816 if (flags & BRIDGE_VLAN_INFO_UNTAGGED) 1817 info.flags |= BRIDGE_VLAN_INFO_UNTAGGED; 1818 if (flags & BRIDGE_VLAN_INFO_PVID) 1819 info.flags |= BRIDGE_VLAN_INFO_PVID; 1820 1821 if (nla_put(skb, BRIDGE_VLANDB_ENTRY_INFO, sizeof(info), &info)) 1822 goto out_err; 1823 1824 if (vid_range && vid < vid_range && 1825 !(flags & BRIDGE_VLAN_INFO_PVID) && 1826 nla_put_u16(skb, BRIDGE_VLANDB_ENTRY_RANGE, vid_range)) 1827 goto out_err; 1828 1829 if (v_opts) { 1830 if (!br_vlan_opts_fill(skb, v_opts)) 1831 goto out_err; 1832 1833 if (dump_stats && !br_vlan_stats_fill(skb, v_opts)) 1834 goto out_err; 1835 } 1836 1837 nla_nest_end(skb, nest); 1838 1839 return true; 1840 1841out_err: 1842 nla_nest_cancel(skb, nest); 1843 return false; 1844} 1845 1846static size_t rtnl_vlan_nlmsg_size(void) 1847{ 1848 return NLMSG_ALIGN(sizeof(struct br_vlan_msg)) 1849 + nla_total_size(0) /* BRIDGE_VLANDB_ENTRY */ 1850 + nla_total_size(sizeof(u16)) /* BRIDGE_VLANDB_ENTRY_RANGE */ 1851 + nla_total_size(sizeof(struct bridge_vlan_info)) /* BRIDGE_VLANDB_ENTRY_INFO */ 1852 + br_vlan_opts_nl_size(); /* bridge vlan options */ 1853} 1854 1855void br_vlan_notify(const struct net_bridge *br, 1856 const struct net_bridge_port *p, 1857 u16 vid, u16 vid_range, 1858 int cmd) 1859{ 1860 struct net_bridge_vlan_group *vg; 1861 struct net_bridge_vlan *v = NULL; 1862 struct br_vlan_msg *bvm; 1863 struct nlmsghdr *nlh; 1864 struct sk_buff *skb; 1865 int err = -ENOBUFS; 1866 struct net *net; 1867 u16 flags = 0; 1868 int ifindex; 1869 1870 /* right now notifications are done only with rtnl held */ 1871 ASSERT_RTNL(); 1872 1873 if (p) { 1874 ifindex = p->dev->ifindex; 1875 vg = nbp_vlan_group(p); 1876 net = dev_net(p->dev); 1877 } else { 1878 ifindex = br->dev->ifindex; 1879 vg = br_vlan_group(br); 1880 net = dev_net(br->dev); 1881 } 1882 1883 skb = nlmsg_new(rtnl_vlan_nlmsg_size(), GFP_KERNEL); 1884 if (!skb) 1885 goto out_err; 1886 1887 err = -EMSGSIZE; 1888 nlh = nlmsg_put(skb, 0, 0, cmd, sizeof(*bvm), 0); 1889 if (!nlh) 1890 goto out_err; 1891 bvm = nlmsg_data(nlh); 1892 memset(bvm, 0, sizeof(*bvm)); 1893 bvm->family = AF_BRIDGE; 1894 bvm->ifindex = ifindex; 1895 1896 switch (cmd) { 1897 case RTM_NEWVLAN: 1898 /* need to find the vlan due to flags/options */ 1899 v = br_vlan_find(vg, vid); 1900 if (!v || !br_vlan_should_use(v)) 1901 goto out_kfree; 1902 1903 flags = v->flags; 1904 if (br_get_pvid(vg) == v->vid) 1905 flags |= BRIDGE_VLAN_INFO_PVID; 1906 break; 1907 case RTM_DELVLAN: 1908 break; 1909 default: 1910 goto out_kfree; 1911 } 1912 1913 if (!br_vlan_fill_vids(skb, vid, vid_range, v, flags, false)) 1914 goto out_err; 1915 1916 nlmsg_end(skb, nlh); 1917 rtnl_notify(skb, net, 0, RTNLGRP_BRVLAN, NULL, GFP_KERNEL); 1918 return; 1919 1920out_err: 1921 rtnl_set_sk_err(net, RTNLGRP_BRVLAN, err); 1922out_kfree: 1923 kfree_skb(skb); 1924} 1925 1926/* check if v_curr can enter a range ending in range_end */ 1927bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, 1928 const struct net_bridge_vlan *range_end) 1929{ 1930 return v_curr->vid - range_end->vid == 1 && 1931 range_end->flags == v_curr->flags && 1932 br_vlan_opts_eq_range(v_curr, range_end); 1933} 1934 1935static int br_vlan_dump_dev(const struct net_device *dev, 1936 struct sk_buff *skb, 1937 struct netlink_callback *cb, 1938 u32 dump_flags) 1939{ 1940 struct net_bridge_vlan *v, *range_start = NULL, *range_end = NULL; 1941 bool dump_global = !!(dump_flags & BRIDGE_VLANDB_DUMPF_GLOBAL); 1942 bool dump_stats = !!(dump_flags & BRIDGE_VLANDB_DUMPF_STATS); 1943 struct net_bridge_vlan_group *vg; 1944 int idx = 0, s_idx = cb->args[1]; 1945 struct nlmsghdr *nlh = NULL; 1946 struct net_bridge_port *p; 1947 struct br_vlan_msg *bvm; 1948 struct net_bridge *br; 1949 int err = 0; 1950 u16 pvid; 1951 1952 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) 1953 return -EINVAL; 1954 1955 if (netif_is_bridge_master(dev)) { 1956 br = netdev_priv(dev); 1957 vg = br_vlan_group_rcu(br); 1958 p = NULL; 1959 } else { 1960 /* global options are dumped only for bridge devices */ 1961 if (dump_global) 1962 return 0; 1963 1964 p = br_port_get_rcu(dev); 1965 if (WARN_ON(!p)) 1966 return -EINVAL; 1967 vg = nbp_vlan_group_rcu(p); 1968 br = p->br; 1969 } 1970 1971 if (!vg) 1972 return 0; 1973 1974 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1975 RTM_NEWVLAN, sizeof(*bvm), NLM_F_MULTI); 1976 if (!nlh) 1977 return -EMSGSIZE; 1978 bvm = nlmsg_data(nlh); 1979 memset(bvm, 0, sizeof(*bvm)); 1980 bvm->family = PF_BRIDGE; 1981 bvm->ifindex = dev->ifindex; 1982 pvid = br_get_pvid(vg); 1983 1984 /* idx must stay at range's beginning until it is filled in */ 1985 list_for_each_entry_rcu(v, &vg->vlan_list, vlist) { 1986 if (!dump_global && !br_vlan_should_use(v)) 1987 continue; 1988 if (idx < s_idx) { 1989 idx++; 1990 continue; 1991 } 1992 1993 if (!range_start) { 1994 range_start = v; 1995 range_end = v; 1996 continue; 1997 } 1998 1999 if (dump_global) { 2000 if (br_vlan_global_opts_can_enter_range(v, range_end)) 2001 goto update_end; 2002 if (!br_vlan_global_opts_fill(skb, range_start->vid, 2003 range_end->vid, 2004 range_start)) { 2005 err = -EMSGSIZE; 2006 break; 2007 } 2008 /* advance number of filled vlans */ 2009 idx += range_end->vid - range_start->vid + 1; 2010 2011 range_start = v; 2012 } else if (dump_stats || v->vid == pvid || 2013 !br_vlan_can_enter_range(v, range_end)) { 2014 u16 vlan_flags = br_vlan_flags(range_start, pvid); 2015 2016 if (!br_vlan_fill_vids(skb, range_start->vid, 2017 range_end->vid, range_start, 2018 vlan_flags, dump_stats)) { 2019 err = -EMSGSIZE; 2020 break; 2021 } 2022 /* advance number of filled vlans */ 2023 idx += range_end->vid - range_start->vid + 1; 2024 2025 range_start = v; 2026 } 2027update_end: 2028 range_end = v; 2029 } 2030 2031 /* err will be 0 and range_start will be set in 3 cases here: 2032 * - first vlan (range_start == range_end) 2033 * - last vlan (range_start == range_end, not in range) 2034 * - last vlan range (range_start != range_end, in range) 2035 */ 2036 if (!err && range_start) { 2037 if (dump_global && 2038 !br_vlan_global_opts_fill(skb, range_start->vid, 2039 range_end->vid, range_start)) 2040 err = -EMSGSIZE; 2041 else if (!dump_global && 2042 !br_vlan_fill_vids(skb, range_start->vid, 2043 range_end->vid, range_start, 2044 br_vlan_flags(range_start, pvid), 2045 dump_stats)) 2046 err = -EMSGSIZE; 2047 } 2048 2049 cb->args[1] = err ? idx : 0; 2050 2051 nlmsg_end(skb, nlh); 2052 2053 return err; 2054} 2055 2056static const struct nla_policy br_vlan_db_dump_pol[BRIDGE_VLANDB_DUMP_MAX + 1] = { 2057 [BRIDGE_VLANDB_DUMP_FLAGS] = { .type = NLA_U32 }, 2058}; 2059 2060static int br_vlan_rtm_dump(struct sk_buff *skb, struct netlink_callback *cb) 2061{ 2062 struct nlattr *dtb[BRIDGE_VLANDB_DUMP_MAX + 1]; 2063 int idx = 0, err = 0, s_idx = cb->args[0]; 2064 struct net *net = sock_net(skb->sk); 2065 struct br_vlan_msg *bvm; 2066 struct net_device *dev; 2067 u32 dump_flags = 0; 2068 2069 err = nlmsg_parse(cb->nlh, sizeof(*bvm), dtb, BRIDGE_VLANDB_DUMP_MAX, 2070 br_vlan_db_dump_pol, cb->extack); 2071 if (err < 0) 2072 return err; 2073 2074 bvm = nlmsg_data(cb->nlh); 2075 if (dtb[BRIDGE_VLANDB_DUMP_FLAGS]) 2076 dump_flags = nla_get_u32(dtb[BRIDGE_VLANDB_DUMP_FLAGS]); 2077 2078 rcu_read_lock(); 2079 if (bvm->ifindex) { 2080 dev = dev_get_by_index_rcu(net, bvm->ifindex); 2081 if (!dev) { 2082 err = -ENODEV; 2083 goto out_err; 2084 } 2085 err = br_vlan_dump_dev(dev, skb, cb, dump_flags); 2086 /* if the dump completed without an error we return 0 here */ 2087 if (err != -EMSGSIZE) 2088 goto out_err; 2089 } else { 2090 for_each_netdev_rcu(net, dev) { 2091 if (idx < s_idx) 2092 goto skip; 2093 2094 err = br_vlan_dump_dev(dev, skb, cb, dump_flags); 2095 if (err == -EMSGSIZE) 2096 break; 2097skip: 2098 idx++; 2099 } 2100 } 2101 cb->args[0] = idx; 2102 rcu_read_unlock(); 2103 2104 return skb->len; 2105 2106out_err: 2107 rcu_read_unlock(); 2108 2109 return err; 2110} 2111 2112static const struct nla_policy br_vlan_db_policy[BRIDGE_VLANDB_ENTRY_MAX + 1] = { 2113 [BRIDGE_VLANDB_ENTRY_INFO] = 2114 NLA_POLICY_EXACT_LEN(sizeof(struct bridge_vlan_info)), 2115 [BRIDGE_VLANDB_ENTRY_RANGE] = { .type = NLA_U16 }, 2116 [BRIDGE_VLANDB_ENTRY_STATE] = { .type = NLA_U8 }, 2117 [BRIDGE_VLANDB_ENTRY_TUNNEL_INFO] = { .type = NLA_NESTED }, 2118 [BRIDGE_VLANDB_ENTRY_MCAST_ROUTER] = { .type = NLA_U8 }, 2119}; 2120 2121static int br_vlan_rtm_process_one(struct net_device *dev, 2122 const struct nlattr *attr, 2123 int cmd, struct netlink_ext_ack *extack) 2124{ 2125 struct bridge_vlan_info *vinfo, vrange_end, *vinfo_last = NULL; 2126 struct nlattr *tb[BRIDGE_VLANDB_ENTRY_MAX + 1]; 2127 bool changed = false, skip_processing = false; 2128 struct net_bridge_vlan_group *vg; 2129 struct net_bridge_port *p = NULL; 2130 int err = 0, cmdmap = 0; 2131 struct net_bridge *br; 2132 2133 if (netif_is_bridge_master(dev)) { 2134 br = netdev_priv(dev); 2135 vg = br_vlan_group(br); 2136 } else { 2137 p = br_port_get_rtnl(dev); 2138 if (WARN_ON(!p)) 2139 return -ENODEV; 2140 br = p->br; 2141 vg = nbp_vlan_group(p); 2142 } 2143 2144 if (WARN_ON(!vg)) 2145 return -ENODEV; 2146 2147 err = nla_parse_nested(tb, BRIDGE_VLANDB_ENTRY_MAX, attr, 2148 br_vlan_db_policy, extack); 2149 if (err) 2150 return err; 2151 2152 if (!tb[BRIDGE_VLANDB_ENTRY_INFO]) { 2153 NL_SET_ERR_MSG_MOD(extack, "Missing vlan entry info"); 2154 return -EINVAL; 2155 } 2156 memset(&vrange_end, 0, sizeof(vrange_end)); 2157 2158 vinfo = nla_data(tb[BRIDGE_VLANDB_ENTRY_INFO]); 2159 if (vinfo->flags & (BRIDGE_VLAN_INFO_RANGE_BEGIN | 2160 BRIDGE_VLAN_INFO_RANGE_END)) { 2161 NL_SET_ERR_MSG_MOD(extack, "Old-style vlan ranges are not allowed when using RTM vlan calls"); 2162 return -EINVAL; 2163 } 2164 if (!br_vlan_valid_id(vinfo->vid, extack)) 2165 return -EINVAL; 2166 2167 if (tb[BRIDGE_VLANDB_ENTRY_RANGE]) { 2168 vrange_end.vid = nla_get_u16(tb[BRIDGE_VLANDB_ENTRY_RANGE]); 2169 /* validate user-provided flags without RANGE_BEGIN */ 2170 vrange_end.flags = BRIDGE_VLAN_INFO_RANGE_END | vinfo->flags; 2171 vinfo->flags |= BRIDGE_VLAN_INFO_RANGE_BEGIN; 2172 2173 /* vinfo_last is the range start, vinfo the range end */ 2174 vinfo_last = vinfo; 2175 vinfo = &vrange_end; 2176 2177 if (!br_vlan_valid_id(vinfo->vid, extack) || 2178 !br_vlan_valid_range(vinfo, vinfo_last, extack)) 2179 return -EINVAL; 2180 } 2181 2182 switch (cmd) { 2183 case RTM_NEWVLAN: 2184 cmdmap = RTM_SETLINK; 2185 skip_processing = !!(vinfo->flags & BRIDGE_VLAN_INFO_ONLY_OPTS); 2186 break; 2187 case RTM_DELVLAN: 2188 cmdmap = RTM_DELLINK; 2189 break; 2190 } 2191 2192 if (!skip_processing) { 2193 struct bridge_vlan_info *tmp_last = vinfo_last; 2194 2195 /* br_process_vlan_info may overwrite vinfo_last */ 2196 err = br_process_vlan_info(br, p, cmdmap, vinfo, &tmp_last, 2197 &changed, extack); 2198 2199 /* notify first if anything changed */ 2200 if (changed) 2201 br_ifinfo_notify(cmdmap, br, p); 2202 2203 if (err) 2204 return err; 2205 } 2206 2207 /* deal with options */ 2208 if (cmd == RTM_NEWVLAN) { 2209 struct net_bridge_vlan *range_start, *range_end; 2210 2211 if (vinfo_last) { 2212 range_start = br_vlan_find(vg, vinfo_last->vid); 2213 range_end = br_vlan_find(vg, vinfo->vid); 2214 } else { 2215 range_start = br_vlan_find(vg, vinfo->vid); 2216 range_end = range_start; 2217 } 2218 2219 err = br_vlan_process_options(br, p, range_start, range_end, 2220 tb, extack); 2221 } 2222 2223 return err; 2224} 2225 2226static int br_vlan_rtm_process(struct sk_buff *skb, struct nlmsghdr *nlh, 2227 struct netlink_ext_ack *extack) 2228{ 2229 struct net *net = sock_net(skb->sk); 2230 struct br_vlan_msg *bvm; 2231 struct net_device *dev; 2232 struct nlattr *attr; 2233 int err, vlans = 0; 2234 int rem; 2235 2236 /* this should validate the header and check for remaining bytes */ 2237 err = nlmsg_parse(nlh, sizeof(*bvm), NULL, BRIDGE_VLANDB_MAX, NULL, 2238 extack); 2239 if (err < 0) 2240 return err; 2241 2242 bvm = nlmsg_data(nlh); 2243 dev = __dev_get_by_index(net, bvm->ifindex); 2244 if (!dev) 2245 return -ENODEV; 2246 2247 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) { 2248 NL_SET_ERR_MSG_MOD(extack, "The device is not a valid bridge or bridge port"); 2249 return -EINVAL; 2250 } 2251 2252 nlmsg_for_each_attr(attr, nlh, sizeof(*bvm), rem) { 2253 switch (nla_type(attr)) { 2254 case BRIDGE_VLANDB_ENTRY: 2255 err = br_vlan_rtm_process_one(dev, attr, 2256 nlh->nlmsg_type, 2257 extack); 2258 break; 2259 case BRIDGE_VLANDB_GLOBAL_OPTIONS: 2260 err = br_vlan_rtm_process_global_options(dev, attr, 2261 nlh->nlmsg_type, 2262 extack); 2263 break; 2264 default: 2265 continue; 2266 } 2267 2268 vlans++; 2269 if (err) 2270 break; 2271 } 2272 if (!vlans) { 2273 NL_SET_ERR_MSG_MOD(extack, "No vlans found to process"); 2274 err = -EINVAL; 2275 } 2276 2277 return err; 2278} 2279 2280void br_vlan_rtnl_init(void) 2281{ 2282 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_GETVLAN, NULL, 2283 br_vlan_rtm_dump, 0); 2284 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_NEWVLAN, 2285 br_vlan_rtm_process, NULL, 0); 2286 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_DELVLAN, 2287 br_vlan_rtm_process, NULL, 0); 2288} 2289 2290void br_vlan_rtnl_uninit(void) 2291{ 2292 rtnl_unregister(PF_BRIDGE, RTM_GETVLAN); 2293 rtnl_unregister(PF_BRIDGE, RTM_NEWVLAN); 2294 rtnl_unregister(PF_BRIDGE, RTM_DELVLAN); 2295}