1 // SPDX-License-Identifier: GPL-2.0-only 2 #include <linux/kernel.h> 3 #include <linux/netdevice.h> 4 #include <linux/rtnetlink.h> 5 #include <linux/slab.h> 6 #include <net/switchdev.h> 7 8 #include "br_private.h" 9 #include "br_private_tunnel.h" 10 11 static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid); 12 13 static inline int br_vlan_cmp(struct rhashtable_compare_arg *arg, 14 const void *ptr) 15 { 16 const struct net_bridge_vlan *vle = ptr; 17 u16 vid = *(u16 *)arg->key; 18 19 return vle->vid != vid; 20 } 21 22 static const struct rhashtable_params br_vlan_rht_params = { 23 .head_offset = offsetof(struct net_bridge_vlan, vnode), 24 .key_offset = offsetof(struct net_bridge_vlan, vid), 25 .key_len = sizeof(u16), 26 .nelem_hint = 3, 27 .max_size = VLAN_N_VID, 28 .obj_cmpfn = br_vlan_cmp, 29 .automatic_shrinking = true, 30 }; 31 32 static struct net_bridge_vlan *br_vlan_lookup(struct rhashtable *tbl, u16 vid) 33 { 34 return rhashtable_lookup_fast(tbl, &vid, br_vlan_rht_params); 35 } 36 37 static void __vlan_add_pvid(struct net_bridge_vlan_group *vg, 38 const struct net_bridge_vlan *v) 39 { 40 if (vg->pvid == v->vid) 41 return; 42 43 smp_wmb(); 44 br_vlan_set_pvid_state(vg, v->state); 45 vg->pvid = v->vid; 46 } 47 48 static void __vlan_delete_pvid(struct net_bridge_vlan_group *vg, u16 vid) 49 { 50 if (vg->pvid != vid) 51 return; 52 53 smp_wmb(); 54 vg->pvid = 0; 55 } 56 57 /* Update the BRIDGE_VLAN_INFO_PVID and BRIDGE_VLAN_INFO_UNTAGGED flags of @v. 58 * If @commit is false, return just whether the BRIDGE_VLAN_INFO_PVID and 59 * BRIDGE_VLAN_INFO_UNTAGGED bits of @flags would produce any change onto @v. 60 */ 61 static bool __vlan_flags_update(struct net_bridge_vlan *v, u16 flags, 62 bool commit) 63 { 64 struct net_bridge_vlan_group *vg; 65 bool change; 66 67 if (br_vlan_is_master(v)) 68 vg = br_vlan_group(v->br); 69 else 70 vg = nbp_vlan_group(v->port); 71 72 /* check if anything would be changed on commit */ 73 change = !!(flags & BRIDGE_VLAN_INFO_PVID) == !!(vg->pvid != v->vid) || 74 ((flags ^ v->flags) & BRIDGE_VLAN_INFO_UNTAGGED); 75 76 if (!commit) 77 goto out; 78 79 if (flags & BRIDGE_VLAN_INFO_PVID) 80 __vlan_add_pvid(vg, v); 81 else 82 __vlan_delete_pvid(vg, v->vid); 83 84 if (flags & BRIDGE_VLAN_INFO_UNTAGGED) 85 v->flags |= BRIDGE_VLAN_INFO_UNTAGGED; 86 else 87 v->flags &= ~BRIDGE_VLAN_INFO_UNTAGGED; 88 89 out: 90 return change; 91 } 92 93 static bool __vlan_flags_would_change(struct net_bridge_vlan *v, u16 flags) 94 { 95 return __vlan_flags_update(v, flags, false); 96 } 97 98 static void __vlan_flags_commit(struct net_bridge_vlan *v, u16 flags) 99 { 100 __vlan_flags_update(v, flags, true); 101 } 102 103 static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, 104 struct net_bridge_vlan *v, u16 flags, 105 struct netlink_ext_ack *extack) 106 { 107 int err; 108 109 /* Try switchdev op first. In case it is not supported, fallback to 110 * 8021q add. 111 */ 112 err = br_switchdev_port_vlan_add(dev, v->vid, flags, false, extack); 113 if (err == -EOPNOTSUPP) 114 return vlan_vid_add(dev, br->vlan_proto, v->vid); 115 v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV; 116 return err; 117 } 118 119 static void __vlan_add_list(struct net_bridge_vlan *v) 120 { 121 struct net_bridge_vlan_group *vg; 122 struct list_head *headp, *hpos; 123 struct net_bridge_vlan *vent; 124 125 if (br_vlan_is_master(v)) 126 vg = br_vlan_group(v->br); 127 else 128 vg = nbp_vlan_group(v->port); 129 130 headp = &vg->vlan_list; 131 list_for_each_prev(hpos, headp) { 132 vent = list_entry(hpos, struct net_bridge_vlan, vlist); 133 if (v->vid >= vent->vid) 134 break; 135 } 136 list_add_rcu(&v->vlist, hpos); 137 } 138 139 static void __vlan_del_list(struct net_bridge_vlan *v) 140 { 141 list_del_rcu(&v->vlist); 142 } 143 144 static int __vlan_vid_del(struct net_device *dev, struct net_bridge *br, 145 const struct net_bridge_vlan *v) 146 { 147 int err; 148 149 /* Try switchdev op first. In case it is not supported, fallback to 150 * 8021q del. 151 */ 152 err = br_switchdev_port_vlan_del(dev, v->vid); 153 if (!(v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV)) 154 vlan_vid_del(dev, br->vlan_proto, v->vid); 155 return err == -EOPNOTSUPP ? 0 : err; 156 } 157 158 /* Returns a master vlan, if it didn't exist it gets created. In all cases 159 * a reference is taken to the master vlan before returning. 160 */ 161 static struct net_bridge_vlan * 162 br_vlan_get_master(struct net_bridge *br, u16 vid, 163 struct netlink_ext_ack *extack) 164 { 165 struct net_bridge_vlan_group *vg; 166 struct net_bridge_vlan *masterv; 167 168 vg = br_vlan_group(br); 169 masterv = br_vlan_find(vg, vid); 170 if (!masterv) { 171 bool changed; 172 173 /* missing global ctx, create it now */ 174 if (br_vlan_add(br, vid, 0, &changed, extack)) 175 return NULL; 176 masterv = br_vlan_find(vg, vid); 177 if (WARN_ON(!masterv)) 178 return NULL; 179 refcount_set(&masterv->refcnt, 1); 180 return masterv; 181 } 182 refcount_inc(&masterv->refcnt); 183 184 return masterv; 185 } 186 187 static void br_master_vlan_rcu_free(struct rcu_head *rcu) 188 { 189 struct net_bridge_vlan *v; 190 191 v = container_of(rcu, struct net_bridge_vlan, rcu); 192 WARN_ON(!br_vlan_is_master(v)); 193 free_percpu(v->stats); 194 v->stats = NULL; 195 kfree(v); 196 } 197 198 static void br_vlan_put_master(struct net_bridge_vlan *masterv) 199 { 200 struct net_bridge_vlan_group *vg; 201 202 if (!br_vlan_is_master(masterv)) 203 return; 204 205 vg = br_vlan_group(masterv->br); 206 if (refcount_dec_and_test(&masterv->refcnt)) { 207 rhashtable_remove_fast(&vg->vlan_hash, 208 &masterv->vnode, br_vlan_rht_params); 209 __vlan_del_list(masterv); 210 br_multicast_toggle_one_vlan(masterv, false); 211 br_multicast_ctx_deinit(&masterv->br_mcast_ctx); 212 call_rcu(&masterv->rcu, br_master_vlan_rcu_free); 213 } 214 } 215 216 static void nbp_vlan_rcu_free(struct rcu_head *rcu) 217 { 218 struct net_bridge_vlan *v; 219 220 v = container_of(rcu, struct net_bridge_vlan, rcu); 221 WARN_ON(br_vlan_is_master(v)); 222 /* if we had per-port stats configured then free them here */ 223 if (v->priv_flags & BR_VLFLAG_PER_PORT_STATS) 224 free_percpu(v->stats); 225 v->stats = NULL; 226 kfree(v); 227 } 228 229 static void br_vlan_init_state(struct net_bridge_vlan *v) 230 { 231 struct net_bridge *br; 232 233 if (br_vlan_is_master(v)) 234 br = v->br; 235 else 236 br = v->port->br; 237 238 if (br_opt_get(br, BROPT_MST_ENABLED)) { 239 br_mst_vlan_init_state(v); 240 return; 241 } 242 243 v->state = BR_STATE_FORWARDING; 244 v->msti = 0; 245 } 246 247 /* This is the shared VLAN add function which works for both ports and bridge 248 * devices. There are four possible calls to this function in terms of the 249 * vlan entry type: 250 * 1. vlan is being added on a port (no master flags, global entry exists) 251 * 2. vlan is being added on a bridge (both master and brentry flags) 252 * 3. vlan is being added on a port, but a global entry didn't exist which 253 * is being created right now (master flag set, brentry flag unset), the 254 * global entry is used for global per-vlan features, but not for filtering 255 * 4. same as 3 but with both master and brentry flags set so the entry 256 * will be used for filtering in both the port and the bridge 257 */ 258 static int __vlan_add(struct net_bridge_vlan *v, u16 flags, 259 struct netlink_ext_ack *extack) 260 { 261 struct net_bridge_vlan *masterv = NULL; 262 struct net_bridge_port *p = NULL; 263 struct net_bridge_vlan_group *vg; 264 struct net_device *dev; 265 struct net_bridge *br; 266 int err; 267 268 if (br_vlan_is_master(v)) { 269 br = v->br; 270 dev = br->dev; 271 vg = br_vlan_group(br); 272 } else { 273 p = v->port; 274 br = p->br; 275 dev = p->dev; 276 vg = nbp_vlan_group(p); 277 } 278 279 if (p) { 280 /* Add VLAN to the device filter if it is supported. 281 * This ensures tagged traffic enters the bridge when 282 * promiscuous mode is disabled by br_manage_promisc(). 283 */ 284 err = __vlan_vid_add(dev, br, v, flags, extack); 285 if (err) 286 goto out; 287 288 /* need to work on the master vlan too */ 289 if (flags & BRIDGE_VLAN_INFO_MASTER) { 290 bool changed; 291 292 err = br_vlan_add(br, v->vid, 293 flags | BRIDGE_VLAN_INFO_BRENTRY, 294 &changed, extack); 295 if (err) 296 goto out_filt; 297 298 if (changed) 299 br_vlan_notify(br, NULL, v->vid, 0, 300 RTM_NEWVLAN); 301 } 302 303 masterv = br_vlan_get_master(br, v->vid, extack); 304 if (!masterv) { 305 err = -ENOMEM; 306 goto out_filt; 307 } 308 v->brvlan = masterv; 309 if (br_opt_get(br, BROPT_VLAN_STATS_PER_PORT)) { 310 v->stats = 311 netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); 312 if (!v->stats) { 313 err = -ENOMEM; 314 goto out_filt; 315 } 316 v->priv_flags |= BR_VLFLAG_PER_PORT_STATS; 317 } else { 318 v->stats = masterv->stats; 319 } 320 br_multicast_port_ctx_init(p, v, &v->port_mcast_ctx); 321 } else { 322 if (br_vlan_should_use(v)) { 323 err = br_switchdev_port_vlan_add(dev, v->vid, flags, 324 false, extack); 325 if (err && err != -EOPNOTSUPP) 326 goto out; 327 } 328 br_multicast_ctx_init(br, v, &v->br_mcast_ctx); 329 v->priv_flags |= BR_VLFLAG_GLOBAL_MCAST_ENABLED; 330 } 331 332 /* Add the dev mac and count the vlan only if it's usable */ 333 if (br_vlan_should_use(v)) { 334 if (!br_opt_get(br, BROPT_FDB_LOCAL_VLAN_0)) { 335 err = br_fdb_add_local(br, p, dev->dev_addr, v->vid); 336 if (err) { 337 br_err(br, "failed insert local address into bridge forwarding table\n"); 338 goto out_filt; 339 } 340 } 341 vg->num_vlans++; 342 } 343 344 /* set the state before publishing */ 345 br_vlan_init_state(v); 346 347 err = rhashtable_lookup_insert_fast(&vg->vlan_hash, &v->vnode, 348 br_vlan_rht_params); 349 if (err) 350 goto out_fdb_insert; 351 352 __vlan_add_list(v); 353 __vlan_flags_commit(v, flags); 354 br_multicast_toggle_one_vlan(v, true); 355 356 if (p) 357 nbp_vlan_set_vlan_dev_state(p, v->vid); 358 out: 359 return err; 360 361 out_fdb_insert: 362 if (br_vlan_should_use(v)) { 363 br_fdb_find_delete_local(br, p, dev->dev_addr, v->vid); 364 vg->num_vlans--; 365 } 366 367 out_filt: 368 if (p) { 369 __vlan_vid_del(dev, br, v); 370 if (masterv) { 371 if (v->stats && masterv->stats != v->stats) 372 free_percpu(v->stats); 373 v->stats = NULL; 374 375 br_vlan_put_master(masterv); 376 v->brvlan = NULL; 377 } 378 } else { 379 br_switchdev_port_vlan_del(dev, v->vid); 380 } 381 382 goto out; 383 } 384 385 static int __vlan_del(struct net_bridge_vlan *v) 386 { 387 struct net_bridge_vlan *masterv = v; 388 struct net_bridge_vlan_group *vg; 389 struct net_bridge_port *p = NULL; 390 int err = 0; 391 392 if (br_vlan_is_master(v)) { 393 vg = br_vlan_group(v->br); 394 } else { 395 p = v->port; 396 vg = nbp_vlan_group(v->port); 397 masterv = v->brvlan; 398 } 399 400 __vlan_delete_pvid(vg, v->vid); 401 if (p) { 402 err = __vlan_vid_del(p->dev, p->br, v); 403 if (err) 404 goto out; 405 } else { 406 err = br_switchdev_port_vlan_del(v->br->dev, v->vid); 407 if (err && err != -EOPNOTSUPP) 408 goto out; 409 err = 0; 410 } 411 412 if (br_vlan_should_use(v)) { 413 v->flags &= ~BRIDGE_VLAN_INFO_BRENTRY; 414 vg->num_vlans--; 415 } 416 417 if (masterv != v) { 418 vlan_tunnel_info_del(vg, v); 419 rhashtable_remove_fast(&vg->vlan_hash, &v->vnode, 420 br_vlan_rht_params); 421 __vlan_del_list(v); 422 nbp_vlan_set_vlan_dev_state(p, v->vid); 423 br_multicast_toggle_one_vlan(v, false); 424 br_multicast_port_ctx_deinit(&v->port_mcast_ctx); 425 call_rcu(&v->rcu, nbp_vlan_rcu_free); 426 } 427 428 br_vlan_put_master(masterv); 429 out: 430 return err; 431 } 432 433 static void __vlan_group_free(struct net_bridge_vlan_group *vg) 434 { 435 WARN_ON(!list_empty(&vg->vlan_list)); 436 rhashtable_destroy(&vg->vlan_hash); 437 vlan_tunnel_deinit(vg); 438 kfree(vg); 439 } 440 441 static void __vlan_flush(const struct net_bridge *br, 442 const struct net_bridge_port *p, 443 struct net_bridge_vlan_group *vg) 444 { 445 struct net_bridge_vlan *vlan, *tmp; 446 u16 v_start = 0, v_end = 0; 447 int err; 448 449 __vlan_delete_pvid(vg, vg->pvid); 450 list_for_each_entry_safe(vlan, tmp, &vg->vlan_list, vlist) { 451 /* take care of disjoint ranges */ 452 if (!v_start) { 453 v_start = vlan->vid; 454 } else if (vlan->vid - v_end != 1) { 455 /* found range end, notify and start next one */ 456 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN); 457 v_start = vlan->vid; 458 } 459 v_end = vlan->vid; 460 461 err = __vlan_del(vlan); 462 if (err) { 463 br_err(br, 464 "port %u(%s) failed to delete vlan %d: %pe\n", 465 (unsigned int) p->port_no, p->dev->name, 466 vlan->vid, ERR_PTR(err)); 467 } 468 } 469 470 /* notify about the last/whole vlan range */ 471 if (v_start) 472 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN); 473 } 474 475 struct sk_buff *br_handle_vlan(struct net_bridge *br, 476 const struct net_bridge_port *p, 477 struct net_bridge_vlan_group *vg, 478 struct sk_buff *skb) 479 { 480 struct pcpu_sw_netstats *stats; 481 struct net_bridge_vlan *v; 482 u16 vid; 483 484 /* If this packet was not filtered at input, let it pass */ 485 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered) 486 goto out; 487 488 /* At this point, we know that the frame was filtered and contains 489 * a valid vlan id. If the vlan id has untagged flag set, 490 * send untagged; otherwise, send tagged. 491 */ 492 br_vlan_get_tag(skb, &vid); 493 v = br_vlan_find(vg, vid); 494 /* Vlan entry must be configured at this point. The 495 * only exception is the bridge is set in promisc mode and the 496 * packet is destined for the bridge device. In this case 497 * pass the packet as is. 498 */ 499 if (!v || !br_vlan_should_use(v)) { 500 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) { 501 goto out; 502 } else { 503 kfree_skb(skb); 504 return NULL; 505 } 506 } 507 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 508 stats = this_cpu_ptr(v->stats); 509 u64_stats_update_begin(&stats->syncp); 510 u64_stats_add(&stats->tx_bytes, skb->len); 511 u64_stats_inc(&stats->tx_packets); 512 u64_stats_update_end(&stats->syncp); 513 } 514 515 /* If the skb will be sent using forwarding offload, the assumption is 516 * that the switchdev will inject the packet into hardware together 517 * with the bridge VLAN, so that it can be forwarded according to that 518 * VLAN. The switchdev should deal with popping the VLAN header in 519 * hardware on each egress port as appropriate. So only strip the VLAN 520 * header if forwarding offload is not being used. 521 */ 522 if (v->flags & BRIDGE_VLAN_INFO_UNTAGGED && 523 !br_switchdev_frame_uses_tx_fwd_offload(skb)) 524 __vlan_hwaccel_clear_tag(skb); 525 526 if (p && (p->flags & BR_VLAN_TUNNEL) && 527 br_handle_egress_vlan_tunnel(skb, v)) { 528 kfree_skb(skb); 529 return NULL; 530 } 531 out: 532 return skb; 533 } 534 535 /* Called under RCU */ 536 static bool __allowed_ingress(const struct net_bridge *br, 537 struct net_bridge_vlan_group *vg, 538 struct sk_buff *skb, u16 *vid, 539 u8 *state, 540 struct net_bridge_vlan **vlan) 541 { 542 struct pcpu_sw_netstats *stats; 543 struct net_bridge_vlan *v; 544 bool tagged; 545 546 BR_INPUT_SKB_CB(skb)->vlan_filtered = true; 547 /* If vlan tx offload is disabled on bridge device and frame was 548 * sent from vlan device on the bridge device, it does not have 549 * HW accelerated vlan tag. 550 */ 551 if (unlikely(!skb_vlan_tag_present(skb) && 552 skb->protocol == br->vlan_proto)) { 553 skb = skb_vlan_untag(skb); 554 if (unlikely(!skb)) 555 return false; 556 } 557 558 if (!br_vlan_get_tag(skb, vid)) { 559 /* Tagged frame */ 560 if (skb->vlan_proto != br->vlan_proto) { 561 /* Protocol-mismatch, empty out vlan_tci for new tag */ 562 skb_push(skb, ETH_HLEN); 563 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto, 564 skb_vlan_tag_get(skb)); 565 if (unlikely(!skb)) 566 return false; 567 568 skb_pull(skb, ETH_HLEN); 569 skb_reset_mac_len(skb); 570 *vid = 0; 571 tagged = false; 572 } else { 573 tagged = true; 574 } 575 } else { 576 /* Untagged frame */ 577 tagged = false; 578 } 579 580 if (!*vid) { 581 u16 pvid = br_get_pvid(vg); 582 583 /* Frame had a tag with VID 0 or did not have a tag. 584 * See if pvid is set on this port. That tells us which 585 * vlan untagged or priority-tagged traffic belongs to. 586 */ 587 if (!pvid) 588 goto drop; 589 590 /* PVID is set on this port. Any untagged or priority-tagged 591 * ingress frame is considered to belong to this vlan. 592 */ 593 *vid = pvid; 594 if (likely(!tagged)) 595 /* Untagged Frame. */ 596 __vlan_hwaccel_put_tag(skb, br->vlan_proto, pvid); 597 else 598 /* Priority-tagged Frame. 599 * At this point, we know that skb->vlan_tci VID 600 * field was 0. 601 * We update only VID field and preserve PCP field. 602 */ 603 skb->vlan_tci |= pvid; 604 605 /* if snooping and stats are disabled we can avoid the lookup */ 606 if (!br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED) && 607 !br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 608 if (*state == BR_STATE_FORWARDING) { 609 *state = br_vlan_get_pvid_state(vg); 610 if (!br_vlan_state_allowed(*state, true)) 611 goto drop; 612 } 613 return true; 614 } 615 } 616 v = br_vlan_find(vg, *vid); 617 if (!v || !br_vlan_should_use(v)) 618 goto drop; 619 620 if (*state == BR_STATE_FORWARDING) { 621 *state = br_vlan_get_state(v); 622 if (!br_vlan_state_allowed(*state, true)) 623 goto drop; 624 } 625 626 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 627 stats = this_cpu_ptr(v->stats); 628 u64_stats_update_begin(&stats->syncp); 629 u64_stats_add(&stats->rx_bytes, skb->len); 630 u64_stats_inc(&stats->rx_packets); 631 u64_stats_update_end(&stats->syncp); 632 } 633 634 *vlan = v; 635 636 return true; 637 638 drop: 639 kfree_skb(skb); 640 return false; 641 } 642 643 bool br_allowed_ingress(const struct net_bridge *br, 644 struct net_bridge_vlan_group *vg, struct sk_buff *skb, 645 u16 *vid, u8 *state, 646 struct net_bridge_vlan **vlan) 647 { 648 /* If VLAN filtering is disabled on the bridge, all packets are 649 * permitted. 650 */ 651 *vlan = NULL; 652 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) { 653 BR_INPUT_SKB_CB(skb)->vlan_filtered = false; 654 return true; 655 } 656 657 return __allowed_ingress(br, vg, skb, vid, state, vlan); 658 } 659 660 /* Called under RCU. */ 661 bool br_allowed_egress(struct net_bridge_vlan_group *vg, 662 const struct sk_buff *skb) 663 { 664 const struct net_bridge_vlan *v; 665 u16 vid; 666 667 /* If this packet was not filtered at input, let it pass */ 668 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered) 669 return true; 670 671 br_vlan_get_tag(skb, &vid); 672 v = br_vlan_find(vg, vid); 673 if (v && br_vlan_should_use(v) && 674 br_vlan_state_allowed(br_vlan_get_state(v), false)) 675 return true; 676 677 return false; 678 } 679 680 /* Called under RCU */ 681 bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid) 682 { 683 struct net_bridge_vlan_group *vg; 684 struct net_bridge *br = p->br; 685 struct net_bridge_vlan *v; 686 687 /* If filtering was disabled at input, let it pass. */ 688 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 689 return true; 690 691 vg = nbp_vlan_group_rcu(p); 692 if (!vg || !vg->num_vlans) 693 return false; 694 695 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto) 696 *vid = 0; 697 698 if (!*vid) { 699 *vid = br_get_pvid(vg); 700 if (!*vid || 701 !br_vlan_state_allowed(br_vlan_get_pvid_state(vg), true)) 702 return false; 703 704 return true; 705 } 706 707 v = br_vlan_find(vg, *vid); 708 if (v && br_vlan_state_allowed(br_vlan_get_state(v), true)) 709 return true; 710 711 return false; 712 } 713 714 static int br_vlan_add_existing(struct net_bridge *br, 715 struct net_bridge_vlan_group *vg, 716 struct net_bridge_vlan *vlan, 717 u16 flags, bool *changed, 718 struct netlink_ext_ack *extack) 719 { 720 bool becomes_brentry = false; 721 bool would_change = false; 722 int err; 723 724 if (!br_vlan_is_brentry(vlan)) { 725 /* Trying to change flags of non-existent bridge vlan */ 726 if (!(flags & BRIDGE_VLAN_INFO_BRENTRY)) 727 return -EINVAL; 728 729 becomes_brentry = true; 730 } else { 731 would_change = __vlan_flags_would_change(vlan, flags); 732 } 733 734 /* Master VLANs that aren't brentries weren't notified before, 735 * time to notify them now. 736 */ 737 if (becomes_brentry || would_change) { 738 err = br_switchdev_port_vlan_add(br->dev, vlan->vid, flags, 739 would_change, extack); 740 if (err && err != -EOPNOTSUPP) 741 return err; 742 } 743 744 if (becomes_brentry) { 745 /* It was only kept for port vlans, now make it real */ 746 err = br_fdb_add_local(br, NULL, br->dev->dev_addr, vlan->vid); 747 if (err) { 748 br_err(br, "failed to insert local address into bridge forwarding table\n"); 749 goto err_fdb_insert; 750 } 751 752 refcount_inc(&vlan->refcnt); 753 vlan->flags |= BRIDGE_VLAN_INFO_BRENTRY; 754 vg->num_vlans++; 755 *changed = true; 756 br_multicast_toggle_one_vlan(vlan, true); 757 } 758 759 __vlan_flags_commit(vlan, flags); 760 if (would_change) 761 *changed = true; 762 763 return 0; 764 765 err_fdb_insert: 766 br_switchdev_port_vlan_del(br->dev, vlan->vid); 767 return err; 768 } 769 770 /* Must be protected by RTNL. 771 * Must be called with vid in range from 1 to 4094 inclusive. 772 * changed must be true only if the vlan was created or updated 773 */ 774 int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags, bool *changed, 775 struct netlink_ext_ack *extack) 776 { 777 struct net_bridge_vlan_group *vg; 778 struct net_bridge_vlan *vlan; 779 int ret; 780 781 ASSERT_RTNL(); 782 783 *changed = false; 784 vg = br_vlan_group(br); 785 vlan = br_vlan_find(vg, vid); 786 if (vlan) 787 return br_vlan_add_existing(br, vg, vlan, flags, changed, 788 extack); 789 790 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL); 791 if (!vlan) 792 return -ENOMEM; 793 794 vlan->stats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); 795 if (!vlan->stats) { 796 kfree(vlan); 797 return -ENOMEM; 798 } 799 vlan->vid = vid; 800 vlan->flags = flags | BRIDGE_VLAN_INFO_MASTER; 801 vlan->flags &= ~BRIDGE_VLAN_INFO_PVID; 802 vlan->br = br; 803 if (flags & BRIDGE_VLAN_INFO_BRENTRY) 804 refcount_set(&vlan->refcnt, 1); 805 ret = __vlan_add(vlan, flags, extack); 806 if (ret) { 807 free_percpu(vlan->stats); 808 kfree(vlan); 809 } else { 810 *changed = true; 811 } 812 813 return ret; 814 } 815 816 /* Must be protected by RTNL. 817 * Must be called with vid in range from 1 to 4094 inclusive. 818 */ 819 int br_vlan_delete(struct net_bridge *br, u16 vid) 820 { 821 struct net_bridge_vlan_group *vg; 822 struct net_bridge_vlan *v; 823 824 ASSERT_RTNL(); 825 826 vg = br_vlan_group(br); 827 v = br_vlan_find(vg, vid); 828 if (!v || !br_vlan_is_brentry(v)) 829 return -ENOENT; 830 831 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid); 832 br_fdb_delete_by_port(br, NULL, vid, 0); 833 834 vlan_tunnel_info_del(vg, v); 835 836 return __vlan_del(v); 837 } 838 839 void br_vlan_flush(struct net_bridge *br) 840 { 841 struct net_bridge_vlan_group *vg; 842 843 ASSERT_RTNL(); 844 845 vg = br_vlan_group(br); 846 __vlan_flush(br, NULL, vg); 847 RCU_INIT_POINTER(br->vlgrp, NULL); 848 synchronize_net(); 849 __vlan_group_free(vg); 850 } 851 852 struct net_bridge_vlan *br_vlan_find(struct net_bridge_vlan_group *vg, u16 vid) 853 { 854 if (!vg) 855 return NULL; 856 857 return br_vlan_lookup(&vg->vlan_hash, vid); 858 } 859 860 /* Must be protected by RTNL. */ 861 static void recalculate_group_addr(struct net_bridge *br) 862 { 863 if (br_opt_get(br, BROPT_GROUP_ADDR_SET)) 864 return; 865 866 spin_lock_bh(&br->lock); 867 if (!br_opt_get(br, BROPT_VLAN_ENABLED) || 868 br->vlan_proto == htons(ETH_P_8021Q)) { 869 /* Bridge Group Address */ 870 br->group_addr[5] = 0x00; 871 } else { /* vlan_enabled && ETH_P_8021AD */ 872 /* Provider Bridge Group Address */ 873 br->group_addr[5] = 0x08; 874 } 875 spin_unlock_bh(&br->lock); 876 } 877 878 /* Must be protected by RTNL. */ 879 void br_recalculate_fwd_mask(struct net_bridge *br) 880 { 881 if (!br_opt_get(br, BROPT_VLAN_ENABLED) || 882 br->vlan_proto == htons(ETH_P_8021Q)) 883 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT; 884 else /* vlan_enabled && ETH_P_8021AD */ 885 br->group_fwd_mask_required = BR_GROUPFWD_8021AD & 886 ~(1u << br->group_addr[5]); 887 } 888 889 int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val, 890 struct netlink_ext_ack *extack) 891 { 892 struct switchdev_attr attr = { 893 .orig_dev = br->dev, 894 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING, 895 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 896 .u.vlan_filtering = val, 897 }; 898 int err; 899 900 if (br_opt_get(br, BROPT_VLAN_ENABLED) == !!val) 901 return 0; 902 903 br_opt_toggle(br, BROPT_VLAN_ENABLED, !!val); 904 905 err = switchdev_port_attr_set(br->dev, &attr, extack); 906 if (err && err != -EOPNOTSUPP) { 907 br_opt_toggle(br, BROPT_VLAN_ENABLED, !val); 908 return err; 909 } 910 911 br_manage_promisc(br); 912 recalculate_group_addr(br); 913 br_recalculate_fwd_mask(br); 914 if (!val && br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) { 915 br_info(br, "vlan filtering disabled, automatically disabling multicast vlan snooping\n"); 916 br_multicast_toggle_vlan_snooping(br, false, NULL); 917 } 918 919 return 0; 920 } 921 922 bool br_vlan_enabled(const struct net_device *dev) 923 { 924 struct net_bridge *br = netdev_priv(dev); 925 926 return br_opt_get(br, BROPT_VLAN_ENABLED); 927 } 928 EXPORT_SYMBOL_GPL(br_vlan_enabled); 929 930 int br_vlan_get_proto(const struct net_device *dev, u16 *p_proto) 931 { 932 struct net_bridge *br = netdev_priv(dev); 933 934 *p_proto = ntohs(br->vlan_proto); 935 936 return 0; 937 } 938 EXPORT_SYMBOL_GPL(br_vlan_get_proto); 939 940 int __br_vlan_set_proto(struct net_bridge *br, __be16 proto, 941 struct netlink_ext_ack *extack) 942 { 943 struct switchdev_attr attr = { 944 .orig_dev = br->dev, 945 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_PROTOCOL, 946 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 947 .u.vlan_protocol = ntohs(proto), 948 }; 949 int err = 0; 950 struct net_bridge_port *p; 951 struct net_bridge_vlan *vlan; 952 struct net_bridge_vlan_group *vg; 953 __be16 oldproto = br->vlan_proto; 954 955 if (br->vlan_proto == proto) 956 return 0; 957 958 err = switchdev_port_attr_set(br->dev, &attr, extack); 959 if (err && err != -EOPNOTSUPP) 960 return err; 961 962 /* Add VLANs for the new proto to the device filter. */ 963 list_for_each_entry(p, &br->port_list, list) { 964 vg = nbp_vlan_group(p); 965 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 966 if (vlan->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) 967 continue; 968 err = vlan_vid_add(p->dev, proto, vlan->vid); 969 if (err) 970 goto err_filt; 971 } 972 } 973 974 br->vlan_proto = proto; 975 976 recalculate_group_addr(br); 977 br_recalculate_fwd_mask(br); 978 979 /* Delete VLANs for the old proto from the device filter. */ 980 list_for_each_entry(p, &br->port_list, list) { 981 vg = nbp_vlan_group(p); 982 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 983 if (vlan->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) 984 continue; 985 vlan_vid_del(p->dev, oldproto, vlan->vid); 986 } 987 } 988 989 return 0; 990 991 err_filt: 992 attr.u.vlan_protocol = ntohs(oldproto); 993 switchdev_port_attr_set(br->dev, &attr, NULL); 994 995 list_for_each_entry_continue_reverse(vlan, &vg->vlan_list, vlist) { 996 if (vlan->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) 997 continue; 998 vlan_vid_del(p->dev, proto, vlan->vid); 999 } 1000 1001 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 1002 vg = nbp_vlan_group(p); 1003 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 1004 if (vlan->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) 1005 continue; 1006 vlan_vid_del(p->dev, proto, vlan->vid); 1007 } 1008 } 1009 1010 return err; 1011 } 1012 1013 int br_vlan_set_proto(struct net_bridge *br, unsigned long val, 1014 struct netlink_ext_ack *extack) 1015 { 1016 if (!eth_type_vlan(htons(val))) 1017 return -EPROTONOSUPPORT; 1018 1019 return __br_vlan_set_proto(br, htons(val), extack); 1020 } 1021 1022 int br_vlan_set_stats(struct net_bridge *br, unsigned long val) 1023 { 1024 switch (val) { 1025 case 0: 1026 case 1: 1027 br_opt_toggle(br, BROPT_VLAN_STATS_ENABLED, !!val); 1028 break; 1029 default: 1030 return -EINVAL; 1031 } 1032 1033 return 0; 1034 } 1035 1036 int br_vlan_set_stats_per_port(struct net_bridge *br, unsigned long val) 1037 { 1038 struct net_bridge_port *p; 1039 1040 /* allow to change the option if there are no port vlans configured */ 1041 list_for_each_entry(p, &br->port_list, list) { 1042 struct net_bridge_vlan_group *vg = nbp_vlan_group(p); 1043 1044 if (vg->num_vlans) 1045 return -EBUSY; 1046 } 1047 1048 switch (val) { 1049 case 0: 1050 case 1: 1051 br_opt_toggle(br, BROPT_VLAN_STATS_PER_PORT, !!val); 1052 break; 1053 default: 1054 return -EINVAL; 1055 } 1056 1057 return 0; 1058 } 1059 1060 static bool vlan_default_pvid(struct net_bridge_vlan_group *vg, u16 vid) 1061 { 1062 struct net_bridge_vlan *v; 1063 1064 if (vid != vg->pvid) 1065 return false; 1066 1067 v = br_vlan_lookup(&vg->vlan_hash, vid); 1068 if (v && br_vlan_should_use(v) && 1069 (v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) 1070 return true; 1071 1072 return false; 1073 } 1074 1075 static void br_vlan_disable_default_pvid(struct net_bridge *br) 1076 { 1077 struct net_bridge_port *p; 1078 u16 pvid = br->default_pvid; 1079 1080 /* Disable default_pvid on all ports where it is still 1081 * configured. 1082 */ 1083 if (vlan_default_pvid(br_vlan_group(br), pvid)) { 1084 if (!br_vlan_delete(br, pvid)) 1085 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN); 1086 } 1087 1088 list_for_each_entry(p, &br->port_list, list) { 1089 if (vlan_default_pvid(nbp_vlan_group(p), pvid) && 1090 !nbp_vlan_delete(p, pvid)) 1091 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN); 1092 } 1093 1094 br->default_pvid = 0; 1095 } 1096 1097 int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid, 1098 struct netlink_ext_ack *extack) 1099 { 1100 const struct net_bridge_vlan *pvent; 1101 struct net_bridge_vlan_group *vg; 1102 struct net_bridge_port *p; 1103 unsigned long *changed; 1104 bool vlchange; 1105 u16 old_pvid; 1106 int err = 0; 1107 1108 if (!pvid) { 1109 br_vlan_disable_default_pvid(br); 1110 return 0; 1111 } 1112 1113 changed = bitmap_zalloc(BR_MAX_PORTS, GFP_KERNEL); 1114 if (!changed) 1115 return -ENOMEM; 1116 1117 old_pvid = br->default_pvid; 1118 1119 /* Update default_pvid config only if we do not conflict with 1120 * user configuration. 1121 */ 1122 vg = br_vlan_group(br); 1123 pvent = br_vlan_find(vg, pvid); 1124 if ((!old_pvid || vlan_default_pvid(vg, old_pvid)) && 1125 (!pvent || !br_vlan_should_use(pvent))) { 1126 err = br_vlan_add(br, pvid, 1127 BRIDGE_VLAN_INFO_PVID | 1128 BRIDGE_VLAN_INFO_UNTAGGED | 1129 BRIDGE_VLAN_INFO_BRENTRY, 1130 &vlchange, extack); 1131 if (err) 1132 goto out; 1133 1134 if (br_vlan_delete(br, old_pvid)) 1135 br_vlan_notify(br, NULL, old_pvid, 0, RTM_DELVLAN); 1136 br_vlan_notify(br, NULL, pvid, 0, RTM_NEWVLAN); 1137 __set_bit(0, changed); 1138 } 1139 1140 list_for_each_entry(p, &br->port_list, list) { 1141 /* Update default_pvid config only if we do not conflict with 1142 * user configuration. 1143 */ 1144 vg = nbp_vlan_group(p); 1145 if ((old_pvid && 1146 !vlan_default_pvid(vg, old_pvid)) || 1147 br_vlan_find(vg, pvid)) 1148 continue; 1149 1150 err = nbp_vlan_add(p, pvid, 1151 BRIDGE_VLAN_INFO_PVID | 1152 BRIDGE_VLAN_INFO_UNTAGGED, 1153 &vlchange, extack); 1154 if (err) 1155 goto err_port; 1156 if (nbp_vlan_delete(p, old_pvid)) 1157 br_vlan_notify(br, p, old_pvid, 0, RTM_DELVLAN); 1158 br_vlan_notify(p->br, p, pvid, 0, RTM_NEWVLAN); 1159 __set_bit(p->port_no, changed); 1160 } 1161 1162 br->default_pvid = pvid; 1163 1164 out: 1165 bitmap_free(changed); 1166 return err; 1167 1168 err_port: 1169 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 1170 if (!test_bit(p->port_no, changed)) 1171 continue; 1172 1173 if (old_pvid) { 1174 nbp_vlan_add(p, old_pvid, 1175 BRIDGE_VLAN_INFO_PVID | 1176 BRIDGE_VLAN_INFO_UNTAGGED, 1177 &vlchange, NULL); 1178 br_vlan_notify(p->br, p, old_pvid, 0, RTM_NEWVLAN); 1179 } 1180 nbp_vlan_delete(p, pvid); 1181 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN); 1182 } 1183 1184 if (test_bit(0, changed)) { 1185 if (old_pvid) { 1186 br_vlan_add(br, old_pvid, 1187 BRIDGE_VLAN_INFO_PVID | 1188 BRIDGE_VLAN_INFO_UNTAGGED | 1189 BRIDGE_VLAN_INFO_BRENTRY, 1190 &vlchange, NULL); 1191 br_vlan_notify(br, NULL, old_pvid, 0, RTM_NEWVLAN); 1192 } 1193 br_vlan_delete(br, pvid); 1194 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN); 1195 } 1196 goto out; 1197 } 1198 1199 int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val, 1200 struct netlink_ext_ack *extack) 1201 { 1202 u16 pvid = val; 1203 int err = 0; 1204 1205 if (val >= VLAN_VID_MASK) 1206 return -EINVAL; 1207 1208 if (pvid == br->default_pvid) 1209 goto out; 1210 1211 /* Only allow default pvid change when filtering is disabled */ 1212 if (br_opt_get(br, BROPT_VLAN_ENABLED)) { 1213 pr_info_once("Please disable vlan filtering to change default_pvid\n"); 1214 err = -EPERM; 1215 goto out; 1216 } 1217 err = __br_vlan_set_default_pvid(br, pvid, extack); 1218 out: 1219 return err; 1220 } 1221 1222 int br_vlan_init(struct net_bridge *br) 1223 { 1224 struct net_bridge_vlan_group *vg; 1225 int ret = -ENOMEM; 1226 1227 vg = kzalloc(sizeof(*vg), GFP_KERNEL); 1228 if (!vg) 1229 goto out; 1230 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params); 1231 if (ret) 1232 goto err_rhtbl; 1233 ret = vlan_tunnel_init(vg); 1234 if (ret) 1235 goto err_tunnel_init; 1236 INIT_LIST_HEAD(&vg->vlan_list); 1237 br->vlan_proto = htons(ETH_P_8021Q); 1238 br->default_pvid = 1; 1239 rcu_assign_pointer(br->vlgrp, vg); 1240 1241 out: 1242 return ret; 1243 1244 err_tunnel_init: 1245 rhashtable_destroy(&vg->vlan_hash); 1246 err_rhtbl: 1247 kfree(vg); 1248 1249 goto out; 1250 } 1251 1252 int nbp_vlan_init(struct net_bridge_port *p, struct netlink_ext_ack *extack) 1253 { 1254 struct switchdev_attr attr = { 1255 .orig_dev = p->br->dev, 1256 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING, 1257 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 1258 .u.vlan_filtering = br_opt_get(p->br, BROPT_VLAN_ENABLED), 1259 }; 1260 struct net_bridge_vlan_group *vg; 1261 int ret = -ENOMEM; 1262 1263 vg = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL); 1264 if (!vg) 1265 goto out; 1266 1267 ret = switchdev_port_attr_set(p->dev, &attr, extack); 1268 if (ret && ret != -EOPNOTSUPP) 1269 goto err_vlan_enabled; 1270 1271 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params); 1272 if (ret) 1273 goto err_rhtbl; 1274 ret = vlan_tunnel_init(vg); 1275 if (ret) 1276 goto err_tunnel_init; 1277 INIT_LIST_HEAD(&vg->vlan_list); 1278 rcu_assign_pointer(p->vlgrp, vg); 1279 if (p->br->default_pvid) { 1280 bool changed; 1281 1282 ret = nbp_vlan_add(p, p->br->default_pvid, 1283 BRIDGE_VLAN_INFO_PVID | 1284 BRIDGE_VLAN_INFO_UNTAGGED, 1285 &changed, extack); 1286 if (ret) 1287 goto err_vlan_add; 1288 br_vlan_notify(p->br, p, p->br->default_pvid, 0, RTM_NEWVLAN); 1289 } 1290 out: 1291 return ret; 1292 1293 err_vlan_add: 1294 RCU_INIT_POINTER(p->vlgrp, NULL); 1295 synchronize_rcu(); 1296 vlan_tunnel_deinit(vg); 1297 err_tunnel_init: 1298 rhashtable_destroy(&vg->vlan_hash); 1299 err_rhtbl: 1300 err_vlan_enabled: 1301 kfree(vg); 1302 1303 goto out; 1304 } 1305 1306 /* Must be protected by RTNL. 1307 * Must be called with vid in range from 1 to 4094 inclusive. 1308 * changed must be true only if the vlan was created or updated 1309 */ 1310 int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags, 1311 bool *changed, struct netlink_ext_ack *extack) 1312 { 1313 struct net_bridge_vlan *vlan; 1314 int ret; 1315 1316 ASSERT_RTNL(); 1317 1318 *changed = false; 1319 vlan = br_vlan_find(nbp_vlan_group(port), vid); 1320 if (vlan) { 1321 bool would_change = __vlan_flags_would_change(vlan, flags); 1322 1323 if (would_change) { 1324 /* Pass the flags to the hardware bridge */ 1325 ret = br_switchdev_port_vlan_add(port->dev, vid, flags, 1326 true, extack); 1327 if (ret && ret != -EOPNOTSUPP) 1328 return ret; 1329 } 1330 1331 __vlan_flags_commit(vlan, flags); 1332 *changed = would_change; 1333 1334 return 0; 1335 } 1336 1337 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL); 1338 if (!vlan) 1339 return -ENOMEM; 1340 1341 vlan->vid = vid; 1342 vlan->port = port; 1343 ret = __vlan_add(vlan, flags, extack); 1344 if (ret) 1345 kfree(vlan); 1346 else 1347 *changed = true; 1348 1349 return ret; 1350 } 1351 1352 /* Must be protected by RTNL. 1353 * Must be called with vid in range from 1 to 4094 inclusive. 1354 */ 1355 int nbp_vlan_delete(struct net_bridge_port *port, u16 vid) 1356 { 1357 struct net_bridge_vlan *v; 1358 1359 ASSERT_RTNL(); 1360 1361 v = br_vlan_find(nbp_vlan_group(port), vid); 1362 if (!v) 1363 return -ENOENT; 1364 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid); 1365 br_fdb_delete_by_port(port->br, port, vid, 0); 1366 1367 return __vlan_del(v); 1368 } 1369 1370 void nbp_vlan_flush(struct net_bridge_port *port) 1371 { 1372 struct net_bridge_vlan_group *vg; 1373 1374 ASSERT_RTNL(); 1375 1376 vg = nbp_vlan_group(port); 1377 __vlan_flush(port->br, port, vg); 1378 RCU_INIT_POINTER(port->vlgrp, NULL); 1379 synchronize_net(); 1380 __vlan_group_free(vg); 1381 } 1382 1383 void br_vlan_get_stats(const struct net_bridge_vlan *v, 1384 struct pcpu_sw_netstats *stats) 1385 { 1386 int i; 1387 1388 memset(stats, 0, sizeof(*stats)); 1389 for_each_possible_cpu(i) { 1390 u64 rxpackets, rxbytes, txpackets, txbytes; 1391 struct pcpu_sw_netstats *cpu_stats; 1392 unsigned int start; 1393 1394 cpu_stats = per_cpu_ptr(v->stats, i); 1395 do { 1396 start = u64_stats_fetch_begin(&cpu_stats->syncp); 1397 rxpackets = u64_stats_read(&cpu_stats->rx_packets); 1398 rxbytes = u64_stats_read(&cpu_stats->rx_bytes); 1399 txbytes = u64_stats_read(&cpu_stats->tx_bytes); 1400 txpackets = u64_stats_read(&cpu_stats->tx_packets); 1401 } while (u64_stats_fetch_retry(&cpu_stats->syncp, start)); 1402 1403 u64_stats_add(&stats->rx_packets, rxpackets); 1404 u64_stats_add(&stats->rx_bytes, rxbytes); 1405 u64_stats_add(&stats->tx_bytes, txbytes); 1406 u64_stats_add(&stats->tx_packets, txpackets); 1407 } 1408 } 1409 1410 int br_vlan_get_pvid(const struct net_device *dev, u16 *p_pvid) 1411 { 1412 struct net_bridge_vlan_group *vg; 1413 struct net_bridge_port *p; 1414 1415 ASSERT_RTNL(); 1416 p = br_port_get_check_rtnl(dev); 1417 if (p) 1418 vg = nbp_vlan_group(p); 1419 else if (netif_is_bridge_master(dev)) 1420 vg = br_vlan_group(netdev_priv(dev)); 1421 else 1422 return -EINVAL; 1423 1424 *p_pvid = br_get_pvid(vg); 1425 return 0; 1426 } 1427 EXPORT_SYMBOL_GPL(br_vlan_get_pvid); 1428 1429 int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) 1430 { 1431 struct net_bridge_vlan_group *vg; 1432 struct net_bridge_port *p; 1433 1434 p = br_port_get_check_rcu(dev); 1435 if (p) 1436 vg = nbp_vlan_group_rcu(p); 1437 else if (netif_is_bridge_master(dev)) 1438 vg = br_vlan_group_rcu(netdev_priv(dev)); 1439 else 1440 return -EINVAL; 1441 1442 *p_pvid = br_get_pvid(vg); 1443 return 0; 1444 } 1445 EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); 1446 1447 void br_vlan_fill_forward_path_pvid(struct net_bridge *br, 1448 struct net_device_path_ctx *ctx, 1449 struct net_device_path *path) 1450 { 1451 struct net_bridge_vlan_group *vg; 1452 int idx = ctx->num_vlans - 1; 1453 u16 vid; 1454 1455 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; 1456 1457 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 1458 return; 1459 1460 vg = br_vlan_group(br); 1461 1462 if (idx >= 0 && 1463 ctx->vlan[idx].proto == br->vlan_proto) { 1464 vid = ctx->vlan[idx].id; 1465 } else { 1466 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_TAG; 1467 vid = br_get_pvid(vg); 1468 } 1469 1470 path->bridge.vlan_id = vid; 1471 path->bridge.vlan_proto = br->vlan_proto; 1472 } 1473 1474 int br_vlan_fill_forward_path_mode(struct net_bridge *br, 1475 struct net_bridge_port *dst, 1476 struct net_device_path *path) 1477 { 1478 struct net_bridge_vlan_group *vg; 1479 struct net_bridge_vlan *v; 1480 1481 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 1482 return 0; 1483 1484 vg = nbp_vlan_group_rcu(dst); 1485 v = br_vlan_find(vg, path->bridge.vlan_id); 1486 if (!v || !br_vlan_should_use(v)) 1487 return -EINVAL; 1488 1489 if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) 1490 return 0; 1491 1492 if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) 1493 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; 1494 else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) 1495 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; 1496 else 1497 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; 1498 1499 return 0; 1500 } 1501 1502 int br_vlan_get_info(const struct net_device *dev, u16 vid, 1503 struct bridge_vlan_info *p_vinfo) 1504 { 1505 struct net_bridge_vlan_group *vg; 1506 struct net_bridge_vlan *v; 1507 struct net_bridge_port *p; 1508 1509 ASSERT_RTNL(); 1510 p = br_port_get_check_rtnl(dev); 1511 if (p) 1512 vg = nbp_vlan_group(p); 1513 else if (netif_is_bridge_master(dev)) 1514 vg = br_vlan_group(netdev_priv(dev)); 1515 else 1516 return -EINVAL; 1517 1518 v = br_vlan_find(vg, vid); 1519 if (!v) 1520 return -ENOENT; 1521 1522 p_vinfo->vid = vid; 1523 p_vinfo->flags = v->flags; 1524 if (vid == br_get_pvid(vg)) 1525 p_vinfo->flags |= BRIDGE_VLAN_INFO_PVID; 1526 return 0; 1527 } 1528 EXPORT_SYMBOL_GPL(br_vlan_get_info); 1529 1530 int br_vlan_get_info_rcu(const struct net_device *dev, u16 vid, 1531 struct bridge_vlan_info *p_vinfo) 1532 { 1533 struct net_bridge_vlan_group *vg; 1534 struct net_bridge_vlan *v; 1535 struct net_bridge_port *p; 1536 1537 p = br_port_get_check_rcu(dev); 1538 if (p) 1539 vg = nbp_vlan_group_rcu(p); 1540 else if (netif_is_bridge_master(dev)) 1541 vg = br_vlan_group_rcu(netdev_priv(dev)); 1542 else 1543 return -EINVAL; 1544 1545 v = br_vlan_find(vg, vid); 1546 if (!v) 1547 return -ENOENT; 1548 1549 p_vinfo->vid = vid; 1550 p_vinfo->flags = v->flags; 1551 if (vid == br_get_pvid(vg)) 1552 p_vinfo->flags |= BRIDGE_VLAN_INFO_PVID; 1553 return 0; 1554 } 1555 EXPORT_SYMBOL_GPL(br_vlan_get_info_rcu); 1556 1557 static int br_vlan_is_bind_vlan_dev(const struct net_device *dev) 1558 { 1559 return is_vlan_dev(dev) && 1560 !!(vlan_dev_priv(dev)->flags & VLAN_FLAG_BRIDGE_BINDING); 1561 } 1562 1563 static int br_vlan_is_bind_vlan_dev_fn(struct net_device *dev, 1564 __always_unused struct netdev_nested_priv *priv) 1565 { 1566 return br_vlan_is_bind_vlan_dev(dev); 1567 } 1568 1569 static bool br_vlan_has_upper_bind_vlan_dev(struct net_device *dev) 1570 { 1571 int found; 1572 1573 rcu_read_lock(); 1574 found = netdev_walk_all_upper_dev_rcu(dev, br_vlan_is_bind_vlan_dev_fn, 1575 NULL); 1576 rcu_read_unlock(); 1577 1578 return !!found; 1579 } 1580 1581 struct br_vlan_bind_walk_data { 1582 u16 vid; 1583 struct net_device *result; 1584 }; 1585 1586 static int br_vlan_match_bind_vlan_dev_fn(struct net_device *dev, 1587 struct netdev_nested_priv *priv) 1588 { 1589 struct br_vlan_bind_walk_data *data = priv->data; 1590 int found = 0; 1591 1592 if (br_vlan_is_bind_vlan_dev(dev) && 1593 vlan_dev_priv(dev)->vlan_id == data->vid) { 1594 data->result = dev; 1595 found = 1; 1596 } 1597 1598 return found; 1599 } 1600 1601 static struct net_device * 1602 br_vlan_get_upper_bind_vlan_dev(struct net_device *dev, u16 vid) 1603 { 1604 struct br_vlan_bind_walk_data data = { 1605 .vid = vid, 1606 }; 1607 struct netdev_nested_priv priv = { 1608 .data = (void *)&data, 1609 }; 1610 1611 rcu_read_lock(); 1612 netdev_walk_all_upper_dev_rcu(dev, br_vlan_match_bind_vlan_dev_fn, 1613 &priv); 1614 rcu_read_unlock(); 1615 1616 return data.result; 1617 } 1618 1619 static bool br_vlan_is_dev_up(const struct net_device *dev) 1620 { 1621 return !!(dev->flags & IFF_UP) && netif_oper_up(dev); 1622 } 1623 1624 static void br_vlan_set_vlan_dev_state(const struct net_bridge *br, 1625 struct net_device *vlan_dev) 1626 { 1627 u16 vid = vlan_dev_priv(vlan_dev)->vlan_id; 1628 struct net_bridge_vlan_group *vg; 1629 struct net_bridge_port *p; 1630 bool has_carrier = false; 1631 1632 if (!netif_carrier_ok(br->dev)) { 1633 netif_carrier_off(vlan_dev); 1634 return; 1635 } 1636 1637 list_for_each_entry(p, &br->port_list, list) { 1638 vg = nbp_vlan_group(p); 1639 if (br_vlan_find(vg, vid) && br_vlan_is_dev_up(p->dev)) { 1640 has_carrier = true; 1641 break; 1642 } 1643 } 1644 1645 if (has_carrier) 1646 netif_carrier_on(vlan_dev); 1647 else 1648 netif_carrier_off(vlan_dev); 1649 } 1650 1651 static void br_vlan_set_all_vlan_dev_state(struct net_bridge_port *p) 1652 { 1653 struct net_bridge_vlan_group *vg = nbp_vlan_group(p); 1654 struct net_bridge_vlan *vlan; 1655 struct net_device *vlan_dev; 1656 1657 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 1658 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev, 1659 vlan->vid); 1660 if (vlan_dev) { 1661 if (br_vlan_is_dev_up(p->dev)) { 1662 if (netif_carrier_ok(p->br->dev)) 1663 netif_carrier_on(vlan_dev); 1664 } else { 1665 br_vlan_set_vlan_dev_state(p->br, vlan_dev); 1666 } 1667 } 1668 } 1669 } 1670 1671 static void br_vlan_toggle_bridge_binding(struct net_device *br_dev, 1672 bool enable) 1673 { 1674 struct net_bridge *br = netdev_priv(br_dev); 1675 1676 if (enable) 1677 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING, true); 1678 else 1679 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING, 1680 br_vlan_has_upper_bind_vlan_dev(br_dev)); 1681 } 1682 1683 static void br_vlan_upper_change(struct net_device *dev, 1684 struct net_device *upper_dev, 1685 bool linking) 1686 { 1687 struct net_bridge *br = netdev_priv(dev); 1688 1689 if (!br_vlan_is_bind_vlan_dev(upper_dev)) 1690 return; 1691 1692 br_vlan_toggle_bridge_binding(dev, linking); 1693 if (linking) 1694 br_vlan_set_vlan_dev_state(br, upper_dev); 1695 } 1696 1697 struct br_vlan_link_state_walk_data { 1698 struct net_bridge *br; 1699 }; 1700 1701 static int br_vlan_link_state_change_fn(struct net_device *vlan_dev, 1702 struct netdev_nested_priv *priv) 1703 { 1704 struct br_vlan_link_state_walk_data *data = priv->data; 1705 1706 if (br_vlan_is_bind_vlan_dev(vlan_dev)) 1707 br_vlan_set_vlan_dev_state(data->br, vlan_dev); 1708 1709 return 0; 1710 } 1711 1712 static void br_vlan_link_state_change(struct net_device *dev, 1713 struct net_bridge *br) 1714 { 1715 struct br_vlan_link_state_walk_data data = { 1716 .br = br 1717 }; 1718 struct netdev_nested_priv priv = { 1719 .data = (void *)&data, 1720 }; 1721 1722 rcu_read_lock(); 1723 netdev_walk_all_upper_dev_rcu(dev, br_vlan_link_state_change_fn, 1724 &priv); 1725 rcu_read_unlock(); 1726 } 1727 1728 /* Must be protected by RTNL. */ 1729 static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid) 1730 { 1731 struct net_device *vlan_dev; 1732 1733 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING)) 1734 return; 1735 1736 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev, vid); 1737 if (vlan_dev) 1738 br_vlan_set_vlan_dev_state(p->br, vlan_dev); 1739 } 1740 1741 /* Must be protected by RTNL. */ 1742 int br_vlan_bridge_event(struct net_device *dev, unsigned long event, void *ptr) 1743 { 1744 struct netdev_notifier_changeupper_info *info; 1745 struct net_bridge *br = netdev_priv(dev); 1746 int vlcmd = 0, ret = 0; 1747 bool changed = false; 1748 1749 switch (event) { 1750 case NETDEV_REGISTER: 1751 ret = br_vlan_add(br, br->default_pvid, 1752 BRIDGE_VLAN_INFO_PVID | 1753 BRIDGE_VLAN_INFO_UNTAGGED | 1754 BRIDGE_VLAN_INFO_BRENTRY, &changed, NULL); 1755 vlcmd = RTM_NEWVLAN; 1756 break; 1757 case NETDEV_UNREGISTER: 1758 changed = !br_vlan_delete(br, br->default_pvid); 1759 vlcmd = RTM_DELVLAN; 1760 break; 1761 case NETDEV_CHANGEUPPER: 1762 info = ptr; 1763 br_vlan_upper_change(dev, info->upper_dev, info->linking); 1764 break; 1765 1766 case NETDEV_CHANGE: 1767 case NETDEV_UP: 1768 if (!br_opt_get(br, BROPT_VLAN_BRIDGE_BINDING)) 1769 break; 1770 br_vlan_link_state_change(dev, br); 1771 break; 1772 } 1773 if (changed) 1774 br_vlan_notify(br, NULL, br->default_pvid, 0, vlcmd); 1775 1776 return ret; 1777 } 1778 1779 void br_vlan_vlan_upper_event(struct net_device *br_dev, 1780 struct net_device *vlan_dev, 1781 unsigned long event) 1782 { 1783 struct vlan_dev_priv *vlan = vlan_dev_priv(vlan_dev); 1784 struct net_bridge *br = netdev_priv(br_dev); 1785 bool bridge_binding; 1786 1787 switch (event) { 1788 case NETDEV_CHANGE: 1789 case NETDEV_UP: 1790 break; 1791 default: 1792 return; 1793 } 1794 1795 bridge_binding = vlan->flags & VLAN_FLAG_BRIDGE_BINDING; 1796 br_vlan_toggle_bridge_binding(br_dev, bridge_binding); 1797 if (bridge_binding) 1798 br_vlan_set_vlan_dev_state(br, vlan_dev); 1799 else if (!bridge_binding && netif_carrier_ok(br_dev)) 1800 netif_carrier_on(vlan_dev); 1801 } 1802 1803 /* Must be protected by RTNL. */ 1804 void br_vlan_port_event(struct net_bridge_port *p, unsigned long event) 1805 { 1806 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING)) 1807 return; 1808 1809 switch (event) { 1810 case NETDEV_CHANGE: 1811 case NETDEV_DOWN: 1812 case NETDEV_UP: 1813 br_vlan_set_all_vlan_dev_state(p); 1814 break; 1815 } 1816 } 1817 1818 static bool br_vlan_stats_fill(struct sk_buff *skb, 1819 const struct net_bridge_vlan *v) 1820 { 1821 struct pcpu_sw_netstats stats; 1822 struct nlattr *nest; 1823 1824 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY_STATS); 1825 if (!nest) 1826 return false; 1827 1828 br_vlan_get_stats(v, &stats); 1829 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_BYTES, 1830 u64_stats_read(&stats.rx_bytes), 1831 BRIDGE_VLANDB_STATS_PAD) || 1832 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_PACKETS, 1833 u64_stats_read(&stats.rx_packets), 1834 BRIDGE_VLANDB_STATS_PAD) || 1835 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_BYTES, 1836 u64_stats_read(&stats.tx_bytes), 1837 BRIDGE_VLANDB_STATS_PAD) || 1838 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_PACKETS, 1839 u64_stats_read(&stats.tx_packets), 1840 BRIDGE_VLANDB_STATS_PAD)) 1841 goto out_err; 1842 1843 nla_nest_end(skb, nest); 1844 1845 return true; 1846 1847 out_err: 1848 nla_nest_cancel(skb, nest); 1849 return false; 1850 } 1851 1852 /* v_opts is used to dump the options which must be equal in the whole range */ 1853 static bool br_vlan_fill_vids(struct sk_buff *skb, u16 vid, u16 vid_range, 1854 const struct net_bridge_vlan *v_opts, 1855 const struct net_bridge_port *p, 1856 u16 flags, 1857 bool dump_stats) 1858 { 1859 struct bridge_vlan_info info; 1860 struct nlattr *nest; 1861 1862 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY); 1863 if (!nest) 1864 return false; 1865 1866 memset(&info, 0, sizeof(info)); 1867 info.vid = vid; 1868 if (flags & BRIDGE_VLAN_INFO_UNTAGGED) 1869 info.flags |= BRIDGE_VLAN_INFO_UNTAGGED; 1870 if (flags & BRIDGE_VLAN_INFO_PVID) 1871 info.flags |= BRIDGE_VLAN_INFO_PVID; 1872 1873 if (nla_put(skb, BRIDGE_VLANDB_ENTRY_INFO, sizeof(info), &info)) 1874 goto out_err; 1875 1876 if (vid_range && vid < vid_range && 1877 !(flags & BRIDGE_VLAN_INFO_PVID) && 1878 nla_put_u16(skb, BRIDGE_VLANDB_ENTRY_RANGE, vid_range)) 1879 goto out_err; 1880 1881 if (v_opts) { 1882 if (!br_vlan_opts_fill(skb, v_opts, p)) 1883 goto out_err; 1884 1885 if (dump_stats && !br_vlan_stats_fill(skb, v_opts)) 1886 goto out_err; 1887 } 1888 1889 nla_nest_end(skb, nest); 1890 1891 return true; 1892 1893 out_err: 1894 nla_nest_cancel(skb, nest); 1895 return false; 1896 } 1897 1898 static size_t rtnl_vlan_nlmsg_size(void) 1899 { 1900 return NLMSG_ALIGN(sizeof(struct br_vlan_msg)) 1901 + nla_total_size(0) /* BRIDGE_VLANDB_ENTRY */ 1902 + nla_total_size(sizeof(u16)) /* BRIDGE_VLANDB_ENTRY_RANGE */ 1903 + nla_total_size(sizeof(struct bridge_vlan_info)) /* BRIDGE_VLANDB_ENTRY_INFO */ 1904 + br_vlan_opts_nl_size(); /* bridge vlan options */ 1905 } 1906 1907 void br_vlan_notify(const struct net_bridge *br, 1908 const struct net_bridge_port *p, 1909 u16 vid, u16 vid_range, 1910 int cmd) 1911 { 1912 struct net_bridge_vlan_group *vg; 1913 struct net_bridge_vlan *v = NULL; 1914 struct br_vlan_msg *bvm; 1915 struct nlmsghdr *nlh; 1916 struct sk_buff *skb; 1917 int err = -ENOBUFS; 1918 struct net *net; 1919 u16 flags = 0; 1920 int ifindex; 1921 1922 /* right now notifications are done only with rtnl held */ 1923 ASSERT_RTNL(); 1924 1925 if (p) { 1926 ifindex = p->dev->ifindex; 1927 vg = nbp_vlan_group(p); 1928 net = dev_net(p->dev); 1929 } else { 1930 ifindex = br->dev->ifindex; 1931 vg = br_vlan_group(br); 1932 net = dev_net(br->dev); 1933 } 1934 1935 skb = nlmsg_new(rtnl_vlan_nlmsg_size(), GFP_KERNEL); 1936 if (!skb) 1937 goto out_err; 1938 1939 err = -EMSGSIZE; 1940 nlh = nlmsg_put(skb, 0, 0, cmd, sizeof(*bvm), 0); 1941 if (!nlh) 1942 goto out_err; 1943 bvm = nlmsg_data(nlh); 1944 memset(bvm, 0, sizeof(*bvm)); 1945 bvm->family = AF_BRIDGE; 1946 bvm->ifindex = ifindex; 1947 1948 switch (cmd) { 1949 case RTM_NEWVLAN: 1950 /* need to find the vlan due to flags/options */ 1951 v = br_vlan_find(vg, vid); 1952 if (!v || !br_vlan_should_use(v)) 1953 goto out_kfree; 1954 1955 flags = v->flags; 1956 if (br_get_pvid(vg) == v->vid) 1957 flags |= BRIDGE_VLAN_INFO_PVID; 1958 break; 1959 case RTM_DELVLAN: 1960 break; 1961 default: 1962 goto out_kfree; 1963 } 1964 1965 if (!br_vlan_fill_vids(skb, vid, vid_range, v, p, flags, false)) 1966 goto out_err; 1967 1968 nlmsg_end(skb, nlh); 1969 rtnl_notify(skb, net, 0, RTNLGRP_BRVLAN, NULL, GFP_KERNEL); 1970 return; 1971 1972 out_err: 1973 rtnl_set_sk_err(net, RTNLGRP_BRVLAN, err); 1974 out_kfree: 1975 kfree_skb(skb); 1976 } 1977 1978 /* check if v_curr can enter a range ending in range_end */ 1979 bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, 1980 const struct net_bridge_vlan *range_end) 1981 { 1982 return v_curr->vid - range_end->vid == 1 && 1983 range_end->flags == v_curr->flags && 1984 br_vlan_opts_eq_range(v_curr, range_end); 1985 } 1986 1987 static int br_vlan_dump_dev(const struct net_device *dev, 1988 struct sk_buff *skb, 1989 struct netlink_callback *cb, 1990 u32 dump_flags) 1991 { 1992 struct net_bridge_vlan *v, *range_start = NULL, *range_end = NULL; 1993 bool dump_global = !!(dump_flags & BRIDGE_VLANDB_DUMPF_GLOBAL); 1994 bool dump_stats = !!(dump_flags & BRIDGE_VLANDB_DUMPF_STATS); 1995 struct net_bridge_vlan_group *vg; 1996 int idx = 0, s_idx = cb->args[1]; 1997 struct nlmsghdr *nlh = NULL; 1998 struct net_bridge_port *p; 1999 struct br_vlan_msg *bvm; 2000 struct net_bridge *br; 2001 int err = 0; 2002 u16 pvid; 2003 2004 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) 2005 return -EINVAL; 2006 2007 if (netif_is_bridge_master(dev)) { 2008 br = netdev_priv(dev); 2009 vg = br_vlan_group_rcu(br); 2010 p = NULL; 2011 } else { 2012 /* global options are dumped only for bridge devices */ 2013 if (dump_global) 2014 return 0; 2015 2016 p = br_port_get_rcu(dev); 2017 if (WARN_ON(!p)) 2018 return -EINVAL; 2019 vg = nbp_vlan_group_rcu(p); 2020 br = p->br; 2021 } 2022 2023 if (!vg) 2024 return 0; 2025 2026 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 2027 RTM_NEWVLAN, sizeof(*bvm), NLM_F_MULTI); 2028 if (!nlh) 2029 return -EMSGSIZE; 2030 bvm = nlmsg_data(nlh); 2031 memset(bvm, 0, sizeof(*bvm)); 2032 bvm->family = PF_BRIDGE; 2033 bvm->ifindex = dev->ifindex; 2034 pvid = br_get_pvid(vg); 2035 2036 /* idx must stay at range's beginning until it is filled in */ 2037 list_for_each_entry_rcu(v, &vg->vlan_list, vlist) { 2038 if (!dump_global && !br_vlan_should_use(v)) 2039 continue; 2040 if (idx < s_idx) { 2041 idx++; 2042 continue; 2043 } 2044 2045 if (!range_start) { 2046 range_start = v; 2047 range_end = v; 2048 continue; 2049 } 2050 2051 if (dump_global) { 2052 if (br_vlan_global_opts_can_enter_range(v, range_end)) 2053 goto update_end; 2054 if (!br_vlan_global_opts_fill(skb, range_start->vid, 2055 range_end->vid, 2056 range_start)) { 2057 err = -EMSGSIZE; 2058 break; 2059 } 2060 /* advance number of filled vlans */ 2061 idx += range_end->vid - range_start->vid + 1; 2062 2063 range_start = v; 2064 } else if (dump_stats || v->vid == pvid || 2065 !br_vlan_can_enter_range(v, range_end)) { 2066 u16 vlan_flags = br_vlan_flags(range_start, pvid); 2067 2068 if (!br_vlan_fill_vids(skb, range_start->vid, 2069 range_end->vid, range_start, 2070 p, vlan_flags, dump_stats)) { 2071 err = -EMSGSIZE; 2072 break; 2073 } 2074 /* advance number of filled vlans */ 2075 idx += range_end->vid - range_start->vid + 1; 2076 2077 range_start = v; 2078 } 2079 update_end: 2080 range_end = v; 2081 } 2082 2083 /* err will be 0 and range_start will be set in 3 cases here: 2084 * - first vlan (range_start == range_end) 2085 * - last vlan (range_start == range_end, not in range) 2086 * - last vlan range (range_start != range_end, in range) 2087 */ 2088 if (!err && range_start) { 2089 if (dump_global && 2090 !br_vlan_global_opts_fill(skb, range_start->vid, 2091 range_end->vid, range_start)) 2092 err = -EMSGSIZE; 2093 else if (!dump_global && 2094 !br_vlan_fill_vids(skb, range_start->vid, 2095 range_end->vid, range_start, 2096 p, br_vlan_flags(range_start, pvid), 2097 dump_stats)) 2098 err = -EMSGSIZE; 2099 } 2100 2101 cb->args[1] = err ? idx : 0; 2102 2103 nlmsg_end(skb, nlh); 2104 2105 return err; 2106 } 2107 2108 static const struct nla_policy br_vlan_db_dump_pol[BRIDGE_VLANDB_DUMP_MAX + 1] = { 2109 [BRIDGE_VLANDB_DUMP_FLAGS] = { .type = NLA_U32 }, 2110 }; 2111 2112 static int br_vlan_rtm_dump(struct sk_buff *skb, struct netlink_callback *cb) 2113 { 2114 struct nlattr *dtb[BRIDGE_VLANDB_DUMP_MAX + 1]; 2115 int idx = 0, err = 0, s_idx = cb->args[0]; 2116 struct net *net = sock_net(skb->sk); 2117 struct br_vlan_msg *bvm; 2118 struct net_device *dev; 2119 u32 dump_flags = 0; 2120 2121 err = nlmsg_parse(cb->nlh, sizeof(*bvm), dtb, BRIDGE_VLANDB_DUMP_MAX, 2122 br_vlan_db_dump_pol, cb->extack); 2123 if (err < 0) 2124 return err; 2125 2126 bvm = nlmsg_data(cb->nlh); 2127 if (dtb[BRIDGE_VLANDB_DUMP_FLAGS]) 2128 dump_flags = nla_get_u32(dtb[BRIDGE_VLANDB_DUMP_FLAGS]); 2129 2130 rcu_read_lock(); 2131 if (bvm->ifindex) { 2132 dev = dev_get_by_index_rcu(net, bvm->ifindex); 2133 if (!dev) { 2134 err = -ENODEV; 2135 goto out_err; 2136 } 2137 err = br_vlan_dump_dev(dev, skb, cb, dump_flags); 2138 /* if the dump completed without an error we return 0 here */ 2139 if (err != -EMSGSIZE) 2140 goto out_err; 2141 } else { 2142 for_each_netdev_rcu(net, dev) { 2143 if (idx < s_idx) 2144 goto skip; 2145 2146 err = br_vlan_dump_dev(dev, skb, cb, dump_flags); 2147 if (err == -EMSGSIZE) 2148 break; 2149 skip: 2150 idx++; 2151 } 2152 } 2153 cb->args[0] = idx; 2154 rcu_read_unlock(); 2155 2156 return skb->len; 2157 2158 out_err: 2159 rcu_read_unlock(); 2160 2161 return err; 2162 } 2163 2164 static const struct nla_policy br_vlan_db_policy[BRIDGE_VLANDB_ENTRY_MAX + 1] = { 2165 [BRIDGE_VLANDB_ENTRY_INFO] = 2166 NLA_POLICY_EXACT_LEN(sizeof(struct bridge_vlan_info)), 2167 [BRIDGE_VLANDB_ENTRY_RANGE] = { .type = NLA_U16 }, 2168 [BRIDGE_VLANDB_ENTRY_STATE] = { .type = NLA_U8 }, 2169 [BRIDGE_VLANDB_ENTRY_TUNNEL_INFO] = { .type = NLA_NESTED }, 2170 [BRIDGE_VLANDB_ENTRY_MCAST_ROUTER] = { .type = NLA_U8 }, 2171 [BRIDGE_VLANDB_ENTRY_MCAST_N_GROUPS] = { .type = NLA_REJECT }, 2172 [BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS] = { .type = NLA_U32 }, 2173 [BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS] = NLA_POLICY_MAX(NLA_U8, 1), 2174 }; 2175 2176 static int br_vlan_rtm_process_one(struct net_device *dev, 2177 const struct nlattr *attr, 2178 int cmd, struct netlink_ext_ack *extack) 2179 { 2180 struct bridge_vlan_info *vinfo, vrange_end, *vinfo_last = NULL; 2181 struct nlattr *tb[BRIDGE_VLANDB_ENTRY_MAX + 1]; 2182 bool changed = false, skip_processing = false; 2183 struct net_bridge_vlan_group *vg; 2184 struct net_bridge_port *p = NULL; 2185 int err = 0, cmdmap = 0; 2186 struct net_bridge *br; 2187 2188 if (netif_is_bridge_master(dev)) { 2189 br = netdev_priv(dev); 2190 vg = br_vlan_group(br); 2191 } else { 2192 p = br_port_get_rtnl(dev); 2193 if (WARN_ON(!p)) 2194 return -ENODEV; 2195 br = p->br; 2196 vg = nbp_vlan_group(p); 2197 } 2198 2199 if (WARN_ON(!vg)) 2200 return -ENODEV; 2201 2202 err = nla_parse_nested(tb, BRIDGE_VLANDB_ENTRY_MAX, attr, 2203 br_vlan_db_policy, extack); 2204 if (err) 2205 return err; 2206 2207 if (!tb[BRIDGE_VLANDB_ENTRY_INFO]) { 2208 NL_SET_ERR_MSG_MOD(extack, "Missing vlan entry info"); 2209 return -EINVAL; 2210 } 2211 memset(&vrange_end, 0, sizeof(vrange_end)); 2212 2213 vinfo = nla_data(tb[BRIDGE_VLANDB_ENTRY_INFO]); 2214 if (vinfo->flags & (BRIDGE_VLAN_INFO_RANGE_BEGIN | 2215 BRIDGE_VLAN_INFO_RANGE_END)) { 2216 NL_SET_ERR_MSG_MOD(extack, "Old-style vlan ranges are not allowed when using RTM vlan calls"); 2217 return -EINVAL; 2218 } 2219 if (!br_vlan_valid_id(vinfo->vid, extack)) 2220 return -EINVAL; 2221 2222 if (tb[BRIDGE_VLANDB_ENTRY_RANGE]) { 2223 vrange_end.vid = nla_get_u16(tb[BRIDGE_VLANDB_ENTRY_RANGE]); 2224 /* validate user-provided flags without RANGE_BEGIN */ 2225 vrange_end.flags = BRIDGE_VLAN_INFO_RANGE_END | vinfo->flags; 2226 vinfo->flags |= BRIDGE_VLAN_INFO_RANGE_BEGIN; 2227 2228 /* vinfo_last is the range start, vinfo the range end */ 2229 vinfo_last = vinfo; 2230 vinfo = &vrange_end; 2231 2232 if (!br_vlan_valid_id(vinfo->vid, extack) || 2233 !br_vlan_valid_range(vinfo, vinfo_last, extack)) 2234 return -EINVAL; 2235 } 2236 2237 switch (cmd) { 2238 case RTM_NEWVLAN: 2239 cmdmap = RTM_SETLINK; 2240 skip_processing = !!(vinfo->flags & BRIDGE_VLAN_INFO_ONLY_OPTS); 2241 break; 2242 case RTM_DELVLAN: 2243 cmdmap = RTM_DELLINK; 2244 break; 2245 } 2246 2247 if (!skip_processing) { 2248 struct bridge_vlan_info *tmp_last = vinfo_last; 2249 2250 /* br_process_vlan_info may overwrite vinfo_last */ 2251 err = br_process_vlan_info(br, p, cmdmap, vinfo, &tmp_last, 2252 &changed, extack); 2253 2254 /* notify first if anything changed */ 2255 if (changed) 2256 br_ifinfo_notify(cmdmap, br, p); 2257 2258 if (err) 2259 return err; 2260 } 2261 2262 /* deal with options */ 2263 if (cmd == RTM_NEWVLAN) { 2264 struct net_bridge_vlan *range_start, *range_end; 2265 2266 if (vinfo_last) { 2267 range_start = br_vlan_find(vg, vinfo_last->vid); 2268 range_end = br_vlan_find(vg, vinfo->vid); 2269 } else { 2270 range_start = br_vlan_find(vg, vinfo->vid); 2271 range_end = range_start; 2272 } 2273 2274 err = br_vlan_process_options(br, p, range_start, range_end, 2275 tb, extack); 2276 } 2277 2278 return err; 2279 } 2280 2281 static int br_vlan_rtm_process(struct sk_buff *skb, struct nlmsghdr *nlh, 2282 struct netlink_ext_ack *extack) 2283 { 2284 struct net *net = sock_net(skb->sk); 2285 struct br_vlan_msg *bvm; 2286 struct net_device *dev; 2287 struct nlattr *attr; 2288 int err, vlans = 0; 2289 int rem; 2290 2291 /* this should validate the header and check for remaining bytes */ 2292 err = nlmsg_parse(nlh, sizeof(*bvm), NULL, BRIDGE_VLANDB_MAX, NULL, 2293 extack); 2294 if (err < 0) 2295 return err; 2296 2297 bvm = nlmsg_data(nlh); 2298 dev = __dev_get_by_index(net, bvm->ifindex); 2299 if (!dev) 2300 return -ENODEV; 2301 2302 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) { 2303 NL_SET_ERR_MSG_MOD(extack, "The device is not a valid bridge or bridge port"); 2304 return -EINVAL; 2305 } 2306 2307 nlmsg_for_each_attr(attr, nlh, sizeof(*bvm), rem) { 2308 switch (nla_type(attr)) { 2309 case BRIDGE_VLANDB_ENTRY: 2310 err = br_vlan_rtm_process_one(dev, attr, 2311 nlh->nlmsg_type, 2312 extack); 2313 break; 2314 case BRIDGE_VLANDB_GLOBAL_OPTIONS: 2315 err = br_vlan_rtm_process_global_options(dev, attr, 2316 nlh->nlmsg_type, 2317 extack); 2318 break; 2319 default: 2320 continue; 2321 } 2322 2323 vlans++; 2324 if (err) 2325 break; 2326 } 2327 if (!vlans) { 2328 NL_SET_ERR_MSG_MOD(extack, "No vlans found to process"); 2329 err = -EINVAL; 2330 } 2331 2332 return err; 2333 } 2334 2335 static const struct rtnl_msg_handler br_vlan_rtnl_msg_handlers[] = { 2336 {THIS_MODULE, PF_BRIDGE, RTM_NEWVLAN, br_vlan_rtm_process, NULL, 0}, 2337 {THIS_MODULE, PF_BRIDGE, RTM_DELVLAN, br_vlan_rtm_process, NULL, 0}, 2338 {THIS_MODULE, PF_BRIDGE, RTM_GETVLAN, NULL, br_vlan_rtm_dump, 0}, 2339 }; 2340 2341 int br_vlan_rtnl_init(void) 2342 { 2343 return rtnl_register_many(br_vlan_rtnl_msg_handlers); 2344 } 2345 2346 void br_vlan_rtnl_uninit(void) 2347 { 2348 rtnl_unregister_many(br_vlan_rtnl_msg_handlers); 2349 } 2350