1 // SPDX-License-Identifier: GPL-2.0-only 2 // Copyright (c) 2020, Nikolay Aleksandrov <nikolay@cumulusnetworks.com> 3 #include <linux/kernel.h> 4 #include <linux/netdevice.h> 5 #include <linux/rtnetlink.h> 6 #include <linux/slab.h> 7 #include <net/ip_tunnels.h> 8 9 #include "br_private.h" 10 #include "br_private_tunnel.h" 11 12 static bool __vlan_tun_put(struct sk_buff *skb, const struct net_bridge_vlan *v) 13 { 14 __be32 tid = tunnel_id_to_key32(v->tinfo.tunnel_id); 15 struct nlattr *nest; 16 17 if (!v->tinfo.tunnel_dst) 18 return true; 19 20 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY_TUNNEL_INFO); 21 if (!nest) 22 return false; 23 if (nla_put_u32(skb, BRIDGE_VLANDB_TINFO_ID, be32_to_cpu(tid))) { 24 nla_nest_cancel(skb, nest); 25 return false; 26 } 27 nla_nest_end(skb, nest); 28 29 return true; 30 } 31 32 static bool __vlan_tun_can_enter_range(const struct net_bridge_vlan *v_curr, 33 const struct net_bridge_vlan *range_end) 34 { 35 return (!v_curr->tinfo.tunnel_dst && !range_end->tinfo.tunnel_dst) || 36 vlan_tunid_inrange(v_curr, range_end); 37 } 38 39 /* check if the options' state of v_curr allow it to enter the range */ 40 bool br_vlan_opts_eq_range(const struct net_bridge_vlan *v_curr, 41 const struct net_bridge_vlan *range_end) 42 { 43 u8 range_mc_rtr = br_vlan_multicast_router(range_end); 44 u8 curr_mc_rtr = br_vlan_multicast_router(v_curr); 45 46 if (v_curr->state != range_end->state) 47 return false; 48 49 if (!__vlan_tun_can_enter_range(v_curr, range_end)) 50 return false; 51 52 if (curr_mc_rtr != range_mc_rtr) 53 return false; 54 55 /* Check user-visible priv_flags that affect output */ 56 if ((v_curr->priv_flags ^ range_end->priv_flags) & 57 (BR_VLFLAG_NEIGH_SUPPRESS_ENABLED | BR_VLFLAG_MCAST_ENABLED)) 58 return false; 59 60 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 61 if (!br_vlan_is_master(v_curr) && 62 !br_multicast_port_ctx_vlan_disabled(&v_curr->port_mcast_ctx) && 63 !br_multicast_port_ctx_options_equal(&v_curr->port_mcast_ctx, 64 &range_end->port_mcast_ctx)) 65 return false; 66 #endif 67 68 return true; 69 } 70 71 bool br_vlan_opts_fill(struct sk_buff *skb, const struct net_bridge_vlan *v, 72 const struct net_bridge_port *p) 73 { 74 if (nla_put_u8(skb, BRIDGE_VLANDB_ENTRY_STATE, br_vlan_get_state(v)) || 75 !__vlan_tun_put(skb, v) || 76 nla_put_u8(skb, BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS, 77 !!(v->priv_flags & BR_VLFLAG_NEIGH_SUPPRESS_ENABLED))) 78 return false; 79 80 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 81 if (nla_put_u8(skb, BRIDGE_VLANDB_ENTRY_MCAST_ROUTER, 82 br_vlan_multicast_router(v))) 83 return false; 84 if (p && !br_multicast_port_ctx_vlan_disabled(&v->port_mcast_ctx) && 85 (nla_put_u32(skb, BRIDGE_VLANDB_ENTRY_MCAST_N_GROUPS, 86 br_multicast_ngroups_get(&v->port_mcast_ctx)) || 87 nla_put_u32(skb, BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS, 88 br_multicast_ngroups_get_max(&v->port_mcast_ctx)))) 89 return false; 90 #endif 91 92 return true; 93 } 94 95 size_t br_vlan_opts_nl_size(void) 96 { 97 return nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_ENTRY_STATE */ 98 + nla_total_size(0) /* BRIDGE_VLANDB_ENTRY_TUNNEL_INFO */ 99 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_TINFO_ID */ 100 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 101 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_ENTRY_MCAST_ROUTER */ 102 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_ENTRY_MCAST_N_GROUPS */ 103 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS */ 104 #endif 105 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS */ 106 + 0; 107 } 108 109 static int br_vlan_modify_state(struct net_bridge_vlan_group *vg, 110 struct net_bridge_vlan *v, 111 u8 state, 112 bool *changed, 113 struct netlink_ext_ack *extack) 114 { 115 struct net_bridge *br; 116 117 ASSERT_RTNL(); 118 119 if (state > BR_STATE_BLOCKING) { 120 NL_SET_ERR_MSG_MOD(extack, "Invalid vlan state"); 121 return -EINVAL; 122 } 123 124 if (br_vlan_is_brentry(v)) 125 br = v->br; 126 else 127 br = v->port->br; 128 129 if (br->stp_enabled == BR_KERNEL_STP) { 130 NL_SET_ERR_MSG_MOD(extack, "Can't modify vlan state when using kernel STP"); 131 return -EBUSY; 132 } 133 134 if (br_opt_get(br, BROPT_MST_ENABLED)) { 135 NL_SET_ERR_MSG_MOD(extack, "Can't modify vlan state directly when MST is enabled"); 136 return -EBUSY; 137 } 138 139 if (v->state == state) 140 return 0; 141 142 if (v->vid == br_get_pvid(vg)) 143 br_vlan_set_pvid_state(vg, state); 144 145 br_vlan_set_state(v, state); 146 *changed = true; 147 148 return 0; 149 } 150 151 static const struct nla_policy br_vlandb_tinfo_pol[BRIDGE_VLANDB_TINFO_MAX + 1] = { 152 [BRIDGE_VLANDB_TINFO_ID] = { .type = NLA_U32 }, 153 [BRIDGE_VLANDB_TINFO_CMD] = { .type = NLA_U32 }, 154 }; 155 156 static int br_vlan_modify_tunnel(const struct net_bridge_port *p, 157 struct net_bridge_vlan *v, 158 struct nlattr **tb, 159 bool *changed, 160 struct netlink_ext_ack *extack) 161 { 162 struct nlattr *tun_tb[BRIDGE_VLANDB_TINFO_MAX + 1], *attr; 163 struct bridge_vlan_info *vinfo; 164 u32 tun_id = 0; 165 int cmd, err; 166 167 if (!p) { 168 NL_SET_ERR_MSG_MOD(extack, "Can't modify tunnel mapping of non-port vlans"); 169 return -EINVAL; 170 } 171 if (!(p->flags & BR_VLAN_TUNNEL)) { 172 NL_SET_ERR_MSG_MOD(extack, "Port doesn't have tunnel flag set"); 173 return -EINVAL; 174 } 175 176 attr = tb[BRIDGE_VLANDB_ENTRY_TUNNEL_INFO]; 177 err = nla_parse_nested(tun_tb, BRIDGE_VLANDB_TINFO_MAX, attr, 178 br_vlandb_tinfo_pol, extack); 179 if (err) 180 return err; 181 182 if (!tun_tb[BRIDGE_VLANDB_TINFO_CMD]) { 183 NL_SET_ERR_MSG_MOD(extack, "Missing tunnel command attribute"); 184 return -ENOENT; 185 } 186 cmd = nla_get_u32(tun_tb[BRIDGE_VLANDB_TINFO_CMD]); 187 switch (cmd) { 188 case RTM_SETLINK: 189 if (!tun_tb[BRIDGE_VLANDB_TINFO_ID]) { 190 NL_SET_ERR_MSG_MOD(extack, "Missing tunnel id attribute"); 191 return -ENOENT; 192 } 193 /* when working on vlan ranges this is the starting tunnel id */ 194 tun_id = nla_get_u32(tun_tb[BRIDGE_VLANDB_TINFO_ID]); 195 /* vlan info attr is guaranteed by br_vlan_rtm_process_one */ 196 vinfo = nla_data(tb[BRIDGE_VLANDB_ENTRY_INFO]); 197 /* tunnel ids are mapped to each vlan in increasing order, 198 * the starting vlan is in BRIDGE_VLANDB_ENTRY_INFO and v is the 199 * current vlan, so we compute: tun_id + v - vinfo->vid 200 */ 201 tun_id += v->vid - vinfo->vid; 202 break; 203 case RTM_DELLINK: 204 break; 205 default: 206 NL_SET_ERR_MSG_MOD(extack, "Unsupported tunnel command"); 207 return -EINVAL; 208 } 209 210 return br_vlan_tunnel_info(p, cmd, v->vid, tun_id, changed); 211 } 212 213 static int br_vlan_process_one_opts(const struct net_bridge *br, 214 const struct net_bridge_port *p, 215 struct net_bridge_vlan_group *vg, 216 struct net_bridge_vlan *v, 217 struct nlattr **tb, 218 bool *changed, 219 struct netlink_ext_ack *extack) 220 { 221 int err; 222 223 *changed = false; 224 if (tb[BRIDGE_VLANDB_ENTRY_STATE]) { 225 u8 state = nla_get_u8(tb[BRIDGE_VLANDB_ENTRY_STATE]); 226 227 err = br_vlan_modify_state(vg, v, state, changed, extack); 228 if (err) 229 return err; 230 } 231 if (tb[BRIDGE_VLANDB_ENTRY_TUNNEL_INFO]) { 232 err = br_vlan_modify_tunnel(p, v, tb, changed, extack); 233 if (err) 234 return err; 235 } 236 237 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 238 if (tb[BRIDGE_VLANDB_ENTRY_MCAST_ROUTER]) { 239 u8 val; 240 241 val = nla_get_u8(tb[BRIDGE_VLANDB_ENTRY_MCAST_ROUTER]); 242 err = br_multicast_set_vlan_router(v, val); 243 if (err) 244 return err; 245 *changed = true; 246 } 247 if (tb[BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS]) { 248 u32 val; 249 250 if (!p) { 251 NL_SET_ERR_MSG_MOD(extack, "Can't set mcast_max_groups for non-port vlans"); 252 return -EINVAL; 253 } 254 if (br_multicast_port_ctx_vlan_disabled(&v->port_mcast_ctx)) { 255 NL_SET_ERR_MSG_MOD(extack, "Multicast snooping disabled on this VLAN"); 256 return -EINVAL; 257 } 258 259 val = nla_get_u32(tb[BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS]); 260 br_multicast_ngroups_set_max(&v->port_mcast_ctx, val); 261 *changed = true; 262 } 263 #endif 264 265 if (tb[BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS]) { 266 bool enabled = v->priv_flags & BR_VLFLAG_NEIGH_SUPPRESS_ENABLED; 267 bool val = nla_get_u8(tb[BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS]); 268 269 if (!p) { 270 NL_SET_ERR_MSG_MOD(extack, "Can't set neigh_suppress for non-port vlans"); 271 return -EINVAL; 272 } 273 274 if (val != enabled) { 275 v->priv_flags ^= BR_VLFLAG_NEIGH_SUPPRESS_ENABLED; 276 *changed = true; 277 } 278 } 279 280 return 0; 281 } 282 283 int br_vlan_process_options(const struct net_bridge *br, 284 const struct net_bridge_port *p, 285 struct net_bridge_vlan *range_start, 286 struct net_bridge_vlan *range_end, 287 struct nlattr **tb, 288 struct netlink_ext_ack *extack) 289 { 290 struct net_bridge_vlan *v, *curr_start = NULL, *curr_end = NULL; 291 struct net_bridge_vlan_group *vg; 292 int vid, err = 0; 293 u16 pvid; 294 295 if (p) 296 vg = nbp_vlan_group(p); 297 else 298 vg = br_vlan_group(br); 299 300 if (!range_start || !br_vlan_should_use(range_start)) { 301 NL_SET_ERR_MSG_MOD(extack, "Vlan range start doesn't exist, can't process options"); 302 return -ENOENT; 303 } 304 if (!range_end || !br_vlan_should_use(range_end)) { 305 NL_SET_ERR_MSG_MOD(extack, "Vlan range end doesn't exist, can't process options"); 306 return -ENOENT; 307 } 308 309 pvid = br_get_pvid(vg); 310 for (vid = range_start->vid; vid <= range_end->vid; vid++) { 311 bool changed = false; 312 313 v = br_vlan_find(vg, vid); 314 if (!v || !br_vlan_should_use(v)) { 315 NL_SET_ERR_MSG_MOD(extack, "Vlan in range doesn't exist, can't process options"); 316 err = -ENOENT; 317 break; 318 } 319 320 err = br_vlan_process_one_opts(br, p, vg, v, tb, &changed, 321 extack); 322 if (err) 323 break; 324 325 if (changed) { 326 /* vlan options changed, check for range */ 327 if (!curr_start) { 328 curr_start = v; 329 curr_end = v; 330 continue; 331 } 332 333 if (v->vid == pvid || 334 !br_vlan_can_enter_range(v, curr_end)) { 335 br_vlan_notify(br, p, curr_start->vid, 336 curr_end->vid, RTM_NEWVLAN); 337 curr_start = v; 338 } 339 curr_end = v; 340 } else { 341 /* nothing changed and nothing to notify yet */ 342 if (!curr_start) 343 continue; 344 345 br_vlan_notify(br, p, curr_start->vid, curr_end->vid, 346 RTM_NEWVLAN); 347 curr_start = NULL; 348 curr_end = NULL; 349 } 350 } 351 if (curr_start) 352 br_vlan_notify(br, p, curr_start->vid, curr_end->vid, 353 RTM_NEWVLAN); 354 355 return err; 356 } 357 358 bool br_vlan_global_opts_can_enter_range(const struct net_bridge_vlan *v_curr, 359 const struct net_bridge_vlan *r_end) 360 { 361 return v_curr->vid - r_end->vid == 1 && 362 v_curr->msti == r_end->msti && 363 ((v_curr->priv_flags ^ r_end->priv_flags) & 364 BR_VLFLAG_GLOBAL_MCAST_ENABLED) == 0 && 365 br_multicast_ctx_options_equal(&v_curr->br_mcast_ctx, 366 &r_end->br_mcast_ctx); 367 } 368 369 bool br_vlan_global_opts_fill(struct sk_buff *skb, u16 vid, u16 vid_range, 370 const struct net_bridge_vlan *v_opts) 371 { 372 struct nlattr *nest2 __maybe_unused; 373 u64 clockval __maybe_unused; 374 struct nlattr *nest; 375 376 nest = nla_nest_start(skb, BRIDGE_VLANDB_GLOBAL_OPTIONS); 377 if (!nest) 378 return false; 379 380 if (nla_put_u16(skb, BRIDGE_VLANDB_GOPTS_ID, vid)) 381 goto out_err; 382 383 if (vid_range && vid < vid_range && 384 nla_put_u16(skb, BRIDGE_VLANDB_GOPTS_RANGE, vid_range)) 385 goto out_err; 386 387 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 388 if (nla_put_u8(skb, BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING, 389 !!(v_opts->priv_flags & BR_VLFLAG_GLOBAL_MCAST_ENABLED)) || 390 nla_put_u8(skb, BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION, 391 v_opts->br_mcast_ctx.multicast_igmp_version) || 392 nla_put_u32(skb, BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT, 393 v_opts->br_mcast_ctx.multicast_last_member_count) || 394 nla_put_u32(skb, BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT, 395 v_opts->br_mcast_ctx.multicast_startup_query_count) || 396 nla_put_u8(skb, BRIDGE_VLANDB_GOPTS_MCAST_QUERIER, 397 v_opts->br_mcast_ctx.multicast_querier) || 398 br_multicast_dump_querier_state(skb, &v_opts->br_mcast_ctx, 399 BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_STATE)) 400 goto out_err; 401 402 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_last_member_interval); 403 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL, 404 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 405 goto out_err; 406 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_membership_interval); 407 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL, 408 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 409 goto out_err; 410 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_querier_interval); 411 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL, 412 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 413 goto out_err; 414 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_query_interval); 415 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL, 416 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 417 goto out_err; 418 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_query_response_interval); 419 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL, 420 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 421 goto out_err; 422 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_startup_query_interval); 423 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL, 424 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 425 goto out_err; 426 427 if (br_rports_have_mc_router(&v_opts->br_mcast_ctx)) { 428 nest2 = nla_nest_start(skb, 429 BRIDGE_VLANDB_GOPTS_MCAST_ROUTER_PORTS); 430 if (!nest2) 431 goto out_err; 432 433 rcu_read_lock(); 434 if (br_rports_fill_info(skb, &v_opts->br_mcast_ctx)) { 435 rcu_read_unlock(); 436 nla_nest_cancel(skb, nest2); 437 goto out_err; 438 } 439 rcu_read_unlock(); 440 441 nla_nest_end(skb, nest2); 442 } 443 444 #if IS_ENABLED(CONFIG_IPV6) 445 if (nla_put_u8(skb, BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION, 446 v_opts->br_mcast_ctx.multicast_mld_version)) 447 goto out_err; 448 #endif 449 #endif 450 451 if (nla_put_u16(skb, BRIDGE_VLANDB_GOPTS_MSTI, v_opts->msti)) 452 goto out_err; 453 454 nla_nest_end(skb, nest); 455 456 return true; 457 458 out_err: 459 nla_nest_cancel(skb, nest); 460 return false; 461 } 462 463 static size_t rtnl_vlan_global_opts_nlmsg_size(const struct net_bridge_vlan *v) 464 { 465 return NLMSG_ALIGN(sizeof(struct br_vlan_msg)) 466 + nla_total_size(0) /* BRIDGE_VLANDB_GLOBAL_OPTIONS */ 467 + nla_total_size(sizeof(u16)) /* BRIDGE_VLANDB_GOPTS_ID */ 468 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 469 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING */ 470 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION */ 471 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION */ 472 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT */ 473 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT */ 474 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL */ 475 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL */ 476 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL */ 477 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL */ 478 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL */ 479 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL */ 480 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_GOPTS_MCAST_QUERIER */ 481 + br_multicast_querier_state_size() /* BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_STATE */ 482 + nla_total_size(0) /* BRIDGE_VLANDB_GOPTS_MCAST_ROUTER_PORTS */ 483 + br_rports_size(&v->br_mcast_ctx) /* BRIDGE_VLANDB_GOPTS_MCAST_ROUTER_PORTS */ 484 #endif 485 + nla_total_size(sizeof(u16)) /* BRIDGE_VLANDB_GOPTS_MSTI */ 486 + nla_total_size(sizeof(u16)); /* BRIDGE_VLANDB_GOPTS_RANGE */ 487 } 488 489 static void br_vlan_global_opts_notify(const struct net_bridge *br, 490 u16 vid, u16 vid_range) 491 { 492 struct net_bridge_vlan *v; 493 struct br_vlan_msg *bvm; 494 struct nlmsghdr *nlh; 495 struct sk_buff *skb; 496 int err = -ENOBUFS; 497 498 /* right now notifications are done only with rtnl held */ 499 ASSERT_RTNL(); 500 501 /* need to find the vlan due to flags/options */ 502 v = br_vlan_find(br_vlan_group(br), vid); 503 if (!v) 504 return; 505 506 skb = nlmsg_new(rtnl_vlan_global_opts_nlmsg_size(v), GFP_KERNEL); 507 if (!skb) 508 goto out_err; 509 510 err = -EMSGSIZE; 511 nlh = nlmsg_put(skb, 0, 0, RTM_NEWVLAN, sizeof(*bvm), 0); 512 if (!nlh) 513 goto out_err; 514 bvm = nlmsg_data(nlh); 515 memset(bvm, 0, sizeof(*bvm)); 516 bvm->family = AF_BRIDGE; 517 bvm->ifindex = br->dev->ifindex; 518 519 if (!br_vlan_global_opts_fill(skb, vid, vid_range, v)) 520 goto out_err; 521 522 nlmsg_end(skb, nlh); 523 rtnl_notify(skb, dev_net(br->dev), 0, RTNLGRP_BRVLAN, NULL, GFP_KERNEL); 524 return; 525 526 out_err: 527 rtnl_set_sk_err(dev_net(br->dev), RTNLGRP_BRVLAN, err); 528 kfree_skb(skb); 529 } 530 531 static int br_vlan_process_global_one_opts(const struct net_bridge *br, 532 struct net_bridge_vlan_group *vg, 533 struct net_bridge_vlan *v, 534 struct nlattr **tb, 535 bool *changed, 536 struct netlink_ext_ack *extack) 537 { 538 int err __maybe_unused; 539 540 *changed = false; 541 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 542 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING]) { 543 u8 mc_snooping; 544 545 mc_snooping = nla_get_u8(tb[BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING]); 546 if (br_multicast_toggle_global_vlan(v, !!mc_snooping)) 547 *changed = true; 548 } 549 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION]) { 550 u8 ver; 551 552 ver = nla_get_u8(tb[BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION]); 553 err = br_multicast_set_igmp_version(&v->br_mcast_ctx, ver); 554 if (err) 555 return err; 556 *changed = true; 557 } 558 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT]) { 559 u32 cnt; 560 561 cnt = nla_get_u32(tb[BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT]); 562 v->br_mcast_ctx.multicast_last_member_count = cnt; 563 *changed = true; 564 } 565 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT]) { 566 u32 cnt; 567 568 cnt = nla_get_u32(tb[BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT]); 569 v->br_mcast_ctx.multicast_startup_query_count = cnt; 570 *changed = true; 571 } 572 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL]) { 573 u64 val; 574 575 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL]); 576 v->br_mcast_ctx.multicast_last_member_interval = clock_t_to_jiffies(val); 577 *changed = true; 578 } 579 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL]) { 580 u64 val; 581 582 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL]); 583 v->br_mcast_ctx.multicast_membership_interval = clock_t_to_jiffies(val); 584 *changed = true; 585 } 586 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL]) { 587 u64 val; 588 589 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL]); 590 v->br_mcast_ctx.multicast_querier_interval = clock_t_to_jiffies(val); 591 *changed = true; 592 } 593 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL]) { 594 u64 val; 595 596 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL]); 597 br_multicast_set_query_intvl(&v->br_mcast_ctx, val); 598 *changed = true; 599 } 600 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL]) { 601 u64 val; 602 603 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL]); 604 v->br_mcast_ctx.multicast_query_response_interval = clock_t_to_jiffies(val); 605 *changed = true; 606 } 607 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL]) { 608 u64 val; 609 610 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL]); 611 br_multicast_set_startup_query_intvl(&v->br_mcast_ctx, val); 612 *changed = true; 613 } 614 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERIER]) { 615 u8 val; 616 617 val = nla_get_u8(tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERIER]); 618 err = br_multicast_set_querier(&v->br_mcast_ctx, val); 619 if (err) 620 return err; 621 *changed = true; 622 } 623 #if IS_ENABLED(CONFIG_IPV6) 624 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION]) { 625 u8 ver; 626 627 ver = nla_get_u8(tb[BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION]); 628 err = br_multicast_set_mld_version(&v->br_mcast_ctx, ver); 629 if (err) 630 return err; 631 *changed = true; 632 } 633 #endif 634 #endif 635 if (tb[BRIDGE_VLANDB_GOPTS_MSTI]) { 636 u16 msti; 637 638 msti = nla_get_u16(tb[BRIDGE_VLANDB_GOPTS_MSTI]); 639 err = br_mst_vlan_set_msti(v, msti); 640 if (err) 641 return err; 642 *changed = true; 643 } 644 645 return 0; 646 } 647 648 static const struct nla_policy br_vlan_db_gpol[BRIDGE_VLANDB_GOPTS_MAX + 1] = { 649 [BRIDGE_VLANDB_GOPTS_ID] = { .type = NLA_U16 }, 650 [BRIDGE_VLANDB_GOPTS_RANGE] = { .type = NLA_U16 }, 651 [BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING] = { .type = NLA_U8 }, 652 [BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION] = { .type = NLA_U8 }, 653 [BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL] = { .type = NLA_U64 }, 654 [BRIDGE_VLANDB_GOPTS_MCAST_QUERIER] = { .type = NLA_U8 }, 655 [BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION] = { .type = NLA_U8 }, 656 [BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT] = { .type = NLA_U32 }, 657 [BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT] = { .type = NLA_U32 }, 658 [BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL] = { .type = NLA_U64 }, 659 [BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL] = { .type = NLA_U64 }, 660 [BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL] = { .type = NLA_U64 }, 661 [BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL] = { .type = NLA_U64 }, 662 [BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL] = { .type = NLA_U64 }, 663 [BRIDGE_VLANDB_GOPTS_MSTI] = NLA_POLICY_MAX(NLA_U16, VLAN_N_VID - 1), 664 }; 665 666 int br_vlan_rtm_process_global_options(struct net_device *dev, 667 const struct nlattr *attr, 668 int cmd, 669 struct netlink_ext_ack *extack) 670 { 671 struct net_bridge_vlan *v, *curr_start = NULL, *curr_end = NULL; 672 struct nlattr *tb[BRIDGE_VLANDB_GOPTS_MAX + 1]; 673 struct net_bridge_vlan_group *vg; 674 u16 vid, vid_range = 0; 675 struct net_bridge *br; 676 int err = 0; 677 678 if (cmd != RTM_NEWVLAN) { 679 NL_SET_ERR_MSG_MOD(extack, "Global vlan options support only set operation"); 680 return -EINVAL; 681 } 682 if (!netif_is_bridge_master(dev)) { 683 NL_SET_ERR_MSG_MOD(extack, "Global vlan options can only be set on bridge device"); 684 return -EINVAL; 685 } 686 br = netdev_priv(dev); 687 vg = br_vlan_group(br); 688 if (WARN_ON(!vg)) 689 return -ENODEV; 690 691 err = nla_parse_nested(tb, BRIDGE_VLANDB_GOPTS_MAX, attr, 692 br_vlan_db_gpol, extack); 693 if (err) 694 return err; 695 696 if (!tb[BRIDGE_VLANDB_GOPTS_ID]) { 697 NL_SET_ERR_MSG_MOD(extack, "Missing vlan entry id"); 698 return -EINVAL; 699 } 700 vid = nla_get_u16(tb[BRIDGE_VLANDB_GOPTS_ID]); 701 if (!br_vlan_valid_id(vid, extack)) 702 return -EINVAL; 703 704 if (tb[BRIDGE_VLANDB_GOPTS_RANGE]) { 705 vid_range = nla_get_u16(tb[BRIDGE_VLANDB_GOPTS_RANGE]); 706 if (!br_vlan_valid_id(vid_range, extack)) 707 return -EINVAL; 708 if (vid >= vid_range) { 709 NL_SET_ERR_MSG_MOD(extack, "End vlan id is less than or equal to start vlan id"); 710 return -EINVAL; 711 } 712 } else { 713 vid_range = vid; 714 } 715 716 for (; vid <= vid_range; vid++) { 717 bool changed = false; 718 719 v = br_vlan_find(vg, vid); 720 if (!v) { 721 NL_SET_ERR_MSG_MOD(extack, "Vlan in range doesn't exist, can't process global options"); 722 err = -ENOENT; 723 break; 724 } 725 726 err = br_vlan_process_global_one_opts(br, vg, v, tb, &changed, 727 extack); 728 if (err) 729 break; 730 731 if (changed) { 732 /* vlan options changed, check for range */ 733 if (!curr_start) { 734 curr_start = v; 735 curr_end = v; 736 continue; 737 } 738 739 if (!br_vlan_global_opts_can_enter_range(v, curr_end)) { 740 br_vlan_global_opts_notify(br, curr_start->vid, 741 curr_end->vid); 742 curr_start = v; 743 } 744 curr_end = v; 745 } else { 746 /* nothing changed and nothing to notify yet */ 747 if (!curr_start) 748 continue; 749 750 br_vlan_global_opts_notify(br, curr_start->vid, 751 curr_end->vid); 752 curr_start = NULL; 753 curr_end = NULL; 754 } 755 } 756 if (curr_start) 757 br_vlan_global_opts_notify(br, curr_start->vid, curr_end->vid); 758 759 return err; 760 } 761