1 // SPDX-License-Identifier: GPL-2.0-only 2 // Copyright (c) 2020, Nikolay Aleksandrov <nikolay@cumulusnetworks.com> 3 #include <linux/kernel.h> 4 #include <linux/netdevice.h> 5 #include <linux/rtnetlink.h> 6 #include <linux/slab.h> 7 #include <net/ip_tunnels.h> 8 9 #include "br_private.h" 10 #include "br_private_tunnel.h" 11 12 static bool __vlan_tun_put(struct sk_buff *skb, const struct net_bridge_vlan *v) 13 { 14 __be32 tid = tunnel_id_to_key32(v->tinfo.tunnel_id); 15 struct nlattr *nest; 16 17 if (!v->tinfo.tunnel_dst) 18 return true; 19 20 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY_TUNNEL_INFO); 21 if (!nest) 22 return false; 23 if (nla_put_u32(skb, BRIDGE_VLANDB_TINFO_ID, be32_to_cpu(tid))) { 24 nla_nest_cancel(skb, nest); 25 return false; 26 } 27 nla_nest_end(skb, nest); 28 29 return true; 30 } 31 32 static bool __vlan_tun_can_enter_range(const struct net_bridge_vlan *v_curr, 33 const struct net_bridge_vlan *range_end) 34 { 35 return (!v_curr->tinfo.tunnel_dst && !range_end->tinfo.tunnel_dst) || 36 vlan_tunid_inrange(v_curr, range_end); 37 } 38 39 /* check if the options' state of v_curr allow it to enter the range */ 40 bool br_vlan_opts_eq_range(const struct net_bridge_vlan *v_curr, 41 const struct net_bridge_vlan *range_end) 42 { 43 u8 range_mc_rtr = br_vlan_multicast_router(range_end); 44 u8 curr_mc_rtr = br_vlan_multicast_router(v_curr); 45 46 if (v_curr->state != range_end->state) 47 return false; 48 49 if (!__vlan_tun_can_enter_range(v_curr, range_end)) 50 return false; 51 52 if (curr_mc_rtr != range_mc_rtr) 53 return false; 54 55 /* Check user-visible priv_flags that affect output */ 56 if ((v_curr->priv_flags ^ range_end->priv_flags) & 57 (BR_VLFLAG_NEIGH_SUPPRESS_ENABLED | BR_VLFLAG_MCAST_ENABLED | 58 BR_VLFLAG_NEIGH_FORWARD_GRAT_ENABLED)) 59 return false; 60 61 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 62 if (!br_vlan_is_master(v_curr) && 63 !br_multicast_port_ctx_vlan_disabled(&v_curr->port_mcast_ctx) && 64 !br_multicast_port_ctx_options_equal(&v_curr->port_mcast_ctx, 65 &range_end->port_mcast_ctx)) 66 return false; 67 #endif 68 69 return true; 70 } 71 72 bool br_vlan_opts_fill(struct sk_buff *skb, const struct net_bridge_vlan *v, 73 const struct net_bridge_port *p) 74 { 75 if (nla_put_u8(skb, BRIDGE_VLANDB_ENTRY_STATE, br_vlan_get_state(v)) || 76 !__vlan_tun_put(skb, v) || 77 nla_put_u8(skb, BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS, 78 !!(v->priv_flags & BR_VLFLAG_NEIGH_SUPPRESS_ENABLED)) || 79 nla_put_u8(skb, BRIDGE_VLANDB_ENTRY_NEIGH_FORWARD_GRAT, 80 !!(v->priv_flags & BR_VLFLAG_NEIGH_FORWARD_GRAT_ENABLED))) 81 return false; 82 83 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 84 if (nla_put_u8(skb, BRIDGE_VLANDB_ENTRY_MCAST_ROUTER, 85 br_vlan_multicast_router(v))) 86 return false; 87 if (p && !br_multicast_port_ctx_vlan_disabled(&v->port_mcast_ctx) && 88 (nla_put_u32(skb, BRIDGE_VLANDB_ENTRY_MCAST_N_GROUPS, 89 br_multicast_ngroups_get(&v->port_mcast_ctx)) || 90 nla_put_u32(skb, BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS, 91 br_multicast_ngroups_get_max(&v->port_mcast_ctx)))) 92 return false; 93 #endif 94 95 return true; 96 } 97 98 size_t br_vlan_opts_nl_size(void) 99 { 100 return nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_ENTRY_STATE */ 101 + nla_total_size(0) /* BRIDGE_VLANDB_ENTRY_TUNNEL_INFO */ 102 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_TINFO_ID */ 103 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 104 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_ENTRY_MCAST_ROUTER */ 105 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_ENTRY_MCAST_N_GROUPS */ 106 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS */ 107 #endif 108 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS */ 109 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_ENTRY_NEIGH_FORWARD_GRAT */ 110 + 0; 111 } 112 113 static int br_vlan_modify_state(struct net_bridge_vlan_group *vg, 114 struct net_bridge_vlan *v, 115 u8 state, 116 bool *changed, 117 struct netlink_ext_ack *extack) 118 { 119 struct net_bridge *br; 120 121 ASSERT_RTNL(); 122 123 if (state > BR_STATE_BLOCKING) { 124 NL_SET_ERR_MSG_MOD(extack, "Invalid vlan state"); 125 return -EINVAL; 126 } 127 128 if (br_vlan_is_brentry(v)) 129 br = v->br; 130 else 131 br = v->port->br; 132 133 if (br->stp_enabled == BR_KERNEL_STP) { 134 NL_SET_ERR_MSG_MOD(extack, "Can't modify vlan state when using kernel STP"); 135 return -EBUSY; 136 } 137 138 if (br_opt_get(br, BROPT_MST_ENABLED)) { 139 NL_SET_ERR_MSG_MOD(extack, "Can't modify vlan state directly when MST is enabled"); 140 return -EBUSY; 141 } 142 143 if (v->state == state) 144 return 0; 145 146 if (v->vid == br_get_pvid(vg)) 147 br_vlan_set_pvid_state(vg, state); 148 149 br_vlan_set_state(v, state); 150 *changed = true; 151 152 return 0; 153 } 154 155 static const struct nla_policy br_vlandb_tinfo_pol[BRIDGE_VLANDB_TINFO_MAX + 1] = { 156 [BRIDGE_VLANDB_TINFO_ID] = { .type = NLA_U32 }, 157 [BRIDGE_VLANDB_TINFO_CMD] = { .type = NLA_U32 }, 158 }; 159 160 static int br_vlan_modify_tunnel(const struct net_bridge_port *p, 161 struct net_bridge_vlan *v, 162 struct nlattr **tb, 163 bool *changed, 164 struct netlink_ext_ack *extack) 165 { 166 struct nlattr *tun_tb[BRIDGE_VLANDB_TINFO_MAX + 1], *attr; 167 struct bridge_vlan_info *vinfo; 168 u32 tun_id = 0; 169 int cmd, err; 170 171 if (!p) { 172 NL_SET_ERR_MSG_MOD(extack, "Can't modify tunnel mapping of non-port vlans"); 173 return -EINVAL; 174 } 175 if (!(p->flags & BR_VLAN_TUNNEL)) { 176 NL_SET_ERR_MSG_MOD(extack, "Port doesn't have tunnel flag set"); 177 return -EINVAL; 178 } 179 180 attr = tb[BRIDGE_VLANDB_ENTRY_TUNNEL_INFO]; 181 err = nla_parse_nested(tun_tb, BRIDGE_VLANDB_TINFO_MAX, attr, 182 br_vlandb_tinfo_pol, extack); 183 if (err) 184 return err; 185 186 if (!tun_tb[BRIDGE_VLANDB_TINFO_CMD]) { 187 NL_SET_ERR_MSG_MOD(extack, "Missing tunnel command attribute"); 188 return -ENOENT; 189 } 190 cmd = nla_get_u32(tun_tb[BRIDGE_VLANDB_TINFO_CMD]); 191 switch (cmd) { 192 case RTM_SETLINK: 193 if (!tun_tb[BRIDGE_VLANDB_TINFO_ID]) { 194 NL_SET_ERR_MSG_MOD(extack, "Missing tunnel id attribute"); 195 return -ENOENT; 196 } 197 /* when working on vlan ranges this is the starting tunnel id */ 198 tun_id = nla_get_u32(tun_tb[BRIDGE_VLANDB_TINFO_ID]); 199 /* vlan info attr is guaranteed by br_vlan_rtm_process_one */ 200 vinfo = nla_data(tb[BRIDGE_VLANDB_ENTRY_INFO]); 201 /* tunnel ids are mapped to each vlan in increasing order, 202 * the starting vlan is in BRIDGE_VLANDB_ENTRY_INFO and v is the 203 * current vlan, so we compute: tun_id + v - vinfo->vid 204 */ 205 tun_id += v->vid - vinfo->vid; 206 break; 207 case RTM_DELLINK: 208 break; 209 default: 210 NL_SET_ERR_MSG_MOD(extack, "Unsupported tunnel command"); 211 return -EINVAL; 212 } 213 214 return br_vlan_tunnel_info(p, cmd, v->vid, tun_id, changed); 215 } 216 217 static int br_vlan_process_one_opts(const struct net_bridge *br, 218 const struct net_bridge_port *p, 219 struct net_bridge_vlan_group *vg, 220 struct net_bridge_vlan *v, 221 struct nlattr **tb, 222 bool *changed, 223 struct netlink_ext_ack *extack) 224 { 225 int err; 226 227 *changed = false; 228 if (tb[BRIDGE_VLANDB_ENTRY_STATE]) { 229 u8 state = nla_get_u8(tb[BRIDGE_VLANDB_ENTRY_STATE]); 230 231 err = br_vlan_modify_state(vg, v, state, changed, extack); 232 if (err) 233 return err; 234 } 235 if (tb[BRIDGE_VLANDB_ENTRY_TUNNEL_INFO]) { 236 err = br_vlan_modify_tunnel(p, v, tb, changed, extack); 237 if (err) 238 return err; 239 } 240 241 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 242 if (tb[BRIDGE_VLANDB_ENTRY_MCAST_ROUTER]) { 243 u8 val; 244 245 val = nla_get_u8(tb[BRIDGE_VLANDB_ENTRY_MCAST_ROUTER]); 246 err = br_multicast_set_vlan_router(v, val); 247 if (err) 248 return err; 249 *changed = true; 250 } 251 if (tb[BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS]) { 252 u32 val; 253 254 if (!p) { 255 NL_SET_ERR_MSG_MOD(extack, "Can't set mcast_max_groups for non-port vlans"); 256 return -EINVAL; 257 } 258 if (br_multicast_port_ctx_vlan_disabled(&v->port_mcast_ctx)) { 259 NL_SET_ERR_MSG_MOD(extack, "Multicast snooping disabled on this VLAN"); 260 return -EINVAL; 261 } 262 263 val = nla_get_u32(tb[BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS]); 264 br_multicast_ngroups_set_max(&v->port_mcast_ctx, val); 265 *changed = true; 266 } 267 #endif 268 269 if (tb[BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS]) { 270 bool enabled = v->priv_flags & BR_VLFLAG_NEIGH_SUPPRESS_ENABLED; 271 bool val = nla_get_u8(tb[BRIDGE_VLANDB_ENTRY_NEIGH_SUPPRESS]); 272 273 if (!p) { 274 NL_SET_ERR_MSG_MOD(extack, "Can't set neigh_suppress for non-port vlans"); 275 return -EINVAL; 276 } 277 278 if (val != enabled) { 279 v->priv_flags ^= BR_VLFLAG_NEIGH_SUPPRESS_ENABLED; 280 *changed = true; 281 } 282 } 283 284 if (tb[BRIDGE_VLANDB_ENTRY_NEIGH_FORWARD_GRAT]) { 285 bool enabled = v->priv_flags & BR_VLFLAG_NEIGH_FORWARD_GRAT_ENABLED; 286 bool val = nla_get_u8(tb[BRIDGE_VLANDB_ENTRY_NEIGH_FORWARD_GRAT]); 287 288 if (!p) { 289 NL_SET_ERR_MSG_MOD(extack, 290 "Can't set neigh_forward_grat for non-port vlans"); 291 return -EINVAL; 292 } 293 294 if (val != enabled) { 295 v->priv_flags ^= BR_VLFLAG_NEIGH_FORWARD_GRAT_ENABLED; 296 *changed = true; 297 } 298 } 299 300 return 0; 301 } 302 303 int br_vlan_process_options(const struct net_bridge *br, 304 const struct net_bridge_port *p, 305 struct net_bridge_vlan *range_start, 306 struct net_bridge_vlan *range_end, 307 struct nlattr **tb, 308 struct netlink_ext_ack *extack) 309 { 310 struct net_bridge_vlan *v, *curr_start = NULL, *curr_end = NULL; 311 struct net_bridge_vlan_group *vg; 312 int vid, err = 0; 313 u16 pvid; 314 315 if (p) 316 vg = nbp_vlan_group(p); 317 else 318 vg = br_vlan_group(br); 319 320 if (!range_start || !br_vlan_should_use(range_start)) { 321 NL_SET_ERR_MSG_MOD(extack, "Vlan range start doesn't exist, can't process options"); 322 return -ENOENT; 323 } 324 if (!range_end || !br_vlan_should_use(range_end)) { 325 NL_SET_ERR_MSG_MOD(extack, "Vlan range end doesn't exist, can't process options"); 326 return -ENOENT; 327 } 328 329 pvid = br_get_pvid(vg); 330 for (vid = range_start->vid; vid <= range_end->vid; vid++) { 331 bool changed = false; 332 333 v = br_vlan_find(vg, vid); 334 if (!v || !br_vlan_should_use(v)) { 335 NL_SET_ERR_MSG_MOD(extack, "Vlan in range doesn't exist, can't process options"); 336 err = -ENOENT; 337 break; 338 } 339 340 err = br_vlan_process_one_opts(br, p, vg, v, tb, &changed, 341 extack); 342 if (err) 343 break; 344 345 if (changed) { 346 /* vlan options changed, check for range */ 347 if (!curr_start) { 348 curr_start = v; 349 curr_end = v; 350 continue; 351 } 352 353 if (v->vid == pvid || 354 !br_vlan_can_enter_range(v, curr_end)) { 355 br_vlan_notify(br, p, curr_start->vid, 356 curr_end->vid, RTM_NEWVLAN); 357 curr_start = v; 358 } 359 curr_end = v; 360 } else { 361 /* nothing changed and nothing to notify yet */ 362 if (!curr_start) 363 continue; 364 365 br_vlan_notify(br, p, curr_start->vid, curr_end->vid, 366 RTM_NEWVLAN); 367 curr_start = NULL; 368 curr_end = NULL; 369 } 370 } 371 if (curr_start) 372 br_vlan_notify(br, p, curr_start->vid, curr_end->vid, 373 RTM_NEWVLAN); 374 375 return err; 376 } 377 378 bool br_vlan_global_opts_can_enter_range(const struct net_bridge_vlan *v_curr, 379 const struct net_bridge_vlan *r_end) 380 { 381 return v_curr->vid - r_end->vid == 1 && 382 v_curr->msti == r_end->msti && 383 ((v_curr->priv_flags ^ r_end->priv_flags) & 384 BR_VLFLAG_GLOBAL_MCAST_ENABLED) == 0 && 385 br_multicast_ctx_options_equal(&v_curr->br_mcast_ctx, 386 &r_end->br_mcast_ctx); 387 } 388 389 bool br_vlan_global_opts_fill(struct sk_buff *skb, u16 vid, u16 vid_range, 390 const struct net_bridge_vlan *v_opts) 391 { 392 struct nlattr *nest2 __maybe_unused; 393 u64 clockval __maybe_unused; 394 struct nlattr *nest; 395 396 nest = nla_nest_start(skb, BRIDGE_VLANDB_GLOBAL_OPTIONS); 397 if (!nest) 398 return false; 399 400 if (nla_put_u16(skb, BRIDGE_VLANDB_GOPTS_ID, vid)) 401 goto out_err; 402 403 if (vid_range && vid < vid_range && 404 nla_put_u16(skb, BRIDGE_VLANDB_GOPTS_RANGE, vid_range)) 405 goto out_err; 406 407 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 408 if (nla_put_u8(skb, BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING, 409 !!(v_opts->priv_flags & BR_VLFLAG_GLOBAL_MCAST_ENABLED)) || 410 nla_put_u8(skb, BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION, 411 v_opts->br_mcast_ctx.multicast_igmp_version) || 412 nla_put_u32(skb, BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT, 413 v_opts->br_mcast_ctx.multicast_last_member_count) || 414 nla_put_u32(skb, BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT, 415 v_opts->br_mcast_ctx.multicast_startup_query_count) || 416 nla_put_u8(skb, BRIDGE_VLANDB_GOPTS_MCAST_QUERIER, 417 v_opts->br_mcast_ctx.multicast_querier) || 418 br_multicast_dump_querier_state(skb, &v_opts->br_mcast_ctx, 419 BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_STATE)) 420 goto out_err; 421 422 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_last_member_interval); 423 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL, 424 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 425 goto out_err; 426 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_membership_interval); 427 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL, 428 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 429 goto out_err; 430 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_querier_interval); 431 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL, 432 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 433 goto out_err; 434 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_query_interval); 435 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL, 436 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 437 goto out_err; 438 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_query_response_interval); 439 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL, 440 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 441 goto out_err; 442 clockval = jiffies_to_clock_t(v_opts->br_mcast_ctx.multicast_startup_query_interval); 443 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL, 444 clockval, BRIDGE_VLANDB_GOPTS_PAD)) 445 goto out_err; 446 447 if (br_rports_have_mc_router(&v_opts->br_mcast_ctx)) { 448 nest2 = nla_nest_start(skb, 449 BRIDGE_VLANDB_GOPTS_MCAST_ROUTER_PORTS); 450 if (!nest2) 451 goto out_err; 452 453 rcu_read_lock(); 454 if (br_rports_fill_info(skb, &v_opts->br_mcast_ctx)) { 455 rcu_read_unlock(); 456 nla_nest_cancel(skb, nest2); 457 goto out_err; 458 } 459 rcu_read_unlock(); 460 461 nla_nest_end(skb, nest2); 462 } 463 464 #if IS_ENABLED(CONFIG_IPV6) 465 if (nla_put_u8(skb, BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION, 466 v_opts->br_mcast_ctx.multicast_mld_version)) 467 goto out_err; 468 #endif 469 #endif 470 471 if (nla_put_u16(skb, BRIDGE_VLANDB_GOPTS_MSTI, v_opts->msti)) 472 goto out_err; 473 474 nla_nest_end(skb, nest); 475 476 return true; 477 478 out_err: 479 nla_nest_cancel(skb, nest); 480 return false; 481 } 482 483 static size_t rtnl_vlan_global_opts_nlmsg_size(const struct net_bridge_vlan *v) 484 { 485 return NLMSG_ALIGN(sizeof(struct br_vlan_msg)) 486 + nla_total_size(0) /* BRIDGE_VLANDB_GLOBAL_OPTIONS */ 487 + nla_total_size(sizeof(u16)) /* BRIDGE_VLANDB_GOPTS_ID */ 488 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 489 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING */ 490 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION */ 491 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION */ 492 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT */ 493 + nla_total_size(sizeof(u32)) /* BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT */ 494 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL */ 495 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL */ 496 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL */ 497 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL */ 498 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL */ 499 + nla_total_size(sizeof(u64)) /* BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL */ 500 + nla_total_size(sizeof(u8)) /* BRIDGE_VLANDB_GOPTS_MCAST_QUERIER */ 501 + br_multicast_querier_state_size() /* BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_STATE */ 502 + nla_total_size(0) /* BRIDGE_VLANDB_GOPTS_MCAST_ROUTER_PORTS */ 503 + br_rports_size(&v->br_mcast_ctx) /* BRIDGE_VLANDB_GOPTS_MCAST_ROUTER_PORTS */ 504 #endif 505 + nla_total_size(sizeof(u16)) /* BRIDGE_VLANDB_GOPTS_MSTI */ 506 + nla_total_size(sizeof(u16)); /* BRIDGE_VLANDB_GOPTS_RANGE */ 507 } 508 509 static void br_vlan_global_opts_notify(const struct net_bridge *br, 510 u16 vid, u16 vid_range) 511 { 512 struct net_bridge_vlan *v; 513 struct br_vlan_msg *bvm; 514 struct nlmsghdr *nlh; 515 struct sk_buff *skb; 516 int err = -ENOBUFS; 517 518 /* right now notifications are done only with rtnl held */ 519 ASSERT_RTNL(); 520 521 /* need to find the vlan due to flags/options */ 522 v = br_vlan_find(br_vlan_group(br), vid); 523 if (!v) 524 return; 525 526 skb = nlmsg_new(rtnl_vlan_global_opts_nlmsg_size(v), GFP_KERNEL); 527 if (!skb) 528 goto out_err; 529 530 err = -EMSGSIZE; 531 nlh = nlmsg_put(skb, 0, 0, RTM_NEWVLAN, sizeof(*bvm), 0); 532 if (!nlh) 533 goto out_err; 534 bvm = nlmsg_data(nlh); 535 memset(bvm, 0, sizeof(*bvm)); 536 bvm->family = AF_BRIDGE; 537 bvm->ifindex = br->dev->ifindex; 538 539 if (!br_vlan_global_opts_fill(skb, vid, vid_range, v)) 540 goto out_err; 541 542 nlmsg_end(skb, nlh); 543 rtnl_notify(skb, dev_net(br->dev), 0, RTNLGRP_BRVLAN, NULL, GFP_KERNEL); 544 return; 545 546 out_err: 547 rtnl_set_sk_err(dev_net(br->dev), RTNLGRP_BRVLAN, err); 548 kfree_skb(skb); 549 } 550 551 static int br_vlan_process_global_one_opts(const struct net_bridge *br, 552 struct net_bridge_vlan_group *vg, 553 struct net_bridge_vlan *v, 554 struct nlattr **tb, 555 bool *changed, 556 struct netlink_ext_ack *extack) 557 { 558 int err __maybe_unused; 559 560 *changed = false; 561 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING 562 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING]) { 563 u8 mc_snooping; 564 565 mc_snooping = nla_get_u8(tb[BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING]); 566 if (br_multicast_toggle_global_vlan(v, !!mc_snooping)) 567 *changed = true; 568 } 569 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION]) { 570 u8 ver; 571 572 ver = nla_get_u8(tb[BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION]); 573 err = br_multicast_set_igmp_version(&v->br_mcast_ctx, ver); 574 if (err) 575 return err; 576 *changed = true; 577 } 578 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT]) { 579 u32 cnt; 580 581 cnt = nla_get_u32(tb[BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT]); 582 v->br_mcast_ctx.multicast_last_member_count = cnt; 583 *changed = true; 584 } 585 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT]) { 586 u32 cnt; 587 588 cnt = nla_get_u32(tb[BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT]); 589 v->br_mcast_ctx.multicast_startup_query_count = cnt; 590 *changed = true; 591 } 592 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL]) { 593 u64 val; 594 595 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL]); 596 v->br_mcast_ctx.multicast_last_member_interval = clock_t_to_jiffies(val); 597 *changed = true; 598 } 599 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL]) { 600 u64 val; 601 602 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL]); 603 v->br_mcast_ctx.multicast_membership_interval = clock_t_to_jiffies(val); 604 *changed = true; 605 } 606 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL]) { 607 u64 val; 608 609 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL]); 610 v->br_mcast_ctx.multicast_querier_interval = clock_t_to_jiffies(val); 611 *changed = true; 612 } 613 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL]) { 614 u64 val; 615 616 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL]); 617 br_multicast_set_query_intvl(&v->br_mcast_ctx, val); 618 *changed = true; 619 } 620 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL]) { 621 u64 val; 622 623 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL]); 624 v->br_mcast_ctx.multicast_query_response_interval = clock_t_to_jiffies(val); 625 *changed = true; 626 } 627 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL]) { 628 u64 val; 629 630 val = nla_get_u64(tb[BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL]); 631 br_multicast_set_startup_query_intvl(&v->br_mcast_ctx, val); 632 *changed = true; 633 } 634 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERIER]) { 635 u8 val; 636 637 val = nla_get_u8(tb[BRIDGE_VLANDB_GOPTS_MCAST_QUERIER]); 638 err = br_multicast_set_querier(&v->br_mcast_ctx, val); 639 if (err) 640 return err; 641 *changed = true; 642 } 643 #if IS_ENABLED(CONFIG_IPV6) 644 if (tb[BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION]) { 645 u8 ver; 646 647 ver = nla_get_u8(tb[BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION]); 648 err = br_multicast_set_mld_version(&v->br_mcast_ctx, ver); 649 if (err) 650 return err; 651 *changed = true; 652 } 653 #endif 654 #endif 655 if (tb[BRIDGE_VLANDB_GOPTS_MSTI]) { 656 u16 msti; 657 658 msti = nla_get_u16(tb[BRIDGE_VLANDB_GOPTS_MSTI]); 659 err = br_mst_vlan_set_msti(v, msti); 660 if (err) 661 return err; 662 *changed = true; 663 } 664 665 return 0; 666 } 667 668 static const struct nla_policy br_vlan_db_gpol[BRIDGE_VLANDB_GOPTS_MAX + 1] = { 669 [BRIDGE_VLANDB_GOPTS_ID] = { .type = NLA_U16 }, 670 [BRIDGE_VLANDB_GOPTS_RANGE] = { .type = NLA_U16 }, 671 [BRIDGE_VLANDB_GOPTS_MCAST_SNOOPING] = { .type = NLA_U8 }, 672 [BRIDGE_VLANDB_GOPTS_MCAST_MLD_VERSION] = { .type = NLA_U8 }, 673 [BRIDGE_VLANDB_GOPTS_MCAST_QUERY_INTVL] = { .type = NLA_U64 }, 674 [BRIDGE_VLANDB_GOPTS_MCAST_QUERIER] = { .type = NLA_U8 }, 675 [BRIDGE_VLANDB_GOPTS_MCAST_IGMP_VERSION] = { .type = NLA_U8 }, 676 [BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_CNT] = { .type = NLA_U32 }, 677 [BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_CNT] = { .type = NLA_U32 }, 678 [BRIDGE_VLANDB_GOPTS_MCAST_LAST_MEMBER_INTVL] = { .type = NLA_U64 }, 679 [BRIDGE_VLANDB_GOPTS_MCAST_MEMBERSHIP_INTVL] = { .type = NLA_U64 }, 680 [BRIDGE_VLANDB_GOPTS_MCAST_QUERIER_INTVL] = { .type = NLA_U64 }, 681 [BRIDGE_VLANDB_GOPTS_MCAST_STARTUP_QUERY_INTVL] = { .type = NLA_U64 }, 682 [BRIDGE_VLANDB_GOPTS_MCAST_QUERY_RESPONSE_INTVL] = { .type = NLA_U64 }, 683 [BRIDGE_VLANDB_GOPTS_MSTI] = NLA_POLICY_MAX(NLA_U16, VLAN_N_VID - 1), 684 }; 685 686 int br_vlan_rtm_process_global_options(struct net_device *dev, 687 const struct nlattr *attr, 688 int cmd, 689 struct netlink_ext_ack *extack) 690 { 691 struct net_bridge_vlan *v, *curr_start = NULL, *curr_end = NULL; 692 struct nlattr *tb[BRIDGE_VLANDB_GOPTS_MAX + 1]; 693 struct net_bridge_vlan_group *vg; 694 u16 vid, vid_range = 0; 695 struct net_bridge *br; 696 int err = 0; 697 698 if (cmd != RTM_NEWVLAN) { 699 NL_SET_ERR_MSG_MOD(extack, "Global vlan options support only set operation"); 700 return -EINVAL; 701 } 702 if (!netif_is_bridge_master(dev)) { 703 NL_SET_ERR_MSG_MOD(extack, "Global vlan options can only be set on bridge device"); 704 return -EINVAL; 705 } 706 br = netdev_priv(dev); 707 vg = br_vlan_group(br); 708 if (WARN_ON(!vg)) 709 return -ENODEV; 710 711 err = nla_parse_nested(tb, BRIDGE_VLANDB_GOPTS_MAX, attr, 712 br_vlan_db_gpol, extack); 713 if (err) 714 return err; 715 716 if (!tb[BRIDGE_VLANDB_GOPTS_ID]) { 717 NL_SET_ERR_MSG_MOD(extack, "Missing vlan entry id"); 718 return -EINVAL; 719 } 720 vid = nla_get_u16(tb[BRIDGE_VLANDB_GOPTS_ID]); 721 if (!br_vlan_valid_id(vid, extack)) 722 return -EINVAL; 723 724 if (tb[BRIDGE_VLANDB_GOPTS_RANGE]) { 725 vid_range = nla_get_u16(tb[BRIDGE_VLANDB_GOPTS_RANGE]); 726 if (!br_vlan_valid_id(vid_range, extack)) 727 return -EINVAL; 728 if (vid >= vid_range) { 729 NL_SET_ERR_MSG_MOD(extack, "End vlan id is less than or equal to start vlan id"); 730 return -EINVAL; 731 } 732 } else { 733 vid_range = vid; 734 } 735 736 for (; vid <= vid_range; vid++) { 737 bool changed = false; 738 739 v = br_vlan_find(vg, vid); 740 if (!v) { 741 NL_SET_ERR_MSG_MOD(extack, "Vlan in range doesn't exist, can't process global options"); 742 err = -ENOENT; 743 break; 744 } 745 746 err = br_vlan_process_global_one_opts(br, vg, v, tb, &changed, 747 extack); 748 if (err) 749 break; 750 751 if (changed) { 752 /* vlan options changed, check for range */ 753 if (!curr_start) { 754 curr_start = v; 755 curr_end = v; 756 continue; 757 } 758 759 if (!br_vlan_global_opts_can_enter_range(v, curr_end)) { 760 br_vlan_global_opts_notify(br, curr_start->vid, 761 curr_end->vid); 762 curr_start = v; 763 } 764 curr_end = v; 765 } else { 766 /* nothing changed and nothing to notify yet */ 767 if (!curr_start) 768 continue; 769 770 br_vlan_global_opts_notify(br, curr_start->vid, 771 curr_end->vid); 772 curr_start = NULL; 773 curr_end = NULL; 774 } 775 } 776 if (curr_start) 777 br_vlan_global_opts_notify(br, curr_start->vid, curr_end->vid); 778 779 return err; 780 } 781