projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
net: bridge: propagate extack through switchdev_port_attr_set
[linux-block.git] / net / bridge / br_vlan.c
CommitLineData
457c8996 1// SPDX-License-Identifier: GPL-2.0-only
243a2e63
VY		 2#include <linux/kernel.h>
3#include <linux/netdevice.h>
4#include <linux/rtnetlink.h>
5#include <linux/slab.h>
7f109539 6#include <net/switchdev.h>
243a2e63
VY		 7
8#include "br_private.h"
efa5356b 9#include "br_private_tunnel.h"
243a2e63 10
80900acd
MM		 11static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid);
12
2594e906
NA		 13static inline int br_vlan_cmp(struct rhashtable_compare_arg *arg,
14 const void *ptr)
552406c4 15{
2594e906
NA		 16 const struct net_bridge_vlan *vle = ptr;
17 u16 vid = *(u16 *)arg->key;
18
19 return vle->vid != vid;
20}
21
22static const struct rhashtable_params br_vlan_rht_params = {
23 .head_offset = offsetof(struct net_bridge_vlan, vnode),
24 .key_offset = offsetof(struct net_bridge_vlan, vid),
25 .key_len = sizeof(u16),
8af78b64 26 .nelem_hint = 3,
2594e906
NA		 27 .max_size = VLAN_N_VID,
28 .obj_cmpfn = br_vlan_cmp,
29 .automatic_shrinking = true,
30};
31
32static struct net_bridge_vlan *br_vlan_lookup(struct rhashtable *tbl, u16 vid)
33{
34 return rhashtable_lookup_fast(tbl, &vid, br_vlan_rht_params);
35}
36
a580c76d
NA		 37static bool __vlan_add_pvid(struct net_bridge_vlan_group *vg,
38 const struct net_bridge_vlan *v)
2594e906 39{
a580c76d 40 if (vg->pvid == v->vid)
f418af63 41 return false;
552406c4
VY		 42
43 smp_wmb();
a580c76d
NA		 44 br_vlan_set_pvid_state(vg, v->state);
45 vg->pvid = v->vid;
f418af63
NA		 46
47 return true;
552406c4
VY		 48}
49
f418af63 50static bool __vlan_delete_pvid(struct net_bridge_vlan_group *vg, u16 vid)
552406c4 51{
77751ee8 52 if (vg->pvid != vid)
f418af63 53 return false;
552406c4
VY		 54
55 smp_wmb();
77751ee8 56 vg->pvid = 0;
f418af63
NA		 57
58 return true;
552406c4
VY		 59}
60
f418af63
NA		 61/* return true if anything changed, false otherwise */
62static bool __vlan_add_flags(struct net_bridge_vlan *v, u16 flags)
35e03f3a 63{
77751ee8 64 struct net_bridge_vlan_group *vg;
f418af63
NA		 65 u16 old_flags = v->flags;
66 bool ret;
77751ee8
NA		 67
68 if (br_vlan_is_master(v))
907b1e6e 69 vg = br_vlan_group(v->br);
77751ee8 70 else
907b1e6e 71 vg = nbp_vlan_group(v->port);
77751ee8
NA		 72
73 if (flags & BRIDGE_VLAN_INFO_PVID)
a580c76d 74 ret = __vlan_add_pvid(vg, v);
77751ee8 75 else
f418af63 76 ret = __vlan_delete_pvid(vg, v->vid);
35e03f3a
VY		 77
78 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
2594e906 79 v->flags |= BRIDGE_VLAN_INFO_UNTAGGED;
635126b7 80 else
2594e906 81 v->flags &= ~BRIDGE_VLAN_INFO_UNTAGGED;
f418af63
NA		 82
83 return ret || !!(old_flags ^ v->flags);
35e03f3a
VY		 84}
85
7f109539 86static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br,
27973793
IS		 87 struct net_bridge_vlan *v, u16 flags,
88 struct netlink_ext_ack *extack)
7f109539 89{
7f109539
SF		 90 int err;
91
0944d6b5
JP		 92 /* Try switchdev op first. In case it is not supported, fallback to
93 * 8021q add.
7f109539 94 */
27973793 95 err = br_switchdev_port_vlan_add(dev, v->vid, flags, extack);
0944d6b5 96 if (err == -EOPNOTSUPP)
27973793
IS		 97 return vlan_vid_add(dev, br->vlan_proto, v->vid);
98 v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV;
7f109539
SF		 99 return err;
100}
101
2594e906 102static void __vlan_add_list(struct net_bridge_vlan *v)
243a2e63 103{
907b1e6e 104 struct net_bridge_vlan_group *vg;
2594e906
NA		 105 struct list_head *headp, *hpos;
106 struct net_bridge_vlan *vent;
bc9a25d2 107
907b1e6e
NA		 108 if (br_vlan_is_master(v))
109 vg = br_vlan_group(v->br);
110 else
111 vg = nbp_vlan_group(v->port);
112
113 headp = &vg->vlan_list;
2594e906
NA		 114 list_for_each_prev(hpos, headp) {
115 vent = list_entry(hpos, struct net_bridge_vlan, vlist);
116 if (v->vid < vent->vid)
117 continue;
118 else
119 break;
243a2e63 120 }
586c2b57 121 list_add_rcu(&v->vlist, hpos);
2594e906 122}
243a2e63 123
2594e906
NA		 124static void __vlan_del_list(struct net_bridge_vlan *v)
125{
586c2b57 126 list_del_rcu(&v->vlist);
243a2e63
VY		 127}
128
bf361ad3 129static int __vlan_vid_del(struct net_device *dev, struct net_bridge *br,
27973793 130 const struct net_bridge_vlan *v)
7f109539 131{
0944d6b5 132 int err;
7f109539 133
0944d6b5
JP		 134 /* Try switchdev op first. In case it is not supported, fallback to
135 * 8021q del.
7f109539 136 */
27973793
IS		 137 err = br_switchdev_port_vlan_del(dev, v->vid);
138 if (!(v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV))
139 vlan_vid_del(dev, br->vlan_proto, v->vid);
140 return err == -EOPNOTSUPP ? 0 : err;
7f109539
SF		 141}
142
4bbd026c 143/* Returns a master vlan, if it didn't exist it gets created. In all cases
f8ed289f
NA		 144 * a reference is taken to the master vlan before returning.
145 */
169327d5
PM		 146static struct net_bridge_vlan *
147br_vlan_get_master(struct net_bridge *br, u16 vid,
148 struct netlink_ext_ack *extack)
f8ed289f 149{
907b1e6e 150 struct net_bridge_vlan_group *vg;
f8ed289f
NA		 151 struct net_bridge_vlan *masterv;
152
907b1e6e
NA		 153 vg = br_vlan_group(br);
154 masterv = br_vlan_find(vg, vid);
f8ed289f 155 if (!masterv) {
f418af63
NA		 156 bool changed;
157
f8ed289f 158 /* missing global ctx, create it now */
169327d5 159 if (br_vlan_add(br, vid, 0, &changed, extack))
f8ed289f 160 return NULL;
907b1e6e 161 masterv = br_vlan_find(vg, vid);
f8ed289f
NA		 162 if (WARN_ON(!masterv))
163 return NULL;
0e5a82ef
IS		 164 refcount_set(&masterv->refcnt, 1);
165 return masterv;
f8ed289f 166 }
25127759 167 refcount_inc(&masterv->refcnt);
f8ed289f
NA		 168
169 return masterv;
170}
171
6dada9b1
NA		 172static void br_master_vlan_rcu_free(struct rcu_head *rcu)
173{
174 struct net_bridge_vlan *v;
175
176 v = container_of(rcu, struct net_bridge_vlan, rcu);
177 WARN_ON(!br_vlan_is_master(v));
178 free_percpu(v->stats);
179 v->stats = NULL;
180 kfree(v);
181}
182
f8ed289f
NA		 183static void br_vlan_put_master(struct net_bridge_vlan *masterv)
184{
907b1e6e
NA		 185 struct net_bridge_vlan_group *vg;
186
f8ed289f
NA		 187 if (!br_vlan_is_master(masterv))
188 return;
189
907b1e6e 190 vg = br_vlan_group(masterv->br);
25127759 191 if (refcount_dec_and_test(&masterv->refcnt)) {
907b1e6e 192 rhashtable_remove_fast(&vg->vlan_hash,
f8ed289f
NA		 193 &masterv->vnode, br_vlan_rht_params);
194 __vlan_del_list(masterv);
6dada9b1 195 call_rcu(&masterv->rcu, br_master_vlan_rcu_free);
f8ed289f
NA		 196 }
197}
198
9163a0fc
NA		 199static void nbp_vlan_rcu_free(struct rcu_head *rcu)
200{
201 struct net_bridge_vlan *v;
202
203 v = container_of(rcu, struct net_bridge_vlan, rcu);
204 WARN_ON(br_vlan_is_master(v));
205 /* if we had per-port stats configured then free them here */
9d332e69 206 if (v->priv_flags & BR_VLFLAG_PER_PORT_STATS)
9163a0fc
NA		 207 free_percpu(v->stats);
208 v->stats = NULL;
209 kfree(v);
210}
211
2594e906
NA		 212/* This is the shared VLAN add function which works for both ports and bridge
213 * devices. There are four possible calls to this function in terms of the
214 * vlan entry type:
215 * 1. vlan is being added on a port (no master flags, global entry exists)
ddd611d3 216 * 2. vlan is being added on a bridge (both master and brentry flags)
2594e906 217 * 3. vlan is being added on a port, but a global entry didn't exist which
ddd611d3 218 * is being created right now (master flag set, brentry flag unset), the
2594e906 219 * global entry is used for global per-vlan features, but not for filtering
ddd611d3 220 * 4. same as 3 but with both master and brentry flags set so the entry
2594e906
NA		 221 * will be used for filtering in both the port and the bridge
222 */
169327d5
PM		 223static int __vlan_add(struct net_bridge_vlan *v, u16 flags,
224 struct netlink_ext_ack *extack)
243a2e63 225{
2594e906
NA		 226 struct net_bridge_vlan *masterv = NULL;
227 struct net_bridge_port *p = NULL;
6be144f6 228 struct net_bridge_vlan_group *vg;
2594e906
NA		 229 struct net_device *dev;
230 struct net_bridge *br;
231 int err;
232
233 if (br_vlan_is_master(v)) {
234 br = v->br;
235 dev = br->dev;
907b1e6e 236 vg = br_vlan_group(br);
2594e906
NA		 237 } else {
238 p = v->port;
239 br = p->br;
240 dev = p->dev;
907b1e6e 241 vg = nbp_vlan_group(p);
2594e906
NA		 242 }
243
244 if (p) {
2594e906
NA		 245 /* Add VLAN to the device filter if it is supported.
246 * This ensures tagged traffic enters the bridge when
247 * promiscuous mode is disabled by br_manage_promisc().
248 */
27973793 249 err = __vlan_vid_add(dev, br, v, flags, extack);
2594e906
NA		 250 if (err)
251 goto out;
252
253 /* need to work on the master vlan too */
254 if (flags & BRIDGE_VLAN_INFO_MASTER) {
f418af63
NA		 255 bool changed;
256
257 err = br_vlan_add(br, v->vid,
258 flags | BRIDGE_VLAN_INFO_BRENTRY,
169327d5 259 &changed, extack);
2594e906
NA		 260 if (err)
261 goto out_filt;
f545923b
NA		 262
263 if (changed)
264 br_vlan_notify(br, NULL, v->vid, 0,
265 RTM_NEWVLAN);
2594e906
NA		 266 }
267
169327d5 268 masterv = br_vlan_get_master(br, v->vid, extack);
ee4f52a8
ZC		 269 if (!masterv) {
270 err = -ENOMEM;
f8ed289f 271 goto out_filt;
ee4f52a8 272 }
2594e906 273 v->brvlan = masterv;
9163a0fc 274 if (br_opt_get(br, BROPT_VLAN_STATS_PER_PORT)) {
281cc284
HK		 275 v->stats =
276 netdev_alloc_pcpu_stats(struct pcpu_sw_netstats);
9163a0fc
NA		 277 if (!v->stats) {
278 err = -ENOMEM;
279 goto out_filt;
280 }
9d332e69 281 v->priv_flags |= BR_VLFLAG_PER_PORT_STATS;
9163a0fc
NA		 282 } else {
283 v->stats = masterv->stats;
284 }
9c86ce2c 285 } else {
169327d5 286 err = br_switchdev_port_vlan_add(dev, v->vid, flags, extack);
9c86ce2c
PM		 287 if (err && err != -EOPNOTSUPP)
288 goto out;
2594e906
NA		 289 }
290
6be144f6 291 /* Add the dev mac and count the vlan only if it's usable */
2594e906
NA		 292 if (br_vlan_should_use(v)) {
293 err = br_fdb_insert(br, p, dev->dev_addr, v->vid);
294 if (err) {
295 br_err(br, "failed insert local address into bridge forwarding table\n");
296 goto out_filt;
297 }
6be144f6 298 vg->num_vlans++;
2594e906
NA		 299 }
300
a580c76d
NA		 301 /* set the state before publishing */
302 v->state = BR_STATE_FORWARDING;
303
6be144f6
NA		 304 err = rhashtable_lookup_insert_fast(&vg->vlan_hash, &v->vnode,
305 br_vlan_rht_params);
2594e906
NA		 306 if (err)
307 goto out_fdb_insert;
243a2e63 308
2594e906
NA		 309 __vlan_add_list(v);
310 __vlan_add_flags(v, flags);
80900acd
MM		 311
312 if (p)
313 nbp_vlan_set_vlan_dev_state(p, v->vid);
2594e906
NA		 314out:
315 return err;
316
317out_fdb_insert:
6be144f6
NA		 318 if (br_vlan_should_use(v)) {
319 br_fdb_find_delete_local(br, p, dev->dev_addr, v->vid);
320 vg->num_vlans--;
321 }
2594e906
NA		 322
323out_filt:
324 if (p) {
27973793 325 __vlan_vid_del(dev, br, v);
2594e906 326 if (masterv) {
1a3aea25
LR		 327 if (v->stats && masterv->stats != v->stats)
328 free_percpu(v->stats);
329 v->stats = NULL;
330
f8ed289f 331 br_vlan_put_master(masterv);
2594e906
NA		 332 v->brvlan = NULL;
333 }
9c86ce2c
PM		 334 } else {
335 br_switchdev_port_vlan_del(dev, v->vid);
2594e906
NA		 336 }
337
338 goto out;
339}
340
341static int __vlan_del(struct net_bridge_vlan *v)
342{
343 struct net_bridge_vlan *masterv = v;
77751ee8 344 struct net_bridge_vlan_group *vg;
2594e906 345 struct net_bridge_port *p = NULL;
2594e906 346 int err = 0;
552406c4 347
2594e906 348 if (br_vlan_is_master(v)) {
907b1e6e 349 vg = br_vlan_group(v->br);
2594e906
NA		 350 } else {
351 p = v->port;
907b1e6e 352 vg = nbp_vlan_group(v->port);
2594e906 353 masterv = v->brvlan;
2594e906 354 }
bf361ad3 355
77751ee8 356 __vlan_delete_pvid(vg, v->vid);
2594e906 357 if (p) {
27973793 358 err = __vlan_vid_del(p->dev, p->br, v);
bf361ad3 359 if (err)
2594e906 360 goto out;
9c86ce2c
PM		 361 } else {
362 err = br_switchdev_port_vlan_del(v->br->dev, v->vid);
363 if (err && err != -EOPNOTSUPP)
364 goto out;
365 err = 0;
8580e211 366 }
243a2e63 367
6be144f6
NA		 368 if (br_vlan_should_use(v)) {
369 v->flags &= ~BRIDGE_VLAN_INFO_BRENTRY;
370 vg->num_vlans--;
2594e906
NA		 371 }
372
373 if (masterv != v) {
efa5356b 374 vlan_tunnel_info_del(vg, v);
77751ee8
NA		 375 rhashtable_remove_fast(&vg->vlan_hash, &v->vnode,
376 br_vlan_rht_params);
2594e906 377 __vlan_del_list(v);
80900acd 378 nbp_vlan_set_vlan_dev_state(p, v->vid);
9163a0fc 379 call_rcu(&v->rcu, nbp_vlan_rcu_free);
243a2e63 380 }
2594e906 381
f8ed289f 382 br_vlan_put_master(masterv);
2594e906
NA		 383out:
384 return err;
243a2e63
VY		 385}
386
f409d0ed
NA		 387static void __vlan_group_free(struct net_bridge_vlan_group *vg)
388{
389 WARN_ON(!list_empty(&vg->vlan_list));
390 rhashtable_destroy(&vg->vlan_hash);
efa5356b 391 vlan_tunnel_deinit(vg);
f409d0ed
NA		 392 kfree(vg);
393}
394
f545923b
NA		 395static void __vlan_flush(const struct net_bridge *br,
396 const struct net_bridge_port *p,
397 struct net_bridge_vlan_group *vg)
243a2e63 398{
2594e906 399 struct net_bridge_vlan *vlan, *tmp;
f545923b 400 u16 v_start = 0, v_end = 0;
2594e906 401
f409d0ed 402 __vlan_delete_pvid(vg, vg->pvid);
f545923b
NA		 403 list_for_each_entry_safe(vlan, tmp, &vg->vlan_list, vlist) {
404 /* take care of disjoint ranges */
405 if (!v_start) {
406 v_start = vlan->vid;
407 } else if (vlan->vid - v_end != 1) {
408 /* found range end, notify and start next one */
409 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN);
410 v_start = vlan->vid;
411 }
412 v_end = vlan->vid;
413
2594e906 414 __vlan_del(vlan);
f545923b
NA		 415 }
416
417 /* notify about the last/whole vlan range */
418 if (v_start)
419 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN);
243a2e63
VY		 420}
421
78851988 422struct sk_buff *br_handle_vlan(struct net_bridge *br,
11538d03 423 const struct net_bridge_port *p,
2594e906 424 struct net_bridge_vlan_group *vg,
78851988 425 struct sk_buff *skb)
a37b85c9 426{
281cc284 427 struct pcpu_sw_netstats *stats;
2594e906 428 struct net_bridge_vlan *v;
a37b85c9
VY		 429 u16 vid;
430
20adfa1a
VY		 431 /* If this packet was not filtered at input, let it pass */
432 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
78851988
VY		 433 goto out;
434
2594e906
NA		 435 /* At this point, we know that the frame was filtered and contains
436 * a valid vlan id. If the vlan id has untagged flag set,
437 * send untagged; otherwise, send tagged.
438 */
439 br_vlan_get_tag(skb, &vid);
440 v = br_vlan_find(vg, vid);
441 /* Vlan entry must be configured at this point. The
fc92f745
VY		 442 * only exception is the bridge is set in promisc mode and the
443 * packet is destined for the bridge device. In this case
444 * pass the packet as is.
445 */
2594e906 446 if (!v || !br_vlan_should_use(v)) {
fc92f745
VY		 447 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) {
448 goto out;
449 } else {
450 kfree_skb(skb);
451 return NULL;
452 }
453 }
ae75767e 454 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) {
6dada9b1
NA		 455 stats = this_cpu_ptr(v->stats);
456 u64_stats_update_begin(&stats->syncp);
457 stats->tx_bytes += skb->len;
458 stats->tx_packets++;
459 u64_stats_update_end(&stats->syncp);
460 }
461
2594e906 462 if (v->flags & BRIDGE_VLAN_INFO_UNTAGGED)
5978f8a9 463 __vlan_hwaccel_clear_tag(skb);
11538d03
RP		 464
465 if (p && (p->flags & BR_VLAN_TUNNEL) &&
466 br_handle_egress_vlan_tunnel(skb, v)) {
467 kfree_skb(skb);
468 return NULL;
469 }
78851988
VY		 470out:
471 return skb;
472}
473
474/* Called under RCU */
6dada9b1
NA		 475static bool __allowed_ingress(const struct net_bridge *br,
476 struct net_bridge_vlan_group *vg,
a580c76d
NA		 477 struct sk_buff *skb, u16 *vid,
478 u8 *state)
78851988 479{
281cc284 480 struct pcpu_sw_netstats *stats;
6dada9b1 481 struct net_bridge_vlan *v;
8580e211 482 bool tagged;
a37b85c9 483
20adfa1a 484 BR_INPUT_SKB_CB(skb)->vlan_filtered = true;
12464bb8
TM		 485 /* If vlan tx offload is disabled on bridge device and frame was
486 * sent from vlan device on the bridge device, it does not have
487 * HW accelerated vlan tag.
488 */
df8a39de 489 if (unlikely(!skb_vlan_tag_present(skb) &&
6dada9b1 490 skb->protocol == br->vlan_proto)) {
0d5501c1 491 skb = skb_vlan_untag(skb);
12464bb8
TM		 492 if (unlikely(!skb))
493 return false;
494 }
495
8580e211
TM		 496 if (!br_vlan_get_tag(skb, vid)) {
497 /* Tagged frame */
6dada9b1 498 if (skb->vlan_proto != br->vlan_proto) {
8580e211
TM		 499 /* Protocol-mismatch, empty out vlan_tci for new tag */
500 skb_push(skb, ETH_HLEN);
62749e2c 501 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto,
df8a39de 502 skb_vlan_tag_get(skb));
8580e211
TM		 503 if (unlikely(!skb))
504 return false;
505
506 skb_pull(skb, ETH_HLEN);
507 skb_reset_mac_len(skb);
508 *vid = 0;
509 tagged = false;
510 } else {
511 tagged = true;
512 }
513 } else {
514 /* Untagged frame */
515 tagged = false;
516 }
517
b90356ce 518 if (!*vid) {
77751ee8
NA		 519 u16 pvid = br_get_pvid(vg);
520
b90356ce
TM		 521 /* Frame had a tag with VID 0 or did not have a tag.
522 * See if pvid is set on this port. That tells us which
523 * vlan untagged or priority-tagged traffic belongs to.
78851988 524 */
3df6bf45 525 if (!pvid)
eb707618 526 goto drop;
78851988 527
b90356ce
TM		 528 /* PVID is set on this port. Any untagged or priority-tagged
529 * ingress frame is considered to belong to this vlan.
78851988 530 */
dfb5fa32 531 *vid = pvid;
8580e211 532 if (likely(!tagged))
b90356ce 533 /* Untagged Frame. */
6dada9b1 534 __vlan_hwaccel_put_tag(skb, br->vlan_proto, pvid);
b90356ce
TM		 535 else
536 /* Priority-tagged Frame.
5978f8a9
MM		 537 * At this point, we know that skb->vlan_tci VID
538 * field was 0.
b90356ce
TM		 539 * We update only VID field and preserve PCP field.
540 */
541 skb->vlan_tci |= pvid;
542
6dada9b1 543 /* if stats are disabled we can avoid the lookup */
a580c76d
NA		 544 if (!br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) {
545 if (*state == BR_STATE_FORWARDING) {
546 *state = br_vlan_get_pvid_state(vg);
547 return br_vlan_state_allowed(*state, true);
548 } else {
549 return true;
550 }
551 }
78851988 552 }
77751ee8 553 v = br_vlan_find(vg, *vid);
6dada9b1
NA		 554 if (!v || !br_vlan_should_use(v))
555 goto drop;
556
a580c76d
NA		 557 if (*state == BR_STATE_FORWARDING) {
558 *state = br_vlan_get_state(v);
559 if (!br_vlan_state_allowed(*state, true))
560 goto drop;
561 }
562
ae75767e 563 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) {
6dada9b1
NA		 564 stats = this_cpu_ptr(v->stats);
565 u64_stats_update_begin(&stats->syncp);
566 stats->rx_bytes += skb->len;
567 stats->rx_packets++;
568 u64_stats_update_end(&stats->syncp);
569 }
570
571 return true;
572
eb707618
TM		 573drop:
574 kfree_skb(skb);
a37b85c9
VY		 575 return false;
576}
577
77751ee8
NA		 578bool br_allowed_ingress(const struct net_bridge *br,
579 struct net_bridge_vlan_group *vg, struct sk_buff *skb,
a580c76d 580 u16 *vid, u8 *state)
2594e906
NA		 581{
582 /* If VLAN filtering is disabled on the bridge, all packets are
583 * permitted.
584 */
ae75767e 585 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) {
2594e906
NA		 586 BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
587 return true;
588 }
589
a580c76d 590 return __allowed_ingress(br, vg, skb, vid, state);
2594e906
NA		 591}
592
85f46c6b 593/* Called under RCU. */
2594e906 594bool br_allowed_egress(struct net_bridge_vlan_group *vg,
85f46c6b
VY		 595 const struct sk_buff *skb)
596{
2594e906 597 const struct net_bridge_vlan *v;
85f46c6b
VY		 598 u16 vid;
599
20adfa1a
VY		 600 /* If this packet was not filtered at input, let it pass */
601 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
85f46c6b
VY		 602 return true;
603
85f46c6b 604 br_vlan_get_tag(skb, &vid);
2594e906 605 v = br_vlan_find(vg, vid);
a580c76d
NA		 606 if (v && br_vlan_should_use(v) &&
607 br_vlan_state_allowed(br_vlan_get_state(v), false))
85f46c6b
VY		 608 return true;
609
610 return false;
611}
612
e0d7968a
TM		 613/* Called under RCU */
614bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
615{
468e7944 616 struct net_bridge_vlan_group *vg;
e0d7968a 617 struct net_bridge *br = p->br;
a580c76d 618 struct net_bridge_vlan *v;
e0d7968a 619
20adfa1a 620 /* If filtering was disabled at input, let it pass. */
ae75767e 621 if (!br_opt_get(br, BROPT_VLAN_ENABLED))
e0d7968a
TM		 622 return true;
623
eca1e006 624 vg = nbp_vlan_group_rcu(p);
468e7944 625 if (!vg || !vg->num_vlans)
e0d7968a
TM		 626 return false;
627
8580e211
TM		 628 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto)
629 *vid = 0;
630
e0d7968a 631 if (!*vid) {
77751ee8 632 *vid = br_get_pvid(vg);
a580c76d
NA		 633 if (!*vid ||
634 !br_vlan_state_allowed(br_vlan_get_pvid_state(vg), true))
e0d7968a
TM		 635 return false;
636
637 return true;
638 }
639
a580c76d
NA		 640 v = br_vlan_find(vg, *vid);
641 if (v && br_vlan_state_allowed(br_vlan_get_state(v), true))
e0d7968a
TM		 642 return true;
643
644 return false;
645}
646
dbd6dc75
PM		 647static int br_vlan_add_existing(struct net_bridge *br,
648 struct net_bridge_vlan_group *vg,
649 struct net_bridge_vlan *vlan,
169327d5
PM		 650 u16 flags, bool *changed,
651 struct netlink_ext_ack *extack)
dbd6dc75
PM		 652{
653 int err;
654
169327d5 655 err = br_switchdev_port_vlan_add(br->dev, vlan->vid, flags, extack);
9c86ce2c
PM		 656 if (err && err != -EOPNOTSUPP)
657 return err;
658
dbd6dc75
PM		 659 if (!br_vlan_is_brentry(vlan)) {
660 /* Trying to change flags of non-existent bridge vlan */
9c86ce2c
PM		 661 if (!(flags & BRIDGE_VLAN_INFO_BRENTRY)) {
662 err = -EINVAL;
663 goto err_flags;
664 }
dbd6dc75
PM		 665 /* It was only kept for port vlans, now make it real */
666 err = br_fdb_insert(br, NULL, br->dev->dev_addr,
667 vlan->vid);
668 if (err) {
669 br_err(br, "failed to insert local address into bridge forwarding table\n");
9c86ce2c 670 goto err_fdb_insert;
dbd6dc75
PM		 671 }
672
673 refcount_inc(&vlan->refcnt);
674 vlan->flags |= BRIDGE_VLAN_INFO_BRENTRY;
675 vg->num_vlans++;
676 *changed = true;
677 }
678
679 if (__vlan_add_flags(vlan, flags))
680 *changed = true;
681
682 return 0;
9c86ce2c
PM		 683
684err_fdb_insert:
685err_flags:
686 br_switchdev_port_vlan_del(br->dev, vlan->vid);
687 return err;
dbd6dc75
PM		 688}
689
8adff41c
TM		 690/* Must be protected by RTNL.
691 * Must be called with vid in range from 1 to 4094 inclusive.
f418af63 692 * changed must be true only if the vlan was created or updated
8adff41c 693 */
169327d5
PM		 694int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags, bool *changed,
695 struct netlink_ext_ack *extack)
243a2e63 696{
907b1e6e 697 struct net_bridge_vlan_group *vg;
2594e906
NA		 698 struct net_bridge_vlan *vlan;
699 int ret;
243a2e63
VY		 700
701 ASSERT_RTNL();
702
f418af63 703 *changed = false;
907b1e6e
NA		 704 vg = br_vlan_group(br);
705 vlan = br_vlan_find(vg, vid);
dbd6dc75 706 if (vlan)
169327d5
PM		 707 return br_vlan_add_existing(br, vg, vlan, flags, changed,
708 extack);
243a2e63 709
2594e906
NA		 710 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL);
711 if (!vlan)
243a2e63
VY		 712 return -ENOMEM;
713
281cc284 714 vlan->stats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats);
6dada9b1
NA		 715 if (!vlan->stats) {
716 kfree(vlan);
717 return -ENOMEM;
718 }
2594e906
NA		 719 vlan->vid = vid;
720 vlan->flags = flags | BRIDGE_VLAN_INFO_MASTER;
721 vlan->flags &= ~BRIDGE_VLAN_INFO_PVID;
722 vlan->br = br;
723 if (flags & BRIDGE_VLAN_INFO_BRENTRY)
25127759 724 refcount_set(&vlan->refcnt, 1);
169327d5 725 ret = __vlan_add(vlan, flags, extack);
6dada9b1
NA		 726 if (ret) {
727 free_percpu(vlan->stats);
2594e906 728 kfree(vlan);
f418af63
NA		 729 } else {
730 *changed = true;
6dada9b1 731 }
243a2e63 732
2594e906 733 return ret;
243a2e63
VY		 734}
735
8adff41c
TM		 736/* Must be protected by RTNL.
737 * Must be called with vid in range from 1 to 4094 inclusive.
738 */
243a2e63
VY		 739int br_vlan_delete(struct net_bridge *br, u16 vid)
740{
907b1e6e 741 struct net_bridge_vlan_group *vg;
2594e906 742 struct net_bridge_vlan *v;
243a2e63
VY		 743
744 ASSERT_RTNL();
745
907b1e6e
NA		 746 vg = br_vlan_group(br);
747 v = br_vlan_find(vg, vid);
2594e906
NA		 748 if (!v || !br_vlan_is_brentry(v))
749 return -ENOENT;
243a2e63 750
424bb9c9 751 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid);
3741873b 752 br_fdb_delete_by_port(br, NULL, vid, 0);
bc9a25d2 753
efa5356b
RP		 754 vlan_tunnel_info_del(vg, v);
755
2594e906 756 return __vlan_del(v);
243a2e63
VY		 757}
758
759void br_vlan_flush(struct net_bridge *br)
760{
f409d0ed
NA		 761 struct net_bridge_vlan_group *vg;
762
243a2e63 763 ASSERT_RTNL();
243a2e63 764
f409d0ed 765 vg = br_vlan_group(br);
f545923b 766 __vlan_flush(br, NULL, vg);
f409d0ed
NA		 767 RCU_INIT_POINTER(br->vlgrp, NULL);
768 synchronize_rcu();
769 __vlan_group_free(vg);
243a2e63
VY		 770}
771
2594e906 772struct net_bridge_vlan *br_vlan_find(struct net_bridge_vlan_group *vg, u16 vid)
2b292fb4 773{
2594e906
NA		 774 if (!vg)
775 return NULL;
2b292fb4 776
2594e906 777 return br_vlan_lookup(&vg->vlan_hash, vid);
2b292fb4
TM		 778}
779
204177f3
TM		 780/* Must be protected by RTNL. */
781static void recalculate_group_addr(struct net_bridge *br)
782{
be3664a0 783 if (br_opt_get(br, BROPT_GROUP_ADDR_SET))
204177f3
TM		 784 return;
785
786 spin_lock_bh(&br->lock);
ae75767e
NA		 787 if (!br_opt_get(br, BROPT_VLAN_ENABLED) ||
788 br->vlan_proto == htons(ETH_P_8021Q)) {
204177f3
TM		 789 /* Bridge Group Address */
790 br->group_addr[5] = 0x00;
791 } else { /* vlan_enabled && ETH_P_8021AD */
792 /* Provider Bridge Group Address */
793 br->group_addr[5] = 0x08;
794 }
795 spin_unlock_bh(&br->lock);
796}
797
798/* Must be protected by RTNL. */
799void br_recalculate_fwd_mask(struct net_bridge *br)
800{
ae75767e
NA		 801 if (!br_opt_get(br, BROPT_VLAN_ENABLED) ||
802 br->vlan_proto == htons(ETH_P_8021Q))
204177f3
TM		 803 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT;
804 else /* vlan_enabled && ETH_P_8021AD */
805 br->group_fwd_mask_required = BR_GROUPFWD_8021AD &
806 ~(1u << br->group_addr[5]);
807}
808
9e781401
VO		 809int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val,
810 struct netlink_ext_ack *extack)
243a2e63 811{
6b72a770
ER		 812 struct switchdev_attr attr = {
813 .orig_dev = br->dev,
814 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING,
815 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP,
816 .u.vlan_filtering = val,
817 };
818 int err;
819
ae75767e 820 if (br_opt_get(br, BROPT_VLAN_ENABLED) == !!val)
a7854037 821 return 0;
243a2e63 822
dcbdf135 823 err = switchdev_port_attr_set(br->dev, &attr, extack);
6b72a770
ER		 824 if (err && err != -EOPNOTSUPP)
825 return err;
826
ae75767e 827 br_opt_toggle(br, BROPT_VLAN_ENABLED, !!val);
2796d0c6 828 br_manage_promisc(br);
204177f3
TM		 829 recalculate_group_addr(br);
830 br_recalculate_fwd_mask(br);
243a2e63 831
a7854037
NA		 832 return 0;
833}
834
1f51445a
IS		 835bool br_vlan_enabled(const struct net_device *dev)
836{
837 struct net_bridge *br = netdev_priv(dev);
838
ae75767e 839 return br_opt_get(br, BROPT_VLAN_ENABLED);
1f51445a
IS		 840}
841EXPORT_SYMBOL_GPL(br_vlan_enabled);
842
31aed46f 843int br_vlan_get_proto(const struct net_device *dev, u16 *p_proto)
844{
845 struct net_bridge *br = netdev_priv(dev);
846
847 *p_proto = ntohs(br->vlan_proto);
848
849 return 0;
850}
851EXPORT_SYMBOL_GPL(br_vlan_get_proto);
852
dcbdf135
VO		 853int __br_vlan_set_proto(struct net_bridge *br, __be16 proto,
854 struct netlink_ext_ack *extack)
204177f3 855{
22ec19f3
DR		 856 struct switchdev_attr attr = {
857 .orig_dev = br->dev,
858 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_PROTOCOL,
859 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP,
860 .u.vlan_protocol = ntohs(proto),
861 };
204177f3
TM		 862 int err = 0;
863 struct net_bridge_port *p;
2594e906 864 struct net_bridge_vlan *vlan;
907b1e6e 865 struct net_bridge_vlan_group *vg;
22ec19f3 866 __be16 oldproto = br->vlan_proto;
204177f3 867
204177f3 868 if (br->vlan_proto == proto)
d2d427b3 869 return 0;
204177f3 870
dcbdf135 871 err = switchdev_port_attr_set(br->dev, &attr, extack);
22ec19f3
DR		 872 if (err && err != -EOPNOTSUPP)
873 return err;
874
204177f3
TM		 875 /* Add VLANs for the new proto to the device filter. */
876 list_for_each_entry(p, &br->port_list, list) {
907b1e6e
NA		 877 vg = nbp_vlan_group(p);
878 list_for_each_entry(vlan, &vg->vlan_list, vlist) {
2594e906 879 err = vlan_vid_add(p->dev, proto, vlan->vid);
204177f3
TM		 880 if (err)
881 goto err_filt;
882 }
883 }
884
204177f3
TM		 885 br->vlan_proto = proto;
886
887 recalculate_group_addr(br);
888 br_recalculate_fwd_mask(br);
889
890 /* Delete VLANs for the old proto from the device filter. */
907b1e6e
NA		 891 list_for_each_entry(p, &br->port_list, list) {
892 vg = nbp_vlan_group(p);
893 list_for_each_entry(vlan, &vg->vlan_list, vlist)
2594e906 894 vlan_vid_del(p->dev, oldproto, vlan->vid);
907b1e6e 895 }
204177f3 896
d2d427b3 897 return 0;
204177f3
TM		 898
899err_filt:
22ec19f3 900 attr.u.vlan_protocol = ntohs(oldproto);
dcbdf135 901 switchdev_port_attr_set(br->dev, &attr, NULL);
22ec19f3 902
907b1e6e 903 list_for_each_entry_continue_reverse(vlan, &vg->vlan_list, vlist)
2594e906 904 vlan_vid_del(p->dev, proto, vlan->vid);
204177f3 905
907b1e6e
NA		 906 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
907 vg = nbp_vlan_group(p);
908 list_for_each_entry(vlan, &vg->vlan_list, vlist)
2594e906 909 vlan_vid_del(p->dev, proto, vlan->vid);
907b1e6e 910 }
204177f3 911
d2d427b3
TM		 912 return err;
913}
914
9e781401
VO		 915int br_vlan_set_proto(struct net_bridge *br, unsigned long val,
916 struct netlink_ext_ack *extack)
d2d427b3 917{
a98c0c47 918 if (!eth_type_vlan(htons(val)))
d2d427b3
TM		 919 return -EPROTONOSUPPORT;
920
dcbdf135 921 return __br_vlan_set_proto(br, htons(val), extack);
204177f3
TM		 922}
923
6dada9b1
NA		 924int br_vlan_set_stats(struct net_bridge *br, unsigned long val)
925{
926 switch (val) {
927 case 0:
928 case 1:
ae75767e 929 br_opt_toggle(br, BROPT_VLAN_STATS_ENABLED, !!val);
6dada9b1
NA		 930 break;
931 default:
9163a0fc
NA		 932 return -EINVAL;
933 }
934
935 return 0;
936}
937
938int br_vlan_set_stats_per_port(struct net_bridge *br, unsigned long val)
939{
940 struct net_bridge_port *p;
941
942 /* allow to change the option if there are no port vlans configured */
943 list_for_each_entry(p, &br->port_list, list) {
944 struct net_bridge_vlan_group *vg = nbp_vlan_group(p);
945
946 if (vg->num_vlans)
947 return -EBUSY;
948 }
949
950 switch (val) {
951 case 0:
952 case 1:
953 br_opt_toggle(br, BROPT_VLAN_STATS_PER_PORT, !!val);
954 break;
955 default:
6dada9b1
NA		 956 return -EINVAL;
957 }
958
959 return 0;
960}
961
77751ee8 962static bool vlan_default_pvid(struct net_bridge_vlan_group *vg, u16 vid)
5be5a2df 963{
2594e906
NA		 964 struct net_bridge_vlan *v;
965
77751ee8 966 if (vid != vg->pvid)
2594e906
NA		 967 return false;
968
969 v = br_vlan_lookup(&vg->vlan_hash, vid);
970 if (v && br_vlan_should_use(v) &&
971 (v->flags & BRIDGE_VLAN_INFO_UNTAGGED))
972 return true;
973
974 return false;
5be5a2df
VY		 975}
976
977static void br_vlan_disable_default_pvid(struct net_bridge *br)
978{
979 struct net_bridge_port *p;
980 u16 pvid = br->default_pvid;
981
982 /* Disable default_pvid on all ports where it is still
983 * configured.
984 */
f545923b
NA		 985 if (vlan_default_pvid(br_vlan_group(br), pvid)) {
986 if (!br_vlan_delete(br, pvid))
987 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN);
988 }
5be5a2df
VY		 989
990 list_for_each_entry(p, &br->port_list, list) {
f545923b
NA		 991 if (vlan_default_pvid(nbp_vlan_group(p), pvid) &&
992 !nbp_vlan_delete(p, pvid))
993 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN);
5be5a2df
VY		 994 }
995
996 br->default_pvid = 0;
997}
998
169327d5
PM		 999int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid,
1000 struct netlink_ext_ack *extack)
5be5a2df 1001{
2594e906 1002 const struct net_bridge_vlan *pvent;
907b1e6e 1003 struct net_bridge_vlan_group *vg;
5be5a2df 1004 struct net_bridge_port *p;
f418af63
NA		 1005 unsigned long *changed;
1006 bool vlchange;
5be5a2df
VY		 1007 u16 old_pvid;
1008 int err = 0;
5be5a2df 1009
0f963b75
NA		 1010 if (!pvid) {
1011 br_vlan_disable_default_pvid(br);
1012 return 0;
1013 }
1014
459479da 1015 changed = bitmap_zalloc(BR_MAX_PORTS, GFP_KERNEL);
5be5a2df
VY		 1016 if (!changed)
1017 return -ENOMEM;
1018
1019 old_pvid = br->default_pvid;
1020
1021 /* Update default_pvid config only if we do not conflict with
1022 * user configuration.
1023 */
907b1e6e
NA		 1024 vg = br_vlan_group(br);
1025 pvent = br_vlan_find(vg, pvid);
1026 if ((!old_pvid || vlan_default_pvid(vg, old_pvid)) &&
2594e906 1027 (!pvent || !br_vlan_should_use(pvent))) {
5be5a2df
VY		 1028 err = br_vlan_add(br, pvid,
1029 BRIDGE_VLAN_INFO_PVID |
2594e906 1030 BRIDGE_VLAN_INFO_UNTAGGED |
f418af63 1031 BRIDGE_VLAN_INFO_BRENTRY,
169327d5 1032 &vlchange, extack);
5be5a2df
VY		 1033 if (err)
1034 goto out;
f545923b
NA		 1035
1036 if (br_vlan_delete(br, old_pvid))
1037 br_vlan_notify(br, NULL, old_pvid, 0, RTM_DELVLAN);
1038 br_vlan_notify(br, NULL, pvid, 0, RTM_NEWVLAN);
5be5a2df
VY		 1039 set_bit(0, changed);
1040 }
1041
1042 list_for_each_entry(p, &br->port_list, list) {
1043 /* Update default_pvid config only if we do not conflict with
1044 * user configuration.
1045 */
907b1e6e 1046 vg = nbp_vlan_group(p);
5be5a2df 1047 if ((old_pvid &&
907b1e6e
NA		 1048 !vlan_default_pvid(vg, old_pvid)) ||
1049 br_vlan_find(vg, pvid))
5be5a2df
VY		 1050 continue;
1051
1052 err = nbp_vlan_add(p, pvid,
1053 BRIDGE_VLAN_INFO_PVID |
f418af63 1054 BRIDGE_VLAN_INFO_UNTAGGED,
169327d5 1055 &vlchange, extack);
5be5a2df
VY		 1056 if (err)
1057 goto err_port;
f545923b
NA		 1058 if (nbp_vlan_delete(p, old_pvid))
1059 br_vlan_notify(br, p, old_pvid, 0, RTM_DELVLAN);
1060 br_vlan_notify(p->br, p, pvid, 0, RTM_NEWVLAN);
5be5a2df
VY		 1061 set_bit(p->port_no, changed);
1062 }
1063
1064 br->default_pvid = pvid;
1065
1066out:
459479da 1067 bitmap_free(changed);
5be5a2df
VY		 1068 return err;
1069
1070err_port:
1071 list_for_each_entry_continue_reverse(p, &br->port_list, list) {
1072 if (!test_bit(p->port_no, changed))
1073 continue;
1074
f545923b 1075 if (old_pvid) {
5be5a2df
VY		 1076 nbp_vlan_add(p, old_pvid,
1077 BRIDGE_VLAN_INFO_PVID |
f418af63 1078 BRIDGE_VLAN_INFO_UNTAGGED,
169327d5 1079 &vlchange, NULL);
f545923b
NA		 1080 br_vlan_notify(p->br, p, old_pvid, 0, RTM_NEWVLAN);
1081 }
5be5a2df 1082 nbp_vlan_delete(p, pvid);
f545923b 1083 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN);
5be5a2df
VY		 1084 }
1085
1086 if (test_bit(0, changed)) {
f545923b 1087 if (old_pvid) {
5be5a2df
VY		 1088 br_vlan_add(br, old_pvid,
1089 BRIDGE_VLAN_INFO_PVID |
2594e906 1090 BRIDGE_VLAN_INFO_UNTAGGED |
f418af63 1091 BRIDGE_VLAN_INFO_BRENTRY,
169327d5 1092 &vlchange, NULL);
f545923b
NA		 1093 br_vlan_notify(br, NULL, old_pvid, 0, RTM_NEWVLAN);
1094 }
5be5a2df 1095 br_vlan_delete(br, pvid);
f545923b 1096 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN);
5be5a2df
VY		 1097 }
1098 goto out;
1099}
1100
9e781401
VO		 1101int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val,
1102 struct netlink_ext_ack *extack)
96a20d9d
VY		 1103{
1104 u16 pvid = val;
1105 int err = 0;
1106
5be5a2df 1107 if (val >= VLAN_VID_MASK)
96a20d9d
VY		 1108 return -EINVAL;
1109
96a20d9d 1110 if (pvid == br->default_pvid)
047831a9 1111 goto out;
96a20d9d
VY		 1112
1113 /* Only allow default pvid change when filtering is disabled */
ae75767e 1114 if (br_opt_get(br, BROPT_VLAN_ENABLED)) {
96a20d9d
VY		 1115 pr_info_once("Please disable vlan filtering to change default_pvid\n");
1116 err = -EPERM;
047831a9 1117 goto out;
96a20d9d 1118 }
9e781401 1119 err = __br_vlan_set_default_pvid(br, pvid, extack);
047831a9 1120out:
96a20d9d
VY		 1121 return err;
1122}
1123
5be5a2df 1124int br_vlan_init(struct net_bridge *br)
8580e211 1125{
907b1e6e 1126 struct net_bridge_vlan_group *vg;
2594e906
NA		 1127 int ret = -ENOMEM;
1128
907b1e6e
NA		 1129 vg = kzalloc(sizeof(*vg), GFP_KERNEL);
1130 if (!vg)
2594e906 1131 goto out;
907b1e6e 1132 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params);
2594e906
NA		 1133 if (ret)
1134 goto err_rhtbl;
efa5356b
RP		 1135 ret = vlan_tunnel_init(vg);
1136 if (ret)
1137 goto err_tunnel_init;
907b1e6e 1138 INIT_LIST_HEAD(&vg->vlan_list);
8580e211 1139 br->vlan_proto = htons(ETH_P_8021Q);
96a20d9d 1140 br->default_pvid = 1;
907b1e6e 1141 rcu_assign_pointer(br->vlgrp, vg);
2594e906
NA		 1142
1143out:
1144 return ret;
1145
efa5356b 1146err_tunnel_init:
907b1e6e 1147 rhashtable_destroy(&vg->vlan_hash);
2594e906 1148err_rhtbl:
907b1e6e 1149 kfree(vg);
2594e906
NA		 1150
1151 goto out;
1152}
1153
169327d5 1154int nbp_vlan_init(struct net_bridge_port *p, struct netlink_ext_ack *extack)
2594e906 1155{
404cdbf0
ER		 1156 struct switchdev_attr attr = {
1157 .orig_dev = p->br->dev,
1158 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING,
1159 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP,
ae75767e 1160 .u.vlan_filtering = br_opt_get(p->br, BROPT_VLAN_ENABLED),
404cdbf0 1161 };
263344e6 1162 struct net_bridge_vlan_group *vg;
2594e906
NA		 1163 int ret = -ENOMEM;
1164
263344e6
NA		 1165 vg = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL);
1166 if (!vg)
2594e906
NA		 1167 goto out;
1168
dcbdf135 1169 ret = switchdev_port_attr_set(p->dev, &attr, extack);
404cdbf0
ER		 1170 if (ret && ret != -EOPNOTSUPP)
1171 goto err_vlan_enabled;
1172
263344e6 1173 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params);
2594e906
NA		 1174 if (ret)
1175 goto err_rhtbl;
efa5356b
RP		 1176 ret = vlan_tunnel_init(vg);
1177 if (ret)
1178 goto err_tunnel_init;
263344e6 1179 INIT_LIST_HEAD(&vg->vlan_list);
907b1e6e 1180 rcu_assign_pointer(p->vlgrp, vg);
2594e906 1181 if (p->br->default_pvid) {
f418af63
NA		 1182 bool changed;
1183
2594e906
NA		 1184 ret = nbp_vlan_add(p, p->br->default_pvid,
1185 BRIDGE_VLAN_INFO_PVID |
f418af63 1186 BRIDGE_VLAN_INFO_UNTAGGED,
169327d5 1187 &changed, extack);
2594e906
NA		 1188 if (ret)
1189 goto err_vlan_add;
f545923b 1190 br_vlan_notify(p->br, p, p->br->default_pvid, 0, RTM_NEWVLAN);
2594e906
NA		 1191 }
1192out:
1193 return ret;
1194
1195err_vlan_add:
07bc588f
IS		 1196 RCU_INIT_POINTER(p->vlgrp, NULL);
1197 synchronize_rcu();
efa5356b 1198 vlan_tunnel_deinit(vg);
efa5356b
RP		 1199err_tunnel_init:
1200 rhashtable_destroy(&vg->vlan_hash);
2594e906 1201err_rhtbl:
df2c4334 1202err_vlan_enabled:
263344e6 1203 kfree(vg);
2594e906
NA		 1204
1205 goto out;
8580e211
TM		 1206}
1207
8adff41c
TM		 1208/* Must be protected by RTNL.
1209 * Must be called with vid in range from 1 to 4094 inclusive.
f418af63 1210 * changed must be true only if the vlan was created or updated
8adff41c 1211 */
f418af63 1212int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags,
169327d5 1213 bool *changed, struct netlink_ext_ack *extack)
243a2e63 1214{
2594e906
NA		 1215 struct net_bridge_vlan *vlan;
1216 int ret;
243a2e63
VY		 1217
1218 ASSERT_RTNL();
1219
f418af63 1220 *changed = false;
907b1e6e 1221 vlan = br_vlan_find(nbp_vlan_group(port), vid);
2594e906 1222 if (vlan) {
7fbac984 1223 /* Pass the flags to the hardware bridge */
169327d5 1224 ret = br_switchdev_port_vlan_add(port->dev, vid, flags, extack);
7fbac984
IS		 1225 if (ret && ret != -EOPNOTSUPP)
1226 return ret;
f418af63
NA		 1227 *changed = __vlan_add_flags(vlan, flags);
1228
2594e906 1229 return 0;
243a2e63
VY		 1230 }
1231
2594e906
NA		 1232 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL);
1233 if (!vlan)
1234 return -ENOMEM;
243a2e63 1235
2594e906
NA		 1236 vlan->vid = vid;
1237 vlan->port = port;
169327d5 1238 ret = __vlan_add(vlan, flags, extack);
2594e906
NA		 1239 if (ret)
1240 kfree(vlan);
f418af63
NA		 1241 else
1242 *changed = true;
243a2e63 1243
2594e906 1244 return ret;
243a2e63
VY		 1245}
1246
8adff41c
TM		 1247/* Must be protected by RTNL.
1248 * Must be called with vid in range from 1 to 4094 inclusive.
1249 */
243a2e63
VY		 1250int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
1251{
2594e906 1252 struct net_bridge_vlan *v;
243a2e63
VY		 1253
1254 ASSERT_RTNL();
1255
907b1e6e 1256 v = br_vlan_find(nbp_vlan_group(port), vid);
2594e906
NA		 1257 if (!v)
1258 return -ENOENT;
424bb9c9 1259 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid);
1ea2d020 1260 br_fdb_delete_by_port(port->br, port, vid, 0);
bc9a25d2 1261
2594e906 1262 return __vlan_del(v);
243a2e63
VY		 1263}
1264
1265void nbp_vlan_flush(struct net_bridge_port *port)
1266{
f409d0ed
NA		 1267 struct net_bridge_vlan_group *vg;
1268
243a2e63
VY		 1269 ASSERT_RTNL();
1270
f409d0ed 1271 vg = nbp_vlan_group(port);
f545923b 1272 __vlan_flush(port->br, port, vg);
f409d0ed
NA		 1273 RCU_INIT_POINTER(port->vlgrp, NULL);
1274 synchronize_rcu();
1275 __vlan_group_free(vg);
5be5a2df 1276}
a60c0903
NA		 1277
1278void br_vlan_get_stats(const struct net_bridge_vlan *v,
281cc284 1279 struct pcpu_sw_netstats *stats)
a60c0903
NA		 1280{
1281 int i;
1282
1283 memset(stats, 0, sizeof(*stats));
1284 for_each_possible_cpu(i) {
1285 u64 rxpackets, rxbytes, txpackets, txbytes;
281cc284 1286 struct pcpu_sw_netstats *cpu_stats;
a60c0903
NA		 1287 unsigned int start;
1288
1289 cpu_stats = per_cpu_ptr(v->stats, i);
1290 do {
1291 start = u64_stats_fetch_begin_irq(&cpu_stats->syncp);
1292 rxpackets = cpu_stats->rx_packets;
1293 rxbytes = cpu_stats->rx_bytes;
1294 txbytes = cpu_stats->tx_bytes;
1295 txpackets = cpu_stats->tx_packets;
1296 } while (u64_stats_fetch_retry_irq(&cpu_stats->syncp, start));
1297
1298 stats->rx_packets += rxpackets;
1299 stats->rx_bytes += rxbytes;
1300 stats->tx_bytes += txbytes;
1301 stats->tx_packets += txpackets;
1302 }
1303}
4d4fd361 1304
99f62a74 1305int br_vlan_get_pvid(const struct net_device *dev, u16 *p_pvid)
4d4fd361
PM		 1306{
1307 struct net_bridge_vlan_group *vg;
99f62a74 1308 struct net_bridge_port *p;
4d4fd361 1309
99f62a74
VO		 1310 ASSERT_RTNL();
1311 p = br_port_get_check_rtnl(dev);
5a6db04c
IS		 1312 if (p)
1313 vg = nbp_vlan_group(p);
1314 else if (netif_is_bridge_master(dev))
4d4fd361
PM		 1315 vg = br_vlan_group(netdev_priv(dev));
1316 else
1317 return -EINVAL;
1318
1319 *p_pvid = br_get_pvid(vg);
1320 return 0;
1321}
1322EXPORT_SYMBOL_GPL(br_vlan_get_pvid);
1323
7582f5b7
PNA		 1324int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid)
1325{
99f62a74
VO		 1326 struct net_bridge_vlan_group *vg;
1327 struct net_bridge_port *p;
1328
1329 p = br_port_get_check_rcu(dev);
1330 if (p)
1331 vg = nbp_vlan_group_rcu(p);
1332 else if (netif_is_bridge_master(dev))
1333 vg = br_vlan_group_rcu(netdev_priv(dev));
1334 else
1335 return -EINVAL;
1336
1337 *p_pvid = br_get_pvid(vg);
1338 return 0;
7582f5b7
PNA		 1339}
1340EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu);
1341
4d4fd361
PM		 1342int br_vlan_get_info(const struct net_device *dev, u16 vid,
1343 struct bridge_vlan_info *p_vinfo)
1344{
1345 struct net_bridge_vlan_group *vg;
1346 struct net_bridge_vlan *v;
1347 struct net_bridge_port *p;
1348
1349 ASSERT_RTNL();
1350 p = br_port_get_check_rtnl(dev);
1351 if (p)
1352 vg = nbp_vlan_group(p);
2b18d79e
PM		 1353 else if (netif_is_bridge_master(dev))
1354 vg = br_vlan_group(netdev_priv(dev));
4d4fd361
PM		 1355 else
1356 return -EINVAL;
1357
1358 v = br_vlan_find(vg, vid);
1359 if (!v)
1360 return -ENOENT;
1361
1362 p_vinfo->vid = vid;
1363 p_vinfo->flags = v->flags;
f40d9b20
VO		 1364 if (vid == br_get_pvid(vg))
1365 p_vinfo->flags |= BRIDGE_VLAN_INFO_PVID;
4d4fd361
PM		 1366 return 0;
1367}
1368EXPORT_SYMBOL_GPL(br_vlan_get_info);
9c0ec2e7
MM		 1369
1370static int br_vlan_is_bind_vlan_dev(const struct net_device *dev)
1371{
1372 return is_vlan_dev(dev) &&
1373 !!(vlan_dev_priv(dev)->flags & VLAN_FLAG_BRIDGE_BINDING);
1374}
1375
1376static int br_vlan_is_bind_vlan_dev_fn(struct net_device *dev,
eff74233 1377 __always_unused struct netdev_nested_priv *priv)
9c0ec2e7
MM		 1378{
1379 return br_vlan_is_bind_vlan_dev(dev);
1380}
1381
1382static bool br_vlan_has_upper_bind_vlan_dev(struct net_device *dev)
1383{
1384 int found;
1385
1386 rcu_read_lock();
1387 found = netdev_walk_all_upper_dev_rcu(dev, br_vlan_is_bind_vlan_dev_fn,
1388 NULL);
1389 rcu_read_unlock();
1390
1391 return !!found;
1392}
1393
1394struct br_vlan_bind_walk_data {
1395 u16 vid;
1396 struct net_device *result;
1397};
1398
1399static int br_vlan_match_bind_vlan_dev_fn(struct net_device *dev,
eff74233 1400 struct netdev_nested_priv *priv)
9c0ec2e7 1401{
eff74233 1402 struct br_vlan_bind_walk_data *data = priv->data;
9c0ec2e7
MM		 1403 int found = 0;
1404
1405 if (br_vlan_is_bind_vlan_dev(dev) &&
1406 vlan_dev_priv(dev)->vlan_id == data->vid) {
1407 data->result = dev;
1408 found = 1;
1409 }
1410
1411 return found;
1412}
1413
1414static struct net_device *
1415br_vlan_get_upper_bind_vlan_dev(struct net_device *dev, u16 vid)
1416{
1417 struct br_vlan_bind_walk_data data = {
1418 .vid = vid,
1419 };
eff74233
TY		 1420 struct netdev_nested_priv priv = {
1421 .data = (void *)&data,
1422 };
9c0ec2e7
MM		 1423
1424 rcu_read_lock();
1425 netdev_walk_all_upper_dev_rcu(dev, br_vlan_match_bind_vlan_dev_fn,
eff74233 1426 &priv);
9c0ec2e7
MM		 1427 rcu_read_unlock();
1428
1429 return data.result;
1430}
1431
1432static bool br_vlan_is_dev_up(const struct net_device *dev)
1433{
1434 return !!(dev->flags & IFF_UP) && netif_oper_up(dev);
1435}
1436
1437static void br_vlan_set_vlan_dev_state(const struct net_bridge *br,
1438 struct net_device *vlan_dev)
1439{
1440 u16 vid = vlan_dev_priv(vlan_dev)->vlan_id;
1441 struct net_bridge_vlan_group *vg;
1442 struct net_bridge_port *p;
1443 bool has_carrier = false;
1444
8e1acd4f
MM		 1445 if (!netif_carrier_ok(br->dev)) {
1446 netif_carrier_off(vlan_dev);
1447 return;
1448 }
1449
9c0ec2e7
MM		 1450 list_for_each_entry(p, &br->port_list, list) {
1451 vg = nbp_vlan_group(p);
1452 if (br_vlan_find(vg, vid) && br_vlan_is_dev_up(p->dev)) {
1453 has_carrier = true;
1454 break;
1455 }
1456 }
1457
1458 if (has_carrier)
1459 netif_carrier_on(vlan_dev);
1460 else
1461 netif_carrier_off(vlan_dev);
1462}
1463
1464static void br_vlan_set_all_vlan_dev_state(struct net_bridge_port *p)
1465{
1466 struct net_bridge_vlan_group *vg = nbp_vlan_group(p);
1467 struct net_bridge_vlan *vlan;
1468 struct net_device *vlan_dev;
1469
1470 list_for_each_entry(vlan, &vg->vlan_list, vlist) {
1471 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev,
1472 vlan->vid);
1473 if (vlan_dev) {
8e1acd4f
MM		 1474 if (br_vlan_is_dev_up(p->dev)) {
1475 if (netif_carrier_ok(p->br->dev))
1476 netif_carrier_on(vlan_dev);
1477 } else {
9c0ec2e7 1478 br_vlan_set_vlan_dev_state(p->br, vlan_dev);
8e1acd4f 1479 }
9c0ec2e7
MM		 1480 }
1481 }
1482}
1483
1484static void br_vlan_upper_change(struct net_device *dev,
1485 struct net_device *upper_dev,
1486 bool linking)
1487{
1488 struct net_bridge *br = netdev_priv(dev);
1489
1490 if (!br_vlan_is_bind_vlan_dev(upper_dev))
1491 return;
1492
1493 if (linking) {
1494 br_vlan_set_vlan_dev_state(br, upper_dev);
1495 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING, true);
1496 } else {
1497 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING,
1498 br_vlan_has_upper_bind_vlan_dev(dev));
1499 }
1500}
1501
8e1acd4f
MM		 1502struct br_vlan_link_state_walk_data {
1503 struct net_bridge *br;
1504};
1505
1506static int br_vlan_link_state_change_fn(struct net_device *vlan_dev,
eff74233 1507 struct netdev_nested_priv *priv)
8e1acd4f 1508{
eff74233 1509 struct br_vlan_link_state_walk_data *data = priv->data;
8e1acd4f
MM		 1510
1511 if (br_vlan_is_bind_vlan_dev(vlan_dev))
1512 br_vlan_set_vlan_dev_state(data->br, vlan_dev);
1513
1514 return 0;
1515}
1516
1517static void br_vlan_link_state_change(struct net_device *dev,
1518 struct net_bridge *br)
1519{
1520 struct br_vlan_link_state_walk_data data = {
1521 .br = br
1522 };
eff74233
TY		 1523 struct netdev_nested_priv priv = {
1524 .data = (void *)&data,
1525 };
8e1acd4f
MM		 1526
1527 rcu_read_lock();
1528 netdev_walk_all_upper_dev_rcu(dev, br_vlan_link_state_change_fn,
eff74233 1529 &priv);
8e1acd4f
MM		 1530 rcu_read_unlock();
1531}
1532
80900acd
MM		 1533/* Must be protected by RTNL. */
1534static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid)
1535{
1536 struct net_device *vlan_dev;
1537
1538 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING))
1539 return;
1540
1541 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev, vid);
1542 if (vlan_dev)
1543 br_vlan_set_vlan_dev_state(p->br, vlan_dev);
1544}
1545
9c0ec2e7 1546/* Must be protected by RTNL. */
091adf9b 1547int br_vlan_bridge_event(struct net_device *dev, unsigned long event, void *ptr)
9c0ec2e7
MM		 1548{
1549 struct netdev_notifier_changeupper_info *info;
091adf9b 1550 struct net_bridge *br = netdev_priv(dev);
f545923b
NA		 1551 int vlcmd = 0, ret = 0;
1552 bool changed = false;
9c0ec2e7
MM		 1553
1554 switch (event) {
091adf9b
NA		 1555 case NETDEV_REGISTER:
1556 ret = br_vlan_add(br, br->default_pvid,
1557 BRIDGE_VLAN_INFO_PVID |
1558 BRIDGE_VLAN_INFO_UNTAGGED |
1559 BRIDGE_VLAN_INFO_BRENTRY, &changed, NULL);
f545923b 1560 vlcmd = RTM_NEWVLAN;
091adf9b
NA		 1561 break;
1562 case NETDEV_UNREGISTER:
f545923b
NA		 1563 changed = !br_vlan_delete(br, br->default_pvid);
1564 vlcmd = RTM_DELVLAN;
091adf9b 1565 break;
9c0ec2e7
MM		 1566 case NETDEV_CHANGEUPPER:
1567 info = ptr;
1568 br_vlan_upper_change(dev, info->upper_dev, info->linking);
1569 break;
8e1acd4f
MM		 1570
1571 case NETDEV_CHANGE:
1572 case NETDEV_UP:
8e1acd4f 1573 if (!br_opt_get(br, BROPT_VLAN_BRIDGE_BINDING))
091adf9b 1574 break;
8e1acd4f
MM		 1575 br_vlan_link_state_change(dev, br);
1576 break;
9c0ec2e7 1577 }
f545923b
NA		 1578 if (changed)
1579 br_vlan_notify(br, NULL, br->default_pvid, 0, vlcmd);
091adf9b
NA		 1580
1581 return ret;
9c0ec2e7
MM		 1582}
1583
1584/* Must be protected by RTNL. */
1585void br_vlan_port_event(struct net_bridge_port *p, unsigned long event)
1586{
1587 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING))
1588 return;
1589
1590 switch (event) {
1591 case NETDEV_CHANGE:
1592 case NETDEV_DOWN:
1593 case NETDEV_UP:
1594 br_vlan_set_all_vlan_dev_state(p);
1595 break;
1596 }
1597}
8dcea187 1598
56d09976
NA		 1599static bool br_vlan_stats_fill(struct sk_buff *skb,
1600 const struct net_bridge_vlan *v)
1601{
281cc284 1602 struct pcpu_sw_netstats stats;
56d09976
NA		 1603 struct nlattr *nest;
1604
1605 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY_STATS);
1606 if (!nest)
1607 return false;
1608
1609 br_vlan_get_stats(v, &stats);
1610 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_BYTES, stats.rx_bytes,
1611 BRIDGE_VLANDB_STATS_PAD) ||
1612 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_PACKETS,
1613 stats.rx_packets, BRIDGE_VLANDB_STATS_PAD) ||
1614 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_BYTES, stats.tx_bytes,
1615 BRIDGE_VLANDB_STATS_PAD) ||
1616 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_PACKETS,
1617 stats.tx_packets, BRIDGE_VLANDB_STATS_PAD))
1618 goto out_err;
1619
1620 nla_nest_end(skb, nest);
1621
1622 return true;
1623
1624out_err:
1625 nla_nest_cancel(skb, nest);
1626 return false;
1627}
1628
7a53e718 1629/* v_opts is used to dump the options which must be equal in the whole range */
0ab55879 1630static bool br_vlan_fill_vids(struct sk_buff *skb, u16 vid, u16 vid_range,
7a53e718 1631 const struct net_bridge_vlan *v_opts,
56d09976
NA		 1632 u16 flags,
1633 bool dump_stats)
8dcea187
NA		 1634{
1635 struct bridge_vlan_info info;
1636 struct nlattr *nest;
1637
1638 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY);
1639 if (!nest)
1640 return false;
1641
1642 memset(&info, 0, sizeof(info));
1643 info.vid = vid;
1644 if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
1645 info.flags |= BRIDGE_VLAN_INFO_UNTAGGED;
1646 if (flags & BRIDGE_VLAN_INFO_PVID)
1647 info.flags |= BRIDGE_VLAN_INFO_PVID;
1648
1649 if (nla_put(skb, BRIDGE_VLANDB_ENTRY_INFO, sizeof(info), &info))
1650 goto out_err;
1651
0ab55879
NA		 1652 if (vid_range && vid < vid_range &&
1653 !(flags & BRIDGE_VLAN_INFO_PVID) &&
1654 nla_put_u16(skb, BRIDGE_VLANDB_ENTRY_RANGE, vid_range))
1655 goto out_err;
1656
56d09976
NA		 1657 if (v_opts) {
1658 if (!br_vlan_opts_fill(skb, v_opts))
1659 goto out_err;
1660
1661 if (dump_stats && !br_vlan_stats_fill(skb, v_opts))
1662 goto out_err;
1663 }
7a53e718 1664
8dcea187
NA		 1665 nla_nest_end(skb, nest);
1666
1667 return true;
1668
1669out_err:
1670 nla_nest_cancel(skb, nest);
1671 return false;
1672}
1673
cf5bddb9
NA		 1674static size_t rtnl_vlan_nlmsg_size(void)
1675{
1676 return NLMSG_ALIGN(sizeof(struct br_vlan_msg))
1677 + nla_total_size(0) /* BRIDGE_VLANDB_ENTRY */
1678 + nla_total_size(sizeof(u16)) /* BRIDGE_VLANDB_ENTRY_RANGE */
7a53e718
NA		 1679 + nla_total_size(sizeof(struct bridge_vlan_info)) /* BRIDGE_VLANDB_ENTRY_INFO */
1680 + br_vlan_opts_nl_size(); /* bridge vlan options */
cf5bddb9
NA		 1681}
1682
1683void br_vlan_notify(const struct net_bridge *br,
1684 const struct net_bridge_port *p,
1685 u16 vid, u16 vid_range,
1686 int cmd)
1687{
1688 struct net_bridge_vlan_group *vg;
7a53e718 1689 struct net_bridge_vlan *v = NULL;
cf5bddb9
NA		 1690 struct br_vlan_msg *bvm;
1691 struct nlmsghdr *nlh;
1692 struct sk_buff *skb;
1693 int err = -ENOBUFS;
1694 struct net *net;
1695 u16 flags = 0;
1696 int ifindex;
1697
1698 /* right now notifications are done only with rtnl held */
1699 ASSERT_RTNL();
1700
1701 if (p) {
1702 ifindex = p->dev->ifindex;
1703 vg = nbp_vlan_group(p);
1704 net = dev_net(p->dev);
1705 } else {
1706 ifindex = br->dev->ifindex;
1707 vg = br_vlan_group(br);
1708 net = dev_net(br->dev);
1709 }
1710
1711 skb = nlmsg_new(rtnl_vlan_nlmsg_size(), GFP_KERNEL);
1712 if (!skb)
1713 goto out_err;
1714
1715 err = -EMSGSIZE;
1716 nlh = nlmsg_put(skb, 0, 0, cmd, sizeof(*bvm), 0);
1717 if (!nlh)
1718 goto out_err;
1719 bvm = nlmsg_data(nlh);
1720 memset(bvm, 0, sizeof(*bvm));
1721 bvm->family = AF_BRIDGE;
1722 bvm->ifindex = ifindex;
1723
1724 switch (cmd) {
1725 case RTM_NEWVLAN:
1726 /* need to find the vlan due to flags/options */
1727 v = br_vlan_find(vg, vid);
1728 if (!v || !br_vlan_should_use(v))
1729 goto out_kfree;
1730
1731 flags = v->flags;
1732 if (br_get_pvid(vg) == v->vid)
1733 flags |= BRIDGE_VLAN_INFO_PVID;
1734 break;
1735 case RTM_DELVLAN:
1736 break;
1737 default:
1738 goto out_kfree;
1739 }
1740
56d09976 1741 if (!br_vlan_fill_vids(skb, vid, vid_range, v, flags, false))
cf5bddb9
NA		 1742 goto out_err;
1743
1744 nlmsg_end(skb, nlh);
1745 rtnl_notify(skb, net, 0, RTNLGRP_BRVLAN, NULL, GFP_KERNEL);
1746 return;
1747
1748out_err:
1749 rtnl_set_sk_err(net, RTNLGRP_BRVLAN, err);
1750out_kfree:
1751 kfree_skb(skb);
1752}
1753
0ab55879 1754/* check if v_curr can enter a range ending in range_end */
a5d29ae2
NA		 1755bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr,
1756 const struct net_bridge_vlan *range_end)
0ab55879
NA		 1757{
1758 return v_curr->vid - range_end->vid == 1 &&
7a53e718 1759 range_end->flags == v_curr->flags &&
99f7c5e0 1760 br_vlan_opts_eq_range(v_curr, range_end);
0ab55879
NA		 1761}
1762
8dcea187
NA		 1763static int br_vlan_dump_dev(const struct net_device *dev,
1764 struct sk_buff *skb,
56d09976
NA		 1765 struct netlink_callback *cb,
1766 u32 dump_flags)
8dcea187 1767{
0ab55879 1768 struct net_bridge_vlan *v, *range_start = NULL, *range_end = NULL;
56d09976 1769 bool dump_stats = !!(dump_flags & BRIDGE_VLANDB_DUMPF_STATS);
8dcea187
NA		 1770 struct net_bridge_vlan_group *vg;
1771 int idx = 0, s_idx = cb->args[1];
1772 struct nlmsghdr *nlh = NULL;
8dcea187
NA		 1773 struct net_bridge_port *p;
1774 struct br_vlan_msg *bvm;
1775 struct net_bridge *br;
1776 int err = 0;
1777 u16 pvid;
1778
1779 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev))
1780 return -EINVAL;
1781
1782 if (netif_is_bridge_master(dev)) {
1783 br = netdev_priv(dev);
1784 vg = br_vlan_group_rcu(br);
1785 p = NULL;
1786 } else {
1787 p = br_port_get_rcu(dev);
1788 if (WARN_ON(!p))
1789 return -EINVAL;
1790 vg = nbp_vlan_group_rcu(p);
1791 br = p->br;
1792 }
1793
1794 if (!vg)
1795 return 0;
1796
1797 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
1798 RTM_NEWVLAN, sizeof(*bvm), NLM_F_MULTI);
1799 if (!nlh)
1800 return -EMSGSIZE;
1801 bvm = nlmsg_data(nlh);
1802 memset(bvm, 0, sizeof(*bvm));
1803 bvm->family = PF_BRIDGE;
1804 bvm->ifindex = dev->ifindex;
1805 pvid = br_get_pvid(vg);
1806
0ab55879 1807 /* idx must stay at range's beginning until it is filled in */
8dcea187
NA		 1808 list_for_each_entry_rcu(v, &vg->vlan_list, vlist) {
1809 if (!br_vlan_should_use(v))
1810 continue;
0ab55879
NA		 1811 if (idx < s_idx) {
1812 idx++;
1813 continue;
8dcea187 1814 }
0ab55879
NA		 1815
1816 if (!range_start) {
1817 range_start = v;
1818 range_end = v;
1819 continue;
1820 }
1821
56d09976
NA		 1822 if (dump_stats || v->vid == pvid ||
1823 !br_vlan_can_enter_range(v, range_end)) {
1824 u16 vlan_flags = br_vlan_flags(range_start, pvid);
0ab55879
NA		 1825
1826 if (!br_vlan_fill_vids(skb, range_start->vid,
7a53e718 1827 range_end->vid, range_start,
56d09976 1828 vlan_flags, dump_stats)) {
0ab55879
NA		 1829 err = -EMSGSIZE;
1830 break;
1831 }
1832 /* advance number of filled vlans */
1833 idx += range_end->vid - range_start->vid + 1;
1834
1835 range_start = v;
1836 }
1837 range_end = v;
8dcea187 1838 }
0ab55879
NA		 1839
1840 /* err will be 0 and range_start will be set in 3 cases here:
1841 * - first vlan (range_start == range_end)
1842 * - last vlan (range_start == range_end, not in range)
1843 * - last vlan range (range_start != range_end, in range)
1844 */
1845 if (!err && range_start &&
1846 !br_vlan_fill_vids(skb, range_start->vid, range_end->vid,
56d09976
NA		 1847 range_start, br_vlan_flags(range_start, pvid),
1848 dump_stats))
0ab55879
NA		 1849 err = -EMSGSIZE;
1850
1851 cb->args[1] = err ? idx : 0;
1852
8dcea187
NA		 1853 nlmsg_end(skb, nlh);
1854
1855 return err;
1856}
1857
56d09976
NA		 1858static const struct nla_policy br_vlan_db_dump_pol[BRIDGE_VLANDB_DUMP_MAX + 1] = {
1859 [BRIDGE_VLANDB_DUMP_FLAGS] = { .type = NLA_U32 },
1860};
1861
8dcea187
NA		 1862static int br_vlan_rtm_dump(struct sk_buff *skb, struct netlink_callback *cb)
1863{
56d09976 1864 struct nlattr *dtb[BRIDGE_VLANDB_DUMP_MAX + 1];
8dcea187
NA		 1865 int idx = 0, err = 0, s_idx = cb->args[0];
1866 struct net *net = sock_net(skb->sk);
1867 struct br_vlan_msg *bvm;
1868 struct net_device *dev;
56d09976 1869 u32 dump_flags = 0;
8dcea187 1870
56d09976
NA		 1871 err = nlmsg_parse(cb->nlh, sizeof(*bvm), dtb, BRIDGE_VLANDB_DUMP_MAX,
1872 br_vlan_db_dump_pol, cb->extack);
8dcea187
NA		 1873 if (err < 0)
1874 return err;
1875
1876 bvm = nlmsg_data(cb->nlh);
56d09976
NA		 1877 if (dtb[BRIDGE_VLANDB_DUMP_FLAGS])
1878 dump_flags = nla_get_u32(dtb[BRIDGE_VLANDB_DUMP_FLAGS]);
8dcea187
NA		 1879
1880 rcu_read_lock();
1881 if (bvm->ifindex) {
1882 dev = dev_get_by_index_rcu(net, bvm->ifindex);
1883 if (!dev) {
1884 err = -ENODEV;
1885 goto out_err;
1886 }
56d09976 1887 err = br_vlan_dump_dev(dev, skb, cb, dump_flags);
8dcea187
NA		 1888 if (err && err != -EMSGSIZE)
1889 goto out_err;
1890 } else {
1891 for_each_netdev_rcu(net, dev) {
1892 if (idx < s_idx)
1893 goto skip;
1894
56d09976 1895 err = br_vlan_dump_dev(dev, skb, cb, dump_flags);
8dcea187
NA		 1896 if (err == -EMSGSIZE)
1897 break;
1898skip:
1899 idx++;
1900 }
1901 }
1902 cb->args[0] = idx;
1903 rcu_read_unlock();
1904
1905 return skb->len;
1906
1907out_err:
1908 rcu_read_unlock();
1909
1910 return err;
1911}
1912
f26b2965 1913static const struct nla_policy br_vlan_db_policy[BRIDGE_VLANDB_ENTRY_MAX + 1] = {
8140860c
JB		 1914 [BRIDGE_VLANDB_ENTRY_INFO] =
1915 NLA_POLICY_EXACT_LEN(sizeof(struct bridge_vlan_info)),
0ab55879 1916 [BRIDGE_VLANDB_ENTRY_RANGE] = { .type = NLA_U16 },
a580c76d 1917 [BRIDGE_VLANDB_ENTRY_STATE] = { .type = NLA_U8 },
fa388f29 1918 [BRIDGE_VLANDB_ENTRY_TUNNEL_INFO] = { .type = NLA_NESTED },
f26b2965
NA		 1919};
1920
1921static int br_vlan_rtm_process_one(struct net_device *dev,
1922 const struct nlattr *attr,
1923 int cmd, struct netlink_ext_ack *extack)
1924{
0ab55879 1925 struct bridge_vlan_info *vinfo, vrange_end, *vinfo_last = NULL;
f26b2965 1926 struct nlattr *tb[BRIDGE_VLANDB_ENTRY_MAX + 1];
a5d29ae2 1927 bool changed = false, skip_processing = false;
f26b2965
NA		 1928 struct net_bridge_vlan_group *vg;
1929 struct net_bridge_port *p = NULL;
1930 int err = 0, cmdmap = 0;
1931 struct net_bridge *br;
f26b2965
NA		 1932
1933 if (netif_is_bridge_master(dev)) {
1934 br = netdev_priv(dev);
1935 vg = br_vlan_group(br);
1936 } else {
1937 p = br_port_get_rtnl(dev);
1938 if (WARN_ON(!p))
1939 return -ENODEV;
1940 br = p->br;
1941 vg = nbp_vlan_group(p);
1942 }
1943
1944 if (WARN_ON(!vg))
1945 return -ENODEV;
1946
1947 err = nla_parse_nested(tb, BRIDGE_VLANDB_ENTRY_MAX, attr,
1948 br_vlan_db_policy, extack);
1949 if (err)
1950 return err;
1951
1952 if (!tb[BRIDGE_VLANDB_ENTRY_INFO]) {
1953 NL_SET_ERR_MSG_MOD(extack, "Missing vlan entry info");
1954 return -EINVAL;
1955 }
0ab55879 1956 memset(&vrange_end, 0, sizeof(vrange_end));
f26b2965
NA		 1957
1958 vinfo = nla_data(tb[BRIDGE_VLANDB_ENTRY_INFO]);
1959 if (vinfo->flags & (BRIDGE_VLAN_INFO_RANGE_BEGIN |
1960 BRIDGE_VLAN_INFO_RANGE_END)) {
1961 NL_SET_ERR_MSG_MOD(extack, "Old-style vlan ranges are not allowed when using RTM vlan calls");
1962 return -EINVAL;
1963 }
1964 if (!br_vlan_valid_id(vinfo->vid, extack))
1965 return -EINVAL;
1966
0ab55879
NA		 1967 if (tb[BRIDGE_VLANDB_ENTRY_RANGE]) {
1968 vrange_end.vid = nla_get_u16(tb[BRIDGE_VLANDB_ENTRY_RANGE]);
1969 /* validate user-provided flags without RANGE_BEGIN */
1970 vrange_end.flags = BRIDGE_VLAN_INFO_RANGE_END | vinfo->flags;
1971 vinfo->flags |= BRIDGE_VLAN_INFO_RANGE_BEGIN;
1972
1973 /* vinfo_last is the range start, vinfo the range end */
1974 vinfo_last = vinfo;
1975 vinfo = &vrange_end;
1976
1977 if (!br_vlan_valid_id(vinfo->vid, extack) ||
1978 !br_vlan_valid_range(vinfo, vinfo_last, extack))
1979 return -EINVAL;
1980 }
1981
f26b2965
NA		 1982 switch (cmd) {
1983 case RTM_NEWVLAN:
1984 cmdmap = RTM_SETLINK;
a5d29ae2 1985 skip_processing = !!(vinfo->flags & BRIDGE_VLAN_INFO_ONLY_OPTS);
f26b2965 1986 break;
adb3ce9b
NA		 1987 case RTM_DELVLAN:
1988 cmdmap = RTM_DELLINK;
1989 break;
f26b2965
NA		 1990 }
1991
a5d29ae2
NA		 1992 if (!skip_processing) {
1993 struct bridge_vlan_info *tmp_last = vinfo_last;
1994
1995 /* br_process_vlan_info may overwrite vinfo_last */
1996 err = br_process_vlan_info(br, p, cmdmap, vinfo, &tmp_last,
1997 &changed, extack);
1998
1999 /* notify first if anything changed */
2000 if (changed)
2001 br_ifinfo_notify(cmdmap, br, p);
2002
2003 if (err)
2004 return err;
2005 }
2006
2007 /* deal with options */
2008 if (cmd == RTM_NEWVLAN) {
2009 struct net_bridge_vlan *range_start, *range_end;
2010
2011 if (vinfo_last) {
2012 range_start = br_vlan_find(vg, vinfo_last->vid);
2013 range_end = br_vlan_find(vg, vinfo->vid);
2014 } else {
2015 range_start = br_vlan_find(vg, vinfo->vid);
2016 range_end = range_start;
2017 }
2018
2019 err = br_vlan_process_options(br, p, range_start, range_end,
2020 tb, extack);
2021 }
f26b2965
NA		 2022
2023 return err;
2024}
2025
2026static int br_vlan_rtm_process(struct sk_buff *skb, struct nlmsghdr *nlh,
2027 struct netlink_ext_ack *extack)
2028{
2029 struct net *net = sock_net(skb->sk);
2030 struct br_vlan_msg *bvm;
2031 struct net_device *dev;
2032 struct nlattr *attr;
2033 int err, vlans = 0;
2034 int rem;
2035
2036 /* this should validate the header and check for remaining bytes */
2037 err = nlmsg_parse(nlh, sizeof(*bvm), NULL, BRIDGE_VLANDB_MAX, NULL,
2038 extack);
2039 if (err < 0)
2040 return err;
2041
2042 bvm = nlmsg_data(nlh);
2043 dev = __dev_get_by_index(net, bvm->ifindex);
2044 if (!dev)
2045 return -ENODEV;
2046
2047 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) {
2048 NL_SET_ERR_MSG_MOD(extack, "The device is not a valid bridge or bridge port");
2049 return -EINVAL;
2050 }
2051
2052 nlmsg_for_each_attr(attr, nlh, sizeof(*bvm), rem) {
2053 if (nla_type(attr) != BRIDGE_VLANDB_ENTRY)
2054 continue;
2055
2056 vlans++;
2057 err = br_vlan_rtm_process_one(dev, attr, nlh->nlmsg_type,
2058 extack);
2059 if (err)
2060 break;
2061 }
2062 if (!vlans) {
2063 NL_SET_ERR_MSG_MOD(extack, "No vlans found to process");
2064 err = -EINVAL;
2065 }
2066
2067 return err;
2068}
2069
8dcea187
NA		 2070void br_vlan_rtnl_init(void)
2071{
2072 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_GETVLAN, NULL,
2073 br_vlan_rtm_dump, 0);
f26b2965
NA		 2074 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_NEWVLAN,
2075 br_vlan_rtm_process, NULL, 0);
adb3ce9b
NA		 2076 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_DELVLAN,
2077 br_vlan_rtm_process, NULL, 0);
8dcea187
NA		 2078}
2079
2080void br_vlan_rtnl_uninit(void)
2081{
2082 rtnl_unregister(PF_BRIDGE, RTM_GETVLAN);
f26b2965 2083 rtnl_unregister(PF_BRIDGE, RTM_NEWVLAN);
adb3ce9b 2084 rtnl_unregister(PF_BRIDGE, RTM_DELVLAN);
8dcea187 2085}
Linux 6.x block layer and io_uring tree(s)