1 // SPDX-License-Identifier: GPL-2.0-only 2 #include <linux/kernel.h> 3 #include <linux/netdevice.h> 4 #include <linux/rtnetlink.h> 5 #include <linux/slab.h> 6 #include <net/switchdev.h> 7 8 #include "br_private.h" 9 #include "br_private_tunnel.h" 10 11 static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid); 12 13 static inline int br_vlan_cmp(struct rhashtable_compare_arg *arg, 14 const void *ptr) 15 { 16 const struct net_bridge_vlan *vle = ptr; 17 u16 vid = *(u16 *)arg->key; 18 19 return vle->vid != vid; 20 } 21 22 static const struct rhashtable_params br_vlan_rht_params = { 23 .head_offset = offsetof(struct net_bridge_vlan, vnode), 24 .key_offset = offsetof(struct net_bridge_vlan, vid), 25 .key_len = sizeof(u16), 26 .nelem_hint = 3, 27 .max_size = VLAN_N_VID, 28 .obj_cmpfn = br_vlan_cmp, 29 .automatic_shrinking = true, 30 }; 31 32 static struct net_bridge_vlan *br_vlan_lookup(struct rhashtable *tbl, u16 vid) 33 { 34 return rhashtable_lookup_fast(tbl, &vid, br_vlan_rht_params); 35 } 36 37 static bool __vlan_add_pvid(struct net_bridge_vlan_group *vg, 38 const struct net_bridge_vlan *v) 39 { 40 if (vg->pvid == v->vid) 41 return false; 42 43 smp_wmb(); 44 br_vlan_set_pvid_state(vg, v->state); 45 vg->pvid = v->vid; 46 47 return true; 48 } 49 50 static bool __vlan_delete_pvid(struct net_bridge_vlan_group *vg, u16 vid) 51 { 52 if (vg->pvid != vid) 53 return false; 54 55 smp_wmb(); 56 vg->pvid = 0; 57 58 return true; 59 } 60 61 /* return true if anything changed, false otherwise */ 62 static bool __vlan_add_flags(struct net_bridge_vlan *v, u16 flags) 63 { 64 struct net_bridge_vlan_group *vg; 65 u16 old_flags = v->flags; 66 bool ret; 67 68 if (br_vlan_is_master(v)) 69 vg = br_vlan_group(v->br); 70 else 71 vg = nbp_vlan_group(v->port); 72 73 if (flags & BRIDGE_VLAN_INFO_PVID) 74 ret = __vlan_add_pvid(vg, v); 75 else 76 ret = __vlan_delete_pvid(vg, v->vid); 77 78 if (flags & BRIDGE_VLAN_INFO_UNTAGGED) 79 v->flags |= BRIDGE_VLAN_INFO_UNTAGGED; 80 else 81 v->flags &= ~BRIDGE_VLAN_INFO_UNTAGGED; 82 83 return ret || !!(old_flags ^ v->flags); 84 } 85 86 static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, 87 struct net_bridge_vlan *v, u16 flags, 88 struct netlink_ext_ack *extack) 89 { 90 int err; 91 92 /* Try switchdev op first. In case it is not supported, fallback to 93 * 8021q add. 94 */ 95 err = br_switchdev_port_vlan_add(dev, v->vid, flags, extack); 96 if (err == -EOPNOTSUPP) 97 return vlan_vid_add(dev, br->vlan_proto, v->vid); 98 v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV; 99 return err; 100 } 101 102 static void __vlan_add_list(struct net_bridge_vlan *v) 103 { 104 struct net_bridge_vlan_group *vg; 105 struct list_head *headp, *hpos; 106 struct net_bridge_vlan *vent; 107 108 if (br_vlan_is_master(v)) 109 vg = br_vlan_group(v->br); 110 else 111 vg = nbp_vlan_group(v->port); 112 113 headp = &vg->vlan_list; 114 list_for_each_prev(hpos, headp) { 115 vent = list_entry(hpos, struct net_bridge_vlan, vlist); 116 if (v->vid >= vent->vid) 117 break; 118 } 119 list_add_rcu(&v->vlist, hpos); 120 } 121 122 static void __vlan_del_list(struct net_bridge_vlan *v) 123 { 124 list_del_rcu(&v->vlist); 125 } 126 127 static int __vlan_vid_del(struct net_device *dev, struct net_bridge *br, 128 const struct net_bridge_vlan *v) 129 { 130 int err; 131 132 /* Try switchdev op first. In case it is not supported, fallback to 133 * 8021q del. 134 */ 135 err = br_switchdev_port_vlan_del(dev, v->vid); 136 if (!(v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV)) 137 vlan_vid_del(dev, br->vlan_proto, v->vid); 138 return err == -EOPNOTSUPP ? 0 : err; 139 } 140 141 /* Returns a master vlan, if it didn't exist it gets created. In all cases 142 * a reference is taken to the master vlan before returning. 143 */ 144 static struct net_bridge_vlan * 145 br_vlan_get_master(struct net_bridge *br, u16 vid, 146 struct netlink_ext_ack *extack) 147 { 148 struct net_bridge_vlan_group *vg; 149 struct net_bridge_vlan *masterv; 150 151 vg = br_vlan_group(br); 152 masterv = br_vlan_find(vg, vid); 153 if (!masterv) { 154 bool changed; 155 156 /* missing global ctx, create it now */ 157 if (br_vlan_add(br, vid, 0, &changed, extack)) 158 return NULL; 159 masterv = br_vlan_find(vg, vid); 160 if (WARN_ON(!masterv)) 161 return NULL; 162 refcount_set(&masterv->refcnt, 1); 163 return masterv; 164 } 165 refcount_inc(&masterv->refcnt); 166 167 return masterv; 168 } 169 170 static void br_master_vlan_rcu_free(struct rcu_head *rcu) 171 { 172 struct net_bridge_vlan *v; 173 174 v = container_of(rcu, struct net_bridge_vlan, rcu); 175 WARN_ON(!br_vlan_is_master(v)); 176 free_percpu(v->stats); 177 v->stats = NULL; 178 kfree(v); 179 } 180 181 static void br_vlan_put_master(struct net_bridge_vlan *masterv) 182 { 183 struct net_bridge_vlan_group *vg; 184 185 if (!br_vlan_is_master(masterv)) 186 return; 187 188 vg = br_vlan_group(masterv->br); 189 if (refcount_dec_and_test(&masterv->refcnt)) { 190 rhashtable_remove_fast(&vg->vlan_hash, 191 &masterv->vnode, br_vlan_rht_params); 192 __vlan_del_list(masterv); 193 br_multicast_toggle_one_vlan(masterv, false); 194 br_multicast_ctx_deinit(&masterv->br_mcast_ctx); 195 call_rcu(&masterv->rcu, br_master_vlan_rcu_free); 196 } 197 } 198 199 static void nbp_vlan_rcu_free(struct rcu_head *rcu) 200 { 201 struct net_bridge_vlan *v; 202 203 v = container_of(rcu, struct net_bridge_vlan, rcu); 204 WARN_ON(br_vlan_is_master(v)); 205 /* if we had per-port stats configured then free them here */ 206 if (v->priv_flags & BR_VLFLAG_PER_PORT_STATS) 207 free_percpu(v->stats); 208 v->stats = NULL; 209 kfree(v); 210 } 211 212 /* This is the shared VLAN add function which works for both ports and bridge 213 * devices. There are four possible calls to this function in terms of the 214 * vlan entry type: 215 * 1. vlan is being added on a port (no master flags, global entry exists) 216 * 2. vlan is being added on a bridge (both master and brentry flags) 217 * 3. vlan is being added on a port, but a global entry didn't exist which 218 * is being created right now (master flag set, brentry flag unset), the 219 * global entry is used for global per-vlan features, but not for filtering 220 * 4. same as 3 but with both master and brentry flags set so the entry 221 * will be used for filtering in both the port and the bridge 222 */ 223 static int __vlan_add(struct net_bridge_vlan *v, u16 flags, 224 struct netlink_ext_ack *extack) 225 { 226 struct net_bridge_vlan *masterv = NULL; 227 struct net_bridge_port *p = NULL; 228 struct net_bridge_vlan_group *vg; 229 struct net_device *dev; 230 struct net_bridge *br; 231 int err; 232 233 if (br_vlan_is_master(v)) { 234 br = v->br; 235 dev = br->dev; 236 vg = br_vlan_group(br); 237 } else { 238 p = v->port; 239 br = p->br; 240 dev = p->dev; 241 vg = nbp_vlan_group(p); 242 } 243 244 if (p) { 245 /* Add VLAN to the device filter if it is supported. 246 * This ensures tagged traffic enters the bridge when 247 * promiscuous mode is disabled by br_manage_promisc(). 248 */ 249 err = __vlan_vid_add(dev, br, v, flags, extack); 250 if (err) 251 goto out; 252 253 /* need to work on the master vlan too */ 254 if (flags & BRIDGE_VLAN_INFO_MASTER) { 255 bool changed; 256 257 err = br_vlan_add(br, v->vid, 258 flags | BRIDGE_VLAN_INFO_BRENTRY, 259 &changed, extack); 260 if (err) 261 goto out_filt; 262 263 if (changed) 264 br_vlan_notify(br, NULL, v->vid, 0, 265 RTM_NEWVLAN); 266 } 267 268 masterv = br_vlan_get_master(br, v->vid, extack); 269 if (!masterv) { 270 err = -ENOMEM; 271 goto out_filt; 272 } 273 v->brvlan = masterv; 274 if (br_opt_get(br, BROPT_VLAN_STATS_PER_PORT)) { 275 v->stats = 276 netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); 277 if (!v->stats) { 278 err = -ENOMEM; 279 goto out_filt; 280 } 281 v->priv_flags |= BR_VLFLAG_PER_PORT_STATS; 282 } else { 283 v->stats = masterv->stats; 284 } 285 br_multicast_port_ctx_init(p, v, &v->port_mcast_ctx); 286 } else { 287 if (br_vlan_should_use(v)) { 288 err = br_switchdev_port_vlan_add(dev, v->vid, flags, 289 extack); 290 if (err && err != -EOPNOTSUPP) 291 goto out; 292 } 293 br_multicast_ctx_init(br, v, &v->br_mcast_ctx); 294 v->priv_flags |= BR_VLFLAG_GLOBAL_MCAST_ENABLED; 295 } 296 297 /* Add the dev mac and count the vlan only if it's usable */ 298 if (br_vlan_should_use(v)) { 299 err = br_fdb_add_local(br, p, dev->dev_addr, v->vid); 300 if (err) { 301 br_err(br, "failed insert local address into bridge forwarding table\n"); 302 goto out_filt; 303 } 304 vg->num_vlans++; 305 } 306 307 /* set the state before publishing */ 308 v->state = BR_STATE_FORWARDING; 309 310 err = rhashtable_lookup_insert_fast(&vg->vlan_hash, &v->vnode, 311 br_vlan_rht_params); 312 if (err) 313 goto out_fdb_insert; 314 315 __vlan_add_list(v); 316 __vlan_add_flags(v, flags); 317 br_multicast_toggle_one_vlan(v, true); 318 319 if (p) 320 nbp_vlan_set_vlan_dev_state(p, v->vid); 321 out: 322 return err; 323 324 out_fdb_insert: 325 if (br_vlan_should_use(v)) { 326 br_fdb_find_delete_local(br, p, dev->dev_addr, v->vid); 327 vg->num_vlans--; 328 } 329 330 out_filt: 331 if (p) { 332 __vlan_vid_del(dev, br, v); 333 if (masterv) { 334 if (v->stats && masterv->stats != v->stats) 335 free_percpu(v->stats); 336 v->stats = NULL; 337 338 br_vlan_put_master(masterv); 339 v->brvlan = NULL; 340 } 341 } else { 342 br_switchdev_port_vlan_del(dev, v->vid); 343 } 344 345 goto out; 346 } 347 348 static int __vlan_del(struct net_bridge_vlan *v) 349 { 350 struct net_bridge_vlan *masterv = v; 351 struct net_bridge_vlan_group *vg; 352 struct net_bridge_port *p = NULL; 353 int err = 0; 354 355 if (br_vlan_is_master(v)) { 356 vg = br_vlan_group(v->br); 357 } else { 358 p = v->port; 359 vg = nbp_vlan_group(v->port); 360 masterv = v->brvlan; 361 } 362 363 __vlan_delete_pvid(vg, v->vid); 364 if (p) { 365 err = __vlan_vid_del(p->dev, p->br, v); 366 if (err) 367 goto out; 368 } else { 369 err = br_switchdev_port_vlan_del(v->br->dev, v->vid); 370 if (err && err != -EOPNOTSUPP) 371 goto out; 372 err = 0; 373 } 374 375 if (br_vlan_should_use(v)) { 376 v->flags &= ~BRIDGE_VLAN_INFO_BRENTRY; 377 vg->num_vlans--; 378 } 379 380 if (masterv != v) { 381 vlan_tunnel_info_del(vg, v); 382 rhashtable_remove_fast(&vg->vlan_hash, &v->vnode, 383 br_vlan_rht_params); 384 __vlan_del_list(v); 385 nbp_vlan_set_vlan_dev_state(p, v->vid); 386 br_multicast_toggle_one_vlan(v, false); 387 br_multicast_port_ctx_deinit(&v->port_mcast_ctx); 388 call_rcu(&v->rcu, nbp_vlan_rcu_free); 389 } 390 391 br_vlan_put_master(masterv); 392 out: 393 return err; 394 } 395 396 static void __vlan_group_free(struct net_bridge_vlan_group *vg) 397 { 398 WARN_ON(!list_empty(&vg->vlan_list)); 399 rhashtable_destroy(&vg->vlan_hash); 400 vlan_tunnel_deinit(vg); 401 kfree(vg); 402 } 403 404 static void __vlan_flush(const struct net_bridge *br, 405 const struct net_bridge_port *p, 406 struct net_bridge_vlan_group *vg) 407 { 408 struct net_bridge_vlan *vlan, *tmp; 409 u16 v_start = 0, v_end = 0; 410 int err; 411 412 __vlan_delete_pvid(vg, vg->pvid); 413 list_for_each_entry_safe(vlan, tmp, &vg->vlan_list, vlist) { 414 /* take care of disjoint ranges */ 415 if (!v_start) { 416 v_start = vlan->vid; 417 } else if (vlan->vid - v_end != 1) { 418 /* found range end, notify and start next one */ 419 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN); 420 v_start = vlan->vid; 421 } 422 v_end = vlan->vid; 423 424 err = __vlan_del(vlan); 425 if (err) { 426 br_err(br, 427 "port %u(%s) failed to delete vlan %d: %pe\n", 428 (unsigned int) p->port_no, p->dev->name, 429 vlan->vid, ERR_PTR(err)); 430 } 431 } 432 433 /* notify about the last/whole vlan range */ 434 if (v_start) 435 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN); 436 } 437 438 struct sk_buff *br_handle_vlan(struct net_bridge *br, 439 const struct net_bridge_port *p, 440 struct net_bridge_vlan_group *vg, 441 struct sk_buff *skb) 442 { 443 struct pcpu_sw_netstats *stats; 444 struct net_bridge_vlan *v; 445 u16 vid; 446 447 /* If this packet was not filtered at input, let it pass */ 448 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered) 449 goto out; 450 451 /* At this point, we know that the frame was filtered and contains 452 * a valid vlan id. If the vlan id has untagged flag set, 453 * send untagged; otherwise, send tagged. 454 */ 455 br_vlan_get_tag(skb, &vid); 456 v = br_vlan_find(vg, vid); 457 /* Vlan entry must be configured at this point. The 458 * only exception is the bridge is set in promisc mode and the 459 * packet is destined for the bridge device. In this case 460 * pass the packet as is. 461 */ 462 if (!v || !br_vlan_should_use(v)) { 463 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) { 464 goto out; 465 } else { 466 kfree_skb(skb); 467 return NULL; 468 } 469 } 470 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 471 stats = this_cpu_ptr(v->stats); 472 u64_stats_update_begin(&stats->syncp); 473 stats->tx_bytes += skb->len; 474 stats->tx_packets++; 475 u64_stats_update_end(&stats->syncp); 476 } 477 478 /* If the skb will be sent using forwarding offload, the assumption is 479 * that the switchdev will inject the packet into hardware together 480 * with the bridge VLAN, so that it can be forwarded according to that 481 * VLAN. The switchdev should deal with popping the VLAN header in 482 * hardware on each egress port as appropriate. So only strip the VLAN 483 * header if forwarding offload is not being used. 484 */ 485 if (v->flags & BRIDGE_VLAN_INFO_UNTAGGED && 486 !br_switchdev_frame_uses_tx_fwd_offload(skb)) 487 __vlan_hwaccel_clear_tag(skb); 488 489 if (p && (p->flags & BR_VLAN_TUNNEL) && 490 br_handle_egress_vlan_tunnel(skb, v)) { 491 kfree_skb(skb); 492 return NULL; 493 } 494 out: 495 return skb; 496 } 497 498 /* Called under RCU */ 499 static bool __allowed_ingress(const struct net_bridge *br, 500 struct net_bridge_vlan_group *vg, 501 struct sk_buff *skb, u16 *vid, 502 u8 *state, 503 struct net_bridge_vlan **vlan) 504 { 505 struct pcpu_sw_netstats *stats; 506 struct net_bridge_vlan *v; 507 bool tagged; 508 509 BR_INPUT_SKB_CB(skb)->vlan_filtered = true; 510 /* If vlan tx offload is disabled on bridge device and frame was 511 * sent from vlan device on the bridge device, it does not have 512 * HW accelerated vlan tag. 513 */ 514 if (unlikely(!skb_vlan_tag_present(skb) && 515 skb->protocol == br->vlan_proto)) { 516 skb = skb_vlan_untag(skb); 517 if (unlikely(!skb)) 518 return false; 519 } 520 521 if (!br_vlan_get_tag(skb, vid)) { 522 /* Tagged frame */ 523 if (skb->vlan_proto != br->vlan_proto) { 524 /* Protocol-mismatch, empty out vlan_tci for new tag */ 525 skb_push(skb, ETH_HLEN); 526 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto, 527 skb_vlan_tag_get(skb)); 528 if (unlikely(!skb)) 529 return false; 530 531 skb_pull(skb, ETH_HLEN); 532 skb_reset_mac_len(skb); 533 *vid = 0; 534 tagged = false; 535 } else { 536 tagged = true; 537 } 538 } else { 539 /* Untagged frame */ 540 tagged = false; 541 } 542 543 if (!*vid) { 544 u16 pvid = br_get_pvid(vg); 545 546 /* Frame had a tag with VID 0 or did not have a tag. 547 * See if pvid is set on this port. That tells us which 548 * vlan untagged or priority-tagged traffic belongs to. 549 */ 550 if (!pvid) 551 goto drop; 552 553 /* PVID is set on this port. Any untagged or priority-tagged 554 * ingress frame is considered to belong to this vlan. 555 */ 556 *vid = pvid; 557 if (likely(!tagged)) 558 /* Untagged Frame. */ 559 __vlan_hwaccel_put_tag(skb, br->vlan_proto, pvid); 560 else 561 /* Priority-tagged Frame. 562 * At this point, we know that skb->vlan_tci VID 563 * field was 0. 564 * We update only VID field and preserve PCP field. 565 */ 566 skb->vlan_tci |= pvid; 567 568 /* if snooping and stats are disabled we can avoid the lookup */ 569 if (!br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED) && 570 !br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 571 if (*state == BR_STATE_FORWARDING) { 572 *state = br_vlan_get_pvid_state(vg); 573 if (!br_vlan_state_allowed(*state, true)) 574 goto drop; 575 } 576 return true; 577 } 578 } 579 v = br_vlan_find(vg, *vid); 580 if (!v || !br_vlan_should_use(v)) 581 goto drop; 582 583 if (*state == BR_STATE_FORWARDING) { 584 *state = br_vlan_get_state(v); 585 if (!br_vlan_state_allowed(*state, true)) 586 goto drop; 587 } 588 589 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 590 stats = this_cpu_ptr(v->stats); 591 u64_stats_update_begin(&stats->syncp); 592 stats->rx_bytes += skb->len; 593 stats->rx_packets++; 594 u64_stats_update_end(&stats->syncp); 595 } 596 597 *vlan = v; 598 599 return true; 600 601 drop: 602 kfree_skb(skb); 603 return false; 604 } 605 606 bool br_allowed_ingress(const struct net_bridge *br, 607 struct net_bridge_vlan_group *vg, struct sk_buff *skb, 608 u16 *vid, u8 *state, 609 struct net_bridge_vlan **vlan) 610 { 611 /* If VLAN filtering is disabled on the bridge, all packets are 612 * permitted. 613 */ 614 *vlan = NULL; 615 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) { 616 BR_INPUT_SKB_CB(skb)->vlan_filtered = false; 617 return true; 618 } 619 620 return __allowed_ingress(br, vg, skb, vid, state, vlan); 621 } 622 623 /* Called under RCU. */ 624 bool br_allowed_egress(struct net_bridge_vlan_group *vg, 625 const struct sk_buff *skb) 626 { 627 const struct net_bridge_vlan *v; 628 u16 vid; 629 630 /* If this packet was not filtered at input, let it pass */ 631 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered) 632 return true; 633 634 br_vlan_get_tag(skb, &vid); 635 v = br_vlan_find(vg, vid); 636 if (v && br_vlan_should_use(v) && 637 br_vlan_state_allowed(br_vlan_get_state(v), false)) 638 return true; 639 640 return false; 641 } 642 643 /* Called under RCU */ 644 bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid) 645 { 646 struct net_bridge_vlan_group *vg; 647 struct net_bridge *br = p->br; 648 struct net_bridge_vlan *v; 649 650 /* If filtering was disabled at input, let it pass. */ 651 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 652 return true; 653 654 vg = nbp_vlan_group_rcu(p); 655 if (!vg || !vg->num_vlans) 656 return false; 657 658 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto) 659 *vid = 0; 660 661 if (!*vid) { 662 *vid = br_get_pvid(vg); 663 if (!*vid || 664 !br_vlan_state_allowed(br_vlan_get_pvid_state(vg), true)) 665 return false; 666 667 return true; 668 } 669 670 v = br_vlan_find(vg, *vid); 671 if (v && br_vlan_state_allowed(br_vlan_get_state(v), true)) 672 return true; 673 674 return false; 675 } 676 677 static int br_vlan_add_existing(struct net_bridge *br, 678 struct net_bridge_vlan_group *vg, 679 struct net_bridge_vlan *vlan, 680 u16 flags, bool *changed, 681 struct netlink_ext_ack *extack) 682 { 683 int err; 684 685 /* Trying to change flags of non-existent bridge vlan */ 686 if (!br_vlan_is_brentry(vlan) && !(flags & BRIDGE_VLAN_INFO_BRENTRY)) 687 return -EINVAL; 688 689 err = br_switchdev_port_vlan_add(br->dev, vlan->vid, flags, extack); 690 if (err && err != -EOPNOTSUPP) 691 return err; 692 693 if (!br_vlan_is_brentry(vlan)) { 694 /* It was only kept for port vlans, now make it real */ 695 err = br_fdb_add_local(br, NULL, br->dev->dev_addr, vlan->vid); 696 if (err) { 697 br_err(br, "failed to insert local address into bridge forwarding table\n"); 698 goto err_fdb_insert; 699 } 700 701 refcount_inc(&vlan->refcnt); 702 vlan->flags |= BRIDGE_VLAN_INFO_BRENTRY; 703 vg->num_vlans++; 704 *changed = true; 705 br_multicast_toggle_one_vlan(vlan, true); 706 } 707 708 if (__vlan_add_flags(vlan, flags)) 709 *changed = true; 710 711 return 0; 712 713 err_fdb_insert: 714 br_switchdev_port_vlan_del(br->dev, vlan->vid); 715 return err; 716 } 717 718 /* Must be protected by RTNL. 719 * Must be called with vid in range from 1 to 4094 inclusive. 720 * changed must be true only if the vlan was created or updated 721 */ 722 int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags, bool *changed, 723 struct netlink_ext_ack *extack) 724 { 725 struct net_bridge_vlan_group *vg; 726 struct net_bridge_vlan *vlan; 727 int ret; 728 729 ASSERT_RTNL(); 730 731 *changed = false; 732 vg = br_vlan_group(br); 733 vlan = br_vlan_find(vg, vid); 734 if (vlan) 735 return br_vlan_add_existing(br, vg, vlan, flags, changed, 736 extack); 737 738 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL); 739 if (!vlan) 740 return -ENOMEM; 741 742 vlan->stats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); 743 if (!vlan->stats) { 744 kfree(vlan); 745 return -ENOMEM; 746 } 747 vlan->vid = vid; 748 vlan->flags = flags | BRIDGE_VLAN_INFO_MASTER; 749 vlan->flags &= ~BRIDGE_VLAN_INFO_PVID; 750 vlan->br = br; 751 if (flags & BRIDGE_VLAN_INFO_BRENTRY) 752 refcount_set(&vlan->refcnt, 1); 753 ret = __vlan_add(vlan, flags, extack); 754 if (ret) { 755 free_percpu(vlan->stats); 756 kfree(vlan); 757 } else { 758 *changed = true; 759 } 760 761 return ret; 762 } 763 764 /* Must be protected by RTNL. 765 * Must be called with vid in range from 1 to 4094 inclusive. 766 */ 767 int br_vlan_delete(struct net_bridge *br, u16 vid) 768 { 769 struct net_bridge_vlan_group *vg; 770 struct net_bridge_vlan *v; 771 772 ASSERT_RTNL(); 773 774 vg = br_vlan_group(br); 775 v = br_vlan_find(vg, vid); 776 if (!v || !br_vlan_is_brentry(v)) 777 return -ENOENT; 778 779 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid); 780 br_fdb_delete_by_port(br, NULL, vid, 0); 781 782 vlan_tunnel_info_del(vg, v); 783 784 return __vlan_del(v); 785 } 786 787 void br_vlan_flush(struct net_bridge *br) 788 { 789 struct net_bridge_vlan_group *vg; 790 791 ASSERT_RTNL(); 792 793 vg = br_vlan_group(br); 794 __vlan_flush(br, NULL, vg); 795 RCU_INIT_POINTER(br->vlgrp, NULL); 796 synchronize_rcu(); 797 __vlan_group_free(vg); 798 } 799 800 struct net_bridge_vlan *br_vlan_find(struct net_bridge_vlan_group *vg, u16 vid) 801 { 802 if (!vg) 803 return NULL; 804 805 return br_vlan_lookup(&vg->vlan_hash, vid); 806 } 807 808 /* Must be protected by RTNL. */ 809 static void recalculate_group_addr(struct net_bridge *br) 810 { 811 if (br_opt_get(br, BROPT_GROUP_ADDR_SET)) 812 return; 813 814 spin_lock_bh(&br->lock); 815 if (!br_opt_get(br, BROPT_VLAN_ENABLED) || 816 br->vlan_proto == htons(ETH_P_8021Q)) { 817 /* Bridge Group Address */ 818 br->group_addr[5] = 0x00; 819 } else { /* vlan_enabled && ETH_P_8021AD */ 820 /* Provider Bridge Group Address */ 821 br->group_addr[5] = 0x08; 822 } 823 spin_unlock_bh(&br->lock); 824 } 825 826 /* Must be protected by RTNL. */ 827 void br_recalculate_fwd_mask(struct net_bridge *br) 828 { 829 if (!br_opt_get(br, BROPT_VLAN_ENABLED) || 830 br->vlan_proto == htons(ETH_P_8021Q)) 831 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT; 832 else /* vlan_enabled && ETH_P_8021AD */ 833 br->group_fwd_mask_required = BR_GROUPFWD_8021AD & 834 ~(1u << br->group_addr[5]); 835 } 836 837 int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val, 838 struct netlink_ext_ack *extack) 839 { 840 struct switchdev_attr attr = { 841 .orig_dev = br->dev, 842 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING, 843 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 844 .u.vlan_filtering = val, 845 }; 846 int err; 847 848 if (br_opt_get(br, BROPT_VLAN_ENABLED) == !!val) 849 return 0; 850 851 br_opt_toggle(br, BROPT_VLAN_ENABLED, !!val); 852 853 err = switchdev_port_attr_set(br->dev, &attr, extack); 854 if (err && err != -EOPNOTSUPP) { 855 br_opt_toggle(br, BROPT_VLAN_ENABLED, !val); 856 return err; 857 } 858 859 br_manage_promisc(br); 860 recalculate_group_addr(br); 861 br_recalculate_fwd_mask(br); 862 if (!val && br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) { 863 br_info(br, "vlan filtering disabled, automatically disabling multicast vlan snooping\n"); 864 br_multicast_toggle_vlan_snooping(br, false, NULL); 865 } 866 867 return 0; 868 } 869 870 bool br_vlan_enabled(const struct net_device *dev) 871 { 872 struct net_bridge *br = netdev_priv(dev); 873 874 return br_opt_get(br, BROPT_VLAN_ENABLED); 875 } 876 EXPORT_SYMBOL_GPL(br_vlan_enabled); 877 878 int br_vlan_get_proto(const struct net_device *dev, u16 *p_proto) 879 { 880 struct net_bridge *br = netdev_priv(dev); 881 882 *p_proto = ntohs(br->vlan_proto); 883 884 return 0; 885 } 886 EXPORT_SYMBOL_GPL(br_vlan_get_proto); 887 888 int __br_vlan_set_proto(struct net_bridge *br, __be16 proto, 889 struct netlink_ext_ack *extack) 890 { 891 struct switchdev_attr attr = { 892 .orig_dev = br->dev, 893 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_PROTOCOL, 894 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 895 .u.vlan_protocol = ntohs(proto), 896 }; 897 int err = 0; 898 struct net_bridge_port *p; 899 struct net_bridge_vlan *vlan; 900 struct net_bridge_vlan_group *vg; 901 __be16 oldproto = br->vlan_proto; 902 903 if (br->vlan_proto == proto) 904 return 0; 905 906 err = switchdev_port_attr_set(br->dev, &attr, extack); 907 if (err && err != -EOPNOTSUPP) 908 return err; 909 910 /* Add VLANs for the new proto to the device filter. */ 911 list_for_each_entry(p, &br->port_list, list) { 912 vg = nbp_vlan_group(p); 913 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 914 err = vlan_vid_add(p->dev, proto, vlan->vid); 915 if (err) 916 goto err_filt; 917 } 918 } 919 920 br->vlan_proto = proto; 921 922 recalculate_group_addr(br); 923 br_recalculate_fwd_mask(br); 924 925 /* Delete VLANs for the old proto from the device filter. */ 926 list_for_each_entry(p, &br->port_list, list) { 927 vg = nbp_vlan_group(p); 928 list_for_each_entry(vlan, &vg->vlan_list, vlist) 929 vlan_vid_del(p->dev, oldproto, vlan->vid); 930 } 931 932 return 0; 933 934 err_filt: 935 attr.u.vlan_protocol = ntohs(oldproto); 936 switchdev_port_attr_set(br->dev, &attr, NULL); 937 938 list_for_each_entry_continue_reverse(vlan, &vg->vlan_list, vlist) 939 vlan_vid_del(p->dev, proto, vlan->vid); 940 941 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 942 vg = nbp_vlan_group(p); 943 list_for_each_entry(vlan, &vg->vlan_list, vlist) 944 vlan_vid_del(p->dev, proto, vlan->vid); 945 } 946 947 return err; 948 } 949 950 int br_vlan_set_proto(struct net_bridge *br, unsigned long val, 951 struct netlink_ext_ack *extack) 952 { 953 if (!eth_type_vlan(htons(val))) 954 return -EPROTONOSUPPORT; 955 956 return __br_vlan_set_proto(br, htons(val), extack); 957 } 958 959 int br_vlan_set_stats(struct net_bridge *br, unsigned long val) 960 { 961 switch (val) { 962 case 0: 963 case 1: 964 br_opt_toggle(br, BROPT_VLAN_STATS_ENABLED, !!val); 965 break; 966 default: 967 return -EINVAL; 968 } 969 970 return 0; 971 } 972 973 int br_vlan_set_stats_per_port(struct net_bridge *br, unsigned long val) 974 { 975 struct net_bridge_port *p; 976 977 /* allow to change the option if there are no port vlans configured */ 978 list_for_each_entry(p, &br->port_list, list) { 979 struct net_bridge_vlan_group *vg = nbp_vlan_group(p); 980 981 if (vg->num_vlans) 982 return -EBUSY; 983 } 984 985 switch (val) { 986 case 0: 987 case 1: 988 br_opt_toggle(br, BROPT_VLAN_STATS_PER_PORT, !!val); 989 break; 990 default: 991 return -EINVAL; 992 } 993 994 return 0; 995 } 996 997 static bool vlan_default_pvid(struct net_bridge_vlan_group *vg, u16 vid) 998 { 999 struct net_bridge_vlan *v; 1000 1001 if (vid != vg->pvid) 1002 return false; 1003 1004 v = br_vlan_lookup(&vg->vlan_hash, vid); 1005 if (v && br_vlan_should_use(v) && 1006 (v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) 1007 return true; 1008 1009 return false; 1010 } 1011 1012 static void br_vlan_disable_default_pvid(struct net_bridge *br) 1013 { 1014 struct net_bridge_port *p; 1015 u16 pvid = br->default_pvid; 1016 1017 /* Disable default_pvid on all ports where it is still 1018 * configured. 1019 */ 1020 if (vlan_default_pvid(br_vlan_group(br), pvid)) { 1021 if (!br_vlan_delete(br, pvid)) 1022 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN); 1023 } 1024 1025 list_for_each_entry(p, &br->port_list, list) { 1026 if (vlan_default_pvid(nbp_vlan_group(p), pvid) && 1027 !nbp_vlan_delete(p, pvid)) 1028 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN); 1029 } 1030 1031 br->default_pvid = 0; 1032 } 1033 1034 int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid, 1035 struct netlink_ext_ack *extack) 1036 { 1037 const struct net_bridge_vlan *pvent; 1038 struct net_bridge_vlan_group *vg; 1039 struct net_bridge_port *p; 1040 unsigned long *changed; 1041 bool vlchange; 1042 u16 old_pvid; 1043 int err = 0; 1044 1045 if (!pvid) { 1046 br_vlan_disable_default_pvid(br); 1047 return 0; 1048 } 1049 1050 changed = bitmap_zalloc(BR_MAX_PORTS, GFP_KERNEL); 1051 if (!changed) 1052 return -ENOMEM; 1053 1054 old_pvid = br->default_pvid; 1055 1056 /* Update default_pvid config only if we do not conflict with 1057 * user configuration. 1058 */ 1059 vg = br_vlan_group(br); 1060 pvent = br_vlan_find(vg, pvid); 1061 if ((!old_pvid || vlan_default_pvid(vg, old_pvid)) && 1062 (!pvent || !br_vlan_should_use(pvent))) { 1063 err = br_vlan_add(br, pvid, 1064 BRIDGE_VLAN_INFO_PVID | 1065 BRIDGE_VLAN_INFO_UNTAGGED | 1066 BRIDGE_VLAN_INFO_BRENTRY, 1067 &vlchange, extack); 1068 if (err) 1069 goto out; 1070 1071 if (br_vlan_delete(br, old_pvid)) 1072 br_vlan_notify(br, NULL, old_pvid, 0, RTM_DELVLAN); 1073 br_vlan_notify(br, NULL, pvid, 0, RTM_NEWVLAN); 1074 __set_bit(0, changed); 1075 } 1076 1077 list_for_each_entry(p, &br->port_list, list) { 1078 /* Update default_pvid config only if we do not conflict with 1079 * user configuration. 1080 */ 1081 vg = nbp_vlan_group(p); 1082 if ((old_pvid && 1083 !vlan_default_pvid(vg, old_pvid)) || 1084 br_vlan_find(vg, pvid)) 1085 continue; 1086 1087 err = nbp_vlan_add(p, pvid, 1088 BRIDGE_VLAN_INFO_PVID | 1089 BRIDGE_VLAN_INFO_UNTAGGED, 1090 &vlchange, extack); 1091 if (err) 1092 goto err_port; 1093 if (nbp_vlan_delete(p, old_pvid)) 1094 br_vlan_notify(br, p, old_pvid, 0, RTM_DELVLAN); 1095 br_vlan_notify(p->br, p, pvid, 0, RTM_NEWVLAN); 1096 __set_bit(p->port_no, changed); 1097 } 1098 1099 br->default_pvid = pvid; 1100 1101 out: 1102 bitmap_free(changed); 1103 return err; 1104 1105 err_port: 1106 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 1107 if (!test_bit(p->port_no, changed)) 1108 continue; 1109 1110 if (old_pvid) { 1111 nbp_vlan_add(p, old_pvid, 1112 BRIDGE_VLAN_INFO_PVID | 1113 BRIDGE_VLAN_INFO_UNTAGGED, 1114 &vlchange, NULL); 1115 br_vlan_notify(p->br, p, old_pvid, 0, RTM_NEWVLAN); 1116 } 1117 nbp_vlan_delete(p, pvid); 1118 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN); 1119 } 1120 1121 if (test_bit(0, changed)) { 1122 if (old_pvid) { 1123 br_vlan_add(br, old_pvid, 1124 BRIDGE_VLAN_INFO_PVID | 1125 BRIDGE_VLAN_INFO_UNTAGGED | 1126 BRIDGE_VLAN_INFO_BRENTRY, 1127 &vlchange, NULL); 1128 br_vlan_notify(br, NULL, old_pvid, 0, RTM_NEWVLAN); 1129 } 1130 br_vlan_delete(br, pvid); 1131 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN); 1132 } 1133 goto out; 1134 } 1135 1136 int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val, 1137 struct netlink_ext_ack *extack) 1138 { 1139 u16 pvid = val; 1140 int err = 0; 1141 1142 if (val >= VLAN_VID_MASK) 1143 return -EINVAL; 1144 1145 if (pvid == br->default_pvid) 1146 goto out; 1147 1148 /* Only allow default pvid change when filtering is disabled */ 1149 if (br_opt_get(br, BROPT_VLAN_ENABLED)) { 1150 pr_info_once("Please disable vlan filtering to change default_pvid\n"); 1151 err = -EPERM; 1152 goto out; 1153 } 1154 err = __br_vlan_set_default_pvid(br, pvid, extack); 1155 out: 1156 return err; 1157 } 1158 1159 int br_vlan_init(struct net_bridge *br) 1160 { 1161 struct net_bridge_vlan_group *vg; 1162 int ret = -ENOMEM; 1163 1164 vg = kzalloc(sizeof(*vg), GFP_KERNEL); 1165 if (!vg) 1166 goto out; 1167 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params); 1168 if (ret) 1169 goto err_rhtbl; 1170 ret = vlan_tunnel_init(vg); 1171 if (ret) 1172 goto err_tunnel_init; 1173 INIT_LIST_HEAD(&vg->vlan_list); 1174 br->vlan_proto = htons(ETH_P_8021Q); 1175 br->default_pvid = 1; 1176 rcu_assign_pointer(br->vlgrp, vg); 1177 1178 out: 1179 return ret; 1180 1181 err_tunnel_init: 1182 rhashtable_destroy(&vg->vlan_hash); 1183 err_rhtbl: 1184 kfree(vg); 1185 1186 goto out; 1187 } 1188 1189 int nbp_vlan_init(struct net_bridge_port *p, struct netlink_ext_ack *extack) 1190 { 1191 struct switchdev_attr attr = { 1192 .orig_dev = p->br->dev, 1193 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING, 1194 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 1195 .u.vlan_filtering = br_opt_get(p->br, BROPT_VLAN_ENABLED), 1196 }; 1197 struct net_bridge_vlan_group *vg; 1198 int ret = -ENOMEM; 1199 1200 vg = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL); 1201 if (!vg) 1202 goto out; 1203 1204 ret = switchdev_port_attr_set(p->dev, &attr, extack); 1205 if (ret && ret != -EOPNOTSUPP) 1206 goto err_vlan_enabled; 1207 1208 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params); 1209 if (ret) 1210 goto err_rhtbl; 1211 ret = vlan_tunnel_init(vg); 1212 if (ret) 1213 goto err_tunnel_init; 1214 INIT_LIST_HEAD(&vg->vlan_list); 1215 rcu_assign_pointer(p->vlgrp, vg); 1216 if (p->br->default_pvid) { 1217 bool changed; 1218 1219 ret = nbp_vlan_add(p, p->br->default_pvid, 1220 BRIDGE_VLAN_INFO_PVID | 1221 BRIDGE_VLAN_INFO_UNTAGGED, 1222 &changed, extack); 1223 if (ret) 1224 goto err_vlan_add; 1225 br_vlan_notify(p->br, p, p->br->default_pvid, 0, RTM_NEWVLAN); 1226 } 1227 out: 1228 return ret; 1229 1230 err_vlan_add: 1231 RCU_INIT_POINTER(p->vlgrp, NULL); 1232 synchronize_rcu(); 1233 vlan_tunnel_deinit(vg); 1234 err_tunnel_init: 1235 rhashtable_destroy(&vg->vlan_hash); 1236 err_rhtbl: 1237 err_vlan_enabled: 1238 kfree(vg); 1239 1240 goto out; 1241 } 1242 1243 /* Must be protected by RTNL. 1244 * Must be called with vid in range from 1 to 4094 inclusive. 1245 * changed must be true only if the vlan was created or updated 1246 */ 1247 int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags, 1248 bool *changed, struct netlink_ext_ack *extack) 1249 { 1250 struct net_bridge_vlan *vlan; 1251 int ret; 1252 1253 ASSERT_RTNL(); 1254 1255 *changed = false; 1256 vlan = br_vlan_find(nbp_vlan_group(port), vid); 1257 if (vlan) { 1258 /* Pass the flags to the hardware bridge */ 1259 ret = br_switchdev_port_vlan_add(port->dev, vid, flags, extack); 1260 if (ret && ret != -EOPNOTSUPP) 1261 return ret; 1262 *changed = __vlan_add_flags(vlan, flags); 1263 1264 return 0; 1265 } 1266 1267 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL); 1268 if (!vlan) 1269 return -ENOMEM; 1270 1271 vlan->vid = vid; 1272 vlan->port = port; 1273 ret = __vlan_add(vlan, flags, extack); 1274 if (ret) 1275 kfree(vlan); 1276 else 1277 *changed = true; 1278 1279 return ret; 1280 } 1281 1282 /* Must be protected by RTNL. 1283 * Must be called with vid in range from 1 to 4094 inclusive. 1284 */ 1285 int nbp_vlan_delete(struct net_bridge_port *port, u16 vid) 1286 { 1287 struct net_bridge_vlan *v; 1288 1289 ASSERT_RTNL(); 1290 1291 v = br_vlan_find(nbp_vlan_group(port), vid); 1292 if (!v) 1293 return -ENOENT; 1294 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid); 1295 br_fdb_delete_by_port(port->br, port, vid, 0); 1296 1297 return __vlan_del(v); 1298 } 1299 1300 void nbp_vlan_flush(struct net_bridge_port *port) 1301 { 1302 struct net_bridge_vlan_group *vg; 1303 1304 ASSERT_RTNL(); 1305 1306 vg = nbp_vlan_group(port); 1307 __vlan_flush(port->br, port, vg); 1308 RCU_INIT_POINTER(port->vlgrp, NULL); 1309 synchronize_rcu(); 1310 __vlan_group_free(vg); 1311 } 1312 1313 void br_vlan_get_stats(const struct net_bridge_vlan *v, 1314 struct pcpu_sw_netstats *stats) 1315 { 1316 int i; 1317 1318 memset(stats, 0, sizeof(*stats)); 1319 for_each_possible_cpu(i) { 1320 u64 rxpackets, rxbytes, txpackets, txbytes; 1321 struct pcpu_sw_netstats *cpu_stats; 1322 unsigned int start; 1323 1324 cpu_stats = per_cpu_ptr(v->stats, i); 1325 do { 1326 start = u64_stats_fetch_begin_irq(&cpu_stats->syncp); 1327 rxpackets = cpu_stats->rx_packets; 1328 rxbytes = cpu_stats->rx_bytes; 1329 txbytes = cpu_stats->tx_bytes; 1330 txpackets = cpu_stats->tx_packets; 1331 } while (u64_stats_fetch_retry_irq(&cpu_stats->syncp, start)); 1332 1333 stats->rx_packets += rxpackets; 1334 stats->rx_bytes += rxbytes; 1335 stats->tx_bytes += txbytes; 1336 stats->tx_packets += txpackets; 1337 } 1338 } 1339 1340 int br_vlan_get_pvid(const struct net_device *dev, u16 *p_pvid) 1341 { 1342 struct net_bridge_vlan_group *vg; 1343 struct net_bridge_port *p; 1344 1345 ASSERT_RTNL(); 1346 p = br_port_get_check_rtnl(dev); 1347 if (p) 1348 vg = nbp_vlan_group(p); 1349 else if (netif_is_bridge_master(dev)) 1350 vg = br_vlan_group(netdev_priv(dev)); 1351 else 1352 return -EINVAL; 1353 1354 *p_pvid = br_get_pvid(vg); 1355 return 0; 1356 } 1357 EXPORT_SYMBOL_GPL(br_vlan_get_pvid); 1358 1359 int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) 1360 { 1361 struct net_bridge_vlan_group *vg; 1362 struct net_bridge_port *p; 1363 1364 p = br_port_get_check_rcu(dev); 1365 if (p) 1366 vg = nbp_vlan_group_rcu(p); 1367 else if (netif_is_bridge_master(dev)) 1368 vg = br_vlan_group_rcu(netdev_priv(dev)); 1369 else 1370 return -EINVAL; 1371 1372 *p_pvid = br_get_pvid(vg); 1373 return 0; 1374 } 1375 EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); 1376 1377 void br_vlan_fill_forward_path_pvid(struct net_bridge *br, 1378 struct net_device_path_ctx *ctx, 1379 struct net_device_path *path) 1380 { 1381 struct net_bridge_vlan_group *vg; 1382 int idx = ctx->num_vlans - 1; 1383 u16 vid; 1384 1385 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; 1386 1387 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 1388 return; 1389 1390 vg = br_vlan_group(br); 1391 1392 if (idx >= 0 && 1393 ctx->vlan[idx].proto == br->vlan_proto) { 1394 vid = ctx->vlan[idx].id; 1395 } else { 1396 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_TAG; 1397 vid = br_get_pvid(vg); 1398 } 1399 1400 path->bridge.vlan_id = vid; 1401 path->bridge.vlan_proto = br->vlan_proto; 1402 } 1403 1404 int br_vlan_fill_forward_path_mode(struct net_bridge *br, 1405 struct net_bridge_port *dst, 1406 struct net_device_path *path) 1407 { 1408 struct net_bridge_vlan_group *vg; 1409 struct net_bridge_vlan *v; 1410 1411 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 1412 return 0; 1413 1414 vg = nbp_vlan_group_rcu(dst); 1415 v = br_vlan_find(vg, path->bridge.vlan_id); 1416 if (!v || !br_vlan_should_use(v)) 1417 return -EINVAL; 1418 1419 if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) 1420 return 0; 1421 1422 if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) 1423 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; 1424 else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) 1425 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; 1426 else 1427 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; 1428 1429 return 0; 1430 } 1431 1432 int br_vlan_get_info(const struct net_device *dev, u16 vid, 1433 struct bridge_vlan_info *p_vinfo) 1434 { 1435 struct net_bridge_vlan_group *vg; 1436 struct net_bridge_vlan *v; 1437 struct net_bridge_port *p; 1438 1439 ASSERT_RTNL(); 1440 p = br_port_get_check_rtnl(dev); 1441 if (p) 1442 vg = nbp_vlan_group(p); 1443 else if (netif_is_bridge_master(dev)) 1444 vg = br_vlan_group(netdev_priv(dev)); 1445 else 1446 return -EINVAL; 1447 1448 v = br_vlan_find(vg, vid); 1449 if (!v) 1450 return -ENOENT; 1451 1452 p_vinfo->vid = vid; 1453 p_vinfo->flags = v->flags; 1454 if (vid == br_get_pvid(vg)) 1455 p_vinfo->flags |= BRIDGE_VLAN_INFO_PVID; 1456 return 0; 1457 } 1458 EXPORT_SYMBOL_GPL(br_vlan_get_info); 1459 1460 int br_vlan_get_info_rcu(const struct net_device *dev, u16 vid, 1461 struct bridge_vlan_info *p_vinfo) 1462 { 1463 struct net_bridge_vlan_group *vg; 1464 struct net_bridge_vlan *v; 1465 struct net_bridge_port *p; 1466 1467 p = br_port_get_check_rcu(dev); 1468 if (p) 1469 vg = nbp_vlan_group_rcu(p); 1470 else if (netif_is_bridge_master(dev)) 1471 vg = br_vlan_group_rcu(netdev_priv(dev)); 1472 else 1473 return -EINVAL; 1474 1475 v = br_vlan_find(vg, vid); 1476 if (!v) 1477 return -ENOENT; 1478 1479 p_vinfo->vid = vid; 1480 p_vinfo->flags = v->flags; 1481 if (vid == br_get_pvid(vg)) 1482 p_vinfo->flags |= BRIDGE_VLAN_INFO_PVID; 1483 return 0; 1484 } 1485 EXPORT_SYMBOL_GPL(br_vlan_get_info_rcu); 1486 1487 static int br_vlan_is_bind_vlan_dev(const struct net_device *dev) 1488 { 1489 return is_vlan_dev(dev) && 1490 !!(vlan_dev_priv(dev)->flags & VLAN_FLAG_BRIDGE_BINDING); 1491 } 1492 1493 static int br_vlan_is_bind_vlan_dev_fn(struct net_device *dev, 1494 __always_unused struct netdev_nested_priv *priv) 1495 { 1496 return br_vlan_is_bind_vlan_dev(dev); 1497 } 1498 1499 static bool br_vlan_has_upper_bind_vlan_dev(struct net_device *dev) 1500 { 1501 int found; 1502 1503 rcu_read_lock(); 1504 found = netdev_walk_all_upper_dev_rcu(dev, br_vlan_is_bind_vlan_dev_fn, 1505 NULL); 1506 rcu_read_unlock(); 1507 1508 return !!found; 1509 } 1510 1511 struct br_vlan_bind_walk_data { 1512 u16 vid; 1513 struct net_device *result; 1514 }; 1515 1516 static int br_vlan_match_bind_vlan_dev_fn(struct net_device *dev, 1517 struct netdev_nested_priv *priv) 1518 { 1519 struct br_vlan_bind_walk_data *data = priv->data; 1520 int found = 0; 1521 1522 if (br_vlan_is_bind_vlan_dev(dev) && 1523 vlan_dev_priv(dev)->vlan_id == data->vid) { 1524 data->result = dev; 1525 found = 1; 1526 } 1527 1528 return found; 1529 } 1530 1531 static struct net_device * 1532 br_vlan_get_upper_bind_vlan_dev(struct net_device *dev, u16 vid) 1533 { 1534 struct br_vlan_bind_walk_data data = { 1535 .vid = vid, 1536 }; 1537 struct netdev_nested_priv priv = { 1538 .data = (void *)&data, 1539 }; 1540 1541 rcu_read_lock(); 1542 netdev_walk_all_upper_dev_rcu(dev, br_vlan_match_bind_vlan_dev_fn, 1543 &priv); 1544 rcu_read_unlock(); 1545 1546 return data.result; 1547 } 1548 1549 static bool br_vlan_is_dev_up(const struct net_device *dev) 1550 { 1551 return !!(dev->flags & IFF_UP) && netif_oper_up(dev); 1552 } 1553 1554 static void br_vlan_set_vlan_dev_state(const struct net_bridge *br, 1555 struct net_device *vlan_dev) 1556 { 1557 u16 vid = vlan_dev_priv(vlan_dev)->vlan_id; 1558 struct net_bridge_vlan_group *vg; 1559 struct net_bridge_port *p; 1560 bool has_carrier = false; 1561 1562 if (!netif_carrier_ok(br->dev)) { 1563 netif_carrier_off(vlan_dev); 1564 return; 1565 } 1566 1567 list_for_each_entry(p, &br->port_list, list) { 1568 vg = nbp_vlan_group(p); 1569 if (br_vlan_find(vg, vid) && br_vlan_is_dev_up(p->dev)) { 1570 has_carrier = true; 1571 break; 1572 } 1573 } 1574 1575 if (has_carrier) 1576 netif_carrier_on(vlan_dev); 1577 else 1578 netif_carrier_off(vlan_dev); 1579 } 1580 1581 static void br_vlan_set_all_vlan_dev_state(struct net_bridge_port *p) 1582 { 1583 struct net_bridge_vlan_group *vg = nbp_vlan_group(p); 1584 struct net_bridge_vlan *vlan; 1585 struct net_device *vlan_dev; 1586 1587 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 1588 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev, 1589 vlan->vid); 1590 if (vlan_dev) { 1591 if (br_vlan_is_dev_up(p->dev)) { 1592 if (netif_carrier_ok(p->br->dev)) 1593 netif_carrier_on(vlan_dev); 1594 } else { 1595 br_vlan_set_vlan_dev_state(p->br, vlan_dev); 1596 } 1597 } 1598 } 1599 } 1600 1601 static void br_vlan_upper_change(struct net_device *dev, 1602 struct net_device *upper_dev, 1603 bool linking) 1604 { 1605 struct net_bridge *br = netdev_priv(dev); 1606 1607 if (!br_vlan_is_bind_vlan_dev(upper_dev)) 1608 return; 1609 1610 if (linking) { 1611 br_vlan_set_vlan_dev_state(br, upper_dev); 1612 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING, true); 1613 } else { 1614 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING, 1615 br_vlan_has_upper_bind_vlan_dev(dev)); 1616 } 1617 } 1618 1619 struct br_vlan_link_state_walk_data { 1620 struct net_bridge *br; 1621 }; 1622 1623 static int br_vlan_link_state_change_fn(struct net_device *vlan_dev, 1624 struct netdev_nested_priv *priv) 1625 { 1626 struct br_vlan_link_state_walk_data *data = priv->data; 1627 1628 if (br_vlan_is_bind_vlan_dev(vlan_dev)) 1629 br_vlan_set_vlan_dev_state(data->br, vlan_dev); 1630 1631 return 0; 1632 } 1633 1634 static void br_vlan_link_state_change(struct net_device *dev, 1635 struct net_bridge *br) 1636 { 1637 struct br_vlan_link_state_walk_data data = { 1638 .br = br 1639 }; 1640 struct netdev_nested_priv priv = { 1641 .data = (void *)&data, 1642 }; 1643 1644 rcu_read_lock(); 1645 netdev_walk_all_upper_dev_rcu(dev, br_vlan_link_state_change_fn, 1646 &priv); 1647 rcu_read_unlock(); 1648 } 1649 1650 /* Must be protected by RTNL. */ 1651 static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid) 1652 { 1653 struct net_device *vlan_dev; 1654 1655 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING)) 1656 return; 1657 1658 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev, vid); 1659 if (vlan_dev) 1660 br_vlan_set_vlan_dev_state(p->br, vlan_dev); 1661 } 1662 1663 /* Must be protected by RTNL. */ 1664 int br_vlan_bridge_event(struct net_device *dev, unsigned long event, void *ptr) 1665 { 1666 struct netdev_notifier_changeupper_info *info; 1667 struct net_bridge *br = netdev_priv(dev); 1668 int vlcmd = 0, ret = 0; 1669 bool changed = false; 1670 1671 switch (event) { 1672 case NETDEV_REGISTER: 1673 ret = br_vlan_add(br, br->default_pvid, 1674 BRIDGE_VLAN_INFO_PVID | 1675 BRIDGE_VLAN_INFO_UNTAGGED | 1676 BRIDGE_VLAN_INFO_BRENTRY, &changed, NULL); 1677 vlcmd = RTM_NEWVLAN; 1678 break; 1679 case NETDEV_UNREGISTER: 1680 changed = !br_vlan_delete(br, br->default_pvid); 1681 vlcmd = RTM_DELVLAN; 1682 break; 1683 case NETDEV_CHANGEUPPER: 1684 info = ptr; 1685 br_vlan_upper_change(dev, info->upper_dev, info->linking); 1686 break; 1687 1688 case NETDEV_CHANGE: 1689 case NETDEV_UP: 1690 if (!br_opt_get(br, BROPT_VLAN_BRIDGE_BINDING)) 1691 break; 1692 br_vlan_link_state_change(dev, br); 1693 break; 1694 } 1695 if (changed) 1696 br_vlan_notify(br, NULL, br->default_pvid, 0, vlcmd); 1697 1698 return ret; 1699 } 1700 1701 /* Must be protected by RTNL. */ 1702 void br_vlan_port_event(struct net_bridge_port *p, unsigned long event) 1703 { 1704 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING)) 1705 return; 1706 1707 switch (event) { 1708 case NETDEV_CHANGE: 1709 case NETDEV_DOWN: 1710 case NETDEV_UP: 1711 br_vlan_set_all_vlan_dev_state(p); 1712 break; 1713 } 1714 } 1715 1716 static bool br_vlan_stats_fill(struct sk_buff *skb, 1717 const struct net_bridge_vlan *v) 1718 { 1719 struct pcpu_sw_netstats stats; 1720 struct nlattr *nest; 1721 1722 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY_STATS); 1723 if (!nest) 1724 return false; 1725 1726 br_vlan_get_stats(v, &stats); 1727 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_BYTES, stats.rx_bytes, 1728 BRIDGE_VLANDB_STATS_PAD) || 1729 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_PACKETS, 1730 stats.rx_packets, BRIDGE_VLANDB_STATS_PAD) || 1731 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_BYTES, stats.tx_bytes, 1732 BRIDGE_VLANDB_STATS_PAD) || 1733 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_PACKETS, 1734 stats.tx_packets, BRIDGE_VLANDB_STATS_PAD)) 1735 goto out_err; 1736 1737 nla_nest_end(skb, nest); 1738 1739 return true; 1740 1741 out_err: 1742 nla_nest_cancel(skb, nest); 1743 return false; 1744 } 1745 1746 /* v_opts is used to dump the options which must be equal in the whole range */ 1747 static bool br_vlan_fill_vids(struct sk_buff *skb, u16 vid, u16 vid_range, 1748 const struct net_bridge_vlan *v_opts, 1749 u16 flags, 1750 bool dump_stats) 1751 { 1752 struct bridge_vlan_info info; 1753 struct nlattr *nest; 1754 1755 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY); 1756 if (!nest) 1757 return false; 1758 1759 memset(&info, 0, sizeof(info)); 1760 info.vid = vid; 1761 if (flags & BRIDGE_VLAN_INFO_UNTAGGED) 1762 info.flags |= BRIDGE_VLAN_INFO_UNTAGGED; 1763 if (flags & BRIDGE_VLAN_INFO_PVID) 1764 info.flags |= BRIDGE_VLAN_INFO_PVID; 1765 1766 if (nla_put(skb, BRIDGE_VLANDB_ENTRY_INFO, sizeof(info), &info)) 1767 goto out_err; 1768 1769 if (vid_range && vid < vid_range && 1770 !(flags & BRIDGE_VLAN_INFO_PVID) && 1771 nla_put_u16(skb, BRIDGE_VLANDB_ENTRY_RANGE, vid_range)) 1772 goto out_err; 1773 1774 if (v_opts) { 1775 if (!br_vlan_opts_fill(skb, v_opts)) 1776 goto out_err; 1777 1778 if (dump_stats && !br_vlan_stats_fill(skb, v_opts)) 1779 goto out_err; 1780 } 1781 1782 nla_nest_end(skb, nest); 1783 1784 return true; 1785 1786 out_err: 1787 nla_nest_cancel(skb, nest); 1788 return false; 1789 } 1790 1791 static size_t rtnl_vlan_nlmsg_size(void) 1792 { 1793 return NLMSG_ALIGN(sizeof(struct br_vlan_msg)) 1794 + nla_total_size(0) /* BRIDGE_VLANDB_ENTRY */ 1795 + nla_total_size(sizeof(u16)) /* BRIDGE_VLANDB_ENTRY_RANGE */ 1796 + nla_total_size(sizeof(struct bridge_vlan_info)) /* BRIDGE_VLANDB_ENTRY_INFO */ 1797 + br_vlan_opts_nl_size(); /* bridge vlan options */ 1798 } 1799 1800 void br_vlan_notify(const struct net_bridge *br, 1801 const struct net_bridge_port *p, 1802 u16 vid, u16 vid_range, 1803 int cmd) 1804 { 1805 struct net_bridge_vlan_group *vg; 1806 struct net_bridge_vlan *v = NULL; 1807 struct br_vlan_msg *bvm; 1808 struct nlmsghdr *nlh; 1809 struct sk_buff *skb; 1810 int err = -ENOBUFS; 1811 struct net *net; 1812 u16 flags = 0; 1813 int ifindex; 1814 1815 /* right now notifications are done only with rtnl held */ 1816 ASSERT_RTNL(); 1817 1818 if (p) { 1819 ifindex = p->dev->ifindex; 1820 vg = nbp_vlan_group(p); 1821 net = dev_net(p->dev); 1822 } else { 1823 ifindex = br->dev->ifindex; 1824 vg = br_vlan_group(br); 1825 net = dev_net(br->dev); 1826 } 1827 1828 skb = nlmsg_new(rtnl_vlan_nlmsg_size(), GFP_KERNEL); 1829 if (!skb) 1830 goto out_err; 1831 1832 err = -EMSGSIZE; 1833 nlh = nlmsg_put(skb, 0, 0, cmd, sizeof(*bvm), 0); 1834 if (!nlh) 1835 goto out_err; 1836 bvm = nlmsg_data(nlh); 1837 memset(bvm, 0, sizeof(*bvm)); 1838 bvm->family = AF_BRIDGE; 1839 bvm->ifindex = ifindex; 1840 1841 switch (cmd) { 1842 case RTM_NEWVLAN: 1843 /* need to find the vlan due to flags/options */ 1844 v = br_vlan_find(vg, vid); 1845 if (!v || !br_vlan_should_use(v)) 1846 goto out_kfree; 1847 1848 flags = v->flags; 1849 if (br_get_pvid(vg) == v->vid) 1850 flags |= BRIDGE_VLAN_INFO_PVID; 1851 break; 1852 case RTM_DELVLAN: 1853 break; 1854 default: 1855 goto out_kfree; 1856 } 1857 1858 if (!br_vlan_fill_vids(skb, vid, vid_range, v, flags, false)) 1859 goto out_err; 1860 1861 nlmsg_end(skb, nlh); 1862 rtnl_notify(skb, net, 0, RTNLGRP_BRVLAN, NULL, GFP_KERNEL); 1863 return; 1864 1865 out_err: 1866 rtnl_set_sk_err(net, RTNLGRP_BRVLAN, err); 1867 out_kfree: 1868 kfree_skb(skb); 1869 } 1870 1871 /* check if v_curr can enter a range ending in range_end */ 1872 bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, 1873 const struct net_bridge_vlan *range_end) 1874 { 1875 return v_curr->vid - range_end->vid == 1 && 1876 range_end->flags == v_curr->flags && 1877 br_vlan_opts_eq_range(v_curr, range_end); 1878 } 1879 1880 static int br_vlan_dump_dev(const struct net_device *dev, 1881 struct sk_buff *skb, 1882 struct netlink_callback *cb, 1883 u32 dump_flags) 1884 { 1885 struct net_bridge_vlan *v, *range_start = NULL, *range_end = NULL; 1886 bool dump_global = !!(dump_flags & BRIDGE_VLANDB_DUMPF_GLOBAL); 1887 bool dump_stats = !!(dump_flags & BRIDGE_VLANDB_DUMPF_STATS); 1888 struct net_bridge_vlan_group *vg; 1889 int idx = 0, s_idx = cb->args[1]; 1890 struct nlmsghdr *nlh = NULL; 1891 struct net_bridge_port *p; 1892 struct br_vlan_msg *bvm; 1893 struct net_bridge *br; 1894 int err = 0; 1895 u16 pvid; 1896 1897 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) 1898 return -EINVAL; 1899 1900 if (netif_is_bridge_master(dev)) { 1901 br = netdev_priv(dev); 1902 vg = br_vlan_group_rcu(br); 1903 p = NULL; 1904 } else { 1905 /* global options are dumped only for bridge devices */ 1906 if (dump_global) 1907 return 0; 1908 1909 p = br_port_get_rcu(dev); 1910 if (WARN_ON(!p)) 1911 return -EINVAL; 1912 vg = nbp_vlan_group_rcu(p); 1913 br = p->br; 1914 } 1915 1916 if (!vg) 1917 return 0; 1918 1919 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1920 RTM_NEWVLAN, sizeof(*bvm), NLM_F_MULTI); 1921 if (!nlh) 1922 return -EMSGSIZE; 1923 bvm = nlmsg_data(nlh); 1924 memset(bvm, 0, sizeof(*bvm)); 1925 bvm->family = PF_BRIDGE; 1926 bvm->ifindex = dev->ifindex; 1927 pvid = br_get_pvid(vg); 1928 1929 /* idx must stay at range's beginning until it is filled in */ 1930 list_for_each_entry_rcu(v, &vg->vlan_list, vlist) { 1931 if (!dump_global && !br_vlan_should_use(v)) 1932 continue; 1933 if (idx < s_idx) { 1934 idx++; 1935 continue; 1936 } 1937 1938 if (!range_start) { 1939 range_start = v; 1940 range_end = v; 1941 continue; 1942 } 1943 1944 if (dump_global) { 1945 if (br_vlan_global_opts_can_enter_range(v, range_end)) 1946 goto update_end; 1947 if (!br_vlan_global_opts_fill(skb, range_start->vid, 1948 range_end->vid, 1949 range_start)) { 1950 err = -EMSGSIZE; 1951 break; 1952 } 1953 /* advance number of filled vlans */ 1954 idx += range_end->vid - range_start->vid + 1; 1955 1956 range_start = v; 1957 } else if (dump_stats || v->vid == pvid || 1958 !br_vlan_can_enter_range(v, range_end)) { 1959 u16 vlan_flags = br_vlan_flags(range_start, pvid); 1960 1961 if (!br_vlan_fill_vids(skb, range_start->vid, 1962 range_end->vid, range_start, 1963 vlan_flags, dump_stats)) { 1964 err = -EMSGSIZE; 1965 break; 1966 } 1967 /* advance number of filled vlans */ 1968 idx += range_end->vid - range_start->vid + 1; 1969 1970 range_start = v; 1971 } 1972 update_end: 1973 range_end = v; 1974 } 1975 1976 /* err will be 0 and range_start will be set in 3 cases here: 1977 * - first vlan (range_start == range_end) 1978 * - last vlan (range_start == range_end, not in range) 1979 * - last vlan range (range_start != range_end, in range) 1980 */ 1981 if (!err && range_start) { 1982 if (dump_global && 1983 !br_vlan_global_opts_fill(skb, range_start->vid, 1984 range_end->vid, range_start)) 1985 err = -EMSGSIZE; 1986 else if (!dump_global && 1987 !br_vlan_fill_vids(skb, range_start->vid, 1988 range_end->vid, range_start, 1989 br_vlan_flags(range_start, pvid), 1990 dump_stats)) 1991 err = -EMSGSIZE; 1992 } 1993 1994 cb->args[1] = err ? idx : 0; 1995 1996 nlmsg_end(skb, nlh); 1997 1998 return err; 1999 } 2000 2001 static const struct nla_policy br_vlan_db_dump_pol[BRIDGE_VLANDB_DUMP_MAX + 1] = { 2002 [BRIDGE_VLANDB_DUMP_FLAGS] = { .type = NLA_U32 }, 2003 }; 2004 2005 static int br_vlan_rtm_dump(struct sk_buff *skb, struct netlink_callback *cb) 2006 { 2007 struct nlattr *dtb[BRIDGE_VLANDB_DUMP_MAX + 1]; 2008 int idx = 0, err = 0, s_idx = cb->args[0]; 2009 struct net *net = sock_net(skb->sk); 2010 struct br_vlan_msg *bvm; 2011 struct net_device *dev; 2012 u32 dump_flags = 0; 2013 2014 err = nlmsg_parse(cb->nlh, sizeof(*bvm), dtb, BRIDGE_VLANDB_DUMP_MAX, 2015 br_vlan_db_dump_pol, cb->extack); 2016 if (err < 0) 2017 return err; 2018 2019 bvm = nlmsg_data(cb->nlh); 2020 if (dtb[BRIDGE_VLANDB_DUMP_FLAGS]) 2021 dump_flags = nla_get_u32(dtb[BRIDGE_VLANDB_DUMP_FLAGS]); 2022 2023 rcu_read_lock(); 2024 if (bvm->ifindex) { 2025 dev = dev_get_by_index_rcu(net, bvm->ifindex); 2026 if (!dev) { 2027 err = -ENODEV; 2028 goto out_err; 2029 } 2030 err = br_vlan_dump_dev(dev, skb, cb, dump_flags); 2031 /* if the dump completed without an error we return 0 here */ 2032 if (err != -EMSGSIZE) 2033 goto out_err; 2034 } else { 2035 for_each_netdev_rcu(net, dev) { 2036 if (idx < s_idx) 2037 goto skip; 2038 2039 err = br_vlan_dump_dev(dev, skb, cb, dump_flags); 2040 if (err == -EMSGSIZE) 2041 break; 2042 skip: 2043 idx++; 2044 } 2045 } 2046 cb->args[0] = idx; 2047 rcu_read_unlock(); 2048 2049 return skb->len; 2050 2051 out_err: 2052 rcu_read_unlock(); 2053 2054 return err; 2055 } 2056 2057 static const struct nla_policy br_vlan_db_policy[BRIDGE_VLANDB_ENTRY_MAX + 1] = { 2058 [BRIDGE_VLANDB_ENTRY_INFO] = 2059 NLA_POLICY_EXACT_LEN(sizeof(struct bridge_vlan_info)), 2060 [BRIDGE_VLANDB_ENTRY_RANGE] = { .type = NLA_U16 }, 2061 [BRIDGE_VLANDB_ENTRY_STATE] = { .type = NLA_U8 }, 2062 [BRIDGE_VLANDB_ENTRY_TUNNEL_INFO] = { .type = NLA_NESTED }, 2063 [BRIDGE_VLANDB_ENTRY_MCAST_ROUTER] = { .type = NLA_U8 }, 2064 }; 2065 2066 static int br_vlan_rtm_process_one(struct net_device *dev, 2067 const struct nlattr *attr, 2068 int cmd, struct netlink_ext_ack *extack) 2069 { 2070 struct bridge_vlan_info *vinfo, vrange_end, *vinfo_last = NULL; 2071 struct nlattr *tb[BRIDGE_VLANDB_ENTRY_MAX + 1]; 2072 bool changed = false, skip_processing = false; 2073 struct net_bridge_vlan_group *vg; 2074 struct net_bridge_port *p = NULL; 2075 int err = 0, cmdmap = 0; 2076 struct net_bridge *br; 2077 2078 if (netif_is_bridge_master(dev)) { 2079 br = netdev_priv(dev); 2080 vg = br_vlan_group(br); 2081 } else { 2082 p = br_port_get_rtnl(dev); 2083 if (WARN_ON(!p)) 2084 return -ENODEV; 2085 br = p->br; 2086 vg = nbp_vlan_group(p); 2087 } 2088 2089 if (WARN_ON(!vg)) 2090 return -ENODEV; 2091 2092 err = nla_parse_nested(tb, BRIDGE_VLANDB_ENTRY_MAX, attr, 2093 br_vlan_db_policy, extack); 2094 if (err) 2095 return err; 2096 2097 if (!tb[BRIDGE_VLANDB_ENTRY_INFO]) { 2098 NL_SET_ERR_MSG_MOD(extack, "Missing vlan entry info"); 2099 return -EINVAL; 2100 } 2101 memset(&vrange_end, 0, sizeof(vrange_end)); 2102 2103 vinfo = nla_data(tb[BRIDGE_VLANDB_ENTRY_INFO]); 2104 if (vinfo->flags & (BRIDGE_VLAN_INFO_RANGE_BEGIN | 2105 BRIDGE_VLAN_INFO_RANGE_END)) { 2106 NL_SET_ERR_MSG_MOD(extack, "Old-style vlan ranges are not allowed when using RTM vlan calls"); 2107 return -EINVAL; 2108 } 2109 if (!br_vlan_valid_id(vinfo->vid, extack)) 2110 return -EINVAL; 2111 2112 if (tb[BRIDGE_VLANDB_ENTRY_RANGE]) { 2113 vrange_end.vid = nla_get_u16(tb[BRIDGE_VLANDB_ENTRY_RANGE]); 2114 /* validate user-provided flags without RANGE_BEGIN */ 2115 vrange_end.flags = BRIDGE_VLAN_INFO_RANGE_END | vinfo->flags; 2116 vinfo->flags |= BRIDGE_VLAN_INFO_RANGE_BEGIN; 2117 2118 /* vinfo_last is the range start, vinfo the range end */ 2119 vinfo_last = vinfo; 2120 vinfo = &vrange_end; 2121 2122 if (!br_vlan_valid_id(vinfo->vid, extack) || 2123 !br_vlan_valid_range(vinfo, vinfo_last, extack)) 2124 return -EINVAL; 2125 } 2126 2127 switch (cmd) { 2128 case RTM_NEWVLAN: 2129 cmdmap = RTM_SETLINK; 2130 skip_processing = !!(vinfo->flags & BRIDGE_VLAN_INFO_ONLY_OPTS); 2131 break; 2132 case RTM_DELVLAN: 2133 cmdmap = RTM_DELLINK; 2134 break; 2135 } 2136 2137 if (!skip_processing) { 2138 struct bridge_vlan_info *tmp_last = vinfo_last; 2139 2140 /* br_process_vlan_info may overwrite vinfo_last */ 2141 err = br_process_vlan_info(br, p, cmdmap, vinfo, &tmp_last, 2142 &changed, extack); 2143 2144 /* notify first if anything changed */ 2145 if (changed) 2146 br_ifinfo_notify(cmdmap, br, p); 2147 2148 if (err) 2149 return err; 2150 } 2151 2152 /* deal with options */ 2153 if (cmd == RTM_NEWVLAN) { 2154 struct net_bridge_vlan *range_start, *range_end; 2155 2156 if (vinfo_last) { 2157 range_start = br_vlan_find(vg, vinfo_last->vid); 2158 range_end = br_vlan_find(vg, vinfo->vid); 2159 } else { 2160 range_start = br_vlan_find(vg, vinfo->vid); 2161 range_end = range_start; 2162 } 2163 2164 err = br_vlan_process_options(br, p, range_start, range_end, 2165 tb, extack); 2166 } 2167 2168 return err; 2169 } 2170 2171 static int br_vlan_rtm_process(struct sk_buff *skb, struct nlmsghdr *nlh, 2172 struct netlink_ext_ack *extack) 2173 { 2174 struct net *net = sock_net(skb->sk); 2175 struct br_vlan_msg *bvm; 2176 struct net_device *dev; 2177 struct nlattr *attr; 2178 int err, vlans = 0; 2179 int rem; 2180 2181 /* this should validate the header and check for remaining bytes */ 2182 err = nlmsg_parse(nlh, sizeof(*bvm), NULL, BRIDGE_VLANDB_MAX, NULL, 2183 extack); 2184 if (err < 0) 2185 return err; 2186 2187 bvm = nlmsg_data(nlh); 2188 dev = __dev_get_by_index(net, bvm->ifindex); 2189 if (!dev) 2190 return -ENODEV; 2191 2192 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) { 2193 NL_SET_ERR_MSG_MOD(extack, "The device is not a valid bridge or bridge port"); 2194 return -EINVAL; 2195 } 2196 2197 nlmsg_for_each_attr(attr, nlh, sizeof(*bvm), rem) { 2198 switch (nla_type(attr)) { 2199 case BRIDGE_VLANDB_ENTRY: 2200 err = br_vlan_rtm_process_one(dev, attr, 2201 nlh->nlmsg_type, 2202 extack); 2203 break; 2204 case BRIDGE_VLANDB_GLOBAL_OPTIONS: 2205 err = br_vlan_rtm_process_global_options(dev, attr, 2206 nlh->nlmsg_type, 2207 extack); 2208 break; 2209 default: 2210 continue; 2211 } 2212 2213 vlans++; 2214 if (err) 2215 break; 2216 } 2217 if (!vlans) { 2218 NL_SET_ERR_MSG_MOD(extack, "No vlans found to process"); 2219 err = -EINVAL; 2220 } 2221 2222 return err; 2223 } 2224 2225 void br_vlan_rtnl_init(void) 2226 { 2227 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_GETVLAN, NULL, 2228 br_vlan_rtm_dump, 0); 2229 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_NEWVLAN, 2230 br_vlan_rtm_process, NULL, 0); 2231 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_DELVLAN, 2232 br_vlan_rtm_process, NULL, 0); 2233 } 2234 2235 void br_vlan_rtnl_uninit(void) 2236 { 2237 rtnl_unregister(PF_BRIDGE, RTM_GETVLAN); 2238 rtnl_unregister(PF_BRIDGE, RTM_NEWVLAN); 2239 rtnl_unregister(PF_BRIDGE, RTM_DELVLAN); 2240 } 2241