1 // SPDX-License-Identifier: GPL-2.0-only 2 #include <linux/kernel.h> 3 #include <linux/netdevice.h> 4 #include <linux/rtnetlink.h> 5 #include <linux/slab.h> 6 #include <net/switchdev.h> 7 8 #include "br_private.h" 9 #include "br_private_tunnel.h" 10 11 static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid); 12 13 static inline int br_vlan_cmp(struct rhashtable_compare_arg *arg, 14 const void *ptr) 15 { 16 const struct net_bridge_vlan *vle = ptr; 17 u16 vid = *(u16 *)arg->key; 18 19 return vle->vid != vid; 20 } 21 22 static const struct rhashtable_params br_vlan_rht_params = { 23 .head_offset = offsetof(struct net_bridge_vlan, vnode), 24 .key_offset = offsetof(struct net_bridge_vlan, vid), 25 .key_len = sizeof(u16), 26 .nelem_hint = 3, 27 .max_size = VLAN_N_VID, 28 .obj_cmpfn = br_vlan_cmp, 29 .automatic_shrinking = true, 30 }; 31 32 static struct net_bridge_vlan *br_vlan_lookup(struct rhashtable *tbl, u16 vid) 33 { 34 return rhashtable_lookup_fast(tbl, &vid, br_vlan_rht_params); 35 } 36 37 static bool __vlan_add_pvid(struct net_bridge_vlan_group *vg, 38 const struct net_bridge_vlan *v) 39 { 40 if (vg->pvid == v->vid) 41 return false; 42 43 smp_wmb(); 44 br_vlan_set_pvid_state(vg, v->state); 45 vg->pvid = v->vid; 46 47 return true; 48 } 49 50 static bool __vlan_delete_pvid(struct net_bridge_vlan_group *vg, u16 vid) 51 { 52 if (vg->pvid != vid) 53 return false; 54 55 smp_wmb(); 56 vg->pvid = 0; 57 58 return true; 59 } 60 61 /* Returns true if the BRIDGE_VLAN_INFO_PVID and BRIDGE_VLAN_INFO_UNTAGGED bits 62 * of @flags produced any change onto @v, false otherwise 63 */ 64 static bool __vlan_add_flags(struct net_bridge_vlan *v, u16 flags) 65 { 66 struct net_bridge_vlan_group *vg; 67 u16 old_flags = v->flags; 68 bool ret; 69 70 if (br_vlan_is_master(v)) 71 vg = br_vlan_group(v->br); 72 else 73 vg = nbp_vlan_group(v->port); 74 75 if (flags & BRIDGE_VLAN_INFO_PVID) 76 ret = __vlan_add_pvid(vg, v); 77 else 78 ret = __vlan_delete_pvid(vg, v->vid); 79 80 if (flags & BRIDGE_VLAN_INFO_UNTAGGED) 81 v->flags |= BRIDGE_VLAN_INFO_UNTAGGED; 82 else 83 v->flags &= ~BRIDGE_VLAN_INFO_UNTAGGED; 84 85 return ret || !!((old_flags ^ v->flags) & BRIDGE_VLAN_INFO_UNTAGGED); 86 } 87 88 static int __vlan_vid_add(struct net_device *dev, struct net_bridge *br, 89 struct net_bridge_vlan *v, u16 flags, 90 struct netlink_ext_ack *extack) 91 { 92 int err; 93 94 /* Try switchdev op first. In case it is not supported, fallback to 95 * 8021q add. 96 */ 97 err = br_switchdev_port_vlan_add(dev, v->vid, flags, extack); 98 if (err == -EOPNOTSUPP) 99 return vlan_vid_add(dev, br->vlan_proto, v->vid); 100 v->priv_flags |= BR_VLFLAG_ADDED_BY_SWITCHDEV; 101 return err; 102 } 103 104 static void __vlan_add_list(struct net_bridge_vlan *v) 105 { 106 struct net_bridge_vlan_group *vg; 107 struct list_head *headp, *hpos; 108 struct net_bridge_vlan *vent; 109 110 if (br_vlan_is_master(v)) 111 vg = br_vlan_group(v->br); 112 else 113 vg = nbp_vlan_group(v->port); 114 115 headp = &vg->vlan_list; 116 list_for_each_prev(hpos, headp) { 117 vent = list_entry(hpos, struct net_bridge_vlan, vlist); 118 if (v->vid >= vent->vid) 119 break; 120 } 121 list_add_rcu(&v->vlist, hpos); 122 } 123 124 static void __vlan_del_list(struct net_bridge_vlan *v) 125 { 126 list_del_rcu(&v->vlist); 127 } 128 129 static int __vlan_vid_del(struct net_device *dev, struct net_bridge *br, 130 const struct net_bridge_vlan *v) 131 { 132 int err; 133 134 /* Try switchdev op first. In case it is not supported, fallback to 135 * 8021q del. 136 */ 137 err = br_switchdev_port_vlan_del(dev, v->vid); 138 if (!(v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV)) 139 vlan_vid_del(dev, br->vlan_proto, v->vid); 140 return err == -EOPNOTSUPP ? 0 : err; 141 } 142 143 /* Returns a master vlan, if it didn't exist it gets created. In all cases 144 * a reference is taken to the master vlan before returning. 145 */ 146 static struct net_bridge_vlan * 147 br_vlan_get_master(struct net_bridge *br, u16 vid, 148 struct netlink_ext_ack *extack) 149 { 150 struct net_bridge_vlan_group *vg; 151 struct net_bridge_vlan *masterv; 152 153 vg = br_vlan_group(br); 154 masterv = br_vlan_find(vg, vid); 155 if (!masterv) { 156 bool changed; 157 158 /* missing global ctx, create it now */ 159 if (br_vlan_add(br, vid, 0, &changed, extack)) 160 return NULL; 161 masterv = br_vlan_find(vg, vid); 162 if (WARN_ON(!masterv)) 163 return NULL; 164 refcount_set(&masterv->refcnt, 1); 165 return masterv; 166 } 167 refcount_inc(&masterv->refcnt); 168 169 return masterv; 170 } 171 172 static void br_master_vlan_rcu_free(struct rcu_head *rcu) 173 { 174 struct net_bridge_vlan *v; 175 176 v = container_of(rcu, struct net_bridge_vlan, rcu); 177 WARN_ON(!br_vlan_is_master(v)); 178 free_percpu(v->stats); 179 v->stats = NULL; 180 kfree(v); 181 } 182 183 static void br_vlan_put_master(struct net_bridge_vlan *masterv) 184 { 185 struct net_bridge_vlan_group *vg; 186 187 if (!br_vlan_is_master(masterv)) 188 return; 189 190 vg = br_vlan_group(masterv->br); 191 if (refcount_dec_and_test(&masterv->refcnt)) { 192 rhashtable_remove_fast(&vg->vlan_hash, 193 &masterv->vnode, br_vlan_rht_params); 194 __vlan_del_list(masterv); 195 br_multicast_toggle_one_vlan(masterv, false); 196 br_multicast_ctx_deinit(&masterv->br_mcast_ctx); 197 call_rcu(&masterv->rcu, br_master_vlan_rcu_free); 198 } 199 } 200 201 static void nbp_vlan_rcu_free(struct rcu_head *rcu) 202 { 203 struct net_bridge_vlan *v; 204 205 v = container_of(rcu, struct net_bridge_vlan, rcu); 206 WARN_ON(br_vlan_is_master(v)); 207 /* if we had per-port stats configured then free them here */ 208 if (v->priv_flags & BR_VLFLAG_PER_PORT_STATS) 209 free_percpu(v->stats); 210 v->stats = NULL; 211 kfree(v); 212 } 213 214 /* This is the shared VLAN add function which works for both ports and bridge 215 * devices. There are four possible calls to this function in terms of the 216 * vlan entry type: 217 * 1. vlan is being added on a port (no master flags, global entry exists) 218 * 2. vlan is being added on a bridge (both master and brentry flags) 219 * 3. vlan is being added on a port, but a global entry didn't exist which 220 * is being created right now (master flag set, brentry flag unset), the 221 * global entry is used for global per-vlan features, but not for filtering 222 * 4. same as 3 but with both master and brentry flags set so the entry 223 * will be used for filtering in both the port and the bridge 224 */ 225 static int __vlan_add(struct net_bridge_vlan *v, u16 flags, 226 struct netlink_ext_ack *extack) 227 { 228 struct net_bridge_vlan *masterv = NULL; 229 struct net_bridge_port *p = NULL; 230 struct net_bridge_vlan_group *vg; 231 struct net_device *dev; 232 struct net_bridge *br; 233 int err; 234 235 if (br_vlan_is_master(v)) { 236 br = v->br; 237 dev = br->dev; 238 vg = br_vlan_group(br); 239 } else { 240 p = v->port; 241 br = p->br; 242 dev = p->dev; 243 vg = nbp_vlan_group(p); 244 } 245 246 if (p) { 247 /* Add VLAN to the device filter if it is supported. 248 * This ensures tagged traffic enters the bridge when 249 * promiscuous mode is disabled by br_manage_promisc(). 250 */ 251 err = __vlan_vid_add(dev, br, v, flags, extack); 252 if (err) 253 goto out; 254 255 /* need to work on the master vlan too */ 256 if (flags & BRIDGE_VLAN_INFO_MASTER) { 257 bool changed; 258 259 err = br_vlan_add(br, v->vid, 260 flags | BRIDGE_VLAN_INFO_BRENTRY, 261 &changed, extack); 262 if (err) 263 goto out_filt; 264 265 if (changed) 266 br_vlan_notify(br, NULL, v->vid, 0, 267 RTM_NEWVLAN); 268 } 269 270 masterv = br_vlan_get_master(br, v->vid, extack); 271 if (!masterv) { 272 err = -ENOMEM; 273 goto out_filt; 274 } 275 v->brvlan = masterv; 276 if (br_opt_get(br, BROPT_VLAN_STATS_PER_PORT)) { 277 v->stats = 278 netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); 279 if (!v->stats) { 280 err = -ENOMEM; 281 goto out_filt; 282 } 283 v->priv_flags |= BR_VLFLAG_PER_PORT_STATS; 284 } else { 285 v->stats = masterv->stats; 286 } 287 br_multicast_port_ctx_init(p, v, &v->port_mcast_ctx); 288 } else { 289 if (br_vlan_should_use(v)) { 290 err = br_switchdev_port_vlan_add(dev, v->vid, flags, 291 extack); 292 if (err && err != -EOPNOTSUPP) 293 goto out; 294 } 295 br_multicast_ctx_init(br, v, &v->br_mcast_ctx); 296 v->priv_flags |= BR_VLFLAG_GLOBAL_MCAST_ENABLED; 297 } 298 299 /* Add the dev mac and count the vlan only if it's usable */ 300 if (br_vlan_should_use(v)) { 301 err = br_fdb_add_local(br, p, dev->dev_addr, v->vid); 302 if (err) { 303 br_err(br, "failed insert local address into bridge forwarding table\n"); 304 goto out_filt; 305 } 306 vg->num_vlans++; 307 } 308 309 /* set the state before publishing */ 310 v->state = BR_STATE_FORWARDING; 311 312 err = rhashtable_lookup_insert_fast(&vg->vlan_hash, &v->vnode, 313 br_vlan_rht_params); 314 if (err) 315 goto out_fdb_insert; 316 317 __vlan_add_list(v); 318 __vlan_add_flags(v, flags); 319 br_multicast_toggle_one_vlan(v, true); 320 321 if (p) 322 nbp_vlan_set_vlan_dev_state(p, v->vid); 323 out: 324 return err; 325 326 out_fdb_insert: 327 if (br_vlan_should_use(v)) { 328 br_fdb_find_delete_local(br, p, dev->dev_addr, v->vid); 329 vg->num_vlans--; 330 } 331 332 out_filt: 333 if (p) { 334 __vlan_vid_del(dev, br, v); 335 if (masterv) { 336 if (v->stats && masterv->stats != v->stats) 337 free_percpu(v->stats); 338 v->stats = NULL; 339 340 br_vlan_put_master(masterv); 341 v->brvlan = NULL; 342 } 343 } else { 344 br_switchdev_port_vlan_del(dev, v->vid); 345 } 346 347 goto out; 348 } 349 350 static int __vlan_del(struct net_bridge_vlan *v) 351 { 352 struct net_bridge_vlan *masterv = v; 353 struct net_bridge_vlan_group *vg; 354 struct net_bridge_port *p = NULL; 355 int err = 0; 356 357 if (br_vlan_is_master(v)) { 358 vg = br_vlan_group(v->br); 359 } else { 360 p = v->port; 361 vg = nbp_vlan_group(v->port); 362 masterv = v->brvlan; 363 } 364 365 __vlan_delete_pvid(vg, v->vid); 366 if (p) { 367 err = __vlan_vid_del(p->dev, p->br, v); 368 if (err) 369 goto out; 370 } else { 371 err = br_switchdev_port_vlan_del(v->br->dev, v->vid); 372 if (err && err != -EOPNOTSUPP) 373 goto out; 374 err = 0; 375 } 376 377 if (br_vlan_should_use(v)) { 378 v->flags &= ~BRIDGE_VLAN_INFO_BRENTRY; 379 vg->num_vlans--; 380 } 381 382 if (masterv != v) { 383 vlan_tunnel_info_del(vg, v); 384 rhashtable_remove_fast(&vg->vlan_hash, &v->vnode, 385 br_vlan_rht_params); 386 __vlan_del_list(v); 387 nbp_vlan_set_vlan_dev_state(p, v->vid); 388 br_multicast_toggle_one_vlan(v, false); 389 br_multicast_port_ctx_deinit(&v->port_mcast_ctx); 390 call_rcu(&v->rcu, nbp_vlan_rcu_free); 391 } 392 393 br_vlan_put_master(masterv); 394 out: 395 return err; 396 } 397 398 static void __vlan_group_free(struct net_bridge_vlan_group *vg) 399 { 400 WARN_ON(!list_empty(&vg->vlan_list)); 401 rhashtable_destroy(&vg->vlan_hash); 402 vlan_tunnel_deinit(vg); 403 kfree(vg); 404 } 405 406 static void __vlan_flush(const struct net_bridge *br, 407 const struct net_bridge_port *p, 408 struct net_bridge_vlan_group *vg) 409 { 410 struct net_bridge_vlan *vlan, *tmp; 411 u16 v_start = 0, v_end = 0; 412 int err; 413 414 __vlan_delete_pvid(vg, vg->pvid); 415 list_for_each_entry_safe(vlan, tmp, &vg->vlan_list, vlist) { 416 /* take care of disjoint ranges */ 417 if (!v_start) { 418 v_start = vlan->vid; 419 } else if (vlan->vid - v_end != 1) { 420 /* found range end, notify and start next one */ 421 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN); 422 v_start = vlan->vid; 423 } 424 v_end = vlan->vid; 425 426 err = __vlan_del(vlan); 427 if (err) { 428 br_err(br, 429 "port %u(%s) failed to delete vlan %d: %pe\n", 430 (unsigned int) p->port_no, p->dev->name, 431 vlan->vid, ERR_PTR(err)); 432 } 433 } 434 435 /* notify about the last/whole vlan range */ 436 if (v_start) 437 br_vlan_notify(br, p, v_start, v_end, RTM_DELVLAN); 438 } 439 440 struct sk_buff *br_handle_vlan(struct net_bridge *br, 441 const struct net_bridge_port *p, 442 struct net_bridge_vlan_group *vg, 443 struct sk_buff *skb) 444 { 445 struct pcpu_sw_netstats *stats; 446 struct net_bridge_vlan *v; 447 u16 vid; 448 449 /* If this packet was not filtered at input, let it pass */ 450 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered) 451 goto out; 452 453 /* At this point, we know that the frame was filtered and contains 454 * a valid vlan id. If the vlan id has untagged flag set, 455 * send untagged; otherwise, send tagged. 456 */ 457 br_vlan_get_tag(skb, &vid); 458 v = br_vlan_find(vg, vid); 459 /* Vlan entry must be configured at this point. The 460 * only exception is the bridge is set in promisc mode and the 461 * packet is destined for the bridge device. In this case 462 * pass the packet as is. 463 */ 464 if (!v || !br_vlan_should_use(v)) { 465 if ((br->dev->flags & IFF_PROMISC) && skb->dev == br->dev) { 466 goto out; 467 } else { 468 kfree_skb(skb); 469 return NULL; 470 } 471 } 472 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 473 stats = this_cpu_ptr(v->stats); 474 u64_stats_update_begin(&stats->syncp); 475 stats->tx_bytes += skb->len; 476 stats->tx_packets++; 477 u64_stats_update_end(&stats->syncp); 478 } 479 480 /* If the skb will be sent using forwarding offload, the assumption is 481 * that the switchdev will inject the packet into hardware together 482 * with the bridge VLAN, so that it can be forwarded according to that 483 * VLAN. The switchdev should deal with popping the VLAN header in 484 * hardware on each egress port as appropriate. So only strip the VLAN 485 * header if forwarding offload is not being used. 486 */ 487 if (v->flags & BRIDGE_VLAN_INFO_UNTAGGED && 488 !br_switchdev_frame_uses_tx_fwd_offload(skb)) 489 __vlan_hwaccel_clear_tag(skb); 490 491 if (p && (p->flags & BR_VLAN_TUNNEL) && 492 br_handle_egress_vlan_tunnel(skb, v)) { 493 kfree_skb(skb); 494 return NULL; 495 } 496 out: 497 return skb; 498 } 499 500 /* Called under RCU */ 501 static bool __allowed_ingress(const struct net_bridge *br, 502 struct net_bridge_vlan_group *vg, 503 struct sk_buff *skb, u16 *vid, 504 u8 *state, 505 struct net_bridge_vlan **vlan) 506 { 507 struct pcpu_sw_netstats *stats; 508 struct net_bridge_vlan *v; 509 bool tagged; 510 511 BR_INPUT_SKB_CB(skb)->vlan_filtered = true; 512 /* If vlan tx offload is disabled on bridge device and frame was 513 * sent from vlan device on the bridge device, it does not have 514 * HW accelerated vlan tag. 515 */ 516 if (unlikely(!skb_vlan_tag_present(skb) && 517 skb->protocol == br->vlan_proto)) { 518 skb = skb_vlan_untag(skb); 519 if (unlikely(!skb)) 520 return false; 521 } 522 523 if (!br_vlan_get_tag(skb, vid)) { 524 /* Tagged frame */ 525 if (skb->vlan_proto != br->vlan_proto) { 526 /* Protocol-mismatch, empty out vlan_tci for new tag */ 527 skb_push(skb, ETH_HLEN); 528 skb = vlan_insert_tag_set_proto(skb, skb->vlan_proto, 529 skb_vlan_tag_get(skb)); 530 if (unlikely(!skb)) 531 return false; 532 533 skb_pull(skb, ETH_HLEN); 534 skb_reset_mac_len(skb); 535 *vid = 0; 536 tagged = false; 537 } else { 538 tagged = true; 539 } 540 } else { 541 /* Untagged frame */ 542 tagged = false; 543 } 544 545 if (!*vid) { 546 u16 pvid = br_get_pvid(vg); 547 548 /* Frame had a tag with VID 0 or did not have a tag. 549 * See if pvid is set on this port. That tells us which 550 * vlan untagged or priority-tagged traffic belongs to. 551 */ 552 if (!pvid) 553 goto drop; 554 555 /* PVID is set on this port. Any untagged or priority-tagged 556 * ingress frame is considered to belong to this vlan. 557 */ 558 *vid = pvid; 559 if (likely(!tagged)) 560 /* Untagged Frame. */ 561 __vlan_hwaccel_put_tag(skb, br->vlan_proto, pvid); 562 else 563 /* Priority-tagged Frame. 564 * At this point, we know that skb->vlan_tci VID 565 * field was 0. 566 * We update only VID field and preserve PCP field. 567 */ 568 skb->vlan_tci |= pvid; 569 570 /* if snooping and stats are disabled we can avoid the lookup */ 571 if (!br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED) && 572 !br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 573 if (*state == BR_STATE_FORWARDING) { 574 *state = br_vlan_get_pvid_state(vg); 575 if (!br_vlan_state_allowed(*state, true)) 576 goto drop; 577 } 578 return true; 579 } 580 } 581 v = br_vlan_find(vg, *vid); 582 if (!v || !br_vlan_should_use(v)) 583 goto drop; 584 585 if (*state == BR_STATE_FORWARDING) { 586 *state = br_vlan_get_state(v); 587 if (!br_vlan_state_allowed(*state, true)) 588 goto drop; 589 } 590 591 if (br_opt_get(br, BROPT_VLAN_STATS_ENABLED)) { 592 stats = this_cpu_ptr(v->stats); 593 u64_stats_update_begin(&stats->syncp); 594 stats->rx_bytes += skb->len; 595 stats->rx_packets++; 596 u64_stats_update_end(&stats->syncp); 597 } 598 599 *vlan = v; 600 601 return true; 602 603 drop: 604 kfree_skb(skb); 605 return false; 606 } 607 608 bool br_allowed_ingress(const struct net_bridge *br, 609 struct net_bridge_vlan_group *vg, struct sk_buff *skb, 610 u16 *vid, u8 *state, 611 struct net_bridge_vlan **vlan) 612 { 613 /* If VLAN filtering is disabled on the bridge, all packets are 614 * permitted. 615 */ 616 *vlan = NULL; 617 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) { 618 BR_INPUT_SKB_CB(skb)->vlan_filtered = false; 619 return true; 620 } 621 622 return __allowed_ingress(br, vg, skb, vid, state, vlan); 623 } 624 625 /* Called under RCU. */ 626 bool br_allowed_egress(struct net_bridge_vlan_group *vg, 627 const struct sk_buff *skb) 628 { 629 const struct net_bridge_vlan *v; 630 u16 vid; 631 632 /* If this packet was not filtered at input, let it pass */ 633 if (!BR_INPUT_SKB_CB(skb)->vlan_filtered) 634 return true; 635 636 br_vlan_get_tag(skb, &vid); 637 v = br_vlan_find(vg, vid); 638 if (v && br_vlan_should_use(v) && 639 br_vlan_state_allowed(br_vlan_get_state(v), false)) 640 return true; 641 642 return false; 643 } 644 645 /* Called under RCU */ 646 bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid) 647 { 648 struct net_bridge_vlan_group *vg; 649 struct net_bridge *br = p->br; 650 struct net_bridge_vlan *v; 651 652 /* If filtering was disabled at input, let it pass. */ 653 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 654 return true; 655 656 vg = nbp_vlan_group_rcu(p); 657 if (!vg || !vg->num_vlans) 658 return false; 659 660 if (!br_vlan_get_tag(skb, vid) && skb->vlan_proto != br->vlan_proto) 661 *vid = 0; 662 663 if (!*vid) { 664 *vid = br_get_pvid(vg); 665 if (!*vid || 666 !br_vlan_state_allowed(br_vlan_get_pvid_state(vg), true)) 667 return false; 668 669 return true; 670 } 671 672 v = br_vlan_find(vg, *vid); 673 if (v && br_vlan_state_allowed(br_vlan_get_state(v), true)) 674 return true; 675 676 return false; 677 } 678 679 static int br_vlan_add_existing(struct net_bridge *br, 680 struct net_bridge_vlan_group *vg, 681 struct net_bridge_vlan *vlan, 682 u16 flags, bool *changed, 683 struct netlink_ext_ack *extack) 684 { 685 int err; 686 687 /* Trying to change flags of non-existent bridge vlan */ 688 if (!br_vlan_is_brentry(vlan) && !(flags & BRIDGE_VLAN_INFO_BRENTRY)) 689 return -EINVAL; 690 691 err = br_switchdev_port_vlan_add(br->dev, vlan->vid, flags, extack); 692 if (err && err != -EOPNOTSUPP) 693 return err; 694 695 if (!br_vlan_is_brentry(vlan)) { 696 /* It was only kept for port vlans, now make it real */ 697 err = br_fdb_add_local(br, NULL, br->dev->dev_addr, vlan->vid); 698 if (err) { 699 br_err(br, "failed to insert local address into bridge forwarding table\n"); 700 goto err_fdb_insert; 701 } 702 703 refcount_inc(&vlan->refcnt); 704 vlan->flags |= BRIDGE_VLAN_INFO_BRENTRY; 705 vg->num_vlans++; 706 *changed = true; 707 br_multicast_toggle_one_vlan(vlan, true); 708 } 709 710 if (__vlan_add_flags(vlan, flags)) 711 *changed = true; 712 713 return 0; 714 715 err_fdb_insert: 716 br_switchdev_port_vlan_del(br->dev, vlan->vid); 717 return err; 718 } 719 720 /* Must be protected by RTNL. 721 * Must be called with vid in range from 1 to 4094 inclusive. 722 * changed must be true only if the vlan was created or updated 723 */ 724 int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags, bool *changed, 725 struct netlink_ext_ack *extack) 726 { 727 struct net_bridge_vlan_group *vg; 728 struct net_bridge_vlan *vlan; 729 int ret; 730 731 ASSERT_RTNL(); 732 733 *changed = false; 734 vg = br_vlan_group(br); 735 vlan = br_vlan_find(vg, vid); 736 if (vlan) 737 return br_vlan_add_existing(br, vg, vlan, flags, changed, 738 extack); 739 740 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL); 741 if (!vlan) 742 return -ENOMEM; 743 744 vlan->stats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats); 745 if (!vlan->stats) { 746 kfree(vlan); 747 return -ENOMEM; 748 } 749 vlan->vid = vid; 750 vlan->flags = flags | BRIDGE_VLAN_INFO_MASTER; 751 vlan->flags &= ~BRIDGE_VLAN_INFO_PVID; 752 vlan->br = br; 753 if (flags & BRIDGE_VLAN_INFO_BRENTRY) 754 refcount_set(&vlan->refcnt, 1); 755 ret = __vlan_add(vlan, flags, extack); 756 if (ret) { 757 free_percpu(vlan->stats); 758 kfree(vlan); 759 } else { 760 *changed = true; 761 } 762 763 return ret; 764 } 765 766 /* Must be protected by RTNL. 767 * Must be called with vid in range from 1 to 4094 inclusive. 768 */ 769 int br_vlan_delete(struct net_bridge *br, u16 vid) 770 { 771 struct net_bridge_vlan_group *vg; 772 struct net_bridge_vlan *v; 773 774 ASSERT_RTNL(); 775 776 vg = br_vlan_group(br); 777 v = br_vlan_find(vg, vid); 778 if (!v || !br_vlan_is_brentry(v)) 779 return -ENOENT; 780 781 br_fdb_find_delete_local(br, NULL, br->dev->dev_addr, vid); 782 br_fdb_delete_by_port(br, NULL, vid, 0); 783 784 vlan_tunnel_info_del(vg, v); 785 786 return __vlan_del(v); 787 } 788 789 void br_vlan_flush(struct net_bridge *br) 790 { 791 struct net_bridge_vlan_group *vg; 792 793 ASSERT_RTNL(); 794 795 vg = br_vlan_group(br); 796 __vlan_flush(br, NULL, vg); 797 RCU_INIT_POINTER(br->vlgrp, NULL); 798 synchronize_rcu(); 799 __vlan_group_free(vg); 800 } 801 802 struct net_bridge_vlan *br_vlan_find(struct net_bridge_vlan_group *vg, u16 vid) 803 { 804 if (!vg) 805 return NULL; 806 807 return br_vlan_lookup(&vg->vlan_hash, vid); 808 } 809 810 /* Must be protected by RTNL. */ 811 static void recalculate_group_addr(struct net_bridge *br) 812 { 813 if (br_opt_get(br, BROPT_GROUP_ADDR_SET)) 814 return; 815 816 spin_lock_bh(&br->lock); 817 if (!br_opt_get(br, BROPT_VLAN_ENABLED) || 818 br->vlan_proto == htons(ETH_P_8021Q)) { 819 /* Bridge Group Address */ 820 br->group_addr[5] = 0x00; 821 } else { /* vlan_enabled && ETH_P_8021AD */ 822 /* Provider Bridge Group Address */ 823 br->group_addr[5] = 0x08; 824 } 825 spin_unlock_bh(&br->lock); 826 } 827 828 /* Must be protected by RTNL. */ 829 void br_recalculate_fwd_mask(struct net_bridge *br) 830 { 831 if (!br_opt_get(br, BROPT_VLAN_ENABLED) || 832 br->vlan_proto == htons(ETH_P_8021Q)) 833 br->group_fwd_mask_required = BR_GROUPFWD_DEFAULT; 834 else /* vlan_enabled && ETH_P_8021AD */ 835 br->group_fwd_mask_required = BR_GROUPFWD_8021AD & 836 ~(1u << br->group_addr[5]); 837 } 838 839 int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val, 840 struct netlink_ext_ack *extack) 841 { 842 struct switchdev_attr attr = { 843 .orig_dev = br->dev, 844 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING, 845 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 846 .u.vlan_filtering = val, 847 }; 848 int err; 849 850 if (br_opt_get(br, BROPT_VLAN_ENABLED) == !!val) 851 return 0; 852 853 br_opt_toggle(br, BROPT_VLAN_ENABLED, !!val); 854 855 err = switchdev_port_attr_set(br->dev, &attr, extack); 856 if (err && err != -EOPNOTSUPP) { 857 br_opt_toggle(br, BROPT_VLAN_ENABLED, !val); 858 return err; 859 } 860 861 br_manage_promisc(br); 862 recalculate_group_addr(br); 863 br_recalculate_fwd_mask(br); 864 if (!val && br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED)) { 865 br_info(br, "vlan filtering disabled, automatically disabling multicast vlan snooping\n"); 866 br_multicast_toggle_vlan_snooping(br, false, NULL); 867 } 868 869 return 0; 870 } 871 872 bool br_vlan_enabled(const struct net_device *dev) 873 { 874 struct net_bridge *br = netdev_priv(dev); 875 876 return br_opt_get(br, BROPT_VLAN_ENABLED); 877 } 878 EXPORT_SYMBOL_GPL(br_vlan_enabled); 879 880 int br_vlan_get_proto(const struct net_device *dev, u16 *p_proto) 881 { 882 struct net_bridge *br = netdev_priv(dev); 883 884 *p_proto = ntohs(br->vlan_proto); 885 886 return 0; 887 } 888 EXPORT_SYMBOL_GPL(br_vlan_get_proto); 889 890 int __br_vlan_set_proto(struct net_bridge *br, __be16 proto, 891 struct netlink_ext_ack *extack) 892 { 893 struct switchdev_attr attr = { 894 .orig_dev = br->dev, 895 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_PROTOCOL, 896 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 897 .u.vlan_protocol = ntohs(proto), 898 }; 899 int err = 0; 900 struct net_bridge_port *p; 901 struct net_bridge_vlan *vlan; 902 struct net_bridge_vlan_group *vg; 903 __be16 oldproto = br->vlan_proto; 904 905 if (br->vlan_proto == proto) 906 return 0; 907 908 err = switchdev_port_attr_set(br->dev, &attr, extack); 909 if (err && err != -EOPNOTSUPP) 910 return err; 911 912 /* Add VLANs for the new proto to the device filter. */ 913 list_for_each_entry(p, &br->port_list, list) { 914 vg = nbp_vlan_group(p); 915 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 916 err = vlan_vid_add(p->dev, proto, vlan->vid); 917 if (err) 918 goto err_filt; 919 } 920 } 921 922 br->vlan_proto = proto; 923 924 recalculate_group_addr(br); 925 br_recalculate_fwd_mask(br); 926 927 /* Delete VLANs for the old proto from the device filter. */ 928 list_for_each_entry(p, &br->port_list, list) { 929 vg = nbp_vlan_group(p); 930 list_for_each_entry(vlan, &vg->vlan_list, vlist) 931 vlan_vid_del(p->dev, oldproto, vlan->vid); 932 } 933 934 return 0; 935 936 err_filt: 937 attr.u.vlan_protocol = ntohs(oldproto); 938 switchdev_port_attr_set(br->dev, &attr, NULL); 939 940 list_for_each_entry_continue_reverse(vlan, &vg->vlan_list, vlist) 941 vlan_vid_del(p->dev, proto, vlan->vid); 942 943 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 944 vg = nbp_vlan_group(p); 945 list_for_each_entry(vlan, &vg->vlan_list, vlist) 946 vlan_vid_del(p->dev, proto, vlan->vid); 947 } 948 949 return err; 950 } 951 952 int br_vlan_set_proto(struct net_bridge *br, unsigned long val, 953 struct netlink_ext_ack *extack) 954 { 955 if (!eth_type_vlan(htons(val))) 956 return -EPROTONOSUPPORT; 957 958 return __br_vlan_set_proto(br, htons(val), extack); 959 } 960 961 int br_vlan_set_stats(struct net_bridge *br, unsigned long val) 962 { 963 switch (val) { 964 case 0: 965 case 1: 966 br_opt_toggle(br, BROPT_VLAN_STATS_ENABLED, !!val); 967 break; 968 default: 969 return -EINVAL; 970 } 971 972 return 0; 973 } 974 975 int br_vlan_set_stats_per_port(struct net_bridge *br, unsigned long val) 976 { 977 struct net_bridge_port *p; 978 979 /* allow to change the option if there are no port vlans configured */ 980 list_for_each_entry(p, &br->port_list, list) { 981 struct net_bridge_vlan_group *vg = nbp_vlan_group(p); 982 983 if (vg->num_vlans) 984 return -EBUSY; 985 } 986 987 switch (val) { 988 case 0: 989 case 1: 990 br_opt_toggle(br, BROPT_VLAN_STATS_PER_PORT, !!val); 991 break; 992 default: 993 return -EINVAL; 994 } 995 996 return 0; 997 } 998 999 static bool vlan_default_pvid(struct net_bridge_vlan_group *vg, u16 vid) 1000 { 1001 struct net_bridge_vlan *v; 1002 1003 if (vid != vg->pvid) 1004 return false; 1005 1006 v = br_vlan_lookup(&vg->vlan_hash, vid); 1007 if (v && br_vlan_should_use(v) && 1008 (v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) 1009 return true; 1010 1011 return false; 1012 } 1013 1014 static void br_vlan_disable_default_pvid(struct net_bridge *br) 1015 { 1016 struct net_bridge_port *p; 1017 u16 pvid = br->default_pvid; 1018 1019 /* Disable default_pvid on all ports where it is still 1020 * configured. 1021 */ 1022 if (vlan_default_pvid(br_vlan_group(br), pvid)) { 1023 if (!br_vlan_delete(br, pvid)) 1024 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN); 1025 } 1026 1027 list_for_each_entry(p, &br->port_list, list) { 1028 if (vlan_default_pvid(nbp_vlan_group(p), pvid) && 1029 !nbp_vlan_delete(p, pvid)) 1030 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN); 1031 } 1032 1033 br->default_pvid = 0; 1034 } 1035 1036 int __br_vlan_set_default_pvid(struct net_bridge *br, u16 pvid, 1037 struct netlink_ext_ack *extack) 1038 { 1039 const struct net_bridge_vlan *pvent; 1040 struct net_bridge_vlan_group *vg; 1041 struct net_bridge_port *p; 1042 unsigned long *changed; 1043 bool vlchange; 1044 u16 old_pvid; 1045 int err = 0; 1046 1047 if (!pvid) { 1048 br_vlan_disable_default_pvid(br); 1049 return 0; 1050 } 1051 1052 changed = bitmap_zalloc(BR_MAX_PORTS, GFP_KERNEL); 1053 if (!changed) 1054 return -ENOMEM; 1055 1056 old_pvid = br->default_pvid; 1057 1058 /* Update default_pvid config only if we do not conflict with 1059 * user configuration. 1060 */ 1061 vg = br_vlan_group(br); 1062 pvent = br_vlan_find(vg, pvid); 1063 if ((!old_pvid || vlan_default_pvid(vg, old_pvid)) && 1064 (!pvent || !br_vlan_should_use(pvent))) { 1065 err = br_vlan_add(br, pvid, 1066 BRIDGE_VLAN_INFO_PVID | 1067 BRIDGE_VLAN_INFO_UNTAGGED | 1068 BRIDGE_VLAN_INFO_BRENTRY, 1069 &vlchange, extack); 1070 if (err) 1071 goto out; 1072 1073 if (br_vlan_delete(br, old_pvid)) 1074 br_vlan_notify(br, NULL, old_pvid, 0, RTM_DELVLAN); 1075 br_vlan_notify(br, NULL, pvid, 0, RTM_NEWVLAN); 1076 __set_bit(0, changed); 1077 } 1078 1079 list_for_each_entry(p, &br->port_list, list) { 1080 /* Update default_pvid config only if we do not conflict with 1081 * user configuration. 1082 */ 1083 vg = nbp_vlan_group(p); 1084 if ((old_pvid && 1085 !vlan_default_pvid(vg, old_pvid)) || 1086 br_vlan_find(vg, pvid)) 1087 continue; 1088 1089 err = nbp_vlan_add(p, pvid, 1090 BRIDGE_VLAN_INFO_PVID | 1091 BRIDGE_VLAN_INFO_UNTAGGED, 1092 &vlchange, extack); 1093 if (err) 1094 goto err_port; 1095 if (nbp_vlan_delete(p, old_pvid)) 1096 br_vlan_notify(br, p, old_pvid, 0, RTM_DELVLAN); 1097 br_vlan_notify(p->br, p, pvid, 0, RTM_NEWVLAN); 1098 __set_bit(p->port_no, changed); 1099 } 1100 1101 br->default_pvid = pvid; 1102 1103 out: 1104 bitmap_free(changed); 1105 return err; 1106 1107 err_port: 1108 list_for_each_entry_continue_reverse(p, &br->port_list, list) { 1109 if (!test_bit(p->port_no, changed)) 1110 continue; 1111 1112 if (old_pvid) { 1113 nbp_vlan_add(p, old_pvid, 1114 BRIDGE_VLAN_INFO_PVID | 1115 BRIDGE_VLAN_INFO_UNTAGGED, 1116 &vlchange, NULL); 1117 br_vlan_notify(p->br, p, old_pvid, 0, RTM_NEWVLAN); 1118 } 1119 nbp_vlan_delete(p, pvid); 1120 br_vlan_notify(br, p, pvid, 0, RTM_DELVLAN); 1121 } 1122 1123 if (test_bit(0, changed)) { 1124 if (old_pvid) { 1125 br_vlan_add(br, old_pvid, 1126 BRIDGE_VLAN_INFO_PVID | 1127 BRIDGE_VLAN_INFO_UNTAGGED | 1128 BRIDGE_VLAN_INFO_BRENTRY, 1129 &vlchange, NULL); 1130 br_vlan_notify(br, NULL, old_pvid, 0, RTM_NEWVLAN); 1131 } 1132 br_vlan_delete(br, pvid); 1133 br_vlan_notify(br, NULL, pvid, 0, RTM_DELVLAN); 1134 } 1135 goto out; 1136 } 1137 1138 int br_vlan_set_default_pvid(struct net_bridge *br, unsigned long val, 1139 struct netlink_ext_ack *extack) 1140 { 1141 u16 pvid = val; 1142 int err = 0; 1143 1144 if (val >= VLAN_VID_MASK) 1145 return -EINVAL; 1146 1147 if (pvid == br->default_pvid) 1148 goto out; 1149 1150 /* Only allow default pvid change when filtering is disabled */ 1151 if (br_opt_get(br, BROPT_VLAN_ENABLED)) { 1152 pr_info_once("Please disable vlan filtering to change default_pvid\n"); 1153 err = -EPERM; 1154 goto out; 1155 } 1156 err = __br_vlan_set_default_pvid(br, pvid, extack); 1157 out: 1158 return err; 1159 } 1160 1161 int br_vlan_init(struct net_bridge *br) 1162 { 1163 struct net_bridge_vlan_group *vg; 1164 int ret = -ENOMEM; 1165 1166 vg = kzalloc(sizeof(*vg), GFP_KERNEL); 1167 if (!vg) 1168 goto out; 1169 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params); 1170 if (ret) 1171 goto err_rhtbl; 1172 ret = vlan_tunnel_init(vg); 1173 if (ret) 1174 goto err_tunnel_init; 1175 INIT_LIST_HEAD(&vg->vlan_list); 1176 br->vlan_proto = htons(ETH_P_8021Q); 1177 br->default_pvid = 1; 1178 rcu_assign_pointer(br->vlgrp, vg); 1179 1180 out: 1181 return ret; 1182 1183 err_tunnel_init: 1184 rhashtable_destroy(&vg->vlan_hash); 1185 err_rhtbl: 1186 kfree(vg); 1187 1188 goto out; 1189 } 1190 1191 int nbp_vlan_init(struct net_bridge_port *p, struct netlink_ext_ack *extack) 1192 { 1193 struct switchdev_attr attr = { 1194 .orig_dev = p->br->dev, 1195 .id = SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING, 1196 .flags = SWITCHDEV_F_SKIP_EOPNOTSUPP, 1197 .u.vlan_filtering = br_opt_get(p->br, BROPT_VLAN_ENABLED), 1198 }; 1199 struct net_bridge_vlan_group *vg; 1200 int ret = -ENOMEM; 1201 1202 vg = kzalloc(sizeof(struct net_bridge_vlan_group), GFP_KERNEL); 1203 if (!vg) 1204 goto out; 1205 1206 ret = switchdev_port_attr_set(p->dev, &attr, extack); 1207 if (ret && ret != -EOPNOTSUPP) 1208 goto err_vlan_enabled; 1209 1210 ret = rhashtable_init(&vg->vlan_hash, &br_vlan_rht_params); 1211 if (ret) 1212 goto err_rhtbl; 1213 ret = vlan_tunnel_init(vg); 1214 if (ret) 1215 goto err_tunnel_init; 1216 INIT_LIST_HEAD(&vg->vlan_list); 1217 rcu_assign_pointer(p->vlgrp, vg); 1218 if (p->br->default_pvid) { 1219 bool changed; 1220 1221 ret = nbp_vlan_add(p, p->br->default_pvid, 1222 BRIDGE_VLAN_INFO_PVID | 1223 BRIDGE_VLAN_INFO_UNTAGGED, 1224 &changed, extack); 1225 if (ret) 1226 goto err_vlan_add; 1227 br_vlan_notify(p->br, p, p->br->default_pvid, 0, RTM_NEWVLAN); 1228 } 1229 out: 1230 return ret; 1231 1232 err_vlan_add: 1233 RCU_INIT_POINTER(p->vlgrp, NULL); 1234 synchronize_rcu(); 1235 vlan_tunnel_deinit(vg); 1236 err_tunnel_init: 1237 rhashtable_destroy(&vg->vlan_hash); 1238 err_rhtbl: 1239 err_vlan_enabled: 1240 kfree(vg); 1241 1242 goto out; 1243 } 1244 1245 /* Must be protected by RTNL. 1246 * Must be called with vid in range from 1 to 4094 inclusive. 1247 * changed must be true only if the vlan was created or updated 1248 */ 1249 int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags, 1250 bool *changed, struct netlink_ext_ack *extack) 1251 { 1252 struct net_bridge_vlan *vlan; 1253 int ret; 1254 1255 ASSERT_RTNL(); 1256 1257 *changed = false; 1258 vlan = br_vlan_find(nbp_vlan_group(port), vid); 1259 if (vlan) { 1260 /* Pass the flags to the hardware bridge */ 1261 ret = br_switchdev_port_vlan_add(port->dev, vid, flags, extack); 1262 if (ret && ret != -EOPNOTSUPP) 1263 return ret; 1264 *changed = __vlan_add_flags(vlan, flags); 1265 1266 return 0; 1267 } 1268 1269 vlan = kzalloc(sizeof(*vlan), GFP_KERNEL); 1270 if (!vlan) 1271 return -ENOMEM; 1272 1273 vlan->vid = vid; 1274 vlan->port = port; 1275 ret = __vlan_add(vlan, flags, extack); 1276 if (ret) 1277 kfree(vlan); 1278 else 1279 *changed = true; 1280 1281 return ret; 1282 } 1283 1284 /* Must be protected by RTNL. 1285 * Must be called with vid in range from 1 to 4094 inclusive. 1286 */ 1287 int nbp_vlan_delete(struct net_bridge_port *port, u16 vid) 1288 { 1289 struct net_bridge_vlan *v; 1290 1291 ASSERT_RTNL(); 1292 1293 v = br_vlan_find(nbp_vlan_group(port), vid); 1294 if (!v) 1295 return -ENOENT; 1296 br_fdb_find_delete_local(port->br, port, port->dev->dev_addr, vid); 1297 br_fdb_delete_by_port(port->br, port, vid, 0); 1298 1299 return __vlan_del(v); 1300 } 1301 1302 void nbp_vlan_flush(struct net_bridge_port *port) 1303 { 1304 struct net_bridge_vlan_group *vg; 1305 1306 ASSERT_RTNL(); 1307 1308 vg = nbp_vlan_group(port); 1309 __vlan_flush(port->br, port, vg); 1310 RCU_INIT_POINTER(port->vlgrp, NULL); 1311 synchronize_rcu(); 1312 __vlan_group_free(vg); 1313 } 1314 1315 void br_vlan_get_stats(const struct net_bridge_vlan *v, 1316 struct pcpu_sw_netstats *stats) 1317 { 1318 int i; 1319 1320 memset(stats, 0, sizeof(*stats)); 1321 for_each_possible_cpu(i) { 1322 u64 rxpackets, rxbytes, txpackets, txbytes; 1323 struct pcpu_sw_netstats *cpu_stats; 1324 unsigned int start; 1325 1326 cpu_stats = per_cpu_ptr(v->stats, i); 1327 do { 1328 start = u64_stats_fetch_begin_irq(&cpu_stats->syncp); 1329 rxpackets = cpu_stats->rx_packets; 1330 rxbytes = cpu_stats->rx_bytes; 1331 txbytes = cpu_stats->tx_bytes; 1332 txpackets = cpu_stats->tx_packets; 1333 } while (u64_stats_fetch_retry_irq(&cpu_stats->syncp, start)); 1334 1335 stats->rx_packets += rxpackets; 1336 stats->rx_bytes += rxbytes; 1337 stats->tx_bytes += txbytes; 1338 stats->tx_packets += txpackets; 1339 } 1340 } 1341 1342 int br_vlan_get_pvid(const struct net_device *dev, u16 *p_pvid) 1343 { 1344 struct net_bridge_vlan_group *vg; 1345 struct net_bridge_port *p; 1346 1347 ASSERT_RTNL(); 1348 p = br_port_get_check_rtnl(dev); 1349 if (p) 1350 vg = nbp_vlan_group(p); 1351 else if (netif_is_bridge_master(dev)) 1352 vg = br_vlan_group(netdev_priv(dev)); 1353 else 1354 return -EINVAL; 1355 1356 *p_pvid = br_get_pvid(vg); 1357 return 0; 1358 } 1359 EXPORT_SYMBOL_GPL(br_vlan_get_pvid); 1360 1361 int br_vlan_get_pvid_rcu(const struct net_device *dev, u16 *p_pvid) 1362 { 1363 struct net_bridge_vlan_group *vg; 1364 struct net_bridge_port *p; 1365 1366 p = br_port_get_check_rcu(dev); 1367 if (p) 1368 vg = nbp_vlan_group_rcu(p); 1369 else if (netif_is_bridge_master(dev)) 1370 vg = br_vlan_group_rcu(netdev_priv(dev)); 1371 else 1372 return -EINVAL; 1373 1374 *p_pvid = br_get_pvid(vg); 1375 return 0; 1376 } 1377 EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu); 1378 1379 void br_vlan_fill_forward_path_pvid(struct net_bridge *br, 1380 struct net_device_path_ctx *ctx, 1381 struct net_device_path *path) 1382 { 1383 struct net_bridge_vlan_group *vg; 1384 int idx = ctx->num_vlans - 1; 1385 u16 vid; 1386 1387 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; 1388 1389 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 1390 return; 1391 1392 vg = br_vlan_group(br); 1393 1394 if (idx >= 0 && 1395 ctx->vlan[idx].proto == br->vlan_proto) { 1396 vid = ctx->vlan[idx].id; 1397 } else { 1398 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_TAG; 1399 vid = br_get_pvid(vg); 1400 } 1401 1402 path->bridge.vlan_id = vid; 1403 path->bridge.vlan_proto = br->vlan_proto; 1404 } 1405 1406 int br_vlan_fill_forward_path_mode(struct net_bridge *br, 1407 struct net_bridge_port *dst, 1408 struct net_device_path *path) 1409 { 1410 struct net_bridge_vlan_group *vg; 1411 struct net_bridge_vlan *v; 1412 1413 if (!br_opt_get(br, BROPT_VLAN_ENABLED)) 1414 return 0; 1415 1416 vg = nbp_vlan_group_rcu(dst); 1417 v = br_vlan_find(vg, path->bridge.vlan_id); 1418 if (!v || !br_vlan_should_use(v)) 1419 return -EINVAL; 1420 1421 if (!(v->flags & BRIDGE_VLAN_INFO_UNTAGGED)) 1422 return 0; 1423 1424 if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG) 1425 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP; 1426 else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV) 1427 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW; 1428 else 1429 path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG; 1430 1431 return 0; 1432 } 1433 1434 int br_vlan_get_info(const struct net_device *dev, u16 vid, 1435 struct bridge_vlan_info *p_vinfo) 1436 { 1437 struct net_bridge_vlan_group *vg; 1438 struct net_bridge_vlan *v; 1439 struct net_bridge_port *p; 1440 1441 ASSERT_RTNL(); 1442 p = br_port_get_check_rtnl(dev); 1443 if (p) 1444 vg = nbp_vlan_group(p); 1445 else if (netif_is_bridge_master(dev)) 1446 vg = br_vlan_group(netdev_priv(dev)); 1447 else 1448 return -EINVAL; 1449 1450 v = br_vlan_find(vg, vid); 1451 if (!v) 1452 return -ENOENT; 1453 1454 p_vinfo->vid = vid; 1455 p_vinfo->flags = v->flags; 1456 if (vid == br_get_pvid(vg)) 1457 p_vinfo->flags |= BRIDGE_VLAN_INFO_PVID; 1458 return 0; 1459 } 1460 EXPORT_SYMBOL_GPL(br_vlan_get_info); 1461 1462 int br_vlan_get_info_rcu(const struct net_device *dev, u16 vid, 1463 struct bridge_vlan_info *p_vinfo) 1464 { 1465 struct net_bridge_vlan_group *vg; 1466 struct net_bridge_vlan *v; 1467 struct net_bridge_port *p; 1468 1469 p = br_port_get_check_rcu(dev); 1470 if (p) 1471 vg = nbp_vlan_group_rcu(p); 1472 else if (netif_is_bridge_master(dev)) 1473 vg = br_vlan_group_rcu(netdev_priv(dev)); 1474 else 1475 return -EINVAL; 1476 1477 v = br_vlan_find(vg, vid); 1478 if (!v) 1479 return -ENOENT; 1480 1481 p_vinfo->vid = vid; 1482 p_vinfo->flags = v->flags; 1483 if (vid == br_get_pvid(vg)) 1484 p_vinfo->flags |= BRIDGE_VLAN_INFO_PVID; 1485 return 0; 1486 } 1487 EXPORT_SYMBOL_GPL(br_vlan_get_info_rcu); 1488 1489 static int br_vlan_is_bind_vlan_dev(const struct net_device *dev) 1490 { 1491 return is_vlan_dev(dev) && 1492 !!(vlan_dev_priv(dev)->flags & VLAN_FLAG_BRIDGE_BINDING); 1493 } 1494 1495 static int br_vlan_is_bind_vlan_dev_fn(struct net_device *dev, 1496 __always_unused struct netdev_nested_priv *priv) 1497 { 1498 return br_vlan_is_bind_vlan_dev(dev); 1499 } 1500 1501 static bool br_vlan_has_upper_bind_vlan_dev(struct net_device *dev) 1502 { 1503 int found; 1504 1505 rcu_read_lock(); 1506 found = netdev_walk_all_upper_dev_rcu(dev, br_vlan_is_bind_vlan_dev_fn, 1507 NULL); 1508 rcu_read_unlock(); 1509 1510 return !!found; 1511 } 1512 1513 struct br_vlan_bind_walk_data { 1514 u16 vid; 1515 struct net_device *result; 1516 }; 1517 1518 static int br_vlan_match_bind_vlan_dev_fn(struct net_device *dev, 1519 struct netdev_nested_priv *priv) 1520 { 1521 struct br_vlan_bind_walk_data *data = priv->data; 1522 int found = 0; 1523 1524 if (br_vlan_is_bind_vlan_dev(dev) && 1525 vlan_dev_priv(dev)->vlan_id == data->vid) { 1526 data->result = dev; 1527 found = 1; 1528 } 1529 1530 return found; 1531 } 1532 1533 static struct net_device * 1534 br_vlan_get_upper_bind_vlan_dev(struct net_device *dev, u16 vid) 1535 { 1536 struct br_vlan_bind_walk_data data = { 1537 .vid = vid, 1538 }; 1539 struct netdev_nested_priv priv = { 1540 .data = (void *)&data, 1541 }; 1542 1543 rcu_read_lock(); 1544 netdev_walk_all_upper_dev_rcu(dev, br_vlan_match_bind_vlan_dev_fn, 1545 &priv); 1546 rcu_read_unlock(); 1547 1548 return data.result; 1549 } 1550 1551 static bool br_vlan_is_dev_up(const struct net_device *dev) 1552 { 1553 return !!(dev->flags & IFF_UP) && netif_oper_up(dev); 1554 } 1555 1556 static void br_vlan_set_vlan_dev_state(const struct net_bridge *br, 1557 struct net_device *vlan_dev) 1558 { 1559 u16 vid = vlan_dev_priv(vlan_dev)->vlan_id; 1560 struct net_bridge_vlan_group *vg; 1561 struct net_bridge_port *p; 1562 bool has_carrier = false; 1563 1564 if (!netif_carrier_ok(br->dev)) { 1565 netif_carrier_off(vlan_dev); 1566 return; 1567 } 1568 1569 list_for_each_entry(p, &br->port_list, list) { 1570 vg = nbp_vlan_group(p); 1571 if (br_vlan_find(vg, vid) && br_vlan_is_dev_up(p->dev)) { 1572 has_carrier = true; 1573 break; 1574 } 1575 } 1576 1577 if (has_carrier) 1578 netif_carrier_on(vlan_dev); 1579 else 1580 netif_carrier_off(vlan_dev); 1581 } 1582 1583 static void br_vlan_set_all_vlan_dev_state(struct net_bridge_port *p) 1584 { 1585 struct net_bridge_vlan_group *vg = nbp_vlan_group(p); 1586 struct net_bridge_vlan *vlan; 1587 struct net_device *vlan_dev; 1588 1589 list_for_each_entry(vlan, &vg->vlan_list, vlist) { 1590 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev, 1591 vlan->vid); 1592 if (vlan_dev) { 1593 if (br_vlan_is_dev_up(p->dev)) { 1594 if (netif_carrier_ok(p->br->dev)) 1595 netif_carrier_on(vlan_dev); 1596 } else { 1597 br_vlan_set_vlan_dev_state(p->br, vlan_dev); 1598 } 1599 } 1600 } 1601 } 1602 1603 static void br_vlan_upper_change(struct net_device *dev, 1604 struct net_device *upper_dev, 1605 bool linking) 1606 { 1607 struct net_bridge *br = netdev_priv(dev); 1608 1609 if (!br_vlan_is_bind_vlan_dev(upper_dev)) 1610 return; 1611 1612 if (linking) { 1613 br_vlan_set_vlan_dev_state(br, upper_dev); 1614 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING, true); 1615 } else { 1616 br_opt_toggle(br, BROPT_VLAN_BRIDGE_BINDING, 1617 br_vlan_has_upper_bind_vlan_dev(dev)); 1618 } 1619 } 1620 1621 struct br_vlan_link_state_walk_data { 1622 struct net_bridge *br; 1623 }; 1624 1625 static int br_vlan_link_state_change_fn(struct net_device *vlan_dev, 1626 struct netdev_nested_priv *priv) 1627 { 1628 struct br_vlan_link_state_walk_data *data = priv->data; 1629 1630 if (br_vlan_is_bind_vlan_dev(vlan_dev)) 1631 br_vlan_set_vlan_dev_state(data->br, vlan_dev); 1632 1633 return 0; 1634 } 1635 1636 static void br_vlan_link_state_change(struct net_device *dev, 1637 struct net_bridge *br) 1638 { 1639 struct br_vlan_link_state_walk_data data = { 1640 .br = br 1641 }; 1642 struct netdev_nested_priv priv = { 1643 .data = (void *)&data, 1644 }; 1645 1646 rcu_read_lock(); 1647 netdev_walk_all_upper_dev_rcu(dev, br_vlan_link_state_change_fn, 1648 &priv); 1649 rcu_read_unlock(); 1650 } 1651 1652 /* Must be protected by RTNL. */ 1653 static void nbp_vlan_set_vlan_dev_state(struct net_bridge_port *p, u16 vid) 1654 { 1655 struct net_device *vlan_dev; 1656 1657 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING)) 1658 return; 1659 1660 vlan_dev = br_vlan_get_upper_bind_vlan_dev(p->br->dev, vid); 1661 if (vlan_dev) 1662 br_vlan_set_vlan_dev_state(p->br, vlan_dev); 1663 } 1664 1665 /* Must be protected by RTNL. */ 1666 int br_vlan_bridge_event(struct net_device *dev, unsigned long event, void *ptr) 1667 { 1668 struct netdev_notifier_changeupper_info *info; 1669 struct net_bridge *br = netdev_priv(dev); 1670 int vlcmd = 0, ret = 0; 1671 bool changed = false; 1672 1673 switch (event) { 1674 case NETDEV_REGISTER: 1675 ret = br_vlan_add(br, br->default_pvid, 1676 BRIDGE_VLAN_INFO_PVID | 1677 BRIDGE_VLAN_INFO_UNTAGGED | 1678 BRIDGE_VLAN_INFO_BRENTRY, &changed, NULL); 1679 vlcmd = RTM_NEWVLAN; 1680 break; 1681 case NETDEV_UNREGISTER: 1682 changed = !br_vlan_delete(br, br->default_pvid); 1683 vlcmd = RTM_DELVLAN; 1684 break; 1685 case NETDEV_CHANGEUPPER: 1686 info = ptr; 1687 br_vlan_upper_change(dev, info->upper_dev, info->linking); 1688 break; 1689 1690 case NETDEV_CHANGE: 1691 case NETDEV_UP: 1692 if (!br_opt_get(br, BROPT_VLAN_BRIDGE_BINDING)) 1693 break; 1694 br_vlan_link_state_change(dev, br); 1695 break; 1696 } 1697 if (changed) 1698 br_vlan_notify(br, NULL, br->default_pvid, 0, vlcmd); 1699 1700 return ret; 1701 } 1702 1703 /* Must be protected by RTNL. */ 1704 void br_vlan_port_event(struct net_bridge_port *p, unsigned long event) 1705 { 1706 if (!br_opt_get(p->br, BROPT_VLAN_BRIDGE_BINDING)) 1707 return; 1708 1709 switch (event) { 1710 case NETDEV_CHANGE: 1711 case NETDEV_DOWN: 1712 case NETDEV_UP: 1713 br_vlan_set_all_vlan_dev_state(p); 1714 break; 1715 } 1716 } 1717 1718 static bool br_vlan_stats_fill(struct sk_buff *skb, 1719 const struct net_bridge_vlan *v) 1720 { 1721 struct pcpu_sw_netstats stats; 1722 struct nlattr *nest; 1723 1724 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY_STATS); 1725 if (!nest) 1726 return false; 1727 1728 br_vlan_get_stats(v, &stats); 1729 if (nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_BYTES, stats.rx_bytes, 1730 BRIDGE_VLANDB_STATS_PAD) || 1731 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_RX_PACKETS, 1732 stats.rx_packets, BRIDGE_VLANDB_STATS_PAD) || 1733 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_BYTES, stats.tx_bytes, 1734 BRIDGE_VLANDB_STATS_PAD) || 1735 nla_put_u64_64bit(skb, BRIDGE_VLANDB_STATS_TX_PACKETS, 1736 stats.tx_packets, BRIDGE_VLANDB_STATS_PAD)) 1737 goto out_err; 1738 1739 nla_nest_end(skb, nest); 1740 1741 return true; 1742 1743 out_err: 1744 nla_nest_cancel(skb, nest); 1745 return false; 1746 } 1747 1748 /* v_opts is used to dump the options which must be equal in the whole range */ 1749 static bool br_vlan_fill_vids(struct sk_buff *skb, u16 vid, u16 vid_range, 1750 const struct net_bridge_vlan *v_opts, 1751 u16 flags, 1752 bool dump_stats) 1753 { 1754 struct bridge_vlan_info info; 1755 struct nlattr *nest; 1756 1757 nest = nla_nest_start(skb, BRIDGE_VLANDB_ENTRY); 1758 if (!nest) 1759 return false; 1760 1761 memset(&info, 0, sizeof(info)); 1762 info.vid = vid; 1763 if (flags & BRIDGE_VLAN_INFO_UNTAGGED) 1764 info.flags |= BRIDGE_VLAN_INFO_UNTAGGED; 1765 if (flags & BRIDGE_VLAN_INFO_PVID) 1766 info.flags |= BRIDGE_VLAN_INFO_PVID; 1767 1768 if (nla_put(skb, BRIDGE_VLANDB_ENTRY_INFO, sizeof(info), &info)) 1769 goto out_err; 1770 1771 if (vid_range && vid < vid_range && 1772 !(flags & BRIDGE_VLAN_INFO_PVID) && 1773 nla_put_u16(skb, BRIDGE_VLANDB_ENTRY_RANGE, vid_range)) 1774 goto out_err; 1775 1776 if (v_opts) { 1777 if (!br_vlan_opts_fill(skb, v_opts)) 1778 goto out_err; 1779 1780 if (dump_stats && !br_vlan_stats_fill(skb, v_opts)) 1781 goto out_err; 1782 } 1783 1784 nla_nest_end(skb, nest); 1785 1786 return true; 1787 1788 out_err: 1789 nla_nest_cancel(skb, nest); 1790 return false; 1791 } 1792 1793 static size_t rtnl_vlan_nlmsg_size(void) 1794 { 1795 return NLMSG_ALIGN(sizeof(struct br_vlan_msg)) 1796 + nla_total_size(0) /* BRIDGE_VLANDB_ENTRY */ 1797 + nla_total_size(sizeof(u16)) /* BRIDGE_VLANDB_ENTRY_RANGE */ 1798 + nla_total_size(sizeof(struct bridge_vlan_info)) /* BRIDGE_VLANDB_ENTRY_INFO */ 1799 + br_vlan_opts_nl_size(); /* bridge vlan options */ 1800 } 1801 1802 void br_vlan_notify(const struct net_bridge *br, 1803 const struct net_bridge_port *p, 1804 u16 vid, u16 vid_range, 1805 int cmd) 1806 { 1807 struct net_bridge_vlan_group *vg; 1808 struct net_bridge_vlan *v = NULL; 1809 struct br_vlan_msg *bvm; 1810 struct nlmsghdr *nlh; 1811 struct sk_buff *skb; 1812 int err = -ENOBUFS; 1813 struct net *net; 1814 u16 flags = 0; 1815 int ifindex; 1816 1817 /* right now notifications are done only with rtnl held */ 1818 ASSERT_RTNL(); 1819 1820 if (p) { 1821 ifindex = p->dev->ifindex; 1822 vg = nbp_vlan_group(p); 1823 net = dev_net(p->dev); 1824 } else { 1825 ifindex = br->dev->ifindex; 1826 vg = br_vlan_group(br); 1827 net = dev_net(br->dev); 1828 } 1829 1830 skb = nlmsg_new(rtnl_vlan_nlmsg_size(), GFP_KERNEL); 1831 if (!skb) 1832 goto out_err; 1833 1834 err = -EMSGSIZE; 1835 nlh = nlmsg_put(skb, 0, 0, cmd, sizeof(*bvm), 0); 1836 if (!nlh) 1837 goto out_err; 1838 bvm = nlmsg_data(nlh); 1839 memset(bvm, 0, sizeof(*bvm)); 1840 bvm->family = AF_BRIDGE; 1841 bvm->ifindex = ifindex; 1842 1843 switch (cmd) { 1844 case RTM_NEWVLAN: 1845 /* need to find the vlan due to flags/options */ 1846 v = br_vlan_find(vg, vid); 1847 if (!v || !br_vlan_should_use(v)) 1848 goto out_kfree; 1849 1850 flags = v->flags; 1851 if (br_get_pvid(vg) == v->vid) 1852 flags |= BRIDGE_VLAN_INFO_PVID; 1853 break; 1854 case RTM_DELVLAN: 1855 break; 1856 default: 1857 goto out_kfree; 1858 } 1859 1860 if (!br_vlan_fill_vids(skb, vid, vid_range, v, flags, false)) 1861 goto out_err; 1862 1863 nlmsg_end(skb, nlh); 1864 rtnl_notify(skb, net, 0, RTNLGRP_BRVLAN, NULL, GFP_KERNEL); 1865 return; 1866 1867 out_err: 1868 rtnl_set_sk_err(net, RTNLGRP_BRVLAN, err); 1869 out_kfree: 1870 kfree_skb(skb); 1871 } 1872 1873 /* check if v_curr can enter a range ending in range_end */ 1874 bool br_vlan_can_enter_range(const struct net_bridge_vlan *v_curr, 1875 const struct net_bridge_vlan *range_end) 1876 { 1877 return v_curr->vid - range_end->vid == 1 && 1878 range_end->flags == v_curr->flags && 1879 br_vlan_opts_eq_range(v_curr, range_end); 1880 } 1881 1882 static int br_vlan_dump_dev(const struct net_device *dev, 1883 struct sk_buff *skb, 1884 struct netlink_callback *cb, 1885 u32 dump_flags) 1886 { 1887 struct net_bridge_vlan *v, *range_start = NULL, *range_end = NULL; 1888 bool dump_global = !!(dump_flags & BRIDGE_VLANDB_DUMPF_GLOBAL); 1889 bool dump_stats = !!(dump_flags & BRIDGE_VLANDB_DUMPF_STATS); 1890 struct net_bridge_vlan_group *vg; 1891 int idx = 0, s_idx = cb->args[1]; 1892 struct nlmsghdr *nlh = NULL; 1893 struct net_bridge_port *p; 1894 struct br_vlan_msg *bvm; 1895 struct net_bridge *br; 1896 int err = 0; 1897 u16 pvid; 1898 1899 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) 1900 return -EINVAL; 1901 1902 if (netif_is_bridge_master(dev)) { 1903 br = netdev_priv(dev); 1904 vg = br_vlan_group_rcu(br); 1905 p = NULL; 1906 } else { 1907 /* global options are dumped only for bridge devices */ 1908 if (dump_global) 1909 return 0; 1910 1911 p = br_port_get_rcu(dev); 1912 if (WARN_ON(!p)) 1913 return -EINVAL; 1914 vg = nbp_vlan_group_rcu(p); 1915 br = p->br; 1916 } 1917 1918 if (!vg) 1919 return 0; 1920 1921 nlh = nlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq, 1922 RTM_NEWVLAN, sizeof(*bvm), NLM_F_MULTI); 1923 if (!nlh) 1924 return -EMSGSIZE; 1925 bvm = nlmsg_data(nlh); 1926 memset(bvm, 0, sizeof(*bvm)); 1927 bvm->family = PF_BRIDGE; 1928 bvm->ifindex = dev->ifindex; 1929 pvid = br_get_pvid(vg); 1930 1931 /* idx must stay at range's beginning until it is filled in */ 1932 list_for_each_entry_rcu(v, &vg->vlan_list, vlist) { 1933 if (!dump_global && !br_vlan_should_use(v)) 1934 continue; 1935 if (idx < s_idx) { 1936 idx++; 1937 continue; 1938 } 1939 1940 if (!range_start) { 1941 range_start = v; 1942 range_end = v; 1943 continue; 1944 } 1945 1946 if (dump_global) { 1947 if (br_vlan_global_opts_can_enter_range(v, range_end)) 1948 goto update_end; 1949 if (!br_vlan_global_opts_fill(skb, range_start->vid, 1950 range_end->vid, 1951 range_start)) { 1952 err = -EMSGSIZE; 1953 break; 1954 } 1955 /* advance number of filled vlans */ 1956 idx += range_end->vid - range_start->vid + 1; 1957 1958 range_start = v; 1959 } else if (dump_stats || v->vid == pvid || 1960 !br_vlan_can_enter_range(v, range_end)) { 1961 u16 vlan_flags = br_vlan_flags(range_start, pvid); 1962 1963 if (!br_vlan_fill_vids(skb, range_start->vid, 1964 range_end->vid, range_start, 1965 vlan_flags, dump_stats)) { 1966 err = -EMSGSIZE; 1967 break; 1968 } 1969 /* advance number of filled vlans */ 1970 idx += range_end->vid - range_start->vid + 1; 1971 1972 range_start = v; 1973 } 1974 update_end: 1975 range_end = v; 1976 } 1977 1978 /* err will be 0 and range_start will be set in 3 cases here: 1979 * - first vlan (range_start == range_end) 1980 * - last vlan (range_start == range_end, not in range) 1981 * - last vlan range (range_start != range_end, in range) 1982 */ 1983 if (!err && range_start) { 1984 if (dump_global && 1985 !br_vlan_global_opts_fill(skb, range_start->vid, 1986 range_end->vid, range_start)) 1987 err = -EMSGSIZE; 1988 else if (!dump_global && 1989 !br_vlan_fill_vids(skb, range_start->vid, 1990 range_end->vid, range_start, 1991 br_vlan_flags(range_start, pvid), 1992 dump_stats)) 1993 err = -EMSGSIZE; 1994 } 1995 1996 cb->args[1] = err ? idx : 0; 1997 1998 nlmsg_end(skb, nlh); 1999 2000 return err; 2001 } 2002 2003 static const struct nla_policy br_vlan_db_dump_pol[BRIDGE_VLANDB_DUMP_MAX + 1] = { 2004 [BRIDGE_VLANDB_DUMP_FLAGS] = { .type = NLA_U32 }, 2005 }; 2006 2007 static int br_vlan_rtm_dump(struct sk_buff *skb, struct netlink_callback *cb) 2008 { 2009 struct nlattr *dtb[BRIDGE_VLANDB_DUMP_MAX + 1]; 2010 int idx = 0, err = 0, s_idx = cb->args[0]; 2011 struct net *net = sock_net(skb->sk); 2012 struct br_vlan_msg *bvm; 2013 struct net_device *dev; 2014 u32 dump_flags = 0; 2015 2016 err = nlmsg_parse(cb->nlh, sizeof(*bvm), dtb, BRIDGE_VLANDB_DUMP_MAX, 2017 br_vlan_db_dump_pol, cb->extack); 2018 if (err < 0) 2019 return err; 2020 2021 bvm = nlmsg_data(cb->nlh); 2022 if (dtb[BRIDGE_VLANDB_DUMP_FLAGS]) 2023 dump_flags = nla_get_u32(dtb[BRIDGE_VLANDB_DUMP_FLAGS]); 2024 2025 rcu_read_lock(); 2026 if (bvm->ifindex) { 2027 dev = dev_get_by_index_rcu(net, bvm->ifindex); 2028 if (!dev) { 2029 err = -ENODEV; 2030 goto out_err; 2031 } 2032 err = br_vlan_dump_dev(dev, skb, cb, dump_flags); 2033 /* if the dump completed without an error we return 0 here */ 2034 if (err != -EMSGSIZE) 2035 goto out_err; 2036 } else { 2037 for_each_netdev_rcu(net, dev) { 2038 if (idx < s_idx) 2039 goto skip; 2040 2041 err = br_vlan_dump_dev(dev, skb, cb, dump_flags); 2042 if (err == -EMSGSIZE) 2043 break; 2044 skip: 2045 idx++; 2046 } 2047 } 2048 cb->args[0] = idx; 2049 rcu_read_unlock(); 2050 2051 return skb->len; 2052 2053 out_err: 2054 rcu_read_unlock(); 2055 2056 return err; 2057 } 2058 2059 static const struct nla_policy br_vlan_db_policy[BRIDGE_VLANDB_ENTRY_MAX + 1] = { 2060 [BRIDGE_VLANDB_ENTRY_INFO] = 2061 NLA_POLICY_EXACT_LEN(sizeof(struct bridge_vlan_info)), 2062 [BRIDGE_VLANDB_ENTRY_RANGE] = { .type = NLA_U16 }, 2063 [BRIDGE_VLANDB_ENTRY_STATE] = { .type = NLA_U8 }, 2064 [BRIDGE_VLANDB_ENTRY_TUNNEL_INFO] = { .type = NLA_NESTED }, 2065 [BRIDGE_VLANDB_ENTRY_MCAST_ROUTER] = { .type = NLA_U8 }, 2066 }; 2067 2068 static int br_vlan_rtm_process_one(struct net_device *dev, 2069 const struct nlattr *attr, 2070 int cmd, struct netlink_ext_ack *extack) 2071 { 2072 struct bridge_vlan_info *vinfo, vrange_end, *vinfo_last = NULL; 2073 struct nlattr *tb[BRIDGE_VLANDB_ENTRY_MAX + 1]; 2074 bool changed = false, skip_processing = false; 2075 struct net_bridge_vlan_group *vg; 2076 struct net_bridge_port *p = NULL; 2077 int err = 0, cmdmap = 0; 2078 struct net_bridge *br; 2079 2080 if (netif_is_bridge_master(dev)) { 2081 br = netdev_priv(dev); 2082 vg = br_vlan_group(br); 2083 } else { 2084 p = br_port_get_rtnl(dev); 2085 if (WARN_ON(!p)) 2086 return -ENODEV; 2087 br = p->br; 2088 vg = nbp_vlan_group(p); 2089 } 2090 2091 if (WARN_ON(!vg)) 2092 return -ENODEV; 2093 2094 err = nla_parse_nested(tb, BRIDGE_VLANDB_ENTRY_MAX, attr, 2095 br_vlan_db_policy, extack); 2096 if (err) 2097 return err; 2098 2099 if (!tb[BRIDGE_VLANDB_ENTRY_INFO]) { 2100 NL_SET_ERR_MSG_MOD(extack, "Missing vlan entry info"); 2101 return -EINVAL; 2102 } 2103 memset(&vrange_end, 0, sizeof(vrange_end)); 2104 2105 vinfo = nla_data(tb[BRIDGE_VLANDB_ENTRY_INFO]); 2106 if (vinfo->flags & (BRIDGE_VLAN_INFO_RANGE_BEGIN | 2107 BRIDGE_VLAN_INFO_RANGE_END)) { 2108 NL_SET_ERR_MSG_MOD(extack, "Old-style vlan ranges are not allowed when using RTM vlan calls"); 2109 return -EINVAL; 2110 } 2111 if (!br_vlan_valid_id(vinfo->vid, extack)) 2112 return -EINVAL; 2113 2114 if (tb[BRIDGE_VLANDB_ENTRY_RANGE]) { 2115 vrange_end.vid = nla_get_u16(tb[BRIDGE_VLANDB_ENTRY_RANGE]); 2116 /* validate user-provided flags without RANGE_BEGIN */ 2117 vrange_end.flags = BRIDGE_VLAN_INFO_RANGE_END | vinfo->flags; 2118 vinfo->flags |= BRIDGE_VLAN_INFO_RANGE_BEGIN; 2119 2120 /* vinfo_last is the range start, vinfo the range end */ 2121 vinfo_last = vinfo; 2122 vinfo = &vrange_end; 2123 2124 if (!br_vlan_valid_id(vinfo->vid, extack) || 2125 !br_vlan_valid_range(vinfo, vinfo_last, extack)) 2126 return -EINVAL; 2127 } 2128 2129 switch (cmd) { 2130 case RTM_NEWVLAN: 2131 cmdmap = RTM_SETLINK; 2132 skip_processing = !!(vinfo->flags & BRIDGE_VLAN_INFO_ONLY_OPTS); 2133 break; 2134 case RTM_DELVLAN: 2135 cmdmap = RTM_DELLINK; 2136 break; 2137 } 2138 2139 if (!skip_processing) { 2140 struct bridge_vlan_info *tmp_last = vinfo_last; 2141 2142 /* br_process_vlan_info may overwrite vinfo_last */ 2143 err = br_process_vlan_info(br, p, cmdmap, vinfo, &tmp_last, 2144 &changed, extack); 2145 2146 /* notify first if anything changed */ 2147 if (changed) 2148 br_ifinfo_notify(cmdmap, br, p); 2149 2150 if (err) 2151 return err; 2152 } 2153 2154 /* deal with options */ 2155 if (cmd == RTM_NEWVLAN) { 2156 struct net_bridge_vlan *range_start, *range_end; 2157 2158 if (vinfo_last) { 2159 range_start = br_vlan_find(vg, vinfo_last->vid); 2160 range_end = br_vlan_find(vg, vinfo->vid); 2161 } else { 2162 range_start = br_vlan_find(vg, vinfo->vid); 2163 range_end = range_start; 2164 } 2165 2166 err = br_vlan_process_options(br, p, range_start, range_end, 2167 tb, extack); 2168 } 2169 2170 return err; 2171 } 2172 2173 static int br_vlan_rtm_process(struct sk_buff *skb, struct nlmsghdr *nlh, 2174 struct netlink_ext_ack *extack) 2175 { 2176 struct net *net = sock_net(skb->sk); 2177 struct br_vlan_msg *bvm; 2178 struct net_device *dev; 2179 struct nlattr *attr; 2180 int err, vlans = 0; 2181 int rem; 2182 2183 /* this should validate the header and check for remaining bytes */ 2184 err = nlmsg_parse(nlh, sizeof(*bvm), NULL, BRIDGE_VLANDB_MAX, NULL, 2185 extack); 2186 if (err < 0) 2187 return err; 2188 2189 bvm = nlmsg_data(nlh); 2190 dev = __dev_get_by_index(net, bvm->ifindex); 2191 if (!dev) 2192 return -ENODEV; 2193 2194 if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) { 2195 NL_SET_ERR_MSG_MOD(extack, "The device is not a valid bridge or bridge port"); 2196 return -EINVAL; 2197 } 2198 2199 nlmsg_for_each_attr(attr, nlh, sizeof(*bvm), rem) { 2200 switch (nla_type(attr)) { 2201 case BRIDGE_VLANDB_ENTRY: 2202 err = br_vlan_rtm_process_one(dev, attr, 2203 nlh->nlmsg_type, 2204 extack); 2205 break; 2206 case BRIDGE_VLANDB_GLOBAL_OPTIONS: 2207 err = br_vlan_rtm_process_global_options(dev, attr, 2208 nlh->nlmsg_type, 2209 extack); 2210 break; 2211 default: 2212 continue; 2213 } 2214 2215 vlans++; 2216 if (err) 2217 break; 2218 } 2219 if (!vlans) { 2220 NL_SET_ERR_MSG_MOD(extack, "No vlans found to process"); 2221 err = -EINVAL; 2222 } 2223 2224 return err; 2225 } 2226 2227 void br_vlan_rtnl_init(void) 2228 { 2229 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_GETVLAN, NULL, 2230 br_vlan_rtm_dump, 0); 2231 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_NEWVLAN, 2232 br_vlan_rtm_process, NULL, 0); 2233 rtnl_register_module(THIS_MODULE, PF_BRIDGE, RTM_DELVLAN, 2234 br_vlan_rtm_process, NULL, 0); 2235 } 2236 2237 void br_vlan_rtnl_uninit(void) 2238 { 2239 rtnl_unregister(PF_BRIDGE, RTM_GETVLAN); 2240 rtnl_unregister(PF_BRIDGE, RTM_NEWVLAN); 2241 rtnl_unregister(PF_BRIDGE, RTM_DELVLAN); 2242 } 2243