Merge branch 'bridge_vlan_filtering'

Vladislav Yasevich says: ==================== bridge: Two small fixes to vlan filtering code. This series corrects 2 small issues that I've ran across recently while doing more work with vlan filtering changes. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
author: David S. Miller <davem@davemloft.net> 2014-09-13 17:22:02 -0400
committer: David S. Miller <davem@davemloft.net> 2014-09-13 17:22:02 -0400
commit: 9e07a422383c6775bd995613f66f1816266a8063 (patch)
tree: b143668258d60aa96d7c232d77dbfd979c8a758c /net
parent: 9a72c2da690d78e93cff24b9f616412508678dd5 (diff)
parent: 635126b7ca13a01d6322fbf7bdc5d1c738d26807 (diff)
2 files changed, 17 insertions, 4 deletions
diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
index 62a7fa2e3569..b6c04cbcfdc5 100644
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
@@ -309,6 +309,9 @@ struct br_input_skb_cb {
        int igmp;
        int mrouters_only;
 #endif
+#ifdef CONFIG_BRIDGE_VLAN_FILTERING
+        bool vlan_filtered;
+#endif
 };
 #define BR_INPUT_SKB_CB(__skb)  ((struct br_input_skb_cb *)(__skb)->cb)
diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c
index e1bcd653899b..4b86738eca9a 100644
--- a/net/bridge/br_vlan.c
+++ b/net/bridge/br_vlan.c
@@ -27,9 +27,13 @@ static void __vlan_add_flags(struct net_port_vlans *v, u16 vid, u16 flags)
 {
        if (flags & BRIDGE_VLAN_INFO_PVID)
                __vlan_add_pvid(v, vid);
+        else
+                __vlan_delete_pvid(v, vid);
        if (flags & BRIDGE_VLAN_INFO_UNTAGGED)
                set_bit(vid, v->untagged_bitmap);
+        else
+                clear_bit(vid, v->untagged_bitmap);
 }
 static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags)
@@ -125,7 +129,8 @@ struct sk_buff *br_handle_vlan(struct net_bridge *br,
 {
        u16 vid;
-        if (!br->vlan_enabled)
+        /* If this packet was not filtered at input, let it pass */
+        if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
                goto out;
        /* Vlan filter table must be configured at this point.  The
@@ -164,8 +169,10 @@ bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
        /* If VLAN filtering is disabled on the bridge, all packets are
         * permitted.
         */
-        if (!br->vlan_enabled)
+        if (!br->vlan_enabled) {
+                BR_INPUT_SKB_CB(skb)->vlan_filtered = false;
                return true;
+        }
        /* If there are no vlan in the permitted list, all packets are
         * rejected.
@@ -173,6 +180,7 @@ bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
        if (!v)
                goto drop;
+        BR_INPUT_SKB_CB(skb)->vlan_filtered = true;
        proto = br->vlan_proto;
        /* If vlan tx offload is disabled on bridge device and frame was
@@ -251,7 +259,8 @@ bool br_allowed_egress(struct net_bridge *br,
 {
        u16 vid;
-        if (!br->vlan_enabled)
+        /* If this packet was not filtered at input, let it pass */
+        if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
                return true;
        if (!v)
@@ -270,7 +279,8 @@ bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
        struct net_bridge *br = p->br;
        struct net_port_vlans *v;
-        if (!br->vlan_enabled)
+        /* If filtering was disabled at input, let it pass. */
+        if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
                return true;
        v = rcu_dereference(p->vlan_info);
author	David S. Miller <davem@davemloft.net>	2014-09-13 17:22:02 -0400
committer	David S. Miller <davem@davemloft.net>	2014-09-13 17:22:02 -0400
commit	9e07a422383c6775bd995613f66f1816266a8063 (patch)
tree	b143668258d60aa96d7c232d77dbfd979c8a758c /net
parent	9a72c2da690d78e93cff24b9f616412508678dd5 (diff)
parent	635126b7ca13a01d6322fbf7bdc5d1c738d26807 (diff)