1 files changed, 170 insertions, 8 deletions
diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
index 711094aed41a..6d314c4e6bcb 100644
--- a/net/bridge/br_private.h
+++ b/net/bridge/br_private.h
@@ -18,6 +18,7 @@
 #include <linux/netpoll.h>
 #include <linux/u64_stats_sync.h>
 #include <net/route.h>
+#include <linux/if_vlan.h>
 #define BR_HASH_BITS 8
 #define BR_HASH_SIZE (1 << BR_HASH_BITS)
@@ -26,6 +27,7 @@
 #define BR_PORT_BITS    10
 #define BR_MAX_PORTS    (1<<BR_PORT_BITS)
+#define BR_VLAN_BITMAP_LEN      BITS_TO_LONGS(VLAN_N_VID)
 #define BR_VERSION      "2.3"
@@ -61,6 +63,20 @@ struct br_ip
 #endif
        } u;
        __be16          proto;
+        __u16           vid;
+};
+struct net_port_vlans {
+        u16                             port_idx;
+        u16                             pvid;
+        union {
+                struct net_bridge_port          *port;
+                struct net_bridge               *br;
+        }                               parent;
+        struct rcu_head                 rcu;
+        unsigned long                   vlan_bitmap[BR_VLAN_BITMAP_LEN];
+        unsigned long                   untagged_bitmap[BR_VLAN_BITMAP_LEN];
+        u16                             num_vlans;
 };
 struct net_bridge_fdb_entry
@@ -74,6 +90,7 @@ struct net_bridge_fdb_entry
        mac_addr                        addr;
        unsigned char                   is_local;
        unsigned char                   is_static;
+        __u16                           vlan_id;
 };
 struct net_bridge_port_group {
@@ -156,6 +173,9 @@ struct net_bridge_port
 #ifdef CONFIG_NET_POLL_CONTROLLER
        struct netpoll                  *np;
 #endif
+#ifdef CONFIG_BRIDGE_VLAN_FILTERING
+        struct net_port_vlans __rcu     *vlan_info;
+#endif
 };
 #define br_port_exists(dev) (dev->priv_flags & IFF_BRIDGE_PORT)
@@ -197,9 +217,6 @@ struct net_bridge
        bool                            nf_call_ip6tables;
        bool                            nf_call_arptables;
 #endif
-        unsigned long                   flags;
-#define BR_SET_MAC_ADDR         0x00000001
        u16                             group_fwd_mask;
        /* STP */
@@ -260,6 +277,10 @@ struct net_bridge
        struct timer_list               topology_change_timer;
        struct timer_list               gc_timer;
        struct kobject                  *ifobj;
+#ifdef CONFIG_BRIDGE_VLAN_FILTERING
+        u8                              vlan_enabled;
+        struct net_port_vlans __rcu     *vlan_info;
+#endif
 };
 struct br_input_skb_cb {
@@ -355,18 +376,22 @@ extern void br_fdb_cleanup(unsigned long arg);
 extern void br_fdb_delete_by_port(struct net_bridge *br,
                                  const struct net_bridge_port *p, int do_all);
 extern struct net_bridge_fdb_entry *__br_fdb_get(struct net_bridge *br,
-                                                 const unsigned char *addr);
+                                                 const unsigned char *addr,
+                                                 __u16 vid);
 extern int br_fdb_test_addr(struct net_device *dev, unsigned char *addr);
 extern int br_fdb_fillbuf(struct net_bridge *br, void *buf,
                          unsigned long count, unsigned long off);
 extern int br_fdb_insert(struct net_bridge *br,
                         struct net_bridge_port *source,
-                         const unsigned char *addr);
+                         const unsigned char *addr,
+                         u16 vid);
 extern void br_fdb_update(struct net_bridge *br,
                          struct net_bridge_port *source,
-                          const unsigned char *addr);
+                          const unsigned char *addr,
+                          u16 vid);
+extern int fdb_delete_by_addr(struct net_bridge *br, const u8 *addr, u16 vid);
-extern int br_fdb_delete(struct ndmsg *ndm,
+extern int br_fdb_delete(struct ndmsg *ndm, struct nlattr *tb[],
                         struct net_device *dev,
                         const unsigned char *addr);
 extern int br_fdb_add(struct ndmsg *nlh, struct nlattr *tb[],
@@ -534,6 +559,142 @@ static inline void br_mdb_uninit(void)
 }
 #endif
+/* br_vlan.c */
+#ifdef CONFIG_BRIDGE_VLAN_FILTERING
+extern bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
+                               struct sk_buff *skb, u16 *vid);
+extern bool br_allowed_egress(struct net_bridge *br,
+                              const struct net_port_vlans *v,
+                              const struct sk_buff *skb);
+extern struct sk_buff *br_handle_vlan(struct net_bridge *br,
+                                      const struct net_port_vlans *v,
+                                      struct sk_buff *skb);
+extern int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags);
+extern int br_vlan_delete(struct net_bridge *br, u16 vid);
+extern void br_vlan_flush(struct net_bridge *br);
+extern int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val);
+extern int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags);
+extern int nbp_vlan_delete(struct net_bridge_port *port, u16 vid);
+extern void nbp_vlan_flush(struct net_bridge_port *port);
+extern bool nbp_vlan_find(struct net_bridge_port *port, u16 vid);
+static inline struct net_port_vlans *br_get_vlan_info(
+                                                const struct net_bridge *br)
+{
+        return rcu_dereference_rtnl(br->vlan_info);
+}
+static inline struct net_port_vlans *nbp_get_vlan_info(
+                                                const struct net_bridge_port *p)
+{
+        return rcu_dereference_rtnl(p->vlan_info);
+}
+/* Since bridge now depends on 8021Q module, but the time bridge sees the
+ * skb, the vlan tag will always be present if the frame was tagged.
+ */
+static inline int br_vlan_get_tag(const struct sk_buff *skb, u16 *vid)
+{
+        int err = 0;
+        if (vlan_tx_tag_present(skb))
+                *vid = vlan_tx_tag_get(skb) & VLAN_VID_MASK;
+        else {
+                *vid = 0;
+                err = -EINVAL;
+        }
+        return err;
+}
+static inline u16 br_get_pvid(const struct net_port_vlans *v)
+{
+        /* Return just the VID if it is set, or VLAN_N_VID (invalid vid) if
+         * vid wasn't set
+         */
+        smp_rmb();
+        return (v->pvid & VLAN_TAG_PRESENT) ?
+                        (v->pvid & ~VLAN_TAG_PRESENT) :
+                        VLAN_N_VID;
+}
+#else
+static inline bool br_allowed_ingress(struct net_bridge *br,
+                                      struct net_port_vlans *v,
+                                      struct sk_buff *skb,
+                                      u16 *vid)
+{
+        return true;
+}
+static inline bool br_allowed_egress(struct net_bridge *br,
+                                     const struct net_port_vlans *v,
+                                     const struct sk_buff *skb)
+{
+        return true;
+}
+static inline struct sk_buff *br_handle_vlan(struct net_bridge *br,
+                                             const struct net_port_vlans *v,
+                                             struct sk_buff *skb)
+{
+        return skb;
+}
+static inline int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
+{
+        return -EOPNOTSUPP;
+}
+static inline int br_vlan_delete(struct net_bridge *br, u16 vid)
+{
+        return -EOPNOTSUPP;
+}
+static inline void br_vlan_flush(struct net_bridge *br)
+{
+}
+static inline int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
+{
+        return -EOPNOTSUPP;
+}
+static inline int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
+{
+        return -EOPNOTSUPP;
+}
+static inline void nbp_vlan_flush(struct net_bridge_port *port)
+{
+}
+static inline struct net_port_vlans *br_get_vlan_info(
+                                                const struct net_bridge *br)
+{
+        return NULL;
+}
+static inline struct net_port_vlans *nbp_get_vlan_info(
+                                                const struct net_bridge_port *p)
+{
+        return NULL;
+}
+static inline bool nbp_vlan_find(struct net_bridge_port *port, u16 vid)
+{
+        return false;
+}
+static inline u16 br_vlan_get_tag(const struct sk_buff *skb, u16 *tag)
+{
+        return 0;
+}
+static inline u16 br_get_pvid(const struct net_port_vlans *v)
+{
+        return VLAN_N_VID;      /* Returns invalid vid */
+}
+#endif
 /* br_netfilter.c */
 #ifdef CONFIG_BRIDGE_NETFILTER
 extern int br_netfilter_init(void);
@@ -594,8 +755,9 @@ extern int br_netlink_init(void);
 extern void br_netlink_fini(void);
 extern void br_ifinfo_notify(int event, struct net_bridge_port *port);
 extern int br_setlink(struct net_device *dev, struct nlmsghdr *nlmsg);
+extern int br_dellink(struct net_device *dev, struct nlmsghdr *nlmsg);
 extern int br_getlink(struct sk_buff *skb, u32 pid, u32 seq,
-                      struct net_device *dev);
+                      struct net_device *dev, u32 filter_mask);
 #ifdef CONFIG_SYSFS
 /* br_sysfs_if.c */

diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 711094aed41a..6d314c4e6bcb 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h
@@ -18,6 +18,7 @@
18	#include <linux/netpoll.h>	18	#include <linux/netpoll.h>
19	#include <linux/u64_stats_sync.h>	19	#include <linux/u64_stats_sync.h>
20	#include <net/route.h>	20	#include <net/route.h>
		21	#include <linux/if_vlan.h>
21		22
22	#define BR_HASH_BITS 8	23	#define BR_HASH_BITS 8
23	#define BR_HASH_SIZE (1 << BR_HASH_BITS)	24	#define BR_HASH_SIZE (1 << BR_HASH_BITS)
@@ -26,6 +27,7 @@
26		27
27	#define BR_PORT_BITS 10	28	#define BR_PORT_BITS 10
28	#define BR_MAX_PORTS (1<<BR_PORT_BITS)	29	#define BR_MAX_PORTS (1<<BR_PORT_BITS)
		30	#define BR_VLAN_BITMAP_LEN BITS_TO_LONGS(VLAN_N_VID)
29		31
30	#define BR_VERSION "2.3"	32	#define BR_VERSION "2.3"
31		33
@@ -61,6 +63,20 @@ struct br_ip
61	#endif	63	#endif
62	} u;	64	} u;
63	__be16 proto;	65	__be16 proto;
		66	__u16 vid;
		67	};
		68
		69	struct net_port_vlans {
		70	u16 port_idx;
		71	u16 pvid;
		72	union {
		73	struct net_bridge_port *port;
		74	struct net_bridge *br;
		75	} parent;
		76	struct rcu_head rcu;
		77	unsigned long vlan_bitmap[BR_VLAN_BITMAP_LEN];
		78	unsigned long untagged_bitmap[BR_VLAN_BITMAP_LEN];
		79	u16 num_vlans;
64	};	80	};
65		81
66	struct net_bridge_fdb_entry	82	struct net_bridge_fdb_entry
@@ -74,6 +90,7 @@ struct net_bridge_fdb_entry
74	mac_addr addr;	90	mac_addr addr;
75	unsigned char is_local;	91	unsigned char is_local;
76	unsigned char is_static;	92	unsigned char is_static;
		93	__u16 vlan_id;
77	};	94	};
78		95
79	struct net_bridge_port_group {	96	struct net_bridge_port_group {
@@ -156,6 +173,9 @@ struct net_bridge_port
156	#ifdef CONFIG_NET_POLL_CONTROLLER	173	#ifdef CONFIG_NET_POLL_CONTROLLER
157	struct netpoll *np;	174	struct netpoll *np;
158	#endif	175	#endif
		176	#ifdef CONFIG_BRIDGE_VLAN_FILTERING
		177	struct net_port_vlans __rcu *vlan_info;
		178	#endif
159	};	179	};
160		180
161	#define br_port_exists(dev) (dev->priv_flags & IFF_BRIDGE_PORT)	181	#define br_port_exists(dev) (dev->priv_flags & IFF_BRIDGE_PORT)
@@ -197,9 +217,6 @@ struct net_bridge
197	bool nf_call_ip6tables;	217	bool nf_call_ip6tables;
198	bool nf_call_arptables;	218	bool nf_call_arptables;
199	#endif	219	#endif
200	unsigned long flags;
201	#define BR_SET_MAC_ADDR 0x00000001
202
203	u16 group_fwd_mask;	220	u16 group_fwd_mask;
204		221
205	/* STP */	222	/* STP */
@@ -260,6 +277,10 @@ struct net_bridge
260	struct timer_list topology_change_timer;	277	struct timer_list topology_change_timer;
261	struct timer_list gc_timer;	278	struct timer_list gc_timer;
262	struct kobject *ifobj;	279	struct kobject *ifobj;
		280	#ifdef CONFIG_BRIDGE_VLAN_FILTERING
		281	u8 vlan_enabled;
		282	struct net_port_vlans __rcu *vlan_info;
		283	#endif
263	};	284	};
264		285
265	struct br_input_skb_cb {	286	struct br_input_skb_cb {
@@ -355,18 +376,22 @@ extern void br_fdb_cleanup(unsigned long arg);
355	extern void br_fdb_delete_by_port(struct net_bridge *br,	376	extern void br_fdb_delete_by_port(struct net_bridge *br,
356	const struct net_bridge_port *p, int do_all);	377	const struct net_bridge_port *p, int do_all);
357	extern struct net_bridge_fdb_entry __br_fdb_get(struct net_bridge br,	378	extern struct net_bridge_fdb_entry __br_fdb_get(struct net_bridge br,
358	const unsigned char *addr);	379	const unsigned char *addr,
		380	__u16 vid);
359	extern int br_fdb_test_addr(struct net_device dev, unsigned char addr);	381	extern int br_fdb_test_addr(struct net_device dev, unsigned char addr);
360	extern int br_fdb_fillbuf(struct net_bridge br, void buf,	382	extern int br_fdb_fillbuf(struct net_bridge br, void buf,
361	unsigned long count, unsigned long off);	383	unsigned long count, unsigned long off);
362	extern int br_fdb_insert(struct net_bridge *br,	384	extern int br_fdb_insert(struct net_bridge *br,
363	struct net_bridge_port *source,	385	struct net_bridge_port *source,
364	const unsigned char *addr);	386	const unsigned char *addr,
		387	u16 vid);
365	extern void br_fdb_update(struct net_bridge *br,	388	extern void br_fdb_update(struct net_bridge *br,
366	struct net_bridge_port *source,	389	struct net_bridge_port *source,
367	const unsigned char *addr);	390	const unsigned char *addr,
		391	u16 vid);
		392	extern int fdb_delete_by_addr(struct net_bridge br, const u8 addr, u16 vid);
368		393
369	extern int br_fdb_delete(struct ndmsg *ndm,	394	extern int br_fdb_delete(struct ndmsg ndm, struct nlattr tb[],
370	struct net_device *dev,	395	struct net_device *dev,
371	const unsigned char *addr);	396	const unsigned char *addr);
372	extern int br_fdb_add(struct ndmsg nlh, struct nlattr tb[],	397	extern int br_fdb_add(struct ndmsg nlh, struct nlattr tb[],
@@ -534,6 +559,142 @@ static inline void br_mdb_uninit(void)
534	}	559	}
535	#endif	560	#endif
536		561
		562	/* br_vlan.c */
		563	#ifdef CONFIG_BRIDGE_VLAN_FILTERING
		564	extern bool br_allowed_ingress(struct net_bridge br, struct net_port_vlans v,
		565	struct sk_buff skb, u16 vid);
		566	extern bool br_allowed_egress(struct net_bridge *br,
		567	const struct net_port_vlans *v,
		568	const struct sk_buff *skb);
		569	extern struct sk_buff br_handle_vlan(struct net_bridge br,
		570	const struct net_port_vlans *v,
		571	struct sk_buff *skb);
		572	extern int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags);
		573	extern int br_vlan_delete(struct net_bridge *br, u16 vid);
		574	extern void br_vlan_flush(struct net_bridge *br);
		575	extern int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val);
		576	extern int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags);
		577	extern int nbp_vlan_delete(struct net_bridge_port *port, u16 vid);
		578	extern void nbp_vlan_flush(struct net_bridge_port *port);
		579	extern bool nbp_vlan_find(struct net_bridge_port *port, u16 vid);
		580
		581	static inline struct net_port_vlans *br_get_vlan_info(
		582	const struct net_bridge *br)
		583	{
		584	return rcu_dereference_rtnl(br->vlan_info);
		585	}
		586
		587	static inline struct net_port_vlans *nbp_get_vlan_info(
		588	const struct net_bridge_port *p)
		589	{
		590	return rcu_dereference_rtnl(p->vlan_info);
		591	}
		592
		593	/* Since bridge now depends on 8021Q module, but the time bridge sees the
		594	* skb, the vlan tag will always be present if the frame was tagged.
		595	*/
		596	static inline int br_vlan_get_tag(const struct sk_buff skb, u16 vid)
		597	{
		598	int err = 0;
		599
		600	if (vlan_tx_tag_present(skb))
		601	*vid = vlan_tx_tag_get(skb) & VLAN_VID_MASK;
		602	else {
		603	*vid = 0;
		604	err = -EINVAL;
		605	}
		606
		607	return err;
		608	}
		609
		610	static inline u16 br_get_pvid(const struct net_port_vlans *v)
		611	{
		612	/* Return just the VID if it is set, or VLAN_N_VID (invalid vid) if
		613	* vid wasn't set
		614	*/
		615	smp_rmb();
		616	return (v->pvid & VLAN_TAG_PRESENT) ?
		617	(v->pvid & ~VLAN_TAG_PRESENT) :
		618	VLAN_N_VID;
		619	}
		620
		621	#else
		622	static inline bool br_allowed_ingress(struct net_bridge *br,
		623	struct net_port_vlans *v,
		624	struct sk_buff *skb,
		625	u16 *vid)
		626	{
		627	return true;
		628	}
		629
		630	static inline bool br_allowed_egress(struct net_bridge *br,
		631	const struct net_port_vlans *v,
		632	const struct sk_buff *skb)
		633	{
		634	return true;
		635	}
		636
		637	static inline struct sk_buff br_handle_vlan(struct net_bridge br,
		638	const struct net_port_vlans *v,
		639	struct sk_buff *skb)
		640	{
		641	return skb;
		642	}
		643
		644	static inline int br_vlan_add(struct net_bridge *br, u16 vid, u16 flags)
		645	{
		646	return -EOPNOTSUPP;
		647	}
		648
		649	static inline int br_vlan_delete(struct net_bridge *br, u16 vid)
		650	{
		651	return -EOPNOTSUPP;
		652	}
		653
		654	static inline void br_vlan_flush(struct net_bridge *br)
		655	{
		656	}
		657
		658	static inline int nbp_vlan_add(struct net_bridge_port *port, u16 vid, u16 flags)
		659	{
		660	return -EOPNOTSUPP;
		661	}
		662
		663	static inline int nbp_vlan_delete(struct net_bridge_port *port, u16 vid)
		664	{
		665	return -EOPNOTSUPP;
		666	}
		667
		668	static inline void nbp_vlan_flush(struct net_bridge_port *port)
		669	{
		670	}
		671
		672	static inline struct net_port_vlans *br_get_vlan_info(
		673	const struct net_bridge *br)
		674	{
		675	return NULL;
		676	}
		677	static inline struct net_port_vlans *nbp_get_vlan_info(
		678	const struct net_bridge_port *p)
		679	{
		680	return NULL;
		681	}
		682
		683	static inline bool nbp_vlan_find(struct net_bridge_port *port, u16 vid)
		684	{
		685	return false;
		686	}
		687
		688	static inline u16 br_vlan_get_tag(const struct sk_buff skb, u16 tag)
		689	{
		690	return 0;
		691	}
		692	static inline u16 br_get_pvid(const struct net_port_vlans *v)
		693	{
		694	return VLAN_N_VID; /* Returns invalid vid */
		695	}
		696	#endif
		697
537	/* br_netfilter.c */	698	/* br_netfilter.c */
538	#ifdef CONFIG_BRIDGE_NETFILTER	699	#ifdef CONFIG_BRIDGE_NETFILTER
539	extern int br_netfilter_init(void);	700	extern int br_netfilter_init(void);
@@ -594,8 +755,9 @@ extern int br_netlink_init(void);
594	extern void br_netlink_fini(void);	755	extern void br_netlink_fini(void);
595	extern void br_ifinfo_notify(int event, struct net_bridge_port *port);	756	extern void br_ifinfo_notify(int event, struct net_bridge_port *port);
596	extern int br_setlink(struct net_device dev, struct nlmsghdr nlmsg);	757	extern int br_setlink(struct net_device dev, struct nlmsghdr nlmsg);
		758	extern int br_dellink(struct net_device dev, struct nlmsghdr nlmsg);
597	extern int br_getlink(struct sk_buff *skb, u32 pid, u32 seq,	759	extern int br_getlink(struct sk_buff *skb, u32 pid, u32 seq,
598	struct net_device *dev);	760	struct net_device *dev, u32 filter_mask);
599		761
600	#ifdef CONFIG_SYSFS	762	#ifdef CONFIG_SYSFS
601	/* br_sysfs_if.c */	763	/* br_sysfs_if.c */