diff options
| author | Vlad Yasevich <vyasevic@redhat.com> | 2013-02-13 07:00:20 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2013-02-13 19:42:16 -0500 |
| commit | 35e03f3a0275a1ba57e432d7c948cf6f70fbb37a (patch) | |
| tree | 7a86834908791e180aaf4284cd462bb7e8a1d926 /net/bridge | |
| parent | bc9a25d21ef8bad30e259af5114ccfb845c066db (diff) | |
bridge: Separate egress policy bitmap
Add an ability to configure a separate "untagged" egress
policy to the VLAN information of the bridge. This superseeds PVID
policy and makes PVID ingress-only. The policy is configured with a
new flag and is represented as a port bitmap per vlan. Egress frames
with a VLAN id in "untagged" policy bitmap would egress
the port without VLAN header.
Signed-off-by: Vlad Yasevich <vyasevic@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/bridge')
| -rw-r--r-- | net/bridge/br_netlink.c | 4 | ||||
| -rw-r--r-- | net/bridge/br_private.h | 1 | ||||
| -rw-r--r-- | net/bridge/br_vlan.c | 20 |
3 files changed, 19 insertions, 6 deletions
diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c index e044cc0b5650..d1dda476d743 100644 --- a/net/bridge/br_netlink.c +++ b/net/bridge/br_netlink.c | |||
| @@ -143,6 +143,10 @@ static int br_fill_ifinfo(struct sk_buff *skb, | |||
| 143 | vinfo.flags = 0; | 143 | vinfo.flags = 0; |
| 144 | if (vid == pvid) | 144 | if (vid == pvid) |
| 145 | vinfo.flags |= BRIDGE_VLAN_INFO_PVID; | 145 | vinfo.flags |= BRIDGE_VLAN_INFO_PVID; |
| 146 | |||
| 147 | if (test_bit(vid, pv->untagged_bitmap)) | ||
| 148 | vinfo.flags |= BRIDGE_VLAN_INFO_UNTAGGED; | ||
| 149 | |||
| 146 | if (nla_put(skb, IFLA_BRIDGE_VLAN_INFO, | 150 | if (nla_put(skb, IFLA_BRIDGE_VLAN_INFO, |
| 147 | sizeof(vinfo), &vinfo)) | 151 | sizeof(vinfo), &vinfo)) |
| 148 | goto nla_put_failure; | 152 | goto nla_put_failure; |
diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 32ecfa4ef47f..6d314c4e6bcb 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h | |||
| @@ -75,6 +75,7 @@ struct net_port_vlans { | |||
| 75 | } parent; | 75 | } parent; |
| 76 | struct rcu_head rcu; | 76 | struct rcu_head rcu; |
| 77 | unsigned long vlan_bitmap[BR_VLAN_BITMAP_LEN]; | 77 | unsigned long vlan_bitmap[BR_VLAN_BITMAP_LEN]; |
| 78 | unsigned long untagged_bitmap[BR_VLAN_BITMAP_LEN]; | ||
| 78 | u16 num_vlans; | 79 | u16 num_vlans; |
| 79 | }; | 80 | }; |
| 80 | 81 | ||
diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c index 9ea358fbbf78..93dde75923f0 100644 --- a/net/bridge/br_vlan.c +++ b/net/bridge/br_vlan.c | |||
| @@ -23,6 +23,15 @@ static void __vlan_delete_pvid(struct net_port_vlans *v, u16 vid) | |||
| 23 | v->pvid = 0; | 23 | v->pvid = 0; |
| 24 | } | 24 | } |
| 25 | 25 | ||
| 26 | static void __vlan_add_flags(struct net_port_vlans *v, u16 vid, u16 flags) | ||
| 27 | { | ||
| 28 | if (flags & BRIDGE_VLAN_INFO_PVID) | ||
| 29 | __vlan_add_pvid(v, vid); | ||
| 30 | |||
| 31 | if (flags & BRIDGE_VLAN_INFO_UNTAGGED) | ||
| 32 | set_bit(vid, v->untagged_bitmap); | ||
| 33 | } | ||
| 34 | |||
| 26 | static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags) | 35 | static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags) |
| 27 | { | 36 | { |
| 28 | struct net_bridge_port *p = NULL; | 37 | struct net_bridge_port *p = NULL; |
| @@ -31,8 +40,7 @@ static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags) | |||
| 31 | int err; | 40 | int err; |
| 32 | 41 | ||
| 33 | if (test_bit(vid, v->vlan_bitmap)) { | 42 | if (test_bit(vid, v->vlan_bitmap)) { |
| 34 | if (flags & BRIDGE_VLAN_INFO_PVID) | 43 | __vlan_add_flags(v, vid, flags); |
| 35 | __vlan_add_pvid(v, vid); | ||
| 36 | return 0; | 44 | return 0; |
| 37 | } | 45 | } |
| 38 | 46 | ||
| @@ -69,8 +77,7 @@ static int __vlan_add(struct net_port_vlans *v, u16 vid, u16 flags) | |||
| 69 | 77 | ||
| 70 | set_bit(vid, v->vlan_bitmap); | 78 | set_bit(vid, v->vlan_bitmap); |
| 71 | v->num_vlans++; | 79 | v->num_vlans++; |
| 72 | if (flags & BRIDGE_VLAN_INFO_PVID) | 80 | __vlan_add_flags(v, vid, flags); |
| 73 | __vlan_add_pvid(v, vid); | ||
| 74 | 81 | ||
| 75 | return 0; | 82 | return 0; |
| 76 | 83 | ||
| @@ -86,6 +93,7 @@ static int __vlan_del(struct net_port_vlans *v, u16 vid) | |||
| 86 | return -EINVAL; | 93 | return -EINVAL; |
| 87 | 94 | ||
| 88 | __vlan_delete_pvid(v, vid); | 95 | __vlan_delete_pvid(v, vid); |
| 96 | clear_bit(vid, v->untagged_bitmap); | ||
| 89 | 97 | ||
| 90 | if (v->port_idx && vid) { | 98 | if (v->port_idx && vid) { |
| 91 | struct net_device *dev = v->parent.port->dev; | 99 | struct net_device *dev = v->parent.port->dev; |
| @@ -144,11 +152,11 @@ struct sk_buff *br_handle_vlan(struct net_bridge *br, | |||
| 144 | goto out; | 152 | goto out; |
| 145 | 153 | ||
| 146 | /* At this point, we know that the frame was filtered and contains | 154 | /* At this point, we know that the frame was filtered and contains |
| 147 | * a valid vlan id. If the vlan id matches the pvid of current port | 155 | * a valid vlan id. If the vlan id is set in the untagged bitmap, |
| 148 | * send untagged; otherwise, send taged. | 156 | * send untagged; otherwise, send taged. |
| 149 | */ | 157 | */ |
| 150 | br_vlan_get_tag(skb, &vid); | 158 | br_vlan_get_tag(skb, &vid); |
| 151 | if (vid == br_get_pvid(pv)) | 159 | if (test_bit(vid, pv->untagged_bitmap)) |
| 152 | skb = br_vlan_untag(skb); | 160 | skb = br_vlan_untag(skb); |
| 153 | else { | 161 | else { |
| 154 | /* Egress policy says "send tagged". If output device | 162 | /* Egress policy says "send tagged". If output device |