Commit 1ce39f0e authored by Vladimir Oltean's avatar Vladimir Oltean Committed by David S. Miller

net: dsa: convert denying bridge VLAN with existing 8021q upper to PRECHANGEUPPER

This is checking for the following order of operations, and makes sure
to deny that configuration:

ip link add link swp2 name swp2.100 type vlan id 100
ip link add br0 type bridge vlan_filtering 1
ip link set swp2 master br0
bridge vlan add dev swp2 vid 100

Instead of using vlan_for_each(), which looks at the VLAN filters
installed with vlan_vid_add(), just track the 8021q uppers. This has the
advantage of freeing up the vlan_vid_add() call for actual VLAN
filtering.

There is another change in this patch. The check is moved in slave.c,
from switch.c. I don't think it makes sense to have this 8021q upper
check for each switch port that gets notified of that VLAN addition
(these include DSA links and CPU ports, we know those can't have 8021q
uppers because they don't have a net_device registered for them), so
just do it in slave.c, for that one slave interface.
Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 2b138406
...@@ -303,6 +303,28 @@ static int dsa_slave_port_attr_set(struct net_device *dev, ...@@ -303,6 +303,28 @@ static int dsa_slave_port_attr_set(struct net_device *dev,
return ret; return ret;
} }
/* Must be called under rcu_read_lock() */
static int
dsa_slave_vlan_check_for_8021q_uppers(struct net_device *slave,
const struct switchdev_obj_port_vlan *vlan)
{
struct net_device *upper_dev;
struct list_head *iter;
netdev_for_each_upper_dev_rcu(slave, upper_dev, iter) {
u16 vid;
if (!is_vlan_dev(upper_dev))
continue;
vid = vlan_dev_vlan_id(upper_dev);
if (vid >= vlan->vid_begin && vid <= vlan->vid_end)
return -EBUSY;
}
return 0;
}
static int dsa_slave_vlan_add(struct net_device *dev, static int dsa_slave_vlan_add(struct net_device *dev,
const struct switchdev_obj *obj, const struct switchdev_obj *obj,
struct switchdev_trans *trans) struct switchdev_trans *trans)
...@@ -319,6 +341,17 @@ static int dsa_slave_vlan_add(struct net_device *dev, ...@@ -319,6 +341,17 @@ static int dsa_slave_vlan_add(struct net_device *dev,
vlan = *SWITCHDEV_OBJ_PORT_VLAN(obj); vlan = *SWITCHDEV_OBJ_PORT_VLAN(obj);
/* Deny adding a bridge VLAN when there is already an 802.1Q upper with
* the same VID.
*/
if (trans->ph_prepare) {
rcu_read_lock();
err = dsa_slave_vlan_check_for_8021q_uppers(dev, &vlan);
rcu_read_unlock();
if (err)
return err;
}
err = dsa_port_vlan_add(dp, &vlan, trans); err = dsa_port_vlan_add(dp, &vlan, trans);
if (err) if (err)
return err; return err;
......
...@@ -232,43 +232,6 @@ static int dsa_switch_mdb_del(struct dsa_switch *ds, ...@@ -232,43 +232,6 @@ static int dsa_switch_mdb_del(struct dsa_switch *ds,
return 0; return 0;
} }
static int dsa_port_vlan_device_check(struct net_device *vlan_dev,
int vlan_dev_vid,
void *arg)
{
struct switchdev_obj_port_vlan *vlan = arg;
u16 vid;
for (vid = vlan->vid_begin; vid <= vlan->vid_end; ++vid) {
if (vid == vlan_dev_vid)
return -EBUSY;
}
return 0;
}
static int dsa_port_vlan_check(struct dsa_switch *ds, int port,
const struct switchdev_obj_port_vlan *vlan)
{
const struct dsa_port *dp = dsa_to_port(ds, port);
int err = 0;
/* Device is not bridged, let it proceed with the VLAN device
* creation.
*/
if (!dp->bridge_dev)
return err;
/* dsa_slave_vlan_rx_{add,kill}_vid() cannot use the prepare phase and
* already checks whether there is an overlapping bridge VLAN entry
* with the same VID, so here we only need to check that if we are
* adding a bridge VLAN entry there is not an overlapping VLAN device
* claiming that VID.
*/
return vlan_for_each(dp->slave, dsa_port_vlan_device_check,
(void *)vlan);
}
static bool dsa_switch_vlan_match(struct dsa_switch *ds, int port, static bool dsa_switch_vlan_match(struct dsa_switch *ds, int port,
struct dsa_notifier_vlan_info *info) struct dsa_notifier_vlan_info *info)
{ {
...@@ -291,10 +254,6 @@ static int dsa_switch_vlan_prepare(struct dsa_switch *ds, ...@@ -291,10 +254,6 @@ static int dsa_switch_vlan_prepare(struct dsa_switch *ds,
for (port = 0; port < ds->num_ports; port++) { for (port = 0; port < ds->num_ports; port++) {
if (dsa_switch_vlan_match(ds, port, info)) { if (dsa_switch_vlan_match(ds, port, info)) {
err = dsa_port_vlan_check(ds, port, info->vlan);
if (err)
return err;
err = ds->ops->port_vlan_prepare(ds, port, info->vlan); err = ds->ops->port_vlan_prepare(ds, port, info->vlan);
if (err) if (err)
return err; return err;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment