|
| 1 | +commit 948010ebbfb6bca0b6345fb4e944ed9d60be03a1 |
| 2 | +Author: Jipan Yang < [email protected]> |
| 3 | +Date: Sat Jan 6 15:22:54 2018 -0800 |
| 4 | + |
| 5 | + Backport bridge port broadcast flood flag support, excluding netlink parts. |
| 6 | + |
| 7 | + Signed-off-by: Jipan Yang < [email protected]> |
| 8 | + |
| 9 | + commit 99f906e9ad7b6e79ffeda30f45906a8448b9d6a2 |
| 10 | + Author: Mike Manning < [email protected]> |
| 11 | + Date: Wed Apr 26 14:48:09 2017 +0100 |
| 12 | + |
| 13 | + bridge: add per-port broadcast flood flag |
| 14 | + |
| 15 | + Support for l2 multicast flood control was added in commit b6cb5ac8331b |
| 16 | + ("net: bridge: add per-port multicast flood flag"). It allows broadcast |
| 17 | + as it was introduced specifically for unknown multicast flood control. |
| 18 | + But as broadcast is a special case of multicast, this may also need to |
| 19 | + be disabled. For this purpose, introduce a flag to disable the flooding |
| 20 | + of received l2 broadcasts. This approach is backwards compatible and |
| 21 | + provides flexibility in filtering for the desired packet types. |
| 22 | + |
| 23 | + Cc: Nikolay Aleksandrov < [email protected]> |
| 24 | + Signed-off-by: Mike Manning < [email protected]> |
| 25 | + Reviewed-by: Nikolay Aleksandrov < [email protected]> |
| 26 | + Signed-off-by: David S. Miller < [email protected]> |
| 27 | + |
| 28 | +diff --git a/include/linux/if_bridge.h b/include/linux/if_bridge.h |
| 29 | +index c6587c0..da20877 100644 |
| 30 | +--- a/include/linux/if_bridge.h |
| 31 | ++++ b/include/linux/if_bridge.h |
| 32 | +@@ -47,6 +47,8 @@ struct br_ip_list { |
| 33 | + #define BR_PROXYARP_WIFI BIT(10) |
| 34 | + #define BR_MCAST_FLOOD BIT(11) |
| 35 | + |
| 36 | ++#define BR_BCAST_FLOOD BIT(14) |
| 37 | ++ |
| 38 | + #define BR_DEFAULT_AGEING_TIME (300 * HZ) |
| 39 | + |
| 40 | + extern void brioctl_set(int (*ioctl_hook)(struct net *, unsigned int, void __user *)); |
| 41 | +diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h |
| 42 | +index b4fba66..d92f9df 100644 |
| 43 | +--- a/include/uapi/linux/if_link.h |
| 44 | ++++ b/include/uapi/linux/if_link.h |
| 45 | +@@ -319,6 +319,7 @@ enum { |
| 46 | + IFLA_BRPORT_MULTICAST_ROUTER, |
| 47 | + IFLA_BRPORT_PAD, |
| 48 | + IFLA_BRPORT_MCAST_FLOOD, |
| 49 | ++ IFLA_BRPORT_BCAST_FLOOD, |
| 50 | + __IFLA_BRPORT_MAX |
| 51 | + }; |
| 52 | + #define IFLA_BRPORT_MAX (__IFLA_BRPORT_MAX - 1) |
| 53 | +diff --git a/net/bridge/br_forward.c b/net/bridge/br_forward.c |
| 54 | +index 8498e35..3b827c8 100644 |
| 55 | +--- a/net/bridge/br_forward.c |
| 56 | ++++ b/net/bridge/br_forward.c |
| 57 | +@@ -183,13 +183,23 @@ void br_flood(struct net_bridge *br, struct sk_buff *skb, |
| 58 | + struct net_bridge_port *p; |
| 59 | + |
| 60 | + list_for_each_entry_rcu(p, &br->port_list, list) { |
| 61 | +- /* Do not flood unicast traffic to ports that turn it off */ |
| 62 | +- if (pkt_type == BR_PKT_UNICAST && !(p->flags & BR_FLOOD)) |
| 63 | +- continue; |
| 64 | +- /* Do not flood if mc off, except for traffic we originate */ |
| 65 | +- if (pkt_type == BR_PKT_MULTICAST && |
| 66 | +- !(p->flags & BR_MCAST_FLOOD) && skb->dev != br->dev) |
| 67 | +- continue; |
| 68 | ++ /* Do not flood unicast traffic to ports that turn it off, nor |
| 69 | ++ * other traffic if flood off, except for traffic we originate |
| 70 | ++ */ |
| 71 | ++ switch (pkt_type) { |
| 72 | ++ case BR_PKT_UNICAST: |
| 73 | ++ if (!(p->flags & BR_FLOOD)) |
| 74 | ++ continue; |
| 75 | ++ break; |
| 76 | ++ case BR_PKT_MULTICAST: |
| 77 | ++ if (!(p->flags & BR_MCAST_FLOOD) && skb->dev != br->dev) |
| 78 | ++ continue; |
| 79 | ++ break; |
| 80 | ++ case BR_PKT_BROADCAST: |
| 81 | ++ if (!(p->flags & BR_BCAST_FLOOD) && skb->dev != br->dev) |
| 82 | ++ continue; |
| 83 | ++ break; |
| 84 | ++ } |
| 85 | + |
| 86 | + /* Do not flood to ports that enable proxy ARP */ |
| 87 | + if (p->flags & BR_PROXYARP) |
| 88 | +diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c |
| 89 | +index ed0dd33..d175e42 100644 |
| 90 | +--- a/net/bridge/br_if.c |
| 91 | ++++ b/net/bridge/br_if.c |
| 92 | +@@ -362,7 +362,7 @@ static struct net_bridge_port *new_nbp(struct net_bridge *br, |
| 93 | + p->path_cost = port_cost(dev); |
| 94 | + p->priority = 0x8000 >> BR_PORT_BITS; |
| 95 | + p->port_no = index; |
| 96 | +- p->flags = BR_LEARNING | BR_FLOOD | BR_MCAST_FLOOD; |
| 97 | ++ p->flags = BR_LEARNING | BR_FLOOD | BR_MCAST_FLOOD | BR_BCAST_FLOOD; |
| 98 | + br_init_port(p); |
| 99 | + br_set_state(p, BR_STATE_DISABLED); |
| 100 | + br_stp_port_timer_init(p); |
| 101 | +diff --git a/net/bridge/br_sysfs_if.c b/net/bridge/br_sysfs_if.c |
| 102 | +index 8bd5696..09e44d6 100644 |
| 103 | +--- a/net/bridge/br_sysfs_if.c |
| 104 | ++++ b/net/bridge/br_sysfs_if.c |
| 105 | +@@ -172,6 +172,7 @@ BRPORT_ATTR_FLAG(unicast_flood, BR_FLOOD); |
| 106 | + BRPORT_ATTR_FLAG(proxyarp, BR_PROXYARP); |
| 107 | + BRPORT_ATTR_FLAG(proxyarp_wifi, BR_PROXYARP_WIFI); |
| 108 | + BRPORT_ATTR_FLAG(multicast_flood, BR_MCAST_FLOOD); |
| 109 | ++BRPORT_ATTR_FLAG(broadcast_flood, BR_BCAST_FLOOD); |
| 110 | + |
| 111 | + #ifdef CONFIG_BRIDGE_IGMP_SNOOPING |
| 112 | + static ssize_t show_multicast_router(struct net_bridge_port *p, char *buf) |
| 113 | +@@ -218,6 +219,7 @@ static const struct brport_attribute *brport_attrs[] = { |
| 114 | + &brport_attr_proxyarp, |
| 115 | + &brport_attr_proxyarp_wifi, |
| 116 | + &brport_attr_multicast_flood, |
| 117 | ++ &brport_attr_broadcast_flood, |
| 118 | + NULL |
| 119 | + }; |
| 120 | + |
0 commit comments