From: "Michael S. Tsirkin" <mst@redhat.com>
To: Vlad Yasevich <vyasevic@redhat.com>
Cc: john.r.fastabend@intel.com, netdev@vger.kernel.org,
shemminger@vyatta.com, bridge@lists.linux-foundation.org,
jhs@mojatatu.com
Subject: Re: [Bridge] [PATCH 6/7] bridge: Manage promisc mode when vlans are configured on top of a bridge
Date: Wed, 26 Feb 2014 18:00:46 +0200 [thread overview]
Message-ID: <20140226160046.GI15330@redhat.com> (raw)
In-Reply-To: <1393427905-6811-7-git-send-email-vyasevic@redhat.com>
On Wed, Feb 26, 2014 at 10:18:24AM -0500, Vlad Yasevich wrote:
> If the user configures vlan interfaces on top of the bridge and the bridge
> doesn't have vlan filtering enabled, we have to place all the ports in
> promsic mode so that we can correctly receive tagged frames.
> When vlan filtering is enabled, the vlan configuration will be provided
> via filtering interface.
> When the vlan filtering is toggled, we also have mange promiscuity.
have to manage?
>
> Signed-off-by: Vlad Yasevich <vyasevic@redhat.com>
I wonder if it matters that we scan all ports
on vlan add/del now.
If yes, we could optimize some cases by using
a counter of promisc ports.
> ---
> net/bridge/br_device.c | 14 ++++++++++++++
> net/bridge/br_if.c | 17 +++++++++++++----
> net/bridge/br_private.h | 9 +++++++++
> net/bridge/br_vlan.c | 1 +
> 4 files changed, 37 insertions(+), 4 deletions(-)
>
> diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
> index 0af9d6c..967abb3 100644
> --- a/net/bridge/br_device.c
> +++ b/net/bridge/br_device.c
> @@ -297,6 +297,18 @@ void br_netpoll_disable(struct net_bridge_port *p)
>
> #endif
>
> +static int br_dev_rx_add_vid(struct net_device *br_dev, __be16 proto, u16 vid)
> +{
> + br_manage_promisc(netdev_priv(br_dev));
> + return 0;
> +}
> +
> +static int br_dev_rx_kill_vid(struct net_device *br_dev, __be16 proto, u16 vid)
> +{
> + br_manage_promisc(netdev_priv(br_dev));
> + return 0;
> +}
> +
> static int br_add_slave(struct net_device *dev, struct net_device *slave_dev)
>
> {
> @@ -328,6 +340,8 @@ static const struct net_device_ops br_netdev_ops = {
> .ndo_change_rx_flags = br_dev_change_rx_flags,
> .ndo_change_mtu = br_change_mtu,
> .ndo_do_ioctl = br_dev_ioctl,
> + .ndo_vlan_rx_add_vid = br_dev_rx_add_vid,
> + .ndo_vlan_rx_kill_vid = br_dev_rx_kill_vid,
> #ifdef CONFIG_NET_POLL_CONTROLLER
> .ndo_netpoll_setup = br_netpoll_setup,
> .ndo_netpoll_cleanup = br_netpoll_cleanup,
> diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c
> index 7e92bd0..55e4e28 100644
> --- a/net/bridge/br_if.c
> +++ b/net/bridge/br_if.c
> @@ -497,12 +497,21 @@ static void br_port_clear_promisc(struct net_bridge_port *p)
> void br_manage_promisc(struct net_bridge *br)
> {
> struct net_bridge_port *p;
> + int set_all = false;
> +
> + if (br->dev->flags & IFF_PROMISC)
> + set_all = true;
> +
> + /* If vlan filtering is disabled and there are any VLANs
> + * configured on top of the bridge, set promisc on all
> + * ports.
> + */
> + if (!br_vlan_enabled(br) && vlan_uses_dev(br->dev))
> + set_all = true;
>
> list_for_each_entry(p, &br->port_list, list) {
> - if (br->dev->flags & IFF_PROMISC) {
> - /* PROMISC flag has been turned on for the bridge
> - * itself. Turn on promisc on all ports.
> - */
> + if (set_all) {
> + /* Set all the ports to promisc mode. */
> br_port_set_promisc(p);
>
> } else {
> diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
> index 4042f86..87dcc09 100644
> --- a/net/bridge/br_private.h
> +++ b/net/bridge/br_private.h
> @@ -641,6 +641,10 @@ static inline u16 br_get_pvid(const struct net_port_vlans *v)
> return v->pvid ?: VLAN_N_VID;
> }
>
> +static inline int br_vlan_enabled(struct net_bridge *br)
> +{
> + return br->vlan_enabled;
> +}
> #else
> static inline bool br_allowed_ingress(struct net_bridge *br,
> struct net_port_vlans *v,
> @@ -721,6 +725,11 @@ static inline u16 br_get_pvid(const struct net_port_vlans *v)
> {
> return VLAN_N_VID; /* Returns invalid vid */
> }
> +
> +static inline int br_vlan_enabled(struct net_bridge *br);
> +{
> + return 0;
> +}
> #endif
>
> /* br_netfilter.c */
> diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c
> index 8249ca7..eddc2f6 100644
> --- a/net/bridge/br_vlan.c
> +++ b/net/bridge/br_vlan.c
> @@ -321,6 +321,7 @@ int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
> goto unlock;
>
> br->vlan_enabled = val;
> + br_manage_promisc(br);
>
> unlock:
> rtnl_unlock();
> --
> 1.8.5.3
WARNING: multiple messages have this Message-ID (diff)
From: "Michael S. Tsirkin" <mst@redhat.com>
To: Vlad Yasevich <vyasevic@redhat.com>
Cc: john.r.fastabend@intel.com, netdev@vger.kernel.org,
shemminger@vyatta.com, bridge@lists.linux-foundation.org,
jhs@mojatatu.com
Subject: Re: [PATCH 6/7] bridge: Manage promisc mode when vlans are configured on top of a bridge
Date: Wed, 26 Feb 2014 18:00:46 +0200 [thread overview]
Message-ID: <20140226160046.GI15330@redhat.com> (raw)
In-Reply-To: <1393427905-6811-7-git-send-email-vyasevic@redhat.com>
On Wed, Feb 26, 2014 at 10:18:24AM -0500, Vlad Yasevich wrote:
> If the user configures vlan interfaces on top of the bridge and the bridge
> doesn't have vlan filtering enabled, we have to place all the ports in
> promsic mode so that we can correctly receive tagged frames.
> When vlan filtering is enabled, the vlan configuration will be provided
> via filtering interface.
> When the vlan filtering is toggled, we also have mange promiscuity.
have to manage?
>
> Signed-off-by: Vlad Yasevich <vyasevic@redhat.com>
I wonder if it matters that we scan all ports
on vlan add/del now.
If yes, we could optimize some cases by using
a counter of promisc ports.
> ---
> net/bridge/br_device.c | 14 ++++++++++++++
> net/bridge/br_if.c | 17 +++++++++++++----
> net/bridge/br_private.h | 9 +++++++++
> net/bridge/br_vlan.c | 1 +
> 4 files changed, 37 insertions(+), 4 deletions(-)
>
> diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
> index 0af9d6c..967abb3 100644
> --- a/net/bridge/br_device.c
> +++ b/net/bridge/br_device.c
> @@ -297,6 +297,18 @@ void br_netpoll_disable(struct net_bridge_port *p)
>
> #endif
>
> +static int br_dev_rx_add_vid(struct net_device *br_dev, __be16 proto, u16 vid)
> +{
> + br_manage_promisc(netdev_priv(br_dev));
> + return 0;
> +}
> +
> +static int br_dev_rx_kill_vid(struct net_device *br_dev, __be16 proto, u16 vid)
> +{
> + br_manage_promisc(netdev_priv(br_dev));
> + return 0;
> +}
> +
> static int br_add_slave(struct net_device *dev, struct net_device *slave_dev)
>
> {
> @@ -328,6 +340,8 @@ static const struct net_device_ops br_netdev_ops = {
> .ndo_change_rx_flags = br_dev_change_rx_flags,
> .ndo_change_mtu = br_change_mtu,
> .ndo_do_ioctl = br_dev_ioctl,
> + .ndo_vlan_rx_add_vid = br_dev_rx_add_vid,
> + .ndo_vlan_rx_kill_vid = br_dev_rx_kill_vid,
> #ifdef CONFIG_NET_POLL_CONTROLLER
> .ndo_netpoll_setup = br_netpoll_setup,
> .ndo_netpoll_cleanup = br_netpoll_cleanup,
> diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c
> index 7e92bd0..55e4e28 100644
> --- a/net/bridge/br_if.c
> +++ b/net/bridge/br_if.c
> @@ -497,12 +497,21 @@ static void br_port_clear_promisc(struct net_bridge_port *p)
> void br_manage_promisc(struct net_bridge *br)
> {
> struct net_bridge_port *p;
> + int set_all = false;
> +
> + if (br->dev->flags & IFF_PROMISC)
> + set_all = true;
> +
> + /* If vlan filtering is disabled and there are any VLANs
> + * configured on top of the bridge, set promisc on all
> + * ports.
> + */
> + if (!br_vlan_enabled(br) && vlan_uses_dev(br->dev))
> + set_all = true;
>
> list_for_each_entry(p, &br->port_list, list) {
> - if (br->dev->flags & IFF_PROMISC) {
> - /* PROMISC flag has been turned on for the bridge
> - * itself. Turn on promisc on all ports.
> - */
> + if (set_all) {
> + /* Set all the ports to promisc mode. */
> br_port_set_promisc(p);
>
> } else {
> diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
> index 4042f86..87dcc09 100644
> --- a/net/bridge/br_private.h
> +++ b/net/bridge/br_private.h
> @@ -641,6 +641,10 @@ static inline u16 br_get_pvid(const struct net_port_vlans *v)
> return v->pvid ?: VLAN_N_VID;
> }
>
> +static inline int br_vlan_enabled(struct net_bridge *br)
> +{
> + return br->vlan_enabled;
> +}
> #else
> static inline bool br_allowed_ingress(struct net_bridge *br,
> struct net_port_vlans *v,
> @@ -721,6 +725,11 @@ static inline u16 br_get_pvid(const struct net_port_vlans *v)
> {
> return VLAN_N_VID; /* Returns invalid vid */
> }
> +
> +static inline int br_vlan_enabled(struct net_bridge *br);
> +{
> + return 0;
> +}
> #endif
>
> /* br_netfilter.c */
> diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c
> index 8249ca7..eddc2f6 100644
> --- a/net/bridge/br_vlan.c
> +++ b/net/bridge/br_vlan.c
> @@ -321,6 +321,7 @@ int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
> goto unlock;
>
> br->vlan_enabled = val;
> + br_manage_promisc(br);
>
> unlock:
> rtnl_unlock();
> --
> 1.8.5.3
next prev parent reply other threads:[~2014-02-26 16:00 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-26 15:18 [Bridge] [PATCH RFC 0/7] Non-promisc bidge ports support Vlad Yasevich
2014-02-26 15:18 ` Vlad Yasevich
2014-02-26 15:18 ` [Bridge] [PATCH 1/7] bridge: Turn flag change macro into a function Vlad Yasevich
2014-02-26 15:18 ` Vlad Yasevich
2014-02-26 15:29 ` [Bridge] " Michael S. Tsirkin
2014-02-26 15:29 ` Michael S. Tsirkin
2014-02-26 15:36 ` [Bridge] " Vlad Yasevich
2014-02-26 15:36 ` Vlad Yasevich
2014-02-26 15:18 ` [Bridge] [PATCH 2/7] bridge: Keep track of ports capable of flooding Vlad Yasevich
2014-02-26 15:18 ` Vlad Yasevich
2014-02-26 15:41 ` [Bridge] " Michael S. Tsirkin
2014-02-26 15:41 ` Michael S. Tsirkin
2014-02-26 15:41 ` [Bridge] " Vlad Yasevich
2014-02-26 15:41 ` Vlad Yasevich
2014-02-26 15:53 ` [Bridge] " Michael S. Tsirkin
2014-02-26 15:53 ` Michael S. Tsirkin
2014-02-27 11:59 ` [Bridge] " Toshiaki Makita
2014-02-27 11:59 ` Toshiaki Makita
2014-02-27 12:54 ` [Bridge] " Vlad Yasevich
2014-02-27 12:54 ` Vlad Yasevich
2014-02-26 15:18 ` [Bridge] [PATCH 3/7] bridge: Add addresses from static fdbs to bridge address list Vlad Yasevich
2014-02-26 15:18 ` Vlad Yasevich
2014-02-26 15:46 ` [Bridge] " Michael S. Tsirkin
2014-02-26 15:46 ` Michael S. Tsirkin
2014-02-26 15:43 ` [Bridge] " Vlad Yasevich
2014-02-26 15:43 ` Vlad Yasevich
2014-02-26 16:23 ` [Bridge] " Michael S. Tsirkin
2014-02-26 16:23 ` Michael S. Tsirkin
2014-02-26 17:25 ` [Bridge] " Vlad Yasevich
2014-02-26 17:25 ` Vlad Yasevich
2014-02-26 17:33 ` [Bridge] " Michael S. Tsirkin
2014-02-26 17:33 ` Michael S. Tsirkin
2014-02-26 16:57 ` [Bridge] " Stephen Hemminger
2014-02-26 16:57 ` Stephen Hemminger
2014-02-26 17:35 ` [Bridge] " Vlad Yasevich
2014-02-26 17:35 ` Vlad Yasevich
2014-02-27 7:53 ` [Bridge] " Michael S. Tsirkin
2014-02-27 7:53 ` Michael S. Tsirkin
2014-02-27 13:08 ` [Bridge] " Vlad Yasevich
2014-02-27 13:08 ` Vlad Yasevich
2014-02-27 13:38 ` [Bridge] " Michael S. Tsirkin
2014-02-27 13:38 ` Michael S. Tsirkin
2014-02-26 15:18 ` [Bridge] [PATCH 4/7] bridge: Automatically manage port promiscuous mode Vlad Yasevich
2014-02-26 15:18 ` Vlad Yasevich
2014-02-26 15:51 ` [Bridge] " Michael S. Tsirkin
2014-02-26 15:51 ` Michael S. Tsirkin
2014-02-26 16:02 ` [Bridge] " Vlad Yasevich
2014-02-26 16:02 ` Vlad Yasevich
2014-02-26 16:58 ` [Bridge] " Stephen Hemminger
2014-02-26 16:58 ` Stephen Hemminger
2014-02-26 17:32 ` [Bridge] " Michael S. Tsirkin
2014-02-26 17:32 ` Michael S. Tsirkin
2014-02-26 15:18 ` [Bridge] [PATCH 5/7] bridge: Correctly manage promiscuity when user requested it Vlad Yasevich
2014-02-26 15:18 ` Vlad Yasevich
2014-02-26 15:18 ` [Bridge] [PATCH 6/7] bridge: Manage promisc mode when vlans are configured on top of a bridge Vlad Yasevich
2014-02-26 15:18 ` Vlad Yasevich
2014-02-26 16:00 ` Michael S. Tsirkin [this message]
2014-02-26 16:00 ` Michael S. Tsirkin
2014-02-26 16:05 ` [Bridge] " Vlad Yasevich
2014-02-26 16:05 ` Vlad Yasevich
2014-02-26 16:25 ` [Bridge] " Michael S. Tsirkin
2014-02-26 16:25 ` Michael S. Tsirkin
2014-02-27 12:06 ` [Bridge] " Toshiaki Makita
2014-02-27 12:06 ` Toshiaki Makita
2014-02-27 13:17 ` [Bridge] " Vlad Yasevich
2014-02-27 13:17 ` Vlad Yasevich
2014-02-28 19:34 ` [Bridge] " Vlad Yasevich
2014-02-28 19:34 ` Vlad Yasevich
2014-03-01 14:57 ` [Bridge] " Toshiaki Makita
2014-03-01 14:57 ` Toshiaki Makita
2014-03-03 12:12 ` [Bridge] " Vlad Yasevich
2014-03-03 12:12 ` Vlad Yasevich
2014-02-26 15:18 ` [Bridge] [PATCH 7/7] bridge: Support promisc management when all ports are non-flooding Vlad Yasevich
2014-02-26 15:18 ` Vlad Yasevich
2014-02-26 15:57 ` [Bridge] " Michael S. Tsirkin
2014-02-26 15:57 ` Michael S. Tsirkin
2014-02-27 3:46 ` [Bridge] " Vlad Yasevich
2014-02-27 3:46 ` Vlad Yasevich
2014-02-27 7:29 ` [Bridge] " Michael S. Tsirkin
2014-02-27 7:29 ` Michael S. Tsirkin
2014-02-26 16:01 ` [Bridge] " Michael S. Tsirkin
2014-02-26 16:01 ` Michael S. Tsirkin
2014-02-26 16:34 ` [Bridge] [PATCH RFC 0/7] Non-promisc bidge ports support Michael S. Tsirkin
2014-02-26 16:34 ` Michael S. Tsirkin
2014-02-26 23:59 ` [Bridge] " Jamal Hadi Salim
2014-02-26 23:59 ` Jamal Hadi Salim
2014-02-27 3:37 ` [Bridge] " Vlad Yasevich
2014-02-27 3:37 ` Vlad Yasevich
2014-02-27 8:54 ` [Bridge] " Amidu Sila
2014-02-27 7:20 ` Michael S. Tsirkin
2014-02-27 7:20 ` Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140226160046.GI15330@redhat.com \
--to=mst@redhat.com \
--cc=bridge@lists.linux-foundation.org \
--cc=jhs@mojatatu.com \
--cc=john.r.fastabend@intel.com \
--cc=netdev@vger.kernel.org \
--cc=shemminger@vyatta.com \
--cc=vyasevic@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.