@@ -126,6 +126,13 @@ static void br_port_clear_promisc(struct net_bridge_port *p)
void br_manage_promisc(struct net_bridge *br)
{
struct net_bridge_port *p;
+ int set_all = false;
+
+ /* If vlan filtering is disabled or bridge interface is placed
+ * into promiscouse mode, place all ports in promiscuous mode.
+ */
+ if ((br->dev->flags & IFF_PROMISC) || !br_vlan_enabled(br))
+ set_all = true;
/* Algorithm is simple. If all the port require static
* configuration, we know everything and can simply write
@@ -135,10 +142,7 @@ void br_manage_promisc(struct net_bridge *br)
* to this one automatic port and still make non-promisc.
*/
list_for_each_entry(p, &br->port_list, list) {
- if (br->dev->flags & IFF_PROMISC) {
- /* PROMISC flag has been turned on for the bridge
- * itself. Turn on promisc on all ports.
- */
+ if (set_all) {
br_port_set_promisc(p);
} else {
if (br->auto_cnt == 0 ||
@@ -643,6 +643,10 @@ static inline u16 br_get_pvid(const struct net_port_vlans *v)
return v->pvid ?: VLAN_N_VID;
}
+static inline int br_vlan_enabled(struct net_bridge *br)
+{
+ return br->vlan_enabled;
+}
#else
static inline bool br_allowed_ingress(struct net_bridge *br,
struct net_port_vlans *v,
@@ -723,6 +727,11 @@ static inline u16 br_get_pvid(const struct net_port_vlans *v)
{
return VLAN_N_VID; /* Returns invalid vid */
}
+
+static inline int br_vlan_enabled(struct net_bridge *br);
+{
+ return 0;
+}
#endif
/* br_netfilter.c */
@@ -332,6 +332,7 @@ int br_vlan_filter_toggle(struct net_bridge *br, unsigned long val)
goto unlock;
br->vlan_enabled = val;
+ br_manage_promisc(br);
unlock:
rtnl_unlock();
If the user doesn't enable vlan filtering, we have to place all bridge ports in promsic mode so that we retain the capability of of receiving tagged frames. When vlan filtering is enabled, the each port will be provided with necessary vlan configuration and would be able to receive tagged traffic without promiscouse mode set, thus allowing us to automatically turn promiscuity on or off depending on the configuration. Signed-off-by: Vlad Yasevich <vyasevic@redhat.com> --- net/bridge/br_if.c | 12 ++++++++---- net/bridge/br_private.h | 9 +++++++++ net/bridge/br_vlan.c | 1 + 3 files changed, 18 insertions(+), 4 deletions(-)