The branch main has been updated by kp:
URL:
https://cgit.FreeBSD.org/src/commit/?id=b0e38a1373c087e5a55eefcdee69ccfbf12f86ce
commit b0e38a1373c087e5a55eefcdee69ccfbf12f86ce
Author: Kristof Provost <k...@freebsd.org>
AuthorDate: 2023-04-07 16:00:08 +0000
Commit: Kristof Provost <k...@freebsd.org>
CommitDate: 2023-04-14 11:17:02 +0000
bridge: distinguish no vlan and vlan 1
The bridge treated no vlan tag as being equivalent to vlan ID 1, which
causes confusion if the bridge sees both untagged and vlan 1 tagged
traffic.
Use DOT1Q_VID_NULL when there's no tag, and fix up the lookup code by
using 'DOT1Q_VID_RSVD_IMPL' to mean 'any vlan', rather than vlan 0. Note
that we have to account for userspace expecting to use 0 as meaning 'any
vlan'.
PR: 270559
Suggested by: Zhenlei Huang <z...@freebsd.org>
Reviewed by: philip, zlei
Differential Revision: https://reviews.freebsd.org/D39478
---
sys/net/if_bridge.c | 24 ++++++++++++++----------
sys/net/if_vlan_var.h | 5 +++++
2 files changed, 19 insertions(+), 10 deletions(-)
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c
index 44ee52e62b77..d78c647df0b4 100644
--- a/sys/net/if_bridge.c
+++ b/sys/net/if_bridge.c
@@ -389,9 +389,12 @@ static int bridge_fragment(struct ifnet *, struct mbuf
**mp,
static void bridge_linkstate(struct ifnet *ifp);
static void bridge_linkcheck(struct bridge_softc *sc);
-/* The default bridge vlan is 1 (IEEE 802.1Q-2003 Table 9-2) */
+/*
+ * Use the "null" value from IEEE 802.1Q-2014 Table 9-2
+ * to indicate untagged frames.
+ */
#define VLANTAGOF(_m) \
- (_m->m_flags & M_VLANTAG) ? EVL_VLANOFTAG(_m->m_pkthdr.ether_vtag) : 1
+ (_m->m_flags & M_VLANTAG) ? EVL_VLANOFTAG(_m->m_pkthdr.ether_vtag) :
DOT1Q_VID_NULL
static struct bstp_cb_ops bridge_ops = {
.bcb_state = bridge_state_change,
@@ -1639,8 +1642,13 @@ static int
bridge_ioctl_daddr(struct bridge_softc *sc, void *arg)
{
struct ifbareq *req = arg;
+ int vlan = req->ifba_vlan;
+
+ /* Userspace uses '0' to mean 'any vlan' */
+ if (vlan == 0)
+ vlan = DOT1Q_VID_RSVD_IMPL;
- return (bridge_rtdaddr(sc, req->ifba_dst, req->ifba_vlan));
+ return (bridge_rtdaddr(sc, req->ifba_dst, vlan));
}
static int
@@ -2886,10 +2894,6 @@ bridge_rtupdate(struct bridge_softc *sc, const uint8_t
*dst, uint16_t vlan,
dst[3] == 0 && dst[4] == 0 && dst[5] == 0) != 0)
return (EINVAL);
- /* 802.1p frames map to vlan 1 */
- if (vlan == 0)
- vlan = 1;
-
/*
* A route for this destination might already exist. If so,
* update it, otherwise create a new one.
@@ -3100,8 +3104,8 @@ bridge_rtdaddr(struct bridge_softc *sc, const uint8_t
*addr, uint16_t vlan)
BRIDGE_RT_LOCK(sc);
/*
- * If vlan is zero then we want to delete for all vlans so the lookup
- * may return more than one.
+ * If vlan is DOT1Q_VID_RSVD_IMPL then we want to delete for all vlans
+ * so the lookup may return more than one.
*/
while ((brt = bridge_rtnode_lookup(sc, addr, vlan)) != NULL) {
bridge_rtnode_destroy(sc, brt);
@@ -3232,7 +3236,7 @@ bridge_rtnode_lookup(struct bridge_softc *sc, const
uint8_t *addr, uint16_t vlan
hash = bridge_rthash(sc, addr);
CK_LIST_FOREACH(brt, &sc->sc_rthash[hash], brt_hash) {
dir = bridge_rtnode_addr_cmp(addr, brt->brt_addr);
- if (dir == 0 && (brt->brt_vlan == vlan || vlan == 0))
+ if (dir == 0 && (brt->brt_vlan == vlan || vlan ==
DOT1Q_VID_RSVD_IMPL))
return (brt);
if (dir > 0)
return (NULL);
diff --git a/sys/net/if_vlan_var.h b/sys/net/if_vlan_var.h
index fb05cddc03bd..faed461c97aa 100644
--- a/sys/net/if_vlan_var.h
+++ b/sys/net/if_vlan_var.h
@@ -128,6 +128,11 @@ struct vlanreq {
#define VLAN_PCP_MAX 7
+#define DOT1Q_VID_NULL 0x0
+#define DOT1Q_VID_DEF_PVID 0x1
+#define DOT1Q_VID_DEF_SR_PVID 0x2
+#define DOT1Q_VID_RSVD_IMPL 0xfff
+
/*
* 802.1q full tag. Proto and vid are stored in host byte order.
*/
