summaryrefslogtreecommitdiffstats
path: root/net/bridge/br_vlan.c
diff options
context:
space:
mode:
authorVlad Yasevich <vyasevic@redhat.com>2013-02-13 12:00:11 +0000
committerDavid S. Miller <davem@davemloft.net>2013-02-13 19:41:46 -0500
commit85f46c6baef1486ce20e13dd7cdea5dd15be2a90 (patch)
treeaab52d4f01320337bfc59358d26fc856e717a8f2 /net/bridge/br_vlan.c
parenta37b85c9fbd1dc69fbec3985763f373203eaf9e3 (diff)
downloadlinux-85f46c6baef1486ce20e13dd7cdea5dd15be2a90.tar.bz2
bridge: Verify that a vlan is allowed to egress on given port
When bridge forwards a frame, make sure that a frame is allowed to egress on that port. Signed-off-by: Vlad Yasevich <vyasevic@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/bridge/br_vlan.c')
-rw-r--r--net/bridge/br_vlan.c20
1 files changed, 20 insertions, 0 deletions
diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c
index 8b4bcd8ff46e..d8690bfe63d4 100644
--- a/net/bridge/br_vlan.c
+++ b/net/bridge/br_vlan.c
@@ -89,6 +89,26 @@ bool br_allowed_ingress(struct net_bridge *br, struct net_port_vlans *v,
return false;
}
+/* Called under RCU. */
+bool br_allowed_egress(struct net_bridge *br,
+ const struct net_port_vlans *v,
+ const struct sk_buff *skb)
+{
+ u16 vid;
+
+ if (!br->vlan_enabled)
+ return true;
+
+ if (!v)
+ return false;
+
+ br_vlan_get_tag(skb, &vid);
+ if (test_bit(vid, v->vlan_bitmap))
+ return true;
+
+ return false;
+}
+
/* Must be protected by RTNL */
int br_vlan_add(struct net_bridge *br, u16 vid)
{