bridge: Add per-{Port, VLAN} neighbor suppression data path support

When the bridge is not VLAN-aware (i.e., VLAN ID is 0), determine if
neighbor suppression is enabled on a given bridge port solely based on
the existing 'BR_NEIGH_SUPPRESS' flag.

Otherwise, if the bridge is VLAN-aware, first check if per-{Port, VLAN}
neighbor suppression is enabled on the given bridge port using the
'BR_NEIGH_VLAN_SUPPRESS' flag. If so, look up the VLAN and check whether
it has neighbor suppression enabled based on the per-VLAN
'BR_VLFLAG_NEIGH_SUPPRESS_ENABLED' flag.

If the bridge is VLAN-aware, but the bridge port does not have
per-{Port, VLAN} neighbor suppression enabled, then fallback to
determine neighbor suppression based on the 'BR_NEIGH_SUPPRESS' flag.

Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Acked-by: Nikolay Aleksandrov <razor@blackwall.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/bridge/br_arp_nd_proxy.c b/net/bridge/br_arp_nd_proxy.c
index 16c3a1c..c7869a2 100644 (file)
--- a/net/bridge/br_arp_nd_proxy.c
+++ b/net/bridge/br_arp_nd_proxy.c
@@ -486,5 +486,21 @@ void br_do_suppress_nd(struct sk_buff *skb, struct net_bridge *br,
 
 bool br_is_neigh_suppress_enabled(const struct net_bridge_port *p, u16 vid)
 {
-       return p && (p->flags & BR_NEIGH_SUPPRESS);
+       if (!p)
+               return false;
+
+       if (!vid)
+               return !!(p->flags & BR_NEIGH_SUPPRESS);
+
+       if (p->flags & BR_NEIGH_VLAN_SUPPRESS) {
+               struct net_bridge_vlan_group *vg = nbp_vlan_group_rcu(p);
+               struct net_bridge_vlan *v;
+
+               v = br_vlan_find(vg, vid);
+               if (!v)
+                       return false;
+               return !!(v->priv_flags & BR_VLFLAG_NEIGH_SUPPRESS_ENABLED);
+       } else {
+               return !!(p->flags & BR_NEIGH_SUPPRESS);
+       }
 }