net: bridge: BROPT_FDB_LOCAL_VLAN_0: Skip local FDBs on VLAN creation

When BROPT_FDB_LOCAL_VLAN_0 is enabled, the local FDB entries for the
member ports as well as the bridge itself should not be created per-VLAN,
but instead only on VLAN 0.

Thus when a VLAN is added for a port or the bridge itself, a local FDB
entry with the corresponding address should not be added when in the VLAN-0
mode.

Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Petr Machata <petrm@nvidia.com>
Acked-by: Nikolay Aleksandrov <razor@blackwall.org>
Link: https://patch.msgid.link/bb13ba01d58ed6d5d700e012c519d38ee6806d22.1757004393.git.petrm@nvidia.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/net/bridge/br_vlan.c b/net/bridge/br_vlan.c
index 939a3aa78d5c46472fc642764cc925bc17e4c867..ae911220cb3c0547b678d6f6a163a56a4134418f 100644 (file)
--- a/net/bridge/br_vlan.c
+++ b/net/bridge/br_vlan.c
@@ -331,10 +331,12 @@ static int __vlan_add(struct net_bridge_vlan *v, u16 flags,
 
        /* Add the dev mac and count the vlan only if it's usable */
        if (br_vlan_should_use(v)) {
-               err = br_fdb_add_local(br, p, dev->dev_addr, v->vid);
-               if (err) {
-                       br_err(br, "failed insert local address into bridge forwarding table\n");
-                       goto out_filt;
+               if (!br_opt_get(br, BROPT_FDB_LOCAL_VLAN_0)) {
+                       err = br_fdb_add_local(br, p, dev->dev_addr, v->vid);
+                       if (err) {
+                               br_err(br, "failed insert local address into bridge forwarding table\n");
+                               goto out_filt;
+                       }
                }
                vg->num_vlans++;
        }