--- zzzz-none-000/linux-4.9.276/net/bridge/br_private.h	2021-07-20 14:21:16.000000000 +0000
+++ falcon-5530-750/linux-4.9.276/net/bridge/br_private.h	2023-04-05 08:19:02.000000000 +0000
@@ -21,6 +21,7 @@
 #include <net/ip6_fib.h>
 #include <linux/if_vlan.h>
 #include <linux/rhashtable.h>
+#include <linux/atomic.h>
 
 #define BR_HASH_BITS 8
 #define BR_HASH_SIZE (1 << BR_HASH_BITS)
@@ -46,15 +47,13 @@
 typedef struct mac_addr mac_addr;
 typedef __u16 port_id;
 
-struct bridge_id
-{
-	unsigned char	prio[2];
-	unsigned char	addr[ETH_ALEN];
+struct bridge_id {
+	unsigned char prio[2];
+	unsigned char addr[ETH_ALEN];
 };
 
-struct mac_addr
-{
-	unsigned char	addr[ETH_ALEN];
+struct mac_addr {
+	unsigned char addr[ETH_ALEN];
 };
 
 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING
@@ -150,8 +149,7 @@
 	u16				pvid;
 };
 
-struct net_bridge_fdb_entry
-{
+struct net_bridge_fdb_entry {
 	struct hlist_node		hlist;
 	struct net_bridge_port		*dst;
 
@@ -176,11 +174,11 @@
 	struct rcu_head			rcu;
 	struct timer_list		timer;
 	struct br_ip			addr;
+	unsigned char			eth_addr[ETH_ALEN] __aligned(2);
 	unsigned char			flags;
 };
 
-struct net_bridge_mdb_entry
-{
+struct net_bridge_mdb_entry {
 	struct hlist_node		hlist[2];
 	struct net_bridge		*br;
 	struct net_bridge_port_group __rcu *ports;
@@ -190,8 +188,7 @@
 	bool				mglist;
 };
 
-struct net_bridge_mdb_htable
-{
+struct net_bridge_mdb_htable {
 	struct hlist_head		*mhash;
 	struct rcu_head			rcu;
 	struct net_bridge_mdb_htable	*old;
@@ -201,8 +198,65 @@
 	u32				ver;
 };
 
-struct net_bridge_port
-{
+#ifdef CONFIG_MCAST_SNOOPING
+
+typedef enum {
+	IPV4 = 0,
+	IPV6,
+} ptype_t;
+
+struct ipaddr {
+	ptype_t type;
+	union {
+		struct in_addr ip4;
+		struct in6_addr ip6;
+	} addr;
+};
+
+typedef struct ipaddr ipaddr_t;
+
+enum igmp_ver {
+	IGMPV1 = 1,
+	IGMPV2,
+	IGMPV3,
+};
+
+enum mld_ver {
+	MLDV1 = 1,
+	MLDV2,
+};
+
+/* Set router port ioctl request */
+struct router_port {
+	ptype_t type;
+	u32 if_index; /* interface index */
+	u32 expires; /* expiry time */
+};
+
+/* Multicast group record ioctl request */
+struct br_grp_rec {
+	u32 if_index; /* interface index */
+	ipaddr_t gaddr; /* Group address */
+	u32 filter_mode; /* Filter mode */
+	u32 compat; /* Compatibility mode */
+	u32 nsrc; /* number of sources */
+	ipaddr_t slist[0]; /* source list */
+};
+
+struct net_bridge_mg_entry {
+	struct hlist_node hlist;
+	ipaddr_t gaddr; /* Group ipaddr */
+	u8 filter_mode; /* 0 = EX, 1 = IN */
+	u8 compat_mode; /* 1 = v1, 2 = v2, 3 = v3 */
+	struct net_bridge_port *port;
+	struct rcu_head rcu;
+	u32 saddr_cnt;
+	ipaddr_t saddr[0]; /* Array of src ipaddr */
+};
+
+#endif /* CONFIG_MCAST_SNOOPING */
+
+struct net_bridge_port {
 	struct net_bridge		*br;
 	struct net_device		*dev;
 	struct list_head		list;
@@ -219,6 +273,7 @@
 	bridge_id			designated_bridge;
 	u32				path_cost;
 	u32				designated_cost;
+	int learning_limit;
 	unsigned long			designated_age;
 
 	struct timer_list		forward_delay_timer;
@@ -229,6 +284,17 @@
 
 	unsigned long 			flags;
 
+#ifdef CONFIG_MCAST_SNOOPING
+	u32 mghash_secret;
+	u32 mghash_secret6;
+	spinlock_t mghash_lock;
+	struct hlist_head mghash[BR_HASH_SIZE];
+	u8 igmp_router_port;
+	struct timer_list igmp_router_timer;
+	u8 mld_router_port;
+	struct timer_list mld_router_timer;
+#endif /* CONFIG_MCAST_SNOOPING */
+
 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING
 	struct bridge_mcast_own_query	ip4_own_query;
 #if IS_ENABLED(CONFIG_IPV6)
@@ -272,8 +338,7 @@
 		rtnl_dereference(dev->rx_handler_data) : NULL;
 }
 
-struct net_bridge
-{
+struct net_bridge {
 	spinlock_t			lock;
 	struct list_head		port_list;
 	struct net_device		*dev;
@@ -290,6 +355,12 @@
 	bool				nf_call_ip6tables;
 	bool				nf_call_arptables;
 #endif
+#ifdef CONFIG_AVM_BRIDGE_FLOOD_RATELIMITER
+	atomic_t			avm_flood_credits;
+	int				avm_flood_credits_max;
+	int				avm_flood_credits_recov_rate;
+	struct timer_list		avm_flood_rl_timer;
+#endif
 	u16				group_fwd_mask;
 	u16				group_fwd_mask_required;
 
@@ -318,6 +389,7 @@
 	unsigned char			topology_change;
 	unsigned char			topology_change_detected;
 
+	enum br_mcast_flood_mode mcast_flood;
 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING
 	unsigned char			multicast_router;
 
@@ -333,6 +405,8 @@
 	u32				multicast_last_member_count;
 	u32				multicast_startup_query_count;
 
+	u8 multicast_igmp_version;
+
 	unsigned long			multicast_last_member_interval;
 	unsigned long			multicast_membership_interval;
 	unsigned long			multicast_querier_interval;
@@ -353,6 +427,7 @@
 	struct bridge_mcast_other_query	ip6_other_query;
 	struct bridge_mcast_own_query	ip6_own_query;
 	struct bridge_mcast_querier	ip6_querier;
+	u8 multicast_mld_version;
 #endif /* IS_ENABLED(CONFIG_IPV6) */
 #endif
 
@@ -385,6 +460,7 @@
 #endif
 
 	bool proxyarp_replied;
+	bool src_port_isolated;
 
 #ifdef CONFIG_BRIDGE_VLAN_FILTERING
 	bool vlan_filtered;
@@ -529,6 +605,14 @@
 void br_flood(struct net_bridge *br, struct sk_buff *skb,
 	      enum br_pkt_type pkt_type, bool local_rcv, bool local_orig);
 
+/* return true if both source port and dest port are isolated */
+static inline bool br_skb_isolated(const struct net_bridge_port *to,
+				   const struct sk_buff *skb)
+{
+	return BR_INPUT_SKB_CB(skb)->src_port_isolated &&
+	       (to->flags & BR_ISOLATED);
+}
+
 /* br_if.c */
 void br_port_carrier_check(struct net_bridge_port *p);
 int br_add_bridge(struct net *net, const char *name);
@@ -582,6 +666,10 @@
 int br_multicast_toggle(struct net_bridge *br, unsigned long val);
 int br_multicast_set_querier(struct net_bridge *br, unsigned long val);
 int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val);
+int br_multicast_set_igmp_version(struct net_bridge *br, unsigned long val);
+#if IS_ENABLED(CONFIG_IPV6)
+int br_multicast_set_mld_version(struct net_bridge *br, unsigned long val);
+#endif
 struct net_bridge_mdb_entry *
 br_mdb_ip_get(struct net_bridge_mdb_htable *mdb, struct br_ip *dst);
 struct net_bridge_mdb_entry *
@@ -591,7 +679,7 @@
 struct net_bridge_port_group *
 br_multicast_new_port_group(struct net_bridge_port *port, struct br_ip *group,
 			    struct net_bridge_port_group __rcu *next,
-			    unsigned char flags);
+			    unsigned char flags, const unsigned char *src);
 void br_mdb_init(void);
 void br_mdb_uninit(void);
 void br_mdb_notify(struct net_device *dev, struct net_bridge_port *port,
@@ -982,6 +1070,22 @@
 #define br_netfilter_rtable_init(x)
 #endif
 
+/* br_bcast_rl.c */
+#ifdef CONFIG_AVM_BRIDGE_FLOOD_RATELIMITER
+int  br_flood_rl_init(void);
+void br_flood_rl_fini(void);
+void br_flood_rl_setup(struct net_bridge *br);
+int br_flood_rl_set_credits(struct net_bridge *br, unsigned long v);
+unsigned int br_flood_rl(struct net_bridge *br,
+			 struct sk_buff *skb,
+			 struct net_device *src_dev);
+#else
+#define br_flood_rl_init()	(0)
+#define br_flood_rl_fini()	do { } while (0)
+#define br_flood_rl_setup(br)	do { } while (0)
+#define br_flood_rl(br, skb, dev) (1)
+#endif
+
 /* br_stp.c */
 void br_set_state(struct net_bridge_port *p, unsigned int state);
 struct net_bridge_port *br_get_port(struct net_bridge *br, u16 port_no);
@@ -1033,6 +1137,20 @@
 int br_getlink(struct sk_buff *skb, u32 pid, u32 seq, struct net_device *dev,
 	       u32 filter_mask, int nlflags);
 
+#ifdef CONFIG_MCAST_SNOOPING
+/* br_mcast_snooping.c */
+extern void br_mcast_port_init(struct net_bridge_port *port);
+extern void br_mcast_port_cleanup(struct net_bridge_port *port);
+extern int br_mg_del_record(struct net_bridge_port *port, ipaddr_t *gaddr);
+extern int br_mg_add_entry(struct net_bridge_port *port, ipaddr_t *gaddr, u8 filter, u8 compat, u32 saddr_cnt, ipaddr_t *saddr);
+extern int br_selective_flood(struct net_bridge_port *p, struct sk_buff *skb);
+extern int bridge_igmp_snooping;
+extern int bridge_mld_snooping;
+extern int bridge_lanserver_hook;
+extern void br_mcast_snoop_init(void);
+extern void br_mcast_snoop_deinit(void);
+#endif
+
 #ifdef CONFIG_SYSFS
 /* br_sysfs_if.c */
 extern const struct sysfs_ops brport_sysfs_ops;
@@ -1058,6 +1176,11 @@
 			      struct sk_buff *skb);
 bool nbp_switchdev_allowed_egress(const struct net_bridge_port *p,
 				  const struct sk_buff *skb);
+int br_switchdev_set_port_flag(struct net_bridge_port *p,
+			       unsigned long flags,
+			       unsigned long mask);
+int nbp_switchdev_avm_flood_ratelimit_set(struct net_bridge *br,
+					  int val);
 #else
 static inline int nbp_switchdev_mark_set(struct net_bridge_port *p)
 {
@@ -1074,6 +1197,16 @@
 {
 	return true;
 }
+
+static inline int br_switchdev_set_port_flag(struct net_bridge_port *p,
+					     unsigned long flags,
+					     unsigned long mask)
+
+static inline int nbp_switchdev_avm_flood_ratelimit_set(struct net_bridge *br,
+							int val)
+{
+	return 0;
+}
 #endif /* CONFIG_NET_SWITCHDEV */
 
 #endif