From: Vladimir Oltean <olteanv@gmail.com>
To: netdev@vger.kernel.org
Cc: "Jakub Kicinski" <kuba@kernel.org>,
"Florian Fainelli" <f.fainelli@gmail.com>,
"Vivien Didelot" <vivien.didelot@gmail.com>,
"Andrew Lunn" <andrew@lunn.ch>,
"Vladimir Oltean" <olteanv@gmail.com>,
"Tobias Waldekranz" <tobias@waldekranz.com>,
"Marek Behún" <kabel@kernel.org>,
"Ansuel Smith" <ansuelsmth@gmail.com>,
"DENG Qingfang" <dqfext@gmail.com>,
"Alvin Šipraga" <alsi@bang-olufsen.dk>,
"Claudiu Manoil" <claudiu.manoil@nxp.com>,
"Alexandre Belloni" <alexandre.belloni@bootlin.com>,
UNGLinuxDriver@microchip.com,
"Colin Foster" <colin.foster@in-advantage.com>,
"Linus Walleij" <linus.walleij@linaro.org>,
"Luiz Angelo Daros de Luca" <luizluca@gmail.com>,
"Roopa Prabhu" <roopa@nvidia.com>,
"Nikolay Aleksandrov" <razor@blackwall.org>,
"Frank Wunderlich" <frank-w@public-files.de>,
"Vladimir Oltean" <vladimir.oltean@nxp.com>
Subject: [RFC PATCH net-next 05/12] net: dsa: existing DSA masters cannot join upper interfaces
Date: Mon, 23 May 2022 13:42:49 +0300 [thread overview]
Message-ID: <20220523104256.3556016-6-olteanv@gmail.com> (raw)
In-Reply-To: <20220523104256.3556016-1-olteanv@gmail.com>
From: Vladimir Oltean <vladimir.oltean@nxp.com>
All the traffic to/from a DSA master is supposed to be distributed among
its DSA switch upper interfaces, so we should not allow other upper
device kinds.
An exception to this is DSA_TAG_PROTO_NONE (switches with no DSA tags),
and in that case it is actually expected to create e.g. VLAN interfaces
on the master. But for those, netdev_uses_dsa(master) returns false, so
the restriction doesn't apply.
The motivation for this change is to allow LAG interfaces of DSA masters
to be DSA masters themselves. We want to restrict the user's degrees of
freedom by 1: the LAG should already have all DSA masters as lowers, and
while lower ports of the LAG can be removed, none can be added after the
fact.
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
---
net/dsa/slave.c | 33 +++++++++++++++++++++++++++++++++
1 file changed, 33 insertions(+)
diff --git a/net/dsa/slave.c b/net/dsa/slave.c
index 309d8dde0179..0455fb3cf03d 100644
--- a/net/dsa/slave.c
+++ b/net/dsa/slave.c
@@ -2674,6 +2674,35 @@ dsa_slave_prechangeupper_sanity_check(struct net_device *dev,
return NOTIFY_DONE;
}
+static int
+dsa_master_prechangeupper_sanity_check(struct net_device *master,
+ struct netdev_notifier_changeupper_info *info)
+{
+ struct netlink_ext_ack *extack;
+
+ if (!netdev_uses_dsa(master))
+ return NOTIFY_DONE;
+
+ if (!info->linking)
+ return NOTIFY_DONE;
+
+ /* Allow DSA switch uppers */
+ if (dsa_slave_dev_check(info->upper_dev))
+ return NOTIFY_DONE;
+
+ /* Allow bridge uppers of DSA masters, subject to further
+ * restrictions in dsa_bridge_prechangelower_sanity_check()
+ */
+ if (netif_is_bridge_master(info->upper_dev))
+ return NOTIFY_DONE;
+
+ extack = netdev_notifier_info_to_extack(&info->info);
+
+ NL_SET_ERR_MSG_MOD(extack,
+ "DSA master cannot join unknown upper interfaces");
+ return notifier_from_errno(-EBUSY);
+}
+
/* Don't allow bridging of DSA masters, since the bridge layer rx_handler
* prevents the DSA fake ethertype handler to be invoked, so we don't get the
* chance to strip off and parse the DSA switch tag protocol header (the bridge
@@ -2728,6 +2757,10 @@ static int dsa_slave_netdevice_event(struct notifier_block *nb,
if (notifier_to_errno(err))
return err;
+ err = dsa_master_prechangeupper_sanity_check(dev, info);
+ if (notifier_to_errno(err))
+ return err;
+
err = dsa_bridge_prechangelower_sanity_check(dev, info);
if (notifier_to_errno(err))
return err;
--
2.25.1
next prev parent reply other threads:[~2022-05-23 10:43 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-23 10:42 [RFC PATCH net-next 00/12] DSA changes for multiple CPU ports (part 3) Vladimir Oltean
2022-05-23 10:42 ` [RFC PATCH net-next 01/12] net: introduce iterators over synced hw addresses Vladimir Oltean
2022-05-23 17:54 ` Florian Fainelli
2022-05-23 10:42 ` [RFC PATCH net-next 02/12] net: dsa: walk through all changeupper notifier functions Vladimir Oltean
2022-05-23 18:11 ` Florian Fainelli
2022-05-23 10:42 ` [RFC PATCH net-next 03/12] net: dsa: don't stop at NOTIFY_OK when calling ds->ops->port_prechangeupper Vladimir Oltean
2022-05-23 17:56 ` Florian Fainelli
2022-05-23 10:42 ` [RFC PATCH net-next 04/12] net: bridge: move DSA master bridging restriction to DSA Vladimir Oltean
2022-05-23 17:57 ` Florian Fainelli
2022-05-23 23:02 ` Nikolay Aleksandrov
2022-05-23 10:42 ` Vladimir Oltean [this message]
2022-05-23 17:58 ` [RFC PATCH net-next 05/12] net: dsa: existing DSA masters cannot join upper interfaces Florian Fainelli
2022-05-23 10:42 ` [RFC PATCH net-next 06/12] net: dsa: only bring down user ports assigned to a given DSA master Vladimir Oltean
2022-05-23 17:59 ` Florian Fainelli
2022-05-23 10:42 ` [RFC PATCH net-next 07/12] net: dsa: all DSA masters must be down when changing the tagging protocol Vladimir Oltean
2022-05-23 18:00 ` Florian Fainelli
2022-05-23 10:42 ` [RFC PATCH net-next 08/12] net: dsa: use dsa_tree_for_each_cpu_port in dsa_tree_{setup,teardown}_master Vladimir Oltean
2022-05-23 18:01 ` Florian Fainelli
2022-05-23 10:42 ` [RFC PATCH net-next 09/12] net: dsa: introduce dsa_port_get_master() Vladimir Oltean
2022-05-23 18:08 ` Florian Fainelli
2022-05-23 10:42 ` [RFC PATCH net-next 10/12] net: dsa: allow the DSA master to be seen and changed through rtnetlink Vladimir Oltean
2022-05-23 18:41 ` Florian Fainelli
2022-05-23 23:08 ` Vladimir Oltean
2022-05-23 10:42 ` [RFC PATCH net-next 11/12] net: dsa: allow masters to join a LAG Vladimir Oltean
2022-05-23 10:42 ` [RFC PATCH net-next 12/12] net: dsa: felix: add support for changing DSA master Vladimir Oltean
2022-05-23 21:53 ` [RFC PATCH net-next 00/12] DSA changes for multiple CPU ports (part 3) Florian Fainelli
2022-05-23 22:51 ` Vladimir Oltean
2022-05-24 12:02 ` Ansuel Smith
2022-05-24 12:29 ` Vladimir Oltean
2022-05-24 12:38 ` Ansuel Smith
2022-05-24 13:24 ` Vladimir Oltean
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220523104256.3556016-6-olteanv@gmail.com \
--to=olteanv@gmail.com \
--cc=UNGLinuxDriver@microchip.com \
--cc=alexandre.belloni@bootlin.com \
--cc=alsi@bang-olufsen.dk \
--cc=andrew@lunn.ch \
--cc=ansuelsmth@gmail.com \
--cc=claudiu.manoil@nxp.com \
--cc=colin.foster@in-advantage.com \
--cc=dqfext@gmail.com \
--cc=f.fainelli@gmail.com \
--cc=frank-w@public-files.de \
--cc=kabel@kernel.org \
--cc=kuba@kernel.org \
--cc=linus.walleij@linaro.org \
--cc=luizluca@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=razor@blackwall.org \
--cc=roopa@nvidia.com \
--cc=tobias@waldekranz.com \
--cc=vivien.didelot@gmail.com \
--cc=vladimir.oltean@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.