From: John Fastabend <john.r.fastabend@intel.com>
To: roprabhu@cisco.com, mst@redhat.com, stephen.hemminger@vyatta.com,
davem@davemloft.net, hadi@cyberus.ca, bhutchings@solarflare.com,
jeffrey.t.kirsher@intel.com
Cc: netdev@vger.kernel.org, gregory.v.rose@intel.com,
krkumar2@in.ibm.com, sri@us.ibm.com
Subject: [net-next PATCH v1 7/7] macvlan: add FDB bridge ops and new macvlan mode
Date: Mon, 09 Apr 2012 15:00:54 -0700 [thread overview]
Message-ID: <20120409220053.3288.40867.stgit@jf-dev1-dcblab> (raw)
In-Reply-To: <20120409215419.3288.50790.stgit@jf-dev1-dcblab>
This adds a new macvlan mode MACVLAN_PASSTHRU_NOPROMISC
this mode acts the same as the original passthru mode _except_
it does not set promiscuous mode on the lowerdev. Because the
lowerdev is not put in promiscuous mode any unicast or multicast
addresses the device should receive must be explicitely added
with the FDB bridge ops. In many use cases the management stack
will know the mac addresses needed (maybe negotiated via EVB/VDP)
or may require only receiving known "good" mac addresses. This
mode with the FDB ops supports this usage model.
This patch is a result of Roopa Prabhu's work. Follow up
patches are needed for VEPA and VEB macvlan modes.
CC: Roopa Prabhu <roprabhu@cisco.com>
CC: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: John Fastabend <john.r.fastabend@intel.com>
---
drivers/net/macvlan.c | 60 ++++++++++++++++++++++++++++++++++++++++++-----
include/linux/if_link.h | 1 +
2 files changed, 55 insertions(+), 6 deletions(-)
diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c
index b17fc90..9892d8d 100644
--- a/drivers/net/macvlan.c
+++ b/drivers/net/macvlan.c
@@ -181,6 +181,7 @@ static rx_handler_result_t macvlan_handle_frame(struct sk_buff **pskb)
MACVLAN_MODE_PRIVATE |
MACVLAN_MODE_VEPA |
MACVLAN_MODE_PASSTHRU|
+ MACVLAN_MODE_PASSTHRU_NOPROMISC |
MACVLAN_MODE_BRIDGE);
else if (src->mode == MACVLAN_MODE_VEPA)
/* flood to everyone except source */
@@ -312,7 +313,8 @@ static int macvlan_open(struct net_device *dev)
int err;
if (vlan->port->passthru) {
- dev_set_promiscuity(lowerdev, 1);
+ if (vlan->mode == MACVLAN_MODE_PASSTHRU)
+ dev_set_promiscuity(lowerdev, 1);
goto hash_add;
}
@@ -344,12 +346,15 @@ static int macvlan_stop(struct net_device *dev)
struct macvlan_dev *vlan = netdev_priv(dev);
struct net_device *lowerdev = vlan->lowerdev;
+ dev_uc_unsync(lowerdev, dev);
+ dev_mc_unsync(lowerdev, dev);
+
if (vlan->port->passthru) {
- dev_set_promiscuity(lowerdev, -1);
+ if (vlan->mode == MACVLAN_MODE_PASSTHRU)
+ dev_set_promiscuity(lowerdev, 1);
goto hash_del;
}
- dev_mc_unsync(lowerdev, dev);
if (dev->flags & IFF_ALLMULTI)
dev_set_allmulti(lowerdev, -1);
@@ -399,10 +404,11 @@ static void macvlan_change_rx_flags(struct net_device *dev, int change)
dev_set_allmulti(lowerdev, dev->flags & IFF_ALLMULTI ? 1 : -1);
}
-static void macvlan_set_multicast_list(struct net_device *dev)
+static void macvlan_set_mac_lists(struct net_device *dev)
{
struct macvlan_dev *vlan = netdev_priv(dev);
+ dev_uc_sync(vlan->lowerdev, dev);
dev_mc_sync(vlan->lowerdev, dev);
}
@@ -542,6 +548,43 @@ static int macvlan_vlan_rx_kill_vid(struct net_device *dev,
return 0;
}
+static int macvlan_fdb_add(struct ndmsg *ndm,
+ struct net_device *dev,
+ unsigned char *addr,
+ u16 flags)
+{
+ struct macvlan_dev *vlan = netdev_priv(dev);
+ int err = -EINVAL;
+
+ if (!vlan->port->passthru)
+ return -EOPNOTSUPP;
+
+ if (is_unicast_ether_addr(addr))
+ err = dev_uc_add_excl(dev, addr);
+ else if (is_multicast_ether_addr(addr))
+ err = dev_mc_add_excl(dev, addr);
+
+ return err;
+}
+
+static int macvlan_fdb_del(struct ndmsg *ndm,
+ struct net_device *dev,
+ unsigned char *addr)
+{
+ struct macvlan_dev *vlan = netdev_priv(dev);
+ int err = -EINVAL;
+
+ if (!vlan->port->passthru)
+ return -EOPNOTSUPP;
+
+ if (is_unicast_ether_addr(addr))
+ err = dev_uc_del(dev, addr);
+ else if (is_multicast_ether_addr(addr))
+ err = dev_mc_del(dev, addr);
+
+ return err;
+}
+
static void macvlan_ethtool_get_drvinfo(struct net_device *dev,
struct ethtool_drvinfo *drvinfo)
{
@@ -572,11 +615,14 @@ static const struct net_device_ops macvlan_netdev_ops = {
.ndo_change_mtu = macvlan_change_mtu,
.ndo_change_rx_flags = macvlan_change_rx_flags,
.ndo_set_mac_address = macvlan_set_mac_address,
- .ndo_set_rx_mode = macvlan_set_multicast_list,
+ .ndo_set_rx_mode = macvlan_set_mac_lists,
.ndo_get_stats64 = macvlan_dev_get_stats64,
.ndo_validate_addr = eth_validate_addr,
.ndo_vlan_rx_add_vid = macvlan_vlan_rx_add_vid,
.ndo_vlan_rx_kill_vid = macvlan_vlan_rx_kill_vid,
+ .ndo_fdb_add = macvlan_fdb_add,
+ .ndo_fdb_del = macvlan_fdb_del,
+ .ndo_fdb_dump = ndo_dflt_fdb_dump,
};
void macvlan_common_setup(struct net_device *dev)
@@ -648,6 +694,7 @@ static int macvlan_validate(struct nlattr *tb[], struct nlattr *data[])
case MACVLAN_MODE_VEPA:
case MACVLAN_MODE_BRIDGE:
case MACVLAN_MODE_PASSTHRU:
+ case MACVLAN_MODE_PASSTHRU_NOPROMISC:
break;
default:
return -EINVAL;
@@ -711,7 +758,8 @@ int macvlan_common_newlink(struct net *src_net, struct net_device *dev,
if (data && data[IFLA_MACVLAN_MODE])
vlan->mode = nla_get_u32(data[IFLA_MACVLAN_MODE]);
- if (vlan->mode == MACVLAN_MODE_PASSTHRU) {
+ if ((vlan->mode == MACVLAN_MODE_PASSTHRU) ||
+ (vlan->mode == MACVLAN_MODE_PASSTHRU_NOPROMISC)) {
if (port->count)
return -EINVAL;
port->passthru = true;
diff --git a/include/linux/if_link.h b/include/linux/if_link.h
index 2f4fa93..db67b9d 100644
--- a/include/linux/if_link.h
+++ b/include/linux/if_link.h
@@ -265,6 +265,7 @@ enum macvlan_mode {
MACVLAN_MODE_VEPA = 2, /* talk to other ports through ext bridge */
MACVLAN_MODE_BRIDGE = 4, /* talk to bridge ports directly */
MACVLAN_MODE_PASSTHRU = 8,/* take over the underlying device */
+ MACVLAN_MODE_PASSTHRU_NOPROMISC = 16, /* passthru without promisc */
};
/* SR-IOV virtual function management section */
next prev parent reply other threads:[~2012-04-09 22:13 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-09 22:00 [net-next PATCH v1 0/7] Managing the forwarding database(FDB) John Fastabend
2012-04-09 22:00 ` [net-next PATCH v1 1/7] net: add generic PF_BRIDGE:RTM_ FDB hooks John Fastabend
2012-04-11 3:23 ` Ben Hutchings
2012-04-11 14:45 ` John Fastabend
2012-04-11 16:05 ` Ben Hutchings
2012-04-11 17:22 ` John Fastabend
2012-04-09 22:00 ` [net-next PATCH v1 2/7] net: addr_list: add exclusive dev_uc_add and dev_mc_add John Fastabend
2012-04-10 8:03 ` Michael S. Tsirkin
2012-04-11 3:33 ` Ben Hutchings
2012-04-11 14:46 ` John Fastabend
2012-04-09 22:00 ` [net-next PATCH v1 3/7] net: add fdb generic dump routine John Fastabend
2012-04-11 3:45 ` Ben Hutchings
2012-04-11 14:46 ` John Fastabend
2012-04-09 22:00 ` [net-next PATCH v1 4/7] ixgbe: enable FDB netdevice ops John Fastabend
2012-04-09 22:00 ` [net-next PATCH v1 5/7] ixgbe: allow RAR table to be updated in promisc mode John Fastabend
2012-04-09 22:00 ` [net-next PATCH v1 6/7] ixgbe: UTA table incorrectly programmed John Fastabend
2012-04-09 22:00 ` John Fastabend [this message]
2012-04-10 8:09 ` [net-next PATCH v1 7/7] macvlan: add FDB bridge ops and new macvlan mode Michael S. Tsirkin
2012-04-10 8:14 ` Michael S. Tsirkin
2012-04-10 13:50 ` John Fastabend
2012-04-10 14:33 ` Michael S. Tsirkin
2012-04-10 15:29 ` John Fastabend
2012-04-10 15:32 ` Michael S. Tsirkin
2012-04-10 13:27 ` John Fastabend
2012-04-10 13:43 ` Michael S. Tsirkin
2012-04-10 14:25 ` John Fastabend
2012-04-10 14:35 ` Michael S. Tsirkin
2012-04-10 15:26 ` John Fastabend
2012-04-10 15:30 ` Michael S. Tsirkin
2012-04-10 15:35 ` John Fastabend
2012-04-11 0:46 ` Sridhar Samudrala
2012-04-11 1:42 ` John Fastabend
2012-04-11 8:02 ` Michael S. Tsirkin
2012-04-11 14:32 ` John Fastabend
2012-04-09 22:15 ` [net-next PATCH v1 0/7] Managing the forwarding database(FDB) Stephen Hemminger
2012-04-09 22:32 ` John Fastabend
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120409220053.3288.40867.stgit@jf-dev1-dcblab \
--to=john.r.fastabend@intel.com \
--cc=bhutchings@solarflare.com \
--cc=davem@davemloft.net \
--cc=gregory.v.rose@intel.com \
--cc=hadi@cyberus.ca \
--cc=jeffrey.t.kirsher@intel.com \
--cc=krkumar2@in.ibm.com \
--cc=mst@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=roprabhu@cisco.com \
--cc=sri@us.ibm.com \
--cc=stephen.hemminger@vyatta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).