From: Vladimir Oltean <vladimir.oltean@nxp.com>
To: netdev@vger.kernel.org
Cc: Jakub Kicinski <kuba@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Florian Fainelli <f.fainelli@gmail.com>,
Andrew Lunn <andrew@lunn.ch>,
Vivien Didelot <vivien.didelot@gmail.com>,
Vladimir Oltean <olteanv@gmail.com>,
Roopa Prabhu <roopa@nvidia.com>,
Nikolay Aleksandrov <nikolay@nvidia.com>,
Jiri Pirko <jiri@nvidia.com>, Ido Schimmel <idosch@nvidia.com>,
Rafael Richter <rafael.richter@gin.de>,
Daniel Klauer <daniel.klauer@gin.de>,
Tobias Waldekranz <tobias@waldekranz.com>
Subject: [PATCH v2 net-next 8/8] net: dsa: offload bridge port VLANs on foreign interfaces
Date: Tue, 15 Feb 2022 01:31:11 +0200 [thread overview]
Message-ID: <20220214233111.1586715-9-vladimir.oltean@nxp.com> (raw)
In-Reply-To: <20220214233111.1586715-1-vladimir.oltean@nxp.com>
DSA now explicitly handles VLANs installed with the 'self' flag on the
bridge as host VLANs, instead of just replicating every bridge port VLAN
also on the CPU port and never deleting it, which is what it did before.
However, this leaves a corner case uncovered, as explained by
Tobias Waldekranz:
https://patchwork.kernel.org/project/netdevbpf/patch/20220209213044.2353153-6-vladimir.oltean@nxp.com/#24735260
Forwarding towards a bridge port VLAN installed on a bridge port foreign
to DSA (separate NIC, Wi-Fi AP) used to work by virtue of the fact that
DSA itself needed to have at least one port in that VLAN (therefore, it
also had the CPU port in said VLAN). However, now that the CPU port may
not be member of all VLANs that user ports are members of, we need to
ensure this isn't the case if software forwarding to a foreign interface
is required.
The solution is to treat bridge port VLANs on standalone interfaces in
the exact same way as host VLANs. From DSA's perspective, there is no
difference between local termination and software forwarding; packets in
that VLAN must reach the CPU in both cases.
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
---
v1->v2: patch is new
net/dsa/dsa2.c | 6 +++++
net/dsa/slave.c | 70 +++++++++++++++++++++++++++++++++++++++----------
2 files changed, 62 insertions(+), 14 deletions(-)
diff --git a/net/dsa/dsa2.c b/net/dsa/dsa2.c
index 1df8c2356463..408b79a28cd4 100644
--- a/net/dsa/dsa2.c
+++ b/net/dsa/dsa2.c
@@ -565,6 +565,7 @@ static void dsa_port_teardown(struct dsa_port *dp)
struct dsa_switch *ds = dp->ds;
struct dsa_mac_addr *a, *tmp;
struct net_device *slave;
+ struct dsa_vlan *v, *n;
if (!dp->setup)
return;
@@ -605,6 +606,11 @@ static void dsa_port_teardown(struct dsa_port *dp)
kfree(a);
}
+ list_for_each_entry_safe(v, n, &dp->vlans, list) {
+ list_del(&v->list);
+ kfree(v);
+ }
+
dp->setup = false;
}
diff --git a/net/dsa/slave.c b/net/dsa/slave.c
index 314628c34084..9ca38654b61b 100644
--- a/net/dsa/slave.c
+++ b/net/dsa/slave.c
@@ -413,6 +413,31 @@ static int dsa_slave_host_vlan_add(struct net_device *dev,
return dsa_port_host_vlan_add(dp, &vlan, extack);
}
+/* For DSA ports that offload a bridge port, also offload bridge port VLANs on
+ * foreign interfaces the same way as host VLANs.
+ */
+static int dsa_slave_foreign_vlan_add(struct net_device *dev,
+ const struct switchdev_obj *obj,
+ struct netlink_ext_ack *extack)
+{
+ struct dsa_port *dp = dsa_slave_to_port(dev);
+ struct switchdev_obj_port_vlan vlan;
+
+ if (!dp->bridge)
+ return -EOPNOTSUPP;
+
+ if (dsa_port_skip_vlan_configuration(dp)) {
+ NL_SET_ERR_MSG_MOD(extack, "skipping configuration of VLAN");
+ return 0;
+ }
+
+ vlan = *SWITCHDEV_OBJ_PORT_VLAN(obj);
+
+ vlan.flags &= ~BRIDGE_VLAN_INFO_PVID;
+
+ return dsa_port_host_vlan_add(dp, &vlan, extack);
+}
+
static int dsa_slave_port_obj_add(struct net_device *dev, const void *ctx,
const struct switchdev_obj *obj,
struct netlink_ext_ack *extack)
@@ -442,11 +467,10 @@ static int dsa_slave_port_obj_add(struct net_device *dev, const void *ctx,
return -EOPNOTSUPP;
err = dsa_slave_host_vlan_add(dev, obj, extack);
- } else {
- if (!dsa_port_offloads_bridge_port(dp, obj->orig_dev))
- return -EOPNOTSUPP;
-
+ } else if (dsa_port_offloads_bridge_port(dp, obj->orig_dev)) {
err = dsa_slave_vlan_add(dev, obj, extack);
+ } else {
+ err = dsa_slave_foreign_vlan_add(dev, obj, extack);
}
break;
case SWITCHDEV_OBJ_ID_MRP:
@@ -498,6 +522,23 @@ static int dsa_slave_host_vlan_del(struct net_device *dev,
return dsa_port_host_vlan_del(dp, vlan);
}
+static int dsa_slave_foreign_vlan_del(struct net_device *dev,
+ const struct switchdev_obj *obj)
+{
+ struct dsa_port *dp = dsa_slave_to_port(dev);
+ struct switchdev_obj_port_vlan *vlan;
+
+ if (!dp->bridge)
+ return -EOPNOTSUPP;
+
+ if (dsa_port_skip_vlan_configuration(dp))
+ return 0;
+
+ vlan = SWITCHDEV_OBJ_PORT_VLAN(obj);
+
+ return dsa_port_host_vlan_del(dp, vlan);
+}
+
static int dsa_slave_port_obj_del(struct net_device *dev, const void *ctx,
const struct switchdev_obj *obj)
{
@@ -526,11 +567,10 @@ static int dsa_slave_port_obj_del(struct net_device *dev, const void *ctx,
return -EOPNOTSUPP;
err = dsa_slave_host_vlan_del(dev, obj);
- } else {
- if (!dsa_port_offloads_bridge_port(dp, obj->orig_dev))
- return -EOPNOTSUPP;
-
+ } else if (dsa_port_offloads_bridge_port(dp, obj->orig_dev)) {
err = dsa_slave_vlan_del(dev, obj);
+ } else {
+ err = dsa_slave_foreign_vlan_del(dev, obj);
}
break;
case SWITCHDEV_OBJ_ID_MRP:
@@ -2562,14 +2602,16 @@ static int dsa_slave_switchdev_blocking_event(struct notifier_block *unused,
switch (event) {
case SWITCHDEV_PORT_OBJ_ADD:
- err = switchdev_handle_port_obj_add(dev, ptr,
- dsa_slave_dev_check,
- dsa_slave_port_obj_add);
+ err = switchdev_handle_port_obj_add_foreign(dev, ptr,
+ dsa_slave_dev_check,
+ dsa_foreign_dev_check,
+ dsa_slave_port_obj_add);
return notifier_from_errno(err);
case SWITCHDEV_PORT_OBJ_DEL:
- err = switchdev_handle_port_obj_del(dev, ptr,
- dsa_slave_dev_check,
- dsa_slave_port_obj_del);
+ err = switchdev_handle_port_obj_del_foreign(dev, ptr,
+ dsa_slave_dev_check,
+ dsa_foreign_dev_check,
+ dsa_slave_port_obj_del);
return notifier_from_errno(err);
case SWITCHDEV_PORT_ATTR_SET:
err = switchdev_handle_port_attr_set(dev, ptr,
--
2.25.1
prev parent reply other threads:[~2022-02-14 23:32 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-14 23:31 [PATCH v2 net-next 0/8] Replay and offload host VLAN entries in DSA Vladimir Oltean
2022-02-14 23:31 ` [PATCH v2 net-next 1/8] net: bridge: vlan: notify switchdev only when something changed Vladimir Oltean
2022-02-15 0:05 ` Vladimir Oltean
2022-02-15 8:54 ` Nikolay Aleksandrov
2022-02-15 9:54 ` Vladimir Oltean
2022-02-15 10:10 ` Vladimir Oltean
2022-02-15 10:15 ` Nikolay Aleksandrov
2022-02-15 10:12 ` Nikolay Aleksandrov
2022-02-15 10:30 ` Vladimir Oltean
2022-02-15 11:08 ` Nikolay Aleksandrov
2022-02-15 11:10 ` Nikolay Aleksandrov
2022-02-15 14:36 ` Vladimir Oltean
2022-02-15 15:38 ` Vladimir Oltean
2022-02-15 15:44 ` Nikolay Aleksandrov
2022-02-15 15:52 ` Vladimir Oltean
2022-02-14 23:31 ` [PATCH v2 net-next 2/8] net: bridge: switchdev: differentiate new VLANs from changed ones Vladimir Oltean
2022-02-14 23:31 ` [PATCH v2 net-next 3/8] net: bridge: make nbp_switchdev_unsync_objs() follow reverse order of sync() Vladimir Oltean
2022-02-14 23:31 ` [PATCH v2 net-next 4/8] net: bridge: switchdev: replay all VLAN groups Vladimir Oltean
2022-02-14 23:31 ` [PATCH v2 net-next 5/8] net: switchdev: rename switchdev_lower_dev_find to switchdev_lower_dev_find_rcu Vladimir Oltean
2022-02-14 23:31 ` [PATCH v2 net-next 6/8] net: switchdev: introduce switchdev_handle_port_obj_{add,del} for foreign interfaces Vladimir Oltean
2022-02-14 23:31 ` [PATCH v2 net-next 7/8] net: dsa: add explicit support for host bridge VLANs Vladimir Oltean
2022-02-14 23:31 ` Vladimir Oltean [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220214233111.1586715-9-vladimir.oltean@nxp.com \
--to=vladimir.oltean@nxp.com \
--cc=andrew@lunn.ch \
--cc=daniel.klauer@gin.de \
--cc=davem@davemloft.net \
--cc=f.fainelli@gmail.com \
--cc=idosch@nvidia.com \
--cc=jiri@nvidia.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=nikolay@nvidia.com \
--cc=olteanv@gmail.com \
--cc=rafael.richter@gin.de \
--cc=roopa@nvidia.com \
--cc=tobias@waldekranz.com \
--cc=vivien.didelot@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox