Loading...
Note: File does not exist in v3.5.6.
1// SPDX-License-Identifier: GPL-2.0
2/* Copyright (c) 2019, Vladimir Oltean <olteanv@gmail.com>
3 *
4 * This module is not a complete tagger implementation. It only provides
5 * primitives for taggers that rely on 802.1Q VLAN tags to use. The
6 * dsa_8021q_netdev_ops is registered for API compliance and not used
7 * directly by callers.
8 */
9#include <linux/if_bridge.h>
10#include <linux/if_vlan.h>
11#include <linux/dsa/8021q.h>
12
13#include "dsa_priv.h"
14
15/* Binary structure of the fake 12-bit VID field (when the TPID is
16 * ETH_P_DSA_8021Q):
17 *
18 * | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
19 * +-----------+-----+-----------------+-----------+-----------------------+
20 * | DIR | SVL | SWITCH_ID | SUBVLAN | PORT |
21 * +-----------+-----+-----------------+-----------+-----------------------+
22 *
23 * DIR - VID[11:10]:
24 * Direction flags.
25 * * 1 (0b01) for RX VLAN,
26 * * 2 (0b10) for TX VLAN.
27 * These values make the special VIDs of 0, 1 and 4095 to be left
28 * unused by this coding scheme.
29 *
30 * SVL/SUBVLAN - { VID[9], VID[5:4] }:
31 * Sub-VLAN encoding. Valid only when DIR indicates an RX VLAN.
32 * * 0 (0b000): Field does not encode a sub-VLAN, either because
33 * received traffic is untagged, PVID-tagged or because a second
34 * VLAN tag is present after this tag and not inside of it.
35 * * 1 (0b001): Received traffic is tagged with a VID value private
36 * to the host. This field encodes the index in the host's lookup
37 * table through which the value of the ingress VLAN ID can be
38 * recovered.
39 * * 2 (0b010): Field encodes a sub-VLAN.
40 * ...
41 * * 7 (0b111): Field encodes a sub-VLAN.
42 * When DIR indicates a TX VLAN, SUBVLAN must be transmitted as zero
43 * (by the host) and ignored on receive (by the switch).
44 *
45 * SWITCH_ID - VID[8:6]:
46 * Index of switch within DSA tree. Must be between 0 and 7.
47 *
48 * PORT - VID[3:0]:
49 * Index of switch port. Must be between 0 and 15.
50 */
51
52#define DSA_8021Q_DIR_SHIFT 10
53#define DSA_8021Q_DIR_MASK GENMASK(11, 10)
54#define DSA_8021Q_DIR(x) (((x) << DSA_8021Q_DIR_SHIFT) & \
55 DSA_8021Q_DIR_MASK)
56#define DSA_8021Q_DIR_RX DSA_8021Q_DIR(1)
57#define DSA_8021Q_DIR_TX DSA_8021Q_DIR(2)
58
59#define DSA_8021Q_SWITCH_ID_SHIFT 6
60#define DSA_8021Q_SWITCH_ID_MASK GENMASK(8, 6)
61#define DSA_8021Q_SWITCH_ID(x) (((x) << DSA_8021Q_SWITCH_ID_SHIFT) & \
62 DSA_8021Q_SWITCH_ID_MASK)
63
64#define DSA_8021Q_SUBVLAN_HI_SHIFT 9
65#define DSA_8021Q_SUBVLAN_HI_MASK GENMASK(9, 9)
66#define DSA_8021Q_SUBVLAN_LO_SHIFT 4
67#define DSA_8021Q_SUBVLAN_LO_MASK GENMASK(5, 4)
68#define DSA_8021Q_SUBVLAN_HI(x) (((x) & GENMASK(2, 2)) >> 2)
69#define DSA_8021Q_SUBVLAN_LO(x) ((x) & GENMASK(1, 0))
70#define DSA_8021Q_SUBVLAN(x) \
71 (((DSA_8021Q_SUBVLAN_LO(x) << DSA_8021Q_SUBVLAN_LO_SHIFT) & \
72 DSA_8021Q_SUBVLAN_LO_MASK) | \
73 ((DSA_8021Q_SUBVLAN_HI(x) << DSA_8021Q_SUBVLAN_HI_SHIFT) & \
74 DSA_8021Q_SUBVLAN_HI_MASK))
75
76#define DSA_8021Q_PORT_SHIFT 0
77#define DSA_8021Q_PORT_MASK GENMASK(3, 0)
78#define DSA_8021Q_PORT(x) (((x) << DSA_8021Q_PORT_SHIFT) & \
79 DSA_8021Q_PORT_MASK)
80
81/* Returns the VID to be inserted into the frame from xmit for switch steering
82 * instructions on egress. Encodes switch ID and port ID.
83 */
84u16 dsa_8021q_tx_vid(struct dsa_switch *ds, int port)
85{
86 return DSA_8021Q_DIR_TX | DSA_8021Q_SWITCH_ID(ds->index) |
87 DSA_8021Q_PORT(port);
88}
89EXPORT_SYMBOL_GPL(dsa_8021q_tx_vid);
90
91/* Returns the VID that will be installed as pvid for this switch port, sent as
92 * tagged egress towards the CPU port and decoded by the rcv function.
93 */
94u16 dsa_8021q_rx_vid(struct dsa_switch *ds, int port)
95{
96 return DSA_8021Q_DIR_RX | DSA_8021Q_SWITCH_ID(ds->index) |
97 DSA_8021Q_PORT(port);
98}
99EXPORT_SYMBOL_GPL(dsa_8021q_rx_vid);
100
101u16 dsa_8021q_rx_vid_subvlan(struct dsa_switch *ds, int port, u16 subvlan)
102{
103 return DSA_8021Q_DIR_RX | DSA_8021Q_SWITCH_ID(ds->index) |
104 DSA_8021Q_PORT(port) | DSA_8021Q_SUBVLAN(subvlan);
105}
106EXPORT_SYMBOL_GPL(dsa_8021q_rx_vid_subvlan);
107
108/* Returns the decoded switch ID from the RX VID. */
109int dsa_8021q_rx_switch_id(u16 vid)
110{
111 return (vid & DSA_8021Q_SWITCH_ID_MASK) >> DSA_8021Q_SWITCH_ID_SHIFT;
112}
113EXPORT_SYMBOL_GPL(dsa_8021q_rx_switch_id);
114
115/* Returns the decoded port ID from the RX VID. */
116int dsa_8021q_rx_source_port(u16 vid)
117{
118 return (vid & DSA_8021Q_PORT_MASK) >> DSA_8021Q_PORT_SHIFT;
119}
120EXPORT_SYMBOL_GPL(dsa_8021q_rx_source_port);
121
122/* Returns the decoded subvlan from the RX VID. */
123u16 dsa_8021q_rx_subvlan(u16 vid)
124{
125 u16 svl_hi, svl_lo;
126
127 svl_hi = (vid & DSA_8021Q_SUBVLAN_HI_MASK) >>
128 DSA_8021Q_SUBVLAN_HI_SHIFT;
129 svl_lo = (vid & DSA_8021Q_SUBVLAN_LO_MASK) >>
130 DSA_8021Q_SUBVLAN_LO_SHIFT;
131
132 return (svl_hi << 2) | svl_lo;
133}
134EXPORT_SYMBOL_GPL(dsa_8021q_rx_subvlan);
135
136bool vid_is_dsa_8021q_rxvlan(u16 vid)
137{
138 return (vid & DSA_8021Q_DIR_MASK) == DSA_8021Q_DIR_RX;
139}
140EXPORT_SYMBOL_GPL(vid_is_dsa_8021q_rxvlan);
141
142bool vid_is_dsa_8021q_txvlan(u16 vid)
143{
144 return (vid & DSA_8021Q_DIR_MASK) == DSA_8021Q_DIR_TX;
145}
146EXPORT_SYMBOL_GPL(vid_is_dsa_8021q_txvlan);
147
148bool vid_is_dsa_8021q(u16 vid)
149{
150 return vid_is_dsa_8021q_rxvlan(vid) || vid_is_dsa_8021q_txvlan(vid);
151}
152EXPORT_SYMBOL_GPL(vid_is_dsa_8021q);
153
154/* If @enabled is true, installs @vid with @flags into the switch port's HW
155 * filter.
156 * If @enabled is false, deletes @vid (ignores @flags) from the port. Had the
157 * user explicitly configured this @vid through the bridge core, then the @vid
158 * is installed again, but this time with the flags from the bridge layer.
159 */
160static int dsa_8021q_vid_apply(struct dsa_8021q_context *ctx, int port, u16 vid,
161 u16 flags, bool enabled)
162{
163 struct dsa_port *dp = dsa_to_port(ctx->ds, port);
164
165 if (enabled)
166 return ctx->ops->vlan_add(ctx->ds, dp->index, vid, flags);
167
168 return ctx->ops->vlan_del(ctx->ds, dp->index, vid);
169}
170
171/* RX VLAN tagging (left) and TX VLAN tagging (right) setup shown for a single
172 * front-panel switch port (here swp0).
173 *
174 * Port identification through VLAN (802.1Q) tags has different requirements
175 * for it to work effectively:
176 * - On RX (ingress from network): each front-panel port must have a pvid
177 * that uniquely identifies it, and the egress of this pvid must be tagged
178 * towards the CPU port, so that software can recover the source port based
179 * on the VID in the frame. But this would only work for standalone ports;
180 * if bridged, this VLAN setup would break autonomous forwarding and would
181 * force all switched traffic to pass through the CPU. So we must also make
182 * the other front-panel ports members of this VID we're adding, albeit
183 * we're not making it their PVID (they'll still have their own).
184 * By the way - just because we're installing the same VID in multiple
185 * switch ports doesn't mean that they'll start to talk to one another, even
186 * while not bridged: the final forwarding decision is still an AND between
187 * the L2 forwarding information (which is limiting forwarding in this case)
188 * and the VLAN-based restrictions (of which there are none in this case,
189 * since all ports are members).
190 * - On TX (ingress from CPU and towards network) we are faced with a problem.
191 * If we were to tag traffic (from within DSA) with the port's pvid, all
192 * would be well, assuming the switch ports were standalone. Frames would
193 * have no choice but to be directed towards the correct front-panel port.
194 * But because we also want the RX VLAN to not break bridging, then
195 * inevitably that means that we have to give them a choice (of what
196 * front-panel port to go out on), and therefore we cannot steer traffic
197 * based on the RX VID. So what we do is simply install one more VID on the
198 * front-panel and CPU ports, and profit off of the fact that steering will
199 * work just by virtue of the fact that there is only one other port that's
200 * a member of the VID we're tagging the traffic with - the desired one.
201 *
202 * So at the end, each front-panel port will have one RX VID (also the PVID),
203 * the RX VID of all other front-panel ports, and one TX VID. Whereas the CPU
204 * port will have the RX and TX VIDs of all front-panel ports, and on top of
205 * that, is also tagged-input and tagged-output (VLAN trunk).
206 *
207 * CPU port CPU port
208 * +-------------+-----+-------------+ +-------------+-----+-------------+
209 * | RX VID | | | | TX VID | | |
210 * | of swp0 | | | | of swp0 | | |
211 * | +-----+ | | +-----+ |
212 * | ^ T | | | Tagged |
213 * | | | | | ingress |
214 * | +-------+---+---+-------+ | | +-----------+ |
215 * | | | | | | | | Untagged |
216 * | | U v U v U v | | v egress |
217 * | +-----+ +-----+ +-----+ +-----+ | | +-----+ +-----+ +-----+ +-----+ |
218 * | | | | | | | | | | | | | | | | | | | |
219 * | |PVID | | | | | | | | | | | | | | | | | |
220 * +-+-----+-+-----+-+-----+-+-----+-+ +-+-----+-+-----+-+-----+-+-----+-+
221 * swp0 swp1 swp2 swp3 swp0 swp1 swp2 swp3
222 */
223static int dsa_8021q_setup_port(struct dsa_8021q_context *ctx, int port,
224 bool enabled)
225{
226 int upstream = dsa_upstream_port(ctx->ds, port);
227 u16 rx_vid = dsa_8021q_rx_vid(ctx->ds, port);
228 u16 tx_vid = dsa_8021q_tx_vid(ctx->ds, port);
229 struct net_device *master;
230 int i, err, subvlan;
231
232 /* The CPU port is implicitly configured by
233 * configuring the front-panel ports
234 */
235 if (!dsa_is_user_port(ctx->ds, port))
236 return 0;
237
238 master = dsa_to_port(ctx->ds, port)->cpu_dp->master;
239
240 /* Add this user port's RX VID to the membership list of all others
241 * (including itself). This is so that bridging will not be hindered.
242 * L2 forwarding rules still take precedence when there are no VLAN
243 * restrictions, so there are no concerns about leaking traffic.
244 */
245 for (i = 0; i < ctx->ds->num_ports; i++) {
246 u16 flags;
247
248 if (i == upstream)
249 continue;
250 else if (i == port)
251 /* The RX VID is pvid on this port */
252 flags = BRIDGE_VLAN_INFO_UNTAGGED |
253 BRIDGE_VLAN_INFO_PVID;
254 else
255 /* The RX VID is a regular VLAN on all others */
256 flags = BRIDGE_VLAN_INFO_UNTAGGED;
257
258 err = dsa_8021q_vid_apply(ctx, i, rx_vid, flags, enabled);
259 if (err) {
260 dev_err(ctx->ds->dev,
261 "Failed to apply RX VID %d to port %d: %d\n",
262 rx_vid, port, err);
263 return err;
264 }
265 }
266
267 /* CPU port needs to see this port's RX VID
268 * as tagged egress.
269 */
270 err = dsa_8021q_vid_apply(ctx, upstream, rx_vid, 0, enabled);
271 if (err) {
272 dev_err(ctx->ds->dev,
273 "Failed to apply RX VID %d to port %d: %d\n",
274 rx_vid, port, err);
275 return err;
276 }
277
278 /* Add to the master's RX filter not only @rx_vid, but in fact
279 * the entire subvlan range, just in case this DSA switch might
280 * want to use sub-VLANs.
281 */
282 for (subvlan = 0; subvlan < DSA_8021Q_N_SUBVLAN; subvlan++) {
283 u16 vid = dsa_8021q_rx_vid_subvlan(ctx->ds, port, subvlan);
284
285 if (enabled)
286 vlan_vid_add(master, ctx->proto, vid);
287 else
288 vlan_vid_del(master, ctx->proto, vid);
289 }
290
291 /* Finally apply the TX VID on this port and on the CPU port */
292 err = dsa_8021q_vid_apply(ctx, port, tx_vid, BRIDGE_VLAN_INFO_UNTAGGED,
293 enabled);
294 if (err) {
295 dev_err(ctx->ds->dev,
296 "Failed to apply TX VID %d on port %d: %d\n",
297 tx_vid, port, err);
298 return err;
299 }
300 err = dsa_8021q_vid_apply(ctx, upstream, tx_vid, 0, enabled);
301 if (err) {
302 dev_err(ctx->ds->dev,
303 "Failed to apply TX VID %d on port %d: %d\n",
304 tx_vid, upstream, err);
305 return err;
306 }
307
308 return err;
309}
310
311int dsa_8021q_setup(struct dsa_8021q_context *ctx, bool enabled)
312{
313 int rc, port;
314
315 ASSERT_RTNL();
316
317 for (port = 0; port < ctx->ds->num_ports; port++) {
318 rc = dsa_8021q_setup_port(ctx, port, enabled);
319 if (rc < 0) {
320 dev_err(ctx->ds->dev,
321 "Failed to setup VLAN tagging for port %d: %d\n",
322 port, rc);
323 return rc;
324 }
325 }
326
327 return 0;
328}
329EXPORT_SYMBOL_GPL(dsa_8021q_setup);
330
331static int dsa_8021q_crosschip_link_apply(struct dsa_8021q_context *ctx,
332 int port,
333 struct dsa_8021q_context *other_ctx,
334 int other_port, bool enabled)
335{
336 u16 rx_vid = dsa_8021q_rx_vid(ctx->ds, port);
337
338 /* @rx_vid of local @ds port @port goes to @other_port of
339 * @other_ds
340 */
341 return dsa_8021q_vid_apply(other_ctx, other_port, rx_vid,
342 BRIDGE_VLAN_INFO_UNTAGGED, enabled);
343}
344
345static int dsa_8021q_crosschip_link_add(struct dsa_8021q_context *ctx, int port,
346 struct dsa_8021q_context *other_ctx,
347 int other_port)
348{
349 struct dsa_8021q_crosschip_link *c;
350
351 list_for_each_entry(c, &ctx->crosschip_links, list) {
352 if (c->port == port && c->other_ctx == other_ctx &&
353 c->other_port == other_port) {
354 refcount_inc(&c->refcount);
355 return 0;
356 }
357 }
358
359 dev_dbg(ctx->ds->dev,
360 "adding crosschip link from port %d to %s port %d\n",
361 port, dev_name(other_ctx->ds->dev), other_port);
362
363 c = kzalloc(sizeof(*c), GFP_KERNEL);
364 if (!c)
365 return -ENOMEM;
366
367 c->port = port;
368 c->other_ctx = other_ctx;
369 c->other_port = other_port;
370 refcount_set(&c->refcount, 1);
371
372 list_add(&c->list, &ctx->crosschip_links);
373
374 return 0;
375}
376
377static void dsa_8021q_crosschip_link_del(struct dsa_8021q_context *ctx,
378 struct dsa_8021q_crosschip_link *c,
379 bool *keep)
380{
381 *keep = !refcount_dec_and_test(&c->refcount);
382
383 if (*keep)
384 return;
385
386 dev_dbg(ctx->ds->dev,
387 "deleting crosschip link from port %d to %s port %d\n",
388 c->port, dev_name(c->other_ctx->ds->dev), c->other_port);
389
390 list_del(&c->list);
391 kfree(c);
392}
393
394/* Make traffic from local port @port be received by remote port @other_port.
395 * This means that our @rx_vid needs to be installed on @other_ds's upstream
396 * and user ports. The user ports should be egress-untagged so that they can
397 * pop the dsa_8021q VLAN. But the @other_upstream can be either egress-tagged
398 * or untagged: it doesn't matter, since it should never egress a frame having
399 * our @rx_vid.
400 */
401int dsa_8021q_crosschip_bridge_join(struct dsa_8021q_context *ctx, int port,
402 struct dsa_8021q_context *other_ctx,
403 int other_port)
404{
405 /* @other_upstream is how @other_ds reaches us. If we are part
406 * of disjoint trees, then we are probably connected through
407 * our CPU ports. If we're part of the same tree though, we should
408 * probably use dsa_towards_port.
409 */
410 int other_upstream = dsa_upstream_port(other_ctx->ds, other_port);
411 int rc;
412
413 rc = dsa_8021q_crosschip_link_add(ctx, port, other_ctx, other_port);
414 if (rc)
415 return rc;
416
417 rc = dsa_8021q_crosschip_link_apply(ctx, port, other_ctx,
418 other_port, true);
419 if (rc)
420 return rc;
421
422 rc = dsa_8021q_crosschip_link_add(ctx, port, other_ctx, other_upstream);
423 if (rc)
424 return rc;
425
426 return dsa_8021q_crosschip_link_apply(ctx, port, other_ctx,
427 other_upstream, true);
428}
429EXPORT_SYMBOL_GPL(dsa_8021q_crosschip_bridge_join);
430
431int dsa_8021q_crosschip_bridge_leave(struct dsa_8021q_context *ctx, int port,
432 struct dsa_8021q_context *other_ctx,
433 int other_port)
434{
435 int other_upstream = dsa_upstream_port(other_ctx->ds, other_port);
436 struct dsa_8021q_crosschip_link *c, *n;
437
438 list_for_each_entry_safe(c, n, &ctx->crosschip_links, list) {
439 if (c->port == port && c->other_ctx == other_ctx &&
440 (c->other_port == other_port ||
441 c->other_port == other_upstream)) {
442 struct dsa_8021q_context *other_ctx = c->other_ctx;
443 int other_port = c->other_port;
444 bool keep;
445 int rc;
446
447 dsa_8021q_crosschip_link_del(ctx, c, &keep);
448 if (keep)
449 continue;
450
451 rc = dsa_8021q_crosschip_link_apply(ctx, port,
452 other_ctx,
453 other_port,
454 false);
455 if (rc)
456 return rc;
457 }
458 }
459
460 return 0;
461}
462EXPORT_SYMBOL_GPL(dsa_8021q_crosschip_bridge_leave);
463
464struct sk_buff *dsa_8021q_xmit(struct sk_buff *skb, struct net_device *netdev,
465 u16 tpid, u16 tci)
466{
467 /* skb->data points at skb_mac_header, which
468 * is fine for vlan_insert_tag.
469 */
470 return vlan_insert_tag(skb, htons(tpid), tci);
471}
472EXPORT_SYMBOL_GPL(dsa_8021q_xmit);
473
474void dsa_8021q_rcv(struct sk_buff *skb, int *source_port, int *switch_id,
475 int *subvlan)
476{
477 u16 vid, tci;
478
479 skb_push_rcsum(skb, ETH_HLEN);
480 if (skb_vlan_tag_present(skb)) {
481 tci = skb_vlan_tag_get(skb);
482 __vlan_hwaccel_clear_tag(skb);
483 } else {
484 __skb_vlan_pop(skb, &tci);
485 }
486 skb_pull_rcsum(skb, ETH_HLEN);
487
488 vid = tci & VLAN_VID_MASK;
489
490 *source_port = dsa_8021q_rx_source_port(vid);
491 *switch_id = dsa_8021q_rx_switch_id(vid);
492 *subvlan = dsa_8021q_rx_subvlan(vid);
493 skb->priority = (tci & VLAN_PRIO_MASK) >> VLAN_PRIO_SHIFT;
494}
495EXPORT_SYMBOL_GPL(dsa_8021q_rcv);