1. 24 Mar, 2021 23 commits
  2. 23 Mar, 2021 17 commits
    • David S. Miller's avatar
      Merge branch 'bridge-dsa-sandwiched-LAG' · c692a0be
      David S. Miller authored
      Vladimir Oltean says:
      
      ====================
      Better support for sandwiched LAGs with bridge and DSA
      
      Changes in v4:
      - Added missing EXPORT_SYMBOL_GPL
      - Using READ_ONCE(fdb->dst)
      - Split patches into (a) adding the bridge helpers (b) making DSA use them
      - br_mdb_replay went back to the v1 approach where it allocated memory
        in atomic context
      - Created a br_switchdev_mdb_populate which reduces some of the code
        duplication
      - Fixed the error message in dsa_port_clear_brport_flags
      - Replaced "dsa_port_vlan_filtering(dp, br, extack)" with
        "dsa_port_vlan_filtering(dp, br_vlan_enabled(br), extack)" (duh)
      - Added review tags (sorry if I missed any)
      
      The objective of this series is to make LAG uppers on top of switchdev
      ports work regardless of which order we link interfaces to their masters
      (first make the port join the LAG, then the LAG join the bridge, or the
      other way around).
      
      There was a design decision to be made in patches 2-4 on whether we
      should adopt the "push" model (which attempts to solve the problem
      centrally, in the bridge layer) where the driver just calls:
      
        switchdev_bridge_port_offloaded(brport_dev,
                                        &atomic_notifier_block,
                                        &blocking_notifier_block,
                                        extack);
      
      and the bridge just replays the entire collection of switchdev port
      attributes and objects that it has, in some predefined order and with
      some predefined error handling logic;
      
      or the "pull" model (which attempts to solve the problem by giving the
      driver the rope to hang itself), where the driver, apart from calling:
      
        switchdev_bridge_port_offloaded(brport_dev, extack);
      
      has the task of "dumpster diving" (as Tobias puts it) through the bridge
      attributes and objects by itself, by calling:
      
        - br_vlan_replay
        - br_fdb_replay
        - br_mdb_replay
        - br_vlan_enabled
        - br_port_flag_is_set
        - br_port_get_stp_state
        - br_multicast_router
        - br_get_ageing_time
      
      (not necessarily all of them, and not necessarily in this order, and
      with driver-defined error handling).
      
      Even though I'm not in love myself with the "pull" model, I chose it
      because there is a fundamental trick with replaying switchdev events
      like this:
      
      ip link add br0 type bridge
      ip link add bond0 type bond
      ip link set bond0 master br0
      ip link set swp0 master bond0 <- this will replay the objects once for
                                       the bond0 bridge port, and the swp0
                                       switchdev port will process them
      ip link set swp1 master bond0 <- this will replay the objects again for
                                       the bond0 bridge port, and the swp1
                                       switchdev port will see them, but swp0
                                       will see them for the second time now
      
      Basically I believe that it is implementation defined whether the driver
      wants to error out on switchdev objects seen twice on a port, and the
      bridge should not enforce a certain model for that. For example, for FDB
      entries added to a bonding interface, the underling switchdev driver
      might have an abstraction for just that: an FDB entry pointing towards a
      logical (as opposed to physical) port. So when the second port joins the
      bridge, it doesn't realy need to replay FDB entries, since there is
      already at least one hardware port which has been receiving those
      events, and the FDB entries don't need to be added a second time to the
      same logical port.
      In the other corner, we have the drivers that handle switchdev port
      attributes on a LAG as individual switchdev port attributes on physical
      ports (example: VLAN filtering). In fact, the switchdev_handle_port_attr_set
      helper facilitates this: it is a fan-out from a single orig_dev towards
      multiple lowers that pass the check_cb().
      But that's the point: switchdev_handle_port_attr_set is just a helper
      which the driver _opts_ to use. The bridge can't enforce the "push"
      model, because that would assume that all drivers handle port attributes
      in the same way, which is probably false.
      
      For this reason, I preferred to go with the "pull" mode for this patch
      set. Just to see how bad it is for other switchdev drivers to copy-paste
      this logic, I added the pull support to ocelot too, and I think it's
      pretty manageable.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c692a0be
    • Vladimir Oltean's avatar
      net: ocelot: replay switchdev events when joining bridge · e4bd44e8
      Vladimir Oltean authored
      The premise of this change is that the switchdev port attributes and
      objects offloaded by ocelot might have been missed when we are joining
      an already existing bridge port, such as a bonding interface.
      
      The patch pulls these switchdev attributes and objects from the bridge,
      on behalf of the 'bridge port' net device which might be either the
      ocelot switch interface, or the bonding upper interface.
      
      The ocelot_net.c belongs strictly to the switchdev ocelot driver, while
      ocelot.c is part of a library shared with the DSA felix driver.
      The ocelot_port_bridge_leave function (part of the common library) used
      to call ocelot_port_vlan_filtering(false), something which is not
      necessary for DSA, since the framework deals with that already there.
      So we move this function to ocelot_switchdev_unsync, which is specific
      to the switchdev driver.
      
      The code movement described above makes ocelot_port_bridge_leave no
      longer return an error code, so we change its type from int to void.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e4bd44e8
    • Vladimir Oltean's avatar
      net: ocelot: call ocelot_netdevice_bridge_join when joining a bridged LAG · 81ef35e7
      Vladimir Oltean authored
      Similar to the DSA situation, ocelot supports LAG offload but treats
      this scenario improperly:
      
      ip link add br0 type bridge
      ip link add bond0 type bond
      ip link set bond0 master br0
      ip link set swp0 master bond0
      
      We do the same thing as we do there, which is to simulate a 'bridge join'
      on 'lag join', if we detect that the bonding upper has a bridge upper.
      
      Again, same as DSA, ocelot supports software fallback for LAG, and in
      that case, we should avoid calling ocelot_netdevice_changeupper.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      81ef35e7
    • Vladimir Oltean's avatar
      net: dsa: sync up switchdev objects and port attributes when joining the bridge · 010e269f
      Vladimir Oltean authored
      If we join an already-created bridge port, such as a bond master
      interface, then we can miss the initial switchdev notifications emitted
      by the bridge for this port, while it wasn't offloaded by anybody.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      010e269f
    • Vladimir Oltean's avatar
      net: dsa: inherit the actual bridge port flags at join time · 5961d6a1
      Vladimir Oltean authored
      DSA currently assumes that the bridge port starts off with this
      constellation of bridge port flags:
      
      - learning on
      - unicast flooding on
      - multicast flooding on
      - broadcast flooding on
      
      just by virtue of code copy-pasta from the bridge layer (new_nbp).
      This was a simple enough strategy thus far, because the 'bridge join'
      moment always coincided with the 'bridge port creation' moment.
      
      But with sandwiched interfaces, such as:
      
       br0
        |
      bond0
        |
       swp0
      
      it may happen that the user has had time to change the bridge port flags
      of bond0 before enslaving swp0 to it. In that case, swp0 will falsely
      assume that the bridge port flags are those determined by new_nbp, when
      in fact this can happen:
      
      ip link add br0 type bridge
      ip link add bond0 type bond
      ip link set bond0 master br0
      ip link set bond0 type bridge_slave learning off
      ip link set swp0 master br0
      
      Now swp0 has learning enabled, bond0 has learning disabled. Not nice.
      
      Fix this by "dumpster diving" through the actual bridge port flags with
      br_port_flag_is_set, at bridge join time.
      
      We use this opportunity to split dsa_port_change_brport_flags into two
      distinct functions called dsa_port_inherit_brport_flags and
      dsa_port_clear_brport_flags, now that the implementation for the two
      cases is no longer similar. This patch also creates two functions called
      dsa_port_switchdev_sync and dsa_port_switchdev_unsync which collect what
      we have so far, even if that's asymmetrical. More is going to be added
      in the next patch.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5961d6a1
    • Vladimir Oltean's avatar
      net: dsa: pass extack to dsa_port_{bridge,lag}_join · 2afc526a
      Vladimir Oltean authored
      This is a pretty noisy change that was broken out of the larger change
      for replaying switchdev attributes and objects at bridge join time,
      which is when these extack objects are actually used.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Reviewed-by: default avatarTobias Waldekranz <tobias@waldekranz.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2afc526a
    • Vladimir Oltean's avatar
      net: dsa: call dsa_port_bridge_join when joining a LAG that is already in a bridge · 185c9a76
      Vladimir Oltean authored
      DSA can properly detect and offload this sequence of operations:
      
      ip link add br0 type bridge
      ip link add bond0 type bond
      ip link set swp0 master bond0
      ip link set bond0 master br0
      
      But not this one:
      
      ip link add br0 type bridge
      ip link add bond0 type bond
      ip link set bond0 master br0
      ip link set swp0 master bond0
      
      Actually the second one is more complicated, due to the elapsed time
      between the enslavement of bond0 and the offloading of it via swp0, a
      lot of things could have happened to the bond0 bridge port in terms of
      switchdev objects (host MDBs, VLANs, altered STP state etc). So this is
      a bit of a can of worms, and making sure that the DSA port's state is in
      sync with this already existing bridge port is handled in the next
      patches.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Reviewed-by: default avatarTobias Waldekranz <tobias@waldekranz.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      185c9a76
    • Vladimir Oltean's avatar
      net: bridge: add helper to replay VLANs installed on port · 22f67cdf
      Vladimir Oltean authored
      Currently this simple setup with DSA:
      
      ip link add br0 type bridge vlan_filtering 1
      ip link add bond0 type bond
      ip link set bond0 master br0
      ip link set swp0 master bond0
      
      will not work because the bridge has created the PVID in br_add_if ->
      nbp_vlan_init, and it has notified switchdev of the existence of VLAN 1,
      but that was too early, since swp0 was not yet a lower of bond0, so it
      had no reason to act upon that notification.
      
      We need a helper in the bridge to replay the switchdev VLAN objects that
      were notified since the bridge port creation, because some of them may
      have been missed.
      
      As opposed to the br_mdb_replay function, the vg->vlan_list write side
      protection is offered by the rtnl_mutex which is sleepable, so we don't
      need to queue up the objects in atomic context, we can replay them right
      away.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Acked-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      22f67cdf
    • Vladimir Oltean's avatar
      net: bridge: add helper to replay port and local fdb entries · 04846f90
      Vladimir Oltean authored
      When a switchdev port starts offloading a LAG that is already in a
      bridge and has an FDB entry pointing to it:
      
      ip link set bond0 master br0
      bridge fdb add dev bond0 00:01:02:03:04:05 master static
      ip link set swp0 master bond0
      
      the switchdev driver will have no idea that this FDB entry is there,
      because it missed the switchdev event emitted at its creation.
      
      Ido Schimmel pointed this out during a discussion about challenges with
      switchdev offloading of stacked interfaces between the physical port and
      the bridge, and recommended to just catch that condition and deny the
      CHANGEUPPER event:
      https://lore.kernel.org/netdev/20210210105949.GB287766@shredder.lan/
      
      But in fact, we might need to deal with the hard thing anyway, which is
      to replay all FDB addresses relevant to this port, because it isn't just
      static FDB entries, but also local addresses (ones that are not
      forwarded but terminated by the bridge). There, we can't just say 'oh
      yeah, there was an upper already so I'm not joining that'.
      
      So, similar to the logic for replaying MDB entries, add a function that
      must be called by individual switchdev drivers and replays local FDB
      entries as well as ones pointing towards a bridge port. This time, we
      use the atomic switchdev notifier block, since that's what FDB entries
      expect for some reason.
      Reported-by: default avatarIdo Schimmel <idosch@idosch.org>
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Acked-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      04846f90
    • Vladimir Oltean's avatar
      net: bridge: add helper to replay port and host-joined mdb entries · 4f2673b3
      Vladimir Oltean authored
      I have a system with DSA ports, and udhcpcd is configured to bring
      interfaces up as soon as they are created.
      
      I create a bridge as follows:
      
      ip link add br0 type bridge
      
      As soon as I create the bridge and udhcpcd brings it up, I also have
      avahi which automatically starts sending IPv6 packets to advertise some
      local services, and because of that, the br0 bridge joins the following
      IPv6 groups due to the code path detailed below:
      
      33:33:ff:6d:c1:9c vid 0
      33:33:00:00:00:6a vid 0
      33:33:00:00:00:fb vid 0
      
      br_dev_xmit
      -> br_multicast_rcv
         -> br_ip6_multicast_add_group
            -> __br_multicast_add_group
               -> br_multicast_host_join
                  -> br_mdb_notify
      
      This is all fine, but inside br_mdb_notify we have br_mdb_switchdev_host
      hooked up, and switchdev will attempt to offload the host joined groups
      to an empty list of ports. Of course nobody offloads them.
      
      Then when we add a port to br0:
      
      ip link set swp0 master br0
      
      the bridge doesn't replay the host-joined MDB entries from br_add_if,
      and eventually the host joined addresses expire, and a switchdev
      notification for deleting it is emitted, but surprise, the original
      addition was already completely missed.
      
      The strategy to address this problem is to replay the MDB entries (both
      the port ones and the host joined ones) when the new port joins the
      bridge, similar to what vxlan_fdb_replay does (in that case, its FDB can
      be populated and only then attached to a bridge that you offload).
      However there are 2 possibilities: the addresses can be 'pushed' by the
      bridge into the port, or the port can 'pull' them from the bridge.
      
      Considering that in the general case, the new port can be really late to
      the party, and there may have been many other switchdev ports that
      already received the initial notification, we would like to avoid
      delivering duplicate events to them, since they might misbehave. And
      currently, the bridge calls the entire switchdev notifier chain, whereas
      for replaying it should just call the notifier block of the new guy.
      But the bridge doesn't know what is the new guy's notifier block, it
      just knows where the switchdev notifier chain is. So for simplification,
      we make this a driver-initiated pull for now, and the notifier block is
      passed as an argument.
      
      To emulate the calling context for mdb objects (deferred and put on the
      blocking notifier chain), we must iterate under RCU protection through
      the bridge's mdb entries, queue them, and only call them once we're out
      of the RCU read-side critical section.
      
      There was some opportunity for reuse between br_mdb_switchdev_host_port,
      br_mdb_notify and the newly added br_mdb_queue_one in how the switchdev
      mdb object is created, so a helper was created.
      Suggested-by: default avatarIdo Schimmel <idosch@idosch.org>
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Acked-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4f2673b3
    • Vladimir Oltean's avatar
      net: bridge: add helper to retrieve the current ageing time · f1d42ea1
      Vladimir Oltean authored
      The SWITCHDEV_ATTR_ID_BRIDGE_AGEING_TIME attribute is only emitted from:
      
      sysfs/ioctl/netlink
      -> br_set_ageing_time
         -> __set_ageing_time
      
      therefore not at bridge port creation time, so:
      (a) switchdev drivers have to hardcode the initial value for the address
          ageing time, because they didn't get any notification
      (b) that hardcoded value can be out of sync, if the user changes the
          ageing time before enslaving the port to the bridge
      
      We need a helper in the bridge, such that switchdev drivers can query
      the current value of the bridge ageing time when they start offloading
      it.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Reviewed-by: default avatarTobias Waldekranz <tobias@waldekranz.com>
      Acked-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f1d42ea1
    • Vladimir Oltean's avatar
      net: bridge: add helper for retrieving the current bridge port STP state · c0e715bb
      Vladimir Oltean authored
      It may happen that we have the following topology with DSA or any other
      switchdev driver with LAG offload:
      
      ip link add br0 type bridge stp_state 1
      ip link add bond0 type bond
      ip link set bond0 master br0
      ip link set swp0 master bond0
      ip link set swp1 master bond0
      
      STP decides that it should put bond0 into the BLOCKING state, and
      that's that. The ports that are actively listening for the switchdev
      port attributes emitted for the bond0 bridge port (because they are
      offloading it) and have the honor of seeing that switchdev port
      attribute can react to it, so we can program swp0 and swp1 into the
      BLOCKING state.
      
      But if then we do:
      
      ip link set swp2 master bond0
      
      then as far as the bridge is concerned, nothing has changed: it still
      has one bridge port. But this new bridge port will not see any STP state
      change notification and will remain FORWARDING, which is how the
      standalone code leaves it in.
      
      We need a function in the bridge driver which retrieves the current STP
      state, such that drivers can synchronize to it when they may have missed
      switchdev events.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Reviewed-by: default avatarTobias Waldekranz <tobias@waldekranz.com>
      Acked-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c0e715bb
    • Xie He's avatar
      net: lapb: Make "lapb_t1timer_running" able to detect an already running timer · 65d2dbb3
      Xie He authored
      Problem:
      
      The "lapb_t1timer_running" function in "lapb_timer.c" is used in only
      one place: in the "lapb_kick" function in "lapb_out.c". "lapb_kick" calls
      "lapb_t1timer_running" to check if the timer is already pending, and if
      it is not, schedule it to run.
      
      However, if the timer has already fired and is running, and is waiting to
      get the "lapb->lock" lock, "lapb_t1timer_running" will not detect this,
      and "lapb_kick" will then schedule a new timer. The old timer will then
      abort when it sees a new timer pending.
      
      I think this is not right. The purpose of "lapb_kick" should be ensuring
      that the actual work of the timer function is scheduled to be done.
      If the timer function is already running but waiting for the lock,
      "lapb_kick" should not abort and reschedule it.
      
      Changes made:
      
      I added a new field "t1timer_running" in "struct lapb_cb" for
      "lapb_t1timer_running" to use. "t1timer_running" will accurately reflect
      whether the actual work of the timer is pending. If the timer has fired
      but is still waiting for the lock, "t1timer_running" will still correctly
      reflect whether the actual work is waiting to be done.
      
      The old "t1timer_stop" field, whose only responsibility is to ask a timer
      (that is already running but waiting for the lock) to abort, is no longer
      needed, because the new "t1timer_running" field can fully take over its
      responsibility. Therefore "t1timer_stop" is deleted.
      
      "t1timer_running" is not simply a negation of the old "t1timer_stop".
      At the end of the timer function, if it does not reschedule itself,
      "t1timer_running" is set to false to indicate that the timer is stopped.
      
      For consistency of the code, I also added "t2timer_running" and deleted
      "t2timer_stop".
      Signed-off-by: default avatarXie He <xie.he.0141@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      65d2dbb3
    • Gustavo A. R. Silva's avatar
      e1000: Fix fall-through warnings for Clang · 67831a08
      Gustavo A. R. Silva authored
      In preparation to enable -Wimplicit-fallthrough for Clang, fix a warning
      by explicitly adding a break statement instead of just letting the code
      fall through to the next case.
      
      Link: https://github.com/KSPP/linux/issues/115Signed-off-by: default avatarGustavo A. R. Silva <gustavoars@kernel.org>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      67831a08
    • Gustavo A. R. Silva's avatar
      ixgbevf: Fix fall-through warnings for Clang · d8f0c306
      Gustavo A. R. Silva authored
      In preparation to enable -Wimplicit-fallthrough for Clang, fix a warning
      by explicitly adding a break statement instead of just letting the code
      fall through to the next case.
      
      Link: https://github.com/KSPP/linux/issues/115Signed-off-by: default avatarGustavo A. R. Silva <gustavoars@kernel.org>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      d8f0c306
    • Gustavo A. R. Silva's avatar
      igb: Fix fall-through warnings for Clang · 52c40698
      Gustavo A. R. Silva authored
      In preparation to enable -Wimplicit-fallthrough for Clang, fix multiple
      warnings by explicitly adding multiple break statements instead of just
      letting the code fall through to the next case.
      
      Link: https://github.com/KSPP/linux/issues/115Signed-off-by: default avatarGustavo A. R. Silva <gustavoars@kernel.org>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      52c40698
    • Gustavo A. R. Silva's avatar
      ixgbe: Fix fall-through warnings for Clang · 27e40255
      Gustavo A. R. Silva authored
      In preparation to enable -Wimplicit-fallthrough for Clang, fix multiple
      warnings by explicitly adding multiple break statements instead of just
      letting the code fall through to the next case.
      
      Link: https://github.com/KSPP/linux/issues/115Signed-off-by: default avatarGustavo A. R. Silva <gustavoars@kernel.org>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      27e40255