[net-next,00/13] vxlan: Allow vetoing FDB operations

Message ID	cover.1547679599.git.petrm@mellanox.com
Headers	show Return-Path: <netdev-owner@vger.kernel.org> From: Petr Machata <petrm@mellanox.com> To: "netdev@vger.kernel.org" <netdev@vger.kernel.org> CC: "ivecera@redhat.com" <ivecera@redhat.com>, Jiri Pirko <jiri@mellanox.com>, Ido Schimmel <idosch@mellanox.com>, "davem@davemloft.net" <davem@davemloft.net> Subject: [PATCH net-next 00/13] vxlan: Allow vetoing FDB operations Thread-Topic: [PATCH net-next 00/13] vxlan: Allow vetoing FDB operations Thread-Index: AQHUrfAcE7fVU/J67EOjJsdhV4pFzg== Date: Wed, 16 Jan 2019 23:06:28 +0000 Message-ID: <cover.1547679599.git.petrm@mellanox.com> Accept-Language: en-US Content-Language: en-US received-spf: None (protection.outlook.com: mellanox.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk
Series	vxlan: Allow vetoing FDB operations \| expand [net-next,00/13] vxlan: Allow vetoing FDB operations [net-next,01/13] vxlan: Move up vxlan_fdb_free(), vxlan_fdb_destroy() [net-next,02/13] vxlan: Split vxlan_fdb_update() in two [net-next,03/13] vxlan: Have vxlan_fdb_replace() save original rdst value [net-next,04/13] vxlan: Allow vetoing of FDB notifications [net-next,05/13] vxlan: changelink: Inline vxlan_dev_configure() [net-next,06/13] vxlan: changelink: Postpone vxlan_config_apply() [net-next,07/13] vxlan: changelink: Delete remote after update [net-next,08/13] net: Add extack argument to ndo_fdb_add() [net-next,09/13] mlxsw: Add extack to mlxsw_sp_nve_ops.fdb_replay [net-next,10/13] vxlan: Add extack to switchdev operations [net-next,11/13] switchdev: Add extack argument to call_switchdev_notifiers() [net-next,12/13] mlxsw: spectrum: Add extack messages to VXLAN FDB rejection [net-next,13/13] selftests: mlxsw: Test veto of unsupported VXLAN FDBs

Message ID

cover.1547679599.git.petrm@mellanox.com

Headers

From: Petr Machata <petrm@mellanox.com>
To: "netdev@vger.kernel.org" <netdev@vger.kernel.org>
CC: "ivecera@redhat.com" <ivecera@redhat.com>,
	Jiri Pirko <jiri@mellanox.com>, Ido Schimmel <idosch@mellanox.com>,
	"davem@davemloft.net" <davem@davemloft.net>
Subject: [PATCH net-next 00/13] vxlan: Allow vetoing FDB operations
Thread-Topic: [PATCH net-next 00/13] vxlan: Allow vetoing FDB operations
Thread-Index: AQHUrfAcE7fVU/J67EOjJsdhV4pFzg==
Date: Wed, 16 Jan 2019 23:06:28 +0000
Message-ID: <cover.1547679599.git.petrm@mellanox.com>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [78.45.160.211]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB3PR0502MB4058;
	6:y4syc2EysRVQ9fbIwu3YT1HQKYG+ToL2znv8iIZGAv7DksrBOEi2Wl+CNAbX9EZ76QJUC5Em0q46q8BrGFWN7V7ZNHNj3mUsg8tdOvvWwjmI3xpZXnkAYXOur1ViPWvP6DfWIOZH8U3V9X2mGRhB7JTpImZ8fvOUwdAw14a8fxn6iXneDJn03b+O6f8/6c/fLqpWvNIW9jetBpb+0E9VTAVg0vO5c1EgTNIFLnrK4o2LblJAiokqJJZQA+Iud6OKvtoD6pdiooG2q/0G9SmKDQK+axd1oh9VQceuHIhD7WV2rF87ekL+RLmuPvITuClPo0o5eCHdvyRpeCBOnUz7CmqdVkkXZVxjnBT1oBlqLckiNpQ5kKb4WiTLuXhAu+QvUNv3JT3MMkK49azFrVdzFswieKazTzbj96bUWeYehZjGmUaZyKMAdPGiKybSvBCBsCUv7VtNQClGdYg0r/LDBA==;
	5:JFxfVSGW6wkzBXjZM+sjZoONfwR1JimQ285h5jEsRcOg4wtwsxN9AeL6EemgkvNPzmgxMtRUfDk+wvI4shONsHyKZeg1bWxZ9xVLtPwCkGN6dmnLCvnKA4WptsI+It7Kx+aMLKWm1hL51W+T126UELK5Et/j+P/E1F27TTnD/pjhok/k/jzK+QJ6zMv0TYtNh24IH++7IaxkPc2MmCTXrg==;
	7:t8BuyOyZsXFGxcL7o+x4GU19b5NBOw2c/yjS1duwsofV+NzBVEZWhQo9Lrbeo80OzDx47ogvLOCfNGrgtedcciVG1K5RYbFT72B0kq4Aalt+Dju9OAaaXIrdSuc8XJ3S10uYxmVcgSnjPPNg33Bnrw==
x-ms-office365-filtering-correlation-id: 78e9b4d6-24d1-4595-d4a8-08d67c073f45
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0;
	RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(4618075)(2017052603328)(7153060)(7193020);
	SRVR:DB3PR0502MB4058; 
x-ms-traffictypediagnostic: DB3PR0502MB4058:
x-microsoft-antispam-prvs: <DB3PR0502MB4058AF2FC3740A4877697EE5DB820@DB3PR0502MB4058.eurprd05.prod.outlook.com>
x-forefront-prvs: 091949432C
x-forefront-antispam-report: SFV:NSPM;
	SFS:(10009020)(39860400002)(136003)(366004)(396003)(376002)(346002)(189003)(199004)(71200400001)(106356001)(71190400001)(105586002)(81166006)(2351001)(1730700003)(7736002)(14444005)(256004)(5660300001)(6436002)(8936002)(305945005)(6916009)(478600001)(14454004)(5640700003)(66574012)(81156014)(8676002)(53936002)(68736007)(36756003)(6512007)(99286004)(186003)(52116002)(6506007)(6116002)(3846002)(486006)(66066001)(2906002)(6486002)(25786009)(26005)(54906003)(316002)(476003)(2616005)(386003)(97736004)(4326008)(2501003)(86362001)(102836004);
	DIR:OUT; SFP:1101; SCL:1; SRVR:DB3PR0502MB4058;
	H:DB3PR0502MB3946.eurprd05.prod.outlook.com; FPR:; SPF:None;
	LANG:en; PTR:InfoNoRecords; MX:1; A:1; 
received-spf: None (protection.outlook.com: mellanox.com does not designate
	permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: HZ7RqxzLgIJjOMvL/Nk93rGI5LcDTEXRom7HrjdOAD3NGkdk1fd4lzWAhnWQBwjDMOELimn2mfLS88LZA+DCI6JYZyBo8QTXz+40OVcAKC+zjB7Z4/X5lVisKhvaN2/Qx/pnZAikkpyHPmRsPN8NtggAwjnU9PIve3IF6hB53XfFBjcMaV1UvuYDzhF+nKjsPlUZOL49U41f4bI3r1zFrNYfzOmonXJfFX+7lvHAQN41suDgz/7R/U74S2GZOfobvyJuiwijdyRaO57mcwFwmg+AIBBDLq/lK2PKuur8PY5Flq7kuykMQbLildpjDdD/U+xm55uQjAHOknwhrZMnyUu3hrB7rtli3a/+KfSkqxS2CvMDRaoQhwsIANYf7cmCxLY2oftLYItVkUiG7D8n1kkoC4djqTP4OkXaL5c3/bg=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: Mellanox.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 78e9b4d6-24d1-4595-d4a8-08d67c073f45
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jan 2019 23:06:28.4227
	(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: a652971c-7d2e-4d9b-a6a4-d149256f461b
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR0502MB4058
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Series

vxlan: Allow vetoing FDB operations | expand

Message

Petr Machata Jan. 16, 2019, 11:06 p.m. UTC

mlxsw does not implement handling of the more advanced types of VXLAN
FDB entries. In order to provide visibility to users, it is important to
be able to reject such FDB entries, ideally with an explanation passed
in extended ack. This patch set implements this.

In patches #1-#4, vxlan is gradually transformed to support vetoing of
FDB entries added (or modified) through vxlan_fdb_update(), and the
default FDB entry added in __vxlan_dev_create().

Patches #5-#7 deal with vxlan_changelink(). The existing code recognizes
that vxlan_fdb_update() may fail, but doesn't attempt to keep things
intact if it does. These patches change the function in several steps to
gracefully handle vetoes (or other failures).

Then in patches #8-#11, extack arguments are added, respectively, to
ndo_fdb_add(), mlxsw's mlxsw_sp_nve_ops.fdb_replay, the functions that
connect to the VXLAN vetoing code, and call_switchdev_notifiers(). Note
that call_switchdev_blocking_notifiers() already does support extack.

Finally in patch #12, mlxsw is extended to add extack messages to
rejected FDB entries. In patch #13, the functionality is tested.

Petr Machata (13):
  vxlan: Move up vxlan_fdb_free(), vxlan_fdb_destroy()
  vxlan: Split vxlan_fdb_update() in two
  vxlan: Have vxlan_fdb_replace() save original rdst value
  vxlan: Allow vetoing of FDB notifications
  vxlan: changelink: Inline vxlan_dev_configure()
  vxlan: changelink: Postpone vxlan_config_apply()
  vxlan: changelink: Delete remote after update
  net: Add extack argument to ndo_fdb_add()
  mlxsw: Add extack to mlxsw_sp_nve_ops.fdb_replay
  vxlan: Add extack to switchdev operations
  switchdev: Add extack argument to call_switchdev_notifiers()
  mlxsw: spectrum: Add extack messages to VXLAN FDB rejection
  selftests: mlxsw: Test veto of unsupported VXLAN FDBs

 Documentation/networking/switchdev.txt             |   2 +-
 drivers/net/ethernet/intel/i40e/i40e_main.c        |   3 +-
 drivers/net/ethernet/intel/ice/ice_main.c          |   3 +-
 drivers/net/ethernet/intel/igb/igb_main.c          |   3 +-
 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c      |   3 +-
 drivers/net/ethernet/mellanox/mlxsw/spectrum_nve.c |   6 +-
 drivers/net/ethernet/mellanox/mlxsw/spectrum_nve.h |   3 +-
 .../ethernet/mellanox/mlxsw/spectrum_nve_vxlan.c   |   6 +-
 .../net/ethernet/mellanox/mlxsw/spectrum_router.c  |   6 +-
 .../ethernet/mellanox/mlxsw/spectrum_switchdev.c   |  37 ++-
 drivers/net/ethernet/mscc/ocelot.c                 |   3 +-
 drivers/net/ethernet/qlogic/qlcnic/qlcnic_main.c   |   3 +-
 drivers/net/ethernet/rocker/rocker_main.c          |   2 +-
 drivers/net/ethernet/rocker/rocker_ofdpa.c         |   4 +-
 drivers/net/macvlan.c                              |   3 +-
 drivers/net/vxlan.c                                | 352 +++++++++++++--------
 include/linux/netdevice.h                          |   6 +-
 include/net/switchdev.h                            |   6 +-
 include/net/vxlan.h                                |   6 +-
 net/bridge/br_fdb.c                                |   3 +-
 net/bridge/br_private.h                            |   3 +-
 net/bridge/br_switchdev.c                          |   2 +-
 net/core/rtnetlink.c                               |   5 +-
 net/dsa/dsa_priv.h                                 |   3 +-
 net/dsa/slave.c                                    |   5 +-
 net/switchdev/switchdev.c                          |   5 +-
 .../selftests/drivers/net/mlxsw/vxlan_fdb_veto.sh  | 126 ++++++++
 27 files changed, 421 insertions(+), 188 deletions(-)
 create mode 100755 tools/testing/selftests/drivers/net/mlxsw/vxlan_fdb_veto.sh

Comments

David Miller Jan. 17, 2019, 11:19 p.m. UTC | #1

From: Petr Machata <petrm@mellanox.com>
Date: Wed, 16 Jan 2019 23:06:28 +0000

> mlxsw does not implement handling of the more advanced types of VXLAN
> FDB entries. In order to provide visibility to users, it is important to
> be able to reject such FDB entries, ideally with an explanation passed
> in extended ack. This patch set implements this.
> 
> In patches #1-#4, vxlan is gradually transformed to support vetoing of
> FDB entries added (or modified) through vxlan_fdb_update(), and the
> default FDB entry added in __vxlan_dev_create().
> 
> Patches #5-#7 deal with vxlan_changelink(). The existing code recognizes
> that vxlan_fdb_update() may fail, but doesn't attempt to keep things
> intact if it does. These patches change the function in several steps to
> gracefully handle vetoes (or other failures).
> 
> Then in patches #8-#11, extack arguments are added, respectively, to
> ndo_fdb_add(), mlxsw's mlxsw_sp_nve_ops.fdb_replay, the functions that
> connect to the VXLAN vetoing code, and call_switchdev_notifiers(). Note
> that call_switchdev_blocking_notifiers() already does support extack.
> 
> Finally in patch #12, mlxsw is extended to add extack messages to
> rejected FDB entries. In patch #13, the functionality is tested.

Series applied, thanks Petr.