diff mbox series

[RFC,4/9] net: dsa: convert denying bridge VLAN with existing 8021q upper to PRECHANGEUPPER

Message ID 20200920014727.2754928-5-vladimir.oltean@nxp.com
State RFC
Delegated to: David Miller
Headers show
Series DSA with VLAN filtering and offloading masters | expand

Commit Message

Vladimir Oltean Sept. 20, 2020, 1:47 a.m. UTC
This is checking for the following order of operations, and makes sure
to deny that configuration:

ip link add link swp2 name swp2.100 type vlan id 100
ip link add br0 type bridge vlan_filtering 1
ip link set swp2 master br0
bridge vlan add dev swp2 vid 100

Instead of using vlan_for_each(), which looks at the VLAN filters
installed with vlan_vid_add(), just track the 8021q uppers. This has the
advantage of freeing up the vlan_vid_add() call for actual VLAN
filtering.

There is another change in this patch. The check is moved in slave.c,
from switch.c. I don't think it makes sense to have this 8021q upper
check for each switch port that gets notified of that VLAN addition
(these include DSA links and CPU ports, we know those can't have 8021q
uppers because they don't have a net_device registered for them), so
just do it in slave.c, for that one slave interface.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
---
 net/dsa/slave.c  | 33 +++++++++++++++++++++++++++++++++
 net/dsa/switch.c | 41 -----------------------------------------
 2 files changed, 33 insertions(+), 41 deletions(-)

Comments

Florian Fainelli Sept. 20, 2020, 2:37 a.m. UTC | #1
On 9/19/2020 6:47 PM, Vladimir Oltean wrote:
> This is checking for the following order of operations, and makes sure
> to deny that configuration:
> 
> ip link add link swp2 name swp2.100 type vlan id 100
> ip link add br0 type bridge vlan_filtering 1
> ip link set swp2 master br0
> bridge vlan add dev swp2 vid 100
> 
> Instead of using vlan_for_each(), which looks at the VLAN filters
> installed with vlan_vid_add(), just track the 8021q uppers. This has the
> advantage of freeing up the vlan_vid_add() call for actual VLAN
> filtering.
> 
> There is another change in this patch. The check is moved in slave.c,
> from switch.c. I don't think it makes sense to have this 8021q upper
> check for each switch port that gets notified of that VLAN addition
> (these include DSA links and CPU ports, we know those can't have 8021q
> uppers because they don't have a net_device registered for them), so
> just do it in slave.c, for that one slave interface.
> 
> Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
> ---
>   net/dsa/slave.c  | 33 +++++++++++++++++++++++++++++++++
>   net/dsa/switch.c | 41 -----------------------------------------
>   2 files changed, 33 insertions(+), 41 deletions(-)
> 
> diff --git a/net/dsa/slave.c b/net/dsa/slave.c
> index 1940c2458f0f..b88a31a79e2f 100644
> --- a/net/dsa/slave.c
> +++ b/net/dsa/slave.c
> @@ -303,6 +303,28 @@ static int dsa_slave_port_attr_set(struct net_device *dev,
>   	return ret;
>   }
>   
> +/* Must be called under rcu_read_lock() */
> +static int
> +dsa_slave_vlan_check_for_8021q_uppers(struct net_device *slave,
> +				      const struct switchdev_obj_port_vlan *vlan)
> +{
> +	struct net_device *upper_dev;
> +	struct list_head *iter;
> +
> +	netdev_for_each_upper_dev_rcu(slave, upper_dev, iter) {
> +		u16 vid;
> +
> +		if (!is_vlan_dev(upper_dev))
> +			continue;
> +
> +		vid = vlan_dev_vlan_id(upper_dev);
> +		if (vlan->vid_begin <= vid && vlan->vid_end >= vid)
> +			return -EBUSY;

I would find:
		if (vid >= vlan->vid_begin && vid <= vlan->vid_end)

more natural but this works too.

Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
diff mbox series

Patch

diff --git a/net/dsa/slave.c b/net/dsa/slave.c
index 1940c2458f0f..b88a31a79e2f 100644
--- a/net/dsa/slave.c
+++ b/net/dsa/slave.c
@@ -303,6 +303,28 @@  static int dsa_slave_port_attr_set(struct net_device *dev,
 	return ret;
 }
 
+/* Must be called under rcu_read_lock() */
+static int
+dsa_slave_vlan_check_for_8021q_uppers(struct net_device *slave,
+				      const struct switchdev_obj_port_vlan *vlan)
+{
+	struct net_device *upper_dev;
+	struct list_head *iter;
+
+	netdev_for_each_upper_dev_rcu(slave, upper_dev, iter) {
+		u16 vid;
+
+		if (!is_vlan_dev(upper_dev))
+			continue;
+
+		vid = vlan_dev_vlan_id(upper_dev);
+		if (vlan->vid_begin <= vid && vlan->vid_end >= vid)
+			return -EBUSY;
+	}
+
+	return 0;
+}
+
 static int dsa_slave_vlan_add(struct net_device *dev,
 			      const struct switchdev_obj *obj,
 			      struct switchdev_trans *trans)
@@ -319,6 +341,17 @@  static int dsa_slave_vlan_add(struct net_device *dev,
 
 	vlan = *SWITCHDEV_OBJ_PORT_VLAN(obj);
 
+	/* Deny adding a bridge VLAN when there is already an 802.1Q upper with
+	 * the same VID.
+	 */
+	if (trans->ph_prepare) {
+		rcu_read_lock();
+		err = dsa_slave_vlan_check_for_8021q_uppers(dev, &vlan);
+		rcu_read_unlock();
+		if (err)
+			return err;
+	}
+
 	err = dsa_port_vlan_add(dp, &vlan, trans);
 	if (err)
 		return err;
diff --git a/net/dsa/switch.c b/net/dsa/switch.c
index 86c8dc5c32a0..9afef6f0f9df 100644
--- a/net/dsa/switch.c
+++ b/net/dsa/switch.c
@@ -232,43 +232,6 @@  static int dsa_switch_mdb_del(struct dsa_switch *ds,
 	return 0;
 }
 
-static int dsa_port_vlan_device_check(struct net_device *vlan_dev,
-				      int vlan_dev_vid,
-				      void *arg)
-{
-	struct switchdev_obj_port_vlan *vlan = arg;
-	u16 vid;
-
-	for (vid = vlan->vid_begin; vid <= vlan->vid_end; ++vid) {
-		if (vid == vlan_dev_vid)
-			return -EBUSY;
-	}
-
-	return 0;
-}
-
-static int dsa_port_vlan_check(struct dsa_switch *ds, int port,
-			       const struct switchdev_obj_port_vlan *vlan)
-{
-	const struct dsa_port *dp = dsa_to_port(ds, port);
-	int err = 0;
-
-	/* Device is not bridged, let it proceed with the VLAN device
-	 * creation.
-	 */
-	if (!dp->bridge_dev)
-		return err;
-
-	/* dsa_slave_vlan_rx_{add,kill}_vid() cannot use the prepare phase and
-	 * already checks whether there is an overlapping bridge VLAN entry
-	 * with the same VID, so here we only need to check that if we are
-	 * adding a bridge VLAN entry there is not an overlapping VLAN device
-	 * claiming that VID.
-	 */
-	return vlan_for_each(dp->slave, dsa_port_vlan_device_check,
-			     (void *)vlan);
-}
-
 static bool dsa_switch_vlan_match(struct dsa_switch *ds, int port,
 				  struct dsa_notifier_vlan_info *info)
 {
@@ -291,10 +254,6 @@  static int dsa_switch_vlan_prepare(struct dsa_switch *ds,
 
 	for (port = 0; port < ds->num_ports; port++) {
 		if (dsa_switch_vlan_match(ds, port, info)) {
-			err = dsa_port_vlan_check(ds, port, info->vlan);
-			if (err)
-				return err;
-
 			err = ds->ops->port_vlan_prepare(ds, port, info->vlan);
 			if (err)
 				return err;