From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=c2GE=Q3=vger.kernel.org=netdev-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=3.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS,USER_AGENT_GIT
	autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E6410C43381
	for <netdev@archiver.kernel.org>; Wed, 20 Feb 2019 22:35:45 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id B118920836
	for <netdev@archiver.kernel.org>; Wed, 20 Feb 2019 22:35:45 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="cGkrUf8G"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727401AbfBTWfo (ORCPT <rfc822;netdev@archiver.kernel.org>);
        Wed, 20 Feb 2019 17:35:44 -0500
Received: from mail-pg1-f193.google.com ([209.85.215.193]:35600 "EHLO
        mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725851AbfBTWfo (ORCPT
        <rfc822;netdev@vger.kernel.org>); Wed, 20 Feb 2019 17:35:44 -0500
Received: by mail-pg1-f193.google.com with SMTP id s198so12667948pgs.2
        for <netdev@vger.kernel.org>; Wed, 20 Feb 2019 14:35:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id;
        bh=FEkwNzzj73848V0ZYRuEitsRuqeK4xT5rF3mFMypfhg=;
        b=cGkrUf8G2oT5bDo7SvvoT2DiSwUexIqXY93+CmfChvmhOEebEovzzAhrDBaKP0Wt2O
         fGmPntgqPHj0Zc+/VTPZgCSzNA0kY9D8EcrRH+1CRYC+F+uTjWupXqN1W5xfdtH4VMvq
         0CWuh5XDz70M59b3JK+iW3ZwMxQKKW85bshrpYOVJyJhlE9NFRajtt3akriPbiGng/ro
         YYPp0pB6kYdzGTyezhJSBtlH6nYvPE93E7Cr8X+sMFp1hlqgRHAo7gy6yWzehu6m+qu8
         bL+celg2FvSAZKJGHVjjNrOitVBCzCTzW+SI0JB7xPSaJnzZxxhui0VMhUgDADQLgLll
         SZ2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id;
        bh=FEkwNzzj73848V0ZYRuEitsRuqeK4xT5rF3mFMypfhg=;
        b=qnnwflrF6cvW/hQ/7riletN3sun6IrkaohAvW++MYgpbjZ061oZMo9Uywh60qoiaTG
         dcjKfrLpbQievgH1GEQjCGtlA3hiuJSkCwplwWiXIjo961nRCrOD7OCZqLRqU9fzjGLN
         hJodqIV7hGbYfEH04PEWd768BwVf4Hv1g1o5YqtburgG9bGv8xEAiNbng08bUvDWTnq/
         F8l2kQO/0eT1D0NA33Ip+MK9pjiNMUQFF0/dPpyJJ9mX1iWmHGGU0HghUxWGhg15ILJt
         Y3Nfx8/UB5GzwtAKeEcYr+aPp4uaZ/a3lRR6slamZ0L22nmBf4Fg/qHKIrcH3k3zs78r
         Kxdw==
X-Gm-Message-State: AHQUAuYwXVT7Y0j0fDqbGjLAGbM6vgxlwW20mIRInAXigR5VKvzhfFvj
        TJqEsokrauWRuiw/+GUaugxoW5eg
X-Google-Smtp-Source: AHgI3IYnOiGHrx/OAva/wLvKETF5/B4Pft2Drvr0y6wgK/yNa8oqIJOctsj8+AiPrD5HPK/EkjhjLg==
X-Received: by 2002:a63:c04e:: with SMTP id z14mr30644390pgi.20.1550702142755;
        Wed, 20 Feb 2019 14:35:42 -0800 (PST)
Received: from fainelli-desktop.igp.broadcom.net ([192.19.223.250])
        by smtp.gmail.com with ESMTPSA id k7sm14493568pgr.28.2019.02.20.14.35.41
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 20 Feb 2019 14:35:42 -0800 (PST)
From:   Florian Fainelli <f.fainelli@gmail.com>
To:     netdev@vger.kernel.org
Cc:     Florian Fainelli <f.fainelli@gmail.com>, andrew@lunn.ch,
        vivien.didelot@gmail.com, davem@davemloft.net, idosch@mellanox.com,
        jiri@mellanox.com, rmk+kernel@armlinux.org.uk
Subject: [PATCH net-next 0/2] net: dsa: VLAN devices w/ filtering
Date:   Wed, 20 Feb 2019 14:35:37 -0800
Message-Id: <20190220223539.22106-1-f.fainelli@gmail.com>
X-Mailer: git-send-email 2.17.1
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Hi all,

This patch series supports having VLAN devices on top of DSA/switch
ports while the switch has VLAN filtering globally turned on (as is the
case with Broadcom switches). Whether the switch does global or per-port
VLAN filtering, having VLAN entries for these VLAN devices is
beneficial.

We take care of a few possibly problematic cases:

- adding a VLAN device while there is an existing VLAN entry created by
  a VLAN aware bridge. The entire bridge's VLAN database and not just
  the specific bridge port is being checked to be safe and conserative

- adding a bridge VLAN entry when there is an existing VLAN device
  created is also not possible because that would lead to the bridge
  being able to manipulate the VLAN device's VID/attributes under its feet

- enslaving a VLAN device into a VLAN aware bridge since that duplicates
  functionality already offered by the VLAN aware bridge

Here are the different test cases that were run to exercise this:

# Create a br0 device with gphy enslaved, verify we can still obtain
# a DHCP lease
ip addr flush dev gphy
ip link add dev br0 type bridge
echo 1 > /sys/class/net/br0/bridge/vlan_filtering
ip link set dev gphy master br0
udhcpc -i br0

# Create a VID 100 interface on top of rgmii_1, verify
# we can ping 192.168.100.1 (the peer)
vconfig add rgmii_1 100
ifconfig rgmii_1.100 192.168.100.10
ping -c 2 192.168.100.1

# Create a VID 42 interface on top of br0 and let it flow tagged
# through the bridge, verify we can ping 192.168.42.1 (the peer)
vconfig add br0 42
bridge vlan add vid 42 dev gphy
bridge vlan add vid 42 dev br0 self
ifconfig br0.42 192.168.42.2
ping -c 2 192.168.42.1

# Delete and re-create rgmii_1.100 and verify things still work
# with or without VLAN filtering applied:
ip link del rgmii_1.100
vconfig add rgmii_1 100
ifconfig rgmii_1.100 192.168.100.10
ping -c 2 192.168.100.1
echo 0 > /sys/class/net/br0/bridge/vlan_filtering
ping -c 2 192.168.100.1

# Delete and attempt to create collision scenarios
ip link del rgmii_1.100
echo 1 > /sys/class/net/br0/bridge/vlan_filtering

# VLAN ID 100 is already claimed by rgmii_1.100
vconfig add rgmii_1 100
brctl addif br0 rgmii_1
# Adding VLAN 100 to rgmii_1 fails since rgmii_1.100 exists
bridge vlan add vid 100 dev rgmii_1

vconfig rem rgmii_1.100
# Adding VLAN 100 to rgmii_1 works since rgmii_1.100 does not exist
bridge vlan add vid 100 dev rgmii_1
# But this fails since we already have a VID with the bridge
vconfig add rgmii_1 100

# Delete and re-create the interface and try to make it enslaved
bridge vlan del vid 100 dev rgmii_1
vconfig add rgmii_1 100
# This fails since the bridge is VLAN aware
brctl addif br0 rgmii_1.100

Florian Fainelli (2):
  net: dsa: Deny enslaving VLAN devices into VLAN aware bridge
  net: dsa: Add ndo_vlan_rx_{add,kill}_vid implementation

 net/dsa/port.c   |  12 ++++--
 net/dsa/slave.c  | 110 +++++++++++++++++++++++++++++++++++++++++++++--
 net/dsa/switch.c |  42 ++++++++++++++++++
 3 files changed, 157 insertions(+), 7 deletions(-)

-- 
2.17.1