From patchwork Wed Mar 16 15:30:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mattias Forsblad X-Patchwork-Id: 12782878 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D3248C433EF for ; Wed, 16 Mar 2022 15:31:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1353887AbiCPPcd (ORCPT ); Wed, 16 Mar 2022 11:32:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48072 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237138AbiCPPca (ORCPT ); Wed, 16 Mar 2022 11:32:30 -0400 Received: from mail-lf1-x130.google.com (mail-lf1-x130.google.com [IPv6:2a00:1450:4864:20::130]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0AE276CA77 for ; Wed, 16 Mar 2022 08:31:16 -0700 (PDT) Received: by mail-lf1-x130.google.com with SMTP id w12so4337980lfr.9 for ; Wed, 16 Mar 2022 08:31:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=gXcdhieAA47FRGUZv55L0SA+IGD/QOMNOM6xSa40RI4=; b=UBy4nH5Y4iPbbkkcXoeKXF5l/64CEjcy6HX+W1VNqmZFznqulqhd9FzFxWcc/exzgp 37bqrfTdj/0Hx8t3bJ4scRtb8uPxOJ+yvWRwUNUcLVJaG6HYpwYEwYec7qxC5h65CnPS TWpjrpMk3p32lSFK2b4SEU0cFvWq98GdsFykp/npXoJUZOhul/HHot7LeiPBV7M5WAMr NbaZ7PQ0R6IpTqYnBXIMCCgtNMH+ay0ZWQbeQB/aqGpOdoMX3qFjuSRZRK2lYmfhwd4W k/s9uyg+q32PQ+mtWT+htsEN53mobBDWx03PD9KZzfPI3ZblIIzhWd4oNdvHCJ6x4zz8 2pTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=gXcdhieAA47FRGUZv55L0SA+IGD/QOMNOM6xSa40RI4=; b=zRSdPdPp4dpfnvRcyLOAvtaaM+N4dRM15ZhnLs//sYzhEQHtemGfwTr7y6gLLtfBqk LBUxP48hHeqp+edtdU3LJtMxoZovvTaxTOPEwvIKcBbD5HFAM7Gu1h+G9UdIuN8AcVG9 /WkfywAXXkVN2F7Ni+MZFqSzj/yl9Y3ir/MEP8TmUSxo+Bvjj+BodHyV2UlnsPwh7XGB 5oDueP7VV3yKxAFTCH/mw7agupZG07wIpzssdWyfWL1ukL6ugXeUDPp3wq6Nh73qYykL cwZibFGfy8G+AameF1Biq+OL8rqOZ1JvxNVn67bJeBe4PCYsN+gt5OUfNP+l2mF7G4Oq Fqvg== X-Gm-Message-State: AOAM530hTUYXS4DFyNLl/M0/kzCChmHjpcBRwma5DZ44PJ/eJ6pl91HJ IxouuiocNg2d0m2EbyjE4pTls/i7JvamjmC4 X-Google-Smtp-Source: ABdhPJyopvXmbEHFFWRgG+rfpRaMnhKcl34BmexAD9MG8+Z1jzmr42ojuhmnoPJ8HucUBDV9/ZmoDg== X-Received: by 2002:ac2:5e2f:0:b0:42f:ca77:c563 with SMTP id o15-20020ac25e2f000000b0042fca77c563mr137918lfg.318.1647444673503; Wed, 16 Mar 2022 08:31:13 -0700 (PDT) Received: from wse-c0089.raspi.local (h-98-128-237-157.A259.priv.bahnhof.se. [98.128.237.157]) by smtp.gmail.com with ESMTPSA id bu9-20020a056512168900b004489c47d241sm205870lfb.32.2022.03.16.08.31.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Mar 2022 08:31:12 -0700 (PDT) From: Mattias Forsblad X-Google-Original-From: Mattias Forsblad To: netdev@vger.kernel.org Cc: "David S . Miller" , Jakub Kicinski , Andrew Lunn , Florian Fainelli , Vivien Didelot , Roopa Prabhu , Tobias Waldekranz , Mattias Forsblad Subject: [PATCH v2 net-next 1/5] switchdev: Add local_receive attribute Date: Wed, 16 Mar 2022 16:30:55 +0100 Message-Id: <20220316153059.2503153-2-mattias.forsblad+netdev@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> References: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org This commit adds the local_receive switchdev attribute in preparation for bridge usage. Signed-off-by: Mattias Forsblad --- include/net/switchdev.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/net/switchdev.h b/include/net/switchdev.h index 3e424d40fae3..f4c1671c2561 100644 --- a/include/net/switchdev.h +++ b/include/net/switchdev.h @@ -28,6 +28,7 @@ enum switchdev_attr_id { SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED, SWITCHDEV_ATTR_ID_BRIDGE_MROUTER, SWITCHDEV_ATTR_ID_MRP_PORT_ROLE, + SWITCHDEV_ATTR_ID_BRIDGE_FLOOD, }; struct switchdev_brport_flags { From patchwork Wed Mar 16 15:30:56 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mattias Forsblad X-Patchwork-Id: 12782879 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DA6FCC433F5 for ; Wed, 16 Mar 2022 15:31:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1351911AbiCPPce (ORCPT ); Wed, 16 Mar 2022 11:32:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48110 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1351215AbiCPPcc (ORCPT ); Wed, 16 Mar 2022 11:32:32 -0400 Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B76836CA7D for ; Wed, 16 Mar 2022 08:31:17 -0700 (PDT) Received: by mail-lj1-x234.google.com with SMTP id q5so3585266ljb.11 for ; Wed, 16 Mar 2022 08:31:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=/Yee3IyNkqcfcGhyJmwfTGUJk8eEsqnDW5qahp9CZ7o=; b=R4QQGyA2zP5oCTFktLz9G8ziXumEDctqOvcsBmhIg5rqF+tgj6rsO7HR+kvd+jaPeR ES94k2RYd6fHffByMYc1T0dVEuHRtY6uVfG57Wnu41Cub2suJsqoGerjtmT+XowE7gr5 EiwzddsEj6adTYeqmKOfhVzEjSX8nD6fFkNzDXnPUx7EqbcSCAB30CYd79jxbMEE3COK 7uJ4aF3boGO4k8NNohvJjb1evqc7QOxCk9feisSQ1N+qmPT8o1SpnuZ35D/FL0V7J2ou lDKdteffcKlx7kXXUwnYXWrWM21LwrSfHARBimCTxbjz1s61RAqJltP3uqxGQQb7+Rl9 Xu6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=/Yee3IyNkqcfcGhyJmwfTGUJk8eEsqnDW5qahp9CZ7o=; b=XabbbQ2KXLyWJwY55q9kMYkkSvAJ6SZ67yzHkcOIb/DENeMs+Chf1p9aEQ/sLCmTp3 IuahHO0yoGpw3lbwKQe5Fm8JnOL8jnZh2D5PHprOYVVimD1v1XVXa97RTJZHy8MfKLiG B0itMubadsQrbG12bWRvxzdVW13JEEZfq/kikKEiFzgXtWoew+6TUKgicM3LY4rZv9xO CSGxZmZhH9Ke/Ca/SSctuU3BHW3AXYN5U2BvRhsHkVHopO/yxq/SsOTRORtBU5EgFNjX P5oWWNN/uIJC7Rz2DrjFF2ZIC9Li/qGeOCBnHhsjDQs9MbxHHei7gFFoaAoMuydMSKSR U8Tg== X-Gm-Message-State: AOAM531dzym2AIrShoDJYw4TC77i+yGRSFaI32EQWKl+zIqyiRgFT8vY Ud9QOjanKim39InQnFTmD46cg/H1DdlahaL9 X-Google-Smtp-Source: ABdhPJzJho5qaZ5RtMB7ohp/+wsugc+x8SgfY69G7I1iOM8+w0EGpvHA/JowuistyikCHTCexr7SJw== X-Received: by 2002:a05:651c:1684:b0:247:eb1d:d42 with SMTP id bd4-20020a05651c168400b00247eb1d0d42mr153680ljb.162.1647444675588; Wed, 16 Mar 2022 08:31:15 -0700 (PDT) Received: from wse-c0089.raspi.local (h-98-128-237-157.A259.priv.bahnhof.se. [98.128.237.157]) by smtp.gmail.com with ESMTPSA id bu9-20020a056512168900b004489c47d241sm205870lfb.32.2022.03.16.08.31.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Mar 2022 08:31:14 -0700 (PDT) From: Mattias Forsblad X-Google-Original-From: Mattias Forsblad To: netdev@vger.kernel.org Cc: "David S . Miller" , Jakub Kicinski , Andrew Lunn , Florian Fainelli , Vivien Didelot , Roopa Prabhu , Tobias Waldekranz , Mattias Forsblad Subject: [PATCH v2 net-next 2/5] net: bridge: Implement bridge flood flag Date: Wed, 16 Mar 2022 16:30:56 +0100 Message-Id: <20220316153059.2503153-3-mattias.forsblad+netdev@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> References: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org This patch implements the bridge flood flags. There are three different flags matching unicast, multicast and broadcast. When the corresponding flag is cleared packets received on bridge ports will not be flooded towards the bridge. This makes is possible to only forward selected traffic between the port members of the bridge. Signed-off-by: Mattias Forsblad Reported-by: kernel test robot --- include/linux/if_bridge.h | 6 +++++ include/uapi/linux/if_bridge.h | 9 ++++++- net/bridge/br.c | 46 ++++++++++++++++++++++++++++++++++ net/bridge/br_device.c | 3 +++ net/bridge/br_input.c | 23 ++++++++++++++--- net/bridge/br_private.h | 4 +++ 6 files changed, 86 insertions(+), 5 deletions(-) diff --git a/include/linux/if_bridge.h b/include/linux/if_bridge.h index 3aae023a9353..fa8e000a6fb9 100644 --- a/include/linux/if_bridge.h +++ b/include/linux/if_bridge.h @@ -157,6 +157,7 @@ static inline int br_vlan_get_info_rcu(const struct net_device *dev, u16 vid, struct net_device *br_fdb_find_port(const struct net_device *br_dev, const unsigned char *addr, __u16 vid); +bool br_flood_enabled(const struct net_device *dev); void br_fdb_clear_offload(const struct net_device *dev, u16 vid); bool br_port_flag_is_set(const struct net_device *dev, unsigned long flag); u8 br_port_get_stp_state(const struct net_device *dev); @@ -170,6 +171,11 @@ br_fdb_find_port(const struct net_device *br_dev, return NULL; } +static inline bool br_flood_enabled(const struct net_device *dev) +{ + return true; +} + static inline void br_fdb_clear_offload(const struct net_device *dev, u16 vid) { } diff --git a/include/uapi/linux/if_bridge.h b/include/uapi/linux/if_bridge.h index 2711c3522010..765ed70c9b28 100644 --- a/include/uapi/linux/if_bridge.h +++ b/include/uapi/linux/if_bridge.h @@ -72,6 +72,7 @@ struct __bridge_info { __u32 tcn_timer_value; __u32 topology_change_timer_value; __u32 gc_timer_value; + __u8 flood; }; struct __port_info { @@ -752,13 +753,19 @@ struct br_mcast_stats { /* bridge boolean options * BR_BOOLOPT_NO_LL_LEARN - disable learning from link-local packets * BR_BOOLOPT_MCAST_VLAN_SNOOPING - control vlan multicast snooping + * BR_BOOLOPT_FLOOD - control bridge flood flag + * BR_BOOLOPT_MCAST_FLOOD - control bridge multicast flood flag + * BR_BOOLOPT_BCAST_FLOOD - control bridge broadcast flood flag * * IMPORTANT: if adding a new option do not forget to handle - * it in br_boolopt_toggle/get and bridge sysfs + * it in br_boolopt_toggle/get */ enum br_boolopt_id { BR_BOOLOPT_NO_LL_LEARN, BR_BOOLOPT_MCAST_VLAN_SNOOPING, + BR_BOOLOPT_FLOOD, + BR_BOOLOPT_MCAST_FLOOD, + BR_BOOLOPT_BCAST_FLOOD, BR_BOOLOPT_MAX }; diff --git a/net/bridge/br.c b/net/bridge/br.c index b1dea3febeea..52a8b4e14143 100644 --- a/net/bridge/br.c +++ b/net/bridge/br.c @@ -265,6 +265,11 @@ int br_boolopt_toggle(struct net_bridge *br, enum br_boolopt_id opt, bool on, case BR_BOOLOPT_MCAST_VLAN_SNOOPING: err = br_multicast_toggle_vlan_snooping(br, on, extack); break; + case BR_BOOLOPT_FLOOD: + case BR_BOOLOPT_MCAST_FLOOD: + case BR_BOOLOPT_BCAST_FLOOD: + err = br_flood_toggle(br, opt, on); + break; default: /* shouldn't be called with unsupported options */ WARN_ON(1); @@ -281,6 +286,12 @@ int br_boolopt_get(const struct net_bridge *br, enum br_boolopt_id opt) return br_opt_get(br, BROPT_NO_LL_LEARN); case BR_BOOLOPT_MCAST_VLAN_SNOOPING: return br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED); + case BR_BOOLOPT_FLOOD: + return br_opt_get(br, BROPT_FLOOD); + case BR_BOOLOPT_MCAST_FLOOD: + return br_opt_get(br, BROPT_MCAST_FLOOD); + case BR_BOOLOPT_BCAST_FLOOD: + return br_opt_get(br, BROPT_BCAST_FLOOD); default: /* shouldn't be called with unsupported options */ WARN_ON(1); @@ -325,6 +336,41 @@ void br_boolopt_multi_get(const struct net_bridge *br, bm->optmask = GENMASK((BR_BOOLOPT_MAX - 1), 0); } +int br_flood_toggle(struct net_bridge *br, enum br_boolopt_id opt, + bool on) +{ + struct switchdev_attr attr = { + .orig_dev = br->dev, + .id = SWITCHDEV_ATTR_ID_BRIDGE_FLOOD, + .flags = SWITCHDEV_F_DEFER, + }; + struct br_boolopt_multi bm; + enum net_bridge_opts bropt; + int ret; + + switch (opt) { + case BR_BOOLOPT_FLOOD: + bropt = BROPT_FLOOD; + break; + case BR_BOOLOPT_MCAST_FLOOD: + bropt = BROPT_MCAST_FLOOD; + break; + case BR_BOOLOPT_BCAST_FLOOD: + bropt = BROPT_BCAST_FLOOD; + break; + default: + WARN_ON(1); + break; + } + br_opt_toggle(br, bropt, on); + + attr.u.brport_flags.mask = BIT(bropt); + attr.u.brport_flags.val = on << bropt; + ret = switchdev_port_attr_set(br->dev, &attr, NULL); + + return ret; +} + /* private bridge options, controlled by the kernel */ void br_opt_toggle(struct net_bridge *br, enum net_bridge_opts opt, bool on) { diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 8d6bab244c4a..fafaef9d4b3a 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -524,6 +524,9 @@ void br_dev_setup(struct net_device *dev) br->bridge_hello_time = br->hello_time = 2 * HZ; br->bridge_forward_delay = br->forward_delay = 15 * HZ; br->bridge_ageing_time = br->ageing_time = BR_DEFAULT_AGEING_TIME; + br_opt_toggle(br, BROPT_FLOOD, true); + br_opt_toggle(br, BROPT_MCAST_FLOOD, true); + br_opt_toggle(br, BROPT_BCAST_FLOOD, true); dev->max_mtu = ETH_MAX_MTU; br_netfilter_rtable_init(br); diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c index e0c13fcc50ed..fcb0757bfdcc 100644 --- a/net/bridge/br_input.c +++ b/net/bridge/br_input.c @@ -109,11 +109,12 @@ int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb /* by definition the broadcast is also a multicast address */ if (is_broadcast_ether_addr(eth_hdr(skb)->h_dest)) { pkt_type = BR_PKT_BROADCAST; - local_rcv = true; + local_rcv = true && br_opt_get(br, BROPT_BCAST_FLOOD); } else { pkt_type = BR_PKT_MULTICAST; - if (br_multicast_rcv(&brmctx, &pmctx, vlan, skb, vid)) - goto drop; + if (br_opt_get(br, BROPT_MCAST_FLOOD)) + if (br_multicast_rcv(&brmctx, &pmctx, vlan, skb, vid)) + goto drop; } } @@ -155,9 +156,13 @@ int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb local_rcv = true; br->dev->stats.multicast++; } + if (!br_opt_get(br, BROPT_MCAST_FLOOD)) + local_rcv = false; break; case BR_PKT_UNICAST: dst = br_fdb_find_rcu(br, eth_hdr(skb)->h_dest, vid); + if (!br_opt_get(br, BROPT_FLOOD)) + local_rcv = false; break; default: break; @@ -166,7 +171,7 @@ int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb if (dst) { unsigned long now = jiffies; - if (test_bit(BR_FDB_LOCAL, &dst->flags)) + if (test_bit(BR_FDB_LOCAL, &dst->flags) && local_rcv) return br_pass_frame_up(skb); if (now != dst->used) @@ -190,6 +195,16 @@ int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb } EXPORT_SYMBOL_GPL(br_handle_frame_finish); +bool br_flood_enabled(const struct net_device *dev) +{ + struct net_bridge *br = netdev_priv(dev); + + return !!(br_opt_get(br, BROPT_FLOOD) || + br_opt_get(br, BROPT_MCAST_FLOOD) || + br_opt_get(br, BROPT_BCAST_FLOOD)); +} +EXPORT_SYMBOL_GPL(br_flood_enabled); + static void __br_handle_local_finish(struct sk_buff *skb) { struct net_bridge_port *p = br_port_get_rcu(skb->dev); diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 48bc61ebc211..cf88dce0b92b 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -445,6 +445,9 @@ enum net_bridge_opts { BROPT_NO_LL_LEARN, BROPT_VLAN_BRIDGE_BINDING, BROPT_MCAST_VLAN_SNOOPING_ENABLED, + BROPT_FLOOD, + BROPT_MCAST_FLOOD, + BROPT_BCAST_FLOOD, }; struct net_bridge { @@ -720,6 +723,7 @@ int br_boolopt_multi_toggle(struct net_bridge *br, void br_boolopt_multi_get(const struct net_bridge *br, struct br_boolopt_multi *bm); void br_opt_toggle(struct net_bridge *br, enum net_bridge_opts opt, bool on); +int br_flood_toggle(struct net_bridge *br, enum br_boolopt_id opt, bool on); /* br_device.c */ void br_dev_setup(struct net_device *dev); From patchwork Wed Mar 16 15:30:57 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mattias Forsblad X-Patchwork-Id: 12782880 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CB9CAC433EF for ; Wed, 16 Mar 2022 15:31:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245090AbiCPPcj (ORCPT ); Wed, 16 Mar 2022 11:32:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48174 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237147AbiCPPcf (ORCPT ); Wed, 16 Mar 2022 11:32:35 -0400 Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7CAB86CA71 for ; Wed, 16 Mar 2022 08:31:20 -0700 (PDT) Received: by mail-lf1-x12f.google.com with SMTP id t25so4352742lfg.7 for ; Wed, 16 Mar 2022 08:31:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hVMa5GtA6KBTlA6K52umM0UVKHxP7UKW8/9ytKYiC6g=; b=QjtzvXplDROxhaxiHvPu1BjJ5PjVslGbOrps8jUEbv1lkfDtDnk0Zq0JM0GbpB/Kxq Rk7WqMsXs0JNr5MgMZEd9duwRe4vDdAPzntjFJDu7OAiQ4aRmushMgDwIFHH97NHI8EF xf46zu2Yp/eibavTnqNOUsGe7RP9nL+X2pcQnyyiQtnNXCAQKeIPye8EATcNVJDa+0ja fPLWNooK+rgvOS0jrnbkSyfmc4eAiVGwi447dhW6LHtg5YxeNs9YJiYwsvNCIpCUdUEA HZ8u30tTIpqgVFYBlWVe4xDc41NDc2/AD4qRbRc6UM7W0p3CVcNbSQnPy0O771jhp9oU bPsg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hVMa5GtA6KBTlA6K52umM0UVKHxP7UKW8/9ytKYiC6g=; b=Crqm81SclPybZYo2ebKuyYRdA5SUszx2CO+xugkY4KBqVTEyYlCwcE5XYRGZU2UZwf bTttciT6hJMh72dfwalyRWQ/oYFtXCK1egX+w2i7o0EOkBGfbX4yRw64mReN6MW4DZvL JW0S6vDkO9EbBM5D6u61910DUtrIgvYFSjOiko2gLYg5ZJnYRI1oiZ6p8xqTqzESpwSF l1XJSOdAkiWvqoa5pTezDjOJzHJU12ajcJRR5k6JUjKekd716Wzdd7pWTCoycs1n31Mx OR66CUR5Iupb65lvHbnEsAiL7kmNvs4WlkSNfwUxyFsNsskPpWyVbUJZUCMKjpRNr9xP cn/g== X-Gm-Message-State: AOAM531brjFiv6MawKxVAzfSE1a15nXePLTnp1avKj6pvylzlrBfN7F0 oGIFHwpfRxworIHo1MCMyDhl4YGEV1uB8f1D X-Google-Smtp-Source: ABdhPJzYYyZry5H4+IrzoCUY9ywdttjtmaih9FGKvzMOVwhkibJfhQZisdJmwtD+sBTlSs3kYF/y3w== X-Received: by 2002:ac2:4f92:0:b0:448:7eab:c004 with SMTP id z18-20020ac24f92000000b004487eabc004mr118715lfs.27.1647444677694; Wed, 16 Mar 2022 08:31:17 -0700 (PDT) Received: from wse-c0089.raspi.local (h-98-128-237-157.A259.priv.bahnhof.se. [98.128.237.157]) by smtp.gmail.com with ESMTPSA id bu9-20020a056512168900b004489c47d241sm205870lfb.32.2022.03.16.08.31.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Mar 2022 08:31:16 -0700 (PDT) From: Mattias Forsblad X-Google-Original-From: Mattias Forsblad To: netdev@vger.kernel.org Cc: "David S . Miller" , Jakub Kicinski , Andrew Lunn , Florian Fainelli , Vivien Didelot , Roopa Prabhu , Tobias Waldekranz , Mattias Forsblad Subject: [PATCH v2 net-next 3/5] dsa: Handle the flood flag in the DSA layer. Date: Wed, 16 Mar 2022 16:30:57 +0100 Message-Id: <20220316153059.2503153-4-mattias.forsblad+netdev@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> References: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Add infrastructure to be able to handle the flood flag in the DSA layer. Signed-off-by: Mattias Forsblad --- include/net/dsa.h | 7 +++++++ net/dsa/dsa_priv.h | 2 ++ net/dsa/slave.c | 18 ++++++++++++++++++ 3 files changed, 27 insertions(+) diff --git a/include/net/dsa.h b/include/net/dsa.h index 9bfe984fcdbf..fcb47dc832e1 100644 --- a/include/net/dsa.h +++ b/include/net/dsa.h @@ -939,6 +939,13 @@ struct dsa_switch_ops { void (*get_regs)(struct dsa_switch *ds, int port, struct ethtool_regs *regs, void *p); + /* + * Local receive + */ + int (*set_flood)(struct dsa_switch *ds, int port, + struct net_device *bridge, unsigned long mask, + unsigned long val); + /* * Upper device tracking. */ diff --git a/net/dsa/dsa_priv.h b/net/dsa/dsa_priv.h index f20bdd8ea0a8..ca3ea320c8eb 100644 --- a/net/dsa/dsa_priv.h +++ b/net/dsa/dsa_priv.h @@ -234,6 +234,8 @@ int dsa_port_vlan_filtering(struct dsa_port *dp, bool vlan_filtering, struct netlink_ext_ack *extack); bool dsa_port_skip_vlan_configuration(struct dsa_port *dp); int dsa_port_ageing_time(struct dsa_port *dp, clock_t ageing_clock); +int dsa_port_set_flood(struct dsa_port *dp, struct net_device *br, unsigned long mask, + unsigned long val); int dsa_port_mtu_change(struct dsa_port *dp, int new_mtu, bool targeted_match); int dsa_port_fdb_add(struct dsa_port *dp, const unsigned char *addr, diff --git a/net/dsa/slave.c b/net/dsa/slave.c index f9cecda791d5..1349dda6b3e6 100644 --- a/net/dsa/slave.c +++ b/net/dsa/slave.c @@ -458,6 +458,13 @@ static int dsa_slave_port_attr_set(struct net_device *dev, const void *ctx, ret = dsa_port_vlan_filtering(dp, attr->u.vlan_filtering, extack); break; + case SWITCHDEV_ATTR_ID_BRIDGE_FLOOD: + if (!dsa_port_offloads_bridge_dev(dp, attr->orig_dev)) + return -EOPNOTSUPP; + + ret = dsa_port_set_flood(dp, attr->orig_dev, attr->u.brport_flags.mask, + attr->u.brport_flags.val); + break; case SWITCHDEV_ATTR_ID_BRIDGE_AGEING_TIME: if (!dsa_port_offloads_bridge_dev(dp, attr->orig_dev)) return -EOPNOTSUPP; @@ -834,6 +841,17 @@ dsa_slave_get_regs(struct net_device *dev, struct ethtool_regs *regs, void *_p) ds->ops->get_regs(ds, dp->index, regs, _p); } +int dsa_port_set_flood(struct dsa_port *dp, struct net_device *br, unsigned long mask, + unsigned long val) +{ + struct dsa_switch *ds = dp->ds; + + if (ds->ops->set_flood) + return ds->ops->set_flood(ds, dp->index, br, mask, val); + + return 0; +} + static int dsa_slave_nway_reset(struct net_device *dev) { struct dsa_port *dp = dsa_slave_to_port(dev); From patchwork Wed Mar 16 15:30:58 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mattias Forsblad X-Patchwork-Id: 12782881 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6CD83C4332F for ; Wed, 16 Mar 2022 15:31:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235613AbiCPPcl (ORCPT ); Wed, 16 Mar 2022 11:32:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48264 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1350654AbiCPPcj (ORCPT ); Wed, 16 Mar 2022 11:32:39 -0400 Received: from mail-lf1-x130.google.com (mail-lf1-x130.google.com [IPv6:2a00:1450:4864:20::130]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61C386CA73 for ; Wed, 16 Mar 2022 08:31:23 -0700 (PDT) Received: by mail-lf1-x130.google.com with SMTP id w7so4359287lfd.6 for ; Wed, 16 Mar 2022 08:31:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=WZYQAsSvahIFcNUXr8FqEhHgPkYsNvYPksAc//voMGg=; b=q18e4QvGDkHF/1fdSZDP5UiJx5pYie0Za9ek4OhAFEG9/hcd2K0qiy74Lh3i6IITKK DBPCbfAnUeBH2Pc0qv7tUHKnATP/qxxEdBYy3C/IUD0YjzJPpt4LKxeYMImP3UErP+Al qB1KVeds9sTFiGhJ03bGA9uleSJQefSwDg+qmaVPNfBMLp0dCsfhAeu8BMEI2pknspDC sOBUOfAlqNfWhdkseREk2nXlwjA3sixyFt1SnaEU1IMggrhamCHifrWx8UVNjxbRc7Bj FsZz8PGpNKySbUA2YvmjXpdZ21xu8YSi5g9EZ+umsBmzarsB/DkIupfSJHW52fUgiM41 kgWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WZYQAsSvahIFcNUXr8FqEhHgPkYsNvYPksAc//voMGg=; b=kCLSWbHCcA9FLZVgOeGI5LtzWEkFTxWkG6sb/UsnKrMGCRB9lce6whvCh07CIfFSHa uAp8QvGjAQUXlPhm6x5qFikYSSyw8f7ixbYjqS7wA6Mh9bgPq3l7VopJLdOwUoGLPZD6 PiQ7AOitFzw9azyUFtIeELN3/3qz2hhd0Uu7MKGvjyrAKqh9sVsceigD/owmsQAFUBNb hEI8VcnuhDMJQAmqr0GEIS0W8KDy+If1n85CqIIdfVDjxFT0LOrqXoaDROw7MX37rxun 8T1UrXdMzbFy1/WrSVk9pKIsCtkSOw5yise9nyVAei8CGAuqdJarbeNMFlZGgRm6lxBF utGg== X-Gm-Message-State: AOAM533OkbAoGBiV9nMwh9toLUJhZ7C17UfXAMFrKJIOUG0OQ2bjGohU jhdW/30zAnU2SZQX+a3CtcCU0NJa3uegp1UN X-Google-Smtp-Source: ABdhPJzhX6yhf7z0M05ajzpIT+xJ9WVp9xNFNvw9lj2Fibsx9KW7Gb2NWwLUV7lEJAIPeocH8CyUrw== X-Received: by 2002:a19:6a0e:0:b0:443:3b15:4345 with SMTP id u14-20020a196a0e000000b004433b154345mr144313lfu.388.1647444680898; Wed, 16 Mar 2022 08:31:20 -0700 (PDT) Received: from wse-c0089.raspi.local (h-98-128-237-157.A259.priv.bahnhof.se. [98.128.237.157]) by smtp.gmail.com with ESMTPSA id bu9-20020a056512168900b004489c47d241sm205870lfb.32.2022.03.16.08.31.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Mar 2022 08:31:19 -0700 (PDT) From: Mattias Forsblad X-Google-Original-From: Mattias Forsblad To: netdev@vger.kernel.org Cc: "David S . Miller" , Jakub Kicinski , Andrew Lunn , Florian Fainelli , Vivien Didelot , Roopa Prabhu , Tobias Waldekranz , Mattias Forsblad Subject: [PATCH v2 net-next 4/5] mv88e6xxx: Offload the flood flag Date: Wed, 16 Mar 2022 16:30:58 +0100 Message-Id: <20220316153059.2503153-5-mattias.forsblad+netdev@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> References: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Use the port vlan table to restrict ingressing traffic to the CPU port if the flood flags are cleared. Signed-off-by: Mattias Forsblad --- drivers/net/dsa/mv88e6xxx/chip.c | 45 ++++++++++++++++++++++++++++++-- 1 file changed, 43 insertions(+), 2 deletions(-) diff --git a/drivers/net/dsa/mv88e6xxx/chip.c b/drivers/net/dsa/mv88e6xxx/chip.c index 84b90fc36c58..39347a05c3a5 100644 --- a/drivers/net/dsa/mv88e6xxx/chip.c +++ b/drivers/net/dsa/mv88e6xxx/chip.c @@ -1384,6 +1384,7 @@ static u16 mv88e6xxx_port_vlan(struct mv88e6xxx_chip *chip, int dev, int port) struct dsa_switch *ds = chip->ds; struct dsa_switch_tree *dst = ds->dst; struct dsa_port *dp, *other_dp; + bool flood = true; bool found = false; u16 pvlan; @@ -1425,6 +1426,9 @@ static u16 mv88e6xxx_port_vlan(struct mv88e6xxx_chip *chip, int dev, int port) pvlan = 0; + if (dp->bridge) + flood = br_flood_enabled(dp->bridge->dev); + /* Frames from standalone user ports can only egress on the * upstream port. */ @@ -1433,10 +1437,11 @@ static u16 mv88e6xxx_port_vlan(struct mv88e6xxx_chip *chip, int dev, int port) /* Frames from bridged user ports can egress any local DSA * links and CPU ports, as well as any local member of their - * bridge group. + * as well as any local member of their bridge group. However, CPU ports + * are omitted if flood is cleared. */ dsa_switch_for_each_port(other_dp, ds) - if (other_dp->type == DSA_PORT_TYPE_CPU || + if ((other_dp->type == DSA_PORT_TYPE_CPU && flood) || other_dp->type == DSA_PORT_TYPE_DSA || dsa_port_bridge_same(dp, other_dp)) pvlan |= BIT(other_dp->index); @@ -2718,6 +2723,41 @@ static void mv88e6xxx_crosschip_bridge_leave(struct dsa_switch *ds, mv88e6xxx_reg_unlock(chip); } +static int mv88e6xxx_set_flood(struct dsa_switch *ds, int port, struct net_device *br, + unsigned long mask, unsigned long val) +{ + struct mv88e6xxx_chip *chip = ds->priv; + struct dsa_bridge *bridge; + struct dsa_port *dp; + bool found = false; + int err; + + if (!netif_is_bridge_master(br)) + return 0; + + list_for_each_entry(dp, &ds->dst->ports, list) { + if (dp->ds == ds && dp->index == port) { + found = true; + break; + } + } + + if (!found) + return 0; + + bridge = dp->bridge; + if (!bridge) + return 0; + + mv88e6xxx_reg_lock(chip); + + err = mv88e6xxx_bridge_map(chip, *bridge); + + mv88e6xxx_reg_unlock(chip); + + return err; +} + static int mv88e6xxx_software_reset(struct mv88e6xxx_chip *chip) { if (chip->info->ops->reset) @@ -6478,6 +6518,7 @@ static const struct dsa_switch_ops mv88e6xxx_switch_ops = { .set_eeprom = mv88e6xxx_set_eeprom, .get_regs_len = mv88e6xxx_get_regs_len, .get_regs = mv88e6xxx_get_regs, + .set_flood = mv88e6xxx_set_flood, .get_rxnfc = mv88e6xxx_get_rxnfc, .set_rxnfc = mv88e6xxx_set_rxnfc, .set_ageing_time = mv88e6xxx_set_ageing_time, From patchwork Wed Mar 16 15:30:59 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mattias Forsblad X-Patchwork-Id: 12782882 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F26A2C433F5 for ; Wed, 16 Mar 2022 15:31:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1357260AbiCPPcn (ORCPT ); Wed, 16 Mar 2022 11:32:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48268 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237097AbiCPPcj (ORCPT ); Wed, 16 Mar 2022 11:32:39 -0400 Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 441616D184 for ; Wed, 16 Mar 2022 08:31:25 -0700 (PDT) Received: by mail-lf1-x129.google.com with SMTP id s25so4336441lfs.10 for ; Wed, 16 Mar 2022 08:31:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=70Mkl5fF/R17b/faQY/2h5xGCzK1R0KExZ0u2SnIz5Y=; b=aNTmASEBtlX73xNW+FYQvwJdv76M8qnwyCl1YngsUBpbn+XLYBsMUs6gk56LxAudTC FtySUAZ/LeJtmzs3LOuOlbcWhS5wNBUvjs9lMaLKT96Y8e9FxzlGJLhHFaXc9zdT7dwa b1Uv1+DzzAW+kwhZRqcOI9qOVEDP0u8IlFQxZikGPENkrxJG+1ztTvALiAzgB8M4gxJT jY2yf6CCXYFINJ6LTNw2Krq7uDVA4e2gkgVEsme36JRSC6oSxPwmyI5Fl9ItIJFMr+3W 7Fdd0kaxx8N8vihWxoVH+LW/frdnSJDFDiAhURT3JeU1wG9jqmyhgp7KSm1dzoP1YOfF 7s4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=70Mkl5fF/R17b/faQY/2h5xGCzK1R0KExZ0u2SnIz5Y=; b=IsR7tGwuw9eq0I0t4HNrjbnrCLgdRx38omK8T26e/8E1SnslK9b1v3XGoqR+Fcsvrz 0LcqpahiXWQ/RQpuVPnjKGh/R/iVLp7MjEs0Sm3ZJ9/5VsmQtG7dj3+TgVbfgLb5UjXX cFv/nM623/9LeXZdDVdBXWSJbC0Tc3RZmUBm1Fmk7cBbOCBmQ9GzmKzYsDp4P349YBB5 R/rjv64FugnowC0t1qTBbMzbvG4eEAvThCGTQCgtVeiAEgbQR+s0zo57uV5wRp2iBJrM QsNUI+q+ofD3qJyJmeHWeSQnpD4JaGjOH9IntqiiJHzOXvy+GIAbk/HichBaRbcmqEnJ m7bw== X-Gm-Message-State: AOAM532wvjKVSM+rF6u8OYFQqGVGAGmUPKcrWIeYNmqP2o+RQV3OX3m0 kxuh/vSasJPEg00YSKW3mrxSByYUoakCpNPa X-Google-Smtp-Source: ABdhPJw99tAk6fOuZl9Xbq1B4AX1tprJ3OAF6qznV6q1K4vTKM1DJkwgCAp/7slF0mYbcPPttfNd0g== X-Received: by 2002:a05:6512:1698:b0:448:872b:4425 with SMTP id bu24-20020a056512169800b00448872b4425mr106989lfb.377.1647444683117; Wed, 16 Mar 2022 08:31:23 -0700 (PDT) Received: from wse-c0089.raspi.local (h-98-128-237-157.A259.priv.bahnhof.se. [98.128.237.157]) by smtp.gmail.com with ESMTPSA id bu9-20020a056512168900b004489c47d241sm205870lfb.32.2022.03.16.08.31.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Mar 2022 08:31:21 -0700 (PDT) From: Mattias Forsblad X-Google-Original-From: Mattias Forsblad To: netdev@vger.kernel.org Cc: "David S . Miller" , Jakub Kicinski , Andrew Lunn , Florian Fainelli , Vivien Didelot , Roopa Prabhu , Tobias Waldekranz , Mattias Forsblad Subject: [PATCH v2 net-next 5/5] selftest: Add bridge flood flag tests Date: Wed, 16 Mar 2022 16:30:59 +0100 Message-Id: <20220316153059.2503153-6-mattias.forsblad+netdev@gmail.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> References: <20220316153059.2503153-1-mattias.forsblad+netdev@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Add test to check that the bridge flood flags works correctly. When the bridge flag {flood,mcast_flood,bcast_flood} are cleared no packets of the corresponding type should be flooded to the bridge. Signed-off-by: Mattias Forsblad --- .../testing/selftests/net/forwarding/Makefile | 1 + .../selftests/net/forwarding/bridge_flood.sh | 169 ++++++++++++++++++ tools/testing/selftests/net/forwarding/lib.sh | 8 + 3 files changed, 178 insertions(+) create mode 100755 tools/testing/selftests/net/forwarding/bridge_flood.sh diff --git a/tools/testing/selftests/net/forwarding/Makefile b/tools/testing/selftests/net/forwarding/Makefile index 8fa97ae9af9e..24ca6a333edd 100644 --- a/tools/testing/selftests/net/forwarding/Makefile +++ b/tools/testing/selftests/net/forwarding/Makefile @@ -1,6 +1,7 @@ # SPDX-License-Identifier: GPL-2.0+ OR MIT TEST_PROGS = bridge_igmp.sh \ + bridge_flood.sh \ bridge_locked_port.sh \ bridge_port_isolation.sh \ bridge_sticky_fdb.sh \ diff --git a/tools/testing/selftests/net/forwarding/bridge_flood.sh b/tools/testing/selftests/net/forwarding/bridge_flood.sh new file mode 100755 index 000000000000..ea3e7da139aa --- /dev/null +++ b/tools/testing/selftests/net/forwarding/bridge_flood.sh @@ -0,0 +1,169 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +ALL_TESTS="ping_test bridge_flood" +NUM_NETIFS=4 +CHECK_TC="no" +source lib.sh +bridge=br3 + +h1_create() +{ + simple_if_init $h1 192.0.2.1/24 2001:db8:1::1/64 +} + +h1_destroy() +{ + simple_if_fini $h1 192.0.2.1/24 2001:db8:1::1/64 +} + +h2_create() +{ + simple_if_init $h2 192.0.2.2/24 2001:db8:1::2/64 +} + +h2_destroy() +{ + simple_if_fini $h2 192.0.2.2/24 2001:db8:1::2/64 +} + +switch_create() +{ + ip link add dev $bridge type bridge + + ip link set dev $swp1 master $bridge + ip link set dev $swp2 master $bridge + ip link set dev $swp1 type bridge_slave learning off + ip link set dev $swp2 type bridge_slave learning off + + ip link set dev $bridge type bridge flood 0 mcast_flood 0 bcast_flood 0 + check_err $? "Can't set bridge flooding off on $bridge" + + ip link set dev $bridge up + ip link set dev $bridge promisc on + ip link set dev $swp1 up + ip link set dev $swp2 up +} + +switch_destroy() +{ + ip link set dev $swp2 down + ip link set dev $swp1 down + + ip link del dev $bridge +} + +setup_prepare() +{ + h1=${NETIFS[p1]} + swp1=${NETIFS[p2]} + + swp2=${NETIFS[p3]} + h2=${NETIFS[p4]} + + vrf_prepare + + h1_create + h2_create + + switch_create +} + +ping_test() +{ + echo "Check connectivity /w ping" + ping_do $h1 192.0.2.2 + check_err $? "ping fail" + log_test "ping test" +} + +cleanup() +{ + pre_cleanup + + switch_destroy + + h2_destroy + h1_destroy + + vrf_cleanup +} + +bridge_flood_test_do() +{ + local should_flood=$1 + local mac=$2 + local ip=$3 + local host1_if=$4 + local err=0 + local vrf_name + + + # Add an ACL on `host2_if` which will tell us whether the packet + # was flooded to it or not. + tc qdisc add dev $bridge ingress + tc filter add dev $bridge ingress protocol ip pref 1 handle 101 \ + flower dst_mac $mac action drop + + vrf_name=$(master_name_get $host1_if) + ip vrf exec $vrf_name \ + $MZ $host1_if -c 1 -p 64 -b $mac -B $ip -t ip -q + sleep 1 + + tc -j -s filter show dev $bridge ingress \ + | jq -e ".[] | select(.options.handle == 101) \ + | select(.options.actions[0].stats.packets == 1)" &> /dev/null + if [[ $? -ne 0 && $should_flood == "true" || \ + $? -eq 0 && $should_flood == "false" ]]; then + err=1 + fi + + tc filter del dev $bridge ingress protocol ip pref 1 handle 101 flower + tc qdisc del dev $bridge ingress + + return $err +} + +bridge_flood_test() +{ + local mac=$1 + local ip=$2 + local flag=$3 + + RET=0 + + ip link set dev $bridge type bridge $flag 0 + + bridge_flood_test_do false $mac $ip $h1 $bridge + check_err $? "Packet flooded when should not" + log_test "Bridge test flag $flag disabled" + + ip link set dev $bridge type bridge $flag 1 + + bridge_flood_test_do true $mac $ip $h1 $bridge + check_err $? "Packet was not flooded when should" + + log_test "Bridge test flag $flag enabled" +} + +bridge_flood() +{ + RET=0 + + check_bridge_flood_support $bridge || return 0 + + bridge_flood_test de:ad:be:ef:13:37 192.0.2.100 flood + + bridge_flood_test 01:00:5e:00:00:01 239.0.0.1 mcast_flood + + bridge_flood_test ff:ff:ff:ff:ff:ff 192.0.2.100 bcast_flood +} + +trap cleanup EXIT + +setup_prepare +setup_wait + +tests_run + +exit $EXIT_STATUS diff --git a/tools/testing/selftests/net/forwarding/lib.sh b/tools/testing/selftests/net/forwarding/lib.sh index 664b9ecaf228..12e69837374e 100644 --- a/tools/testing/selftests/net/forwarding/lib.sh +++ b/tools/testing/selftests/net/forwarding/lib.sh @@ -134,6 +134,14 @@ check_locked_port_support() fi } +check_bridge_flood_support() +{ + if ! ip -d link show dev $1 | grep -q " flood"; then + echo "SKIP: iproute2 too old; Bridge flood feature not supported." + return $ksft_skip + fi +} + if [[ "$(id -u)" -ne 0 ]]; then echo "SKIP: need root privileges" exit $ksft_skip