From patchwork Tue Nov 8 10:47:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036120 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D1672C433FE for ; Tue, 8 Nov 2022 10:48:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233968AbiKHKsH (ORCPT ); Tue, 8 Nov 2022 05:48:07 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36716 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233203AbiKHKr5 (ORCPT ); Tue, 8 Nov 2022 05:47:57 -0500 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2082.outbound.protection.outlook.com [40.107.93.82]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8C67D429A7 for ; Tue, 8 Nov 2022 02:47:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=J0eIlIXOpyvfTgVikNDnjkpmUAzU2hDklBastGj0V0mOyK9cNQn3lv3bkD8wub6g0cCzbrNzBDZpzvkvIRb5duYm0srT+sClXcLA5Pre8j8pFELZwRcuSrW2RWcdD7YRW1BgaA2zPqOBTdM+iVhFftcBeQXF1TpLowKW+OwEB4xVNRTC8cVlHrYo5m6sA98+7V9Xv1RRkFKzw4q2eLq1xeR9YJnrexvta516NNhzKXgTIhYmg/5jTPJwQiN2Fcb1norcaimAvFsIsNXfF4g9kG3FSfebngceMzbUWxUYLOqe3kBZmyldOHfnPNlEkGQ/3FAvJKOqVb8yA1yvYEFFOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=J5CjmYMVarafJWwlmM7fhyDRkbO5NPlFuYuaDKhHG/o=; b=GPBzSgue+p6jtmwoOt5VXINcWYv8tOnTT117ZIktl4Al57mpE0QrkvDfE1Jv8ay62p2Gm0BpSHLFSnS2iV5p5Cvc3SjYLhifjHYSyRjM8kh1DrAxfBqRgDR0KPtoRjf6SerH+Nz/rOkTBSKCxckkUUABFAdB+BwZGnKed6Zn0LSI+pM2etTep9FJvzDQPEXNjiZhIiCUjpMC9FyZrR0WOEoCfAS+tR92h0sHt/wBcAJ5PFP2UvN6JAUsjF7HGznBtVYS3pF2HrjiXaBrpIO1FD2Ckd0XXbeVukuhNcSgMAmOfZwsaDmFukYrMwGLfXYe87+tFc43fbSAEEnkpw/ZJA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=J5CjmYMVarafJWwlmM7fhyDRkbO5NPlFuYuaDKhHG/o=; b=BaylwctLnhmFA6OXUK36TuvLJJ7gvnOk/7CW2W5dMfC9FrolPXtrfnGXxMoPthn7JoyKIqngTyu8QYEPovbwaV7j+h4Vd+I+fION03I8HdrF0UcfkLBMT7P+r01l2RlUgiNO96ZhuoGLssTElGiADcym41YLZSls9hdZqHNo/h4I3GnXrIdqZUegCtT21QK6yaHfLI6v6gIBGNetsmuibHO6KfuXlYv8wpEfMYeXbshoCD6cGrgNcB8ivPucxvF+3+BaWFr/K1YT1d100A5QTys3ZOvo0SheM4CKgaOc4kITjj9X9+gHqwQwm5ioZ3G8sEBm2Xfh68UkQDaKEudAAA== Received: from BN9PR03CA0161.namprd03.prod.outlook.com (2603:10b6:408:f4::16) by IA1PR12MB6113.namprd12.prod.outlook.com (2603:10b6:208:3eb::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27; Tue, 8 Nov 2022 10:47:54 +0000 Received: from BN8NAM11FT096.eop-nam11.prod.protection.outlook.com (2603:10b6:408:f4:cafe::df) by BN9PR03CA0161.outlook.office365.com (2603:10b6:408:f4::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26 via Frontend Transport; Tue, 8 Nov 2022 10:47:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT096.mail.protection.outlook.com (10.13.177.195) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:47:54 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:47:41 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:47:37 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 01/15] bridge: switchdev: Let device drivers determine FDB offload indication Date: Tue, 8 Nov 2022 11:47:07 +0100 Message-ID: X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT096:EE_|IA1PR12MB6113:EE_ X-MS-Office365-Filtering-Correlation-Id: e758bc46-5b3c-4b25-11db-08dac176b0f8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 59tC0fKO8uQ9qsPpFEcwQ93mGizW7Uip8XXnfkWpDJVvPKI16p+h3qObWASnCg1q/4myiKJ7+5DqhGhsY7oRs76jdBpf5E6CQSrYgyey8x98Td+7TLDeq3HPUONYXLztMO8HCJISaPBiZmkiDN8/RaJGVX7fyRzIHMIEfDaHANsZV51wPrJJu/14EMMPlpAu7GGCbTX9PVbrKfVF/8l5rMK8C+KOrpaEHioI5W4JUtOG620gVA/WJGoZvs3xOKpjpV1sVIC0OzPCw9+Ep45RPXI+U7611k5LGmX+pfHS/l3kJH5Ogy9120QAmXvgZ+qWe8f8Nncy/ZEIQUSqsIjbhn9E8ApDDCc1mQBGVtpJC7FYql3w3lhotm2HtZrQTXUK7pc6rNdikNDMFh/GIQLB4Hj8tOPZ3O4e9ySG7Y2TrcTnc1R1WUthXUaqSXH/IMq8Dzfq0+QN2fokPrdOx1lNcETK/FYZWm5I2SmFtsNbq2fnf9NBelxNuKBYPudbTrxFqeB8FspjEipR0C/1feGQY/80SgFvDCGXjE6vTX3FX+nPh+l2WDoy/ziNw/zjS8inlU/Fx0ziJOWxU6CZhNPAQC7b8G6xDhkPSXAtH3BW8/EThk8LvPLGnbs7fPxFAxqBbGwCZbVVQ03fDebr6aIj9kmh2EA/igjaHevh3yEZYXkWHUnzx2NAHcPoXlHfdwIe8RF94nhqUD1zXibI3+7O8MXLAPZUCz+IAzt5Esqj45wQmqCnkId+H0P6fPOHFEHL7x0KGlc685qE60glcQ7DfQ== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(396003)(346002)(376002)(39860400002)(136003)(451199015)(36840700001)(40470700004)(46966006)(86362001)(36756003)(7636003)(356005)(36860700001)(82740400003)(5660300002)(2906002)(7696005)(336012)(426003)(47076005)(83380400001)(26005)(186003)(16526019)(2616005)(70206006)(70586007)(316002)(82310400005)(40480700001)(40460700003)(4326008)(8676002)(41300700001)(8936002)(54906003)(478600001)(110136005)(107886003)(6666004);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:47:54.3664 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e758bc46-5b3c-4b25-11db-08dac176b0f8 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT096.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB6113 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Currently, FDB entries that are notified to the bridge via 'SWITCHDEV_FDB_ADD_TO_BRIDGE' are always marked as offloaded. With MAB enabled, this will no longer be universally true. Device drivers will report locked FDB entries to the bridge to let it know that the corresponding hosts required authorization, but it does not mean that these entries are necessarily programmed in the underlying hardware. Solve this by determining the offload indication based of the 'offloaded' bit in the FDB notification. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata Reviewed-by: Vladimir Oltean Acked-by: Nikolay Aleksandrov --- net/bridge/br.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/bridge/br.c b/net/bridge/br.c index 96e91d69a9a8..145999b8c355 100644 --- a/net/bridge/br.c +++ b/net/bridge/br.c @@ -172,7 +172,7 @@ static int br_switchdev_event(struct notifier_block *unused, break; } br_fdb_offloaded_set(br, p, fdb_info->addr, - fdb_info->vid, true); + fdb_info->vid, fdb_info->offloaded); break; case SWITCHDEV_FDB_DEL_TO_BRIDGE: fdb_info = ptr; From patchwork Tue Nov 8 10:47:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036121 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B6DD0C433FE for ; Tue, 8 Nov 2022 10:48:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233961AbiKHKsQ (ORCPT ); Tue, 8 Nov 2022 05:48:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36778 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233955AbiKHKsF (ORCPT ); Tue, 8 Nov 2022 05:48:05 -0500 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2057.outbound.protection.outlook.com [40.107.220.57]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C20AE41994 for ; Tue, 8 Nov 2022 02:48:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oU7RpEORM4qYepo/8LCjExD9x44vyMyoAb1FIDQY8OVCvmRTxj7xSfRfmghHO+ayscPu96XbWNH0bNerF8+QXjyktKt/IABMycAQfDgW90Gmke4Lx+EdkXfLz+K2IvRM3nLMOqoVhm39Pwf4FYNzur91ZAQEDzYyVe+9WKMgDaMlT6+CdeewgUDGUJ++ThoYeBlVMxs9ni2Ul7s3ZeT9o7Hc5KaTrti9H+tQkTmIQopfYFeCeCmmFnt4JxkBwRt+nsXMbtxDqqKx2YcxfvoHvWc4lwiUrQnVbR4IbvLE5je4z9X5krV4xWWOkjsrpMPfPNobXWdfuzKVWtprdoG/7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=l7DEUJc2u2U3TTxDUpB8poMa2Pk7ZwYtl+Wds4ifdKY=; b=BdjCvDjMZn0ejAReNzd4qxI1nEmPcOWDY/f0iq9XuKq1qAh1boK20nZb4EaSY5KNj4wP4pZ2qB+7uhM0UuDegAN6Fnf0jcZxRKv/j4+fQqhXHQ6vcY97bq2hGjKvU2BILpLMu6Jjbb1nJRusKcwfE1VZdADueWoDORQbjnUJKG0Gl/J1xHxGdLCrJOzGdCdNlOpaBUoLzeLfL5JDipE3mFz6U4nHpBEEG3LJkHfFaRgezQaBjoM8waIThcNS13N0gQPfflkiSNkBpsGxeRbQ4INpdekg5AQQjn3kosVJzLzbnWx55koCcx4RCCKUg/v6o0lRQKmZcTvUjHW/CgQsTw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=l7DEUJc2u2U3TTxDUpB8poMa2Pk7ZwYtl+Wds4ifdKY=; b=ox7kX7p+XIFC11rQToU5szyiAMSueJFt+jPf09fnz+qd8gilXjyIW7THKURREsz3NkoUcK/azE5Hu+SWvJGFXczxOZzNNeQuYeCdACPCSWSInvfHpWsn4mX+WAtralK8lFR3otKVxwzwaXaCGOI7efpufNTLz+mItSIuq8wTVCT+rVsYdrBhbrGkawVmltgxuNVEDc2cSQY92EgwKj27rE2dpPPp0xN0UeA6YYsCcjPyQF3FXpybk27g6rAeBar8504PT8c9eSV1N2WIGhnwsV8Fh4+S5ryHrCLZo8Q8ZoXMn14fur1zFKS6+rcZPhzamrkfI3iaWE3bFFXeLQSgpA== Received: from BN8PR04CA0051.namprd04.prod.outlook.com (2603:10b6:408:d4::25) by BN9PR12MB5259.namprd12.prod.outlook.com (2603:10b6:408:100::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:00 +0000 Received: from BN8NAM11FT028.eop-nam11.prod.protection.outlook.com (2603:10b6:408:d4:cafe::c3) by BN8PR04CA0051.outlook.office365.com (2603:10b6:408:d4::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27 via Frontend Transport; Tue, 8 Nov 2022 10:48:00 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT028.mail.protection.outlook.com (10.13.176.225) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:47:59 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:47:45 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:47:41 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 02/15] bridge: switchdev: Allow device drivers to install locked FDB entries Date: Tue, 8 Nov 2022 11:47:08 +0100 Message-ID: <68167a3ebca74bb7cd45da0ff7c1268a70c33a96.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT028:EE_|BN9PR12MB5259:EE_ X-MS-Office365-Filtering-Correlation-Id: 8297ccc6-feed-47e8-1cd3-08dac176b446 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 5VmVcRYgO6juEBrE9bztqJAxi5Q1ov2LKACVEx8ZCeCcByP5iv/o3qIMITKc71IOV6e3g6XyeSTspE3pxdwmgM9mUk/0dtQFcBJb5rjVinYlAYVguKdAw1THfiYNj9gFBYjxjrjI4i3dGYh0Lqv6m4tJFliCjHiwgyCBXVEIJi66MgLEg8iphffPbZGkOD6gvULENJvjy0icnxch4kzc5He6JMoSTWMl93VnlUo29YcLk0dMIUCXyzbLgDmgCJPo3GXUE3oAnK6Tzu6KyjFH0Fc0zG0pi7qqoUkGp0hzPK6UXrlRHKm5jd+Fm/PDBUu1k4Lqy3Ybe6tbHTASUyVZRhHvwpDShDq5ORJdQWfJKT58u1QxYoTuTxebekwoCYuUrTX1TAt43CGZcz0z4jUt+8Hvpah6Cwr98rZNEWPEEHE/7QeL8nZz5srCn/ghZCL8Cpln1YYm90L6+RXKxE9SRd+HGzxA2badQIZsT9Eavoop5L7qK53yCTCRJ5MDiMvKfOpwdp827NYrH21kQyXuy1LZuf6hLeAJX6IKv6cu2tm6l30Umz8zTgWZYW7BV7HxtY63h1OMcirKg2naFx3l6urU0QVSZtvGNzTx6aDc7UxJ4YW1hCzyjo0BZqJVB1ldNuDzNdUYnu0SYrz1IbInhTa57cz35XD9SJ8N96KYoxTNWFhxUcf3d/5RQSVCtxF5VBRuEXqdRCVqce/a1xucA1qOyv0626nhq/aH97AjsAbshTNr9xltaj+/Qea6cGdLozxnt+KI6PiQ1D06jxTFcg== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(396003)(346002)(39860400002)(136003)(376002)(451199015)(46966006)(36840700001)(40470700004)(478600001)(82310400005)(356005)(7636003)(86362001)(6666004)(54906003)(107886003)(110136005)(82740400003)(36756003)(40460700003)(8936002)(316002)(83380400001)(7696005)(26005)(41300700001)(40480700001)(70206006)(8676002)(4326008)(70586007)(336012)(186003)(2616005)(16526019)(36860700001)(426003)(5660300002)(2906002)(47076005);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:47:59.9110 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8297ccc6-feed-47e8-1cd3-08dac176b446 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT028.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5259 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Hans J. Schultz When the bridge is offloaded to hardware, FDB entries are learned and aged-out by the hardware. Some device drivers synchronize the hardware and software FDBs by generating switchdev events towards the bridge. When a port is locked, the hardware must not learn autonomously, as otherwise any host will blindly gain authorization. Instead, the hardware should generate events regarding hosts that are trying to gain authorization and their MAC addresses should be notified by the device driver as locked FDB entries towards the bridge driver. Allow device drivers to notify the bridge driver about such entries by extending the 'switchdev_notifier_fdb_info' structure with the 'locked' bit. The bit can only be set by device drivers and not by the bridge driver. Prevent a locked entry from being installed if MAB is not enabled on the bridge port. If an entry already exists in the bridge driver, reject the locked entry if the current entry does not have the "locked" flag set or if it points to a different port. The same semantics are implemented in the software data path. Signed-off-by: Hans J. Schultz Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata Reviewed-by: Vladimir Oltean Acked-by: Nikolay Aleksandrov --- Notes: v1: * Adjust commit message. * Add a check in br_switchdev_fdb_notify(). * Use 'false' instead of '0' in br_switchdev_fdb_populate(). Changes made by Ido: * Reword commit message. * Forbid locked entries when MAB is not enabled. * Forbid roaming of locked entries. * Avoid setting 'locked' bit towards device drivers. include/net/switchdev.h | 1 + net/bridge/br.c | 3 ++- net/bridge/br_fdb.c | 22 ++++++++++++++++++++-- net/bridge/br_private.h | 2 +- net/bridge/br_switchdev.c | 4 ++++ 5 files changed, 28 insertions(+), 4 deletions(-) diff --git a/include/net/switchdev.h b/include/net/switchdev.h index 7dcdc97c0bc3..ca0312b78294 100644 --- a/include/net/switchdev.h +++ b/include/net/switchdev.h @@ -248,6 +248,7 @@ struct switchdev_notifier_fdb_info { u16 vid; u8 added_by_user:1, is_local:1, + locked:1, offloaded:1; }; diff --git a/net/bridge/br.c b/net/bridge/br.c index 145999b8c355..4f5098d33a46 100644 --- a/net/bridge/br.c +++ b/net/bridge/br.c @@ -166,7 +166,8 @@ static int br_switchdev_event(struct notifier_block *unused, case SWITCHDEV_FDB_ADD_TO_BRIDGE: fdb_info = ptr; err = br_fdb_external_learn_add(br, p, fdb_info->addr, - fdb_info->vid, false); + fdb_info->vid, + fdb_info->locked, false); if (err) { err = notifier_from_errno(err); break; diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c index 3b83af4458b8..e69a872bfc1d 100644 --- a/net/bridge/br_fdb.c +++ b/net/bridge/br_fdb.c @@ -1139,7 +1139,7 @@ static int __br_fdb_add(struct ndmsg *ndm, struct net_bridge *br, "FDB entry towards bridge must be permanent"); return -EINVAL; } - err = br_fdb_external_learn_add(br, p, addr, vid, true); + err = br_fdb_external_learn_add(br, p, addr, vid, false, true); } else { spin_lock_bh(&br->hash_lock); err = fdb_add_entry(br, p, addr, ndm, nlh_flags, vid, nfea_tb); @@ -1377,7 +1377,7 @@ void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p) } int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, - const unsigned char *addr, u16 vid, + const unsigned char *addr, u16 vid, bool locked, bool swdev_notify) { struct net_bridge_fdb_entry *fdb; @@ -1386,6 +1386,9 @@ int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, trace_br_fdb_external_learn_add(br, p, addr, vid); + if (locked && (!p || !(p->flags & BR_PORT_MAB))) + return -EINVAL; + spin_lock_bh(&br->hash_lock); fdb = br_fdb_find(br, addr, vid); @@ -1398,6 +1401,9 @@ int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, if (!p) flags |= BIT(BR_FDB_LOCAL); + if (locked) + flags |= BIT(BR_FDB_LOCKED); + fdb = fdb_create(br, p, addr, vid, flags); if (!fdb) { err = -ENOMEM; @@ -1405,6 +1411,13 @@ int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, } fdb_notify(br, fdb, RTM_NEWNEIGH, swdev_notify); } else { + if (locked && + (!test_bit(BR_FDB_LOCKED, &fdb->flags) || + READ_ONCE(fdb->dst) != p)) { + err = -EINVAL; + goto err_unlock; + } + fdb->updated = jiffies; if (READ_ONCE(fdb->dst) != p) { @@ -1421,6 +1434,11 @@ int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, modified = true; } + if (locked != test_bit(BR_FDB_LOCKED, &fdb->flags)) { + change_bit(BR_FDB_LOCKED, &fdb->flags); + modified = true; + } + if (swdev_notify) set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags); diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index 4ce8b8e5ae0b..4c4fda930068 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -811,7 +811,7 @@ int br_fdb_sync_static(struct net_bridge *br, struct net_bridge_port *p); void br_fdb_unsync_static(struct net_bridge *br, struct net_bridge_port *p); int br_fdb_external_learn_add(struct net_bridge *br, struct net_bridge_port *p, const unsigned char *addr, u16 vid, - bool swdev_notify); + bool locked, bool swdev_notify); int br_fdb_external_learn_del(struct net_bridge *br, struct net_bridge_port *p, const unsigned char *addr, u16 vid, bool swdev_notify); diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index 8f3d76c751dd..8a0abe35137d 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -136,6 +136,7 @@ static void br_switchdev_fdb_populate(struct net_bridge *br, item->added_by_user = test_bit(BR_FDB_ADDED_BY_USER, &fdb->flags); item->offloaded = test_bit(BR_FDB_OFFLOADED, &fdb->flags); item->is_local = test_bit(BR_FDB_LOCAL, &fdb->flags); + item->locked = false; item->info.dev = (!p || item->is_local) ? br->dev : p->dev; item->info.ctx = ctx; } @@ -146,6 +147,9 @@ br_switchdev_fdb_notify(struct net_bridge *br, { struct switchdev_notifier_fdb_info item; + if (test_bit(BR_FDB_LOCKED, &fdb->flags)) + return; + br_switchdev_fdb_populate(br, &item, fdb, NULL); switch (type) { From patchwork Tue Nov 8 10:47:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036122 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 393DAC433FE for ; Tue, 8 Nov 2022 10:48:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233868AbiKHKsT (ORCPT ); Tue, 8 Nov 2022 05:48:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36744 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233203AbiKHKsJ (ORCPT ); Tue, 8 Nov 2022 05:48:09 -0500 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on20619.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eaa::619]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7421B419AB for ; Tue, 8 Nov 2022 02:48:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NPXAXCRg+MLZYtldWRuoqu2Z/DVHVjqQPZFC1zjh9MipcCGu8BroDTuyYk6L2yFG+EF2YL5BKL7Ea9b08Vryv+D6lVgHvsSKme8orBsFvSjgPknY9dbRUQgE9zsY9WRODq7RHOT2V4WfEajvXBr3rvPciME9oHgSBGI4UVFJIXJnPZeZ+dFdYC2NPoAlLuqFC6ZBUacur0C9r62OoFZ9oMdqBmrJvPL0Mp5AyHu3Bsp0K7FPEM/X9/Nnn+rbZFTosVnDP1i18xJSf+qjIZ71nSYehcraw0dVD2Y3M9in8frn65fHVbZaPvuxS+MlLF1Qhcp1dlTI9vzE5cRB8+NIgg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CI+GU5wtJ259odUNlmPhjajoh1bx0gxT17jrad7ZEvo=; b=b50KV2p3uugYYVMz/I1S3uxUm5kJ/WpQIzqkOLFpiXQw3WWJ0NOIg0K+UawDSXUrXK7+5ZNSYqFSeAV0Aw70cKWabNv/RFww4bcmGobndG4ks7nj9qjYBSxhTKhKPOZPPpORsynfbPmkwY8vr6VGGSRbtamu288x/zIJTNj/2tiYbxgDN0U+qfg4fGlHM3JQ0smWI8WSWctPfoGzUWq1FK0NSQ9jvz0oClL1cbetZ4zjh7bHXyuJNRIMAQ8up8BBkDxjwJf87Ricx1CBHhyRLfrGu4v1Xe5VRssNy1Yw8gHXe3HLXErUIaIfHXV/H5mJqLkDkmcEn6pXF9eM6693aQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CI+GU5wtJ259odUNlmPhjajoh1bx0gxT17jrad7ZEvo=; b=ooT+IH6PDXGGUxWOrs1eUWRO02WgiswIFekqnhCqGKljZwoO7wu+7i0RPcPAK1VVmtYV8obtCH39ks7Vxyn12AwpjgqgmQvKIg9pp+rD+S3YnmzIeyMH1dvWuU+URR+JNnvs4iU26ufq6bHgZw7/6uQMWin5dqNxz4p8OtxQ3r94xwwPP2/BO/dv/kBq15TSifc1UW2uX/3UwKWxf3X5d5hyhzvCLwriOGWgmVdGKuVKWqHHFpAu/5OZEaK3sgYf55Aw41ZJjegitPYtkVKEyLKL/X2/ZMVB4reTT+G2wfnRVid3TWg+fPl4knvq1oBzNhZQm1RH99cK3XtjZza73Q== Received: from BN7PR02CA0021.namprd02.prod.outlook.com (2603:10b6:408:20::34) by SN7PR12MB8025.namprd12.prod.outlook.com (2603:10b6:806:340::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:06 +0000 Received: from BN8NAM11FT057.eop-nam11.prod.protection.outlook.com (2603:10b6:408:20:cafe::da) by BN7PR02CA0021.outlook.office365.com (2603:10b6:408:20::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27 via Frontend Transport; Tue, 8 Nov 2022 10:48:06 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT057.mail.protection.outlook.com (10.13.177.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:05 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:47:48 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:47:45 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 03/15] bridge: switchdev: Reflect MAB bridge port flag to device drivers Date: Tue, 8 Nov 2022 11:47:09 +0100 Message-ID: <2db3f3f1eff65e42c92a8e3a5626d64f46e68edc.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT057:EE_|SN7PR12MB8025:EE_ X-MS-Office365-Filtering-Correlation-Id: 87753c22-69d5-46bb-5f41-08dac176b798 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /ZbecjekFsM2n0+awJtAx1zoA4IJwybfS/tq+/7SzLstD/KgCwP4XS5TGddtsLOZwBjuS4k1SXzNMHuYfNbxvJkaI/FZF5uI1agDhMQQHcdY5MaTRmn2XeARJz5zNtD/IHrBfbka6mOpcmXED8sL/g0Gvhv9VFD0iUAvIprj5dYB5eRqo/dRJtQMZG+GeGo4iJaDqAIBBM/ymvl1KapPt9Zu/DlAjYHrocWz53ZlHu44vPAg/+4n/5taZqn/HHyEtXfoV+Jyu7qoCHFRx2OCEXAqXjzag9j5UGoFiRsxYQCzQlN5+QRX4fV5+44S+oTQ7Zi1+akobuFC/jVTsF6hxKG2ifiV0WQ4bPtxGV8FPJpYq1avYQor4+HHphQkn1Qi7d62BVIB2nJaPvKVQgJw2QV0FfIko5NpAHqtyE7hMJVaWUDy6Z+whmjtvP+T8/X0U7xuwtuWL3DKxovJA66Go/A1OF79RBtx+aU24HcU/VdtLyGWk/mxIOZUiJi5o5p3dU55ypUkYzNkw5dT9Fj//iK+KFmx6YDkjaU7yKpmONvYE03k2j6I/0Q66K8+qSRh3pw5nbHNiGbPzrxM5gzj5H7UyOafQTbBPel7vkMJM8gJJ8CyAm8oC94EA0IhPGbtvBtfgseXB3TGFLBYvR0sM8OgilRP3NJLL3TEZSSAmfMtARUxq08qL/d7DUu1ABa5oHi+UVQfG2yp0V+D7vLTe43gm7pYiDIjp+CONdmG9SDlbySD0LCD58r6V9St6cWYhJvtW7GqUuFzSn/4JCLY9g== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(39860400002)(376002)(396003)(346002)(136003)(451199015)(40470700004)(36840700001)(46966006)(8936002)(82740400003)(5660300002)(41300700001)(8676002)(4326008)(2906002)(36756003)(478600001)(86362001)(110136005)(40460700003)(54906003)(316002)(70586007)(70206006)(36860700001)(6666004)(7696005)(40480700001)(7636003)(356005)(26005)(107886003)(82310400005)(426003)(47076005)(336012)(16526019)(2616005)(186003)(83380400001);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:05.4833 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 87753c22-69d5-46bb-5f41-08dac176b798 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT057.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB8025 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Reflect the 'BR_PORT_MAB' flag to device drivers so that: * Drivers that support MAB could act upon the flag being toggled. * Drivers that do not support MAB will prevent MAB from being enabled. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata Reviewed-by: Vladimir Oltean Acked-by: Nikolay Aleksandrov --- Notes: v1: * New patch. net/bridge/br_switchdev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index 8a0abe35137d..7eb6fd5bb917 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -71,7 +71,7 @@ bool nbp_switchdev_allowed_egress(const struct net_bridge_port *p, } /* Flags that can be offloaded to hardware */ -#define BR_PORT_FLAGS_HW_OFFLOAD (BR_LEARNING | BR_FLOOD | \ +#define BR_PORT_FLAGS_HW_OFFLOAD (BR_LEARNING | BR_FLOOD | BR_PORT_MAB | \ BR_MCAST_FLOOD | BR_BCAST_FLOOD | BR_PORT_LOCKED | \ BR_HAIRPIN_MODE | BR_ISOLATED | BR_MULTICAST_TO_UNICAST) From patchwork Tue Nov 8 10:47:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036124 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 44E58C433FE for ; Tue, 8 Nov 2022 10:48:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233967AbiKHKsZ (ORCPT ); Tue, 8 Nov 2022 05:48:25 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36886 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233930AbiKHKsM (ORCPT ); Tue, 8 Nov 2022 05:48:12 -0500 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2082.outbound.protection.outlook.com [40.107.243.82]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4F94A4199A for ; Tue, 8 Nov 2022 02:48:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JpnAzEyFoRJBD7Gj3nykaniUESTsJbDn2uIzFXPDDe6BPgSD+zw3tC+jLxx9ibc/uGnEdiMnNJUa2BfpZl6dqdKUqE4Sh/gKUE6WO5jvw6+wb7VrFWbdJf+O3QUaV51JaDSuBlupVlNc9Kd0ajW+FbCvvTMqNwaln617flw5jiWLY769EMaUjny7iNiVQp5Ie9UKfbqC7k3CIl4jbN0OFE2SneNDKHrcq+Tnstuf66s0OGLU7lyxitd7jWoTKNzjXqtZeIE/SEQ2FdAsul2rLfqucnytKsOvZTLsLjUogvwVv313IECqq46djfh2qBa1nnebmh6conuiq1nYovO9Vg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ai2oauCroFY3HI0rg2Y//XDMlglyEEmP2GfZg1UJh5s=; b=NaKXuiyH5z5+8pCamF7IdBX99oAf9Xl8Bmn1djLmAEItt1Z2zfM+lJ01/vey5bNB2lYer8OVks2ItLDWo/Kf+FY/JaQPVzcPA3TNw1iAdGcltcIrn9T42akNgivivOrUWxKmdF3j2fLFO/5wBjAyGl7xHej59kW3rSpKTi725q05HdhxXQyuFpTr7SCz5aGZcmaxlo58JcwTpKBM/puvV4Vk9PZBd3wI2kBLHslMvdf7hy9wsgprLJgwZ96vPBnZE5IDgvIoQUV9TdpLPAMOicEkPY3uhF3zSUFxvS3THvFvaN53gu+ng7X0tQmo0Bf7AGl66aiyzHSlcIadgCsUIA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ai2oauCroFY3HI0rg2Y//XDMlglyEEmP2GfZg1UJh5s=; b=IuMyU952YfUyi0KeaB/eD/3HiQsILevxacsSVQGbnYn9xuak7n4AD2rMEG83i7dYJU6QmeioTHLMX3JudcELHc3Eb+Psea9cHf1cTlBBD+NU/gbsgL5x/Alnax1gywJQzGuzfS/sD8VmyHsj2k24fF3Os/7RkxeYbOzF4MycBQgWU/P38mema87RFI2FRRhgjaHgkOCTWdQsVu1grOnUNOuOQCsiWnzGO1vQoeJKTwQ6XEO7SIz1ErMzsenrkVBpJxXWbUvG396eCJ3TQAvkWuShtyJLN7ar6N9s90wp8DdciprBm6AncZJjLZ3KXnCeRZwAGxsfGlVlusHjQg/Bpw== Received: from BN1PR12CA0008.namprd12.prod.outlook.com (2603:10b6:408:e1::13) by CH2PR12MB4103.namprd12.prod.outlook.com (2603:10b6:610:7e::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:09 +0000 Received: from BN8NAM11FT020.eop-nam11.prod.protection.outlook.com (2603:10b6:408:e1:cafe::f6) by BN1PR12CA0008.outlook.office365.com (2603:10b6:408:e1::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27 via Frontend Transport; Tue, 8 Nov 2022 10:48:09 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT020.mail.protection.outlook.com (10.13.176.223) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:09 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:47:52 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:47:49 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 04/15] devlink: Add packet traps for 802.1X operation Date: Tue, 8 Nov 2022 11:47:10 +0100 Message-ID: X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT020:EE_|CH2PR12MB4103:EE_ X-MS-Office365-Filtering-Correlation-Id: f46be232-4c0c-4290-8b33-08dac176b9d7 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: vXmUTprNv2JTTBxJOdvXsBcrXt+419CAS4D/MIEIOmZYaY7Jk740nmEQmS/2W/fGUfY6QxOXqgXRbVhpi4Xpm2rbWdR0ip8iTDVNCF07FcRuypJ0FtQ/83Eh4eucLwPrOZpCj05Fx4pC+pXbJ7cOiD4+uLmLBxYM0iw/SYYOzOD/MpTeGmJOmhUITKLulw59ycy72/P9vCjqITsjy1EPlOQ4KoPgNMLvxjzYm5CH6NxmCoCGd4mzffl0Aes9n+bYuhsqXgGFNID+V8kE5vj+y4+ylagqrqEfsbbpt6PQF13lul8br8L2lM/f2thn/P5qd4a2ZfVeXe6tKlCGXo8VCb9/cFvC1JSGglMKnvT7vHbsgPYE0Cj9wEPvpT7rm+95OcfmCPP51Wk2Kkpm+veu9UmuWRPMeBECE1EiWFzyxT3AOUbeo4CTm8cM8g7MODm1ZFwBomGa91KtLkR4xV5Lf8BlnBfkOn39vz3YEIKDUYeiLP4GLiaXSwvyMKEyx43ULBrb2/oWgcgw2XM2/IGtpJcWLJQScYn8Nov8wpH2s1pY0MqwymBfpDpVb9Eh0brL4N5VHd+PRNjkM5t1ba8uhl0Oq883mi8SaB0cWRZLDlADH9XmFgS2ZKMbxkbqy0gNq3AsmGHWF8U6+UtKCakmICHgLkn/BYTe7E0E5tPTCWHbpmCP6DxTgLdKGLfw8IIaZXaa7szDJRzBYzUBs0s58yAF3+Crtmhi49R4gBfYj35T8hvSFxaG8FnZrUhJD8XBD1eYIvvQuqUiT7fh4RC8dQ== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(396003)(136003)(39860400002)(346002)(376002)(451199015)(46966006)(40470700004)(36840700001)(426003)(186003)(47076005)(16526019)(6666004)(26005)(336012)(36860700001)(107886003)(2616005)(83380400001)(7696005)(40480700001)(2906002)(40460700003)(82310400005)(316002)(478600001)(54906003)(70586007)(41300700001)(8936002)(5660300002)(70206006)(8676002)(4326008)(110136005)(86362001)(36756003)(356005)(82740400003)(7636003);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:09.2527 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f46be232-4c0c-4290-8b33-08dac176b9d7 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT020.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4103 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Add packet traps for 802.1X operation. The "eapol" control trap is used to trap EAPOL packets and is required for the correct operation of the control plane. The "locked_port" drop trap can be enabled to gain visibility into packets that were dropped by the device due to the locked bridge port check. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata --- Documentation/networking/devlink/devlink-trap.rst | 13 +++++++++++++ include/net/devlink.h | 9 +++++++++ net/core/devlink.c | 3 +++ 3 files changed, 25 insertions(+) diff --git a/Documentation/networking/devlink/devlink-trap.rst b/Documentation/networking/devlink/devlink-trap.rst index 90d1381b88de..2c14dfe69b3a 100644 --- a/Documentation/networking/devlink/devlink-trap.rst +++ b/Documentation/networking/devlink/devlink-trap.rst @@ -485,6 +485,16 @@ be added to the following table: - Traps incoming packets that the device decided to drop because the destination MAC is not configured in the MAC table and the interface is not in promiscuous mode + * - ``eapol`` + - ``control`` + - Traps "Extensible Authentication Protocol over LAN" (EAPOL) packets + specified in IEEE 802.1X + * - ``locked_port`` + - ``drop`` + - Traps packets that the device decided to drop because they failed the + locked bridge port check. That is, packets that were received via a + locked port and whose {SMAC, VID} does not correspond to an FDB entry + pointing to the port Driver-specific Packet Traps ============================ @@ -589,6 +599,9 @@ narrow. The description of these groups must be added to the following table: * - ``parser_error_drops`` - Contains packet traps for packets that were marked by the device during parsing as erroneous + * - ``eapol`` + - Contains packet traps for "Extensible Authentication Protocol over LAN" + (EAPOL) packets specified in IEEE 802.1X Packet Trap Policers ==================== diff --git a/include/net/devlink.h b/include/net/devlink.h index fa6e936af1a5..611a23a3deb2 100644 --- a/include/net/devlink.h +++ b/include/net/devlink.h @@ -894,6 +894,8 @@ enum devlink_trap_generic_id { DEVLINK_TRAP_GENERIC_ID_ESP_PARSING, DEVLINK_TRAP_GENERIC_ID_BLACKHOLE_NEXTHOP, DEVLINK_TRAP_GENERIC_ID_DMAC_FILTER, + DEVLINK_TRAP_GENERIC_ID_EAPOL, + DEVLINK_TRAP_GENERIC_ID_LOCKED_PORT, /* Add new generic trap IDs above */ __DEVLINK_TRAP_GENERIC_ID_MAX, @@ -930,6 +932,7 @@ enum devlink_trap_group_generic_id { DEVLINK_TRAP_GROUP_GENERIC_ID_ACL_SAMPLE, DEVLINK_TRAP_GROUP_GENERIC_ID_ACL_TRAP, DEVLINK_TRAP_GROUP_GENERIC_ID_PARSER_ERROR_DROPS, + DEVLINK_TRAP_GROUP_GENERIC_ID_EAPOL, /* Add new generic trap group IDs above */ __DEVLINK_TRAP_GROUP_GENERIC_ID_MAX, @@ -1121,6 +1124,10 @@ enum devlink_trap_group_generic_id { "blackhole_nexthop" #define DEVLINK_TRAP_GENERIC_NAME_DMAC_FILTER \ "dmac_filter" +#define DEVLINK_TRAP_GENERIC_NAME_EAPOL \ + "eapol" +#define DEVLINK_TRAP_GENERIC_NAME_LOCKED_PORT \ + "locked_port" #define DEVLINK_TRAP_GROUP_GENERIC_NAME_L2_DROPS \ "l2_drops" @@ -1174,6 +1181,8 @@ enum devlink_trap_group_generic_id { "acl_trap" #define DEVLINK_TRAP_GROUP_GENERIC_NAME_PARSER_ERROR_DROPS \ "parser_error_drops" +#define DEVLINK_TRAP_GROUP_GENERIC_NAME_EAPOL \ + "eapol" #define DEVLINK_TRAP_GENERIC(_type, _init_action, _id, _group_id, \ _metadata_cap) \ diff --git a/net/core/devlink.c b/net/core/devlink.c index 40fcdded57e6..1c2cb6fc29c3 100644 --- a/net/core/devlink.c +++ b/net/core/devlink.c @@ -11731,6 +11731,8 @@ static const struct devlink_trap devlink_trap_generic[] = { DEVLINK_TRAP(ESP_PARSING, DROP), DEVLINK_TRAP(BLACKHOLE_NEXTHOP, DROP), DEVLINK_TRAP(DMAC_FILTER, DROP), + DEVLINK_TRAP(EAPOL, CONTROL), + DEVLINK_TRAP(LOCKED_PORT, DROP), }; #define DEVLINK_TRAP_GROUP(_id) \ @@ -11766,6 +11768,7 @@ static const struct devlink_trap_group devlink_trap_group_generic[] = { DEVLINK_TRAP_GROUP(ACL_SAMPLE), DEVLINK_TRAP_GROUP(ACL_TRAP), DEVLINK_TRAP_GROUP(PARSER_ERROR_DROPS), + DEVLINK_TRAP_GROUP(EAPOL), }; static int devlink_trap_generic_verify(const struct devlink_trap *trap) From patchwork Tue Nov 8 10:47:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036123 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F30B9C4332F for ; Tue, 8 Nov 2022 10:48:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233966AbiKHKsX (ORCPT ); Tue, 8 Nov 2022 05:48:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36776 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233936AbiKHKsO (ORCPT ); Tue, 8 Nov 2022 05:48:14 -0500 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2052.outbound.protection.outlook.com [40.107.244.52]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AFAA9429A4 for ; Tue, 8 Nov 2022 02:48:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=j8CCPVYN88yZbOFqbtFxslNXtZkXl7bYefUetyIVeQOZiZ1Xq0/1HAo3tyCuQfWJpkl29s0Wlcoq8mq17wNZkVYedMxNXNHpu94TthxwtJlf1koHXZ656hVaakgsQgK9T8qNaKjsh+njbQt3CFt7wUFHHY06DBVDQu3lkQgSN/ahM6OkB1EZ7MDBvL1M5Imul+akc7JzeYWKiaQ5NqsE/R1eU/TJBRkbiLMKR7paruccdYTKb1zNW+b6+Q28P6nRQYr3dn4im5EnnTHeIbjUSwUuYUyzxvGGr3aZ7ZBaQRElxj5/6aVtnOXLZ4nHAKkS5UFvqbi+vxCXu0LNJqIW3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9YR5OG9WVlRhkHNDsa2MkQOEA60efe6gGDhHFLTgsQU=; b=TxdqT81F2ZxX4PVRp4N2DTtdtNY+METdEEZ5rsL0ZKcPD8cqSmW1igfRShHbARn8O+SoQqOtJBhmIbbYzP3Q5cDnk7k7e8lJNUJfMwNKXzsIfeAgUli6HeE2DL7ka4ttb7eGMk6MAVfOIassyOTZnJUNzyIrwcex0CQA0EXo+1g3jRWNiGJM7F/ccV0ZCmpP2NcNk9eXGHnfoEkkSIH/JggM74bImCjzxEi83ybQWYuivWVrX655V3AFhy4Ugm6UfNqgDJ9K+jn26adLd8VxAtZJ6WnnK8ycQM2Tf+uHgjuWHc+YK0fZZhUCTg+Dam5+LgVmKDVGLoKRFE4v3eu/XA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9YR5OG9WVlRhkHNDsa2MkQOEA60efe6gGDhHFLTgsQU=; b=hJ7c0czasSouveSdeJdzdQuVsMcEprENPc4pKpqlkGXXkrLP2l0XRwaBocAoYbTAR5sFPlQwCwI46u1+yK8/azpnoEI30L8iTwyNVMRgBk7qscAdRWmEpGlSOq2cbB71BUzOJH/cWZS/cT8ybsFqTuAXYXXWwmKxZ9HMocgQxBp/yXFPNISKPFul1sQf407e4ILzh/5oAz58fPCFDoeDmuxUxCWMkl7u2WxZ1WWPysjWqeb98ICQX7a26doc85HfKj6jpshFo/IpfJcw+svq6z13s9l5YZ9mvh+CH2QQsmRsco42gF00QPAe8viXp30rGkEluuhKEoEEGNsT69Fuvw== Received: from BN1PR12CA0005.namprd12.prod.outlook.com (2603:10b6:408:e1::10) by SN7PR12MB6909.namprd12.prod.outlook.com (2603:10b6:806:263::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:12 +0000 Received: from BN8NAM11FT020.eop-nam11.prod.protection.outlook.com (2603:10b6:408:e1:cafe::be) by BN1PR12CA0005.outlook.office365.com (2603:10b6:408:e1::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26 via Frontend Transport; Tue, 8 Nov 2022 10:48:11 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT020.mail.protection.outlook.com (10.13.176.223) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:11 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:47:56 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:47:52 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 05/15] mlxsw: spectrum_trap: Register 802.1X packet traps with devlink Date: Tue, 8 Nov 2022 11:47:11 +0100 Message-ID: <861f29bb2764d19e9c8a60749c1ad3b187e948eb.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT020:EE_|SN7PR12MB6909:EE_ X-MS-Office365-Filtering-Correlation-Id: da2711a5-ecc0-4218-75df-08dac176bb4b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: KtQDC3KJwPTK1cCrfUrqQect6esOgcSFvyT52ZtjjAYTRDK9BTlFIWw3knTS1B+jO0L7VNkKt0SG/56Z35vIpV3+wdMst5jcgoaoAMqKTp2kyhhPHIrvWJ4AxXPCYuEykkMhBUQjheYJ89ssU8JCv6PNw/pkVGtv2O0iktcHnOA+cWEU6EYLCFnb+fePdC09WxwcBZx4nsYkGYzv+IDy9UArBQ6EHXf0TFA73FslAdQ2oQ/1+H2l2PAUdeBVoHuefidxCrTF4xXm4TadwMANMT04fKEEN3yvmTzJAWmARb5ETYD6LrJb2/UeFAkQzDzErQpDTz3FiJSqkcGIKEOts3gzIIUxbUxGSvWJO0BdPxXgMe0UJz+EoBV+KepCB/XAYtymVF/L2UnuCrrFjHXP9SvG8JddE7PAySXd0ulqJxIeyIJsUz0OG9T8nsOFLwWg7y0vbW0nXbPSL14zNWlgCRd2nCwpiN+y5gfrkoIcxiYuEvLXwWUjExx9bJWDjcC2Y7suHcqpo3EQEz8tYpLkxyfDVP2g9xjIB5/RvOmFSFLXa0KBrSqPnqZH3VlM6LIdr17T3KiFKlXB6exX+a4qVThpzutBifHWzrx4UrFZeez87OR82g32Wob23NVQGTVjEh6CR5rjmWPhy8n5IANf0pSx5WOkNoABd7y5S+JLrQ8qp5k/mCd50MslGuSSed+VUrvoCWTvVwBSTJQvqBxJaEakH+zILqX6530nBkVQyNTmTItmZi6xIzcH1E8SwZ+Ilq2PyJenby1X5IgK9dRCog== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(136003)(39860400002)(376002)(346002)(396003)(451199015)(46966006)(40470700004)(36840700001)(36756003)(82740400003)(86362001)(7636003)(356005)(40480700001)(40460700003)(2906002)(7696005)(47076005)(16526019)(336012)(26005)(186003)(107886003)(2616005)(426003)(83380400001)(6666004)(36860700001)(8676002)(70206006)(478600001)(110136005)(54906003)(82310400005)(8936002)(316002)(4326008)(70586007)(5660300002)(41300700001);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:11.6901 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: da2711a5-ecc0-4218-75df-08dac176bb4b X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT020.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB6909 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Register the previously added packet traps with devlink. This allows user space to tune their policers and in the case of the locked port trap, user space can set its action to "trap" in order to gain visibility into packets that were discarded by the device due to the locked port check failure. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata --- drivers/net/ethernet/mellanox/mlxsw/reg.h | 1 + .../ethernet/mellanox/mlxsw/spectrum_trap.c | 25 +++++++++++++++++++ drivers/net/ethernet/mellanox/mlxsw/trap.h | 2 ++ 3 files changed, 28 insertions(+) diff --git a/drivers/net/ethernet/mellanox/mlxsw/reg.h b/drivers/net/ethernet/mellanox/mlxsw/reg.h index b74f30ec629a..7240af45ade5 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/reg.h +++ b/drivers/net/ethernet/mellanox/mlxsw/reg.h @@ -6316,6 +6316,7 @@ enum mlxsw_reg_htgt_trap_group { MLXSW_REG_HTGT_TRAP_GROUP_SP_TUNNEL_DISCARDS, MLXSW_REG_HTGT_TRAP_GROUP_SP_ACL_DISCARDS, MLXSW_REG_HTGT_TRAP_GROUP_SP_BUFFER_DISCARDS, + MLXSW_REG_HTGT_TRAP_GROUP_SP_EAPOL, __MLXSW_REG_HTGT_TRAP_GROUP_MAX, MLXSW_REG_HTGT_TRAP_GROUP_MAX = __MLXSW_REG_HTGT_TRAP_GROUP_MAX - 1 diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_trap.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_trap.c index f4bfdb6dab9c..899c954e0e5f 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_trap.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_trap.c @@ -510,6 +510,9 @@ mlxsw_sp_trap_policer_items_arr[] = { { .policer = MLXSW_SP_TRAP_POLICER(20, 10240, 4096), }, + { + .policer = MLXSW_SP_TRAP_POLICER(21, 128, 128), + }, }; static const struct mlxsw_sp_trap_group_item mlxsw_sp_trap_group_items_arr[] = { @@ -628,6 +631,11 @@ static const struct mlxsw_sp_trap_group_item mlxsw_sp_trap_group_items_arr[] = { .hw_group_id = MLXSW_REG_HTGT_TRAP_GROUP_SP_FLOW_LOGGING, .priority = 4, }, + { + .group = DEVLINK_TRAP_GROUP_GENERIC(EAPOL, 21), + .hw_group_id = MLXSW_REG_HTGT_TRAP_GROUP_SP_EAPOL, + .priority = 5, + }, }; static const struct mlxsw_sp_trap_item mlxsw_sp_trap_items_arr[] = { @@ -1160,6 +1168,23 @@ static const struct mlxsw_sp_trap_item mlxsw_sp_trap_items_arr[] = { MLXSW_SP_RXL_DISCARD(ROUTER3, L3_DISCARDS), }, }, + { + .trap = MLXSW_SP_TRAP_CONTROL(EAPOL, EAPOL, TRAP), + .listeners_arr = { + MLXSW_SP_RXL_NO_MARK(EAPOL, EAPOL, TRAP_TO_CPU, true), + }, + }, + { + .trap = MLXSW_SP_TRAP_DROP(LOCKED_PORT, L2_DROPS), + .listeners_arr = { + MLXSW_RXL_DIS(mlxsw_sp_rx_drop_listener, FDB_MISS, + TRAP_EXCEPTION_TO_CPU, false, + SP_L2_DISCARDS, DISCARD, SP_L2_DISCARDS), + MLXSW_RXL_DIS(mlxsw_sp_rx_drop_listener, FDB_MISMATCH, + TRAP_EXCEPTION_TO_CPU, false, + SP_L2_DISCARDS, DISCARD, SP_L2_DISCARDS), + }, + }, }; static struct mlxsw_sp_trap_policer_item * diff --git a/drivers/net/ethernet/mellanox/mlxsw/trap.h b/drivers/net/ethernet/mellanox/mlxsw/trap.h index 8da169663bda..83477c8e6971 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/trap.h +++ b/drivers/net/ethernet/mellanox/mlxsw/trap.h @@ -25,6 +25,8 @@ enum { MLXSW_TRAP_ID_IGMP_V2_LEAVE = 0x33, MLXSW_TRAP_ID_IGMP_V3_REPORT = 0x34, MLXSW_TRAP_ID_PKT_SAMPLE = 0x38, + MLXSW_TRAP_ID_FDB_MISS = 0x3A, + MLXSW_TRAP_ID_FDB_MISMATCH = 0x3B, MLXSW_TRAP_ID_FID_MISS = 0x3D, MLXSW_TRAP_ID_DECAP_ECN0 = 0x40, MLXSW_TRAP_ID_MTUERROR = 0x52, From patchwork Tue Nov 8 10:47:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036126 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A4C56C433FE for ; Tue, 8 Nov 2022 10:48:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234006AbiKHKsu (ORCPT ); Tue, 8 Nov 2022 05:48:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36860 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233956AbiKHKsQ (ORCPT ); Tue, 8 Nov 2022 05:48:16 -0500 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2051.outbound.protection.outlook.com [40.107.101.51]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E63E341994 for ; Tue, 8 Nov 2022 02:48:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=K74hUc62GKaAWrecC/mAq1abyMYS2CJ804jLOmWeFjPYysYRsbnA3tJHEl4lkzLEE8EoLx6FjkSKB/Hq0UGyxXqh8/a5+g5vqJdRcE91jC0uWRmWzlcRCrZI0V+1Fjwc8AQQoQZBXAyLUViHu24STPimaIfWJinTn7h17gA+tbRrNteVrMqGZ5vwXz/FGPp1R1noZPq+d9j3taSsJsq8VKc1d62Q7eWq1mWwKaRLc1GUKaCIGsnhCwjJTnkQWjQIvpjAZwVih3YgdGmtOnTA6tPfu9Lfq4oMR2YCOCotsyztOKallgiW/r9U966ccYhhvr0nMpG1iF3tokpD9AWcyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kq5Oq8fcOFcPYTjwT1aMU/D8S+XTSuUQicYnQIZzCLM=; b=YgrFQG3y3uLr4YSVtXArzlPAVPF7+bYvcxxXM/6dhXSJj/CfGM25MhloT2r+fqEWB2y0MejPvhBqBqviEllxuHKYPMDNsKsWnZwraHpgYocrr4TcehYeRxketRk6yfNYXMHZQRfd7JAY5sjssVefcaBbRtUGpp25oxgV2jV3iHqMHV/4xDolgNB+gGCkvRJB7CQvE0ulmudoVAv9Ri8JBiPDASyORP8HQLGnAjGE6NuZCcNrb1xrWM/3D9HxZod/9eXRcEZzxlcxhN6dskjv+Ug5/7W5KVRafsDJ7xRf6o4iDRtibmiS8bqIsF8vn5ZvtRoO9eA2k3ovaqzN5es7rw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kq5Oq8fcOFcPYTjwT1aMU/D8S+XTSuUQicYnQIZzCLM=; b=Dt/WQJLsQ+YLhwVM37poPiMS2c0uuzOLo2dCUDxKSMTILKxmFO8sbhsABykuHF75U9wd9gaO4LxvNOtS/9F4ljRkbphpseQGKn9WFu1o01TW2Oz3tcYVxlmu86rdKM6LXfKMyHN/Iq0nqZZhOU0u/llAh/yCNKkGNGaxLSO0NJWXNw1x3AFILixxHIQ9AHHIoUw0xKnBmemGSbbgTUARXvD0dN7BxYOmxGs8BBPWSZs/IgQG7G3VyDn3VOCuzLQKvBOrgTI4mWdwT3b9A54zIB7SZYs9MD+oGfsGqB286Ugg3bRE2DpAm9LAKjp6awom9tEHd2MjraKWzZwJ6kU6ww== Received: from BN1PR12CA0008.namprd12.prod.outlook.com (2603:10b6:408:e1::13) by DM4PR12MB6086.namprd12.prod.outlook.com (2603:10b6:8:b2::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.25; Tue, 8 Nov 2022 10:48:14 +0000 Received: from BN8NAM11FT020.eop-nam11.prod.protection.outlook.com (2603:10b6:408:e1:cafe::f6) by BN1PR12CA0008.outlook.office365.com (2603:10b6:408:e1::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27 via Frontend Transport; Tue, 8 Nov 2022 10:48:14 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT020.mail.protection.outlook.com (10.13.176.223) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:14 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:00 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:47:56 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 06/15] mlxsw: reg: Add Switch Port FDB Security Register Date: Tue, 8 Nov 2022 11:47:12 +0100 Message-ID: X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT020:EE_|DM4PR12MB6086:EE_ X-MS-Office365-Filtering-Correlation-Id: 5387c680-7158-4207-c2db-08dac176bcc1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 4Bl7TFQHr+UhCW0IZeAEgdSkVqn//Wh6uyBQcSwHsJchtQLSf9WHXrejwRnVoPiayzlG4/eKjz7c22LPOwRM2FL9lupb1wasjPJBEopbgzZpg53nAg0NTSDWQiSCzu/YMcGqc4oDCBNX2hb/xkXbYgZ+GENDk8nuxvuRyZMIJmtUjtl0x2uDJ9vW8X1l3njdQw5yWFyuE1WsoLGtMunFR/J5lnvwpDA91wzkRWQ2qMk2XwVCtdB26MXICxUZdjGblgQe+PFfdO8B8v1rnEmwmU/O1WFKKA1bL+TjTCgPzWy4RPqYWHxLkbWQ9w7Jqw6Gm3g46pFCv3HZXRqqZeQ8U0TPWeVMBODzRjXcLf5H2He9QBZ09Z5GD7duQb/vtYbfBZn90IeaVP3uGUb+0lqQ1znGWUSrKnPAlb/MOG5hNs8uHAcFzOMfFllyn4hZwAbWNkyUqM/9mmgIxL6d7DkZiLUlsW+foOcqTm3scoYnxS4DKsp741RP+X4anYAvW/oTN+iVbhNDcBgMGrno8CYWe4x/PJfFcNGB/0FbWYRwfM52heNu8ZxJ37j6fmmof/D2yW+54Lxy95Qx3RnQsmFAmB91L2lM8Byt/9omatWgeyE6hjR9kIuRIX5LkenK6n+RJiofz6Z+INkrPuCsiazdGouCuaAmu7/Td4fb3Km43H92aqAlzzjX/QncGkSz4ufpEMqmfc/hULzdhh3mBSF15OwD+2BfcmRz37Ili5gaFiedEGhp1u4IZsDYAXQQVNkrq8Bmj1SxUJO660vKGpbnEg== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(376002)(136003)(396003)(39860400002)(346002)(451199015)(46966006)(40470700004)(36840700001)(86362001)(186003)(2616005)(54906003)(6666004)(426003)(107886003)(110136005)(26005)(36756003)(316002)(47076005)(336012)(7696005)(82740400003)(8936002)(2906002)(356005)(40460700003)(7636003)(15650500001)(70206006)(5660300002)(70586007)(16526019)(36860700001)(8676002)(83380400001)(41300700001)(4326008)(82310400005)(40480700001)(478600001);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:14.1275 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5387c680-7158-4207-c2db-08dac176bcc1 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT020.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6086 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Add the Switch Port FDB Security Register (SPFSR) that allows enabling and disabling security checks on a given local port. In Linux terms, it allows locking / unlocking a port. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata --- drivers/net/ethernet/mellanox/mlxsw/reg.h | 34 +++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/drivers/net/ethernet/mellanox/mlxsw/reg.h b/drivers/net/ethernet/mellanox/mlxsw/reg.h index 7240af45ade5..f2d6f8654e04 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/reg.h +++ b/drivers/net/ethernet/mellanox/mlxsw/reg.h @@ -2046,6 +2046,39 @@ static inline void mlxsw_reg_spvmlr_pack(char *payload, u16 local_port, } } +/* SPFSR - Switch Port FDB Security Register + * ----------------------------------------- + * Configures the security mode per port. + */ +#define MLXSW_REG_SPFSR_ID 0x2023 +#define MLXSW_REG_SPFSR_LEN 0x08 + +MLXSW_REG_DEFINE(spfsr, MLXSW_REG_SPFSR_ID, MLXSW_REG_SPFSR_LEN); + +/* reg_spfsr_local_port + * Local port. + * Access: Index + * + * Note: not supported for CPU port. + */ +MLXSW_ITEM32_LP(reg, spfsr, 0x00, 16, 0x00, 12); + +/* reg_spfsr_security + * Security checks. + * 0: disabled (default) + * 1: enabled + * Access: RW + */ +MLXSW_ITEM32(reg, spfsr, security, 0x04, 31, 1); + +static inline void mlxsw_reg_spfsr_pack(char *payload, u16 local_port, + bool security) +{ + MLXSW_REG_ZERO(spfsr, payload); + mlxsw_reg_spfsr_local_port_set(payload, local_port); + mlxsw_reg_spfsr_security_set(payload, security); +} + /* SPVC - Switch Port VLAN Classification Register * ----------------------------------------------- * Configures the port to identify packets as untagged / single tagged / @@ -12762,6 +12795,7 @@ static const struct mlxsw_reg_info *mlxsw_reg_infos[] = { MLXSW_REG(svpe), MLXSW_REG(sfmr), MLXSW_REG(spvmlr), + MLXSW_REG(spfsr), MLXSW_REG(spvc), MLXSW_REG(spevet), MLXSW_REG(smpe), From patchwork Tue Nov 8 10:47:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036125 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EFCFEC4332F for ; Tue, 8 Nov 2022 10:48:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233994AbiKHKst (ORCPT ); Tue, 8 Nov 2022 05:48:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36706 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233916AbiKHKsP (ORCPT ); Tue, 8 Nov 2022 05:48:15 -0500 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam07on2056.outbound.protection.outlook.com [40.107.212.56]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDA8040909 for ; Tue, 8 Nov 2022 02:48:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XYeuy8pykpAJhAaHdwaB1Pknpz0lmtco/72jqNPiXNvudhllZrlOfNYbJf4QTLCkTaXiRJ8fqPRJaN13Y0g504VK1kzBXY4GuhZ48ovQfIPs/NFLrbB5zoQ/IB4jLPorWFWp+MgxYIPBsLdw2/yB7j+FUxjjICzezXMiuKgABjLIFI/XdGxiUNQpZDac+5eAancoyI73G7ZH8WxY06p9Ve+R5pILdha9vxDDqtMVb9OxFIb+/dQm1AqEvYu0I0tIaw/eofFcly4WqRjAAZi7zppIfgP5BO6nyR7U6VWbzxCVCClBbZ9G4aMhfstR8uspt7Z2vtk3rtcZzLDfobvJlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+vXV0EscbKjPvtQz+Z5GoGH51yAqxSK2mKdAlmDf4A8=; b=ZKcJ/RjQz4f9AqTAK4y0XmKLi8N2Hhm+xYB5lC3gATeUMakFOWPehUr0lG58O6054BtUOEdCNjBxNP/omSDFKkpANp2i4ugKxX/pIkL6LtMGzfhSVB6f5bxHmyL6K4UyN/MvAP/4GXtOJVoP0tpm11esbgfDQQVIttH+M97U+k7V9V8P885WuHwyrVWoDc8FC/RMTSRrJ40D8LmgmHrdJ3LLm2ZitaFDpaJBaLxDOkGbWllpj1WKUSYEXNPwm8rpwRq0M4El9hDzQWllY/AiHTKJlLMxPwRVPpSpYR+2CMYQeEw/c25FZIqwcGLm/qWBWZMkBIbH2Hsd5wqG1GlMwQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+vXV0EscbKjPvtQz+Z5GoGH51yAqxSK2mKdAlmDf4A8=; b=g6wOCHPSRf4d10ZXr87/oRqmGIKx6lclk59YbYBq29xW5crEqk09VYGOdaWlMlRud1owY4fFuGvlEzpTlp8OJEBe6SjpH8ACwJAGm1ZntunIDnvqLd4cwvzI1LroqrXGRsVcRrepOvdyW8nI/Ef0f2yB2ytB+9VHPB7ighsTDgtlqO66VsKAGdTGHPHfG2XAHMlBK0cI5l54q+IomFScXTMaBghrTS0ssxnXMJpnI5f5q7674N5y+stir9wk/jFnQneQBg7k73SsosBq1ih42gttU0bTWxzGeonaKGxco5TPwZStg+UPDFcIlC2hsjCTOmWtdq+uGp2zp5lX54WimQ== Received: from DS7PR05CA0049.namprd05.prod.outlook.com (2603:10b6:8:2f::27) by SJ0PR12MB6784.namprd12.prod.outlook.com (2603:10b6:a03:44f::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:12 +0000 Received: from DM6NAM11FT057.eop-nam11.prod.protection.outlook.com (2603:10b6:8:2f:cafe::ff) by DS7PR05CA0049.outlook.office365.com (2603:10b6:8:2f::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5813.9 via Frontend Transport; Tue, 8 Nov 2022 10:48:12 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by DM6NAM11FT057.mail.protection.outlook.com (10.13.172.252) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:12 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:03 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:48:00 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 07/15] mlxsw: spectrum: Add an API to configure security checks Date: Tue, 8 Nov 2022 11:47:13 +0100 Message-ID: <69d965463badfb2f1d714869cb4a86fd252e2114.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT057:EE_|SJ0PR12MB6784:EE_ X-MS-Office365-Filtering-Correlation-Id: 770847e0-de07-47a3-f73e-08dac176bba7 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: m+iEGVNB7xWo9WLkIF2N8GDr8nP1OBZqczsV1bXZRYM+Ar4hPLhj97a6+ff7qpit9Difnv7dqYXvvM0XhkCm7FD6CU5SR7BdstmJ1tGE6NUCzkfF3b5vPJFH/5W0+e4yYenso2Otjr1FqalZ8ev/+I42cc2/f4kMKVT9R1l7o6euT5uaWFoVBuGFa8fEcnf2kxc9TwavyuUd9rCF6NbXFMF5jEdv8bV1yTqzRgXC/Lt1IsRQtKg0o2MSu5sWp4IhgUV2yg43g7jbPNE79jYAFBV9DJOoR3eWXl6dx/FaPWhy9Eo5S1nwShW38e5jWwOEBX1Ym/nsGvcuwkccnu5xzlBxsb5omHvn/HlrHO0mTXuLMIaF7gmJo0GjD2de3YlMkngscKcM5MpbMUedffDBi8NzNviJc9PsClw13Qddqw8jCAOsiS9uIDWPrAI2x7s5xaLs8HIwEUxOByEZtUHs2AVAKW4G1OOevF0oRenBC3B7afym0h5gr6N47EdJAbPTGLZAFpsBQjBDOhgY7J1JubvV6iCHSBOGwCnXYR/gx/8xqKlF9NqXntWpNnpv1g+svtBo6xW6AY2wS4o09Bqd8SWLK+Rb5xhMPeRPiAEpnMRwI+6bZhyyiZHLTZFqi9WMJ9uYkJNy3TaTuy5Y3Rr++6ax5M1EhfCvEbxoHSXiD0RhUzXtW5b2DzlWWjiPw8SVBrC6es8CdFwYgMDy+RQnGS7QpwSgdsDyKFubqf+myBXoFNgOPuOwzRfolC/lVNuTyo/HFHxjIXn2dVwPQX/mFw== X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(346002)(376002)(136003)(39860400002)(396003)(451199015)(36840700001)(40470700004)(46966006)(36756003)(82740400003)(86362001)(7636003)(356005)(107886003)(40460700003)(40480700001)(15650500001)(47076005)(186003)(426003)(336012)(16526019)(2906002)(26005)(6666004)(83380400001)(36860700001)(7696005)(2616005)(8676002)(4326008)(478600001)(54906003)(82310400005)(110136005)(70586007)(316002)(70206006)(8936002)(41300700001)(5660300002);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:12.3432 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 770847e0-de07-47a3-f73e-08dac176bba7 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT057.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB6784 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Add an API to enable or disable security checks on a local port. It will be used by subsequent patches when the 'BR_PORT_LOCKED' flag is toggled. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata --- drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 18 ++++++++++++++++++ drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 5 ++++- 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c index 04dc79da6024..b34366521914 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c @@ -466,6 +466,24 @@ int mlxsw_sp_port_vid_learning_set(struct mlxsw_sp_port *mlxsw_sp_port, u16 vid, return err; } +int mlxsw_sp_port_security_set(struct mlxsw_sp_port *mlxsw_sp_port, bool enable) +{ + struct mlxsw_sp *mlxsw_sp = mlxsw_sp_port->mlxsw_sp; + char spfsr_pl[MLXSW_REG_SPFSR_LEN]; + int err; + + if (mlxsw_sp_port->security == enable) + return 0; + + mlxsw_reg_spfsr_pack(spfsr_pl, mlxsw_sp_port->local_port, enable); + err = mlxsw_reg_write(mlxsw_sp->core, MLXSW_REG(spfsr), spfsr_pl); + if (err) + return err; + + mlxsw_sp_port->security = enable; + return 0; +} + int mlxsw_sp_ethtype_to_sver_type(u16 ethtype, u8 *p_sver_type) { switch (ethtype) { diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.h b/drivers/net/ethernet/mellanox/mlxsw/spectrum.h index c8ff2a6d7e90..bbc73324451d 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.h +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.h @@ -321,7 +321,8 @@ struct mlxsw_sp_port { struct mlxsw_sp *mlxsw_sp; u16 local_port; u8 lagged:1, - split:1; + split:1, + security:1; u16 pvid; u16 lag_id; struct { @@ -687,6 +688,8 @@ int mlxsw_sp_port_vid_stp_set(struct mlxsw_sp_port *mlxsw_sp_port, u16 vid, int mlxsw_sp_port_vp_mode_set(struct mlxsw_sp_port *mlxsw_sp_port, bool enable); int mlxsw_sp_port_vid_learning_set(struct mlxsw_sp_port *mlxsw_sp_port, u16 vid, bool learn_enable); +int mlxsw_sp_port_security_set(struct mlxsw_sp_port *mlxsw_sp_port, + bool enable); int mlxsw_sp_ethtype_to_sver_type(u16 ethtype, u8 *p_sver_type); int mlxsw_sp_port_egress_ethtype_set(struct mlxsw_sp_port *mlxsw_sp_port, u16 ethtype); From patchwork Tue Nov 8 10:47:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036128 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D50E8C433FE for ; Tue, 8 Nov 2022 10:48:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233973AbiKHKsx (ORCPT ); Tue, 8 Nov 2022 05:48:53 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37186 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233930AbiKHKs1 (ORCPT ); Tue, 8 Nov 2022 05:48:27 -0500 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2089.outbound.protection.outlook.com [40.107.100.89]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 95F32B1DC for ; Tue, 8 Nov 2022 02:48:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f51GLZb7wgpRtZPHYhteKXxWwmFObEBza9OtSt8uxgdn8TW1W2rLN6EkhndYe5K4Gnk9+ni7Lc4/DbZUBpTR54BJoyAm/nkTfNnQeLBISaJ8sJ98xxpm5MQuGdWgU3JlHEbAkRHcmlg6nnPYhDxQer7YDUChYaUeD/G4UehCvH8bF1cZNb+Q/YrT8VIySRJarm+6aeUDS4JemWqmnsfC8xGrSxQM9dELoaTIB/c0tcbYzcS4oBKoq5/9TA041dShrhA1cMfdxegiZ6M/3Unfi+UncL2ZuglRzJ229A4wdE+wU9u1u1jG6YJjfd0hvga8TaEIlkfKscfZTltB6/ulmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AtE7u9MQDSIbAqLf032Zj0aue9ZFrFmS/MZfZeVQBBA=; b=DI6VmgmP2cnXrTYnhidZ+aBw++SmRn47zYBBHzHSq8vjjIYGRRX1ssooxwhPY6QHGD1Z/t9Z7MxQXKsS2nkIlTp+9WH7873MyYTA7LJdgg6/C+4d5QQnj31G8nBmiVSiXDZbZnew6NtXa7JAMKE9xd+jh/oNU23+/mqhClrrkAdK8caP90A8NrlBu7f7PCw+h2EpaqdobFMtgDFYk9B0TZ4nw5h8cr5u2fcjYEA+eorOk3B7UsTGQy7Bb/cUe+Rx8efcoR11sW2hN2+nCX06yzugjXAZWF0Tgczauu3EJMXjm+bZqHEHrpQ9w6VXLSj/TZupMzOO/fIwEwwHQJ217Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AtE7u9MQDSIbAqLf032Zj0aue9ZFrFmS/MZfZeVQBBA=; b=pEtS0mq8blvFkk+9WPVzZRJGsYAd4QHwWTbS8r7Y9PZp0J68BRTE4jhYrQTcdyqN692RSnCXkRwl0UeG6l590PtX8l5VMvdliQVbSo2iKymuuTBDPOrioAhmhpe0KqzHWvIpcZS67x00Hi3In73XSZOZtQQymIPmWZlclC0HYjyyyG/DHDhnHtkaeJ1QX51YKQsyb1oYEoGA/P2PDbxH1XZTY8WrHEQ2UIx8gGZcg5GqFB2Zk/FnE4mqX3Y3AJIpIee8K0BK4DiStTAwNpwJcjnmFdubpFAJcT547qQuHkoaFz0DkIATt1w4f5emA4mhEkfwCvgs+4xBwQfcCpUA6g== Received: from BN0PR08CA0027.namprd08.prod.outlook.com (2603:10b6:408:142::25) by DM4PR12MB7696.namprd12.prod.outlook.com (2603:10b6:8:100::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:22 +0000 Received: from BN8NAM11FT093.eop-nam11.prod.protection.outlook.com (2603:10b6:408:142:cafe::27) by BN0PR08CA0027.outlook.office365.com (2603:10b6:408:142::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27 via Frontend Transport; Tue, 8 Nov 2022 10:48:22 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT093.mail.protection.outlook.com (10.13.177.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:22 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:07 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:48:04 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 08/15] mlxsw: spectrum_switchdev: Prepare for locked FDB notifications Date: Tue, 8 Nov 2022 11:47:14 +0100 Message-ID: <41dd6cd6fd24a0a47e4085ccf534e5cdea8b33a4.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT093:EE_|DM4PR12MB7696:EE_ X-MS-Office365-Filtering-Correlation-Id: 0e5ebffe-a19d-4fc1-d3f1-08dac176c1a6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: U2SA4/DNfe5eSAQax5IrfE4qJojXSdRZkTHh31jSxSwiIlpsfq7UXS9m3tQIj7KePNabbMMor9C9AEUjWGuOkGdNone+8iqaSKJMyKnw8Icv9LiVwE2ikSSdpGDfKNy4hC9GJVTKRF0aLyh+XyfxR0tsMWyN878xiXR6vpxP8ZxRnz5bAPWXfiQWSQKgEgUaHAJ2WbF/xpe3OX4PyZUb7W44KhyqnhMoWmvI02zDRCWeXHSs7B/nhJgsu3Cnr8+aSDN+30S5UcIQmuUaslyGNGIgtAJK4KD850+eO3omixLwVqW42XZsW7SOVS5Zut6RYU4fYpdHvi8CDBJeAT9klWINBuTh+1GR+Tl9O2vLH4KuVqGLFG1X/YY0rgG9kQwS+UsJGxio4SjQc5vDFufD+OUrpKF8ZbIOBNpIb8FRYTH8cJSTKjQAyvlQxR4OyVu+VNYlAn+sSH5eMkAcu2wYkxngaYxprmfCVGzYrn+EdwDrIdaEpLCdTB1vbqa1Vn3NzJ+RAdMjAbGNBm1rEr/EP4WNGXZhxNVDaVQY3ABhPMob080roZRd6653a2Q/mrHRhDG46kTPUxVa9eFyCEHnLi7Y8SGTu5ofndzOdIwjez2pcNiEbfBusuYt87mKeKbi1EefpF7FdFye4OLz6FhWFLIuiDdYKwPrwpe2JliyWnSpUMWVSSXuCJBgqamxAkvPVvxFpfNgYc8+tSkT6fsGpbh2umIOZfDXNK8mVRoeatsNfE0/ivNckeuTYKYMebhCvV4qzgQ+Q979JtQUgqWpfg== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(396003)(346002)(376002)(39860400002)(136003)(451199015)(36840700001)(46966006)(40470700004)(36756003)(356005)(82740400003)(7636003)(86362001)(83380400001)(40480700001)(40460700003)(2906002)(15650500001)(186003)(336012)(26005)(16526019)(6666004)(426003)(107886003)(47076005)(7696005)(36860700001)(70206006)(316002)(4326008)(8676002)(2616005)(54906003)(110136005)(82310400005)(70586007)(8936002)(478600001)(5660300002)(41300700001);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:22.3396 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0e5ebffe-a19d-4fc1-d3f1-08dac176c1a6 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT093.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB7696 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Subsequent patches will need to report locked FDB entries to the bridge driver. Prepare for that by adding a 'locked' argument to mlxsw_sp_fdb_call_notifiers() according to which the 'locked' bit is set in the FDB notification info. For now, always pass 'false'. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata --- .../mellanox/mlxsw/spectrum_switchdev.c | 21 ++++++++++++------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c index 4efccd942fb8..0fbefa43f9b1 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c @@ -2888,13 +2888,14 @@ static void mlxsw_sp_fdb_nve_call_notifiers(struct net_device *dev, static void mlxsw_sp_fdb_call_notifiers(enum switchdev_notifier_type type, const char *mac, u16 vid, - struct net_device *dev, bool offloaded) + struct net_device *dev, bool offloaded, bool locked) { struct switchdev_notifier_fdb_info info = {}; info.addr = mac; info.vid = vid; info.offloaded = offloaded; + info.locked = locked; call_switchdev_notifiers(type, dev, &info.info, NULL); } @@ -2952,7 +2953,8 @@ static void mlxsw_sp_fdb_notify_mac_process(struct mlxsw_sp *mlxsw_sp, if (!do_notification) return; type = adding ? SWITCHDEV_FDB_ADD_TO_BRIDGE : SWITCHDEV_FDB_DEL_TO_BRIDGE; - mlxsw_sp_fdb_call_notifiers(type, mac, vid, bridge_port->dev, adding); + mlxsw_sp_fdb_call_notifiers(type, mac, vid, bridge_port->dev, adding, + false); return; @@ -3015,7 +3017,8 @@ static void mlxsw_sp_fdb_notify_mac_lag_process(struct mlxsw_sp *mlxsw_sp, if (!do_notification) return; type = adding ? SWITCHDEV_FDB_ADD_TO_BRIDGE : SWITCHDEV_FDB_DEL_TO_BRIDGE; - mlxsw_sp_fdb_call_notifiers(type, mac, vid, bridge_port->dev, adding); + mlxsw_sp_fdb_call_notifiers(type, mac, vid, bridge_port->dev, adding, + false); return; @@ -3122,7 +3125,7 @@ static void mlxsw_sp_fdb_notify_mac_uc_tunnel_process(struct mlxsw_sp *mlxsw_sp, type = adding ? SWITCHDEV_FDB_ADD_TO_BRIDGE : SWITCHDEV_FDB_DEL_TO_BRIDGE; - mlxsw_sp_fdb_call_notifiers(type, mac, vid, nve_dev, adding); + mlxsw_sp_fdb_call_notifiers(type, mac, vid, nve_dev, adding, false); mlxsw_sp_fid_put(fid); @@ -3264,7 +3267,7 @@ mlxsw_sp_switchdev_bridge_vxlan_fdb_event(struct mlxsw_sp *mlxsw_sp, &vxlan_fdb_info.info, NULL); mlxsw_sp_fdb_call_notifiers(SWITCHDEV_FDB_OFFLOADED, vxlan_fdb_info.eth_addr, - fdb_info->vid, dev, true); + fdb_info->vid, dev, true, false); break; case SWITCHDEV_FDB_DEL_TO_DEVICE: err = mlxsw_sp_port_fdb_tunnel_uc_op(mlxsw_sp, @@ -3359,7 +3362,7 @@ static void mlxsw_sp_switchdev_bridge_fdb_event_work(struct work_struct *work) break; mlxsw_sp_fdb_call_notifiers(SWITCHDEV_FDB_OFFLOADED, fdb_info->addr, - fdb_info->vid, dev, true); + fdb_info->vid, dev, true, false); break; case SWITCHDEV_FDB_DEL_TO_DEVICE: fdb_info = &switchdev_work->fdb_info; @@ -3443,7 +3446,8 @@ mlxsw_sp_switchdev_vxlan_fdb_add(struct mlxsw_sp *mlxsw_sp, call_switchdev_notifiers(SWITCHDEV_VXLAN_FDB_OFFLOADED, dev, &vxlan_fdb_info->info, NULL); mlxsw_sp_fdb_call_notifiers(SWITCHDEV_FDB_OFFLOADED, - vxlan_fdb_info->eth_addr, vid, dev, true); + vxlan_fdb_info->eth_addr, vid, dev, true, + false); mlxsw_sp_fid_put(fid); @@ -3493,7 +3497,8 @@ mlxsw_sp_switchdev_vxlan_fdb_del(struct mlxsw_sp *mlxsw_sp, false, false); vid = bridge_device->ops->fid_vid(bridge_device, fid); mlxsw_sp_fdb_call_notifiers(SWITCHDEV_FDB_OFFLOADED, - vxlan_fdb_info->eth_addr, vid, dev, false); + vxlan_fdb_info->eth_addr, vid, dev, false, + false); mlxsw_sp_fid_put(fid); } From patchwork Tue Nov 8 10:47:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036127 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EE27FC4332F for ; Tue, 8 Nov 2022 10:48:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233972AbiKHKsw (ORCPT ); Tue, 8 Nov 2022 05:48:52 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36712 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232923AbiKHKsT (ORCPT ); Tue, 8 Nov 2022 05:48:19 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2075.outbound.protection.outlook.com [40.107.94.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F35A74199A for ; Tue, 8 Nov 2022 02:48:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UCENeGSZnAJ7E3Vs4lihy/gKB5MxuXnl6n6KYnKa+7R9N4bGXVNX0/2PdeW9FrmHx1PFVJ7+yvuUUQs1F9ryGoICNgN5Wb/2Sipthuw1xiwj/dqw98v1M3FQhbvGpkQUfR4R6IQ3WVyBPYtESw4vX3I1mrga7/m0yNvO+BtgVSn5k5egRYYCLHUJdeppRFdm73O+PJLIrDozH7ZzwykXb8ag9MAAYzJMzYWTsKEEnIGxpgXi2UWwtR3bw73cEHyT7MnQ8MYgCn25c/xW0U7wiXsncNPkQRv9/M/uVzOEivSSdLXtwKYn9c4hGkovHAQzAcFhecMP2b6B0AGrqDsimw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Vo4ipqeVVgE+KTVh1Y4G6Ef3KHZ/jjpRQseWMvFrWFw=; b=TdosVOwU2+/kRbnSkSOnJ9CGCs+kP8cIYdR96E964fRQ2mJBAdlZSqGFfFlKA7DLMZVLX6co9m9vR09ZwApqO5JqQzKaBPInghGkJL/FTwLuGcLCRQHM+aljLbppGnO4BH2xn4idujVKHZaegDYW7lpU9kgTi9rrwoOXqI/eUm/jNiaESiW7n3kvK61EFqC5ISxn6/FD0Ig1vxcFyNvyuRqdEdSnhMHLLoAANv32+bmvgg6qSmoYWwTodDoF0o13bx4JJQ2PpR4EnA6cJsbqrluncPe0E4gDKm1XA0UZQIBx0EO+oCo2dp3KY/kqbhtqQK2zSDrErPFHb/KTOvb3ew== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Vo4ipqeVVgE+KTVh1Y4G6Ef3KHZ/jjpRQseWMvFrWFw=; b=Xjifou809fQvq9j7s1+ePenStrYgAmfamVJDLeGAxgfB/tSrbR0Rgqfx0831QaF5VxssGLK86EoXoN1rEt+Wa1D8rsJ5kH1hxnDWGMzb7VTbch7fiGojtRW548bHqURLHGXqXCfRQO4jLr2lREOim6Bs3iqDz59wNdbfyhq5OuK0q163KI5Dmtx9gxIvwQG5fGhuxa2dL0cZpmQWiuusds/uZkEUd0L28ZU9+ReMvmArjgCUHZ6TPrbbvEgfWFtD2VFmEa4EgPjGl0973M7No5nEY7R06wc5/1NqxFEsHPeWrQ8PmzTowMVh64/a76jcL0wQyPdBE5wxx1tEeBdEqA== Received: from DS7PR05CA0039.namprd05.prod.outlook.com (2603:10b6:8:2f::16) by DM4PR12MB5134.namprd12.prod.outlook.com (2603:10b6:5:391::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27; Tue, 8 Nov 2022 10:48:16 +0000 Received: from DM6NAM11FT057.eop-nam11.prod.protection.outlook.com (2603:10b6:8:2f:cafe::1f) by DS7PR05CA0039.outlook.office365.com (2603:10b6:8:2f::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5813.8 via Frontend Transport; Tue, 8 Nov 2022 10:48:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by DM6NAM11FT057.mail.protection.outlook.com (10.13.172.252) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:16 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:11 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:48:07 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 09/15] mlxsw: spectrum_switchdev: Add support for locked FDB notifications Date: Tue, 8 Nov 2022 11:47:15 +0100 Message-ID: <70bb4e957bf5383781335679c5f9a26181e875c9.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT057:EE_|DM4PR12MB5134:EE_ X-MS-Office365-Filtering-Correlation-Id: 6e9b80ff-511c-44fe-bb83-08dac176be3e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zuDf61lhaXdCUHAmYC3dEZKeEsvdVazv1E+oB34wMeoa3tuTaX2kq8FQkj+x5qVG6c8FHkEYu+nez880TSIpJOxt6kVswHiTPKMXti/cfq1r8tAjAxWwIk2ZlPE5jQhPNj1h2/+jtJ/IKk0It5nIfz3EMeYQtQzkeeq4AGvPHypwDsmy/N8bGxagKIx+ov4RQhcnxgB6G3TCsK2ax3Cm/rvfLTl0W5QAp8tWTn4XvqU3qoDRD1Zvim+rLeH418/96OUr3uRBkHs0qeRpVryhcNZK6tmt0qWxDzU8Qp9I4vQB7NlMLYbsRoNZYneovj7LdUG0IX4s0I/AWRn50OKHepxs7rs5GRG4OJYm255MZ6az8bZ4AGWnCYJ0RDtDeYR4TsFiUBA7+eNxye0jI+MfkegKL7SDQ5cW5iI9L2CsrKb/RMcHotYkWku8/vVJ9rmvmJWOidTm00oWH9qUlq2OxixOs+rJYH4SMtimMeD51CbkOjrQ6k3QZ1X/FaUUb1YTacWGHwy5R2ugDJTFHC9ZNNe4w5o/5c6TXOcV+yy7ydQvq95qnB9/c5Fps2AUjOQvUJ+Rw8rUlIEH/vpXEBUd/tbfc+EFLkCIqQyCWJnGutT55TfnToFauER47+90YBewMEgGrDq1nDSNuYKRQgdgMaUVpn8DcCF0abGPWWZrhP4q/n9OGrqK2nqktp9+oeyEQqVcB7CL/5yBcMsAwDdihBqEUufgaFnPH1VdyYi4J4ijJuswrv+xi8lQYc9V+j+5J8198GHBWwYoOxpMg7AE5w== X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(39860400002)(346002)(376002)(136003)(396003)(451199015)(40470700004)(36840700001)(46966006)(82310400005)(83380400001)(36860700001)(6666004)(2906002)(86362001)(7636003)(356005)(82740400003)(336012)(40480700001)(478600001)(26005)(8936002)(5660300002)(70586007)(70206006)(4326008)(8676002)(54906003)(110136005)(316002)(41300700001)(2616005)(47076005)(426003)(40460700003)(186003)(16526019)(107886003)(15650500001)(7696005)(36756003);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:16.6868 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6e9b80ff-511c-44fe-bb83-08dac176be3e X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT057.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5134 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel In Spectrum, learning happens in parallel to the security checks. Therefore, regardless of the result of the security checks, a learning notification will be generated by the device and polled later on by the driver. Currently, the driver reacts to learning notifications by programming corresponding FDB entries to the device. When a port is locked (i.e., has security checks enabled), this can no longer happen, as otherwise any host will blindly gain authorization. Instead, notify the learned entry as a locked entry to the bridge driver that will in turn notify it to user space, in case MAB is enabled. User space can then decide to authorize the host by clearing the "locked" flag, which will cause the entry to be programmed to the device. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata --- .../net/ethernet/mellanox/mlxsw/spectrum_switchdev.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c index 0fbefa43f9b1..f336be77019f 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c @@ -2942,6 +2942,12 @@ static void mlxsw_sp_fdb_notify_mac_process(struct mlxsw_sp *mlxsw_sp, vid = bridge_device->vlan_enabled ? mlxsw_sp_port_vlan->vid : 0; evid = mlxsw_sp_port_vlan->vid; + if (adding && mlxsw_sp_port->security) { + mlxsw_sp_fdb_call_notifiers(SWITCHDEV_FDB_ADD_TO_BRIDGE, mac, + vid, bridge_port->dev, false, true); + return; + } + do_fdb_op: err = mlxsw_sp_port_fdb_uc_op(mlxsw_sp, local_port, mac, fid, evid, adding, true); @@ -3006,6 +3012,12 @@ static void mlxsw_sp_fdb_notify_mac_lag_process(struct mlxsw_sp *mlxsw_sp, vid = bridge_device->vlan_enabled ? mlxsw_sp_port_vlan->vid : 0; lag_vid = mlxsw_sp_port_vlan->vid; + if (adding && mlxsw_sp_port->security) { + mlxsw_sp_fdb_call_notifiers(SWITCHDEV_FDB_ADD_TO_BRIDGE, mac, + vid, bridge_port->dev, false, true); + return; + } + do_fdb_op: err = mlxsw_sp_port_fdb_uc_lag_op(mlxsw_sp, lag_id, mac, fid, lag_vid, adding, true); From patchwork Tue Nov 8 10:47:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036129 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E0504C43219 for ; Tue, 8 Nov 2022 10:48:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233974AbiKHKsz (ORCPT ); Tue, 8 Nov 2022 05:48:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233969AbiKHKs1 (ORCPT ); Tue, 8 Nov 2022 05:48:27 -0500 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 83797A46D for ; Tue, 8 Nov 2022 02:48:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W3wZPBboPF6mbaBGkd65ME9aRBGLNNua0fxuftmYPfwGYtgML4isER7KYwCCSoirjWK93/KvLc8z4UyrhqTPHtou7uoeGz5EXqpMdWK8MHPUTnm/XyWbqQu+Fa01ZAZdPzSEYSLpRzSDGfochIeB3Ujt2e5SK4Ij0RbmGai+WVsykUO/WK4tjgCHwH9p+FSiYyWQ9IrvcSEYwjybtJc2PnR0imHDn5sV378B0o5PqQxg9CGqw6L+x9hpyyf1SMibkD7u+26g1pV+WUNMadaLJCcTfCOg0nZse90fGEzVeEQwIUJ6vRmaUgurRbmg7mo/ODbFf3RPqcqrBNXndkRcxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FAeOIWKPYcVKdLVxbw6WJgCGUr6OR97IzMC+BcOKogY=; b=axuHSGBPBjfShMEivTXfldaXfjdDmqSdzF/uEt6+rtgQ5Xq8PoTcqc+Z0+ltl2lT5EEQRj6DIReS91QiahHdFaGKyMplq2DDLQV6m7L/5sBBDS9LOfliMMNxGkX9Pe4M3pgDheQvhSoIcYo/pItR9udftW8n5O0MvXtv16I1Z2notgJM9KtngM0z842hoBO9OXRjf7mqiBXjOyKsX6I1/NcAvvi8gIG+leD6fvWyIEQYKBR2ymzcpmaE3jSHMKpIA6xIpLBtBq/yqeZOlVQAYxaT2CRP7cc3YQGNj3jD0HdnzhGx7XzphnYg1E6GudLWNsjI/I0+BC16qPspyx17/A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FAeOIWKPYcVKdLVxbw6WJgCGUr6OR97IzMC+BcOKogY=; b=MRFYFMHYPD0jGba1STYD3jlEth6oiRj4J2wVv/1ZM9J+vtUmaApvogAnuU6Srjka/Hjz93rVWKSZDfUp7PVQcJw93Nbnyrezk1GlBSzOzcxvvIRKgMWRA4w7cm4tHV1tFCVWbUYm4s14wnjbUEv6HV6CgW9McxwaYWFadNo+z5D0EGHjhmVai3UPEqSFcB6fnkpVqidwMP4UII7l7x/gsifX/4ynPViM4f5IUtcQgId1J/PeU+5K7Irt8fZrQxJUAGP5h3W18Sm/GfyiQHx6G6secPDD8adOBvfr2MJ6W/h8hucWl4PpnnaWb+zltAAn1xiQCOuR6ZqN9VJhWqNpNg== Received: from DS7PR05CA0015.namprd05.prod.outlook.com (2603:10b6:5:3b9::20) by MW3PR12MB4443.namprd12.prod.outlook.com (2603:10b6:303:2d::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:24 +0000 Received: from DM6NAM11FT052.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3b9:cafe::b4) by DS7PR05CA0015.outlook.office365.com (2603:10b6:5:3b9::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5813.8 via Frontend Transport; Tue, 8 Nov 2022 10:48:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by DM6NAM11FT052.mail.protection.outlook.com (10.13.172.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:23 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:15 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:48:11 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 10/15] mlxsw: spectrum_switchdev: Use extack in bridge port flag validation Date: Tue, 8 Nov 2022 11:47:16 +0100 Message-ID: <174cd8190436260fb1c4195ced83b8df72ff2679.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT052:EE_|MW3PR12MB4443:EE_ X-MS-Office365-Filtering-Correlation-Id: 68de51b9-3eb6-4953-e403-08dac176c234 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: VajVW7ISNpzdh0W9RFJgo4MB94Dv8H+nMl+igqAuy3gwKj5Us03z/zeZjk9mAPPvY1BsbseA9efLaILO7lanv1CO83MCQaK414lkzBaWXKGsCIW5QXSPyf7CZ8v2GUCh1gfEaa28tO/FLkadYHfzdxPlOMVzOyAAk9ZMwvMKVzbh3BvG7tWp97xP/2DYPVi3cNO3n2dAafAj7IlCweibo/KnC14qugrWFr5K9+uKAl6wX4Y4IObwYyQpy29qzmca2ct+VkP/noGLiVxtv3SdvHniRIrZYzf4wJqm9Y1F6vD1+HrUXjKlfMNJ6GfeZyYOSVgzOb8VcrhYrRRdf7RYKJ/w7/ib1RLqxTaBZ6AtpVLi+nmpYCwF6l1Ivb2xxK4H6H7StkTVDttiHuDn4GpfB56JX6WpMT7LaI4Pm9Gex0Y8wylTUnW9SHuQv7h7AM8tX0+Sj5zum72O3NAQFPZxDFyUyjXiE3+Hh1/65mSi8hcqHN2Wh3EfUi/POBCzVdmsv8NAsfTfTrL8rXaRdcWw8b4Y8AoHMOJauWnwo8weknEsYuGqdIdrHAxac2RRJZ+k6ogARXMACe5C1NlYhCkQYyS967PLkHH6aU1vAllY+xVCWvaZIMi8UBmIfwVVBZ8fqXYDIdy0Zwkyo6IoW+dfT3q0TIm1KkwwUKUNWhSfX2VkHw5wyJdKEMrshVpfPBrqEZ331s5KqsDYpCwvx4wU3gc6oM8/KC95L0M32G7AXkfY78gVcdaAsR5oAxPWa+RGyK8QH1bf01Cj4dK+KUreOA== X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(346002)(136003)(376002)(396003)(39860400002)(451199015)(46966006)(40470700004)(36840700001)(316002)(54906003)(110136005)(107886003)(70586007)(7696005)(8676002)(86362001)(70206006)(4326008)(40480700001)(478600001)(41300700001)(40460700003)(47076005)(2906002)(426003)(83380400001)(26005)(336012)(16526019)(82740400003)(36860700001)(36756003)(186003)(8936002)(7636003)(82310400005)(356005)(5660300002)(2616005);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:23.3488 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 68de51b9-3eb6-4953-e403-08dac176c234 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT052.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4443 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Propagate extack to mlxsw_sp_port_attr_br_pre_flags_set() in order to communicate error messages related to bridge port flag validation. Example: # bridge link set dev swp1 locked on Error: mlxsw_spectrum: Unsupported bridge port flag. More error messages will be added in subsequent patches. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata --- .../net/ethernet/mellanox/mlxsw/spectrum_switchdev.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c index f336be77019f..db149af7c888 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c @@ -782,10 +782,13 @@ mlxsw_sp_bridge_port_learning_set(struct mlxsw_sp_port *mlxsw_sp_port, static int mlxsw_sp_port_attr_br_pre_flags_set(struct mlxsw_sp_port *mlxsw_sp_port, - struct switchdev_brport_flags flags) + struct switchdev_brport_flags flags, + struct netlink_ext_ack *extack) { - if (flags.mask & ~(BR_LEARNING | BR_FLOOD | BR_MCAST_FLOOD)) + if (flags.mask & ~(BR_LEARNING | BR_FLOOD | BR_MCAST_FLOOD)) { + NL_SET_ERR_MSG_MOD(extack, "Unsupported bridge port flag"); return -EINVAL; + } return 0; } @@ -1186,7 +1189,8 @@ static int mlxsw_sp_port_attr_set(struct net_device *dev, const void *ctx, break; case SWITCHDEV_ATTR_ID_PORT_PRE_BRIDGE_FLAGS: err = mlxsw_sp_port_attr_br_pre_flags_set(mlxsw_sp_port, - attr->u.brport_flags); + attr->u.brport_flags, + extack); break; case SWITCHDEV_ATTR_ID_PORT_BRIDGE_FLAGS: err = mlxsw_sp_port_attr_br_flags_set(mlxsw_sp_port, From patchwork Tue Nov 8 10:47:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036134 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D9FB9C43217 for ; Tue, 8 Nov 2022 10:49:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233577AbiKHKti (ORCPT ); Tue, 8 Nov 2022 05:49:38 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37428 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233990AbiKHKst (ORCPT ); Tue, 8 Nov 2022 05:48:49 -0500 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2062d.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eab::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1EC6D1AF1F for ; Tue, 8 Nov 2022 02:48:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BZPFKaJuvuJrL1eXI+k5yLFtgFTkMNah8lhgxJodOG9sPNbVGrf9UDw9G4HObFMnpgggUaen6fvXO3JADtg11M5UvlmorV33PK6knE+OrbxgVO4vHe/qx6AxrcJlY6tH10/48QQT/2CVUrrco1+dyWwtGCoMFIv7Mf4gObf9jsYs1rclmPaM19wazXJcyi9U0WEXdU60MHCNOLGjXoXES8c+EQEqoHCZ3VOIXHn0BhHK8394J1z22StRiSadXWydOKlJsMRtfLC0CJzXHzoKJjVENCAky8aI1PrrRwLLky0lr3HvSt5SZ+tPKr/SuDD6+1X2MSpteje9wFN1Js+dew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ya4tW0j0iTCUe/pMNIiYlbMX2deTzFP2fjC285Q6y6A=; b=Jqj35WCc4M7dVKbeJ33I6OMmY96TIJH27U21CjvCgdYm2TU+qJhoBpItVacpyPMIAu+CRgVs46K17AUTFnHmH+Z6UKNrPwnminPboyvOQo2o9T+dN5pZqnZbS8t3nwAioqZ5/Qxue09ZrCENmqaBe6WVCGnxq4pT4CQu0LVPeCzLOWFm9LpKcTBW8rk1jwiMVh0C4u3A0egxcFtmxrGI0usC6GbXIkhIv0xWlzu3rKcThT1SIy1KhwN3Kq1kQ3CbtSzXxvWhlpbKMGK8RYBAnrGp1IQLaxGIZqlWlmIFb+GVYf8PLS8k4n6TPl/Y3PUyVosGkmvmyuAGqQvPcPspBA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ya4tW0j0iTCUe/pMNIiYlbMX2deTzFP2fjC285Q6y6A=; b=W2+vx2lqQ9e/3TW3R3jdSdCIDXxqiHuvyJVX31mySw+RrBJPWkXSP2DMPofvNps7HCYECVNE9JziWo8vaWHHvID7NQz3nuP8TFpbswNHN9TSf95DZ3tcQ/+cjKyj6QEESqno1lRbvhvibqQGnwAnyaLHlF0wgBkPd2L2ZRcuWRaes8aErS8pBpc0bUZiOx7n0lWiaP2ZVv2GvvguNVHtUcYDKo59BRMRE1UjkwucfeIoxk5u/+EcDaC2SaAqAKRQya2Btynyk0H1t2yi9kdnc+Hj/YmPgMuqOF/npvxpWV2fStPewsj+nKu2UdagUdn+ujfEx1yzzsGIBRJlZPY8Tw== Received: from BN0PR03CA0027.namprd03.prod.outlook.com (2603:10b6:408:e6::32) by BN9PR12MB5340.namprd12.prod.outlook.com (2603:10b6:408:105::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27; Tue, 8 Nov 2022 10:48:34 +0000 Received: from BN8NAM11FT097.eop-nam11.prod.protection.outlook.com (2603:10b6:408:e6:cafe::71) by BN0PR03CA0027.outlook.office365.com (2603:10b6:408:e6::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27 via Frontend Transport; Tue, 8 Nov 2022 10:48:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT097.mail.protection.outlook.com (10.13.176.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:33 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:18 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:48:15 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 11/15] mlxsw: spectrum_switchdev: Add locked bridge port support Date: Tue, 8 Nov 2022 11:47:17 +0100 Message-ID: X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT097:EE_|BN9PR12MB5340:EE_ X-MS-Office365-Filtering-Correlation-Id: 3375c7e5-c92a-4d08-4033-08dac176c883 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ySeSXLIPyj960g4Qlh5YKkl1456UwkHamJsPRtit6HswW6o2wznq13lvt//cFH7wMAf3Nuuth8BjvoAaROTc3alTesZPj7iaypEMrBqxQZPbKNEGCbpZS4+0cqNO6n5o2ZadqmkcEZYFKBeaLXXh91o/M/1beB45uIvyAmJaSYFs9viuuvSlC3dhZk5AwpIRIhjHsxs5vNDf0lXdZ5OIEF1r9zurgBiQg9cylWdx309RpiQ/MAtDNhFrdT9fhbpmtkRPWtWJ40xLr8DlY524rnppsImeOna2tl3PtBr0yVwag7xj9Vr0hOD5gD/LDFEJxdm+EOQF1Gb1PhWwEsZ1plwGdzoEQKPZmE7kDIv7ECQRpwvY372IErLXBLW0CTaDnTEF0utwyEAQPeDJZPha2jnarWN/Ksucf+7lN7QK/TVD/28+kmRtIZjrzA5Fr3VM5dYbeXXWhD5dqPS4vD5LDXCrdOV/jN8AxmlTYbcHrGqIZBmsPFOOKa5Up4SXeQY97CKzf+NvNxKoQ11v9hKWR2HV7nLtrzHjtpPTrOcNWiiiEVxjY6wTpcEXENJAVUoC+PP4XUca/Jg0+xZRE12/qnPk0EwLnwKe/xgvEh0z8nrESTGOh0ZVXqzgSpRhRBdw6Ir+hRE7zp8r9bF5xQj7utV84Kkp3oiQBBRKikqrvkRkmM4nr9QnbjxrcRKKutQM9Eaps12LIKcxga8ejDK3Jjrs/mLcz0JslMbs99F5PSFrcewYmTRyZ6fqvVwvgUXJcLditVgzC2Ap+6XnN9Fjmg== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(396003)(136003)(39860400002)(376002)(346002)(451199015)(40470700004)(46966006)(36840700001)(86362001)(36756003)(7636003)(356005)(82740400003)(36860700001)(4326008)(16526019)(2906002)(5660300002)(47076005)(336012)(186003)(2616005)(7696005)(26005)(83380400001)(426003)(70586007)(70206006)(316002)(82310400005)(40480700001)(40460700003)(110136005)(54906003)(41300700001)(8936002)(8676002)(478600001)(107886003);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:33.8661 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3375c7e5-c92a-4d08-4033-08dac176c883 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT097.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5340 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Add locked bridge port support by reacting to changes in the 'BR_PORT_LOCKED' flag. When set, enable security checks on the local port via the previously added SPFSR register. When security checks are enabled, an incoming packet will trigger an FDB lookup with the packet's source MAC and the FID it was classified to. If an FDB entry was not found or was found to be pointing to a different port, the packet will be dropped. Such packets increment the "discard_ingress_general" ethtool counter. For added visibility, user space can trap such packets to the CPU by enabling the "locked_port" trap. Example: # devlink trap set pci/0000:06:00.0 trap locked_port action trap Unlike other configurations done via bridge port flags (e.g., learning, flooding), security checks are enabled in the device on a per-port basis and not on a per-{port, VLAN} basis. As such, scenarios where user space can configure different locking settings for different VLANs configured on a port need to be vetoed. To that end, veto the following scenarios: 1. Locking is set on a bridge port that is a VLAN upper 2. Locking is set on a bridge port that has VLAN uppers 3. VLAN upper is configured on a locked bridge port Examples: # bridge link set dev swp1.10 locked on Error: mlxsw_spectrum: Locked flag cannot be set on a VLAN upper. # ip link add link swp1 name swp1.10 type vlan id 10 # bridge link set dev swp1 locked on Error: mlxsw_spectrum: Locked flag cannot be set on a bridge port that has VLAN uppers. # bridge link set dev swp1 locked on # ip link add link swp1 name swp1.10 type vlan id 10 Error: mlxsw_spectrum: VLAN uppers are not supported on a locked port. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata --- Notes: v1: * Add 'BR_PORT_MAB' in mlxsw_sp_port_attr_br_pre_flags_set(). .../net/ethernet/mellanox/mlxsw/spectrum.c | 4 ++++ .../mellanox/mlxsw/spectrum_switchdev.c | 23 ++++++++++++++++++- 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c index b34366521914..f5b2d965d476 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c @@ -4760,6 +4760,10 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *lower_dev, NL_SET_ERR_MSG_MOD(extack, "VLAN uppers are only supported with 802.1q VLAN protocol"); return -EOPNOTSUPP; } + if (is_vlan_dev(upper_dev) && mlxsw_sp_port->security) { + NL_SET_ERR_MSG_MOD(extack, "VLAN uppers are not supported on a locked port"); + return -EOPNOTSUPP; + } break; case NETDEV_CHANGEUPPER: upper_dev = info->upper_dev; diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c index db149af7c888..accea95cae5d 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c @@ -782,14 +782,26 @@ mlxsw_sp_bridge_port_learning_set(struct mlxsw_sp_port *mlxsw_sp_port, static int mlxsw_sp_port_attr_br_pre_flags_set(struct mlxsw_sp_port *mlxsw_sp_port, + const struct net_device *orig_dev, struct switchdev_brport_flags flags, struct netlink_ext_ack *extack) { - if (flags.mask & ~(BR_LEARNING | BR_FLOOD | BR_MCAST_FLOOD)) { + if (flags.mask & ~(BR_LEARNING | BR_FLOOD | BR_MCAST_FLOOD | + BR_PORT_LOCKED | BR_PORT_MAB)) { NL_SET_ERR_MSG_MOD(extack, "Unsupported bridge port flag"); return -EINVAL; } + if ((flags.mask & BR_PORT_LOCKED) && is_vlan_dev(orig_dev)) { + NL_SET_ERR_MSG_MOD(extack, "Locked flag cannot be set on a VLAN upper"); + return -EINVAL; + } + + if ((flags.mask & BR_PORT_LOCKED) && vlan_uses_dev(orig_dev)) { + NL_SET_ERR_MSG_MOD(extack, "Locked flag cannot be set on a bridge port that has VLAN uppers"); + return -EINVAL; + } + return 0; } @@ -822,6 +834,13 @@ static int mlxsw_sp_port_attr_br_flags_set(struct mlxsw_sp_port *mlxsw_sp_port, return err; } + if (flags.mask & BR_PORT_LOCKED) { + err = mlxsw_sp_port_security_set(mlxsw_sp_port, + flags.val & BR_PORT_LOCKED); + if (err) + return err; + } + if (bridge_port->bridge_device->multicast_enabled) goto out; @@ -1189,6 +1208,7 @@ static int mlxsw_sp_port_attr_set(struct net_device *dev, const void *ctx, break; case SWITCHDEV_ATTR_ID_PORT_PRE_BRIDGE_FLAGS: err = mlxsw_sp_port_attr_br_pre_flags_set(mlxsw_sp_port, + attr->orig_dev, attr->u.brport_flags, extack); break; @@ -2787,6 +2807,7 @@ void mlxsw_sp_port_bridge_leave(struct mlxsw_sp_port *mlxsw_sp_port, bridge_device->ops->port_leave(bridge_device, bridge_port, mlxsw_sp_port); + mlxsw_sp_port_security_set(mlxsw_sp_port, false); mlxsw_sp_bridge_port_put(mlxsw_sp->bridge, bridge_port); } From patchwork Tue Nov 8 10:47:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036130 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8DA45C433FE for ; Tue, 8 Nov 2022 10:49:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233082AbiKHKtB (ORCPT ); Tue, 8 Nov 2022 05:49:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37318 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232693AbiKHKsd (ORCPT ); Tue, 8 Nov 2022 05:48:33 -0500 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2066.outbound.protection.outlook.com [40.107.244.66]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3848D16580 for ; Tue, 8 Nov 2022 02:48:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UMbyPIUUTHawrU7oHXi666L09LOgz1f7AA7/2Gn/yFUavAaRcE+fgCApDlTzIs3hRh4qmY/B5+qZfcFd3FOvFlkT8eJSLRk6IhWnBV8Fmpk3oFq+r5ideHQqPc4MjDjCufJT6Ml4jKZa9B9zfkXBj7Ma+PSGprLdRWcfTtJ72lHM0qXgFTYFUrK2I+60F8y5wsCNkbmxfjefi5jZHUcHu3bX3YVMUTdYB8luUMi9ToqTcLgspcYaY/PcH9apXSVy5Wodx9XGXbUp8Vc869Phi3ICF1elYYoWmTMZUYAppJv5WYy55CPd3I5hC7xWu8t0f9SVOhbMyrZ2GuV16m3MRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=doByyfOdod8TuwyZN+F0d5h/tzFJh1IY+wAhbsHXhV0=; b=WymsCT01fs1NteLKH61WPj2j4KbkYwyT0FcCAunpc/YxQhAEY+/ptuyvA4TgtYxTqoHV0VEyY0gU5z62T6ujBG3GyWzrxTnY1sG6zuO3FJJzQ2/O6SZkhfDa8bwVwTpsnxLirH4EH5yyHKfldYQzvP0SSlxrUEqndgzsVeRIoYmJPAEm2vIJ/aR9wCfahE4oJOSDTjNbLhYji6BIhOfSBRHqM+e6aAOlbWo02vtiH47MCrCyMVbLfZh/1yumZj/20er13LNwW/kltVDRExlINtGrgv88XeX0VC460YGZNlJNJpuYbkUDKSfVHwpTUrfKxG0h2gKW8Ydkc4Xe/liHRw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=doByyfOdod8TuwyZN+F0d5h/tzFJh1IY+wAhbsHXhV0=; b=o0DUck36vGad1FRtEGrOaa/2U+Will2IwFTNijCD7g+Vs/rLMvhAJ3jCKyffyMPkeSjEsNZDGs8zuUrNYAB13knmzhnnfsepyQXP/U2HEyCi7cUONfU1EhV1NL9r5bpgYerV8IJXI8PAO4WubGpIxzoId5+k0Opi6gr1sTThxYnu2kHwH5f8bfFWOjLZAE+z9MiaT33xTmat7f+pKj2F17a2CYmppUHJwyEwqOvRuDsQBxyp34Wcb8HuFHxCSBOFXczwV5gPbSxmmrioEAoPy1AS/QSqrgyoDIPB4AX5m43jrvvMDl00AfWPy8It7ATy5xIgkYRzzYoIMmSAAyTYOA== Received: from DM6PR21CA0015.namprd21.prod.outlook.com (2603:10b6:5:174::25) by PH0PR12MB5608.namprd12.prod.outlook.com (2603:10b6:510:143::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:30 +0000 Received: from DM6NAM11FT066.eop-nam11.prod.protection.outlook.com (2603:10b6:5:174:cafe::55) by DM6PR21CA0015.outlook.office365.com (2603:10b6:5:174::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5834.2 via Frontend Transport; Tue, 8 Nov 2022 10:48:30 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by DM6NAM11FT066.mail.protection.outlook.com (10.13.173.179) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:30 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:22 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:48:18 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 12/15] selftests: devlink_lib: Split out helper Date: Tue, 8 Nov 2022 11:47:18 +0100 Message-ID: X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT066:EE_|PH0PR12MB5608:EE_ X-MS-Office365-Filtering-Correlation-Id: 7c8e2946-fb2a-48a8-2038-08dac176c633 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: HJ939WYF3dky4cBYm63fx2dFzWZ2yXxKHRjJLapYsSFc2AQdh6DvwFJfVtu7FNU6R0TXYJo1mmU5crcQItPWC+GX39kLuwsR32N/UmENGv8mkW+2aedRIDDhyvsMpfYi0u9NzqjPJ2G4/dXnOqI9J5DUStwFQF7K6tny3/gdCzoMmE7HXY0ZA88FYoAS7UoITz/9FYOWtan+vTaodqRD6k4uUQ5WnnygggfbdMvLe2wsxOYhjFGxI0nNeAxCkDgCfZ7A9pmeRzUVZt+fV8QhIR5UQZanDN+hJ8ook0sFa3t8FzR4l0eCjBZWf2L2skwR3ULvBe29uQnkUo+iUAhu4Uw1PfdkeyYCCd+IECSIWnp8dtyx95qPlwbBxp/a1AfdYsgo1c4z2NF3hksSAtlqttGEo/Qb+q+crXpzMu5Pu9Wf//wx2pVNdfXfBwMfAi1x4HdIYkn4oMIbpP75AhdtSULVjMJkp/vU+P/SlbtaPmDhkZv/6ipsUDa9zicOKkkseWhKNvIClfn1gGllnEQOV4ZVB35PzJrIOoKMM93qV0OmkYRM2TeJvcwX77S1LEchDDpSMQgAWMuqwuDOPg2fFYO0W4GGv8G8CPDsg7ve2izRo/9SFWkn6HaFXEqX3me7442DOUF1uo1FWk2skWx8NnMExoc7sbRYODhlZsRqh0VAF8X6NvCdExfM/XjLDTE8JvTFCEsi/bM7Khg/MUgIR1AVqBU2f1s9bPSYu9rwGqptdX0cQqMb6GsKohfLFQfBCXYRJ8+S9Kz8TIroDT2aew== X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(376002)(346002)(136003)(396003)(39860400002)(451199015)(40470700004)(46966006)(36840700001)(41300700001)(8936002)(5660300002)(8676002)(36756003)(2906002)(426003)(4326008)(83380400001)(70206006)(70586007)(54906003)(36860700001)(316002)(82740400003)(110136005)(7696005)(86362001)(40460700003)(82310400005)(47076005)(107886003)(2616005)(40480700001)(356005)(336012)(478600001)(26005)(16526019)(7636003)(186003);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:30.0481 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7c8e2946-fb2a-48a8-2038-08dac176c633 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT066.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR12MB5608 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Merely checking whether a trap counter incremented or not without logging a test result is useful on its own. Split this functionality to a helper which will be used by subsequent patches. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata --- .../selftests/net/forwarding/devlink_lib.sh | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/tools/testing/selftests/net/forwarding/devlink_lib.sh b/tools/testing/selftests/net/forwarding/devlink_lib.sh index 601990c6881b..f1de525cfa55 100644 --- a/tools/testing/selftests/net/forwarding/devlink_lib.sh +++ b/tools/testing/selftests/net/forwarding/devlink_lib.sh @@ -503,25 +503,30 @@ devlink_trap_drop_cleanup() tc filter del dev $dev egress protocol $proto pref $pref handle $handle flower } -devlink_trap_stats_test() +devlink_trap_stats_check() { - local test_name=$1; shift local trap_name=$1; shift local send_one="$@" local t0_packets local t1_packets - RET=0 - t0_packets=$(devlink_trap_rx_packets_get $trap_name) $send_one && sleep 1 t1_packets=$(devlink_trap_rx_packets_get $trap_name) - if [[ $t1_packets -eq $t0_packets ]]; then - check_err 1 "Trap stats did not increase" - fi + [[ $t1_packets -ne $t0_packets ]] +} + +devlink_trap_stats_test() +{ + local test_name=$1; shift + + RET=0 + + devlink_trap_stats_check "$@" + check_err $? "Trap stats did not increase" log_test "$test_name" } From patchwork Tue Nov 8 10:47:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036131 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5083DC433FE for ; Tue, 8 Nov 2022 10:49:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234000AbiKHKtQ (ORCPT ); Tue, 8 Nov 2022 05:49:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37186 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233929AbiKHKsu (ORCPT ); Tue, 8 Nov 2022 05:48:50 -0500 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2043.outbound.protection.outlook.com [40.107.223.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D3F743875 for ; Tue, 8 Nov 2022 02:48:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ApYoIDpzlVu+/uEwVYdup6it5vB1e/EdGR2xqQeVqm3XmW+fHDYv2bCfzsNFk96aL3jRKk2ntTy7ZbheaKvIzZBCKzBYFEsm7zp3haeAiEvkyJHSlTkSpL0kmOpMq49IWkKLCRnmSly2smVWOpnOh1M+3kRSvsMbNN4Jn7drAQTpJJo5WhxCZfi6T7BJrZEz9ClXiORnPveIh4a6lLJ971AzP+hgKIuWHV8CyQJpaMBNbXOx73v5meZRrIa/MfYM8KRpUntoOiyCc0AEGtLi/yRxMT5FLjqxpxOhBnvMmV31ohnbIkDsqexi26WZT6n4pCKPvDnWEkyjs56j2mhIog== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=opczsBhp0qt6+P5dGe1iYcEVrDktjV1EOsuHM54Wmhc=; b=C0umVY6iJ1iML8461KForkhce2yNqdox9eJ2MBW4E5h2iGEI9+alGw0yurzvoiJJJrAR7WA0hlusH6NVC92yQLyXoNkRpD3ZVbet6df4azYO8vcSXidaE1SXT5L8CKXYo0UsTcfrFoy8QgWp94sGcHqR05aCKRcl7tZF2zgTY9gDDgBi0JLxovfB46B6eREFq1uAEW/9112f2Zgm7TvTZA9nLQl9G+tUbUckI0+hyarJqVkIh8/J/88OQ0ltWBBq6HU7M1PgMqfgSCalrmC7RoaVfV1kxwvbaPyNANpDQeYXxOE+qaY0KQmhLUVZNKEnaQIhJu3QxeVSCRlcgk/THQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=opczsBhp0qt6+P5dGe1iYcEVrDktjV1EOsuHM54Wmhc=; b=k/D+H0h3/fJzGavrOJjFKUaKLwdC7WiELkuC2OJc7uv2R52WfENuyuotiuzG85PNjyU6lIRrAcCZsSFFSRY7/bh8YkylV+HYfiPpNgbIBTnRzlTZe5MEkO9dLdAKGEM4g/rFI9Pa+rpNQEKP2gN0xSQMd4T/C39tS/l/V2x4Ohe9KD9cNaJvm8ES8oD79wOySJu4pdFAgPZW3gF6JiW6eZ8mt9YGQ0YDlNH7Bn1Wd1dv2Oopl2AuF3/zfJK4BI58tvjHUoBH3XnT2lLwKligqAaly9t23XY7Loezakw8nwPJWA1JqpZEVlRwYHbasRovjUIIO6Z9E9exsvVPSYOCQg== Received: from BN6PR17CA0025.namprd17.prod.outlook.com (2603:10b6:405:75::14) by DS0PR12MB6557.namprd12.prod.outlook.com (2603:10b6:8:d3::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:38 +0000 Received: from BN8NAM11FT087.eop-nam11.prod.protection.outlook.com (2603:10b6:405:75:cafe::67) by BN6PR17CA0025.outlook.office365.com (2603:10b6:405:75::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.22 via Frontend Transport; Tue, 8 Nov 2022 10:48:37 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT087.mail.protection.outlook.com (10.13.177.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:37 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:26 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:48:22 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 13/15] selftests: mlxsw: Add a test for EAPOL trap Date: Tue, 8 Nov 2022 11:47:19 +0100 Message-ID: <389ee318ff1a799d1e94ba1a33ab2ff42bae50fc.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT087:EE_|DS0PR12MB6557:EE_ X-MS-Office365-Filtering-Correlation-Id: 729ce41a-2890-4d43-800c-08dac176ca9c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: KG34cutlHhX1BZj1NRrkg1AJLsYy96OHRA7g8ZGQ0JbPgubckIp5lhN4VAdgC5sS1rRweCXMaJBFaDvcgBL/cOjZzDWjW79J2XhNM+QF+LIXa7JekJbsQ5JIZPXjCsC6C3aDVoru8V4efzQ7mEiLobHk2WgAb11Rm8xFaScPxTYdn9nUSfjU8LFpW0NqBaWf/rt5hNSUr20jI9Pm397JpgNiAAKVQNZaAOiop2HDam3QDSuH6obqxKINI17keOQtcLUbK8Zz2t9aPKXAT8wQ2EriYc619ZtCXJpcRLDODr1f52t+obUxzjfbZaCPhQbtUK8ByaFs6l137CXOHz7SdFk/aW/QvBzIcOEEiKgxpP37kgKtkX+68lEfysagqK+8xQCsXzvMpjxfImG13YIj9zLkB4+NvwcpeR+EDk8eJ4nAoJbxTFLtRsee/52gMawkPK4OrKyPdgj31Zm9cYV1AYNgeKMQJq7Z0l6PUIbDU8AaDhn3GrDX6cpBZkXHqGSjB5vA0OEfW8b6yTz66hwu5TCv5yhTnT9hb7OV/Ypv6e6p1hyYhz3RdNNnRxgb0M2ERNfLImkHYlsEGb8pxXx9jV/2CQDUw1r28FmBPM85X/R3U5xpBOVlgwDGGHSip3UCCoXHZKULHpeLyOq9rpYbTRSJMD7XnF30fD4wU5aym70PMNI3oG/WtlI4VjYuklQ9kfzbhGMFl9SrNpfK4A2QP1+oj6Cew1msxVI+OSj4tbQO6CCRy5uHdINTBH2q8w4nA02Rpung8zHJrNVSEKjnSuG17IuoYCRq9riH5tuVp0I= X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(136003)(376002)(39860400002)(396003)(346002)(451199015)(46966006)(40470700004)(36840700001)(186003)(16526019)(426003)(336012)(36860700001)(6666004)(47076005)(2616005)(107886003)(2906002)(7696005)(26005)(40480700001)(40460700003)(8676002)(54906003)(82310400005)(478600001)(110136005)(5660300002)(41300700001)(316002)(8936002)(4326008)(70586007)(70206006)(86362001)(36756003)(356005)(82740400003)(7636003)(473944003);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:37.3871 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 729ce41a-2890-4d43-800c-08dac176ca9c X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT087.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6557 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Test that packets with a destination MAC of 01:80:C2:00:00:03 trigger the "eapol" packet trap. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata Reviewed-by: Vladimir Oltean --- .../drivers/net/mlxsw/devlink_trap_control.sh | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/tools/testing/selftests/drivers/net/mlxsw/devlink_trap_control.sh b/tools/testing/selftests/drivers/net/mlxsw/devlink_trap_control.sh index d3a891d421ab..64153bbf95df 100755 --- a/tools/testing/selftests/drivers/net/mlxsw/devlink_trap_control.sh +++ b/tools/testing/selftests/drivers/net/mlxsw/devlink_trap_control.sh @@ -83,6 +83,7 @@ ALL_TESTS=" ptp_general_test flow_action_sample_test flow_action_trap_test + eapol_test " NUM_NETIFS=4 source $lib_dir/lib.sh @@ -677,6 +678,27 @@ flow_action_trap_test() tc qdisc del dev $rp1 clsact } +eapol_payload_get() +{ + local source_mac=$1; shift + local p + + p=$(: + )"01:80:C2:00:00:03:"$( : ETH daddr + )"$source_mac:"$( : ETH saddr + )"88:8E:"$( : ETH type + ) + echo $p +} + +eapol_test() +{ + local h1mac=$(mac_get $h1) + + devlink_trap_stats_test "EAPOL" "eapol" $MZ $h1 -c 1 \ + $(eapol_payload_get $h1mac) -p 100 -q +} + trap cleanup EXIT setup_prepare From patchwork Tue Nov 8 10:47:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036132 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B661C43217 for ; Tue, 8 Nov 2022 10:49:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233976AbiKHKtS (ORCPT ); Tue, 8 Nov 2022 05:49:18 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233999AbiKHKsu (ORCPT ); Tue, 8 Nov 2022 05:48:50 -0500 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2086.outbound.protection.outlook.com [40.107.223.86]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D0E71D64A for ; Tue, 8 Nov 2022 02:48:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=duv40iHmGLoXoQLnvqjNnbCMtdoP74646dloFF69/jsgOAXmshK9AVoOd/hyTx725fSZh4+4w9LXL/1FMTFKMTZW+AKRkxZV2bqb+PeuXZpAab4zQvg8zM/D5pGb3f9PEqqVbyhC/XYUjMJQiyIGt1lep6O/eILBdrccZIrECQvq6YhlhQXrN5DtfsXCKOE90Ilp3+zZgnLEN1P3vC/AtcqdibQCiT1E5YHe8CGwS6BiwRXmk/5+rW83p9srMg9p7aQGtvBFNcAR7e8yohw5+UdrvXQ9cvxo5A36cMfqGxY7UBQalgHa+oY7Ce6a95yT1JDNS5/jnfMZTMpCLrSvjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ImYNLi97idUCs/uBfghoaHt9pd6pv5pnH77gQt8cqEQ=; b=flWUng/uw75BpXgNSDZ6/UynVlmqCfJpcMBp5EK8/2C/5N2/DfAGJ1Qlj1mg9zBM16hD6+Og4kkx+R3FFjvrjE2cT7QCBl2VOBuuSoDv3kApyv/W1x5K4jHe+iQt2GmWUTthPQ+OKhPGlna2BNYD8WC+9SHu1UvhAwmrFULKyLLCTBC6aqMtJoOO5El9Cxv4ws/TkfSjXRrYsGFooxHQiLASiaTGDvfMhyfa9B3CReTW/GvBYu+KjRYXDCZL2RQWlS+ljngbm/q+Nab7VxOIc4Fd5lEKUYmpxXLOqsgTCuctAn1vJDJvLaGg/sKyY+d4N0eeuOJYFfB4zwsPn9OzWQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ImYNLi97idUCs/uBfghoaHt9pd6pv5pnH77gQt8cqEQ=; b=nU2jmSs4XTqhEuxtBjFXDb02Y8iDuaQ95ItnC5+AbHo3PqJYqaW8wnFD8qEJYT9Q4aE9KDym9IByC6Mwcrb6hCz2GkTRzY3Cjc8jSEgwI9Nq8//KDFThElg9mr0vbkEpE9kXoLrAEIniD4TwdqvV8oQoYh7V3jpNasLXr+7x15H8ZH8XzbQg5jLZJ4OJaFwBvo5t14ey5/nn5xh7hwRpH2QRltGzddoC+cYRjM4+wzo8kP0UlRFyFNl+MBFExDKOA6ltCcdP9rrL3RfICQTSBk2xLWohQ5hJNWZHXfA5Lad6qObJQ9bFJ3DhrH4bT6W2zLEOzclHHsOJtjFuzJHcIg== Received: from DS7PR03CA0333.namprd03.prod.outlook.com (2603:10b6:8:55::15) by MN0PR12MB6053.namprd12.prod.outlook.com (2603:10b6:208:3cf::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27; Tue, 8 Nov 2022 10:48:39 +0000 Received: from DM6NAM11FT068.eop-nam11.prod.protection.outlook.com (2603:10b6:8:55:cafe::d1) by DS7PR03CA0333.outlook.office365.com (2603:10b6:8:55::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27 via Frontend Transport; Tue, 8 Nov 2022 10:48:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by DM6NAM11FT068.mail.protection.outlook.com (10.13.173.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:38 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:29 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:48:26 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 14/15] selftests: mlxsw: Add a test for locked port trap Date: Tue, 8 Nov 2022 11:47:20 +0100 Message-ID: <61b030c0932726657eff1ac545d1904a2ee930ea.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT068:EE_|MN0PR12MB6053:EE_ X-MS-Office365-Filtering-Correlation-Id: d075eb58-b8f8-4e23-1fbe-08dac176cb43 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: cziMEfUQgGGw4m/S9zDTQ/0CZ+FnVnL433Fy9OvS9ql8nzvYHTllBE3XmiKL/v2gx+dN33aNmE2Kk28AvUrS7Bdz0/uxjdIPewK++jCmQCPnvW22DEwP1dZhDfDpLAxToUBlYMHj4zv/10CWE+t82a0GnYK6FT2XC7XeIh8J/DM/827Pna7G/04f/l356YISVNvfXEAsygVRnQ/lmPIUta/EX4lKJX9nYH+VlPOayzli6XML4Ru38c1sWyVxkl+zynjQKPJOQ09s+s7Q4oVJTaikPKo7/xLRuLVPODM0NFMgx/TXSfkwb82ILYalI70CS/RzFidjXOPrVfo9I/mwPRPqQ0Uwlgk4cTJeCjzJzbaJdLeCh7UvTD2r8eQjLV9453u2/6RxOPVCa/JehPvhle1TorEeWptDQmtnfDDoOZwS80FXSlY10MACQ4lWbGY/Mhc7K78c2P5ld6HsxDacBRsRlVVxSqIpgOf8bahSu1bNaAFB0IXzd1sUzX1HAmm20Y/aFPZT3R9JFhOkhpGny9bcq+KvlrxbpzcV1InAVff1SMnJN+WVQjNxGocNOA7FLSvh43qM1bJUCHSeOAI1AHgeBaXzmbYYqd4CQIG0o7G4q+xw4Eb3uRY+mLCr5Qty0hnFUK7aatmWzSN0ptxu8vcGcfwEgt38EHK8HMUm/eMNX+20VM8osU4fQ8CIZEj4HT2MfvCW2NWg0r6sffhb4ZhZ3NvfrOE66cOS+GxAZp+CMw1gld5hvMipAiJ/WIOUSie7g6lRM4JEq9DJLAMSTw== X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(376002)(346002)(136003)(39860400002)(396003)(451199015)(46966006)(36840700001)(40470700004)(26005)(8676002)(5660300002)(4326008)(2616005)(41300700001)(8936002)(36756003)(2906002)(7696005)(47076005)(426003)(70586007)(16526019)(186003)(70206006)(336012)(82740400003)(86362001)(82310400005)(356005)(7636003)(40460700003)(83380400001)(40480700001)(36860700001)(6666004)(107886003)(478600001)(54906003)(110136005)(316002);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:38.5415 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d075eb58-b8f8-4e23-1fbe-08dac176cb43 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT068.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB6053 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Test that packets received via a locked bridge port whose {SMAC, VID} does not appear in the bridge's FDB or appears with a different port, trigger the "locked_port" packet trap. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata Reviewed-by: Vladimir Oltean --- .../net/mlxsw/devlink_trap_l2_drops.sh | 105 ++++++++++++++++++ 1 file changed, 105 insertions(+) diff --git a/tools/testing/selftests/drivers/net/mlxsw/devlink_trap_l2_drops.sh b/tools/testing/selftests/drivers/net/mlxsw/devlink_trap_l2_drops.sh index a4c2812e9807..8d4b2c6265b3 100755 --- a/tools/testing/selftests/drivers/net/mlxsw/devlink_trap_l2_drops.sh +++ b/tools/testing/selftests/drivers/net/mlxsw/devlink_trap_l2_drops.sh @@ -14,6 +14,7 @@ ALL_TESTS=" ingress_stp_filter_test port_list_is_empty_test port_loopback_filter_test + locked_port_test " NUM_NETIFS=4 source $lib_dir/tc_common.sh @@ -420,6 +421,110 @@ port_loopback_filter_test() port_loopback_filter_uc_test } +locked_port_miss_test() +{ + local trap_name="locked_port" + local smac=00:11:22:33:44:55 + + bridge link set dev $swp1 learning off + bridge link set dev $swp1 locked on + + RET=0 + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_fail $? "Trap stats increased before setting action to \"trap\"" + + devlink_trap_action_set $trap_name "trap" + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_err $? "Trap stats did not increase when should" + + devlink_trap_action_set $trap_name "drop" + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_fail $? "Trap stats increased after setting action to \"drop\"" + + devlink_trap_action_set $trap_name "trap" + + bridge fdb replace $smac dev $swp1 master static vlan 1 + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_fail $? "Trap stats increased after adding an FDB entry" + + bridge fdb del $smac dev $swp1 master static vlan 1 + bridge link set dev $swp1 locked off + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_fail $? "Trap stats increased after unlocking port" + + log_test "Locked port - FDB miss" + + devlink_trap_action_set $trap_name "drop" + bridge link set dev $swp1 learning on +} + +locked_port_mismatch_test() +{ + local trap_name="locked_port" + local smac=00:11:22:33:44:55 + + bridge link set dev $swp1 learning off + bridge link set dev $swp1 locked on + + RET=0 + + bridge fdb replace $smac dev $swp2 master static vlan 1 + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_fail $? "Trap stats increased before setting action to \"trap\"" + + devlink_trap_action_set $trap_name "trap" + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_err $? "Trap stats did not increase when should" + + devlink_trap_action_set $trap_name "drop" + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_fail $? "Trap stats increased after setting action to \"drop\"" + + devlink_trap_action_set $trap_name "trap" + bridge link set dev $swp1 locked off + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_fail $? "Trap stats increased after unlocking port" + + bridge link set dev $swp1 locked on + bridge fdb replace $smac dev $swp1 master static vlan 1 + + devlink_trap_stats_check $trap_name $MZ $h1 -c 1 \ + -a $smac -b $(mac_get $h2) -A 192.0.2.1 -B 192.0.2.2 -p 100 -q + check_fail $? "Trap stats increased after replacing an FDB entry" + + bridge fdb del $smac dev $swp1 master static vlan 1 + devlink_trap_action_set $trap_name "drop" + + log_test "Locked port - FDB mismatch" + + bridge link set dev $swp1 locked off + bridge link set dev $swp1 learning on +} + +locked_port_test() +{ + locked_port_miss_test + locked_port_mismatch_test +} + trap cleanup EXIT setup_prepare From patchwork Tue Nov 8 10:47:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Petr Machata X-Patchwork-Id: 13036133 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0EC76C4332F for ; Tue, 8 Nov 2022 10:49:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233693AbiKHKth (ORCPT ); Tue, 8 Nov 2022 05:49:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37454 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234005AbiKHKsu (ORCPT ); Tue, 8 Nov 2022 05:48:50 -0500 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2062.outbound.protection.outlook.com [40.107.223.62]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1239A40909 for ; Tue, 8 Nov 2022 02:48:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KFy9RmnHK9AOZ9C1vjP4jPtrqqpNnDJNh7NYjTHolvqlFxNIoUXls2MvkUGlut38JMbZBpeiqHB//kFyGeujEu0dNHyxQkvsFNBbI1j4FC+a1YEl1+B9EDX9K2fWmMMeZFeOwiNvA/3sE86w4nK8tw0ZUZEX6itq+WFBek99+Rx9CSlqPpvyunKDfyl1BRAuXp6aYCwKPIh2buoJ1Pbe1j5qp2v5oCZztoQ0cZRtBW0RM05ogy2J9120a89/sdnJDUDZxBQ9h2dSpfKEokgVzekfxfggeXw97XaEl9oDG+Zv5u3ip5qMTq52m1VWEnGEipKIxDhZuZ2CRe27ViihBw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=g4Hrp23UtQD1B7K2NarNKAQiXcs8o/7u/87dkXWarc4=; b=ijc/0hKJa/sPVxTLlk+HTxmtZepX5pcotVE4hYGc5rtK+/jYP9/6VtVZ4S50aUchArtBisaCbTjgHklk93ScpHOAcP9ON3CQlJULhsUy3TmTmEsvGHvX/zCNiglRibKDWpnQkcvjw3CNXa/slOp1yxKG62WVM5MnEuM8QB59G7OuFUAnmrzuMEeN28ZeMBz9qnO55+O3+x6iPffa/+836qanP/sNAf3vgqrAcHHTbC+U0i2Z14Tt8+jJjrpO97arNqF89T3f6yGlZKUmK90awUBqDtXix8R+LgP3YfE8EbXxUPIi0FmSLREAsv4Fn3tBZql9Ug7TWBiBIRMf1zmt9A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=davemloft.net smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=g4Hrp23UtQD1B7K2NarNKAQiXcs8o/7u/87dkXWarc4=; b=DFwVXOCfX+qICrhu+b2L2zPXnfpfgMF+0kuuCPiPoJkWXCOeYJXrgIIgM2zgzGpijDnwosCgcChfax6sSCXp5t9X7ikuJ2xBBuxt6vQUTjcYttZEJ1L+QsfFUkYKbGaWC4nYVuTkZjy3QrNSbR2QUIOV8KwGt9eJ2orcEGZdKPVM1G/lpMsQATltargPOhx4LbGGcu9AoD3MR734hwPsAjAsadfC+3+U209XvwslGAbJxX1M7y26hvQiCvLv95daJIdCKlqhjpQWMWdX/j3KhZPDkVhG5Bfl2L+w7gscBMBwqjj9ruKxwBd6uwWRjL51Zb7VQFiPoVqF0UQjTcr8HA== Received: from BN0PR03CA0005.namprd03.prod.outlook.com (2603:10b6:408:e6::10) by CH3PR12MB7571.namprd12.prod.outlook.com (2603:10b6:610:147::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26; Tue, 8 Nov 2022 10:48:46 +0000 Received: from BN8NAM11FT097.eop-nam11.prod.protection.outlook.com (2603:10b6:408:e6:cafe::2c) by BN0PR03CA0005.outlook.office365.com (2603:10b6:408:e6::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.26 via Frontend Transport; Tue, 8 Nov 2022 10:48:46 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by BN8NAM11FT097.mail.protection.outlook.com (10.13.176.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.20 via Frontend Transport; Tue, 8 Nov 2022 10:48:46 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 8 Nov 2022 02:48:33 -0800 Received: from yaviefel.vdiclient.nvidia.com (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.29; Tue, 8 Nov 2022 02:48:30 -0800 From: Petr Machata To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Ivan Vecera , CC: Nikolay Aleksandrov , Roopa Prabhu , Jiri Pirko , Petr Machata , , Ido Schimmel , "Hans J . Schultz" , Subject: [PATCH net-next 15/15] selftests: mlxsw: Add a test for invalid locked bridge port configurations Date: Tue, 8 Nov 2022 11:47:21 +0100 Message-ID: <9fb8b83ce2029c51c81c942f24ece789ae8fe1c1.1667902754.git.petrm@nvidia.com> X-Mailer: git-send-email 2.37.3 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail203.nvidia.com (10.129.68.9) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT097:EE_|CH3PR12MB7571:EE_ X-MS-Office365-Filtering-Correlation-Id: cc4ccf5c-f021-497d-641e-08dac176cfe3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Mp+GT51Q0c70O0xA1xqYU5lOC1txYBLJVwQS7z9JM290ZwS4jJF5VBx0hWX+HGDppik3+KQbc0UxD9OLqAjdLojWRaeRnSIYcszvr8YDumsKkAov+1v0MHcETW1NY9pzJukR7MRJk+Gl35PfEMihVsfU6g29+UBXAQcHwq1D40YP2paPzYYPlTM9VPGkNQSOjUUI3pWhWYzWpyJ3A1p2ywW1tv78qpqNDmGk7ht+02PprRGE73xr5rdGivfs1eVGGNa+MFJSqeh/MfwNs0q+oCM736wtQPKoHa8yQfLlj7+vkJhFnqfCJwvS3HI65jR5FOvTrE+H4QvQPGY6l6RXQfK5eKUZtJrBKgdWVRbwJRnlGWLGrt/5rB35UNZ5AdnDBJk2/ia00u7TinAx1dHX8+yHtjaTMS7JVyGPAWff1FIw1yycod+CAaPgVtp2auSOujD+M/Tci+VlIV8Se3T+c/gDFy8kvpHwiGIgdc12gx6kJcgNO3qBPi4oCvgTTGzYsjhpv2ffT7ljSLmqohQgECDcVfIxE4Yq16JNJ+ReWIWEDX9FYw+CtANRIgCIuEC3OlrENHbCR/ihgYttV4nxioRKTKld4xRrh6xnKhVld4xhMrh0meWET3i8+08sNydA+YL96mmY8zXNTvWGqd77rkkwOOLEloKRvqQxDocv7fJ7GI+Ot+NNgcBIkyNyeABYfs/opNz91oJJPIqTJXPCe8e+PnJikk8Tw+gH9J7g8IuQmUPa0gnVQwPgyTKNWA8I1H4dYR416Bxm0mAZ8LusXQ== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230022)(4636009)(376002)(396003)(136003)(346002)(39860400002)(451199015)(46966006)(40470700004)(36840700001)(110136005)(8936002)(5660300002)(8676002)(2906002)(316002)(70586007)(40460700003)(16526019)(86362001)(70206006)(2616005)(186003)(4326008)(40480700001)(426003)(36860700001)(54906003)(7636003)(336012)(356005)(83380400001)(41300700001)(82740400003)(478600001)(7696005)(82310400005)(107886003)(26005)(6666004)(36756003)(47076005);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 10:48:46.2403 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cc4ccf5c-f021-497d-641e-08dac176cfe3 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT097.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB7571 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Ido Schimmel Test that locked bridge port configurations that are not supported by mlxsw are rejected. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata Reviewed-by: Vladimir Oltean --- .../selftests/drivers/net/mlxsw/rtnetlink.sh | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/tools/testing/selftests/drivers/net/mlxsw/rtnetlink.sh b/tools/testing/selftests/drivers/net/mlxsw/rtnetlink.sh index 04f03ae9d8fb..5e89657857c7 100755 --- a/tools/testing/selftests/drivers/net/mlxsw/rtnetlink.sh +++ b/tools/testing/selftests/drivers/net/mlxsw/rtnetlink.sh @@ -34,6 +34,7 @@ ALL_TESTS=" nexthop_obj_bucket_offload_test nexthop_obj_blackhole_offload_test nexthop_obj_route_offload_test + bridge_locked_port_test devlink_reload_test " NUM_NETIFS=2 @@ -917,6 +918,36 @@ nexthop_obj_route_offload_test() simple_if_fini $swp1 192.0.2.1/24 2001:db8:1::1/64 } +bridge_locked_port_test() +{ + RET=0 + + ip link add name br1 up type bridge vlan_filtering 0 + + ip link add link $swp1 name $swp1.10 type vlan id 10 + ip link set dev $swp1.10 master br1 + + bridge link set dev $swp1.10 locked on + check_fail $? "managed to set locked flag on a VLAN upper" + + ip link set dev $swp1.10 nomaster + ip link set dev $swp1 master br1 + + bridge link set dev $swp1 locked on + check_fail $? "managed to set locked flag on a bridge port that has a VLAN upper" + + ip link del dev $swp1.10 + bridge link set dev $swp1 locked on + + ip link add link $swp1 name $swp1.10 type vlan id 10 + check_fail $? "managed to configure a VLAN upper on a locked port" + + log_test "bridge locked port" + + ip link del dev $swp1.10 &> /dev/null + ip link del dev br1 +} + devlink_reload_test() { # Test that after executing all the above configuration tests, a