1 // SPDX-License-Identifier: GPL-2.0 2 /* Copyright (c) 2019, Vladimir Oltean <olteanv@gmail.com> 3 * 4 * This module is not a complete tagger implementation. It only provides 5 * primitives for taggers that rely on 802.1Q VLAN tags to use. The 6 * dsa_8021q_netdev_ops is registered for API compliance and not used 7 * directly by callers. 8 */ 9 #include <linux/if_vlan.h> 10 #include <linux/dsa/8021q.h> 11 12 #include "dsa_priv.h" 13 14 /* Binary structure of the fake 12-bit VID field (when the TPID is 15 * ETH_P_DSA_8021Q): 16 * 17 * | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | 18 * +-----------+-----+-----------------+-----------+-----------------------+ 19 * | DIR | VBID| SWITCH_ID | VBID | PORT | 20 * +-----------+-----+-----------------+-----------+-----------------------+ 21 * 22 * DIR - VID[11:10]: 23 * Direction flags. 24 * * 1 (0b01) for RX VLAN, 25 * * 2 (0b10) for TX VLAN. 26 * These values make the special VIDs of 0, 1 and 4095 to be left 27 * unused by this coding scheme. 28 * 29 * SWITCH_ID - VID[8:6]: 30 * Index of switch within DSA tree. Must be between 0 and 7. 31 * 32 * VBID - { VID[9], VID[5:4] }: 33 * Virtual bridge ID. If between 1 and 7, packet targets the broadcast 34 * domain of a bridge. If transmitted as zero, packet targets a single 35 * port. Field only valid on transmit, must be ignored on receive. 36 * 37 * PORT - VID[3:0]: 38 * Index of switch port. Must be between 0 and 15. 39 */ 40 41 #define DSA_8021Q_DIR_SHIFT 10 42 #define DSA_8021Q_DIR_MASK GENMASK(11, 10) 43 #define DSA_8021Q_DIR(x) (((x) << DSA_8021Q_DIR_SHIFT) & \ 44 DSA_8021Q_DIR_MASK) 45 #define DSA_8021Q_DIR_RX DSA_8021Q_DIR(1) 46 #define DSA_8021Q_DIR_TX DSA_8021Q_DIR(2) 47 48 #define DSA_8021Q_SWITCH_ID_SHIFT 6 49 #define DSA_8021Q_SWITCH_ID_MASK GENMASK(8, 6) 50 #define DSA_8021Q_SWITCH_ID(x) (((x) << DSA_8021Q_SWITCH_ID_SHIFT) & \ 51 DSA_8021Q_SWITCH_ID_MASK) 52 53 #define DSA_8021Q_VBID_HI_SHIFT 9 54 #define DSA_8021Q_VBID_HI_MASK GENMASK(9, 9) 55 #define DSA_8021Q_VBID_LO_SHIFT 4 56 #define DSA_8021Q_VBID_LO_MASK GENMASK(5, 4) 57 #define DSA_8021Q_VBID_HI(x) (((x) & GENMASK(2, 2)) >> 2) 58 #define DSA_8021Q_VBID_LO(x) ((x) & GENMASK(1, 0)) 59 #define DSA_8021Q_VBID(x) \ 60 (((DSA_8021Q_VBID_LO(x) << DSA_8021Q_VBID_LO_SHIFT) & \ 61 DSA_8021Q_VBID_LO_MASK) | \ 62 ((DSA_8021Q_VBID_HI(x) << DSA_8021Q_VBID_HI_SHIFT) & \ 63 DSA_8021Q_VBID_HI_MASK)) 64 65 #define DSA_8021Q_PORT_SHIFT 0 66 #define DSA_8021Q_PORT_MASK GENMASK(3, 0) 67 #define DSA_8021Q_PORT(x) (((x) << DSA_8021Q_PORT_SHIFT) & \ 68 DSA_8021Q_PORT_MASK) 69 70 u16 dsa_8021q_bridge_tx_fwd_offload_vid(unsigned int bridge_num) 71 { 72 /* The VBID value of 0 is reserved for precise TX, but it is also 73 * reserved/invalid for the bridge_num, so all is well. 74 */ 75 return DSA_8021Q_DIR_TX | DSA_8021Q_VBID(bridge_num); 76 } 77 EXPORT_SYMBOL_GPL(dsa_8021q_bridge_tx_fwd_offload_vid); 78 79 /* Returns the VID to be inserted into the frame from xmit for switch steering 80 * instructions on egress. Encodes switch ID and port ID. 81 */ 82 u16 dsa_tag_8021q_tx_vid(const struct dsa_port *dp) 83 { 84 return DSA_8021Q_DIR_TX | DSA_8021Q_SWITCH_ID(dp->ds->index) | 85 DSA_8021Q_PORT(dp->index); 86 } 87 EXPORT_SYMBOL_GPL(dsa_tag_8021q_tx_vid); 88 89 /* Returns the VID that will be installed as pvid for this switch port, sent as 90 * tagged egress towards the CPU port and decoded by the rcv function. 91 */ 92 u16 dsa_tag_8021q_rx_vid(const struct dsa_port *dp) 93 { 94 return DSA_8021Q_DIR_RX | DSA_8021Q_SWITCH_ID(dp->ds->index) | 95 DSA_8021Q_PORT(dp->index); 96 } 97 EXPORT_SYMBOL_GPL(dsa_tag_8021q_rx_vid); 98 99 /* Returns the decoded switch ID from the RX VID. */ 100 int dsa_8021q_rx_switch_id(u16 vid) 101 { 102 return (vid & DSA_8021Q_SWITCH_ID_MASK) >> DSA_8021Q_SWITCH_ID_SHIFT; 103 } 104 EXPORT_SYMBOL_GPL(dsa_8021q_rx_switch_id); 105 106 /* Returns the decoded port ID from the RX VID. */ 107 int dsa_8021q_rx_source_port(u16 vid) 108 { 109 return (vid & DSA_8021Q_PORT_MASK) >> DSA_8021Q_PORT_SHIFT; 110 } 111 EXPORT_SYMBOL_GPL(dsa_8021q_rx_source_port); 112 113 bool vid_is_dsa_8021q_rxvlan(u16 vid) 114 { 115 return (vid & DSA_8021Q_DIR_MASK) == DSA_8021Q_DIR_RX; 116 } 117 EXPORT_SYMBOL_GPL(vid_is_dsa_8021q_rxvlan); 118 119 bool vid_is_dsa_8021q_txvlan(u16 vid) 120 { 121 return (vid & DSA_8021Q_DIR_MASK) == DSA_8021Q_DIR_TX; 122 } 123 EXPORT_SYMBOL_GPL(vid_is_dsa_8021q_txvlan); 124 125 bool vid_is_dsa_8021q(u16 vid) 126 { 127 return vid_is_dsa_8021q_rxvlan(vid) || vid_is_dsa_8021q_txvlan(vid); 128 } 129 EXPORT_SYMBOL_GPL(vid_is_dsa_8021q); 130 131 static struct dsa_tag_8021q_vlan * 132 dsa_tag_8021q_vlan_find(struct dsa_8021q_context *ctx, int port, u16 vid) 133 { 134 struct dsa_tag_8021q_vlan *v; 135 136 list_for_each_entry(v, &ctx->vlans, list) 137 if (v->vid == vid && v->port == port) 138 return v; 139 140 return NULL; 141 } 142 143 static int dsa_port_do_tag_8021q_vlan_add(struct dsa_port *dp, u16 vid, 144 u16 flags) 145 { 146 struct dsa_8021q_context *ctx = dp->ds->tag_8021q_ctx; 147 struct dsa_switch *ds = dp->ds; 148 struct dsa_tag_8021q_vlan *v; 149 int port = dp->index; 150 int err; 151 152 /* No need to bother with refcounting for user ports */ 153 if (!(dsa_port_is_cpu(dp) || dsa_port_is_dsa(dp))) 154 return ds->ops->tag_8021q_vlan_add(ds, port, vid, flags); 155 156 v = dsa_tag_8021q_vlan_find(ctx, port, vid); 157 if (v) { 158 refcount_inc(&v->refcount); 159 return 0; 160 } 161 162 v = kzalloc(sizeof(*v), GFP_KERNEL); 163 if (!v) 164 return -ENOMEM; 165 166 err = ds->ops->tag_8021q_vlan_add(ds, port, vid, flags); 167 if (err) { 168 kfree(v); 169 return err; 170 } 171 172 v->vid = vid; 173 v->port = port; 174 refcount_set(&v->refcount, 1); 175 list_add_tail(&v->list, &ctx->vlans); 176 177 return 0; 178 } 179 180 static int dsa_port_do_tag_8021q_vlan_del(struct dsa_port *dp, u16 vid) 181 { 182 struct dsa_8021q_context *ctx = dp->ds->tag_8021q_ctx; 183 struct dsa_switch *ds = dp->ds; 184 struct dsa_tag_8021q_vlan *v; 185 int port = dp->index; 186 int err; 187 188 /* No need to bother with refcounting for user ports */ 189 if (!(dsa_port_is_cpu(dp) || dsa_port_is_dsa(dp))) 190 return ds->ops->tag_8021q_vlan_del(ds, port, vid); 191 192 v = dsa_tag_8021q_vlan_find(ctx, port, vid); 193 if (!v) 194 return -ENOENT; 195 196 if (!refcount_dec_and_test(&v->refcount)) 197 return 0; 198 199 err = ds->ops->tag_8021q_vlan_del(ds, port, vid); 200 if (err) { 201 refcount_inc(&v->refcount); 202 return err; 203 } 204 205 list_del(&v->list); 206 kfree(v); 207 208 return 0; 209 } 210 211 static bool 212 dsa_port_tag_8021q_vlan_match(struct dsa_port *dp, 213 struct dsa_notifier_tag_8021q_vlan_info *info) 214 { 215 struct dsa_switch *ds = dp->ds; 216 217 if (dsa_port_is_dsa(dp) || dsa_port_is_cpu(dp)) 218 return true; 219 220 if (ds->dst->index == info->tree_index && ds->index == info->sw_index) 221 return dp->index == info->port; 222 223 return false; 224 } 225 226 int dsa_switch_tag_8021q_vlan_add(struct dsa_switch *ds, 227 struct dsa_notifier_tag_8021q_vlan_info *info) 228 { 229 struct dsa_port *dp; 230 int err; 231 232 /* Since we use dsa_broadcast(), there might be other switches in other 233 * trees which don't support tag_8021q, so don't return an error. 234 * Or they might even support tag_8021q but have not registered yet to 235 * use it (maybe they use another tagger currently). 236 */ 237 if (!ds->ops->tag_8021q_vlan_add || !ds->tag_8021q_ctx) 238 return 0; 239 240 dsa_switch_for_each_port(dp, ds) { 241 if (dsa_port_tag_8021q_vlan_match(dp, info)) { 242 u16 flags = 0; 243 244 if (dsa_port_is_user(dp)) 245 flags |= BRIDGE_VLAN_INFO_UNTAGGED; 246 247 if (vid_is_dsa_8021q_rxvlan(info->vid) && 248 dsa_8021q_rx_switch_id(info->vid) == ds->index && 249 dsa_8021q_rx_source_port(info->vid) == dp->index) 250 flags |= BRIDGE_VLAN_INFO_PVID; 251 252 err = dsa_port_do_tag_8021q_vlan_add(dp, info->vid, 253 flags); 254 if (err) 255 return err; 256 } 257 } 258 259 return 0; 260 } 261 262 int dsa_switch_tag_8021q_vlan_del(struct dsa_switch *ds, 263 struct dsa_notifier_tag_8021q_vlan_info *info) 264 { 265 struct dsa_port *dp; 266 int err; 267 268 if (!ds->ops->tag_8021q_vlan_del || !ds->tag_8021q_ctx) 269 return 0; 270 271 dsa_switch_for_each_port(dp, ds) { 272 if (dsa_port_tag_8021q_vlan_match(dp, info)) { 273 err = dsa_port_do_tag_8021q_vlan_del(dp, info->vid); 274 if (err) 275 return err; 276 } 277 } 278 279 return 0; 280 } 281 282 /* RX VLAN tagging (left) and TX VLAN tagging (right) setup shown for a single 283 * front-panel switch port (here swp0). 284 * 285 * Port identification through VLAN (802.1Q) tags has different requirements 286 * for it to work effectively: 287 * - On RX (ingress from network): each front-panel port must have a pvid 288 * that uniquely identifies it, and the egress of this pvid must be tagged 289 * towards the CPU port, so that software can recover the source port based 290 * on the VID in the frame. But this would only work for standalone ports; 291 * if bridged, this VLAN setup would break autonomous forwarding and would 292 * force all switched traffic to pass through the CPU. So we must also make 293 * the other front-panel ports members of this VID we're adding, albeit 294 * we're not making it their PVID (they'll still have their own). 295 * - On TX (ingress from CPU and towards network) we are faced with a problem. 296 * If we were to tag traffic (from within DSA) with the port's pvid, all 297 * would be well, assuming the switch ports were standalone. Frames would 298 * have no choice but to be directed towards the correct front-panel port. 299 * But because we also want the RX VLAN to not break bridging, then 300 * inevitably that means that we have to give them a choice (of what 301 * front-panel port to go out on), and therefore we cannot steer traffic 302 * based on the RX VID. So what we do is simply install one more VID on the 303 * front-panel and CPU ports, and profit off of the fact that steering will 304 * work just by virtue of the fact that there is only one other port that's 305 * a member of the VID we're tagging the traffic with - the desired one. 306 * 307 * So at the end, each front-panel port will have one RX VID (also the PVID), 308 * the RX VID of all other front-panel ports that are in the same bridge, and 309 * one TX VID. Whereas the CPU port will have the RX and TX VIDs of all 310 * front-panel ports, and on top of that, is also tagged-input and 311 * tagged-output (VLAN trunk). 312 * 313 * CPU port CPU port 314 * +-------------+-----+-------------+ +-------------+-----+-------------+ 315 * | RX VID | | | | TX VID | | | 316 * | of swp0 | | | | of swp0 | | | 317 * | +-----+ | | +-----+ | 318 * | ^ T | | | Tagged | 319 * | | | | | ingress | 320 * | +-------+---+---+-------+ | | +-----------+ | 321 * | | | | | | | | Untagged | 322 * | | U v U v U v | | v egress | 323 * | +-----+ +-----+ +-----+ +-----+ | | +-----+ +-----+ +-----+ +-----+ | 324 * | | | | | | | | | | | | | | | | | | | | 325 * | |PVID | | | | | | | | | | | | | | | | | | 326 * +-+-----+-+-----+-+-----+-+-----+-+ +-+-----+-+-----+-+-----+-+-----+-+ 327 * swp0 swp1 swp2 swp3 swp0 swp1 swp2 swp3 328 */ 329 static bool 330 dsa_port_tag_8021q_bridge_match(struct dsa_port *dp, 331 struct dsa_notifier_bridge_info *info) 332 { 333 /* Don't match on self */ 334 if (dp->ds->dst->index == info->tree_index && 335 dp->ds->index == info->sw_index && 336 dp->index == info->port) 337 return false; 338 339 if (dsa_port_is_user(dp)) 340 return dsa_port_offloads_bridge(dp, &info->bridge); 341 342 return false; 343 } 344 345 int dsa_tag_8021q_bridge_join(struct dsa_switch *ds, 346 struct dsa_notifier_bridge_info *info) 347 { 348 struct dsa_switch *targeted_ds; 349 struct dsa_port *targeted_dp; 350 struct dsa_port *dp; 351 u16 targeted_rx_vid; 352 int err; 353 354 if (!ds->tag_8021q_ctx) 355 return 0; 356 357 targeted_ds = dsa_switch_find(info->tree_index, info->sw_index); 358 targeted_dp = dsa_to_port(targeted_ds, info->port); 359 targeted_rx_vid = dsa_tag_8021q_rx_vid(targeted_dp); 360 361 dsa_switch_for_each_port(dp, ds) { 362 u16 rx_vid = dsa_tag_8021q_rx_vid(dp); 363 364 if (!dsa_port_tag_8021q_bridge_match(dp, info)) 365 continue; 366 367 /* Install the RX VID of the targeted port in our VLAN table */ 368 err = dsa_port_tag_8021q_vlan_add(dp, targeted_rx_vid, true); 369 if (err) 370 return err; 371 372 /* Install our RX VID into the targeted port's VLAN table */ 373 err = dsa_port_tag_8021q_vlan_add(targeted_dp, rx_vid, true); 374 if (err) 375 return err; 376 } 377 378 return 0; 379 } 380 381 int dsa_tag_8021q_bridge_leave(struct dsa_switch *ds, 382 struct dsa_notifier_bridge_info *info) 383 { 384 struct dsa_switch *targeted_ds; 385 struct dsa_port *targeted_dp; 386 struct dsa_port *dp; 387 u16 targeted_rx_vid; 388 389 if (!ds->tag_8021q_ctx) 390 return 0; 391 392 targeted_ds = dsa_switch_find(info->tree_index, info->sw_index); 393 targeted_dp = dsa_to_port(targeted_ds, info->port); 394 targeted_rx_vid = dsa_tag_8021q_rx_vid(targeted_dp); 395 396 dsa_switch_for_each_port(dp, ds) { 397 u16 rx_vid = dsa_tag_8021q_rx_vid(dp); 398 399 if (!dsa_port_tag_8021q_bridge_match(dp, info)) 400 continue; 401 402 /* Remove the RX VID of the targeted port from our VLAN table */ 403 dsa_port_tag_8021q_vlan_del(dp, targeted_rx_vid, true); 404 405 /* Remove our RX VID from the targeted port's VLAN table */ 406 dsa_port_tag_8021q_vlan_del(targeted_dp, rx_vid, true); 407 } 408 409 return 0; 410 } 411 412 int dsa_tag_8021q_bridge_tx_fwd_offload(struct dsa_switch *ds, int port, 413 struct dsa_bridge bridge) 414 { 415 u16 tx_vid = dsa_8021q_bridge_tx_fwd_offload_vid(bridge.num); 416 417 return dsa_port_tag_8021q_vlan_add(dsa_to_port(ds, port), tx_vid, 418 true); 419 } 420 EXPORT_SYMBOL_GPL(dsa_tag_8021q_bridge_tx_fwd_offload); 421 422 void dsa_tag_8021q_bridge_tx_fwd_unoffload(struct dsa_switch *ds, int port, 423 struct dsa_bridge bridge) 424 { 425 u16 tx_vid = dsa_8021q_bridge_tx_fwd_offload_vid(bridge.num); 426 427 dsa_port_tag_8021q_vlan_del(dsa_to_port(ds, port), tx_vid, true); 428 } 429 EXPORT_SYMBOL_GPL(dsa_tag_8021q_bridge_tx_fwd_unoffload); 430 431 /* Set up a port's tag_8021q RX and TX VLAN for standalone mode operation */ 432 static int dsa_tag_8021q_port_setup(struct dsa_switch *ds, int port) 433 { 434 struct dsa_8021q_context *ctx = ds->tag_8021q_ctx; 435 struct dsa_port *dp = dsa_to_port(ds, port); 436 u16 rx_vid = dsa_tag_8021q_rx_vid(dp); 437 u16 tx_vid = dsa_tag_8021q_tx_vid(dp); 438 struct net_device *master; 439 int err; 440 441 /* The CPU port is implicitly configured by 442 * configuring the front-panel ports 443 */ 444 if (!dsa_port_is_user(dp)) 445 return 0; 446 447 master = dp->cpu_dp->master; 448 449 /* Add this user port's RX VID to the membership list of all others 450 * (including itself). This is so that bridging will not be hindered. 451 * L2 forwarding rules still take precedence when there are no VLAN 452 * restrictions, so there are no concerns about leaking traffic. 453 */ 454 err = dsa_port_tag_8021q_vlan_add(dp, rx_vid, false); 455 if (err) { 456 dev_err(ds->dev, 457 "Failed to apply RX VID %d to port %d: %pe\n", 458 rx_vid, port, ERR_PTR(err)); 459 return err; 460 } 461 462 /* Add @rx_vid to the master's RX filter. */ 463 vlan_vid_add(master, ctx->proto, rx_vid); 464 465 /* Finally apply the TX VID on this port and on the CPU port */ 466 err = dsa_port_tag_8021q_vlan_add(dp, tx_vid, false); 467 if (err) { 468 dev_err(ds->dev, 469 "Failed to apply TX VID %d on port %d: %pe\n", 470 tx_vid, port, ERR_PTR(err)); 471 return err; 472 } 473 474 return err; 475 } 476 477 static void dsa_tag_8021q_port_teardown(struct dsa_switch *ds, int port) 478 { 479 struct dsa_8021q_context *ctx = ds->tag_8021q_ctx; 480 struct dsa_port *dp = dsa_to_port(ds, port); 481 u16 rx_vid = dsa_tag_8021q_rx_vid(dp); 482 u16 tx_vid = dsa_tag_8021q_tx_vid(dp); 483 struct net_device *master; 484 485 /* The CPU port is implicitly configured by 486 * configuring the front-panel ports 487 */ 488 if (!dsa_port_is_user(dp)) 489 return; 490 491 master = dp->cpu_dp->master; 492 493 dsa_port_tag_8021q_vlan_del(dp, rx_vid, false); 494 495 vlan_vid_del(master, ctx->proto, rx_vid); 496 497 dsa_port_tag_8021q_vlan_del(dp, tx_vid, false); 498 } 499 500 static int dsa_tag_8021q_setup(struct dsa_switch *ds) 501 { 502 int err, port; 503 504 ASSERT_RTNL(); 505 506 for (port = 0; port < ds->num_ports; port++) { 507 err = dsa_tag_8021q_port_setup(ds, port); 508 if (err < 0) { 509 dev_err(ds->dev, 510 "Failed to setup VLAN tagging for port %d: %pe\n", 511 port, ERR_PTR(err)); 512 return err; 513 } 514 } 515 516 return 0; 517 } 518 519 static void dsa_tag_8021q_teardown(struct dsa_switch *ds) 520 { 521 int port; 522 523 ASSERT_RTNL(); 524 525 for (port = 0; port < ds->num_ports; port++) 526 dsa_tag_8021q_port_teardown(ds, port); 527 } 528 529 int dsa_tag_8021q_register(struct dsa_switch *ds, __be16 proto) 530 { 531 struct dsa_8021q_context *ctx; 532 533 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); 534 if (!ctx) 535 return -ENOMEM; 536 537 ctx->proto = proto; 538 ctx->ds = ds; 539 540 INIT_LIST_HEAD(&ctx->vlans); 541 542 ds->tag_8021q_ctx = ctx; 543 544 return dsa_tag_8021q_setup(ds); 545 } 546 EXPORT_SYMBOL_GPL(dsa_tag_8021q_register); 547 548 void dsa_tag_8021q_unregister(struct dsa_switch *ds) 549 { 550 struct dsa_8021q_context *ctx = ds->tag_8021q_ctx; 551 struct dsa_tag_8021q_vlan *v, *n; 552 553 dsa_tag_8021q_teardown(ds); 554 555 list_for_each_entry_safe(v, n, &ctx->vlans, list) { 556 list_del(&v->list); 557 kfree(v); 558 } 559 560 ds->tag_8021q_ctx = NULL; 561 562 kfree(ctx); 563 } 564 EXPORT_SYMBOL_GPL(dsa_tag_8021q_unregister); 565 566 struct sk_buff *dsa_8021q_xmit(struct sk_buff *skb, struct net_device *netdev, 567 u16 tpid, u16 tci) 568 { 569 /* skb->data points at skb_mac_header, which 570 * is fine for vlan_insert_tag. 571 */ 572 return vlan_insert_tag(skb, htons(tpid), tci); 573 } 574 EXPORT_SYMBOL_GPL(dsa_8021q_xmit); 575 576 void dsa_8021q_rcv(struct sk_buff *skb, int *source_port, int *switch_id) 577 { 578 u16 vid, tci; 579 580 skb_push_rcsum(skb, ETH_HLEN); 581 if (skb_vlan_tag_present(skb)) { 582 tci = skb_vlan_tag_get(skb); 583 __vlan_hwaccel_clear_tag(skb); 584 } else { 585 __skb_vlan_pop(skb, &tci); 586 } 587 skb_pull_rcsum(skb, ETH_HLEN); 588 589 vid = tci & VLAN_VID_MASK; 590 591 *source_port = dsa_8021q_rx_source_port(vid); 592 *switch_id = dsa_8021q_rx_switch_id(vid); 593 skb->priority = (tci & VLAN_PRIO_MASK) >> VLAN_PRIO_SHIFT; 594 } 595 EXPORT_SYMBOL_GPL(dsa_8021q_rcv); 596