It has been brought to my attention that what had been fixed 1 year ago
here for kernels 5.18 and later:
https://lore.kernel.org/netdev/[email protected]/
is still broken on linux-5.15.y. Short summary: PTP boundary clock is
broken for ports under a VLAN-aware bridge.
The reason is that the Fixes: tags in those patches were wrong. The
issue originated from earlier, but the changes from 5.18 (blamed there),
aka DSA FDB isolation, masked that.
A straightforward cherry-pick was not possible, due to the conflict with
the aforementioned DSA FDB isolation work from 5.18. So I redid patch
2/2 and marked what I had to adapt.
Tested on the NXP LS1021A-TSN board.
Vladimir Oltean (2):
net: dsa: sja1105: always enable the INCL_SRCPT option
net: dsa: tag_sja1105: always prefer source port information from
INCL_SRCPT
drivers/net/dsa/sja1105/sja1105_main.c | 9 ++-----
net/dsa/tag_sja1105.c | 34 ++++++++++++++++++++------
2 files changed, 28 insertions(+), 15 deletions(-)
---
I'm sorry for the people who will want to backport DSA FDB isolation to
linux-5.15.y :(
--
2.34.1
commit b4638af8885af93cd70351081da1909c59342440 upstream.
Link-local traffic on bridged SJA1105 ports is sometimes tagged by the
hardware with source port information (when the port is under a VLAN
aware bridge).
The tag_8021q source port identification has become more loose
("imprecise") and will report a plausible rather than exact bridge port,
when under a bridge (be it VLAN-aware or VLAN-unaware). But link-local
traffic always needs to know the precise source port.
Modify the driver logic (and therefore: the tagging protocol itself) to
always include the source port information with link-local packets,
regardless of whether the port is standalone, under a VLAN-aware or
VLAN-unaware bridge. This makes it possible for the tagging driver to
give priority to that information over the tag_8021q VLAN header.
The big drawback with INCL_SRCPT is that it makes it impossible to
distinguish between an original MAC DA of 01:80:C2:XX:YY:ZZ and
01:80:C2:AA:BB:ZZ, because the tagger just patches MAC DA bytes 3 and 4
with zeroes. Only if PTP RX timestamping is enabled, the switch will
generate a META follow-up frame containing the RX timestamp and the
original bytes 3 and 4 of the MAC DA. Those will be used to patch up the
original packet. Nonetheless, in the absence of PTP RX timestamping, we
have to live with this limitation, since it is more important to have
the more precise source port information for link-local traffic.
Signed-off-by: Vladimir Oltean <[email protected]>
Reviewed-by: Simon Horman <[email protected]>
Signed-off-by: Paolo Abeni <[email protected]>
Cc: [email protected]
[ dropped Fixes: tags for patches not in linux-5.15.y ]
Stable-dep-of: c1ae02d87689 ("net: dsa: tag_sja1105: always prefer source port information from INCL_SRCPT")
Signed-off-by: Vladimir Oltean <[email protected]>
---
drivers/net/dsa/sja1105/sja1105_main.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/drivers/net/dsa/sja1105/sja1105_main.c b/drivers/net/dsa/sja1105/sja1105_main.c
index 493192a8000c..888f10d93b9a 100644
--- a/drivers/net/dsa/sja1105/sja1105_main.c
+++ b/drivers/net/dsa/sja1105/sja1105_main.c
@@ -853,11 +853,11 @@ static int sja1105_init_general_params(struct sja1105_private *priv)
.hostprio = 7,
.mac_fltres1 = SJA1105_LINKLOCAL_FILTER_A,
.mac_flt1 = SJA1105_LINKLOCAL_FILTER_A_MASK,
- .incl_srcpt1 = false,
+ .incl_srcpt1 = true,
.send_meta1 = false,
.mac_fltres0 = SJA1105_LINKLOCAL_FILTER_B,
.mac_flt0 = SJA1105_LINKLOCAL_FILTER_B_MASK,
- .incl_srcpt0 = false,
+ .incl_srcpt0 = true,
.send_meta0 = false,
/* Default to an invalid value */
.mirr_port = priv->ds->num_ports,
@@ -2346,11 +2346,6 @@ int sja1105_vlan_filtering(struct dsa_switch *ds, int port, bool enabled,
general_params->tpid = tpid;
/* EtherType used to identify outer tagged (S-tag) VLAN traffic */
general_params->tpid2 = tpid2;
- /* When VLAN filtering is on, we need to at least be able to
- * decode management traffic through the "backup plan".
- */
- general_params->incl_srcpt1 = enabled;
- general_params->incl_srcpt0 = enabled;
/* VLAN filtering => independent VLAN learning.
* No VLAN filtering (or best effort) => shared VLAN learning.
--
2.34.1
commit c1ae02d876898b1b8ca1e12c6f84d7b406263800 upstream.
Currently the sja1105 tagging protocol prefers using the source port
information from the VLAN header if that is available, falling back to
the INCL_SRCPT option if it isn't. The VLAN header is available for all
frames except for META frames initiated by the switch (containing RX
timestamps), and thus, the "if (is_link_local)" branch is practically
dead.
The tag_8021q source port identification has become more loose
("imprecise") and will report a plausible rather than exact bridge port,
when under a bridge (be it VLAN-aware or VLAN-unaware). But link-local
traffic always needs to know the precise source port. With incorrect
source port reporting, for example PTP traffic over 2 bridged ports will
all be seen on sockets opened on the first such port, which is incorrect.
Now that the tagging protocol has been changed to make link-local frames
always contain source port information, we can reverse the order of the
checks so that we always give precedence to that information (which is
always precise) in lieu of the tag_8021q VID which is only precise for a
standalone port.
Fixes: 884be12f8566 ("net: dsa: sja1105: add support for imprecise RX")
Signed-off-by: Vladimir Oltean <[email protected]>
Reviewed-by: Simon Horman <[email protected]>
Signed-off-by: Paolo Abeni <[email protected]>
Cc: [email protected]
[ Replaced the 2 original Fixes: tags with the correct one.
Respun the change around the lack of a "vbid", corresponding to DSA
FDB isolation, which appeared only in v5.18. ]
Signed-off-by: Vladimir Oltean <[email protected]>
---
net/dsa/tag_sja1105.c | 34 ++++++++++++++++++++++++++--------
1 file changed, 26 insertions(+), 8 deletions(-)
diff --git a/net/dsa/tag_sja1105.c b/net/dsa/tag_sja1105.c
index a163f535697e..aa5d234b634d 100644
--- a/net/dsa/tag_sja1105.c
+++ b/net/dsa/tag_sja1105.c
@@ -489,10 +489,7 @@ static struct sk_buff *sja1105_rcv(struct sk_buff *skb,
is_link_local = sja1105_is_link_local(skb);
is_meta = sja1105_is_meta_frame(skb);
- if (sja1105_skb_has_tag_8021q(skb)) {
- /* Normal traffic path. */
- sja1105_vlan_rcv(skb, &source_port, &switch_id, &vid);
- } else if (is_link_local) {
+ if (is_link_local) {
/* Management traffic path. Switch embeds the switch ID and
* port ID into bytes of the destination MAC, courtesy of
* the incl_srcpt options.
@@ -506,14 +503,35 @@ static struct sk_buff *sja1105_rcv(struct sk_buff *skb,
sja1105_meta_unpack(skb, &meta);
source_port = meta.source_port;
switch_id = meta.switch_id;
- } else {
+ }
+
+ /* Normal data plane traffic and link-local frames are tagged with
+ * a tag_8021q VLAN which we have to strip
+ */
+ if (sja1105_skb_has_tag_8021q(skb)) {
+ int tmp_source_port = -1, tmp_switch_id = -1;
+
+ sja1105_vlan_rcv(skb, &tmp_source_port, &tmp_switch_id, &vid);
+ /* Preserve the source information from the INCL_SRCPT option,
+ * if available. This allows us to not overwrite a valid source
+ * port and switch ID with zeroes when receiving link-local
+ * frames from a VLAN-aware bridged port (non-zero vid).
+ */
+ if (source_port == -1)
+ source_port = tmp_source_port;
+ if (switch_id == -1)
+ switch_id = tmp_switch_id;
+ } else if (source_port == -1 && switch_id == -1) {
+ /* Packets with no source information have no chance of
+ * getting accepted, drop them straight away.
+ */
return NULL;
}
- if (source_port == -1 || switch_id == -1)
- skb->dev = dsa_find_designated_bridge_port_by_vid(netdev, vid);
- else
+ if (source_port != -1 && switch_id != -1)
skb->dev = dsa_master_find_slave(netdev, switch_id, source_port);
+ else
+ skb->dev = dsa_find_designated_bridge_port_by_vid(netdev, vid);
if (!skb->dev) {
netdev_warn(netdev, "Couldn't decode source port\n");
return NULL;
--
2.34.1
On Fri, May 31, 2024 at 07:50:14PM +0300, Vladimir Oltean wrote:
> It has been brought to my attention that what had been fixed 1 year ago
> here for kernels 5.18 and later:
> https://lore.kernel.org/netdev/[email protected]/
>
> is still broken on linux-5.15.y. Short summary: PTP boundary clock is
> broken for ports under a VLAN-aware bridge.
>
> The reason is that the Fixes: tags in those patches were wrong. The
> issue originated from earlier, but the changes from 5.18 (blamed there),
> aka DSA FDB isolation, masked that.
>
> A straightforward cherry-pick was not possible, due to the conflict with
> the aforementioned DSA FDB isolation work from 5.18. So I redid patch
> 2/2 and marked what I had to adapt.
>
> Tested on the NXP LS1021A-TSN board.
>
> Vladimir Oltean (2):
> net: dsa: sja1105: always enable the INCL_SRCPT option
> net: dsa: tag_sja1105: always prefer source port information from
> INCL_SRCPT
>
> drivers/net/dsa/sja1105/sja1105_main.c | 9 ++-----
> net/dsa/tag_sja1105.c | 34 ++++++++++++++++++++------
> 2 files changed, 28 insertions(+), 15 deletions(-)
> ---
>
> I'm sorry for the people who will want to backport DSA FDB isolation to
> linux-5.15.y :(
Now queued up, thanks.
greg k-h