Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp6552143ybx; Mon, 11 Nov 2019 10:49:53 -0800 (PST) X-Google-Smtp-Source: APXvYqw+Qib1z3na3EArks7X8EN2td2rY65sgiNigpfMPYi8FDlqSr/E9pqYNt/JQw6K8Mov78mN X-Received: by 2002:a50:cc42:: with SMTP id n2mr2815436edi.289.1573498193379; Mon, 11 Nov 2019 10:49:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573498193; cv=none; d=google.com; s=arc-20160816; b=xiLKtxHtgfO/c6gc55FRD+OTFhBB8StRvW+5ehg0ou6mgayWVrbIGA1LFKKkS/eqy1 wYN3TFcxvL3OMIJ3NqwiTNkoLuw43IackvFLv07sjD1fBt1+e3DVID7nrVla5mOabvZt xFy/bDQyZtnimBU4tfhaWqHjw/HeJ00yOAmbZCrPJb8oxkfi0ZV2YcQL/Et5xuYyHljl z4wq2cCRpqCIy1yF7OBz/zIjG/YwPUG/Rq69ueD6miQDkerReVXBNBwuYXDoD4gVevHl I8wUfFDuLcQfnh0uS7+aFfWUZcvH4vcRcrxHgTTkQfDg4O/DgbjBFW2jG0UQ8eOfjzZ8 UZ/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=95y2bKYmBcAFGyB6SBm6L+Q8pNPyxQak04x5TP0p6MM=; b=EHpGYnLyGA62zLQhLOX+5TC9Mi97/PCZ4j9ELItl3NhrzFr5n+NzsWU0SMdQZ5ZqQM H1FGaKFHOpUlipUKk+qZLow1COPSh4aVriWn5bxygmjdE4uEyA6fjDjEM3EJubxKjRPz vxjCf/jXtp39zOWSMpYCP1KlKCyuw+0VOUlfqj0HLnquJyj9f8bWMWHjKvQWpEceg4DE azaN3x2mIb2VY9Hg+EW/iunAKbb1BkQOurnt+1gIUAi1Pgmdc7unHI/OrsHt0vAh9JXV hxkboLb3KmL3/r/GBDaieu9L7BO/1HMqjOdP9XP48liJBAl0ubDaVfbZCVTIZj5GuzxW LqLg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=bHvWUxRf; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x2si9749128ejf.270.2019.11.11.10.49.28; Mon, 11 Nov 2019 10:49:53 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=bHvWUxRf; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729949AbfKKSqG (ORCPT + 99 others); Mon, 11 Nov 2019 13:46:06 -0500 Received: from mail.kernel.org ([198.145.29.99]:38302 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729942AbfKKSqB (ORCPT ); Mon, 11 Nov 2019 13:46:01 -0500 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B089620674; Mon, 11 Nov 2019 18:45:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1573497960; bh=GPc0qoZpSOwDlAZgLtPpJV1kA3K3Ak5qPJTdixVkS/g=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bHvWUxRfCZYwzsKgBLjsSuECAtI5G/4dbwTQoALV3HgBbWXPqwPXX5KfshuzqqEEK tL1dg6i6xFMiu6kiqzMQALd9urqKn2W7WIiw9oyaCHa4QeyZzqmRMIYStwCeJVVO9a Lcd71kjt53tTLUZ1NPHfNETYydUeiGLawG6zay2M= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Antoine Tenart , Alexandre Belloni , Vladimir Oltean , Florian Fainelli , Horatiu Vultur , "David S. Miller" , Sasha Levin Subject: [PATCH 4.19 107/125] net: mscc: ocelot: fix vlan_filtering when enslaving to bridge before link is up Date: Mon, 11 Nov 2019 19:29:06 +0100 Message-Id: <20191111181454.239381369@linuxfoundation.org> X-Mailer: git-send-email 2.24.0 In-Reply-To: <20191111181438.945353076@linuxfoundation.org> References: <20191111181438.945353076@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Vladimir Oltean [ Upstream commit 1c44ce560b4de639f237b458be1729489ff44d0a ] Background information: the driver operates the hardware in a mode where a single VLAN can be transmitted as untagged on a particular egress port. That is the "native VLAN on trunk port" use case. Its value is held in port->vid. Consider the following command sequence (no network manager, all interfaces are down, debugging prints added by me): $ ip link add dev br0 type bridge vlan_filtering 1 $ ip link set dev swp0 master br0 Kernel code path during last command: br_add_slave -> ocelot_netdevice_port_event (NETDEV_CHANGEUPPER): [ 21.401901] ocelot_vlan_port_apply: port 0 vlan aware 0 pvid 0 vid 0 br_add_slave -> nbp_vlan_init -> switchdev_port_attr_set -> ocelot_port_attr_set (SWITCHDEV_ATTR_ID_BRIDGE_VLAN_FILTERING): [ 21.413335] ocelot_vlan_port_apply: port 0 vlan aware 1 pvid 0 vid 0 br_add_slave -> nbp_vlan_init -> nbp_vlan_add -> br_switchdev_port_vlan_add -> switchdev_port_obj_add -> ocelot_port_obj_add -> ocelot_vlan_vid_add [ 21.667421] ocelot_vlan_port_apply: port 0 vlan aware 1 pvid 1 vid 1 So far so good. The bridge has replaced the driver's default pvid used in standalone mode (0) with its own default_pvid (1). The port's vid (native VLAN) has also changed from 0 to 1. $ ip link set dev swp0 up [ 31.722956] 8021q: adding VLAN 0 to HW filter on device swp0 do_setlink -> dev_change_flags -> vlan_vid_add -> ocelot_vlan_rx_add_vid -> ocelot_vlan_vid_add: [ 31.728700] ocelot_vlan_port_apply: port 0 vlan aware 1 pvid 1 vid 0 The 8021q module uses the .ndo_vlan_rx_add_vid API on .ndo_open to make ports be able to transmit and receive 802.1p-tagged traffic by default. This API is supposed to offload a VLAN sub-interface, which for a switch port means to add a VLAN that is not a pvid, and tagged on egress. But the driver implementation of .ndo_vlan_rx_add_vid is wrong: it adds back vid 0 as "egress untagged". Now back to the initial paragraph: there is a single untagged VID that the driver keeps track of, and that has just changed from 1 (the pvid) to 0. So this breaks the bridge core's expectation, because it has changed vid 1 from untagged to tagged, when what the user sees is. $ bridge vlan port vlan ids swp0 1 PVID Egress Untagged br0 1 PVID Egress Untagged But curiously, instead of manifesting itself as "untagged and pvid-tagged traffic gets sent as tagged on egress", the bug: - is hidden when vlan_filtering=0 - manifests as dropped traffic when vlan_filtering=1, due to this setting: if (port->vlan_aware && !port->vid) /* If port is vlan-aware and tagged, drop untagged and priority * tagged frames. */ val |= ANA_PORT_DROP_CFG_DROP_UNTAGGED_ENA | ANA_PORT_DROP_CFG_DROP_PRIO_S_TAGGED_ENA | ANA_PORT_DROP_CFG_DROP_PRIO_C_TAGGED_ENA; which would have made sense if it weren't for this bug. The setting's intention was "this is a trunk port with no native VLAN, so don't accept untagged traffic". So the driver was never expecting to set VLAN 0 as the value of the native VLAN, 0 was just encoding for "invalid". So the fix is to not send 802.1p traffic as untagged, because that would change the port's native vlan to 0, unbeknownst to the bridge, and trigger unexpected code paths in the driver. Cc: Antoine Tenart Cc: Alexandre Belloni Fixes: 7142529f1688 ("net: mscc: ocelot: add VLAN filtering") Signed-off-by: Vladimir Oltean Reviewed-by: Florian Fainelli Acked-by: Alexandre Belloni Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller Signed-off-by: Sasha Levin --- drivers/net/ethernet/mscc/ocelot.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/ethernet/mscc/ocelot.c b/drivers/net/ethernet/mscc/ocelot.c index e05a59ae9a593..965f13944c76b 100644 --- a/drivers/net/ethernet/mscc/ocelot.c +++ b/drivers/net/ethernet/mscc/ocelot.c @@ -886,7 +886,7 @@ end: static int ocelot_vlan_rx_add_vid(struct net_device *dev, __be16 proto, u16 vid) { - return ocelot_vlan_vid_add(dev, vid, false, true); + return ocelot_vlan_vid_add(dev, vid, false, false); } static int ocelot_vlan_rx_kill_vid(struct net_device *dev, __be16 proto, -- 2.20.1