1. 25 Sep, 2020 3 commits
  2. 24 Sep, 2020 21 commits
    • David S. Miller's avatar
      Merge branch 'net-dsa-b53-Configure-VLANs-while-not-filtering' · e4a85c54
      David S. Miller authored
      Florian Fainelli says:
      
      ====================
      net: dsa: b53: Configure VLANs while not filtering
      
      These two patches allow the b53 driver which always configures its CPU
      port as egress tagged to behave correctly with VLANs being always
      configured whenever a port is added to a bridge.
      
      Vladimir provides a patch that aligns the bridge with vlan_filtering=0
      receive path to behave the same as vlan_filtering=1. Per discussion with
      Nikolay, this behavior is deemed to be too DSA specific to be done in
      the bridge proper.
      
      This is a preliminary series for Vladimir to make
      configure_vlan_while_filtering the default behavior for all DSA drivers
      in the future.
      
      Thanks!
      
      Changes in v3:
      
      - added Vladimir's Acked-by tag to patch #2
      - removed unnecessary if_vlan.h inclusion in patch #2
      - reworded commit message to be accurate with the code changes
      
      Changes in v2:
      
      - moved the call to dsa_untag_bridge_pvid() into net/dsa/tag_brcm.c
        since we have a single user for now
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e4a85c54
    • Florian Fainelli's avatar
      net: dsa: b53: Configure VLANs while not filtering · ed409f3b
      Florian Fainelli authored
      Update the B53 driver to support VLANs while not filtering. This
      requires us to enable VLAN globally within the switch upon driver
      initial configuration (dev->vlan_enabled).
      
      We also need to remove the code that dealt with PVID re-configuration in
      b53_vlan_filtering() since that function worked under the assumption
      that it would only be called to make a bridge VLAN filtering, or not
      filtering, and we would attempt to move the port's PVID accordingly.
      
      Now that VLANs are programmed all the time, even in the case of a
      non-VLAN filtering bridge, we would be programming a default_pvid for
      the bridged switch ports.
      
      We need the DSA receive path to pop the VLAN tag if it is the bridge's
      default_pvid because the CPU port is always programmed tagged in the
      programmed VLANs. In order to do so we utilize the
      dsa_untag_bridge_pvid() helper introduced in the commit before within
      net/dsa/tag_brcm.c.
      Acked-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Signed-off-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ed409f3b
    • Vladimir Oltean's avatar
      net: dsa: untag the bridge pvid from rx skbs · 412a1526
      Vladimir Oltean authored
      Currently the bridge untags VLANs present in its VLAN groups in
      __allowed_ingress() only when VLAN filtering is enabled.
      
      But when a skb is seen on the RX path as tagged with the bridge's pvid,
      and that bridge has vlan_filtering=0, and there isn't any 8021q upper
      with that VLAN either, then we have a problem. The bridge will not untag
      it (since it is supposed to remain VLAN-unaware), and pvid-tagged
      communication will be broken.
      
      There are 2 situations where we can end up like that:
      
      1. When installing a pvid in egress-tagged mode, like this:
      
      ip link add dev br0 type bridge vlan_filtering 0
      ip link set swp0 master br0
      bridge vlan del dev swp0 vid 1
      bridge vlan add dev swp0 vid 1 pvid
      
      This happens because DSA configures the VLAN membership of the CPU port
      using the same flags as swp0 (in this case "pvid and not untagged"), in
      an attempt to copy the frame as-is from ingress to the CPU.
      
      However, in this case, the packet may arrive untagged on ingress, it
      will be pvid-tagged by the ingress port, and will be sent as
      egress-tagged towards the CPU. Otherwise stated, the CPU will see a VLAN
      tag where there was none to speak of on ingress.
      
      When vlan_filtering is 1, this is not a problem, as stated in the first
      paragraph, because __allowed_ingress() will pop it. But currently, when
      vlan_filtering is 0 and we have such a VLAN configuration, we need an
      8021q upper (br0.1) to be able to ping over that VLAN, which is not
      symmetrical with the vlan_filtering=1 case, and therefore, confusing for
      users.
      
      Basically what DSA attempts to do is simply an approximation: try to
      copy the skb with (or without) the same VLAN all the way up to the CPU.
      But DSA drivers treat CPU port VLAN membership in various ways (which is
      a good segue into situation 2). And some of those drivers simply tell
      the CPU port to copy the frame unmodified, which is the golden standard
      when it comes to VLAN processing (therefore, any driver which can
      configure the hardware to do that, should do that, and discard the VLAN
      flags requested by DSA on the CPU port).
      
      2. Some DSA drivers always configure the CPU port as egress-tagged, in
      an attempt to recover the classified VLAN from the skb. These drivers
      cannot work at all with untagged traffic when bridged in
      vlan_filtering=0 mode. And they can't go for the easy "just keep the
      pvid as egress-untagged towards the CPU" route, because each front port
      can have its own pvid, and that might require conflicting VLAN
      membership settings on the CPU port (swp1 is pvid for VID 1 and
      egress-tagged for VID 2; swp2 is egress-taggeed for VID 1 and pvid for
      VID 2; with this simplistic approach, the CPU port, which is really a
      separate hardware entity and has its own VLAN membership settings, would
      end up being egress-untagged in both VID 1 and VID 2, therefore losing
      the VLAN tags of ingress traffic).
      
      So the only thing we can do is to create a helper function for resolving
      the problematic case (that is, a function which untags the bridge pvid
      when that is in vlan_filtering=0 mode), which taggers in need should
      call. It isn't called from the generic DSA receive path because there
      are drivers that fall neither in the first nor second category.
      Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
      Signed-off-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      412a1526
    • David S. Miller's avatar
      Merge branch 'PHY-subsystem-kernel-doc' · e0da7430
      David S. Miller authored
      Andrew Lunn says:
      
      ====================
      PHY subsystem kernel doc
      
      The first patches fix existing warnings in the kerneldoc for the PHY
      subsystem, and then the 2nd extend the kernel documentation for the
      major structures and functions in the PHY subsystem.
      
      v2:
      Drop the other fixes which have already been merged.
      s/phy/PHY/g
      TBI
      TypOs
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e0da7430
    • Andrew Lunn's avatar
      net: phy: Document core PHY structures · 4069a572
      Andrew Lunn authored
      Add kerneldoc for the core PHY data structures, a few inline functions
      and exported functions which are not already documented.
      
      v2
      Typos
      g/phy/PHY/s
      Signed-off-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4069a572
    • Andrew Lunn's avatar
      net: phy: Fixup kernel doc · 39097ab6
      Andrew Lunn authored
      Add missing parameter documentation, or fixup wrong parameter names.
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      39097ab6
    • David S. Miller's avatar
      Merge branch 'net-dsa-bcm_sf2-Additional-DT-changes' · 3fc826f1
      David S. Miller authored
      Florian Fainelli says:
      
      ====================
      net: dsa: bcm_sf2: Additional DT changes
      
      This patch series includes some additional changes to the bcm_sf2 in
      order to support the Device Tree firmwares provided on such platforms.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3fc826f1
    • Florian Fainelli's avatar
      net: dsa: bcm_sf2: Include address 0 for MDIO diversion · 0fa45ee3
      Florian Fainelli authored
      We need to include MDIO address 0, which is how our Device Tree blobs
      indicate where to find the external BCM53125 switches.
      Signed-off-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0fa45ee3
    • Florian Fainelli's avatar
      net: dsa: bcm_sf2: Disallow port 5 to be a DSA CPU port · 8c280440
      Florian Fainelli authored
      While the switch driver is written such that port 5 or 8 could be CPU
      ports, the use case on Broadcom STB chips is to use port 8 exclusively.
      The platform firmware does make port 5 comply to a proper DSA CPU port
      binding by specifiying an "ethernet" phandle. This is undesirable for
      now until we have an user-space configuration mechanism (such as
      devlink) which could support dynamically changing the port flavor at
      run time.
      Signed-off-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8c280440
    • David S. Miller's avatar
      Merge branch 'octeontx2-Add-support-for-VLAN-based-flow-distribution' · 9d33ffaa
      David S. Miller authored
      George Cherian says:
      
      ====================
      octeontx2: Add support for VLAN based flow distribution
      
      This series add support for VLAN based flow distribution for octeontx2
      netdev driver. This adds support for configuring the same via ethtool.
      
      Following tests have been done.
      	- Multi VLAN flow with same SD
      	- Multi VLAN flow with same SDFN
      	- Single VLAN flow with multi SD
      	- Single VLAN flow with multi SDFN
      All tests done for udp/tcp both v4 and v6
      ====================
      Reviewed-by: default avatarJakub Kicinski <kuba@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9d33ffaa
    • George Cherian's avatar
      octeontx2-pf: Support to change VLAN based RSS hash options via ethtool · a55ff8ef
      George Cherian authored
      Add support to control rx-flow-hash based on VLAN.
      By default VLAN plus 4-tuple based hashing is enabled.
      Changes can be done runtime using ethtool
      
      To enable 2-tuple plus VLAN based flow distribution
        # ethtool -N <intf> rx-flow-hash <prot> sdv
      To enable 4-tuple plus VLAN based flow distribution
        # ethtool -N <intf> rx-flow-hash <prot> sdfnv
      Signed-off-by: default avatarGeorge Cherian <george.cherian@marvell.com>
      Signed-off-by: default avatarSunil Goutham <sgoutham@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a55ff8ef
    • George Cherian's avatar
      octeontx2-af: Add support for VLAN based RSS hashing · 8f900363
      George Cherian authored
      Added support for PF/VF drivers to choose RSS flow key algorithm
      with VLAN tag included in hashing input data. Only CTAG is considered.
      Signed-off-by: default avatarGeorge Cherian <george.cherian@marvell.com>
      Signed-off-by: default avatarSunil Goutham <sgoutham@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8f900363
    • Mauro Carvalho Chehab's avatar
      net: fix a new kernel-doc warning at dev.c · de2b541b
      Mauro Carvalho Chehab authored
      kernel-doc expects the function prototype to be just after
      the kernel-doc markup, as otherwise it will get it all wrong:
      
      	./net/core/dev.c:10036: warning: Excess function parameter 'dev' description in 'WAIT_REFS_MIN_MSECS'
      
      Fixes: 0e4be9e5 ("net: use exponential backoff in netdev_wait_allrefs")
      Signed-off-by: default avatarMauro Carvalho Chehab <mchehab+huawei@kernel.org>
      Reviewed-by: default avatarFrancesco Ruggeri <fruggeri@arista.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      de2b541b
    • David S. Miller's avatar
      Merge branch 'net-mdio-ipq4019-add-Clause-45-support' · 774e9ea6
      David S. Miller authored
      Robert Marko says:
      
      ====================
      net: mdio-ipq4019: add Clause 45 support
      
      This patch series adds support for Clause 45 to the driver.
      
      While at it also change some defines to upper case to match rest of the driver.
      
      Changes since v4:
      * Rebase onto net-next.git
      
      Changes since v1:
      * Drop clock patches, these need further investigation and
      no user for non default configuration has been found
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      774e9ea6
    • Robert Marko's avatar
      net: mdio-ipq4019: add Clause 45 support · 06fb5606
      Robert Marko authored
      While up-streaming the IPQ4019 driver it was thought that the controller had no Clause 45 support,
      but it actually does and its activated by writing a bit to the mode register.
      
      So lets add it as newer SoC-s use the same controller and Clause 45 compliant PHY-s.
      Signed-off-by: default avatarRobert Marko <robert.marko@sartura.hr>
      Cc: Luka Perkov <luka.perkov@sartura.hr>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      06fb5606
    • Robert Marko's avatar
      net: mdio-ipq4019: change defines to upper case · b840ec1e
      Robert Marko authored
      In the commit adding the IPQ4019 MDIO driver, defines for timeout and sleep partially used lower case.
      Lets change it to upper case in line with the rest of driver defines.
      Signed-off-by: default avatarRobert Marko <robert.marko@sartura.hr>
      Cc: Luka Perkov <luka.perkov@sartura.hr>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b840ec1e
    • David S. Miller's avatar
      Merge branch 'Introduce-mbox-tracepoints-for-Octeontx2' · 35e3dbfa
      David S. Miller authored
      Subbaraya Sundeep says:
      
      ====================
      Introduce mbox tracepoints for Octeontx2
      
      This patchset adds tracepoints support for mailbox.
      In Octeontx2, PFs and VFs need to communicate with AF
      for allocating and freeing resources. Once all the
      configuration is done by AF for a PF/VF then packet I/O
      can happen on PF/VF queues. When an interface
      is brought up many mailbox messages are sent
      to AF for initializing queues. Say a VF is brought up
      then each message is sent to PF and PF forwards to
      AF and response also traverses from AF to PF and then VF.
      To aid debugging, tracepoints are added at places where
      messages are allocated, sent and message interrupts.
      Below is the trace of one of the messages from VF to AF
      and AF response back to VF:
      
      ~ # echo 1 > /sys/kernel/tracing/events/rvu/enable
      ~ # ifconfig eth20 up
      [  279.379559] eth20 NIC Link is UP 10000 Mbps Full duplex
      ~ # cat /sys/kernel/tracing/trace
              ifconfig-171   [000] ....   275.753345: otx2_msg_alloc: [0002:02:00.1] msg:(0x400) size:40
      
              ifconfig-171   [000] ...1   275.753347: otx2_msg_send: [0002:02:00.1] sent 1 msg(s) of size:48
      
                <idle>-0     [001] dNh1   275.753356: otx2_msg_interrupt: [0002:02:00.0] mbox interrupt VF(s) to PF (0x1)
      
          kworker/u9:1-90    [001] ...1   275.753364: otx2_msg_send: [0002:02:00.0] sent 1 msg(s) of size:48
      
          kworker/u9:1-90    [001] d.h.   275.753367: otx2_msg_interrupt: [0002:01:00.0] mbox interrupt PF(s) to AF (0x2)
      
          kworker/u9:2-167   [002] ....   275.753535: otx2_msg_process: [0002:01:00.0] msg:(0x400) error:0
      
          kworker/u9:2-167   [002] ...1   275.753537: otx2_msg_send: [0002:01:00.0] sent 1 msg(s) of size:32
      
                <idle>-0     [003] d.h1   275.753543: otx2_msg_interrupt: [0002:02:00.0] mbox interrupt AF to PF (0x1)
      
                <idle>-0     [001] d.h2   275.754376: otx2_msg_interrupt: [0002:02:00.1] mbox interrupt PF to VF (0x1)
      
      v3 changes:
       Removed EXPORT_TRACEPOINT_SYMBOLS of otx2_msg_send and otx2_msg_check
       since they are called locally only
      
      v2 changes:
       Removed otx2_msg_err tracepoint since it is similar to devlink_hwerr
       and it will be used instead when devlink supported is added.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      35e3dbfa
    • Subbaraya Sundeep's avatar
      octeontx2-pf: Add tracepoints for PF/VF mailbox · 31a97460
      Subbaraya Sundeep authored
      With tracepoints support present in the mailbox
      code this patch adds tracepoints in PF and VF drivers
      at places where mailbox messages are allocated,
      sent and at message interrupts.
      Signed-off-by: default avatarSubbaraya Sundeep <sbhatta@marvell.com>
      Signed-off-by: default avatarSunil Goutham <sgoutham@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      31a97460
    • Subbaraya Sundeep's avatar
      octeontx2-af: Introduce tracepoints for mailbox · 49142d12
      Subbaraya Sundeep authored
      Added tracepoints in mailbox code so that
      the mailbox operations like message allocation,
      sending message and message interrupts are traced.
      Also the mailbox errors occurred like timeout
      or wrong responses are traced.
      These will help in debugging mailbox issues.
      
      Here's an example output showing one of the mailbox
      messages sent by PF to AF and AF responding to it:
      
      ~# mount -t tracefs none /sys/kernel/tracing/
      ~# echo 1 > /sys/kernel/tracing/events/rvu/enable
      ~# ifconfig eth0 up
      ~# cat /sys/kernel/tracing/trace
      
      ~# cat /sys/kernel/tracing/trace
       tracer: nop
      
      		      _-----=> irqs-off
      		     / _----=> need-resched
      		    | / _---=> hardirq/softirq
      		    || / _--=> preempt-depth
      		    ||| /     delay
         TASK-PID   CPU#  ||||    TIMESTAMP  FUNCTION
            | |       |   ||||       |         |
      ifconfig-2382  [002] ....   756.161892: otx2_msg_alloc: [0002:02:00.0] msg:(0x400) size:40
      
      ifconfig-2382  [002] ...1   756.161895: otx2_msg_send: [0002:02:00.0] sent 1 msg(s) of size:48
      
       <idle>-0     [000] d.h1   756.161902: otx2_msg_interrupt: [0002:01:00.0] mbox interrupt PF(s) to AF (0x2)
      
      kworker/u49:0-1165  [000] ....   756.162049: otx2_msg_process: [0002:01:00.0] msg:(0x400) error:0
      
      kworker/u49:0-1165  [000] ...1   756.162051: otx2_msg_send: [0002:01:00.0] sent 1 msg(s) of size:32
      
      kworker/u49:0-1165  [000] d.h.   756.162056: otx2_msg_interrupt: [0002:02:00.0] mbox interrupt AF to PF (0x1)
      Signed-off-by: default avatarSubbaraya Sundeep <sbhatta@marvell.com>
      Signed-off-by: default avatarSunil Goutham <sgoutham@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      49142d12
    • Barry Song's avatar
      net: allwinner: remove redundant irqsave and irqrestore in hardIRQ · 36493269
      Barry Song authored
      The comment "holders of db->lock must always block IRQs" and related
      code to do irqsave and irqrestore don't make sense since we are in a
      IRQ-disabled hardIRQ context.
      
      Cc: Maxime Ripard <mripard@kernel.org>
      Cc: Chen-Yu Tsai <wens@csie.org>
      Signed-off-by: default avatarBarry Song <song.bao.hua@hisilicon.com>
      Acked-by: default avatarMaxime Ripard <mripard@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      36493269
    • Rikard Falkeborn's avatar
      net: hns3: Constify static structs · e4b91468
      Rikard Falkeborn authored
      A number of static variables were not modified. Make them const to allow
      the compiler to put them in read-only memory. In order to do so,
      constify a couple of input pointers as well as some local pointers.
      This moves about 35Kb to read-only memory as seen by the output of the
      size command.
      
      Before:
         text    data     bss     dec     hex filename
       404938  111534     640  517112   7e3f8 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge.ko
      
      After:
         text    data     bss     dec     hex filename
       439499   76974     640  517113   7e3f9 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge.ko
      Signed-off-by: default avatarRikard Falkeborn <rikard.falkeborn@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e4b91468
  3. 23 Sep, 2020 16 commits
    • David S. Miller's avatar
      Merge branch 'net-bridge-mcast-IGMPv3-MLDv2-fast-path-part-2' · 68d4fd30
      David S. Miller authored
      Nikolay Aleksandrov says:
      
      ====================
      net: bridge: mcast: IGMPv3/MLDv2 fast-path (part 2)
      
      This is the second part of the IGMPv3/MLDv2 support which adds support
      for the fast-path. In order to be able to handle source entries we add
      mdb support for S,G entries (i.e. we add source address support to
      br_ip), that requires to extend the current mdb netlink API, fortunately
      we just add another attribute which will contain nested future mdb
      attributes, then we use it to add support for S,G user- add, del and
      dump. The lookup sequence is simple: when IGMPv3/MLDv2 are enabled do
      the S,G lookup first and if it fails fallback to *,G. The more complex
      part is when we begin handling source lists and auto-installing S,G entries
      and *,G filter mode transitions. We have the following cases:
       1) *,G INCLUDE -> EXCLUDE transition: we need to install the port in
          all of *,G's installed S,G entries for proper replication (except
          the ones explicitly blocked), this is also necessary when adding a
          new *,G EXCLUDE port group
      
       2) *,G EXCLUDE -> INCLUDE transition: we need to remove the port from
          all of *,G's installed S,G entries, this is also necessary when
          removing a *,G port group
      
       3) New S,G port entry: we need to install all current *,G EXCLUDE ports
      
       4) Remove S,G port entry: if all other port groups were auto-installed we
          can safely remove them and delete the whole S,G entry
      
      Currently we compute these operations from the available ports, their
      source lists and their filter mode. In the future we can extend the port
      group structure and reduce the running time of these ops. Also one
      current limitation is that host-joined S,G entries are not supported.
      I.e. one cannot add "dev bridge port bridge" mdb S,G entries. The host
      join is currently considered an EXCLUDE {} join, so it's reflected in
      all of *,G's installed S,G entries. If an S,G,port entry is added as
      temporary then the kernel can take it over if a source shows up from a
      report, permanent entries are skipped. In order to properly handle
      blocked sources we add a new port group blocked flag to avoid forwarding
      to that port group in the S,G. Finally when forwarding we use the port
      group filter mode (if it's INCLUDE and the port group is from a *,G then
      don't replicate to it, respectively if it's EXCLUDE then forward) and the
      blocked flag (obviously if it's set - skip that port unless it's a
      router port) to decide if the port should be skipped. Another limitation
      is that we can't do some of the above transitions without small traffic
      drop while installing/removing entries. That will be taken care of when
      we add atomic swap of port replication lists later.
      
      Patch break down:
       patches 1-3: prepare the mdb code for better extack support which is
                    used in future patches to return a more meaningful error
       patches 4-6: add the source address field to struct br_ip, and do minor
                    cleanups around it
       patches 7-8: extend the mdb netlink API so we can send new mdb
                    attributes and uses the new API for S,G entry add/del/dump
                    support
       patch     9: takes care of S,G entries when doing a lookup (first S,G
                    then *,G lookup)
       patch    10: adds a new port group field and attribute for origin protocol
                    we use the already available RTPROT_ definitions,
                    currently user-space entries are added as RTPROT_STATIC and
                    kernel entries are added as RTPROT_KERNEL, we may allow
                    user-space to set custom values later (e.g. for FRR, clag)
       patch    11: adds an internal S,G,port rhashtable to speed up filter
                    mode transitions
       patch    12: initial automatic install of S,G entries based on port
                    groups' source lists
       patch    13: handles port group modes on transitions or when new
                    port group entries are added
       patch    14: self-explanatory - adds support for blocked port group
                    entries needed to stop forwarding to particular S,G,port
                    entries
       patch    15: handles host-join/leave state changes, treats host-joins
                    as EXCLUDE {} groups (reflected in all *,G's S,G entries)
       patch    16: finally adds the fast-path filter mode and block flag
                    support
      
      Here're the sets that will come next (in order):
       - iproute2 support for IGMPv3/MLDv2
       - selftests for all mode transitions and group flags
       - explicit host tracking for proper fast-leave support
       - atomic port replication lists (these are also needed for broadcast
         forwarding optimizations)
       - mode transition optimization and removal of open-coded sorted lists
      
      Not implemented yet:
       - Host IGMPv3/MLDv2 filter support (currently we handle only join/leave
         as before)
       - Proper other querier source timer and value updates
       - IGMPv3/v2 MLDv2/v1 compat (I have a few rough patches for this one)
      
      v2: fix build with CONFIG_BATMAN_ADV_MCAST in patch 6
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      68d4fd30
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: when forwarding handle filter mode and blocked flag · 36cfec73
      Nikolay Aleksandrov authored
      We need to avoid forwarding to ports in MCAST_INCLUDE filter mode when the
      mdst entry is a *,G or when the port has the blocked flag.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      36cfec73
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: handle host state · 094b82fd
      Nikolay Aleksandrov authored
      Since host joins are considered as EXCLUDE {} joins we need to reflect
      that in all of *,G ports' S,G entries. Since the S,Gs can have
      host_joined == true only set automatically we can safely set it to false
      when removing all automatically added entries upon S,G delete.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      094b82fd
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: add support for blocked port groups · 9116ffbf
      Nikolay Aleksandrov authored
      When excluding S,G entries we need a way to block a particular S,G,port.
      The new port group flag is managed based on the source's timer as per
      RFCs 3376 and 3810. When a source expires and its port group is in
      EXCLUDE mode, it will be blocked.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9116ffbf
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: handle port group filter modes · 8266a049
      Nikolay Aleksandrov authored
      We need to handle group filter mode transitions and initial state.
      To change a port group's INCLUDE -> EXCLUDE mode (or when we have added
      a new port group in EXCLUDE mode) we need to add that port to all of
      *,G ports' S,G entries for proper replication. When the EXCLUDE state is
      changed from IGMPv3 report, br_multicast_fwd_filter_exclude() must be
      called after the source list processing because the assumption is that
      all of the group's S,G entries will be created before transitioning to
      EXCLUDE mode, i.e. most importantly its blocked entries will already be
      added so it will not get automatically added to them.
      The transition EXCLUDE -> INCLUDE happens only when a port group timer
      expires, it requires us to remove that port from all of *,G ports' S,G
      entries where it was automatically added previously.
      Finally when we are adding a new S,G entry we must add all of *,G's
      EXCLUDE ports to it.
      In order to distinguish automatically added *,G EXCLUDE ports we have a
      new port group flag - MDB_PG_FLAGS_STAR_EXCL.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8266a049
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: install S,G entries automatically based on reports · b0812368
      Nikolay Aleksandrov authored
      This patch adds support for automatic install of S,G mdb entries based
      on the port group's source list and the source entry's timer.
      Once installed the S,G will be used when forwarding packets if the
      approprate multicast/mld versions are set. A new source flag called
      BR_SGRP_F_INSTALLED denotes if the source has a forwarding mdb entry
      installed.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b0812368
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: add sg_port rhashtable · 085b53c8
      Nikolay Aleksandrov authored
      To speedup S,G forward handling we need to be able to quickly find out
      if a port is a member of an S,G group. To do that add a global S,G port
      rhashtable with key: source addr, group addr, protocol, vid (all br_ip
      fields) and port pointer.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      085b53c8
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: add rt_protocol field to the port group struct · 8f8cb77e
      Nikolay Aleksandrov authored
      We need to be able to differentiate between pg entries created by
      user-space and the kernel when we start generating S,G entries for
      IGMPv3/MLDv2's fast path. User-space entries are created by default as
      RTPROT_STATIC and the kernel entries are RTPROT_KERNEL. Later we can
      allow user-space to provide the entry rt_protocol so we can
      differentiate between who added the entries specifically (e.g. clag,
      admin, frr etc).
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8f8cb77e
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: when igmpv3/mldv2 are enabled lookup (S,G) first, then (*,G) · 7d07a68c
      Nikolay Aleksandrov authored
      If (S,G) entries are enabled (igmpv3/mldv2) then look them up first. If
      there isn't a present (S,G) entry then try to find (*,G).
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7d07a68c
    • Nikolay Aleksandrov's avatar
      net: bridge: mdb: add support for add/del/dump of entries with source · 88d4bd18
      Nikolay Aleksandrov authored
      Add new mdb attributes (MDBE_ATTR_SOURCE for setting,
      MDBA_MDB_EATTR_SOURCE for dumping) to allow add/del and dump of mdb
      entries with a source address (S,G). New S,G entries are created with
      filter mode of MCAST_INCLUDE. The same attributes are used for IPv4 and
      IPv6, they're validated and parsed based on their protocol.
      S,G host joined entries which are added by user are not allowed yet.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      88d4bd18
    • Nikolay Aleksandrov's avatar
      net: bridge: mdb: add support to extend add/del commands · 9c4258c7
      Nikolay Aleksandrov authored
      Since the MDB add/del code expects an exact struct br_mdb_entry we can't
      really add any extensions, thus add a new nested attribute at the level of
      MDBA_SET_ENTRY called MDBA_SET_ENTRY_ATTRS which will be used to pass
      all new options via netlink attributes. This patch doesn't change
      anything functionally since the new attribute is not used yet, only
      parsed.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9c4258c7
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: rename br_ip's u member to dst · eab3227b
      Nikolay Aleksandrov authored
      Since now we have src in br_ip, u no longer makes sense so rename
      it to dst. No functional changes.
      
      v2: fix build with CONFIG_BATMAN_ADV_MCAST
      
      CC: Marek Lindner <mareklindner@neomailbox.ch>
      CC: Simon Wunderlich <sw@simonwunderlich.de>
      CC: Antonio Quartulli <a@unstable.cc>
      CC: Sven Eckelmann <sven@narfation.org>
      CC: b.a.t.m.a.n@lists.open-mesh.org
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      eab3227b
    • Nikolay Aleksandrov's avatar
      net: bridge: mcast: use br_ip's src for src groups and querier address · deb96566
      Nikolay Aleksandrov authored
      Now that we have src and dst in br_ip it is logical to use the src field
      for the cases where we need to work with a source address such as
      querier source address and group source address.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      deb96566
    • Nikolay Aleksandrov's avatar
      net: bridge: add src field to br_ip · e1ac1185
      Nikolay Aleksandrov authored
      Add a new src field to struct br_ip which will be used to lookup S, G
      entries. When SSM option is added we will enable full br_ip lookups.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e1ac1185
    • Nikolay Aleksandrov's avatar
      net: bridge: mdb: use extack in br_mdb_add() and br_mdb_add_group() · 83f7398e
      Nikolay Aleksandrov authored
      Pass and use extack all the way down to br_mdb_add_group().
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      83f7398e
    • Nikolay Aleksandrov's avatar
      net: bridge: mdb: move all port and bridge checks to br_mdb_add · 7eea629d
      Nikolay Aleksandrov authored
      To avoid doing duplicate device checks and searches (the same were done
      in br_mdb_add and __br_mdb_add) pass the already found port to __br_mdb_add
      and pull the bridge's netif_running and enabled multicast checks to
      br_mdb_add. This would also simplify the future extack errors.
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7eea629d