1 // SPDX-License-Identifier: GPL-2.0 2 /* Copyright (c) 2019, Vladimir Oltean <olteanv@gmail.com> 3 * 4 * This module is not a complete tagger implementation. It only provides 5 * primitives for taggers that rely on 802.1Q VLAN tags to use. The 6 * dsa_8021q_netdev_ops is registered for API compliance and not used 7 * directly by callers. 8 */ 9 #include <linux/if_bridge.h> 10 #include <linux/if_vlan.h> 11 12 #include "dsa_priv.h" 13 14 /* Binary structure of the fake 12-bit VID field (when the TPID is 15 * ETH_P_DSA_8021Q): 16 * 17 * | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | 18 * +-----------+-----+-----------------+-----------+-----------------------+ 19 * | DIR | RSV | SWITCH_ID | RSV | PORT | 20 * +-----------+-----+-----------------+-----------+-----------------------+ 21 * 22 * DIR - VID[11:10]: 23 * Direction flags. 24 * * 1 (0b01) for RX VLAN, 25 * * 2 (0b10) for TX VLAN. 26 * These values make the special VIDs of 0, 1 and 4095 to be left 27 * unused by this coding scheme. 28 * 29 * RSV - VID[9]: 30 * To be used for further expansion of SWITCH_ID or for other purposes. 31 * 32 * SWITCH_ID - VID[8:6]: 33 * Index of switch within DSA tree. Must be between 0 and 34 * DSA_MAX_SWITCHES - 1. 35 * 36 * RSV - VID[5:4]: 37 * To be used for further expansion of PORT or for other purposes. 38 * 39 * PORT - VID[3:0]: 40 * Index of switch port. Must be between 0 and DSA_MAX_PORTS - 1. 41 */ 42 43 #define DSA_8021Q_DIR_SHIFT 10 44 #define DSA_8021Q_DIR_MASK GENMASK(11, 10) 45 #define DSA_8021Q_DIR(x) (((x) << DSA_8021Q_DIR_SHIFT) & \ 46 DSA_8021Q_DIR_MASK) 47 #define DSA_8021Q_DIR_RX DSA_8021Q_DIR(1) 48 #define DSA_8021Q_DIR_TX DSA_8021Q_DIR(2) 49 50 #define DSA_8021Q_SWITCH_ID_SHIFT 6 51 #define DSA_8021Q_SWITCH_ID_MASK GENMASK(8, 6) 52 #define DSA_8021Q_SWITCH_ID(x) (((x) << DSA_8021Q_SWITCH_ID_SHIFT) & \ 53 DSA_8021Q_SWITCH_ID_MASK) 54 55 #define DSA_8021Q_PORT_SHIFT 0 56 #define DSA_8021Q_PORT_MASK GENMASK(3, 0) 57 #define DSA_8021Q_PORT(x) (((x) << DSA_8021Q_PORT_SHIFT) & \ 58 DSA_8021Q_PORT_MASK) 59 60 /* Returns the VID to be inserted into the frame from xmit for switch steering 61 * instructions on egress. Encodes switch ID and port ID. 62 */ 63 u16 dsa_8021q_tx_vid(struct dsa_switch *ds, int port) 64 { 65 return DSA_8021Q_DIR_TX | DSA_8021Q_SWITCH_ID(ds->index) | 66 DSA_8021Q_PORT(port); 67 } 68 EXPORT_SYMBOL_GPL(dsa_8021q_tx_vid); 69 70 /* Returns the VID that will be installed as pvid for this switch port, sent as 71 * tagged egress towards the CPU port and decoded by the rcv function. 72 */ 73 u16 dsa_8021q_rx_vid(struct dsa_switch *ds, int port) 74 { 75 return DSA_8021Q_DIR_RX | DSA_8021Q_SWITCH_ID(ds->index) | 76 DSA_8021Q_PORT(port); 77 } 78 EXPORT_SYMBOL_GPL(dsa_8021q_rx_vid); 79 80 /* Returns the decoded switch ID from the RX VID. */ 81 int dsa_8021q_rx_switch_id(u16 vid) 82 { 83 return (vid & DSA_8021Q_SWITCH_ID_MASK) >> DSA_8021Q_SWITCH_ID_SHIFT; 84 } 85 EXPORT_SYMBOL_GPL(dsa_8021q_rx_switch_id); 86 87 /* Returns the decoded port ID from the RX VID. */ 88 int dsa_8021q_rx_source_port(u16 vid) 89 { 90 return (vid & DSA_8021Q_PORT_MASK) >> DSA_8021Q_PORT_SHIFT; 91 } 92 EXPORT_SYMBOL_GPL(dsa_8021q_rx_source_port); 93 94 /* RX VLAN tagging (left) and TX VLAN tagging (right) setup shown for a single 95 * front-panel switch port (here swp0). 96 * 97 * Port identification through VLAN (802.1Q) tags has different requirements 98 * for it to work effectively: 99 * - On RX (ingress from network): each front-panel port must have a pvid 100 * that uniquely identifies it, and the egress of this pvid must be tagged 101 * towards the CPU port, so that software can recover the source port based 102 * on the VID in the frame. But this would only work for standalone ports; 103 * if bridged, this VLAN setup would break autonomous forwarding and would 104 * force all switched traffic to pass through the CPU. So we must also make 105 * the other front-panel ports members of this VID we're adding, albeit 106 * we're not making it their PVID (they'll still have their own). 107 * By the way - just because we're installing the same VID in multiple 108 * switch ports doesn't mean that they'll start to talk to one another, even 109 * while not bridged: the final forwarding decision is still an AND between 110 * the L2 forwarding information (which is limiting forwarding in this case) 111 * and the VLAN-based restrictions (of which there are none in this case, 112 * since all ports are members). 113 * - On TX (ingress from CPU and towards network) we are faced with a problem. 114 * If we were to tag traffic (from within DSA) with the port's pvid, all 115 * would be well, assuming the switch ports were standalone. Frames would 116 * have no choice but to be directed towards the correct front-panel port. 117 * But because we also want the RX VLAN to not break bridging, then 118 * inevitably that means that we have to give them a choice (of what 119 * front-panel port to go out on), and therefore we cannot steer traffic 120 * based on the RX VID. So what we do is simply install one more VID on the 121 * front-panel and CPU ports, and profit off of the fact that steering will 122 * work just by virtue of the fact that there is only one other port that's 123 * a member of the VID we're tagging the traffic with - the desired one. 124 * 125 * So at the end, each front-panel port will have one RX VID (also the PVID), 126 * the RX VID of all other front-panel ports, and one TX VID. Whereas the CPU 127 * port will have the RX and TX VIDs of all front-panel ports, and on top of 128 * that, is also tagged-input and tagged-output (VLAN trunk). 129 * 130 * CPU port CPU port 131 * +-------------+-----+-------------+ +-------------+-----+-------------+ 132 * | RX VID | | | | TX VID | | | 133 * | of swp0 | | | | of swp0 | | | 134 * | +-----+ | | +-----+ | 135 * | ^ T | | | Tagged | 136 * | | | | | ingress | 137 * | +-------+---+---+-------+ | | +-----------+ | 138 * | | | | | | | | Untagged | 139 * | | U v U v U v | | v egress | 140 * | +-----+ +-----+ +-----+ +-----+ | | +-----+ +-----+ +-----+ +-----+ | 141 * | | | | | | | | | | | | | | | | | | | | 142 * | |PVID | | | | | | | | | | | | | | | | | | 143 * +-+-----+-+-----+-+-----+-+-----+-+ +-+-----+-+-----+-+-----+-+-----+-+ 144 * swp0 swp1 swp2 swp3 swp0 swp1 swp2 swp3 145 */ 146 int dsa_port_setup_8021q_tagging(struct dsa_switch *ds, int port, bool enabled) 147 { 148 int upstream = dsa_upstream_port(ds, port); 149 struct dsa_port *dp = &ds->ports[port]; 150 struct dsa_port *upstream_dp = &ds->ports[upstream]; 151 u16 rx_vid = dsa_8021q_rx_vid(ds, port); 152 u16 tx_vid = dsa_8021q_tx_vid(ds, port); 153 int i, err; 154 155 /* The CPU port is implicitly configured by 156 * configuring the front-panel ports 157 */ 158 if (!dsa_is_user_port(ds, port)) 159 return 0; 160 161 /* Add this user port's RX VID to the membership list of all others 162 * (including itself). This is so that bridging will not be hindered. 163 * L2 forwarding rules still take precedence when there are no VLAN 164 * restrictions, so there are no concerns about leaking traffic. 165 */ 166 for (i = 0; i < ds->num_ports; i++) { 167 struct dsa_port *other_dp = &ds->ports[i]; 168 u16 flags; 169 170 if (i == upstream) 171 continue; 172 else if (i == port) 173 /* The RX VID is pvid on this port */ 174 flags = BRIDGE_VLAN_INFO_UNTAGGED | 175 BRIDGE_VLAN_INFO_PVID; 176 else 177 /* The RX VID is a regular VLAN on all others */ 178 flags = BRIDGE_VLAN_INFO_UNTAGGED; 179 180 if (enabled) 181 err = dsa_port_vid_add(other_dp, rx_vid, flags); 182 else 183 err = dsa_port_vid_del(other_dp, rx_vid); 184 if (err) { 185 dev_err(ds->dev, "Failed to apply RX VID %d to port %d: %d\n", 186 rx_vid, port, err); 187 return err; 188 } 189 } 190 191 /* CPU port needs to see this port's RX VID 192 * as tagged egress. 193 */ 194 if (enabled) 195 err = dsa_port_vid_add(upstream_dp, rx_vid, 0); 196 else 197 err = dsa_port_vid_del(upstream_dp, rx_vid); 198 if (err) { 199 dev_err(ds->dev, "Failed to apply RX VID %d to port %d: %d\n", 200 rx_vid, port, err); 201 return err; 202 } 203 204 /* Finally apply the TX VID on this port and on the CPU port */ 205 if (enabled) 206 err = dsa_port_vid_add(dp, tx_vid, BRIDGE_VLAN_INFO_UNTAGGED); 207 else 208 err = dsa_port_vid_del(dp, tx_vid); 209 if (err) { 210 dev_err(ds->dev, "Failed to apply TX VID %d on port %d: %d\n", 211 tx_vid, port, err); 212 return err; 213 } 214 if (enabled) 215 err = dsa_port_vid_add(upstream_dp, tx_vid, 0); 216 else 217 err = dsa_port_vid_del(upstream_dp, tx_vid); 218 if (err) { 219 dev_err(ds->dev, "Failed to apply TX VID %d on port %d: %d\n", 220 tx_vid, upstream, err); 221 return err; 222 } 223 224 return 0; 225 } 226 EXPORT_SYMBOL_GPL(dsa_port_setup_8021q_tagging); 227 228 struct sk_buff *dsa_8021q_xmit(struct sk_buff *skb, struct net_device *netdev, 229 u16 tpid, u16 tci) 230 { 231 /* skb->data points at skb_mac_header, which 232 * is fine for vlan_insert_tag. 233 */ 234 return vlan_insert_tag(skb, htons(tpid), tci); 235 } 236 EXPORT_SYMBOL_GPL(dsa_8021q_xmit); 237 238 struct sk_buff *dsa_8021q_rcv(struct sk_buff *skb, struct net_device *netdev, 239 struct packet_type *pt, u16 *tpid, u16 *tci) 240 { 241 struct vlan_ethhdr *tag; 242 243 if (unlikely(!pskb_may_pull(skb, VLAN_HLEN))) 244 return NULL; 245 246 tag = vlan_eth_hdr(skb); 247 *tpid = ntohs(tag->h_vlan_proto); 248 *tci = ntohs(tag->h_vlan_TCI); 249 250 /* skb->data points in the middle of the VLAN tag, 251 * after tpid and before tci. This is because so far, 252 * ETH_HLEN (DMAC, SMAC, EtherType) bytes were pulled. 253 * There are 2 bytes of VLAN tag left in skb->data, and upper 254 * layers expect the 'real' EtherType to be consumed as well. 255 * Coincidentally, a VLAN header is also of the same size as 256 * the number of bytes that need to be pulled. 257 */ 258 skb_pull_rcsum(skb, VLAN_HLEN); 259 260 return skb; 261 } 262 EXPORT_SYMBOL_GPL(dsa_8021q_rcv); 263 264 static const struct dsa_device_ops dsa_8021q_netdev_ops = { 265 .name = "8021q", 266 .proto = DSA_TAG_PROTO_8021Q, 267 .overhead = VLAN_HLEN, 268 }; 269 270 MODULE_LICENSE("GPL v2"); 271 MODULE_ALIAS_DSA_TAG_DRIVER(DSA_TAG_PROTO_8021Q); 272 273 module_dsa_tag_driver(dsa_8021q_netdev_ops); 274