linux-stable/include/linux/dsa
Vladimir Oltean 91495f21fc net: dsa: tag_8021q: replace the SVL bridging with VLAN-unaware IVL bridging
For VLAN-unaware bridging, tag_8021q uses something perhaps a bit too
tied with the sja1105 switch: each port uses the same pvid which is also
used for standalone operation (a unique one from which the source port
and device ID can be retrieved when packets from that port are forwarded
to the CPU). Since each port has a unique pvid when performing
autonomous forwarding, the switch must be configured for Shared VLAN
Learning (SVL) such that the VLAN ID itself is ignored when performing
FDB lookups. Without SVL, packets would always be flooded, since FDB
lookup in the source port's VLAN would never find any entry.

First of all, to make tag_8021q more palatable to switches which might
not support Shared VLAN Learning, let's just use a common VLAN for all
ports that are under the same bridge.

Secondly, using Shared VLAN Learning means that FDB isolation can never
be enforced. But if all ports under the same VLAN-unaware bridge share
the same VLAN ID, it can.

The disadvantage is that the CPU port can no longer perform precise
source port identification for these packets. But at least we have a
mechanism which has proven to be adequate for that situation: imprecise
RX (dsa_find_designated_bridge_port_by_vid), which is what we use for
termination on VLAN-aware bridges.

The VLAN ID that VLAN-unaware bridges will use with tag_8021q is the
same one as we were previously using for imprecise TX (bridge TX
forwarding offload). It is already allocated, it is just a matter of
using it.

Note that because now all ports under the same bridge share the same
VLAN, the complexity of performing a tag_8021q bridge join decreases
dramatically. We no longer have to install the RX VLAN of a newly
joining port into the port membership of the existing bridge ports.
The newly joining port just becomes a member of the VLAN corresponding
to that bridge, and the other ports are already members of it from when
they joined the bridge themselves. So forwarding works properly.

This means that we can unhook dsa_tag_8021q_bridge_{join,leave} from the
cross-chip notifier level dsa_switch_bridge_{join,leave}. We can put
these calls directly into the sja1105 driver.

With this new mode of operation, a port controlled by tag_8021q can have
two pvids whereas before it could only have one. The pvid for standalone
operation is different from the pvid used for VLAN-unaware bridging.
This is done, again, so that FDB isolation can be enforced.
Let tag_8021q manage this by deleting the standalone pvid when a port
joins a bridge, and restoring it when it leaves it.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2022-02-27 11:06:13 +00:00
..
8021q.h net: dsa: tag_8021q: replace the SVL bridging with VLAN-unaware IVL bridging 2022-02-27 11:06:13 +00:00
brcm.h net: dsa: move the Broadcom tag information in a separate header file 2021-01-07 15:42:07 -08:00
lan9303.h net: dsa: lan9303: phy_addr_sel_strap rename and retype 2018-01-04 13:35:07 -05:00
loop.h net: Don't include filter.h from net/sock.h 2021-12-29 08:48:14 -08:00
mv88e6xxx.h net: dsa: mv88e6xxx: isolate the ATU databases of standalone and bridged ports 2021-10-08 15:47:46 -07:00
ocelot.h net: dsa: tag_ocelot: convert to tagger-owned data 2021-12-12 12:51:33 +00:00
sja1105.h net: dsa: sja1105: fix broken connection with the sja1110 tagger 2021-12-14 12:45:16 +00:00
tag_qca.h net: dsa: tag_qca: add support for handling mgmt and MIB Ethernet packet 2022-02-02 14:43:59 +00:00