mlxsw: Add QinQ configuration vetoes

After adding support for QinQ, a.k.a 802.1ad protocol, there are a few
scenarios that should be vetoed.

The vetoes are motivated by various ASIC limitations.
For example, a port that is member in a 802.1ad bridge cannot have 802.1q
uppers as the port needs to be configured to treat 802.1q packets as
untagged packets.

Veto all those unsupported scenarios and return suitable messages.

Signed-off-by: Danielle Ratson <danieller@nvidia.com>
Reviewed-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c
index fe954e87c5a7f17f1ea7152e0564d5d4ecfc03eb..385eb3c3b36238b389d7ca403cc1d1becaa946d0 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c
+++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c
@@ -3893,6 +3893,7 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *lower_dev,
        struct net_device *upper_dev;
        struct mlxsw_sp *mlxsw_sp;
        int err = 0;
+       u16 proto;
 
        mlxsw_sp_port = netdev_priv(dev);
        mlxsw_sp = mlxsw_sp_port->mlxsw_sp;
@@ -3950,6 +3951,36 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *lower_dev,
                        NL_SET_ERR_MSG_MOD(extack, "Can not put a VLAN on an OVS port");
                        return -EINVAL;
                }
+               if (netif_is_bridge_master(upper_dev)) {
+                       br_vlan_get_proto(upper_dev, &proto);
+                       if (br_vlan_enabled(upper_dev) &&
+                           proto != ETH_P_8021Q && proto != ETH_P_8021AD) {
+                               NL_SET_ERR_MSG_MOD(extack, "Enslaving a port to a bridge with unknown VLAN protocol is not supported");
+                               return -EOPNOTSUPP;
+                       }
+                       if (vlan_uses_dev(lower_dev) &&
+                           br_vlan_enabled(upper_dev) &&
+                           proto == ETH_P_8021AD) {
+                               NL_SET_ERR_MSG_MOD(extack, "Enslaving a port that already has a VLAN upper to an 802.1ad bridge is not supported");
+                               return -EOPNOTSUPP;
+                       }
+               }
+               if (netif_is_bridge_port(lower_dev) && is_vlan_dev(upper_dev)) {
+                       struct net_device *br_dev = netdev_master_upper_dev_get(lower_dev);
+
+                       if (br_vlan_enabled(br_dev)) {
+                               br_vlan_get_proto(br_dev, &proto);
+                               if (proto == ETH_P_8021AD) {
+                                       NL_SET_ERR_MSG_MOD(extack, "VLAN uppers are not supported on a port enslaved to an 802.1ad bridge");
+                                       return -EOPNOTSUPP;
+                               }
+                       }
+               }
+               if (is_vlan_dev(upper_dev) &&
+                   ntohs(vlan_dev_vlan_proto(upper_dev)) != ETH_P_8021Q) {
+                       NL_SET_ERR_MSG_MOD(extack, "VLAN uppers are only supported with 802.1q VLAN protocol");
+                       return -EOPNOTSUPP;
+               }
                break;
        case NETDEV_CHANGEUPPER:
                upper_dev = info->upper_dev;
@@ -4215,6 +4246,7 @@ static int mlxsw_sp_netdevice_bridge_event(struct net_device *br_dev,
        struct netdev_notifier_changeupper_info *info = ptr;
        struct netlink_ext_ack *extack;
        struct net_device *upper_dev;
+       u16 proto;
 
        if (!mlxsw_sp)
                return 0;
@@ -4230,6 +4262,18 @@ static int mlxsw_sp_netdevice_bridge_event(struct net_device *br_dev,
                }
                if (!info->linking)
                        break;
+               if (br_vlan_enabled(br_dev)) {
+                       br_vlan_get_proto(br_dev, &proto);
+                       if (proto == ETH_P_8021AD) {
+                               NL_SET_ERR_MSG_MOD(extack, "Uppers are not supported on top of an 802.1ad bridge");
+                               return -EOPNOTSUPP;
+                       }
+               }
+               if (is_vlan_dev(upper_dev) &&
+                   ntohs(vlan_dev_vlan_proto(upper_dev)) != ETH_P_8021Q) {
+                       NL_SET_ERR_MSG_MOD(extack, "VLAN uppers are only supported with 802.1q VLAN protocol");
+                       return -EOPNOTSUPP;
+               }
                if (netif_is_macvlan(upper_dev) &&
                    !mlxsw_sp_rif_exists(mlxsw_sp, br_dev)) {
                        NL_SET_ERR_MSG_MOD(extack, "macvlan is only supported on top of router interfaces");

diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c
index 12b5d7fbe1e2c62cba2df0c202ae337fef8a8c52..85223647fdb6d169b139cc91deda7fa8631b7bd2 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c
+++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c
@@ -7857,6 +7857,15 @@ static int mlxsw_sp_inetaddr_bridge_event(struct mlxsw_sp *mlxsw_sp,
 
        switch (event) {
        case NETDEV_UP:
+               if (netif_is_bridge_master(l3_dev) && br_vlan_enabled(l3_dev)) {
+                       u16 proto;
+
+                       br_vlan_get_proto(l3_dev, &proto);
+                       if (proto == ETH_P_8021AD) {
+                               NL_SET_ERR_MSG_MOD(extack, "Adding an IP address to 802.1ad bridge is not supported");
+                               return -EOPNOTSUPP;
+                       }
+               }
                rif = mlxsw_sp_rif_create(mlxsw_sp, &params, extack);
                if (IS_ERR(rif))
                        return PTR_ERR(rif);

diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c
index d8ee8801331cb78aa68d1a4a12396e1252ccce0d..9c4e17607e6afc92a0fbbaa39df6d5498773a44c 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c
+++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c
@@ -764,6 +764,25 @@ static int mlxsw_sp_port_attr_br_vlan_set(struct mlxsw_sp_port *mlxsw_sp_port,
        return -EINVAL;
 }
 
+static int mlxsw_sp_port_attr_br_vlan_proto_set(struct mlxsw_sp_port *mlxsw_sp_port,
+                                               struct switchdev_trans *trans,
+                                               struct net_device *orig_dev,
+                                               u16 vlan_proto)
+{
+       struct mlxsw_sp *mlxsw_sp = mlxsw_sp_port->mlxsw_sp;
+       struct mlxsw_sp_bridge_device *bridge_device;
+
+       if (!switchdev_trans_ph_prepare(trans))
+               return 0;
+
+       bridge_device = mlxsw_sp_bridge_device_find(mlxsw_sp->bridge, orig_dev);
+       if (WARN_ON(!bridge_device))
+               return -EINVAL;
+
+       netdev_err(bridge_device->dev, "VLAN protocol can't be changed on existing bridge\n");
+       return -EINVAL;
+}
+
 static int mlxsw_sp_port_attr_mrouter_set(struct mlxsw_sp_port *mlxsw_sp_port,
                                          struct switchdev_trans *trans,
                                          struct net_device *orig_dev,
@@ -933,6 +952,11 @@ static int mlxsw_sp_port_attr_set(struct net_device *dev,
                                                     attr->orig_dev,
                                                     attr->u.vlan_filtering);
                break;
+       case SWITCHDEV_ATTR_ID_BRIDGE_VLAN_PROTOCOL:
+               err = mlxsw_sp_port_attr_br_vlan_proto_set(mlxsw_sp_port, trans,
+                                                          attr->orig_dev,
+                                                          attr->u.vlan_protocol);
+               break;
        case SWITCHDEV_ATTR_ID_PORT_MROUTER:
                err = mlxsw_sp_port_attr_mrouter_set(mlxsw_sp_port, trans,
                                                     attr->orig_dev,