mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-07 06:18:54 +00:00
484 lines
24 KiB
Diff
484 lines
24 KiB
Diff
|
From b7427d66cb3d6dca5165de5f7d80d59f08c2795b Mon Sep 17 00:00:00 2001
|
|||
|
From: =?UTF-8?q?Ar=C4=B1n=C3=A7=20=C3=9CNAL?= <arinc.unal@arinc9.com>
|
|||
|
Date: Tue, 9 Apr 2024 18:01:14 +0300
|
|||
|
Subject: [PATCH 2/2] net: dsa: mt7530: trap link-local frames regardless of ST
|
|||
|
Port State
|
|||
|
MIME-Version: 1.0
|
|||
|
Content-Type: text/plain; charset=UTF-8
|
|||
|
Content-Transfer-Encoding: 8bit
|
|||
|
|
|||
|
In Clause 5 of IEEE Std 802-2014, two sublayers of the data link layer
|
|||
|
(DLL) of the Open Systems Interconnection basic reference model (OSI/RM)
|
|||
|
are described; the medium access control (MAC) and logical link control
|
|||
|
(LLC) sublayers. The MAC sublayer is the one facing the physical layer.
|
|||
|
|
|||
|
In 8.2 of IEEE Std 802.1Q-2022, the Bridge architecture is described. A
|
|||
|
Bridge component comprises a MAC Relay Entity for interconnecting the Ports
|
|||
|
of the Bridge, at least two Ports, and higher layer entities with at least
|
|||
|
a Spanning Tree Protocol Entity included.
|
|||
|
|
|||
|
Each Bridge Port also functions as an end station and shall provide the MAC
|
|||
|
Service to an LLC Entity. Each instance of the MAC Service is provided to a
|
|||
|
distinct LLC Entity that supports protocol identification, multiplexing,
|
|||
|
and demultiplexing, for protocol data unit (PDU) transmission and reception
|
|||
|
by one or more higher layer entities.
|
|||
|
|
|||
|
It is described in 8.13.9 of IEEE Std 802.1Q-2022 that in a Bridge, the LLC
|
|||
|
Entity associated with each Bridge Port is modeled as being directly
|
|||
|
connected to the attached Local Area Network (LAN).
|
|||
|
|
|||
|
On the switch with CPU port architecture, CPU port functions as Management
|
|||
|
Port, and the Management Port functionality is provided by software which
|
|||
|
functions as an end station. Software is connected to an IEEE 802 LAN that
|
|||
|
is wholly contained within the system that incorporates the Bridge.
|
|||
|
Software provides access to the LLC Entity associated with each Bridge Port
|
|||
|
by the value of the source port field on the special tag on the frame
|
|||
|
received by software.
|
|||
|
|
|||
|
We call frames that carry control information to determine the active
|
|||
|
topology and current extent of each Virtual Local Area Network (VLAN),
|
|||
|
i.e., spanning tree or Shortest Path Bridging (SPB) and Multiple VLAN
|
|||
|
Registration Protocol Data Units (MVRPDUs), and frames from other link
|
|||
|
constrained protocols, such as Extensible Authentication Protocol over LAN
|
|||
|
(EAPOL) and Link Layer Discovery Protocol (LLDP), link-local frames. They
|
|||
|
are not forwarded by a Bridge. Permanently configured entries in the
|
|||
|
filtering database (FDB) ensure that such frames are discarded by the
|
|||
|
Forwarding Process. In 8.6.3 of IEEE Std 802.1Q-2022, this is described in
|
|||
|
detail:
|
|||
|
|
|||
|
Each of the reserved MAC addresses specified in Table 8-1
|
|||
|
(01-80-C2-00-00-[00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F]) shall be
|
|||
|
permanently configured in the FDB in C-VLAN components and ERs.
|
|||
|
|
|||
|
Each of the reserved MAC addresses specified in Table 8-2
|
|||
|
(01-80-C2-00-00-[01,02,03,04,05,06,07,08,09,0A,0E]) shall be permanently
|
|||
|
configured in the FDB in S-VLAN components.
|
|||
|
|
|||
|
Each of the reserved MAC addresses specified in Table 8-3
|
|||
|
(01-80-C2-00-00-[01,02,04,0E]) shall be permanently configured in the FDB
|
|||
|
in TPMR components.
|
|||
|
|
|||
|
The FDB entries for reserved MAC addresses shall specify filtering for all
|
|||
|
Bridge Ports and all VIDs. Management shall not provide the capability to
|
|||
|
modify or remove entries for reserved MAC addresses.
|
|||
|
|
|||
|
The addresses in Table 8-1, Table 8-2, and Table 8-3 determine the scope of
|
|||
|
propagation of PDUs within a Bridged Network, as follows:
|
|||
|
|
|||
|
The Nearest Bridge group address (01-80-C2-00-00-0E) is an address that
|
|||
|
no conformant Two-Port MAC Relay (TPMR) component, Service VLAN (S-VLAN)
|
|||
|
component, Customer VLAN (C-VLAN) component, or MAC Bridge can forward.
|
|||
|
PDUs transmitted using this destination address, or any other addresses
|
|||
|
that appear in Table 8-1, Table 8-2, and Table 8-3
|
|||
|
(01-80-C2-00-00-[00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F]), can
|
|||
|
therefore travel no further than those stations that can be reached via a
|
|||
|
single individual LAN from the originating station.
|
|||
|
|
|||
|
The Nearest non-TPMR Bridge group address (01-80-C2-00-00-03), is an
|
|||
|
address that no conformant S-VLAN component, C-VLAN component, or MAC
|
|||
|
Bridge can forward; however, this address is relayed by a TPMR component.
|
|||
|
PDUs using this destination address, or any of the other addresses that
|
|||
|
appear in both Table 8-1 and Table 8-2 but not in Table 8-3
|
|||
|
(01-80-C2-00-00-[00,03,05,06,07,08,09,0A,0B,0C,0D,0F]), will be relayed
|
|||
|
by any TPMRs but will propagate no further than the nearest S-VLAN
|
|||
|
component, C-VLAN component, or MAC Bridge.
|
|||
|
|
|||
|
The Nearest Customer Bridge group address (01-80-C2-00-00-00) is an
|
|||
|
address that no conformant C-VLAN component, MAC Bridge can forward;
|
|||
|
however, it is relayed by TPMR components and S-VLAN components. PDUs
|
|||
|
using this destination address, or any of the other addresses that appear
|
|||
|
in Table 8-1 but not in either Table 8-2 or Table 8-3
|
|||
|
(01-80-C2-00-00-[00,0B,0C,0D,0F]), will be relayed by TPMR components and
|
|||
|
S-VLAN components but will propagate no further than the nearest C-VLAN
|
|||
|
component or MAC Bridge.
|
|||
|
|
|||
|
Because the LLC Entity associated with each Bridge Port is provided via CPU
|
|||
|
port, we must not filter these frames but forward them to CPU port.
|
|||
|
|
|||
|
In a Bridge, the transmission Port is majorly decided by ingress and egress
|
|||
|
rules, FDB, and spanning tree Port State functions of the Forwarding
|
|||
|
Process. For link-local frames, only CPU port should be designated as
|
|||
|
destination port in the FDB, and the other functions of the Forwarding
|
|||
|
Process must not interfere with the decision of the transmission Port. We
|
|||
|
call this process trapping frames to CPU port.
|
|||
|
|
|||
|
Therefore, on the switch with CPU port architecture, link-local frames must
|
|||
|
be trapped to CPU port, and certain link-local frames received by a Port of
|
|||
|
a Bridge comprising a TPMR component or an S-VLAN component must be
|
|||
|
excluded from it.
|
|||
|
|
|||
|
A Bridge of the switch with CPU port architecture cannot comprise a
|
|||
|
Two-Port MAC Relay (TPMR) component as a TPMR component supports only a
|
|||
|
subset of the functionality of a MAC Bridge. A Bridge comprising two Ports
|
|||
|
(Management Port doesn't count) of this architecture will either function
|
|||
|
as a standard MAC Bridge or a standard VLAN Bridge.
|
|||
|
|
|||
|
Therefore, a Bridge of this architecture can only comprise S-VLAN
|
|||
|
components, C-VLAN components, or MAC Bridge components. Since there's no
|
|||
|
TPMR component, we don't need to relay PDUs using the destination addresses
|
|||
|
specified on the Nearest non-TPMR section, and the proportion of the
|
|||
|
Nearest Customer Bridge section where they must be relayed by TPMR
|
|||
|
components.
|
|||
|
|
|||
|
One option to trap link-local frames to CPU port is to add static FDB
|
|||
|
entries with CPU port designated as destination port. However, because that
|
|||
|
Independent VLAN Learning (IVL) is being used on every VID, each entry only
|
|||
|
applies to a single VLAN Identifier (VID). For a Bridge comprising a MAC
|
|||
|
Bridge component or a C-VLAN component, there would have to be 16 times
|
|||
|
4096 entries. This switch intellectual property can only hold a maximum of
|
|||
|
2048 entries. Using this option, there also isn't a mechanism to prevent
|
|||
|
link-local frames from being discarded when the spanning tree Port State of
|
|||
|
the reception Port is discarding.
|
|||
|
|
|||
|
The remaining option is to utilise the BPC, RGAC1, RGAC2, RGAC3, and RGAC4
|
|||
|
registers. Whilst this applies to every VID, it doesn't contain all of the
|
|||
|
reserved MAC addresses without affecting the remaining Standard Group MAC
|
|||
|
Addresses. The REV_UN frame tag utilised using the RGAC4 register covers
|
|||
|
the remaining 01-80-C2-00-00-[04,05,06,07,08,09,0A,0B,0C,0D,0F] destination
|
|||
|
addresses. It also includes the 01-80-C2-00-00-22 to 01-80-C2-00-00-FF
|
|||
|
destination addresses which may be relayed by MAC Bridges or VLAN Bridges.
|
|||
|
The latter option provides better but not complete conformance.
|
|||
|
|
|||
|
This switch intellectual property also does not provide a mechanism to trap
|
|||
|
link-local frames with specific destination addresses to CPU port by
|
|||
|
Bridge, to conform to the filtering rules for the distinct Bridge
|
|||
|
components.
|
|||
|
|
|||
|
Therefore, regardless of the type of the Bridge component, link-local
|
|||
|
frames with these destination addresses will be trapped to CPU port:
|
|||
|
|
|||
|
01-80-C2-00-00-[00,01,02,03,0E]
|
|||
|
|
|||
|
In a Bridge comprising a MAC Bridge component or a C-VLAN component:
|
|||
|
|
|||
|
Link-local frames with these destination addresses won't be trapped to
|
|||
|
CPU port which won't conform to IEEE Std 802.1Q-2022:
|
|||
|
|
|||
|
01-80-C2-00-00-[04,05,06,07,08,09,0A,0B,0C,0D,0F]
|
|||
|
|
|||
|
In a Bridge comprising an S-VLAN component:
|
|||
|
|
|||
|
Link-local frames with these destination addresses will be trapped to CPU
|
|||
|
port which won't conform to IEEE Std 802.1Q-2022:
|
|||
|
|
|||
|
01-80-C2-00-00-00
|
|||
|
|
|||
|
Link-local frames with these destination addresses won't be trapped to
|
|||
|
CPU port which won't conform to IEEE Std 802.1Q-2022:
|
|||
|
|
|||
|
01-80-C2-00-00-[04,05,06,07,08,09,0A]
|
|||
|
|
|||
|
Currently on this switch intellectual property, if the spanning tree Port
|
|||
|
State of the reception Port is discarding, link-local frames will be
|
|||
|
discarded.
|
|||
|
|
|||
|
To trap link-local frames regardless of the spanning tree Port State, make
|
|||
|
the switch regard them as Bridge Protocol Data Units (BPDUs). This switch
|
|||
|
intellectual property only lets the frames regarded as BPDUs bypass the
|
|||
|
spanning tree Port State function of the Forwarding Process.
|
|||
|
|
|||
|
With this change, the only remaining interference is the ingress rules.
|
|||
|
When the reception Port has no PVID assigned on software, VLAN-untagged
|
|||
|
frames won't be allowed in. There doesn't seem to be a mechanism on the
|
|||
|
switch intellectual property to have link-local frames bypass this function
|
|||
|
of the Forwarding Process.
|
|||
|
|
|||
|
Fixes: b8f126a8d543 ("net-next: dsa: add dsa support for Mediatek MT7530 switch")
|
|||
|
Reviewed-by: Daniel Golle <daniel@makrotopia.org>
|
|||
|
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
|
|||
|
---
|
|||
|
drivers/net/dsa/mt7530.c | 229 +++++++++++++++++++++++++++++++++------
|
|||
|
drivers/net/dsa/mt7530.h | 5 +
|
|||
|
2 files changed, 200 insertions(+), 34 deletions(-)
|
|||
|
|
|||
|
--- a/drivers/net/dsa/mt7530.c
|
|||
|
+++ b/drivers/net/dsa/mt7530.c
|
|||
|
@@ -943,20 +943,173 @@ static void mt7530_setup_port5(struct ds
|
|||
|
mutex_unlock(&priv->reg_mutex);
|
|||
|
}
|
|||
|
|
|||
|
-/* On page 205, section "8.6.3 Frame filtering" of the active standard, IEEE Std
|
|||
|
- * 802.1Q™-2022, it is stated that frames with 01:80:C2:00:00:00-0F as MAC DA
|
|||
|
- * must only be propagated to C-VLAN and MAC Bridge components. That means
|
|||
|
- * VLAN-aware and VLAN-unaware bridges. On the switch designs with CPU ports,
|
|||
|
- * these frames are supposed to be processed by the CPU (software). So we make
|
|||
|
- * the switch only forward them to the CPU port. And if received from a CPU
|
|||
|
- * port, forward to a single port. The software is responsible of making the
|
|||
|
- * switch conform to the latter by setting a single port as destination port on
|
|||
|
- * the special tag.
|
|||
|
- *
|
|||
|
- * This switch intellectual property cannot conform to this part of the standard
|
|||
|
- * fully. Whilst the REV_UN frame tag covers the remaining :04-0D and :0F MAC
|
|||
|
- * DAs, it also includes :22-FF which the scope of propagation is not supposed
|
|||
|
- * to be restricted for these MAC DAs.
|
|||
|
+/* In Clause 5 of IEEE Std 802-2014, two sublayers of the data link layer (DLL)
|
|||
|
+ * of the Open Systems Interconnection basic reference model (OSI/RM) are
|
|||
|
+ * described; the medium access control (MAC) and logical link control (LLC)
|
|||
|
+ * sublayers. The MAC sublayer is the one facing the physical layer.
|
|||
|
+ *
|
|||
|
+ * In 8.2 of IEEE Std 802.1Q-2022, the Bridge architecture is described. A
|
|||
|
+ * Bridge component comprises a MAC Relay Entity for interconnecting the Ports
|
|||
|
+ * of the Bridge, at least two Ports, and higher layer entities with at least a
|
|||
|
+ * Spanning Tree Protocol Entity included.
|
|||
|
+ *
|
|||
|
+ * Each Bridge Port also functions as an end station and shall provide the MAC
|
|||
|
+ * Service to an LLC Entity. Each instance of the MAC Service is provided to a
|
|||
|
+ * distinct LLC Entity that supports protocol identification, multiplexing, and
|
|||
|
+ * demultiplexing, for protocol data unit (PDU) transmission and reception by
|
|||
|
+ * one or more higher layer entities.
|
|||
|
+ *
|
|||
|
+ * It is described in 8.13.9 of IEEE Std 802.1Q-2022 that in a Bridge, the LLC
|
|||
|
+ * Entity associated with each Bridge Port is modeled as being directly
|
|||
|
+ * connected to the attached Local Area Network (LAN).
|
|||
|
+ *
|
|||
|
+ * On the switch with CPU port architecture, CPU port functions as Management
|
|||
|
+ * Port, and the Management Port functionality is provided by software which
|
|||
|
+ * functions as an end station. Software is connected to an IEEE 802 LAN that is
|
|||
|
+ * wholly contained within the system that incorporates the Bridge. Software
|
|||
|
+ * provides access to the LLC Entity associated with each Bridge Port by the
|
|||
|
+ * value of the source port field on the special tag on the frame received by
|
|||
|
+ * software.
|
|||
|
+ *
|
|||
|
+ * We call frames that carry control information to determine the active
|
|||
|
+ * topology and current extent of each Virtual Local Area Network (VLAN), i.e.,
|
|||
|
+ * spanning tree or Shortest Path Bridging (SPB) and Multiple VLAN Registration
|
|||
|
+ * Protocol Data Units (MVRPDUs), and frames from other link constrained
|
|||
|
+ * protocols, such as Extensible Authentication Protocol over LAN (EAPOL) and
|
|||
|
+ * Link Layer Discovery Protocol (LLDP), link-local frames. They are not
|
|||
|
+ * forwarded by a Bridge. Permanently configured entries in the filtering
|
|||
|
+ * database (FDB) ensure that such frames are discarded by the Forwarding
|
|||
|
+ * Process. In 8.6.3 of IEEE Std 802.1Q-2022, this is described in detail:
|
|||
|
+ *
|
|||
|
+ * Each of the reserved MAC addresses specified in Table 8-1
|
|||
|
+ * (01-80-C2-00-00-[00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F]) shall be
|
|||
|
+ * permanently configured in the FDB in C-VLAN components and ERs.
|
|||
|
+ *
|
|||
|
+ * Each of the reserved MAC addresses specified in Table 8-2
|
|||
|
+ * (01-80-C2-00-00-[01,02,03,04,05,06,07,08,09,0A,0E]) shall be permanently
|
|||
|
+ * configured in the FDB in S-VLAN components.
|
|||
|
+ *
|
|||
|
+ * Each of the reserved MAC addresses specified in Table 8-3
|
|||
|
+ * (01-80-C2-00-00-[01,02,04,0E]) shall be permanently configured in the FDB in
|
|||
|
+ * TPMR components.
|
|||
|
+ *
|
|||
|
+ * The FDB entries for reserved MAC addresses shall specify filtering for all
|
|||
|
+ * Bridge Ports and all VIDs. Management shall not provide the capability to
|
|||
|
+ * modify or remove entries for reserved MAC addresses.
|
|||
|
+ *
|
|||
|
+ * The addresses in Table 8-1, Table 8-2, and Table 8-3 determine the scope of
|
|||
|
+ * propagation of PDUs within a Bridged Network, as follows:
|
|||
|
+ *
|
|||
|
+ * The Nearest Bridge group address (01-80-C2-00-00-0E) is an address that no
|
|||
|
+ * conformant Two-Port MAC Relay (TPMR) component, Service VLAN (S-VLAN)
|
|||
|
+ * component, Customer VLAN (C-VLAN) component, or MAC Bridge can forward.
|
|||
|
+ * PDUs transmitted using this destination address, or any other addresses
|
|||
|
+ * that appear in Table 8-1, Table 8-2, and Table 8-3
|
|||
|
+ * (01-80-C2-00-00-[00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F]), can
|
|||
|
+ * therefore travel no further than those stations that can be reached via a
|
|||
|
+ * single individual LAN from the originating station.
|
|||
|
+ *
|
|||
|
+ * The Nearest non-TPMR Bridge group address (01-80-C2-00-00-03), is an
|
|||
|
+ * address that no conformant S-VLAN component, C-VLAN component, or MAC
|
|||
|
+ * Bridge can forward; however, this address is relayed by a TPMR component.
|
|||
|
+ * PDUs using this destination address, or any of the other addresses that
|
|||
|
+ * appear in both Table 8-1 and Table 8-2 but not in Table 8-3
|
|||
|
+ * (01-80-C2-00-00-[00,03,05,06,07,08,09,0A,0B,0C,0D,0F]), will be relayed by
|
|||
|
+ * any TPMRs but will propagate no further than the nearest S-VLAN component,
|
|||
|
+ * C-VLAN component, or MAC Bridge.
|
|||
|
+ *
|
|||
|
+ * The Nearest Customer Bridge group address (01-80-C2-00-00-00) is an address
|
|||
|
+ * that no conformant C-VLAN component, MAC Bridge can forward; however, it is
|
|||
|
+ * relayed by TPMR components and S-VLAN components. PDUs using this
|
|||
|
+ * destination address, or any of the other addresses that appear in Table 8-1
|
|||
|
+ * but not in either Table 8-2 or Table 8-3 (01-80-C2-00-00-[00,0B,0C,0D,0F]),
|
|||
|
+ * will be relayed by TPMR components and S-VLAN components but will propagate
|
|||
|
+ * no further than the nearest C-VLAN component or MAC Bridge.
|
|||
|
+ *
|
|||
|
+ * Because the LLC Entity associated with each Bridge Port is provided via CPU
|
|||
|
+ * port, we must not filter these frames but forward them to CPU port.
|
|||
|
+ *
|
|||
|
+ * In a Bridge, the transmission Port is majorly decided by ingress and egress
|
|||
|
+ * rules, FDB, and spanning tree Port State functions of the Forwarding Process.
|
|||
|
+ * For link-local frames, only CPU port should be designated as destination port
|
|||
|
+ * in the FDB, and the other functions of the Forwarding Process must not
|
|||
|
+ * interfere with the decision of the transmission Port. We call this process
|
|||
|
+ * trapping frames to CPU port.
|
|||
|
+ *
|
|||
|
+ * Therefore, on the switch with CPU port architecture, link-local frames must
|
|||
|
+ * be trapped to CPU port, and certain link-local frames received by a Port of a
|
|||
|
+ * Bridge comprising a TPMR component or an S-VLAN component must be excluded
|
|||
|
+ * from it.
|
|||
|
+ *
|
|||
|
+ * A Bridge of the switch with CPU port architecture cannot comprise a Two-Port
|
|||
|
+ * MAC Relay (TPMR) component as a TPMR component supports only a subset of the
|
|||
|
+ * functionality of a MAC Bridge. A Bridge comprising two Ports (Management Port
|
|||
|
+ * doesn't count) of this architecture will either function as a standard MAC
|
|||
|
+ * Bridge or a standard VLAN Bridge.
|
|||
|
+ *
|
|||
|
+ * Therefore, a Bridge of this architecture can only comprise S-VLAN components,
|
|||
|
+ * C-VLAN components, or MAC Bridge components. Since there's no TPMR component,
|
|||
|
+ * we don't need to relay PDUs using the destination addresses specified on the
|
|||
|
+ * Nearest non-TPMR section, and the proportion of the Nearest Customer Bridge
|
|||
|
+ * section where they must be relayed by TPMR components.
|
|||
|
+ *
|
|||
|
+ * One option to trap link-local frames to CPU port is to add static FDB entries
|
|||
|
+ * with CPU port designated as destination port. However, because that
|
|||
|
+ * Independent VLAN Learning (IVL) is being used on every VID, each entry only
|
|||
|
+ * applies to a single VLAN Identifier (VID). For a Bridge comprising a MAC
|
|||
|
+ * Bridge component or a C-VLAN component, there would have to be 16 times 4096
|
|||
|
+ * entries. This switch intellectual property can only hold a maximum of 2048
|
|||
|
+ * entries. Using this option, there also isn't a mechanism to prevent
|
|||
|
+ * link-local frames from being discarded when the spanning tree Port State of
|
|||
|
+ * the reception Port is discarding.
|
|||
|
+ *
|
|||
|
+ * The remaining option is to utilise the BPC, RGAC1, RGAC2, RGAC3, and RGAC4
|
|||
|
+ * registers. Whilst this applies to every VID, it doesn't contain all of the
|
|||
|
+ * reserved MAC addresses without affecting the remaining Standard Group MAC
|
|||
|
+ * Addresses. The REV_UN frame tag utilised using the RGAC4 register covers the
|
|||
|
+ * remaining 01-80-C2-00-00-[04,05,06,07,08,09,0A,0B,0C,0D,0F] destination
|
|||
|
+ * addresses. It also includes the 01-80-C2-00-00-22 to 01-80-C2-00-00-FF
|
|||
|
+ * destination addresses which may be relayed by MAC Bridges or VLAN Bridges.
|
|||
|
+ * The latter option provides better but not complete conformance.
|
|||
|
+ *
|
|||
|
+ * This switch intellectual property also does not provide a mechanism to trap
|
|||
|
+ * link-local frames with specific destination addresses to CPU port by Bridge,
|
|||
|
+ * to conform to the filtering rules for the distinct Bridge components.
|
|||
|
+ *
|
|||
|
+ * Therefore, regardless of the type of the Bridge component, link-local frames
|
|||
|
+ * with these destination addresses will be trapped to CPU port:
|
|||
|
+ *
|
|||
|
+ * 01-80-C2-00-00-[00,01,02,03,0E]
|
|||
|
+ *
|
|||
|
+ * In a Bridge comprising a MAC Bridge component or a C-VLAN component:
|
|||
|
+ *
|
|||
|
+ * Link-local frames with these destination addresses won't be trapped to CPU
|
|||
|
+ * port which won't conform to IEEE Std 802.1Q-2022:
|
|||
|
+ *
|
|||
|
+ * 01-80-C2-00-00-[04,05,06,07,08,09,0A,0B,0C,0D,0F]
|
|||
|
+ *
|
|||
|
+ * In a Bridge comprising an S-VLAN component:
|
|||
|
+ *
|
|||
|
+ * Link-local frames with these destination addresses will be trapped to CPU
|
|||
|
+ * port which won't conform to IEEE Std 802.1Q-2022:
|
|||
|
+ *
|
|||
|
+ * 01-80-C2-00-00-00
|
|||
|
+ *
|
|||
|
+ * Link-local frames with these destination addresses won't be trapped to CPU
|
|||
|
+ * port which won't conform to IEEE Std 802.1Q-2022:
|
|||
|
+ *
|
|||
|
+ * 01-80-C2-00-00-[04,05,06,07,08,09,0A]
|
|||
|
+ *
|
|||
|
+ * To trap link-local frames to CPU port as conformant as this switch
|
|||
|
+ * intellectual property can allow, link-local frames are made to be regarded as
|
|||
|
+ * Bridge Protocol Data Units (BPDUs). This is because this switch intellectual
|
|||
|
+ * property only lets the frames regarded as BPDUs bypass the spanning tree Port
|
|||
|
+ * State function of the Forwarding Process.
|
|||
|
+ *
|
|||
|
+ * The only remaining interference is the ingress rules. When the reception Port
|
|||
|
+ * has no PVID assigned on software, VLAN-untagged frames won't be allowed in.
|
|||
|
+ * There doesn't seem to be a mechanism on the switch intellectual property to
|
|||
|
+ * have link-local frames bypass this function of the Forwarding Process.
|
|||
|
*/
|
|||
|
static void
|
|||
|
mt753x_trap_frames(struct mt7530_priv *priv)
|
|||
|
@@ -964,35 +1117,43 @@ mt753x_trap_frames(struct mt7530_priv *p
|
|||
|
/* Trap 802.1X PAE frames and BPDUs to the CPU port(s) and egress them
|
|||
|
* VLAN-untagged.
|
|||
|
*/
|
|||
|
- mt7530_rmw(priv, MT753X_BPC, MT753X_PAE_EG_TAG_MASK |
|
|||
|
- MT753X_PAE_PORT_FW_MASK | MT753X_BPDU_EG_TAG_MASK |
|
|||
|
- MT753X_BPDU_PORT_FW_MASK,
|
|||
|
- MT753X_PAE_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
- MT753X_PAE_PORT_FW(MT753X_BPDU_CPU_ONLY) |
|
|||
|
- MT753X_BPDU_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
- MT753X_BPDU_CPU_ONLY);
|
|||
|
+ mt7530_rmw(priv, MT753X_BPC,
|
|||
|
+ MT753X_PAE_BPDU_FR | MT753X_PAE_EG_TAG_MASK |
|
|||
|
+ MT753X_PAE_PORT_FW_MASK | MT753X_BPDU_EG_TAG_MASK |
|
|||
|
+ MT753X_BPDU_PORT_FW_MASK,
|
|||
|
+ MT753X_PAE_BPDU_FR |
|
|||
|
+ MT753X_PAE_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
+ MT753X_PAE_PORT_FW(MT753X_BPDU_CPU_ONLY) |
|
|||
|
+ MT753X_BPDU_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
+ MT753X_BPDU_CPU_ONLY);
|
|||
|
|
|||
|
/* Trap frames with :01 and :02 MAC DAs to the CPU port(s) and egress
|
|||
|
* them VLAN-untagged.
|
|||
|
*/
|
|||
|
- mt7530_rmw(priv, MT753X_RGAC1, MT753X_R02_EG_TAG_MASK |
|
|||
|
- MT753X_R02_PORT_FW_MASK | MT753X_R01_EG_TAG_MASK |
|
|||
|
- MT753X_R01_PORT_FW_MASK,
|
|||
|
- MT753X_R02_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
- MT753X_R02_PORT_FW(MT753X_BPDU_CPU_ONLY) |
|
|||
|
- MT753X_R01_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
- MT753X_BPDU_CPU_ONLY);
|
|||
|
+ mt7530_rmw(priv, MT753X_RGAC1,
|
|||
|
+ MT753X_R02_BPDU_FR | MT753X_R02_EG_TAG_MASK |
|
|||
|
+ MT753X_R02_PORT_FW_MASK | MT753X_R01_BPDU_FR |
|
|||
|
+ MT753X_R01_EG_TAG_MASK | MT753X_R01_PORT_FW_MASK,
|
|||
|
+ MT753X_R02_BPDU_FR |
|
|||
|
+ MT753X_R02_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
+ MT753X_R02_PORT_FW(MT753X_BPDU_CPU_ONLY) |
|
|||
|
+ MT753X_R01_BPDU_FR |
|
|||
|
+ MT753X_R01_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
+ MT753X_BPDU_CPU_ONLY);
|
|||
|
|
|||
|
/* Trap frames with :03 and :0E MAC DAs to the CPU port(s) and egress
|
|||
|
* them VLAN-untagged.
|
|||
|
*/
|
|||
|
- mt7530_rmw(priv, MT753X_RGAC2, MT753X_R0E_EG_TAG_MASK |
|
|||
|
- MT753X_R0E_PORT_FW_MASK | MT753X_R03_EG_TAG_MASK |
|
|||
|
- MT753X_R03_PORT_FW_MASK,
|
|||
|
- MT753X_R0E_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
- MT753X_R0E_PORT_FW(MT753X_BPDU_CPU_ONLY) |
|
|||
|
- MT753X_R03_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
- MT753X_BPDU_CPU_ONLY);
|
|||
|
+ mt7530_rmw(priv, MT753X_RGAC2,
|
|||
|
+ MT753X_R0E_BPDU_FR | MT753X_R0E_EG_TAG_MASK |
|
|||
|
+ MT753X_R0E_PORT_FW_MASK | MT753X_R03_BPDU_FR |
|
|||
|
+ MT753X_R03_EG_TAG_MASK | MT753X_R03_PORT_FW_MASK,
|
|||
|
+ MT753X_R0E_BPDU_FR |
|
|||
|
+ MT753X_R0E_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
+ MT753X_R0E_PORT_FW(MT753X_BPDU_CPU_ONLY) |
|
|||
|
+ MT753X_R03_BPDU_FR |
|
|||
|
+ MT753X_R03_EG_TAG(MT7530_VLAN_EG_UNTAGGED) |
|
|||
|
+ MT753X_BPDU_CPU_ONLY);
|
|||
|
}
|
|||
|
|
|||
|
static void
|
|||
|
--- a/drivers/net/dsa/mt7530.h
|
|||
|
+++ b/drivers/net/dsa/mt7530.h
|
|||
|
@@ -65,6 +65,7 @@ enum mt753x_id {
|
|||
|
|
|||
|
/* Registers for BPDU and PAE frame control*/
|
|||
|
#define MT753X_BPC 0x24
|
|||
|
+#define MT753X_PAE_BPDU_FR BIT(25)
|
|||
|
#define MT753X_PAE_EG_TAG_MASK GENMASK(24, 22)
|
|||
|
#define MT753X_PAE_EG_TAG(x) FIELD_PREP(MT753X_PAE_EG_TAG_MASK, x)
|
|||
|
#define MT753X_PAE_PORT_FW_MASK GENMASK(18, 16)
|
|||
|
@@ -75,20 +76,24 @@ enum mt753x_id {
|
|||
|
|
|||
|
/* Register for :01 and :02 MAC DA frame control */
|
|||
|
#define MT753X_RGAC1 0x28
|
|||
|
+#define MT753X_R02_BPDU_FR BIT(25)
|
|||
|
#define MT753X_R02_EG_TAG_MASK GENMASK(24, 22)
|
|||
|
#define MT753X_R02_EG_TAG(x) FIELD_PREP(MT753X_R02_EG_TAG_MASK, x)
|
|||
|
#define MT753X_R02_PORT_FW_MASK GENMASK(18, 16)
|
|||
|
#define MT753X_R02_PORT_FW(x) FIELD_PREP(MT753X_R02_PORT_FW_MASK, x)
|
|||
|
+#define MT753X_R01_BPDU_FR BIT(9)
|
|||
|
#define MT753X_R01_EG_TAG_MASK GENMASK(8, 6)
|
|||
|
#define MT753X_R01_EG_TAG(x) FIELD_PREP(MT753X_R01_EG_TAG_MASK, x)
|
|||
|
#define MT753X_R01_PORT_FW_MASK GENMASK(2, 0)
|
|||
|
|
|||
|
/* Register for :03 and :0E MAC DA frame control */
|
|||
|
#define MT753X_RGAC2 0x2c
|
|||
|
+#define MT753X_R0E_BPDU_FR BIT(25)
|
|||
|
#define MT753X_R0E_EG_TAG_MASK GENMASK(24, 22)
|
|||
|
#define MT753X_R0E_EG_TAG(x) FIELD_PREP(MT753X_R0E_EG_TAG_MASK, x)
|
|||
|
#define MT753X_R0E_PORT_FW_MASK GENMASK(18, 16)
|
|||
|
#define MT753X_R0E_PORT_FW(x) FIELD_PREP(MT753X_R0E_PORT_FW_MASK, x)
|
|||
|
+#define MT753X_R03_BPDU_FR BIT(9)
|
|||
|
#define MT753X_R03_EG_TAG_MASK GENMASK(8, 6)
|
|||
|
#define MT753X_R03_EG_TAG(x) FIELD_PREP(MT753X_R03_EG_TAG_MASK, x)
|
|||
|
#define MT753X_R03_PORT_FW_MASK GENMASK(2, 0)
|