• Vladimir Oltean's avatar
    net: mscc: ocelot: add the local station MAC addresses in VID 0 · bfbab310
    Vladimir Oltean authored
    The ocelot switchdev driver does not include the CPU port in the list of
    flooding destinations for unknown traffic, instead that traffic is
    supposed to match FDB entries to reach the CPU.
    
    The addresses it installs are:
    (a) the station MAC address, in ocelot_probe_port() and later during
        runtime in ocelot_port_set_mac_address(). These are the VLAN-unaware
        addresses. The VLAN-aware addresses are in ocelot_vlan_vid_add().
    (b) multicast addresses added with dev_mc_add() (not bridge host MDB
        entries) in ocelot_mc_sync()
    (c) multicast destination MAC addresses for MRP in ocelot_mrp_save_mac(),
        to make sure those are dropped (not forwarded) by the bridging
        service, just trapped to the CPU
    
    So we can see that the logic is slightly buggy ever since the initial
    commit a556c76a ("net: mscc: Add initial Ocelot switch support").
    This is because, when ocelot_probe_port() runs, the port pvid is 0.
    Then we join a VLAN-aware bridge, the pvid becomes 1, we call
    ocelot_port_set_mac_address(), this learns the new MAC address in VID 1
    (also fails to forget the old one, since it thinks it's in VID 1, but
    that's not so important). Then when we leave the VLAN-aware bridge,
    outside world is unable to ping our new MAC address because it isn't
    learned in VID 0, the VLAN-unaware pvid.
    
    [ note: this is strictly based on static analysis, I don't have hardware
      to test. But there are also many more corner cases ]
    
    The basic idea is that we should have a separation of concerns, and the
    FDB entries used for standalone operation should be managed by the
    driver, and the FDB entries used by the bridging service should be
    managed by the bridge. So the standalone and VLAN-unaware bridge FDB
    entries should not follow the bridge PVID, because that will only be
    active when the bridge is VLAN-aware. So since the port pvid is
    coincidentally zero during probe time, just make those entries
    statically go to VID 0.
    Signed-off-by: default avatarVladimir Oltean <vladimir.oltean@nxp.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    bfbab310
ocelot.c 63.1 KB