On 2/10/2021 1:14 AM, Vladimir Oltean wrote: > From: Vladimir Oltean <vladimir.oltean@xxxxxxx> > > For a DSA switch port operating in standalone mode, address learning > doesn't make much sense since that is a bridge function. In fact, > address learning even breaks setups such as this one: > > +---------------------------------------------+ > | | > | +-------------------+ | > | | br0 | send receive | > | +--------+-+--------+ +--------+ +--------+ | > | | | | | | | | | | > | | swp0 | | swp1 | | swp2 | | swp3 | | > | | | | | | | | | | > +-+--------+-+--------+-+--------+-+--------+-+ > | ^ | ^ > | | | | > | +-----------+ | > | | > +--------------------------------+ > > because if the switch has a single FDB (can offload a single bridge) > then source address learning on swp3 can "steal" the source MAC address > of swp2 from br0's FDB, because learning frames coming from swp2 will be > done twice: first on the swp1 ingress port, second on the swp3 ingress > port. So the hardware FDB will become out of sync with the software > bridge, and when swp2 tries to send one more packet towards swp1, the > ASIC will attempt to short-circuit the forwarding path and send it > directly to swp3 (since that's the last port it learned that address on), > which it obviously can't, because swp3 operates in standalone mode. > > So DSA drivers operating in standalone mode should still configure a > list of bridge port flags even when they are standalone. Currently DSA > attempts to call dsa_port_bridge_flags with 0, which disables egress > flooding of unknown unicast and multicast, something which doesn't make > much sense. For the switches that implement .port_egress_floods - b53 > and mv88e6xxx, it probably doesn't matter too much either, since they > can possibly inject traffic from the CPU into a standalone port, > regardless of MAC DA, even if egress flooding is turned off for that > port, but certainly not all DSA switches can do that - sja1105, for > example, can't. So it makes sense to use a better common default there, > such as "flood everything". > > It should also be noted that what DSA calls "dsa_port_bridge_flags()" > is a degenerate name for just calling .port_egress_floods(), since > nothing else is implemented - not learning, in particular. But disabling > address learning, something that this driver is also coding up for, will > be supported by individual drivers once .port_egress_floods is replaced > with a more generic .port_bridge_flags. > > Previous attempts to code up this logic have been in the common bridge > layer, but as pointed out by Ido Schimmel, there are corner cases that > are missed when doing that: > https://patchwork.kernel.org/project/netdevbpf/patch/20210209151936.97382-5-olteanv@xxxxxxxxx/ > > So, at least for now, let's leave DSA in charge of setting port flags > before and after the bridge join and leave. > > Signed-off-by: Vladimir Oltean <vladimir.oltean@xxxxxxx> Reviewed-by: Florian Fainelli <f.fainelli@xxxxxxxxx> -- Florian
