forked from Minki/linux
58799865be
The dsa framework has optional .port_mdb_{prepare,add,del} callback fields
for drivers to handle multicast database entries. When adding an entry, the
framework goes through a prepare phase, then a commit phase. Drivers not
providing these callbacks should be detected in the prepare phase.
DSA core may still bypass the bridge layer and call the dsa_port_mdb_add
function directly with no prepare phase or no switchdev trans object,
and the framework ends up calling an undefined .port_mdb_add callback.
This results in a NULL pointer dereference, as shown in the log below.
The other functions seem to be properly guarded. Do the same for
.port_mdb_add in dsa_switch_mdb_add_bitmap() as well.
8<--- cut here ---
Unable to handle kernel NULL pointer dereference at virtual address 00000000
pgd = (ptrval)
[00000000] *pgd=00000000
Internal error: Oops: 80000005 [#1] SMP ARM
Modules linked in: rtl8xxxu rtl8192cu rtl_usb rtl8192c_common rtlwifi mac80211 cfg80211
CPU: 1 PID: 134 Comm: kworker/1:2 Not tainted 5.3.0-rc1-00247-gd3519030752a #1
Hardware name: Allwinner sun7i (A20) Family
Workqueue: events switchdev_deferred_process_work
PC is at 0x0
LR is at dsa_switch_event+0x570/0x620
pc : [<00000000>] lr : [<c08533ec>] psr: 80070013
sp : ee871db8 ip : 00000000 fp : ee98d0a4
r10: 0000000c r9 : 00000008 r8 : ee89f710
r7 : ee98d040 r6 : ee98d088 r5 : c0f04c48 r4 : ee98d04c
r3 : 00000000 r2 : ee89f710 r1 : 00000008 r0 : ee98d040
Flags: Nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none
Control: 10c5387d Table: 6deb406a DAC: 00000051
Process kworker/1:2 (pid: 134, stack limit = 0x(ptrval))
Stack: (0xee871db8 to 0xee872000)
1da0: ee871e14 103ace2d
1dc0: 00000000 ffffffff 00000000 ee871e14 00000005 00000000 c08524a0 00000000
1de0: ffffe000 c014bdfc c0f04c48 ee871e98 c0f04c48 ee9e5000 c0851120 c014bef0
1e00: 00000000 b643aea2 ee9b4068 c08509a8 ee2bf940 ee89f710 ee871ecb 00000000
1e20: 00000008 103ace2d 00000000 c087e248 ee29c868 103ace2d 00000001 ffffffff
1e40: 00000000 ee871e98 00000006 00000000 c0fb2a50 c087e2d0 ffffffff c08523c4
1e60: ffffffff c014bdfc 00000006 c0fad2d0 ee871e98 ee89f710 00000000 c014c500
1e80: 00000000 ee89f3c0 c0f04c48 00000000 ee9e5000 c087dfb4 ee9e5000 00000000
1ea0: ee89f710 ee871ecb 00000001 103ace2d 00000000 c0f04c48 00000000 c087e0a8
1ec0: 00000000 efd9a3e0 0089f3c0 103ace2d ee89f700 ee89f710 ee9e5000 00000122
1ee0: 00000100 c087e130 ee89f700 c0fad2c8 c1003ef0 c087de4c 2e928000 c0fad2ec
1f00: c0fad2ec ee839580 ef7a62c0 ef7a9400 00000000 c087def8 c0fad2ec c01447dc
1f20: ef315640 ef7a62c0 00000008 ee839580 ee839594 ef7a62c0 00000008 c0f03d00
1f40: ef7a62d8 ef7a62c0 ffffe000 c0145b84 ffffe000 c0fb2420 c0bfaa8c 00000000
1f60: ffffe000 ee84b600 ee84b5c0 00000000 ee870000 ee839580 c0145b40 ef0e5ea4
1f80: ee84b61c c014a6f8 00000001 ee84b5c0 c014a5b0 00000000 00000000 00000000
1fa0: 00000000 00000000 00000000 c01010e8 00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000
[<c08533ec>] (dsa_switch_event) from [<c014bdfc>] (notifier_call_chain+0x48/0x84)
[<c014bdfc>] (notifier_call_chain) from [<c014bef0>] (raw_notifier_call_chain+0x18/0x20)
[<c014bef0>] (raw_notifier_call_chain) from [<c08509a8>] (dsa_port_mdb_add+0x48/0x74)
[<c08509a8>] (dsa_port_mdb_add) from [<c087e248>] (__switchdev_handle_port_obj_add+0x54/0xd4)
[<c087e248>] (__switchdev_handle_port_obj_add) from [<c087e2d0>] (switchdev_handle_port_obj_add+0x8/0x14)
[<c087e2d0>] (switchdev_handle_port_obj_add) from [<c08523c4>] (dsa_slave_switchdev_blocking_event+0x94/0xa4)
[<c08523c4>] (dsa_slave_switchdev_blocking_event) from [<c014bdfc>] (notifier_call_chain+0x48/0x84)
[<c014bdfc>] (notifier_call_chain) from [<c014c500>] (blocking_notifier_call_chain+0x50/0x68)
[<c014c500>] (blocking_notifier_call_chain) from [<c087dfb4>] (switchdev_port_obj_notify+0x44/0xa8)
[<c087dfb4>] (switchdev_port_obj_notify) from [<c087e0a8>] (switchdev_port_obj_add_now+0x90/0x104)
[<c087e0a8>] (switchdev_port_obj_add_now) from [<c087e130>] (switchdev_port_obj_add_deferred+0x14/0x5c)
[<c087e130>] (switchdev_port_obj_add_deferred) from [<c087de4c>] (switchdev_deferred_process+0x64/0x104)
[<c087de4c>] (switchdev_deferred_process) from [<c087def8>] (switchdev_deferred_process_work+0xc/0x14)
[<c087def8>] (switchdev_deferred_process_work) from [<c01447dc>] (process_one_work+0x218/0x50c)
[<c01447dc>] (process_one_work) from [<c0145b84>] (worker_thread+0x44/0x5bc)
[<c0145b84>] (worker_thread) from [<c014a6f8>] (kthread+0x148/0x150)
[<c014a6f8>] (kthread) from [<c01010e8>] (ret_from_fork+0x14/0x2c)
Exception stack(0xee871fb0 to 0xee871ff8)
1fa0: 00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
Code: bad PC value
---[ end trace 1292c61abd17b130 ]---
[<c08533ec>] (dsa_switch_event) from [<c014bdfc>] (notifier_call_chain+0x48/0x84)
corresponds to
$ arm-linux-gnueabihf-addr2line -C -i -e vmlinux c08533ec
linux/net/dsa/switch.c:156
linux/net/dsa/switch.c:178
linux/net/dsa/switch.c:328
Fixes: e6db98db8a ("net: dsa: add switch mdb bitmap functions")
Signed-off-by: Chen-Yu Tsai <wens@csie.org>
Reviewed-by: Vivien Didelot <vivien.didelot@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
373 lines
9.4 KiB
C
373 lines
9.4 KiB
C
// SPDX-License-Identifier: GPL-2.0-or-later
|
|
/*
|
|
* Handling of a single switch chip, part of a switch fabric
|
|
*
|
|
* Copyright (c) 2017 Savoir-faire Linux Inc.
|
|
* Vivien Didelot <vivien.didelot@savoirfairelinux.com>
|
|
*/
|
|
|
|
#include <linux/if_bridge.h>
|
|
#include <linux/netdevice.h>
|
|
#include <linux/notifier.h>
|
|
#include <linux/if_vlan.h>
|
|
#include <net/switchdev.h>
|
|
|
|
#include "dsa_priv.h"
|
|
|
|
static unsigned int dsa_switch_fastest_ageing_time(struct dsa_switch *ds,
|
|
unsigned int ageing_time)
|
|
{
|
|
int i;
|
|
|
|
for (i = 0; i < ds->num_ports; ++i) {
|
|
struct dsa_port *dp = &ds->ports[i];
|
|
|
|
if (dp->ageing_time && dp->ageing_time < ageing_time)
|
|
ageing_time = dp->ageing_time;
|
|
}
|
|
|
|
return ageing_time;
|
|
}
|
|
|
|
static int dsa_switch_ageing_time(struct dsa_switch *ds,
|
|
struct dsa_notifier_ageing_time_info *info)
|
|
{
|
|
unsigned int ageing_time = info->ageing_time;
|
|
struct switchdev_trans *trans = info->trans;
|
|
|
|
if (switchdev_trans_ph_prepare(trans)) {
|
|
if (ds->ageing_time_min && ageing_time < ds->ageing_time_min)
|
|
return -ERANGE;
|
|
if (ds->ageing_time_max && ageing_time > ds->ageing_time_max)
|
|
return -ERANGE;
|
|
return 0;
|
|
}
|
|
|
|
/* Program the fastest ageing time in case of multiple bridges */
|
|
ageing_time = dsa_switch_fastest_ageing_time(ds, ageing_time);
|
|
|
|
if (ds->ops->set_ageing_time)
|
|
return ds->ops->set_ageing_time(ds, ageing_time);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int dsa_switch_bridge_join(struct dsa_switch *ds,
|
|
struct dsa_notifier_bridge_info *info)
|
|
{
|
|
if (ds->index == info->sw_index && ds->ops->port_bridge_join)
|
|
return ds->ops->port_bridge_join(ds, info->port, info->br);
|
|
|
|
if (ds->index != info->sw_index && ds->ops->crosschip_bridge_join)
|
|
return ds->ops->crosschip_bridge_join(ds, info->sw_index,
|
|
info->port, info->br);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int dsa_switch_bridge_leave(struct dsa_switch *ds,
|
|
struct dsa_notifier_bridge_info *info)
|
|
{
|
|
bool unset_vlan_filtering = br_vlan_enabled(info->br);
|
|
int err, i;
|
|
|
|
if (ds->index == info->sw_index && ds->ops->port_bridge_leave)
|
|
ds->ops->port_bridge_leave(ds, info->port, info->br);
|
|
|
|
if (ds->index != info->sw_index && ds->ops->crosschip_bridge_leave)
|
|
ds->ops->crosschip_bridge_leave(ds, info->sw_index, info->port,
|
|
info->br);
|
|
|
|
/* If the bridge was vlan_filtering, the bridge core doesn't trigger an
|
|
* event for changing vlan_filtering setting upon slave ports leaving
|
|
* it. That is a good thing, because that lets us handle it and also
|
|
* handle the case where the switch's vlan_filtering setting is global
|
|
* (not per port). When that happens, the correct moment to trigger the
|
|
* vlan_filtering callback is only when the last port left this bridge.
|
|
*/
|
|
if (unset_vlan_filtering && ds->vlan_filtering_is_global) {
|
|
for (i = 0; i < ds->num_ports; i++) {
|
|
if (i == info->port)
|
|
continue;
|
|
if (dsa_to_port(ds, i)->bridge_dev == info->br) {
|
|
unset_vlan_filtering = false;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
if (unset_vlan_filtering) {
|
|
struct switchdev_trans trans = {0};
|
|
|
|
err = dsa_port_vlan_filtering(&ds->ports[info->port],
|
|
false, &trans);
|
|
if (err && err != EOPNOTSUPP)
|
|
return err;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
static int dsa_switch_fdb_add(struct dsa_switch *ds,
|
|
struct dsa_notifier_fdb_info *info)
|
|
{
|
|
int port = dsa_towards_port(ds, info->sw_index, info->port);
|
|
|
|
if (!ds->ops->port_fdb_add)
|
|
return -EOPNOTSUPP;
|
|
|
|
return ds->ops->port_fdb_add(ds, port, info->addr, info->vid);
|
|
}
|
|
|
|
static int dsa_switch_fdb_del(struct dsa_switch *ds,
|
|
struct dsa_notifier_fdb_info *info)
|
|
{
|
|
int port = dsa_towards_port(ds, info->sw_index, info->port);
|
|
|
|
if (!ds->ops->port_fdb_del)
|
|
return -EOPNOTSUPP;
|
|
|
|
return ds->ops->port_fdb_del(ds, port, info->addr, info->vid);
|
|
}
|
|
|
|
static int
|
|
dsa_switch_mdb_prepare_bitmap(struct dsa_switch *ds,
|
|
const struct switchdev_obj_port_mdb *mdb,
|
|
const unsigned long *bitmap)
|
|
{
|
|
int port, err;
|
|
|
|
if (!ds->ops->port_mdb_prepare || !ds->ops->port_mdb_add)
|
|
return -EOPNOTSUPP;
|
|
|
|
for_each_set_bit(port, bitmap, ds->num_ports) {
|
|
err = ds->ops->port_mdb_prepare(ds, port, mdb);
|
|
if (err)
|
|
return err;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void dsa_switch_mdb_add_bitmap(struct dsa_switch *ds,
|
|
const struct switchdev_obj_port_mdb *mdb,
|
|
const unsigned long *bitmap)
|
|
{
|
|
int port;
|
|
|
|
if (!ds->ops->port_mdb_add)
|
|
return;
|
|
|
|
for_each_set_bit(port, bitmap, ds->num_ports)
|
|
ds->ops->port_mdb_add(ds, port, mdb);
|
|
}
|
|
|
|
static int dsa_switch_mdb_add(struct dsa_switch *ds,
|
|
struct dsa_notifier_mdb_info *info)
|
|
{
|
|
const struct switchdev_obj_port_mdb *mdb = info->mdb;
|
|
struct switchdev_trans *trans = info->trans;
|
|
int port;
|
|
|
|
/* Build a mask of Multicast group members */
|
|
bitmap_zero(ds->bitmap, ds->num_ports);
|
|
if (ds->index == info->sw_index)
|
|
set_bit(info->port, ds->bitmap);
|
|
for (port = 0; port < ds->num_ports; port++)
|
|
if (dsa_is_dsa_port(ds, port))
|
|
set_bit(port, ds->bitmap);
|
|
|
|
if (switchdev_trans_ph_prepare(trans))
|
|
return dsa_switch_mdb_prepare_bitmap(ds, mdb, ds->bitmap);
|
|
|
|
dsa_switch_mdb_add_bitmap(ds, mdb, ds->bitmap);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int dsa_switch_mdb_del(struct dsa_switch *ds,
|
|
struct dsa_notifier_mdb_info *info)
|
|
{
|
|
const struct switchdev_obj_port_mdb *mdb = info->mdb;
|
|
|
|
if (!ds->ops->port_mdb_del)
|
|
return -EOPNOTSUPP;
|
|
|
|
if (ds->index == info->sw_index)
|
|
return ds->ops->port_mdb_del(ds, info->port, mdb);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int dsa_port_vlan_device_check(struct net_device *vlan_dev,
|
|
int vlan_dev_vid,
|
|
void *arg)
|
|
{
|
|
struct switchdev_obj_port_vlan *vlan = arg;
|
|
u16 vid;
|
|
|
|
for (vid = vlan->vid_begin; vid <= vlan->vid_end; ++vid) {
|
|
if (vid == vlan_dev_vid)
|
|
return -EBUSY;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int dsa_port_vlan_check(struct dsa_switch *ds, int port,
|
|
const struct switchdev_obj_port_vlan *vlan)
|
|
{
|
|
const struct dsa_port *dp = dsa_to_port(ds, port);
|
|
int err = 0;
|
|
|
|
/* Device is not bridged, let it proceed with the VLAN device
|
|
* creation.
|
|
*/
|
|
if (!dp->bridge_dev)
|
|
return err;
|
|
|
|
/* dsa_slave_vlan_rx_{add,kill}_vid() cannot use the prepare phase and
|
|
* already checks whether there is an overlapping bridge VLAN entry
|
|
* with the same VID, so here we only need to check that if we are
|
|
* adding a bridge VLAN entry there is not an overlapping VLAN device
|
|
* claiming that VID.
|
|
*/
|
|
return vlan_for_each(dp->slave, dsa_port_vlan_device_check,
|
|
(void *)vlan);
|
|
}
|
|
|
|
static int
|
|
dsa_switch_vlan_prepare_bitmap(struct dsa_switch *ds,
|
|
const struct switchdev_obj_port_vlan *vlan,
|
|
const unsigned long *bitmap)
|
|
{
|
|
int port, err;
|
|
|
|
if (!ds->ops->port_vlan_prepare || !ds->ops->port_vlan_add)
|
|
return -EOPNOTSUPP;
|
|
|
|
for_each_set_bit(port, bitmap, ds->num_ports) {
|
|
err = dsa_port_vlan_check(ds, port, vlan);
|
|
if (err)
|
|
return err;
|
|
|
|
err = ds->ops->port_vlan_prepare(ds, port, vlan);
|
|
if (err)
|
|
return err;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
dsa_switch_vlan_add_bitmap(struct dsa_switch *ds,
|
|
const struct switchdev_obj_port_vlan *vlan,
|
|
const unsigned long *bitmap)
|
|
{
|
|
int port;
|
|
|
|
for_each_set_bit(port, bitmap, ds->num_ports)
|
|
ds->ops->port_vlan_add(ds, port, vlan);
|
|
}
|
|
|
|
static int dsa_switch_vlan_add(struct dsa_switch *ds,
|
|
struct dsa_notifier_vlan_info *info)
|
|
{
|
|
const struct switchdev_obj_port_vlan *vlan = info->vlan;
|
|
struct switchdev_trans *trans = info->trans;
|
|
int port;
|
|
|
|
/* Build a mask of VLAN members */
|
|
bitmap_zero(ds->bitmap, ds->num_ports);
|
|
if (ds->index == info->sw_index)
|
|
set_bit(info->port, ds->bitmap);
|
|
for (port = 0; port < ds->num_ports; port++)
|
|
if (dsa_is_cpu_port(ds, port) || dsa_is_dsa_port(ds, port))
|
|
set_bit(port, ds->bitmap);
|
|
|
|
if (switchdev_trans_ph_prepare(trans))
|
|
return dsa_switch_vlan_prepare_bitmap(ds, vlan, ds->bitmap);
|
|
|
|
dsa_switch_vlan_add_bitmap(ds, vlan, ds->bitmap);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int dsa_switch_vlan_del(struct dsa_switch *ds,
|
|
struct dsa_notifier_vlan_info *info)
|
|
{
|
|
const struct switchdev_obj_port_vlan *vlan = info->vlan;
|
|
|
|
if (!ds->ops->port_vlan_del)
|
|
return -EOPNOTSUPP;
|
|
|
|
if (ds->index == info->sw_index)
|
|
return ds->ops->port_vlan_del(ds, info->port, vlan);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int dsa_switch_event(struct notifier_block *nb,
|
|
unsigned long event, void *info)
|
|
{
|
|
struct dsa_switch *ds = container_of(nb, struct dsa_switch, nb);
|
|
int err;
|
|
|
|
switch (event) {
|
|
case DSA_NOTIFIER_AGEING_TIME:
|
|
err = dsa_switch_ageing_time(ds, info);
|
|
break;
|
|
case DSA_NOTIFIER_BRIDGE_JOIN:
|
|
err = dsa_switch_bridge_join(ds, info);
|
|
break;
|
|
case DSA_NOTIFIER_BRIDGE_LEAVE:
|
|
err = dsa_switch_bridge_leave(ds, info);
|
|
break;
|
|
case DSA_NOTIFIER_FDB_ADD:
|
|
err = dsa_switch_fdb_add(ds, info);
|
|
break;
|
|
case DSA_NOTIFIER_FDB_DEL:
|
|
err = dsa_switch_fdb_del(ds, info);
|
|
break;
|
|
case DSA_NOTIFIER_MDB_ADD:
|
|
err = dsa_switch_mdb_add(ds, info);
|
|
break;
|
|
case DSA_NOTIFIER_MDB_DEL:
|
|
err = dsa_switch_mdb_del(ds, info);
|
|
break;
|
|
case DSA_NOTIFIER_VLAN_ADD:
|
|
err = dsa_switch_vlan_add(ds, info);
|
|
break;
|
|
case DSA_NOTIFIER_VLAN_DEL:
|
|
err = dsa_switch_vlan_del(ds, info);
|
|
break;
|
|
default:
|
|
err = -EOPNOTSUPP;
|
|
break;
|
|
}
|
|
|
|
/* Non-switchdev operations cannot be rolled back. If a DSA driver
|
|
* returns an error during the chained call, switch chips may be in an
|
|
* inconsistent state.
|
|
*/
|
|
if (err)
|
|
dev_dbg(ds->dev, "breaking chain for DSA event %lu (%d)\n",
|
|
event, err);
|
|
|
|
return notifier_from_errno(err);
|
|
}
|
|
|
|
int dsa_switch_register_notifier(struct dsa_switch *ds)
|
|
{
|
|
ds->nb.notifier_call = dsa_switch_event;
|
|
|
|
return raw_notifier_chain_register(&ds->dst->nh, &ds->nb);
|
|
}
|
|
|
|
void dsa_switch_unregister_notifier(struct dsa_switch *ds)
|
|
{
|
|
int err;
|
|
|
|
err = raw_notifier_chain_unregister(&ds->dst->nh, &ds->nb);
|
|
if (err)
|
|
dev_err(ds->dev, "failed to unregister notifier (%d)\n", err);
|
|
}
|