| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20201208092253.1996011-1-idosch@idosch.org>
Date: Tue, 8 Dec 2020 11:22:40 +0200
From: Ido Schimmel <idosch@...sch.org>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net, kuba@...nel.org, jiri@...dia.com,
petrm@...dia.com, amcohen@...dia.com, mlxsw@...dia.com,
Ido Schimmel <idosch@...dia.com>
Subject: [PATCH net-next 00/13] mlxsw: Add support for Q-in-VNI
From: Ido Schimmel <idosch@...dia.com>
This patch set adds support for Q-in-VNI over Spectrum-{2,3} ASICs.
Q-in-VNI is like regular VxLAN encapsulation with the sole difference
that overlay packets can contain a VLAN tag. In Linux, this is achieved
by adding the VxLAN device to a 802.1ad bridge instead of a 802.1q
bridge.
>From mlxsw perspective, Q-in-VNI support entails two main changes:
1. An outer VLAN tag should always be pushed to the overlay packet
during decapsulation
2. The EtherType used during decapsulation should be 802.1ad (0x88a8)
instead of the default 802.1q (0x8100)
Patch set overview:
Patches #1-#3 add required device registers and fields
Patch #4 performs small refactoring to allow code re-use
Patches #5-#7 make the EtherType used during decapsulation a property of
the tunnel port (i.e., VxLAN). This leads to the driver vetoing
configurations in which VxLAN devices are member in both 802.1ad and
802.1q/802.1d bridges. Will be handled in the future by determining the
overlay EtherType on the egress port instead
Patch #8 adds support for Q-in-VNI for Spectrum-2 and newer ASICs
Patches #9-#10 veto Q-in-VNI for Spectrum-1 ASICs due to some hardware
limitations. Can be worked around, but decided not to support it for now
Patch #11 adjusts mlxsw to stop vetoing addition of VXLAN devices to
802.1ad bridges
Patch #12 adds a generic forwarding test that can be used with both veth
pairs and physical ports with a loopback
Patch #13 adds a test to make sure mlxsw vetoes unsupported Q-in-VNI
configurations
Amit Cohen (12):
mlxsw: Use one enum for all registers that contain tunnel_port field
mlxsw: reg: Add Switch Port VLAN Stacking Register
mlxsw: reg: Add support for tunnel port in SPVID register
mlxsw: spectrum_switchdev: Create common function for joining VxLAN to
VLAN-aware bridge
mlxsw: Save EtherType as part of mlxsw_sp_nve_params
mlxsw: Save EtherType as part of mlxsw_sp_nve_config
mlxsw: spectrum: Publish mlxsw_sp_ethtype_to_sver_type()
mlxsw: spectrum_nve_vxlan: Add support for Q-in-VNI for Spectrum-2
ASIC
mlxsw: spectrum_switchdev: Use ops->vxlan_join() when adding VLAN to
VxLAN device
mlxsw: Veto Q-in-VNI for Spectrum-1 ASIC
mlxsw: spectrum_switchdev: Allow joining VxLAN to 802.1ad bridge
selftests: mlxsw: Add Q-in-VNI veto tests
Petr Machata (1):
selftests: forwarding: Add Q-in-VNI test
drivers/net/ethernet/mellanox/mlxsw/reg.h | 146 ++++++--
.../net/ethernet/mellanox/mlxsw/spectrum.c | 2 +-
.../net/ethernet/mellanox/mlxsw/spectrum.h | 2 +
.../ethernet/mellanox/mlxsw/spectrum_nve.c | 6 +-
.../ethernet/mellanox/mlxsw/spectrum_nve.h | 5 +-
.../mellanox/mlxsw/spectrum_nve_vxlan.c | 67 +++-
.../mellanox/mlxsw/spectrum_switchdev.c | 32 +-
.../net/mlxsw/spectrum-2/q_in_vni_veto.sh | 77 ++++
.../net/mlxsw/spectrum/q_in_vni_veto.sh | 66 ++++
.../selftests/net/forwarding/q_in_vni.sh | 347 ++++++++++++++++++
10 files changed, 703 insertions(+), 47 deletions(-)
create mode 100755 tools/testing/selftests/drivers/net/mlxsw/spectrum-2/q_in_vni_veto.sh
create mode 100755 tools/testing/selftests/drivers/net/mlxsw/spectrum/q_in_vni_veto.sh
create mode 100755 tools/testing/selftests/net/forwarding/q_in_vni.sh
--
2.28.0
Powered by blists - more mailing lists