lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 23 Sep 2022 01:06:55 +0300
From:   Vladimir Oltean <vladimir.oltean@....com>
To:     netdev@...r.kernel.org
Cc:     David Ahern <dsahern@...nel.org>,
        Stephen Hemminger <stephen@...workplumber.org>,
        Andrew Lunn <andrew@...n.ch>,
        Vivien Didelot <vivien.didelot@...il.com>,
        Florian Fainelli <f.fainelli@...il.com>,
        Jakub Kicinski <kuba@...nel.org>
Subject: [PATCH v3 iproute2-next] ip link: add sub-command to view and change DSA conduit interface

Support the "dsa" kind of rtnl_link_ops exported by the kernel, and
export reads/writes to IFLA_DSA_MASTER.

Examples:

$ ip link set swp0 type dsa conduit eth1

$ ip -d link show dev swp0
    (...)
    dsa conduit eth0

$ ip -d -j link show swp0
[
	{
		"link": "eth1",
		"linkinfo": {
			"info_kind": "dsa",
			"info_data": {
				"conduit": "eth1"
			}
		},
	}
]

Note that by construction and as shown in the example, the IFLA_LINK
reported by a DSA user port is identical to what is reported through
IFLA_DSA_MASTER. However IFLA_LINK is not writable, and overloading its
meaning to make it writable would clash with other users of IFLA_LINK
(vlan etc) for which writing this property does not make sense.

Signed-off-by: Vladimir Oltean <vladimir.oltean@....com>
---
v1->v2:
- update man page
v2->v3:
- update main ip-link help text to print the new 'dsa' link type
- rename the 'master' keyword to 'conduit' and keep 'master' as a
  fallback
- to avoid using the 'DSA master' term in the man page, stop explaining
  which interfaces are eligible for this operation, and just refer to
  the kernel documentation. Note that since the support was added in
  net-next, the htmldocs have not been regenerated yet.

 include/uapi/linux/if_link.h | 10 ++++++
 ip/Makefile                  |  2 +-
 ip/iplink.c                  |  2 +-
 ip/iplink_dsa.c              | 68 ++++++++++++++++++++++++++++++++++++
 man/man8/ip-link.8.in        | 35 +++++++++++++++++++
 5 files changed, 115 insertions(+), 2 deletions(-)
 create mode 100644 ip/iplink_dsa.c

diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h
index e0fbbfeeb3a1..6f4d7b1ff9fb 100644
--- a/include/uapi/linux/if_link.h
+++ b/include/uapi/linux/if_link.h
@@ -1372,4 +1372,14 @@ enum {
 
 #define IFLA_MCTP_MAX (__IFLA_MCTP_MAX - 1)
 
+/* DSA section */
+
+enum {
+	IFLA_DSA_UNSPEC,
+	IFLA_DSA_MASTER,
+	__IFLA_DSA_MAX,
+};
+
+#define IFLA_DSA_MAX	(__IFLA_DSA_MAX - 1)
+
 #endif /* _LINUX_IF_LINK_H */
diff --git a/ip/Makefile b/ip/Makefile
index 6c2e072049a2..8fd9e295f344 100644
--- a/ip/Makefile
+++ b/ip/Makefile
@@ -8,7 +8,7 @@ IPOBJ=ip.o ipaddress.o ipaddrlabel.o iproute.o iprule.o ipnetns.o \
     iplink_macvlan.o ipl2tp.o link_vti.o link_vti6.o link_xfrm.o \
     iplink_vxlan.o tcp_metrics.o iplink_ipoib.o ipnetconf.o link_ip6tnl.o \
     link_iptnl.o link_gre6.o iplink_bond.o iplink_bond_slave.o iplink_hsr.o \
-    iplink_bridge.o iplink_bridge_slave.o ipfou.o iplink_ipvlan.o \
+    iplink_bridge.o iplink_bridge_slave.o iplink_dsa.o ipfou.o iplink_ipvlan.o \
     iplink_geneve.o iplink_vrf.o iproute_lwtunnel.o ipmacsec.o ipila.o \
     ipvrf.o iplink_xstats.o ipseg6.o iplink_netdevsim.o iplink_rmnet.o \
     ipnexthop.o ipmptcp.o iplink_bareudp.o iplink_wwan.o ipioam6.o \
diff --git a/ip/iplink.c b/ip/iplink.c
index b98c1694991e..c7c36f12c470 100644
--- a/ip/iplink.c
+++ b/ip/iplink.c
@@ -48,7 +48,7 @@ void iplink_types_usage(void)
 	/* Remember to add new entry here if new type is added. */
 	fprintf(stderr,
 		"TYPE := { amt | bareudp | bond | bond_slave | bridge | bridge_slave |\n"
-		"          dummy | erspan | geneve | gre | gretap | gtp | ifb |\n"
+		"          dsa | dummy | erspan | geneve | gre | gretap | gtp | ifb |\n"
 		"          ip6erspan | ip6gre | ip6gretap | ip6tnl |\n"
 		"          ipip | ipoib | ipvlan | ipvtap |\n"
 		"          macsec | macvlan | macvtap |\n"
diff --git a/ip/iplink_dsa.c b/ip/iplink_dsa.c
new file mode 100644
index 000000000000..e3f3f8aca13c
--- /dev/null
+++ b/ip/iplink_dsa.c
@@ -0,0 +1,68 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * iplink_dsa.c		DSA switch support
+ */
+
+#include "utils.h"
+#include "ip_common.h"
+
+static void print_usage(FILE *f)
+{
+	fprintf(f, "Usage: ... dsa [ conduit DEVICE ]\n");
+}
+
+static int dsa_parse_opt(struct link_util *lu, int argc, char **argv,
+			 struct nlmsghdr *n)
+{
+	while (argc > 0) {
+		if (strcmp(*argv, "conduit") == 0 ||
+		    strcmp(*argv, "master") == 0) {
+			__u32 ifindex;
+
+			NEXT_ARG();
+			ifindex = ll_name_to_index(*argv);
+			if (!ifindex)
+				invarg("Device does not exist\n", *argv);
+			addattr_l(n, 1024, IFLA_DSA_MASTER, &ifindex, 4);
+		} else if (strcmp(*argv, "help") == 0) {
+			print_usage(stderr);
+			return -1;
+		} else {
+			fprintf(stderr, "dsa: unknown command \"%s\"?\n", *argv);
+			print_usage(stderr);
+			return -1;
+		}
+		argc--;
+		argv++;
+	}
+
+	return 0;
+}
+
+static void dsa_print_opt(struct link_util *lu, FILE *f, struct rtattr *tb[])
+{
+	if (!tb)
+		return;
+
+	if (tb[IFLA_DSA_MASTER]) {
+		__u32 conduit = rta_getattr_u32(tb[IFLA_DSA_MASTER]);
+
+		print_string(PRINT_ANY,
+			     "conduit", "conduit %s ",
+			     ll_index_to_name(conduit));
+	}
+}
+
+static void dsa_print_help(struct link_util *lu, int argc, char **argv,
+			   FILE *f)
+{
+	print_usage(f);
+}
+
+struct link_util dsa_link_util = {
+	.id		= "dsa",
+	.maxattr	= IFLA_DSA_MAX,
+	.parse_opt	= dsa_parse_opt,
+	.print_opt	= dsa_print_opt,
+	.print_help     = dsa_print_help,
+};
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index c45c10622251..fc9d62fc5767 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in
@@ -213,6 +213,7 @@ ip-link \- network device configuration
 .BR bond " | "
 .BR bridge " | "
 .BR can " | "
+.BR dsa " | "
 .BR dummy " | "
 .BR erspan " |"
 .BR geneve " |"
@@ -304,6 +305,9 @@ Link types:
 .B can
 - Controller Area Network
 .sp
+.B dsa
+- Distributed Switch Architecture
+.sp
 .B dummy
 - Dummy network interface
 .sp
@@ -2637,6 +2641,32 @@ as well as the actual used bcqueuelen are listed to better help
 the user understand the setting.
 .in -8
 
+.TP
+DSA user port support
+For a link having the DSA user port type, the following additional arguments
+are supported:
+
+.B "ip link set type dsa "
+[
+.BI conduit " DEVICE"
+]
+
+.in +8
+.sp
+.BI conduit " DEVICE"
+- change the DSA conduit (host network interface) responsible for handling the
+locally terminated traffic for the given DSA switch user port. For a
+description of which network interfaces are suitable for serving as conduit
+interfaces of this user port, please see
+https://www.kernel.org/doc/html/latest/networking/dsa/configuration.html#affinity-of-user-ports-to-cpu-ports
+as well as what is supported by the driver in use.
+
+.sp
+.BI master " DEVICE"
+- this is a synonym for "conduit".
+
+.in -8
+
 .SS  ip link show - display device attributes
 
 .TP
@@ -2793,6 +2823,11 @@ erspan_ver 2 erspan_dir ingress erspan_hwid 17
 .RS 4
 Creates a IP6ERSPAN version 2 interface named ip6erspan00.
 .RE
+.PP
+ip link set dev swp0 type dsa conduit eth1
+.RS 4
+Changes the conduit interface of the swp0 user port to eth1.
+.RE
 
 .SH SEE ALSO
 .br
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ