From 6848983fae8dd7e03f162ab61a673ddad0f77651 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 12 Jun 2024 16:00:33 +0200
Subject: [PATCH] 5.15-stable patches

added patches:
	net-dsa-sja1105-always-enable-the-incl_srcpt-option.patch
	net-dsa-tag_sja1105-always-prefer-source-port-information-from-incl_srcpt.patch
---
 ...-always-enable-the-incl_srcpt-option.patch | 74 ++++++++++++++
 ...rce-port-information-from-incl_srcpt.patch | 97 +++++++++++++++++++
 queue-5.15/series                             |  2 +
 3 files changed, 173 insertions(+)
 create mode 100644 queue-5.15/net-dsa-sja1105-always-enable-the-incl_srcpt-option.patch
 create mode 100644 queue-5.15/net-dsa-tag_sja1105-always-prefer-source-port-information-from-incl_srcpt.patch

diff --git a/queue-5.15/net-dsa-sja1105-always-enable-the-incl_srcpt-option.patch b/queue-5.15/net-dsa-sja1105-always-enable-the-incl_srcpt-option.patch
new file mode 100644
index 00000000000..89c56c56de3
--- /dev/null
+++ b/queue-5.15/net-dsa-sja1105-always-enable-the-incl_srcpt-option.patch
@@ -0,0 +1,74 @@
+From b4638af8885af93cd70351081da1909c59342440 Mon Sep 17 00:00:00 2001
+From: Vladimir Oltean <vladimir.oltean@nxp.com>
+Date: Tue, 27 Jun 2023 12:42:06 +0300
+Subject: net: dsa: sja1105: always enable the INCL_SRCPT option
+
+From: Vladimir Oltean <vladimir.oltean@nxp.com>
+
+commit b4638af8885af93cd70351081da1909c59342440 upstream.
+
+Link-local traffic on bridged SJA1105 ports is sometimes tagged by the
+hardware with source port information (when the port is under a VLAN
+aware bridge).
+
+The tag_8021q source port identification has become more loose
+("imprecise") and will report a plausible rather than exact bridge port,
+when under a bridge (be it VLAN-aware or VLAN-unaware). But link-local
+traffic always needs to know the precise source port.
+
+Modify the driver logic (and therefore: the tagging protocol itself) to
+always include the source port information with link-local packets,
+regardless of whether the port is standalone, under a VLAN-aware or
+VLAN-unaware bridge. This makes it possible for the tagging driver to
+give priority to that information over the tag_8021q VLAN header.
+
+The big drawback with INCL_SRCPT is that it makes it impossible to
+distinguish between an original MAC DA of 01:80:C2:XX:YY:ZZ and
+01:80:C2:AA:BB:ZZ, because the tagger just patches MAC DA bytes 3 and 4
+with zeroes. Only if PTP RX timestamping is enabled, the switch will
+generate a META follow-up frame containing the RX timestamp and the
+original bytes 3 and 4 of the MAC DA. Those will be used to patch up the
+original packet. Nonetheless, in the absence of PTP RX timestamping, we
+have to live with this limitation, since it is more important to have
+the more precise source port information for link-local traffic.
+
+Fixes: d7f9787a763f ("net: dsa: tag_8021q: add support for imprecise RX based on the VBID")
+Fixes: 91495f21fcec ("net: dsa: tag_8021q: replace the SVL bridging with VLAN-unaware IVL bridging")
+Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
+Reviewed-by: Simon Horman <simon.horman@corigine.com>
+Signed-off-by: Paolo Abeni <pabeni@redhat.com>
+Stable-dep-of: c1ae02d87689 ("net: dsa: tag_sja1105: always prefer source port information from INCL_SRCPT")
+Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/dsa/sja1105/sja1105_main.c |    9 ++-------
+ 1 file changed, 2 insertions(+), 7 deletions(-)
+
+--- a/drivers/net/dsa/sja1105/sja1105_main.c
++++ b/drivers/net/dsa/sja1105/sja1105_main.c
+@@ -853,11 +853,11 @@ static int sja1105_init_general_params(s
+ 		.hostprio = 7,
+ 		.mac_fltres1 = SJA1105_LINKLOCAL_FILTER_A,
+ 		.mac_flt1    = SJA1105_LINKLOCAL_FILTER_A_MASK,
+-		.incl_srcpt1 = false,
++		.incl_srcpt1 = true,
+ 		.send_meta1  = false,
+ 		.mac_fltres0 = SJA1105_LINKLOCAL_FILTER_B,
+ 		.mac_flt0    = SJA1105_LINKLOCAL_FILTER_B_MASK,
+-		.incl_srcpt0 = false,
++		.incl_srcpt0 = true,
+ 		.send_meta0  = false,
+ 		/* Default to an invalid value */
+ 		.mirr_port = priv->ds->num_ports,
+@@ -2346,11 +2346,6 @@ int sja1105_vlan_filtering(struct dsa_sw
+ 	general_params->tpid = tpid;
+ 	/* EtherType used to identify outer tagged (S-tag) VLAN traffic */
+ 	general_params->tpid2 = tpid2;
+-	/* When VLAN filtering is on, we need to at least be able to
+-	 * decode management traffic through the "backup plan".
+-	 */
+-	general_params->incl_srcpt1 = enabled;
+-	general_params->incl_srcpt0 = enabled;
+ 
+ 	/* VLAN filtering => independent VLAN learning.
+ 	 * No VLAN filtering (or best effort) => shared VLAN learning.
diff --git a/queue-5.15/net-dsa-tag_sja1105-always-prefer-source-port-information-from-incl_srcpt.patch b/queue-5.15/net-dsa-tag_sja1105-always-prefer-source-port-information-from-incl_srcpt.patch
new file mode 100644
index 00000000000..c1046ab16be
--- /dev/null
+++ b/queue-5.15/net-dsa-tag_sja1105-always-prefer-source-port-information-from-incl_srcpt.patch
@@ -0,0 +1,97 @@
+From c1ae02d876898b1b8ca1e12c6f84d7b406263800 Mon Sep 17 00:00:00 2001
+From: Vladimir Oltean <vladimir.oltean@nxp.com>
+Date: Tue, 27 Jun 2023 12:42:07 +0300
+Subject: net: dsa: tag_sja1105: always prefer source port information from INCL_SRCPT
+
+From: Vladimir Oltean <vladimir.oltean@nxp.com>
+
+commit c1ae02d876898b1b8ca1e12c6f84d7b406263800 upstream.
+
+Currently the sja1105 tagging protocol prefers using the source port
+information from the VLAN header if that is available, falling back to
+the INCL_SRCPT option if it isn't. The VLAN header is available for all
+frames except for META frames initiated by the switch (containing RX
+timestamps), and thus, the "if (is_link_local)" branch is practically
+dead.
+
+The tag_8021q source port identification has become more loose
+("imprecise") and will report a plausible rather than exact bridge port,
+when under a bridge (be it VLAN-aware or VLAN-unaware). But link-local
+traffic always needs to know the precise source port. With incorrect
+source port reporting, for example PTP traffic over 2 bridged ports will
+all be seen on sockets opened on the first such port, which is incorrect.
+
+Now that the tagging protocol has been changed to make link-local frames
+always contain source port information, we can reverse the order of the
+checks so that we always give precedence to that information (which is
+always precise) in lieu of the tag_8021q VID which is only precise for a
+standalone port.
+
+Fixes: d7f9787a763f ("net: dsa: tag_8021q: add support for imprecise RX based on the VBID")
+Fixes: 91495f21fcec ("net: dsa: tag_8021q: replace the SVL bridging with VLAN-unaware IVL bridging")
+Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
+Reviewed-by: Simon Horman <simon.horman@corigine.com>
+Signed-off-by: Paolo Abeni <pabeni@redhat.com>
+[ Replaced the 2 original Fixes: tags with the correct one.
+  Respun the change around the lack of a "vbid", corresponding to DSA
+  FDB isolation, which appeared only in v5.18. ]
+Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/dsa/tag_sja1105.c |   34 ++++++++++++++++++++++++++--------
+ 1 file changed, 26 insertions(+), 8 deletions(-)
+
+--- a/net/dsa/tag_sja1105.c
++++ b/net/dsa/tag_sja1105.c
+@@ -489,10 +489,7 @@ static struct sk_buff *sja1105_rcv(struc
+ 	is_link_local = sja1105_is_link_local(skb);
+ 	is_meta = sja1105_is_meta_frame(skb);
+ 
+-	if (sja1105_skb_has_tag_8021q(skb)) {
+-		/* Normal traffic path. */
+-		sja1105_vlan_rcv(skb, &source_port, &switch_id, &vid);
+-	} else if (is_link_local) {
++	if (is_link_local) {
+ 		/* Management traffic path. Switch embeds the switch ID and
+ 		 * port ID into bytes of the destination MAC, courtesy of
+ 		 * the incl_srcpt options.
+@@ -506,14 +503,35 @@ static struct sk_buff *sja1105_rcv(struc
+ 		sja1105_meta_unpack(skb, &meta);
+ 		source_port = meta.source_port;
+ 		switch_id = meta.switch_id;
+-	} else {
++	}
++
++	/* Normal data plane traffic and link-local frames are tagged with
++	 * a tag_8021q VLAN which we have to strip
++	 */
++	if (sja1105_skb_has_tag_8021q(skb)) {
++		int tmp_source_port = -1, tmp_switch_id = -1;
++
++		sja1105_vlan_rcv(skb, &tmp_source_port, &tmp_switch_id, &vid);
++		/* Preserve the source information from the INCL_SRCPT option,
++		 * if available. This allows us to not overwrite a valid source
++		 * port and switch ID with zeroes when receiving link-local
++		 * frames from a VLAN-aware bridged port (non-zero vid).
++		 */
++		if (source_port == -1)
++			source_port = tmp_source_port;
++		if (switch_id == -1)
++			switch_id = tmp_switch_id;
++	} else if (source_port == -1 && switch_id == -1) {
++		/* Packets with no source information have no chance of
++		 * getting accepted, drop them straight away.
++		 */
+ 		return NULL;
+ 	}
+ 
+-	if (source_port == -1 || switch_id == -1)
+-		skb->dev = dsa_find_designated_bridge_port_by_vid(netdev, vid);
+-	else
++	if (source_port != -1 && switch_id != -1)
+ 		skb->dev = dsa_master_find_slave(netdev, switch_id, source_port);
++	else
++		skb->dev = dsa_find_designated_bridge_port_by_vid(netdev, vid);
+ 	if (!skb->dev) {
+ 		netdev_warn(netdev, "Couldn't decode source port\n");
+ 		return NULL;
diff --git a/queue-5.15/series b/queue-5.15/series
index af0596e3d40..36bd7d899c1 100644
--- a/queue-5.15/series
+++ b/queue-5.15/series
@@ -346,3 +346,5 @@ nilfs2-fix-use-after-free-of-timer-for-log-writer-thread.patch
 revert-drm-amdgpu-init-iommu-after-amdkfd-device-init.patch
 mptcp-fix-full-tcp-keep-alive-support.patch
 vxlan-fix-regression-when-dropping-packets-due-to-invalid-src-addresses.patch
+net-dsa-sja1105-always-enable-the-incl_srcpt-option.patch
+net-dsa-tag_sja1105-always-prefer-source-port-information-from-incl_srcpt.patch
-- 
2.47.3