Commit d4c72f47 authored by Alessandro Rubini's avatar Alessandro Rubini

vlan: add "vlan off" command, switch pfilter rule-set at runtime

This allows a node built with CONFIG_VLAN to choose at run-time
whether vlans are allowed or not.  We build both pfilter rule-sets,
and according to the active vlan number we write one or the other.

The case "CONFIG_VLAN is not set" is handled by providing default
NULL pointers for beginning and end of the vlan rule-set.

As a side effect, I renamed the files and the functions in
the pfilter-builder.

This is how it works for me, with CONFIG_PFILTER_VERBOSE set,
so you see different rule-set  are used (29 rules vs. 16 rules):

    wrc# vlan set 0
    0 ("0") out of range
    Command "vlan": error -22
    wrc# vlan off
    fixing MAC adress in rule: use 22:33:44:55:66:77
    pfilter rule 00: 4.00000000
    pfilter rule 01: 1.e4466013
    [...]
    pfilter rule 28: 8.00000000
    current vlan: 0 (0x0)
    wrc# ip set 10.0.0.2
    IP-address: 10.0.0.2 (static assignment)

  (and I am now reachable by untagged frames)

    wrc# vlan set 10
    fixing MAC adress in rule: use 22:33:44:55:66:77
    fixing VLAN number in rule: use 10
    pfilter rule 00: 4.00000000
    pfilter rule 01: 1.e4466013
    [...]
    pfilter rule 15: 8.00000000
    current vlan: 10 (0xa)

  (and I am now reachable on vlan 10)
Signed-off-by: Alessandro Rubini's avatarAlessandro Rubini <rubini@gnudd.com>

Conflicts:
	Makefile
parent ab7cb867
...@@ -59,9 +59,9 @@ CFLAGS_PLATFORM = -mmultiply-enabled -mbarrel-shift-enabled ...@@ -59,9 +59,9 @@ CFLAGS_PLATFORM = -mmultiply-enabled -mbarrel-shift-enabled
LDFLAGS_PLATFORM = -mmultiply-enabled -mbarrel-shift-enabled \ LDFLAGS_PLATFORM = -mmultiply-enabled -mbarrel-shift-enabled \
-nostdlib -T $(LDS-y) -nostdlib -T $(LDS-y)
# packet-filter rules depend on configuration; default is rules-plain # packet-filter rules: for CONFIG_VLAN we use both sets
pfilter-y := rules-novlan.bin pfilter-y := rules-novlan.bin
pfilter-$(CONFIG_VLAN) := rules-vlan.bin pfilter-$(CONFIG_VLAN) += rules-vlan.bin
export pfilter-y export pfilter-y
all: all:
......
...@@ -67,4 +67,8 @@ SECTIONS ...@@ -67,4 +67,8 @@ SECTIONS
/* This may be missing, according to .config */ /* This may be missing, according to .config */
PROVIDE(fifo_log = 0); PROVIDE(fifo_log = 0);
/* A vlan rule-set may be missing (if no CONFIG_VLAN) */
PROVIDE(_binary_rules_vlan_bin_start = 0);
PROVIDE(_binary_rules_vlan_bin_end = 0);
} }
obj-$(CONFIG_WR_NODE) += \ obj-$(CONFIG_WR_NODE) += \
dev/endpoint.o \ dev/endpoint.o \
dev/ep_pfilter.o \ dev/ep_pfilter.o \
dev/pfilter-rules.o \
dev/i2c.o \ dev/i2c.o \
dev/minic.o \ dev/minic.o \
dev/pps_gen.o \ dev/pps_gen.o \
...@@ -21,11 +20,13 @@ obj-$(CONFIG_W1) += dev/w1-temp.o dev/w1-eeprom.o ...@@ -21,11 +20,13 @@ obj-$(CONFIG_W1) += dev/w1-temp.o dev/w1-eeprom.o
obj-$(CONFIG_UART) += dev/uart.o obj-$(CONFIG_UART) += dev/uart.o
obj-$(CONFIG_UART_SW) += dev/uart-sw.o obj-$(CONFIG_UART_SW) += dev/uart-sw.o
# Filter rules are selected according to configuration, see toplevel Makefile, # Filter rules are selected according to configuration, but we may
# but the filename is reflected in symbol names, so use a symlink here. # have more than one. Note: the filename is reflected in symbol names,
dev/pfilter-rules.o: $(pfilter-y) # so they are hardwired in ../Makefile (and ../tools/pfilter-builder too)
ln -sf $(pfilter-y) rules-pfilter.bin obj-y += $(pfilter-y:.bin=.o)
$(OBJCOPY) -I binary -O elf32-lm32 -B lm32 rules-pfilter.bin $@
rules-%.o: rules-%.bin
$(OBJCOPY) -I binary -O elf32-lm32 -B lm32 $< $@
$(pfilter-y): tools/pfilter-builder $(pfilter-y): tools/pfilter-builder
$^ $^
......
...@@ -20,8 +20,24 @@ ...@@ -20,8 +20,24 @@
#include <endpoint.h> #include <endpoint.h>
#include <hw/endpoint_regs.h> #include <hw/endpoint_regs.h>
extern uint32_t _binary_rules_pfilter_bin_start[]; extern uint32_t _binary_rules_novlan_bin_start[];
extern uint32_t _binary_rules_pfilter_bin_end[]; extern uint32_t _binary_rules_novlan_bin_end[];
extern uint32_t _binary_rules_vlan_bin_start[];
extern uint32_t _binary_rules_vlan_bin_end[];
struct rule_set {
uint32_t *ini;
uint32_t *end;
} rule_sets[2] = {
{
_binary_rules_novlan_bin_start,
_binary_rules_novlan_bin_end,
}, {
_binary_rules_vlan_bin_start,
_binary_rules_vlan_bin_end,
}
};
extern volatile struct EP_WB *EP; extern volatile struct EP_WB *EP;
...@@ -38,16 +54,23 @@ static uint32_t swap32(uint32_t v) ...@@ -38,16 +54,23 @@ static uint32_t swap32(uint32_t v)
void pfilter_init_default(void) void pfilter_init_default(void)
{ {
/* Use shorter names to avoid getting mad */ struct rule_set *s;
uint32_t *vini = _binary_rules_pfilter_bin_start;
uint32_t *vend = _binary_rules_pfilter_bin_end;
uint8_t mac[6]; uint8_t mac[6];
char buf[20]; char buf[20];
uint32_t m, *v, *v_vlan = NULL; uint32_t m, *vini, *vend, *v, *v_vlan = NULL;
uint64_t cmd_word; uint64_t cmd_word;
int i; int i;
static int inited; static int inited;
/* If vlan, use rule-set 1, else rule-set 0 */
s = rule_sets + (wrc_vlan_number != 0);
if (!s->ini) {
pp_printf("no pfilter rule-set!\n");
return;
}
vini = s->ini;
vend = s->end;
/* /*
* The array of words starts with 0x11223344 so we * The array of words starts with 0x11223344 so we
* can fix endianness. Do it. * can fix endianness. Do it.
......
...@@ -26,6 +26,10 @@ static int cmd_vlan(const char *args[]) ...@@ -26,6 +26,10 @@ static int cmd_vlan(const char *args[])
} }
wrc_vlan_number = i; wrc_vlan_number = i;
pfilter_init_default(); pfilter_init_default();
} else if (!strcasecmp(args[0], "off")) {
wrc_vlan_number = 0;
pfilter_init_default();
} else { } else {
return -EINVAL; return -EINVAL;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment