| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Nov 2017 12:56:41 -0500
From: Vivien Didelot <vivien.didelot@...oirfairelinux.com>
To: netdev@...r.kernel.org
Cc: linux-kernel@...r.kernel.org, kernel@...oirfairelinux.com,
"David S. Miller" <davem@...emloft.net>,
Florian Fainelli <f.fainelli@...il.com>,
Andrew Lunn <andrew@...n.ch>,
Vivien Didelot <vivien.didelot@...oirfairelinux.com>
Subject: [PATCH net-next 0/2] net: dsa: cross-chip FDB support
DSA can have interconnected switches. For instance, the ZII Dev Rev B
board described in arch/arm/boot/dts/vf610-zii-dev-rev-b.dts has a
switch fabric composed of 3 switch devices like this:
lan4 lan6
CPU (eth1) | lan5 | lan7
| | | | |
[0 1 2 3 4 6 5]---[6 0 1 2 3 4 5]---[9 0 1 2 3 4 5 6 7 8]
| | | | | | |
lan0 | lan2 lan3 lan8 | optical4
lan1 optical3
One current issue with DSA is cross-chip FDB. If we add a static MAC
address on lan3, only its parent switch 1 (the one in the middle) will
be programmed. That is not correct in a cross-chip environment, because
the DSA ports connecting to switch 1 of adjacent switch 0 (on the left)
and switch 2 (on the right) must be programmed too.
Without this patchset, a dump of the hardware FDB of switches 0, 1 and 2
after programming a MAC address on lan3 looks like this (*):
# bridge fdb add 11:22:33:44:55:66 dev lan3
# cat /sys/kernel/debug/mv88e6xxx/sw*/atu/0 | grep -v FID
0 ff:ff:ff:ff:ff:ff MC_STATIC n 0 1 2 3 4 5 6
0 11:22:33:44:55:66 MC_STATIC_MGMT_PO n 0 - - - - - -
0 ff:ff:ff:ff:ff:ff MC_STATIC n 0 1 2 3 4 5 6
0 ff:ff:ff:ff:ff:ff MC_STATIC n 0 1 2 3 4 5 6 7 8 9
With this patchset applied, adjacent DSA ports get programmed too:
# bridge fdb add 11:22:33:44:55:66 dev lan3
# cat /sys/kernel/debug/mv88e6xxx/sw*/atu/0 | grep -v FID
0 11:22:33:44:55:66 MC_STATIC_MGMT_PO n - - - - - 5 -
0 ff:ff:ff:ff:ff:ff MC_STATIC n 0 1 2 3 4 5 6
0 11:22:33:44:55:66 MC_STATIC_MGMT_PO n 0 - - - - - -
0 ff:ff:ff:ff:ff:ff MC_STATIC n 0 1 2 3 4 5 6
0 11:22:33:44:55:66 MC_STATIC_MGMT_PO n - - - - - - - - - 9
0 ff:ff:ff:ff:ff:ff MC_STATIC n 0 1 2 3 4 5 6 7 8 9
In order to do that, the first commit introduces a dsa_towards_port()
helper which returns the local port of a switch which must be used to
reach an arbitrary switch port (local or from an adjacent switch.)
The second patch uses this helper to configure the port reaching the
target port for every switches of the fabric.
(*) a patch for squashed debugfs interface which applies on top of this
patchset is available here:
https://github.com/vivien/linux/commit/f8e6ba34c68a72d3bf42f4dea79abacb2e61a3cc.patch
Vivien Didelot (2):
net: dsa: introduce dsa_towards_port helper
net: dsa: support cross-chip FDB operations
include/net/dsa.h | 23 +++++++++++++----------
net/dsa/switch.c | 14 ++++----------
2 files changed, 17 insertions(+), 20 deletions(-)
--
2.15.0
Powered by blists - more mailing lists