| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Jun 2023 07:30:00 +0000
From: "Buvaneswaran, Sujai" <sujai.buvaneswaran@...el.com>
To: "Drewek, Wojciech" <wojciech.drewek@...el.com>,
"intel-wired-lan@...ts.osuosl.org" <intel-wired-lan@...ts.osuosl.org>
CC: "pmenzel@...gen.mpg.de" <pmenzel@...gen.mpg.de>, "netdev@...r.kernel.org"
<netdev@...r.kernel.org>, "simon.horman@...igine.com"
<simon.horman@...igine.com>, "dan.carpenter@...aro.org"
<dan.carpenter@...aro.org>
Subject: RE: [Intel-wired-lan] [PATCH iwl-next v4 02/13] ice: Prohibit rx mode
change in switchdev mode
> Don't allow to change promisc mode in switchdev mode.
> When switchdev is configured, PF netdev is set to be a default VSI. This is
> needed for the slow-path to work correctly.
> All the unmatched packets will be directed to PF netdev.
>
> It is possible that this setting might be overwritten by ndo_set_rx_mode.
> Prevent this by checking if switchdev is enabled in ice_set_rx_mode.
>
> Reviewed-by: Paul Menzel <pmenzel@...gen.mpg.de>
> Signed-off-by: Wojciech Drewek <wojciech.drewek@...el.com>
> ---
> drivers/net/ethernet/intel/ice/ice_main.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
During our testing, we found out that PF netdev promisc mode settings can be changed in Switchdev mode.
Is this expected as per the implementation of this patch?
[root@...fpass-switchdev ~]# ip link show dev ens802f0np0
193: ens802f0np0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP mode DEFAULT group default qlen 1000
link/ether 6c:fe:54:5a:18:98 brd ff:ff:ff:ff:ff:ff
vf 0 link/ether 52:52:00:00:00:01 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state enable, trust off
vf 1 link/ether 52:52:00:00:00:02 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state enable, trust off
altname enp175s0f0np0
[root@...fpass-switchdev ~]# ip link set dev ens802f0np0 promisc on
[root@...fpass-switchdev ~]# ip link show dev ens802f0np0
193: ens802f0np0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP mode DEFAULT group default qlen 1000
link/ether 6c:fe:54:5a:18:98 brd ff:ff:ff:ff:ff:ff
vf 0 link/ether 52:52:00:00:00:01 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state enable, trust off
vf 1 link/ether 52:52:00:00:00:02 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state enable, trust off
altname enp175s0f0np0
[root@...fpass-switchdev ~]# ip link set dev ens802f0np0 promisc off
[root@...fpass-switchdev ~]# ip link show dev ens802f0np0
193: ens802f0np0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP mode DEFAULT group default qlen 1000
link/ether 6c:fe:54:5a:18:98 brd ff:ff:ff:ff:ff:ff
vf 0 link/ether 52:52:00:00:00:01 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state enable, trust off
vf 1 link/ether 52:52:00:00:00:02 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state enable, trust off
altname enp175s0f0np0
Powered by blists - more mailing lists