lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 02 Jun 2015 07:20:53 -0700
From:	Guenter Roeck <linux@...ck-us.net>
To:	Vivien Didelot <vivien.didelot@...oirfairelinux.com>,
	netdev@...r.kernel.org
CC:	"David S. Miller" <davem@...emloft.net>,
	Florian Fainelli <f.fainelli@...il.com>,
	Andrew Lunn <andrew@...n.ch>,
	Scott Feldman <sfeldma@...il.com>,
	Jiri Pirko <jiri@...nulli.us>,
	Jerome Oufella <jerome.oufella@...oirfairelinux.com>,
	linux-kernel@...r.kernel.org, kernel@...oirfairelinux.com,
	Chris Healy <cphealy@...il.com>
Subject: Re: [RFC 6/9] net: dsa: mv88e6352: allow egress of unknown multicast

On 06/01/2015 06:27 PM, Vivien Didelot wrote:
> This patch disables egress of unknown unicast destination addresses.
>

Hi Vivien,

seems to me this patch is unrelated to the rest of the series.

Not sure if we really want this. If an address is in the arp cache
but has timed out from the bridge database, any unicast to that address
will no longer be sent. If the bridge database has been flushed for some
reason, such as a spanning tree reconfiguration, we'll have a hard time
to send anything.

What is the problem you are trying to solve with this patch ?

Thanks,
Guenter

> Signed-off-by: Vivien Didelot <vivien.didelot@...oirfairelinux.com>
> ---
>   drivers/net/dsa/mv88e6xxx.c | 3 ++-
>   drivers/net/dsa/mv88e6xxx.h | 5 +++++
>   2 files changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/net/dsa/mv88e6xxx.c b/drivers/net/dsa/mv88e6xxx.c
> index 49ef2f8..d2beb10 100644
> --- a/drivers/net/dsa/mv88e6xxx.c
> +++ b/drivers/net/dsa/mv88e6xxx.c
> @@ -1686,7 +1686,8 @@ static int mv88e6xxx_setup_port(struct dsa_switch *ds, int port)
>   	    mv88e6xxx_6185_family(ds))
>   		reg = PORT_CONTROL_IGMP_MLD_SNOOP |
>   		PORT_CONTROL_USE_TAG | PORT_CONTROL_USE_IP |
> -		PORT_CONTROL_STATE_FORWARDING;
> +		PORT_CONTROL_STATE_FORWARDING |
> +		PORT_CONTROL_EGRESS_FLOODS_NO_UNKNOWN_UNICAST_DA;
>   	if (dsa_is_cpu_port(ds, port)) {
>   		if (mv88e6xxx_6095_family(ds) || mv88e6xxx_6185_family(ds))
>   			reg |= PORT_CONTROL_DSA_TAG;
> diff --git a/drivers/net/dsa/mv88e6xxx.h b/drivers/net/dsa/mv88e6xxx.h
> index f4ea66a..412d14e 100644
> --- a/drivers/net/dsa/mv88e6xxx.h
> +++ b/drivers/net/dsa/mv88e6xxx.h
> @@ -117,6 +117,11 @@
>   #define PORT_CONTROL_STATE_BLOCKING	0x01
>   #define PORT_CONTROL_STATE_LEARNING	0x02
>   #define PORT_CONTROL_STATE_FORWARDING	0x03
> +#define PORT_CONTROL_EGRESS_FLOODS_MASK				(0x03 << 2)
> +#define PORT_CONTROL_EGRESS_FLOODS_NO_UNKNOWN_ANY_DA		(0x00 << 2)
> +#define PORT_CONTROL_EGRESS_FLOODS_NO_UNKNOWN_MULTICAST_DA	(0x01 << 2)
> +#define PORT_CONTROL_EGRESS_FLOODS_NO_UNKNOWN_UNICAST_DA	(0x02 << 2)
> +#define PORT_CONTROL_EGRESS_FLOODS_ANY_DA			(0x03 << 2)
>   #define PORT_CONTROL_1		0x05
>   #define PORT_BASE_VLAN		0x06
>   #define PORT_DEFAULT_VLAN	0x07
>

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists