lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20180228.120513.2059500299754394497.davem@davemloft.net>
Date:   Wed, 28 Feb 2018 12:05:13 -0500 (EST)
From:   David Miller <davem@...emloft.net>
To:     maxime.chevallier@...tlin.com
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        antoine.tenart@...tlin.com, thomas.petazzoni@...tlin.com,
        gregory.clement@...tlin.com, miquel.raynal@...tlin.com,
        nadavh@...vell.com, stefanc@...vell.com, ymarkman@...vell.com,
        mw@...ihalf.com
Subject: Re: [PATCH net-next v2] net: mvpp2: Add hardware offloading for
 VLAN filtering

From: Maxime Chevallier <maxime.chevallier@...tlin.com>
Date: Wed, 28 Feb 2018 10:14:13 +0100

> Marvell PPv2 controller allows for generic packet filtering. This commit
> adds entries to implement VLAN filtering. The approach taken is :
> 
>  - Filter entries that would match on the presence of the VLAN tag
>    (existing VLAN detection, DSA / EDSA detection) will set the next
>    lookup ID to be for the VID.
> 
>  - For each VLAN existing on a given port, we add an entry that matches
>    this specific VID. If the incoming packet matches the VID entry, it is
>    set for the next lookup in the chain (LU_L2).
> 
>  - A Guard entry is added for each port, that will match if the incoming
>    packet didn't match any of the above VID entries. This entry tags the
>    packet to be dropped.
> 
> Due to this design, and the fact that the total 256 filter entries are
> also used for other purposes, we have a limit of 10 VLANs per port. To
> accommodate the case where we would need more VLANS on one port, this
> patch implements the ndo_set_features to allow for disabling of VLAN
> filtering using ethtool.
> 
> The default config has VLAN filtering disabled.
> 
> Signed-off-by: Maxime Chevallier <maxime.chevallier@...tlin.com>
> ---
> V2: Use correct order for local variable declarations

That looks better, applied, thank you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ