lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190531141914.GB26582@t480s.localdomain>
Date:   Fri, 31 May 2019 14:19:14 -0400
From:   Vivien Didelot <vivien.didelot@...il.com>
To:     Florian Fainelli <f.fainelli@...il.com>
Cc:     Nikita Yushchenko <nikita.yoush@...entembedded.com>,
        Andrew Lunn <andrew@...n.ch>,
        "David S. Miller" <davem@...emloft.net>,
        Heiner Kallweit <hkallweit1@...il.com>,
        Marek BehĂșn <marek.behun@....cz>,
        Russell King <rmk+kernel@...linux.org.uk>,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        Chris Healy <cphealy@...il.com>
Subject: Re: [PATCH] net: dsa: mv88e6xxx: avoid error message on remove from
 VLAN 0

Hi Florian,

On Fri, 31 May 2019 09:36:13 -0700, Florian Fainelli <f.fainelli@...il.com> wrote:
> > But VID 0 has a special meaning for the kernel, it means the port's private
> > database (when it is isolated, non-bridged), it is not meant to be programmed
> > in the switch. That's why I would've put that knowledge into the DSA layer,
> > which job is to translate the kernel operations to the (dumb) DSA drivers.
> > 
> > I hope I'm seeing things correctly here.
> 
> Your first part about the fact that it's the port private database is
> true, the fact that it is not programmed into the HW actually depends on
> what the switch is capable of doing. With mv88e6xxx you have per-port
> VLAN filtering controls, but other switches that do not have that
> capability need to program VID == 0 into the HW to continue maintaining
> VLAN filtering on a non bridged port while a bridge has enslaved other
> ports of the switch.

Are you saying that switches without per-port VLAN filtering controls
will program VID 0, and thus put all non bridged ports into the same VLAN,
allowing them to talk to each other?


Thanks,
Vivien

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ