lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 29 Aug 2019 15:15:43 +0200
From:   Horatiu Vultur <horatiu.vultur@...rochip.com>
To:     Ivan Vecera <ivecera@...hat.com>
CC:     Jiri Pirko <jiri@...nulli.us>, <alexandre.belloni@...tlin.com>,
        <UNGLinuxDriver@...rochip.com>, <davem@...emloft.net>,
        <andrew@...n.ch>, <allan.nielsen@...rochip.com>,
        <f.fainelli@...il.com>, <netdev@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v3 1/2] net: core: Notify on changes to dev->promiscuity.

The 08/29/2019 14:55, Ivan Vecera wrote:
> External E-Mail
> 
> 
> On Thu, 29 Aug 2019 14:44:14 +0200
> Horatiu Vultur <horatiu.vultur@...rochip.com> wrote:
> 
> > When a port is added to a bridge, then the port gets in promisc mode.
> > But in our case the HW has bridge capabilities so it is not required
> > to set the port in promisc mode.
> > But if someone else requires the port to be in promisc mode (tcpdump
> > or any other application) then I would like to set the port in promisc
> > mode.
> > In previous emails Andrew came with the suggestion to look at
> > dev->promiscuity and check if the port is a bridge port. Using this
> > information I could see when to add the port in promisc mode. He also
> > suggested to add a new switchdev call(maybe I missunderstood him, or I
> > have done it at the wrong place) in case there are no callbacks in the
> > driver to get this information.
> 
Hi Ivan,

> I would use the 1st suggestion.
> 
> for/in your driver:
> if (dev->promiscuity > 0) {
> 	if (dev->promiscuity == 1 && netif_is_bridge_port(dev)) {
> 		/* no need to set promisc mode because promiscuity
> 		 * was requested by bridge
> 		 */
> 		...
> 	} else {
> 		/* need to set promisc mode as someone else requested
> 		 * promiscuity
> 		 */
> 	}
> }

Yes that was my first try. It worked for many cases but there was one
which it didn't work.
If first add the port to the bridge, then you get callbacks and
notifications in the driver where you can use the code that you
suggested. But if next you enable promisc mode on the port (ip link set
dev eth0 promisc on), then the driver will not get any callbacks or
notifications. Therefore it could not see the new value of
dev->promiscuity to update the HW.
The code that updates the promisc mode it would not notify in case
the promiscuity is changed and because the port has already the flag
IFF_PROMISC it would not notify any listeners because the flags are not
changed.
Here [1] is the code that I refer to.

[1] https://elixir.bootlin.com/linux/latest/source/net/core/dev.c#L7592

> 
> Thanks,
> Ivan
> 

-- 
/Horatiu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ