lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 12 Aug 2021 00:45:06 +0300
From:   Vladimir Oltean <olteanv@...il.com>
To:     Ido Schimmel <idosch@...sch.org>
Cc:     DENG Qingfang <dqfext@...il.com>, Roopa Prabhu <roopa@...dia.com>,
        Nikolay Aleksandrov <nikolay@...dia.com>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        "moderated list:ETHERNET BRIDGE" <bridge@...ts.linux-foundation.org>,
        "open list:ETHERNET BRIDGE" <netdev@...r.kernel.org>,
        open list <linux-kernel@...r.kernel.org>,
        Florian Fainelli <f.fainelli@...il.com>
Subject: Re: [PATCH net-next] net: bridge: switchdev: allow port isolation to
 be offloaded

On Thu, Aug 12, 2021 at 12:38:56AM +0300, Ido Schimmel wrote:
> On Wed, Aug 11, 2021 at 09:52:46PM +0800, DENG Qingfang wrote:
> > Add BR_ISOLATED flag to BR_PORT_FLAGS_HW_OFFLOAD, to allow switchdev
> > drivers to offload port isolation.
> >
> > Suggested-by: Vladimir Oltean <olteanv@...il.com>
> > Signed-off-by: DENG Qingfang <dqfext@...il.com>
> > ---
> >  net/bridge/br_switchdev.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c
> > index 6bf518d78f02..898257153883 100644
> > --- a/net/bridge/br_switchdev.c
> > +++ b/net/bridge/br_switchdev.c
> > @@ -71,7 +71,8 @@ bool nbp_switchdev_allowed_egress(const struct net_bridge_port *p,
> >
> >  /* Flags that can be offloaded to hardware */
> >  #define BR_PORT_FLAGS_HW_OFFLOAD (BR_LEARNING | BR_FLOOD | \
> > -				  BR_MCAST_FLOOD | BR_BCAST_FLOOD)
> > +				  BR_MCAST_FLOOD | BR_BCAST_FLOOD | \
> > +				  BR_ISOLATED)
>
> Why add it now and not as part of a patchset that actually makes use of
> the flag in a driver that offloads port isolation?

The way the information got transmitted is a bit unfortunate.

Making BR_ISOLATED part of BR_PORT_FLAGS_HW_OFFLOAD is a matter of
correctness when switchdev offloads the data path. Since this feature
will not work correctly without driver intervention, it makes sense that
drivers should reject it currently, which is exactly what this patch
accomplishes - it makes the code path go through the
SWITCHDEV_ATTR_ID_PORT_PRE_BRIDGE_FLAGS driver handlers, which return
-EINVAL for everything they don't recognize.

(yes, we do still have a problem for drivers that don't catch
SWITCHDEV_ATTR_ID_PORT_PRE_BRIDGE_FLAGS at all, switchdev will return
-EOPNOTSUPP for those which is then ignored, but those are in the
minority)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ