| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 May 2022 21:40:01 +0530
From: Arun Ramadoss <arun.ramadoss@...rochip.com>
To: <bpf@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<devicetree@...r.kernel.org>, <netdev@...r.kernel.org>
CC: KP Singh <kpsingh@...nel.org>,
John Fastabend <john.fastabend@...il.com>,
Yonghong Song <yhs@...com>, Song Liu <songliubraving@...com>,
"Martin KaFai Lau" <kafai@...com>,
Andrii Nakryiko <andrii@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Alexei Starovoitov <ast@...nel.org>,
Russell King <linux@...linux.org.uk>,
Krzysztof Kozlowski <krzysztof.kozlowski+dt@...aro.org>,
Rob Herring <robh+dt@...nel.org>,
"Paolo Abeni" <pabeni@...hat.com>,
Jakub Kicinski <kuba@...nel.org>,
Eric Dumazet <edumazet@...gle.com>,
"David S. Miller" <davem@...emloft.net>,
"Vladimir Oltean" <olteanv@...il.com>,
Florian Fainelli <f.fainelli@...il.com>,
"Vivien Didelot" <vivien.didelot@...il.com>,
Andrew Lunn <andrew@...n.ch>, <UNGLinuxDriver@...rochip.com>,
Woojung Huh <woojung.huh@...rochip.com>
Subject: [Patch net-next v12 11/13] net: dsa: microchip: add support for port mirror operations
From: Prasanna Vengateshan <prasanna.vengateshan@...rochip.com>
Added support for port_mirror_add() and port_mirror_del operations
Sniffing is limited to one port & alert the user if any new
sniffing port is selected
Signed-off-by: Prasanna Vengateshan <prasanna.vengateshan@...rochip.com>
Signed-off-by: Arun Ramadoss <arun.ramadoss@...rochip.com>
Reviewed-by: Vladimir Oltean <olteanv@...il.com>
Reviewed-by: Florian Fainelli <f.fainelli@...il.com>
---
drivers/net/dsa/microchip/lan937x_main.c | 83 ++++++++++++++++++++++++
1 file changed, 83 insertions(+)
diff --git a/drivers/net/dsa/microchip/lan937x_main.c b/drivers/net/dsa/microchip/lan937x_main.c
index 6d0b0d62b8e1..58ce2912215c 100644
--- a/drivers/net/dsa/microchip/lan937x_main.c
+++ b/drivers/net/dsa/microchip/lan937x_main.c
@@ -65,6 +65,87 @@ static void lan937x_port_stp_state_set(struct dsa_switch *ds, int port,
ksz_port_stp_state_set(ds, port, state, P_STP_CTRL);
}
+static int lan937x_port_mirror_add(struct dsa_switch *ds, int port,
+ struct dsa_mall_mirror_tc_entry *mirror,
+ bool ingress, struct netlink_ext_ack *extack)
+{
+ struct ksz_device *dev = ds->priv;
+ int ret, p;
+ u8 data;
+
+ /* Limit to one sniffer port
+ * Check if any of the port is already set for sniffing
+ * If yes, instruct the user to remove the previous entry & exit
+ */
+ for (p = 0; p < dev->port_cnt; p++) {
+ /* Skip the current sniffing port */
+ if (p == mirror->to_local_port)
+ continue;
+
+ ret = lan937x_pread8(dev, p, P_MIRROR_CTRL, &data);
+ if (ret < 0)
+ return ret;
+
+ if (data & PORT_MIRROR_SNIFFER) {
+ NL_SET_ERR_MSG_MOD(extack,
+ "Sniffer port is already configured, delete existing rules & retry");
+ return -EBUSY;
+ }
+ }
+
+ /* Configure ingress/egress mirroring */
+ if (ingress)
+ ret = lan937x_port_cfg(dev, port, P_MIRROR_CTRL, PORT_MIRROR_RX,
+ true);
+ else
+ ret = lan937x_port_cfg(dev, port, P_MIRROR_CTRL, PORT_MIRROR_TX,
+ true);
+ if (ret < 0)
+ return ret;
+
+ /* Configure sniffer port as other ports do not have
+ * PORT_MIRROR_SNIFFER is set
+ */
+ ret = lan937x_port_cfg(dev, mirror->to_local_port, P_MIRROR_CTRL,
+ PORT_MIRROR_SNIFFER, true);
+ if (ret < 0)
+ return ret;
+
+ return lan937x_cfg(dev, S_MIRROR_CTRL, SW_MIRROR_RX_TX, false);
+}
+
+static void lan937x_port_mirror_del(struct dsa_switch *ds, int port,
+ struct dsa_mall_mirror_tc_entry *mirror)
+{
+ struct ksz_device *dev = ds->priv;
+ bool in_use = false;
+ u8 data;
+ int p;
+
+ /* clear ingress/egress mirroring port */
+ if (mirror->ingress)
+ lan937x_port_cfg(dev, port, P_MIRROR_CTRL, PORT_MIRROR_RX,
+ false);
+ else
+ lan937x_port_cfg(dev, port, P_MIRROR_CTRL, PORT_MIRROR_TX,
+ false);
+
+ /* Check if any of the port is still referring to sniffer port */
+ for (p = 0; p < dev->port_cnt; p++) {
+ lan937x_pread8(dev, p, P_MIRROR_CTRL, &data);
+
+ if ((data & (PORT_MIRROR_RX | PORT_MIRROR_TX))) {
+ in_use = true;
+ break;
+ }
+ }
+
+ /* delete sniffing if there are no other mirroring rule exist */
+ if (!in_use)
+ lan937x_port_cfg(dev, mirror->to_local_port, P_MIRROR_CTRL,
+ PORT_MIRROR_SNIFFER, false);
+}
+
static void lan937x_config_cpu_port(struct dsa_switch *ds)
{
struct ksz_device *dev = ds->priv;
@@ -439,6 +520,8 @@ const struct dsa_switch_ops lan937x_switch_ops = {
.port_bridge_leave = ksz_port_bridge_leave,
.port_stp_state_set = lan937x_port_stp_state_set,
.port_fast_age = ksz_port_fast_age,
+ .port_mirror_add = lan937x_port_mirror_add,
+ .port_mirror_del = lan937x_port_mirror_del,
.port_max_mtu = lan937x_get_max_mtu,
.port_change_mtu = lan937x_change_mtu,
.phylink_get_caps = lan937x_phylink_get_caps,
--
2.33.0
Powered by blists - more mailing lists