[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <580f6bd5ee7df0c8f0c7623a5b213d8f@kapio-technology.com>
Date: Tue, 06 Dec 2022 17:36:42 +0100
From: netdev@...io-technology.com
To: Ido Schimmel <idosch@...sch.org>
Cc: davem@...emloft.net, kuba@...nel.org, netdev@...r.kernel.org,
Andrew Lunn <andrew@...n.ch>,
Florian Fainelli <f.fainelli@...il.com>,
Vladimir Oltean <olteanv@...il.com>,
Eric Dumazet <edumazet@...gle.com>,
Paolo Abeni <pabeni@...hat.com>,
open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH net-next 3/3] net: dsa: mv88e6xxx: mac-auth/MAB
implementation
On 2022-12-06 13:53, Ido Schimmel wrote:
> On Mon, Dec 05, 2022 at 07:59:08PM +0100, Hans J. Schultz wrote:
>> This implementation for the Marvell mv88e6xxx chip series, is based on
>> handling ATU miss violations occurring when packets ingress on a port
>> that is locked with learning on. This will trigger a
>> SWITCHDEV_FDB_ADD_TO_BRIDGE event, which will result in the bridge
>> module
>> adding a locked FDB entry. This bridge FDB entry will not age out as
>> it has the extern_learn flag set.
>>
>> Userspace daemons can listen to these events and either accept or deny
>> access for the host, by either replacing the locked FDB entry with a
>> simple entry or leave the locked entry.
>>
>> If the host MAC address is already present on another port, a ATU
>> member violation will occur, but to no real effect.
>
> And the packet will be dropped in hardware, right?
Every packet that enters a locked port and does not have a matching ATU
entry on the port will be dropped (in HW) afaik.
>> ---
>
> The changelog from previous versions is missing.
>
I am afraid because I made a mistake with the version string last, this
should be regarded as a first. Therefore no changelog.
>> err = mv88e6xxx_g1_atu_mac_read(chip, &entry);
>> if (err)
>> - goto out;
>> + goto out_unlock;
>> +
>> + mv88e6xxx_reg_unlock(chip);
>
> I was under the impression that we agreed that the locking change will
> be split to a separate patch.
>
Sorry, I guess that because of the quite long time that has passed as I
needed to get this FID=0 issue sorted out, and had many other different
changes to attend, I forgot. I see an updated version is needed anyhow,
so I will do it there.
>>
>> spid = entry.state;
Powered by blists - more mailing lists