lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZJA4fIH6vm9cO2VG@shredder>
Date:   Mon, 19 Jun 2023 14:14:04 +0300
From:   Ido Schimmel <idosch@...dia.com>
To:     r-gunasekaran@...com
Cc:     kuba@...nel.org, Nikolay Aleksandrov <razor@...ckwall.org>,
        Vladimir Oltean <olteanv@...il.com>,
        Ravi Gunasekaran <r-gunasekaran@...com>, davem@...emloft.net,
        edumazet@...gle.com, pabeni@...hat.com, bigeasy@...utronix.de,
        simon.horman@...igine.com, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, rogerq@...nel.org
Subject: Re: [PATCH v2 net-next] net: hsr: Disable promiscuous mode in
 offload mode

On Thu, Jun 15, 2023 at 10:37:36PM -0700, Jakub Kicinski wrote:
> On Wed, 14 Jun 2023 17:17:10 +0530 Ravi Gunasekaran wrote:
> > When port-to-port forwarding for interfaces in HSR node is enabled,
> > disable promiscuous mode since L2 frame forward happens at the
> > offloaded hardware.

It's not clear to me why you want to disable promiscuous mode. I'm not
familiar with HSR, but I assume you want the hardware to forward all the
packets between the two ports and not only specific DMACs.

How does the underlying device implement "promiscuous mode" that you
benefit from disabling it?

Thanks

> > 
> > Signed-off-by: Ravi Gunasekaran <r-gunasekaran@...com>
> > Reviewed-by: Simon Horman <simon.horman@...igine.com>
> 
> Bridge folks any thoughts on this? Is this the behavior bridge has 
> and if not should we try to align the two?
> 
> > Changes from v1:
> > ===============
> > * Changed the data type of "fwd_offloaded" from "unsigned int" to "bool"
> >   and moved it below "net_id" struct member as per Paolo's comment.
> > * Collected Reviewed-by tag from v1 patch.
> > 
> > v1: https://lore.kernel.org/all/20230612093933.13267-1-r-gunasekaran@ti.com/
> > 
> >  net/hsr/hsr_device.c |  5 +++++
> >  net/hsr/hsr_main.h   |  1 +
> >  net/hsr/hsr_slave.c  | 15 +++++++++++----
> >  3 files changed, 17 insertions(+), 4 deletions(-)
> > 
> > diff --git a/net/hsr/hsr_device.c b/net/hsr/hsr_device.c
> > index 5a236aae2366..306f942c3b28 100644
> > --- a/net/hsr/hsr_device.c
> > +++ b/net/hsr/hsr_device.c
> > @@ -531,6 +531,11 @@ int hsr_dev_finalize(struct net_device *hsr_dev, struct net_device *slave[2],
> >  	if (res)
> >  		goto err_add_master;
> >  
> > +	/* HSR forwarding offload supported in lower device? */
> > +	if ((slave[0]->features & NETIF_F_HW_HSR_FWD) &&
> > +	    (slave[1]->features & NETIF_F_HW_HSR_FWD))
> > +		hsr->fwd_offloaded = true;
> > +
> >  	res = register_netdevice(hsr_dev);
> >  	if (res)
> >  		goto err_unregister;
> > diff --git a/net/hsr/hsr_main.h b/net/hsr/hsr_main.h
> > index 5584c80a5c79..6851e33df7d1 100644
> > --- a/net/hsr/hsr_main.h
> > +++ b/net/hsr/hsr_main.h
> > @@ -208,6 +208,7 @@ struct hsr_priv {
> >  	u8 net_id;		/* for PRP, it occupies most significant 3 bits
> >  				 * of lan_id
> >  				 */
> > +	bool fwd_offloaded;	/* Forwarding offloaded to HW */
> >  	unsigned char		sup_multicast_addr[ETH_ALEN] __aligned(sizeof(u16));
> >  				/* Align to u16 boundary to avoid unaligned access
> >  				 * in ether_addr_equal
> > diff --git a/net/hsr/hsr_slave.c b/net/hsr/hsr_slave.c
> > index b70e6bbf6021..e5742f2a2d52 100644
> > --- a/net/hsr/hsr_slave.c
> > +++ b/net/hsr/hsr_slave.c
> > @@ -131,9 +131,14 @@ static int hsr_portdev_setup(struct hsr_priv *hsr, struct net_device *dev,
> >  	struct hsr_port *master;
> >  	int res;
> >  
> > -	res = dev_set_promiscuity(dev, 1);
> > -	if (res)
> > -		return res;
> > +	/* Don't use promiscuous mode for offload since L2 frame forward
> > +	 * happens at the offloaded hardware.
> > +	 */
> > +	if (!port->hsr->fwd_offloaded) {
> > +		res = dev_set_promiscuity(dev, 1);
> > +		if (res)
> > +			return res;
> > +	}
> >  
> >  	master = hsr_port_get_hsr(hsr, HSR_PT_MASTER);
> >  	hsr_dev = master->dev;
> > @@ -152,7 +157,9 @@ static int hsr_portdev_setup(struct hsr_priv *hsr, struct net_device *dev,
> >  fail_rx_handler:
> >  	netdev_upper_dev_unlink(dev, hsr_dev);
> >  fail_upper_dev_link:
> > -	dev_set_promiscuity(dev, -1);
> > +	if (!port->hsr->fwd_offloaded)
> > +		dev_set_promiscuity(dev, -1);
> > +
> >  	return res;
> >  }
> >  
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ