lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d8cf61e5-2c56-4c48-9cf3-fd54754c3816@ti.com>
Date: Thu, 24 Oct 2024 20:40:28 +0530
From: "Anwar, Md Danish" <a0501179@...com>
To: Vadim Fedorenko <vadim.fedorenko@...ux.dev>,
        MD Danish Anwar
	<danishanwar@...com>, <geliang@...nel.org>,
        <liuhangbin@...il.com>, <dan.carpenter@...aro.org>, <jiri@...nulli.us>,
        <n.zhandarovich@...tech.ru>, <aleksander.lobakin@...el.com>,
        <lukma@...x.de>, <horms@...nel.org>, <jan.kiszka@...mens.com>,
        <diogo.ivo@...mens.com>, <shuah@...nel.org>, <pabeni@...hat.com>,
        <kuba@...nel.org>, <edumazet@...gle.com>, <davem@...emloft.net>,
        <andrew+netdev@...n.ch>
CC: <linux-kselftest@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <netdev@...r.kernel.org>, <linux-arm-kernel@...ts.infradead.org>,
        <srk@...com>, Vignesh Raghavendra <vigneshr@...com>,
        Roger Quadros
	<rogerq@...nel.org>, <m-malladi@...com>
Subject: Re: [PATCH net-next v2 2/4] net: hsr: Add VLAN CTAG filter support

Hi Vadim,

On 10/24/2024 7:06 PM, Vadim Fedorenko wrote:
> On 24/10/2024 11:30, MD Danish Anwar wrote:
>> From: Murali Karicheri <m-karicheri2@...com>
>>
>> This patch adds support for VLAN ctag based filtering at slave devices.
>> The slave ethernet device may be capable of filtering ethernet packets
>> based on VLAN ID. This requires that when the VLAN interface is created
>> over an HSR/PRP interface, it passes the VID information to the
>> associated slave ethernet devices so that it updates the hardware
>> filters to filter ethernet frames based on VID. This patch adds the
>> required functions to propagate the vid information to the slave
>> devices.
>>
>> Signed-off-by: Murali Karicheri <m-karicheri2@...com>
>> Signed-off-by: MD Danish Anwar <danishanwar@...com>
>> ---
>>   net/hsr/hsr_device.c | 71 +++++++++++++++++++++++++++++++++++++++++++-
>>   1 file changed, 70 insertions(+), 1 deletion(-)
>>
>> diff --git a/net/hsr/hsr_device.c b/net/hsr/hsr_device.c
>> index 0ca47ebb01d3..ff586bdc2bde 100644
>> --- a/net/hsr/hsr_device.c
>> +++ b/net/hsr/hsr_device.c
>> @@ -515,6 +515,68 @@ static void hsr_change_rx_flags(struct net_device
>> *dev, int change)
>>       }
>>   }
>>   +static int hsr_ndo_vlan_rx_add_vid(struct net_device *dev,
>> +                   __be16 proto, u16 vid)
>> +{
>> +    struct hsr_port *port;
>> +    struct hsr_priv *hsr;
>> +    int ret = 0;
>> +
>> +    hsr = netdev_priv(dev);
>> +
>> +    hsr_for_each_port(hsr, port) {
>> +        if (port->type == HSR_PT_MASTER)
>> +            continue;
>> +
>> +        ret = vlan_vid_add(port->dev, proto, vid);
>> +        switch (port->type) {
>> +        case HSR_PT_SLAVE_A:
>> +            if (ret) {
>> +                netdev_err(dev, "add vid failed for Slave-A\n");
>> +                return ret;
>> +            }
>> +            break;
>> +
>> +        case HSR_PT_SLAVE_B:
>> +            if (ret) {
>> +                /* clean up Slave-A */
>> +                netdev_err(dev, "add vid failed for Slave-B\n");
>> +                vlan_vid_del(port->dev, proto, vid);
>> +                return ret;
>> +            }
>> +            break;
>> +        default:
>> +            break;
>> +        }
>> +    }
>> +
>> +    return 0;
>> +}
> 
> This function doesn't match with hsr_ndo_vlan_rx_kill_vid().
> vlan_vid_add() can potentially be executed for port->type
> equals to HSR_PT_INTERLINK, but the result will be ignored. And
> the vlan_vid_del() will never happen in this case. Is it desired
> behavior? Maybe it's better to synchronize add/del code and refactor
> error path to avoid coping the code?
> 

The kill_vid / add_vid is not similar because during add_vid, if
vlan_vid_add() succeeds for one port but fails for other, we need to
delete it for the earlier port. We can only continue if vlan_vid_add()
succeeds for both ports. That's the reason the switch case handling of
add_vid can not match the same for kill_vid. Since cleanup of port is
needed, it's not possible to synchronize add/kill code

We only care about HSR_PT_SLAVE_A and HSR_PT_SLAVE_B here. So it's okay
to ignore HSR_PT_INTERLINK. It's a desired behaviour here.

>> +
>> +static int hsr_ndo_vlan_rx_kill_vid(struct net_device *dev,
>> +                    __be16 proto, u16 vid)
>> +{
>> +    struct hsr_port *port;
>> +    struct hsr_priv *hsr;
>> +
>> +    hsr = netdev_priv(dev);
>> +
>> +    hsr_for_each_port(hsr, port) {
>> +        if (port->type == HSR_PT_MASTER)
>> +            continue;
>> +        switch (port->type) {
>> +        case HSR_PT_SLAVE_A:
>> +        case HSR_PT_SLAVE_B:
>> +            vlan_vid_del(port->dev, proto, vid);
>> +            break;
>> +        default:
>> +            break;
>> +        }
>> +    }
>> +
>> +    return 0;
>> +}
>> +
>>   static const struct net_device_ops hsr_device_ops = {
>>       .ndo_change_mtu = hsr_dev_change_mtu,
>>       .ndo_open = hsr_dev_open,
>> @@ -523,6 +585,8 @@ static const struct net_device_ops hsr_device_ops = {
>>       .ndo_change_rx_flags = hsr_change_rx_flags,
>>       .ndo_fix_features = hsr_fix_features,
>>       .ndo_set_rx_mode = hsr_set_rx_mode,
>> +    .ndo_vlan_rx_add_vid = hsr_ndo_vlan_rx_add_vid,
>> +    .ndo_vlan_rx_kill_vid = hsr_ndo_vlan_rx_kill_vid,
>>   };
>>     static const struct device_type hsr_type = {
>> @@ -569,7 +633,8 @@ void hsr_dev_setup(struct net_device *dev)
>>         dev->hw_features = NETIF_F_SG | NETIF_F_FRAGLIST |
>> NETIF_F_HIGHDMA |
>>                  NETIF_F_GSO_MASK | NETIF_F_HW_CSUM |
>> -               NETIF_F_HW_VLAN_CTAG_TX;
>> +               NETIF_F_HW_VLAN_CTAG_TX |
>> +               NETIF_F_HW_VLAN_CTAG_FILTER;
>>         dev->features = dev->hw_features;
>>   }
>> @@ -647,6 +712,10 @@ int hsr_dev_finalize(struct net_device *hsr_dev,
>> struct net_device *slave[2],
>>           (slave[1]->features & NETIF_F_HW_HSR_FWD))
>>           hsr->fwd_offloaded = true;
>>   +    if ((slave[0]->features & NETIF_F_HW_VLAN_CTAG_FILTER) &&
>> +        (slave[1]->features & NETIF_F_HW_VLAN_CTAG_FILTER))
>> +        hsr_dev->features |= NETIF_F_HW_VLAN_CTAG_FILTER;
>> +
>>       res = register_netdevice(hsr_dev);
>>       if (res)
>>           goto err_unregister;
> 

-- 
Thanks and Regards,
Md Danish Anwar

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ