| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <IA3PR11MB89867D7081F88828EAC0E107E5D1A@IA3PR11MB8986.namprd11.prod.outlook.com> Date: Tue, 25 Nov 2025 08:52:53 +0000 From: "Loktionov, Aleksandr" <aleksandr.loktionov@...el.com> To: "Slepecki, Jakub" <jakub.slepecki@...el.com>, "intel-wired-lan@...ts.osuosl.org" <intel-wired-lan@...ts.osuosl.org> CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "Kitszel, Przemyslaw" <przemyslaw.kitszel@...el.com>, "Nguyen, Anthony L" <anthony.l.nguyen@...el.com>, "michal.swiatkowski@...ux.intel.com" <michal.swiatkowski@...ux.intel.com> Subject: RE: [PATCH iwl-next v2 5/8] ice: update mac,vlan rules when toggling between VEB and VEPA > -----Original Message----- > From: Slepecki, Jakub <jakub.slepecki@...el.com> > Sent: Tuesday, November 25, 2025 9:35 AM > To: intel-wired-lan@...ts.osuosl.org > Cc: linux-kernel@...r.kernel.org; netdev@...r.kernel.org; Kitszel, > Przemyslaw <przemyslaw.kitszel@...el.com>; Nguyen, Anthony L > <anthony.l.nguyen@...el.com>; michal.swiatkowski@...ux.intel.com; Slepecki, > Jakub <jakub.slepecki@...el.com>; Loktionov, Aleksandr > <aleksandr.loktionov@...el.com> > Subject: [PATCH iwl-next v2 5/8] ice: update mac,vlan rules when toggling > between VEB and VEPA > > When changing into VEPA mode MAC rules are modified to forward all traffic > to the wire instead of allowing some packets to go into the loopback. > MAC,VLAN rules may and will also be used to forward loopback traffic in VEB, > so when we switch to VEPA, we want them to behave similarly to MAC-only > rules. > > ice_vsi_update_bridge_mode() will now attempt a rollback of switch filters > in case an update fails. If the rollback also fails, we will now return the > rollback error instead of the initial error. > > Signed-off-by: Jakub Slepecki <jakub.slepecki@...el.com> > > --- > Testing hints: > MAC,VLAN rules are created only if entire series is applied. > The easiest way to test that rules were adjusted is to run traffic > and observe what packets are sent to LAN. VEPA is expected to behave > same as before the series. VEB is expected to (a) behave like VEPA > if loopback traffic would cross VLANs, or (b) behave as before. > Traffic from/to external hosts is expected to remain unchanged. > Better to provide exact bash commands. Reviewed-by: Aleksandr Loktionov <aleksandr.loktionov@...el.com> > Dropping reviewed-by MichaĆ due to changes. > > Changes in v2: > - Close open parenthesis in ice_vsi_update_bridge_mode() description. > - Explain returns in ice_vsi_update_bridge_mode(). > --- > drivers/net/ethernet/intel/ice/ice_main.c | 48 +++++++++++++++++---- > drivers/net/ethernet/intel/ice/ice_switch.c | 8 ++-- > drivers/net/ethernet/intel/ice/ice_switch.h | 3 +- > 3 files changed, 46 insertions(+), 13 deletions(-) >
Powered by blists - more mailing lists