| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251209212841.upskgi5dphsmkrpi@skbuf> Date: Tue, 9 Dec 2025 23:28:41 +0200 From: Vladimir Oltean <olteanv@...il.com> To: "Lad, Prabhakar" <prabhakar.csengg@...il.com> Cc: Clément Léger <clement.leger@...tlin.com>, Andrew Lunn <andrew@...n.ch>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Rob Herring <robh@...nel.org>, Krzysztof Kozlowski <krzk+dt@...nel.org>, Conor Dooley <conor+dt@...nel.org>, Simon Horman <horms@...nel.org>, Philipp Zabel <p.zabel@...gutronix.de>, Russell King <linux@...linux.org.uk>, Geert Uytterhoeven <geert+renesas@...der.be>, Magnus Damm <magnus.damm@...il.com>, linux-renesas-soc@...r.kernel.org, netdev@...r.kernel.org, devicetree@...r.kernel.org, linux-kernel@...r.kernel.org, Biju Das <biju.das.jz@...renesas.com>, Fabrizio Castro <fabrizio.castro.jz@...esas.com>, Lad Prabhakar <prabhakar.mahadev-lad.rj@...renesas.com> Subject: Re: [PATCH net-next 09/11] net: dsa: rzn1-a5psw: Add support for management port frame length adjustment On Tue, Dec 09, 2025 at 04:02:19PM +0000, Lad, Prabhakar wrote: > > In the next change you set this to 40. What's the reason behind such a > > high value (need to set the management port A5PSW_FRM_LENGTH value to > > 1574 bytes to pass L2 payload of 1500 bytes)? It sounds like this needs > > to be called out more clearly for what it is - a hardware bug. > > > Regarding the question about the relatively large adjustment value: > according to the hardware manual, > “Set the FRM_LENGTH register in port 3 (CPU port) to more than or > equal to the initial value. When you want to limit the frame length of > the received frame, use FRM_LENGTH registers in port 0 to port 2.” > > In practice, with the default MTU (i.e. without applying the +40-byte > adjustment), RX traffic operates correctly. For example, running > iperf3 in reverse mode shows no issues, and frames are received > without errors. However, in the forward direction (TX from the CPU > port), throughput drops to zero and iperf3 fails. > > When the MTU of the CPU-facing interface is increased (e.g. ip link > set lan0 mtu 1540), "lan0" isn't a typical name for a CPU-facing interface. Do you mean that the primary action is that you increase the MTU of a user port, and the FRM_LENGTH of the CPU port is implicitly readjusted by the driver as well (to 1540 + ETH_HLEN + A5PSW_EXTRA_MTU_LEN + ETH_FCS_LEN)? This isn't actually bringing new data, because unless you also increase the MTU of the other iperf3 device to 1540, the TCP MSS will still be calculated as if the MTU were 1500, and you won't be making use of larger packet sizes on the wire. On the contrary, you are introducing one extra variable into the equation: with this test you are also increasing the stmmac MTU, which you later clarify that by itself it doesn't change the outcome. > TX traffic immediately starts working correctly. > Likewise, increasing the FRM_LENGTH on the switch side for the CPU > port resolves the problem, which indicates that the frame length > configuration on this port is directly involved. So increasing FRM_LENGTH is the only factor that alters the outcome. > Given this behaviour, it appears that the management (CPU) port > requires additional headroom to successfully transmit frames, even > though RX succeeds without it. The STMMAC driver is used as the > controller driver for the management port, we are trying to determine > whether there is any known interaction, alignment constraint, or > undocumented overhead that would explain the need for this extra > margin. > > Could you please advise on how to handle this issue? Have you verified that the value you need to add to FRM_LENGTH is linear for MTU values above 1500? I.e. that at MTU values of 1510, 1520, 1540, 2000, ..., you always need to add 40 additional octets to FRM_LENGTH on top of the ETH_HLEN + A5PSW_EXTRA_MTU_LEN + ETH_FCS_LEN extra that the driver is already adding, and no less? One other thing to look at is to send known-size Ethernet frames using mausezahn or ping over lan0, run ethtool -S on the eth0 stmmac interface (this will also capture the switch's CPU port statistics counters) and see by how many octets does the aOctetsReceivedOK counter increment for a known size packet. Then, if you go oversize, look at the statistics counters and see which counter marks the drop. Maybe this will provide any clue. I don't have advice, but what you're saying seems highly unusual, doesn't have an explanation, and is not fully characterised.
Powered by blists - more mailing lists