lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 17 Apr 2008 14:25:18 -0700
From:	"Kok, Auke" <auke-jan.h.kok@...el.com>
To:	Joonwoo Park <joonwpark81@...il.com>
CC:	auke-jan.h.kok@...el.com, kaber@...sh.net, jeff@...zik.org,
	netdev@...r.kernel.org
Subject: Re: [PATCH 4/5] [E1000]: [VLAN] Turn off the HW vlan filter if promisc

Joonwoo Park wrote:
> If the netdev goes into mode promiscuous, receive all of the packets on
> the wire without HW filtering, those packets will be processed as type
> PACKET_OTHERHOST.
> 
> Signed-off-by: Joonwoo Park <joonwpark81@...il.com>


this is a repost afaics with the same idea as previous.

I however can't make sense out of what the consensus was in the discussion that
previously took place.

My techical objection against this patch is that it removes flexibility from the
admin to display only the particular vlan traffic. With this patch there is no
longer a way to sniff just one vlan and forget about the other traffic.

My logistical objection against this patch is that it adjusts only one/two drivers
to do something, but I don't see anything consistently in all the drivers at all
that suggest that this is the right thing to do at all. Either a mandate or
something suggesting that all drivers that do vlan filtering *should* do something
 specific in promiscuous mode.

Either it should be clear that all drivers should do the same thing (and you
should then adjust all the drivers and not just the one or two that you use, and
preferably in the stack if possible) or we leave this as is for all the drivers.

I think we should prevent wild growth like e.g. module parameters like
`vlan_tag_strip` in s2io (NO_STRIP_IN_PROMISC)... !

so I don't think this is a good idea.

Auke


> ---
>  drivers/net/e1000/e1000_main.c |   19 ++++++++++++++-----
>  1 files changed, 14 insertions(+), 5 deletions(-)
> 
> diff --git a/drivers/net/e1000/e1000_main.c b/drivers/net/e1000/e1000_main.c
> index 0991648..61965c2 100644
> --- a/drivers/net/e1000/e1000_main.c
> +++ b/drivers/net/e1000/e1000_main.c
> @@ -2495,7 +2495,7 @@ e1000_set_rx_mode(struct net_device *netdev)
>  	struct e1000_hw *hw = &adapter->hw;
>  	struct dev_addr_list *uc_ptr;
>  	struct dev_addr_list *mc_ptr;
> -	uint32_t rctl;
> +	uint32_t rctl, ctrl;
>  	uint32_t hash_value;
>  	int i, rar_entries = E1000_RAR_ENTRIES;
>  	int mta_reg_count = (hw->mac_type == e1000_ich8lan) ?
> @@ -2512,13 +2512,19 @@ e1000_set_rx_mode(struct net_device *netdev)
>  	/* Check for Promiscuous and All Multicast modes */
>  
>  	rctl = E1000_READ_REG(hw, RCTL);
> +	ctrl = E1000_READ_REG(hw, CTRL);
>  
>  	if (netdev->flags & IFF_PROMISC) {
>  		rctl |= (E1000_RCTL_UPE | E1000_RCTL_MPE);
> -	} else if (netdev->flags & IFF_ALLMULTI) {
> -		rctl |= E1000_RCTL_MPE;
> +		rctl &= ~E1000_RCTL_VFE;
>  	} else {
> -		rctl &= ~E1000_RCTL_MPE;
> +		if (ctrl & E1000_CTRL_VME &&
> +		    adapter->hw.mac_type != e1000_ich8lan)
> +			rctl |= E1000_RCTL_VFE;
> +		if (netdev->flags & IFF_ALLMULTI)
> +			rctl |= E1000_RCTL_MPE;
> +		else
> +			rctl &= ~E1000_RCTL_MPE;
>  	}
>  
>  	uc_ptr = NULL;
> @@ -5013,7 +5019,10 @@ e1000_vlan_rx_register(struct net_device *netdev, struct vlan_group *grp)
>  		if (adapter->hw.mac_type != e1000_ich8lan) {
>  			/* enable VLAN receive filtering */
>  			rctl = E1000_READ_REG(&adapter->hw, RCTL);
> -			rctl |= E1000_RCTL_VFE;
> +			if (netdev->flags & IFF_PROMISC)
> +				rctl &= ~E1000_RCTL_VFE;
> +			else
> +				rctl |= E1000_RCTL_VFE;
>  			rctl &= ~E1000_RCTL_CFIEN;
>  			E1000_WRITE_REG(&adapter->hw, RCTL, rctl);
>  			e1000_update_mng_vlan(adapter);

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists