lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 8 Jul 2016 02:34:22 +1000
From:	Gavin Shan <gwshan@...ux.vnet.ibm.com>
To:	Or Gerlitz <gerlitz.or@...il.com>
Cc:	Benjamin Herrenschmidt <benh@...nel.crashing.org>,
	Alexei Starovoitov <alexei.starovoitov@...il.com>,
	Gavin Shan <gwshan@...ux.vnet.ibm.com>,
	Linux Netdev List <netdev@...r.kernel.org>,
	David Miller <davem@...emloft.net>, joel@....id.au,
	weixue@...stnetic.com, Yuval Itkin <yuvali@...lanox.com>
Subject: Re: [PATCH net-next 00/10] NCSI Support

On Thu, Jul 07, 2016 at 04:44:02PM +0300, Or Gerlitz wrote:
>On Thu, Jul 7, 2016 at 12:17 PM, Benjamin Herrenschmidt
><benh@...nel.crashing.org> wrote:
>> On Thu, 2016-07-07 at 12:12 +0300, Or Gerlitz wrote:
>>> On Tue, Jul 5, 2016 at 8:44 PM, Alexei Starovoitov
>>> <alexei.starovoitov@...il.com> wrote:
>>> > On Mon, Jul 04, 2016 at 01:03:06AM +0300, Or Gerlitz wrote:
>>>
>>> > Or, since cx4 has ncsi as well, could you do a thorough review of this
>>> > to make sure that it fits mellanox nics as well?
>>>
>>> Hi Alexei, all
>>>
>>> Yuval from our team who deals with host management did review on the
>>> series, SB his feedback.
>>>
>>> 1. The initialization uses a single unicast MAC address which hints it
>>> assumes that the management traffic is IPv4 only. The infrastructure
>>> does not seem to be ready for IPv6 based management traffic.
>>
>> You mean the transfer of the MAC address from the BMC to the NIC for
>> filtering incoming traffic ?
>
>The initialization sequence uses "Set MAC Command" once and
>initializes MAC[1] in the chosen NC-SI pass-through channel.
>If IPv6 is used, then the BMC multicast address (derived from the
>assigned IP address to the BMC) shall also be configured (after the IP
>address is assigned), and some multicast filtering shall be set as
>well.
>

Or, Thanks for the explanation. I think they are the multicast
MAC addresses (33:33:00:00:00:01/02/03)? I guess sending a Global
Multicast Filter Command is enough according to the NCSI spec
(line 2062 on page 93):

The Enable Global Multicast Filter command is used to activate global
filtering of multicast frames with optional filtering of specific multicast
protocols. Upon receiving and processing this command, the channel shall only
deliver multicast frames that match specific multicast MAC addresses enabled
for Pass through using this command ___or___ the Set MAC Address command.

Thanks,
Gavin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ