lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20170920141516.1402-1-jiri@resnulli.us>
Date:   Wed, 20 Sep 2017 16:15:00 +0200
From:   Jiri Pirko <jiri@...nulli.us>
To:     netdev@...r.kernel.org
Cc:     davem@...emloft.net, nogahf@...lanox.com, idosch@...lanox.com,
        mlxsw@...lanox.com
Subject: [patch net-next 00/16] mlxsw: Multicast flood update

From: Jiri Pirko <jiri@...lanox.com>

Nogah says:

Currently, there are four erroneous flows in MC flood:
1. When MC is disabled it affects only the flood table for unregistered
   MC packets, but packets that match an entry in the MDB are unaffected.
2. When MC is disabled, MC packets are being sent to all the ports in the
   bridge (like BC and link-local MC packets) regardless of the designated
   flag (BR_MCAST_FLAG).
3. When a port is being deleted from a bridge it might remain in the MDB.
4. When MC is enabled packets are flooded to the mrouter ports only if
   they don't match any entry in the MDB, when they should always be
   flooded to them.

What these problems have in common is the discrepancy between how the
hardware handles MDB and mcast flood, and how the driver does it. Each
of these problems needs fixing either in the MDB code, or in mcast flood
code, and some in both.

Patches 1-6 change the way the MDB is handled in the driver to make the
following changes easier.
Patches 7-8 fix problem number 1 by removing the MDB from the HW when MC
is being disabled and restoring it when it is being enabled.
Patches 9-10 fix problem number 2 by offloading the flood table by the
appropriate flag.
Patch 11 fixes problem number 3 by adding MDB flush to the port removal.
Patches 12-14 fix problem number 4 by adding the mrouter ports to every
MDB entry in the HW to mimic the wanted behaviour.

Nogah Frankel (16):
  mlxsw: spectrum_switchdev: Change mc_router to mrouter
  mlxsw: spectrum_switchdev: Add a ports bitmap to the mid db
  mlxsw: spectrum_switchdev: Remove reference count from mid
  mlxsw: spectrum_switchdev: Save mids list per bridge device
  mlxsw: spectrum_switchdev: Break smid write function
  mlxsw: spectrum_switchdev: Attach mid id allocation to HW write
  mlxsw: spectrum_switchdev: Break mid deletion into two function
  mlxsw: spectrum_switchdev: Don't write mids to the HW when mc is
    disabled
  mlxsw: spectrum_switchdev: Disable mdb when mc is disabled
  mlxsw: spectrum_switchdev: Use generic mc flood function
  mlxsw: spectrum_switchdev: Flood mc when mc is disabled by user flag
  mlxsw: spectrum_switchdev: Flush the mdb when a port is being removed
  mlxsw: spectrum_switchdev: Flood all mc packets to mrouter ports
  mlxsw: spectrum_switchdev: Update the mdb of mrouter port change
  mlxsw: spectrum_switchdev: Remove mrouter flood in mdb flush
  mlxsw: spectrum_switchdev: Consider mrouter status for mdb changes

 drivers/net/ethernet/mellanox/mlxsw/spectrum.h     |   3 +-
 .../ethernet/mellanox/mlxsw/spectrum_switchdev.c   | 417 ++++++++++++++++-----
 2 files changed, 323 insertions(+), 97 deletions(-)

-- 
2.9.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ