lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 11 Mar 2018 09:44:39 +0200 From: Ido Schimmel <idosch@...lanox.com> To: netdev@...r.kernel.org Cc: davem@...emloft.net, petrm@...lanox.com, jiri@...lanox.com, dsahern@...il.com, mlxsw@...lanox.com, Ido Schimmel <idosch@...lanox.com> Subject: [PATCH net-next 0/3] mlxsw: Removing dependency of mlxsw on GRE Petr says: mlxsw_spectrum supports offloading of a tc action mirred egress mirror to a gretap or ip6gretap netdevice, which necessitates calls to functions defined in ip_gre, ip6_gre and ip6_tunnel modules. Previously this was enabled by introducing a hard dependency of MLXSW_SPECTRUM on NET_IPGRE and IPV6_GRE. However the rest of mlxsw is careful about picking which modules are absolutely required, and therefore the better approach is to make mlxsw_spectrum tolerant of absence of one or both of the GRE flavors. One way this might be resolved is by keeping the code in mlxsw_spectrum intact, and defining defaults for functions that mlxsw_spectrum depends on. The downsides are that other modules end up littered with these do-nothing defaults; that the driver ends up carrying quite a bit of dead code; and that the driver ends up having to explicitly depend on IPV6_TUNNEL to prevent configurations where mlxsw_spectrum is compiled in and and ip6_tunnel is a module, something that it currently can treat as an implementation detail of the IPV6_GRE dependency. Alternatively, the driver should just bite the bullet and ifdef-out the code that handles configurations that are not supported. Since that's what we are doing for IPv6 dependency, let's do the same for the GRE flavors. Patch #1 introduces a wrapper function for determining the value of ipv6.sysctl.multipath_hash_policy, which defaults to 0 on non-IPv6 builds. That function is then used from spectrum_router.c, instead of the direct variable reference that was introduced there during the short window when the Spectrum driver had a hard dependency on IPv6. Patch #2 moves one function to keep together in one block all the callbacks for handling (IPv4) gretap mirroring. Patch #3 then introduces the ifdefs to hide the irrelevant code. Petr Machata (3): net: ipv6: Introduce ip6_multipath_hash_policy() mlxsw: spectrum: Move mlxsw_sp_span_gretap4_route() mlxsw: spectrum: Don't depend on ip_gre and ip6_gre drivers/net/ethernet/mellanox/mlxsw/Kconfig | 6 +- .../net/ethernet/mellanox/mlxsw/spectrum_router.c | 2 +- .../net/ethernet/mellanox/mlxsw/spectrum_span.c | 76 ++++++++++++---------- include/net/ipv6.h | 11 ++++ 4 files changed, 56 insertions(+), 39 deletions(-) -- 2.14.3
Powered by blists - more mailing lists