lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 20 Dec 2018 19:42:22 +0000
From:   Ido Schimmel <idosch@...lanox.com>
To:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC:     "davem@...emloft.net" <davem@...emloft.net>,
        Jiri Pirko <jiri@...lanox.com>,
        Petr Machata <petrm@...lanox.com>, mlxsw <mlxsw@...lanox.com>,
        Ido Schimmel <idosch@...lanox.com>
Subject: [PATCH net-next 00/11] mlxsw: Two usability improvements

This patchset contains two small improvements in the mlxsw driver. The
first one, in patches #1-#2, relieves the user from the need to
configure a VLAN interface and only later the corresponding VXLAN
tunnel. The issue is explained in detail in the first patch.

The second improvement is described below and allows the user to make
use of VID 1 by having the driver use the reserved 4095 VID for untagged
traffic.

VLAN entries on a given port can be associated with either a bridge or a
router. For example, if swp1.10 is assigned an IP address and swp1.20 is
enslaved to a VLAN-unaware bridge, then both {Port 1, VID 10} and {Port
1, VID 20} would be associated with a filtering identifier (FID) of the
correct type.

In case swp1 itself is assigned an IP address or enslaved to a
VLAN-unaware bridge, then a FID would be associated with {Port 1, VID
1}. Using VID 1 for this purpose means that VLAN devices with VID 1
cannot be created over mlxsw ports, as this VID is (ab)used as the
default VLAN.

Instead of using VID 1 for this purpose, we can use VID 4095 which is
reserved for internal use and cannot be configured by either the 8021q
or the bridge driver.

Patches #3-#7 perform small and non-functional changes that finally
allow us to switch to VID 4095 as the default VID in patch #8.

Patch #9 removes the limitation about creation of VLAN devices with VID
1 over mlxsw ports.

Patches #10-#11 add test cases.

Ido Schimmel (11):
  mlxsw: spectrum_router: Do not force specific configuration order
  selftests: mlxsw: Add a test case for L3 VNI
  mlxsw: spectrum: Replace hard-coded default VID with a define
  mlxsw: spectrum: Set PVID during port initialization
  mlxsw: spectrum: Allow controlling destruction of default port VLAN
  mlxsw: spectrum: Store pointer to default port VLAN in port struct
  mlxsw: spectrum: Add an helper function to cleanup VLAN entries
  mlxsw: spectrum: Switch to VID 4095 as default VID
  mlxsw: spectrum: Remove limitation regarding VID 1
  selftests: mlxsw: Adjust test regarding VID 1
  selftests: forwarding: Add router test with VID 1

 .../net/ethernet/mellanox/mlxsw/spectrum.c    |  63 ++++----
 .../net/ethernet/mellanox/mlxsw/spectrum.h    |   7 +
 .../ethernet/mellanox/mlxsw/spectrum_router.c |  16 ++-
 .../mellanox/mlxsw/spectrum_switchdev.c       |  34 +++--
 .../selftests/drivers/net/mlxsw/rtnetlink.sh  |  13 +-
 .../selftests/drivers/net/mlxsw/vxlan.sh      |  60 ++++++++
 .../selftests/net/forwarding/router_vid_1.sh  | 135 ++++++++++++++++++
 7 files changed, 279 insertions(+), 49 deletions(-)
 create mode 100755 tools/testing/selftests/net/forwarding/router_vid_1.sh

-- 
2.20.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ