lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 May 2019 00:34:32 +0200
From:   Andrew Lunn <andrew@...n.ch>
To:     Hauke Mehrtens <hauke@...ke-m.de>
Cc:     davem@...emloft.net, vivien.didelot@...il.com,
        f.fainelli@...il.com, netdev@...r.kernel.org
Subject: Re: [PATCH 2/5] net: dsa: lantiq: Add VLAN unaware bridge offloading

On Wed, May 01, 2019 at 10:45:03PM +0200, Hauke Mehrtens wrote:

Hi Hauke

/* Add the LAN port into a bridge with the CPU port by
> + * default. This prevents automatic forwarding of
> + * packages between the LAN ports when no explicit
> + * bridge is configured.
> + */
> +static int gswip_add_signle_port_br(struct gswip_priv *priv, int port, bool add)

single ?

> +{
> +	struct gswip_pce_table_entry vlan_active = {0,};
> +	struct gswip_pce_table_entry vlan_mapping = {0,};
> +	unsigned int cpu_port = priv->hw_info->cpu_port;
> +	unsigned int max_ports = priv->hw_info->max_ports;
> +	int err;
> +
> +	if (port >= max_ports) {
> +		dev_err(priv->dev, "single port for %i supported\n", port);
> +		return -EIO;
> +	}
> +
> +	vlan_active.index = port + 1;

>  
> +static int gswip_vlan_active_create(struct gswip_priv *priv,
> +				    struct net_device *bridge,
> +				    int fid, u16 vid)
> +{
> +	struct gswip_pce_table_entry vlan_active = {0,};
> +	unsigned int max_ports = priv->hw_info->max_ports;
> +	int idx = -1;
> +	int err;
> +	int i;
> +
> +	/* Look for a free slot */
> +	for (i = max_ports; i < ARRAY_SIZE(priv->vlans); i++) {
> +		if (!priv->vlans[i].bridge) {
> +			idx = i;
> +			break;
> +		}
> +	}

> +static int gswip_vlan_add_unaware(struct gswip_priv *priv,
> +				  struct net_device *bridge, int port)
> +{
> +	struct gswip_pce_table_entry vlan_mapping = {0,};
> +	unsigned int max_ports = priv->hw_info->max_ports;
> +	unsigned int cpu_port = priv->hw_info->cpu_port;
> +	bool active_vlan_created = false;
> +	int idx = -1;
> +	int i;
> +	int err;
> +
> +	/* Check if there is already a page for this bridge */
> +	for (i = max_ports; i < ARRAY_SIZE(priv->vlans); i++) {
> +		if (priv->vlans[i].bridge == bridge) {
> +			idx = i;
> +			break;
> +		}
> +	}

If i understand this correctly, VLANs 1 to max_ports are used for when
a port is not a member of a bridge. When a port is added to a bridge,
an unused vlan is allocated to the bridge.

You could however reuse the port VLANs.  When the 1st port joins a
bridge, it keeps its VLAN ID, but the bridge is associated to the
port. When the 2nd, 3rd, 4rd port joins the bridge, use the VLAN from
the 1st port.

It gets messy when ports leave. If the 1st port is not the last to
leave, you need to modify the VLAN ID to a port which is still a
member of the bridge.

What you have here is simple, but if you think VLANs are valuable,
this scheme can save you some VLANS, but at the expense of a bit of
extra code complexity.

     Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ