lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <d9c279f8-d2b1-c99f-fa30-b4810bd7b293@gmail.com> Date: Fri, 3 May 2019 19:10:49 -0700 From: Florian Fainelli <f.fainelli@...il.com> To: Vladimir Oltean <olteanv@...il.com>, vivien.didelot@...il.com, andrew@...n.ch, davem@...emloft.net Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH net-next 8/9] net: dsa: sja1105: Add support for Spanning Tree Protocol On 5/3/2019 6:18 PM, Vladimir Oltean wrote: > While not explicitly documented as supported in UM10944, compliance with > the STP states can be obtained by manipulating 3 settings at the > (per-port) MAC config level: dynamic learning, inhibiting reception of > regular traffic, and inhibiting transmission of regular traffic. > > In all these modes, transmission and reception of special BPDU frames > from the stack is still enabled (not inhibited by the MAC-level > settings). > > On ingress, BPDUs are classified by the MAC filter as link-local > (01-80-C2-00-00-00) and forwarded to the CPU port. This mechanism works > under all conditions (even without the custom 802.1Q tagging) because > the switch hardware inserts the source port and switch ID into bytes 4 > and 5 of the MAC-filtered frames. Then the DSA .rcv handler needs to put > back zeroes into the MAC address after decoding the source port > information. > > On egress, BPDUs are transmitted using management routes from the xmit > worker thread. Again this does not require switch tagging, as the switch > port is programmed through SPI to hold a temporary (single-fire) route > for a frame with the programmed destination MAC (01-80-C2-00-00-00). > > STP is activated using the following commands and was tested by > connecting two front-panel ports together and noticing that switching > loops were prevented (one port remains in the blocking state): > > $ ip link add name br0 type bridge stp_state 1 && ip link set br0 up > $ for eth in $(ls /sys/devices/platform/soc/2100000.spi/spi_master/spi0/spi0.1/net/); > do ip link set ${eth} master br0 && ip link set ${eth} up; done > > Signed-off-by: Vladimir Oltean <olteanv@...il.com> > Reviewed-by: Andrew Lunn <andrew@...n.ch> Reviewed-by: Florian Fainelli <f.fainelli@...il.com> -- Florian
Powered by blists - more mailing lists