lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 3 May 2019 19:10:49 -0700
From:   Florian Fainelli <f.fainelli@...il.com>
To:     Vladimir Oltean <olteanv@...il.com>, vivien.didelot@...il.com,
        andrew@...n.ch, davem@...emloft.net
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next 8/9] net: dsa: sja1105: Add support for Spanning
 Tree Protocol



On 5/3/2019 6:18 PM, Vladimir Oltean wrote:
> While not explicitly documented as supported in UM10944, compliance with
> the STP states can be obtained by manipulating 3 settings at the
> (per-port) MAC config level: dynamic learning, inhibiting reception of
> regular traffic, and inhibiting transmission of regular traffic.
> 
> In all these modes, transmission and reception of special BPDU frames
> from the stack is still enabled (not inhibited by the MAC-level
> settings).
> 
> On ingress, BPDUs are classified by the MAC filter as link-local
> (01-80-C2-00-00-00) and forwarded to the CPU port.  This mechanism works
> under all conditions (even without the custom 802.1Q tagging) because
> the switch hardware inserts the source port and switch ID into bytes 4
> and 5 of the MAC-filtered frames. Then the DSA .rcv handler needs to put
> back zeroes into the MAC address after decoding the source port
> information.
> 
> On egress, BPDUs are transmitted using management routes from the xmit
> worker thread. Again this does not require switch tagging, as the switch
> port is programmed through SPI to hold a temporary (single-fire) route
> for a frame with the programmed destination MAC (01-80-C2-00-00-00).
> 
> STP is activated using the following commands and was tested by
> connecting two front-panel ports together and noticing that switching
> loops were prevented (one port remains in the blocking state):
> 
> $ ip link add name br0 type bridge stp_state 1 && ip link set br0 up
> $ for eth in $(ls /sys/devices/platform/soc/2100000.spi/spi_master/spi0/spi0.1/net/);
>   do ip link set ${eth} master br0 && ip link set ${eth} up; done
> 
> Signed-off-by: Vladimir Oltean <olteanv@...il.com>
> Reviewed-by: Andrew Lunn <andrew@...n.ch>

Reviewed-by: Florian Fainelli <f.fainelli@...il.com>
-- 
Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ