lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 14 Aug 2019 04:56:26 +0000
From:   "Y.b. Lu" <yangbo.lu@....com>
To:     "Allan W . Nielsen" <allan.nielsen@...rochip.com>,
        Andrew Lunn <andrew@...n.ch>
CC:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "David S . Miller" <davem@...emloft.net>,
        Alexandre Belloni <alexandre.belloni@...tlin.com>,
        Microchip Linux Driver Support <UNGLinuxDriver@...rochip.com>
Subject: RE: [v2, 4/4] ocelot: add VCAP IS2 rule to trap PTP Ethernet frames

Hi Allan,

> -----Original Message-----
> From: Allan W . Nielsen <allan.nielsen@...rochip.com>
> Sent: Tuesday, August 13, 2019 2:25 PM
> To: Y.b. Lu <yangbo.lu@....com>
> Cc: netdev@...r.kernel.org; David S . Miller <davem@...emloft.net>;
> Alexandre Belloni <alexandre.belloni@...tlin.com>; Microchip Linux Driver
> Support <UNGLinuxDriver@...rochip.com>
> Subject: Re: [v2, 4/4] ocelot: add VCAP IS2 rule to trap PTP Ethernet frames
> 
> The 08/13/2019 10:52, Yangbo Lu wrote:
> > All the PTP messages over Ethernet have etype 0x88f7 on them.
> > Use etype as the key to trap PTP messages.
> >
> > Signed-off-by: Yangbo Lu <yangbo.lu@....com>
> > ---
> > Changes for v2:
> > 	- Added this patch.
> > ---
> >  drivers/net/ethernet/mscc/ocelot.c | 28 ++++++++++++++++++++++++++++
> >  1 file changed, 28 insertions(+)
> >
> > diff --git a/drivers/net/ethernet/mscc/ocelot.c
> > b/drivers/net/ethernet/mscc/ocelot.c
> > index 6932e61..40f4e0d 100644
> > --- a/drivers/net/ethernet/mscc/ocelot.c
> > +++ b/drivers/net/ethernet/mscc/ocelot.c
> > @@ -1681,6 +1681,33 @@ int ocelot_probe_port(struct ocelot *ocelot, u8
> > port,  }  EXPORT_SYMBOL(ocelot_probe_port);
> >
> > +static int ocelot_ace_add_ptp_rule(struct ocelot *ocelot) {
> > +	struct ocelot_ace_rule *rule;
> > +
> > +	rule = kzalloc(sizeof(*rule), GFP_KERNEL);
> > +	if (!rule)
> > +		return -ENOMEM;
> > +
> > +	/* Entry for PTP over Ethernet (etype 0x88f7)
> > +	 * Action: trap to CPU port
> > +	 */
> > +	rule->ocelot = ocelot;
> > +	rule->prio = 1;
> > +	rule->type = OCELOT_ACE_TYPE_ETYPE;
> > +	/* Available on all ingress port except CPU port */
> > +	rule->ingress_port = ~BIT(ocelot->num_phys_ports);
> > +	rule->dmac_mc = OCELOT_VCAP_BIT_1;
> > +	rule->frame.etype.etype.value[0] = 0x88;
> > +	rule->frame.etype.etype.value[1] = 0xf7;
> > +	rule->frame.etype.etype.mask[0] = 0xff;
> > +	rule->frame.etype.etype.mask[1] = 0xff;
> > +	rule->action = OCELOT_ACL_ACTION_TRAP;
> > +
> > +	ocelot_ace_rule_offload_add(rule);
> > +	return 0;
> > +}
> > +
> >  int ocelot_init(struct ocelot *ocelot)  {
> >  	u32 port;
> > @@ -1708,6 +1735,7 @@ int ocelot_init(struct ocelot *ocelot)
> >  	ocelot_mact_init(ocelot);
> >  	ocelot_vlan_init(ocelot);
> >  	ocelot_ace_init(ocelot);
> > +	ocelot_ace_add_ptp_rule(ocelot);
> >
> >  	for (port = 0; port < ocelot->num_phys_ports; port++) {
> >  		/* Clear all counters (5 groups) */
> This seems really wrong to me, and much too hard-coded...
> 
> What if I want to forward the PTP frames to be forwarded like a normal
> non-aware PTP switch?

[Y.b. Lu] As Andrew said, other switches could identify PTP messages and forward to CPU for processing.
https://patchwork.ozlabs.org/patch/1145627/

I'm also wondering whether there is common method in linux to address your questions.
If no, I think trapping all PTP messages on all ports to CPU could be used for now.
If users require PTP synchronization, they actually don’t want a non-aware PTP switch.

I once see other ocelot code configure ptp trap rules in ioctl timestamping setting. But I don’t think it's proper either.
Enable timestamping doesn’t mean we want to trap PTP messages.

> 
> What if do not want this on all ports?

[Y.b. Lu] Actually I don’t think there should be difference of handling PTP messages on each port.
You don’t need to run PTP protocol application on the specific port if you don’t want.

> 
> If you do not have an application behind this implementing a boundary or
> transparent clock, then you are breaking PTP on the network.

[Y.b. Lu] You're right. But actually for PTP network, all PTP devices should run PTP protocol on it.
Of course, it's better to have a way to configure it as non-aware PTP switch.

> 
> /Allan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ