lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 23 Nov 2019 22:48:31 +0200
From:   Vladimir Oltean <olteanv@...il.com>
To:     Florian Fainelli <f.fainelli@...il.com>
Cc:     Andrew Lunn <andrew@...n.ch>,
        Vivien Didelot <vivien.didelot@...il.com>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <jakub.kicinski@...ronome.com>,
        netdev <netdev@...r.kernel.org>
Subject: Re: [PATCH net-next 2/3] net: dsa: sja1105: Implement the port MTU callbacks

On Sat, 23 Nov 2019 at 22:30, Florian Fainelli <f.fainelli@...il.com> wrote:
>
>
>
> On 11/23/2019 11:48 AM, Vladimir Oltean wrote:
> > On this switch, the frame length enforcements are performed by the
> > ingress policers. There are 2 types of those: regular L2 (also called
> > best-effort) and Virtual Link policers (an ARINC664/AFDX concept for
> > defining L2 streams with certain QoS abilities). To avoid future
> > confusion, I prefer to call the reset reason "Best-effort policers",
> > even though the VL policers are not yet supported.
> >
> > We also need to change the setup of the initial static config, such that
> > DSA calls to .change_mtu (which are expensive) become no-ops and don't
> > reset the switch 5 times.
> >
> > A driver-level decision is to unconditionally allow single VLAN-tagged
> > traffic on all ports. The CPU port must accept an additional VLAN header
> > for the DSA tag, which is again a driver-level decision.
> >
> > The policers actually count bytes not only from the SDU, but also from
> > the Ethernet header and FCS, so those need to be accounted for as well.
> >
> > Signed-off-by: Vladimir Oltean <olteanv@...il.com>
> > ---
> >  drivers/net/dsa/sja1105/sja1105.h      |  1 +
> >  drivers/net/dsa/sja1105/sja1105_main.c | 48 +++++++++++++++++++++++---
> >  2 files changed, 45 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/net/dsa/sja1105/sja1105.h b/drivers/net/dsa/sja1105/sja1105.h
> > index d801fc204d19..3a5c8acb6e2a 100644
> > --- a/drivers/net/dsa/sja1105/sja1105.h
> > +++ b/drivers/net/dsa/sja1105/sja1105.h
> > @@ -122,6 +122,7 @@ enum sja1105_reset_reason {
> >       SJA1105_RX_HWTSTAMPING,
> >       SJA1105_AGEING_TIME,
> >       SJA1105_SCHEDULING,
> > +     SJA1105_BEST_EFFORT_POLICING,
> >  };
> >
> >  int sja1105_static_config_reload(struct sja1105_private *priv,
> > diff --git a/drivers/net/dsa/sja1105/sja1105_main.c b/drivers/net/dsa/sja1105/sja1105_main.c
> > index b60224c55244..3d55dd3c7e83 100644
> > --- a/drivers/net/dsa/sja1105/sja1105_main.c
> > +++ b/drivers/net/dsa/sja1105/sja1105_main.c
> > @@ -459,12 +459,12 @@ static int sja1105_init_general_params(struct sja1105_private *priv)
> >  #define SJA1105_RATE_MBPS(speed) (((speed) * 64000) / 1000)
> >
> >  static void sja1105_setup_policer(struct sja1105_l2_policing_entry *policing,
> > -                               int index)
> > +                               int index, int mtu)
> >  {
> >       policing[index].sharindx = index;
> >       policing[index].smax = 65535; /* Burst size in bytes */
> >       policing[index].rate = SJA1105_RATE_MBPS(1000);
> > -     policing[index].maxlen = ETH_FRAME_LEN + VLAN_HLEN + ETH_FCS_LEN;
> > +     policing[index].maxlen = mtu;
> >       policing[index].partition = 0;
> >  }
> >
> > @@ -496,12 +496,16 @@ static int sja1105_init_l2_policing(struct sja1105_private *priv)
> >        */
> >       for (i = 0, k = 0; i < SJA1105_NUM_PORTS; i++) {
> >               int bcast = (SJA1105_NUM_PORTS * SJA1105_NUM_TC) + i;
> > +             int mtu = VLAN_ETH_FRAME_LEN + ETH_FCS_LEN;
> > +
> > +             if (dsa_is_cpu_port(priv->ds, i))
> > +                     mtu += VLAN_HLEN;
>
> That really seems like a layering violation it so happens that you use
> DSA_TAG_8021Q which is why you need VLAN_ETH_HLEN, but you should not
> assume that from with your driver, even if this one is special on so
> many counts. How about using use dsa_port(port)->tag_ops->overhead +
> ETH_HLEN here?

True here.

> >
> >               for (j = 0; j < SJA1105_NUM_TC; j++, k++)
> > -                     sja1105_setup_policer(policing, k);
> > +                     sja1105_setup_policer(policing, k, mtu);
> >
> >               /* Set up this port's policer for broadcast traffic */
> > -             sja1105_setup_policer(policing, bcast);
> > +             sja1105_setup_policer(policing, bcast, mtu);
> >       }
> >       return 0;
> >  }
> > @@ -1346,6 +1350,7 @@ static const char * const sja1105_reset_reasons[] = {
> >       [SJA1105_RX_HWTSTAMPING] = "RX timestamping",
> >       [SJA1105_AGEING_TIME] = "Ageing time",
> >       [SJA1105_SCHEDULING] = "Time-aware scheduling",
> > +     [SJA1105_BEST_EFFORT_POLICING] = "Best-effort policing",
> >  };
> >
> >  /* For situations where we need to change a setting at runtime that is only
> > @@ -1886,6 +1891,39 @@ static int sja1105_set_ageing_time(struct dsa_switch *ds,
> >       return sja1105_static_config_reload(priv, SJA1105_AGEING_TIME);
> >  }
> >
> > +static int sja1105_change_mtu(struct dsa_switch *ds, int port, int new_mtu)
> > +{
> > +     int bcast = (SJA1105_NUM_PORTS * SJA1105_NUM_TC) + port;
> > +     struct sja1105_l2_policing_entry *policing;
> > +     struct sja1105_private *priv = ds->priv;
> > +     int tc;
> > +
> > +     new_mtu += VLAN_ETH_HLEN + ETH_FCS_LEN;
>
> Likewise

Not the same thing here. I wrote about this one in the commit message:
"A driver-level decision is to unconditionally allow single
VLAN-tagged traffic on all ports". How is this handled more correctly?

> --
> Florian

Thanks,
-Vladimir

Powered by blists - more mailing lists