lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 14 Apr 2020 13:26:09 +0200
From:   Horatiu Vultur <horatiu.vultur@...rochip.com>
To:     <nikolay@...ulusnetworks.com>, <davem@...emloft.net>,
        <jiri@...nulli.us>, <ivecera@...hat.com>, <kuba@...nel.org>,
        <roopa@...ulusnetworks.com>, <olteanv@...il.com>, <andrew@...n.ch>,
        <linux-kernel@...r.kernel.org>, <netdev@...r.kernel.org>,
        <bridge@...ts.linux-foundation.org>, <UNGLinuxDriver@...rochip.com>
CC:     Horatiu Vultur <horatiu.vultur@...rochip.com>
Subject: [RFC net-next v5 0/9] net: bridge: mrp: Add support for Media Redundancy Protocol(MRP)

Media Redundancy Protocol is a data network protocol standardized by
International Electrotechnical Commission as IEC 62439-2. It allows rings of
Ethernet switches to overcome any single failure with recovery time faster than
STP. It is primarily used in Industrial Ethernet applications.

Based on the previous RFC[1][2][3][4], the MRP state machine and all the timers
were moved to userspace, except for the timers used to generate MRP Test frames.
In this way the userspace doesn't know and should not know if the HW or the
kernel will generate the MRP Test frames. The following changes were added to
the bridge to support the MRP:
- the existing netlink interface was extended with MRP support,
- allow to detect when a MRP frame was received on a MRP ring port
- allow MRP instance to forward/terminate MRP frames
- generate MRP Test frames in case the HW doesn't have support for this

To be able to offload MRP support to HW, the switchdev API  was extend.

With these changes the userspace doesn't do the following because already the
kernel/HW will do:
- doesn't need to forward/terminate MRP frames
- doesn't need to generate MRP Test frames
- doesn't need to detect when the ring is open/closed.

The userspace application that is using the new netlink can be found here[5].

The current implementation both in kernel and userspace supports only 2 roles:
  MRM - this one is responsible to send MRP_Test and MRP_Topo frames on both
  ring ports. It needs to process MRP_Test to know if the ring is open or
  closed. This operation is desired to be offloaded to the HW because it
  requires to generate and process up to 4000 frames per second. Whenever it
  detects that the ring is open it sends MRP_Topo frames to notify all MRC about
  changes in the topology. MRM needs also to process MRP_LinkChange frames,
  these frames are generated by the MRC. When the ring is open then the state
  of both ports is to forward frames and when the ring is closed then the
  secondary port is blocked.

  MRC - this one is responsible to forward MRP frames between the ring ports.
  In case one of the ring ports gets a link down or up, then MRC will generate
  a MRP_LinkChange frames. This node should also process MRP_Topo frames and to
  clear its FDB when it receives this frame.

 Userspace
               Deamon +----------+ Client
                +
                |
 +--------------|-----------------------------------------+
  Kernel        |
                + Netlink

                |                              + Interrupt
                |                              |
 +--------------|------------------------------|----------+
  HW            | Switchdev                    |
                +                              |

The user interacts using the client (called 'mrp'), the client talks to the
deamon (called 'mrp_server'), which talks with the kernel using netlink. The
kernel will try to offload the requests to the HW via switchdev API.

If this will be accepted then in the future the netlink interface can be
expended with multiple attributes which are required by different roles of the
MRP. Like Media Redundancy Automanager(MRA), Media Interconnect Manager(MIM) and
Media Interconnect Client(MIC).

[1] https://www.spinics.net/lists/netdev/msg623647.html
[2] https://www.spinics.net/lists/netdev/msg624378.html
[3] https://www.spinics.net/lists/netdev/msg627500.html
[4] https://www.spinics.net/lists/netdev/msg641005.html
[5] https://github.com/microchip-ung/mrp/tree/patch-v5

-v5:
  - use nla_parse_nested
  - rework the usage of the rcu in br_mrp
  - reorder patches
  - few other small issues raised by Nikolay

-v4:
  - extend existing netlink interface to add mrp support
  - use rcu locks

-v3:
  - move MRP state machine in userspace
  - create generic netlink interface for configuring the HW using switchdev API

-v2:
  - extend switchdev API to offload to HW

Horatiu Vultur (9):
  bridge: uapi: mrp: Add mrp attributes.
  bridge: mrp: Update Kconfig and Makefile
  bridge: mrp: Expose function br_mrp_port_open
  bridge: mrp: Add MRP interface.
  switchdev: mrp: Extend switchdev API to offload MRP
  bridge: switchdev: mrp: Implement MRP API for switchdev
  bridge: mrp: Connect MRP API with the switchev API
  bridge: mrp: Implement netlink interface to configure MRP
  bridge: mrp: Integrate MRP into the bridge

 include/linux/if_bridge.h       |   1 +
 include/linux/mrp_bridge.h      |  24 ++
 include/net/switchdev.h         |  62 ++++
 include/uapi/linux/if_bridge.h  |  43 +++
 include/uapi/linux/if_ether.h   |   1 +
 include/uapi/linux/mrp_bridge.h |  84 +++++
 net/bridge/Kconfig              |  12 +
 net/bridge/Makefile             |   2 +
 net/bridge/br_device.c          |   3 +
 net/bridge/br_if.c              |   2 +
 net/bridge/br_input.c           |   3 +
 net/bridge/br_mrp.c             | 559 ++++++++++++++++++++++++++++++++
 net/bridge/br_mrp_netlink.c     | 164 ++++++++++
 net/bridge/br_mrp_switchdev.c   | 144 ++++++++
 net/bridge/br_netlink.c         |   5 +
 net/bridge/br_private.h         |  35 ++
 net/bridge/br_private_mrp.h     |  61 ++++
 net/bridge/br_stp.c             |   6 +
 net/bridge/br_stp_if.c          |   5 +
 19 files changed, 1216 insertions(+)
 create mode 100644 include/linux/mrp_bridge.h
 create mode 100644 include/uapi/linux/mrp_bridge.h
 create mode 100644 net/bridge/br_mrp.c
 create mode 100644 net/bridge/br_mrp_netlink.c
 create mode 100644 net/bridge/br_mrp_switchdev.c
 create mode 100644 net/bridge/br_private_mrp.h

-- 
2.17.1

Powered by blists - more mailing lists