lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sat, 18 Apr 2020 15:55:32 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     olteanv@...il.com
Cc:     claudiu.manoil@....com, netdev@...r.kernel.org,
        alexandru.marginean@....com, xiaoliang.yang_1@....com,
        yangbo.lu@....com, po.liu@....com
Subject: Re: [PATCH net-next] enetc: permit configuration of rx-vlan-filter
 with ethtool

From: Vladimir Oltean <olteanv@...il.com>
Date: Fri, 17 Apr 2020 22:07:55 +0300

> From: Vladimir Oltean <vladimir.oltean@....com>
> 
> Each ENETC station interface (SI) has a VLAN filter list and a port
> flag (PSIPVMR) by which it can be put in "VLAN promiscuous" mode, which
> enables the reception of VLAN-tagged traffic even if it is not in the
> VLAN filtering list.
> 
> Currently the handling of this setting works like this: the port starts
> off as VLAN promiscuous, then it switches to enabling VLAN filtering as
> soon as the first VLAN is installed in its filter via
> .ndo_vlan_rx_add_vid. In practice that does not work out very well,
> because more often than not, the first VLAN to be installed is out of
> the control of the user: the 8021q module, if loaded, adds its rule for
> 802.1p (VID 0) traffic upon bringing the interface up.
> 
> What the user is currently seeing in ethtool is this:
> ethtool -k eno2
> rx-vlan-filter: on [fixed]
> 
> which doesn't match the intention of the code, but the practical reality
> of having the 8021q module install its VID which has the side-effect of
> turning on VLAN filtering in this driver. All in all, a slightly
> confusing experience.
> 
> So instead of letting this driver switch the VLAN filtering state by
> itself, just wire it up with the rx-vlan-filter feature from ethtool,
> and let it be user-configurable just through that knob, except for one
> case, see below.
> 
> In promiscuous mode, it is more intuitive that all traffic is received,
> including VLAN tagged traffic. It appears that it is necessary to set
> the flag in PSIPVMR for that to be the case, so VLAN promiscuous mode is
> also temporarily enabled. On exit from promiscuous mode, the setting
> made by ethtool is restored.
> 
> Signed-off-by: Vladimir Oltean <vladimir.oltean@....com>

Applied.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ