lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 May 2020 20:28:35 -0700 From: Florian Fainelli <f.fainelli@...il.com> To: Vladimir Oltean <olteanv@...il.com>, andrew@...n.ch, vivien.didelot@...il.com Cc: davem@...emloft.net, kuba@...nel.org, jiri@...lanox.com, idosch@...sch.org, rmk+kernel@...linux.org.uk, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2 net-next 04/15] net: dsa: sja1105: deny alterations of dsa_8021q VLANs from the bridge On 5/11/2020 6:53 AM, Vladimir Oltean wrote: > From: Vladimir Oltean <vladimir.oltean@....com> > > At the moment, this can never happen. The 2 modes that we operate in do > not permit that: > > - SJA1105_VLAN_UNAWARE: we are guarded from bridge VLANs added by the > user by the DSA core. We will later lift this restriction by setting > ds->vlan_bridge_vtu = true, and that is where we'll need it. > > - SJA1105_VLAN_FILTERING_FULL: in this mode, dsa_8021q configuration is > disabled. So the user is free to add these VLANs in the 1024-3071 > range. > > The reason for the patch is that we'll introduce a third VLAN awareness > state, where both dsa_8021q as well as the bridge are going to call our > .port_vlan_add and .port_vlan_del methods. > > For that, we need a good way to discriminate between the 2. The easiest > (and less intrusive way for upper layers) is to recognize the fact that > dsa_8021q configurations are always driven by our driver - we _know_ > when a .port_vlan_add method will be called from dsa_8021q because _we_ > initiated it. > > So introduce an expect_dsa_8021q boolean which is only used, at the > moment, for blacklisting VLANs in range 1024-3071 in the modes when > dsa_8021q is active.> > Signed-off-by: Vladimir Oltean <vladimir.oltean@....com> Reviewed-by: Florian Fainelli <f.fainelli@...il.com> -- Florian
Powered by blists - more mailing lists