lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 13 May 2020 23:56:03 +0800
From:   DENG Qingfang <dqfext@...il.com>
To:     Florian Fainelli <f.fainelli@...il.com>
Cc:     netdev <netdev@...r.kernel.org>,
        Sean Wang <sean.wang@...iatek.com>,
        Andrew Lunn <andrew@...n.ch>,
        Vivien Didelot <vivien.didelot@...il.com>,
        "David S . Miller" <davem@...emloft.net>,
        "moderated list:ARM/Mediatek SoC support" 
        <linux-mediatek@...ts.infradead.org>,
        Russell King <linux@...linux.org.uk>,
        Matthias Brugger <matthias.bgg@...il.com>,
        René van Dorst <opensource@...rst.com>,
        Tom James <tj17@...com>,
        Stijn Segers <foss@...atilesystems.org>,
        riddlariddla@...mail.com, Szabolcs Hubai <szab.hu@...il.com>,
        Paul Fertser <fercerpav@...il.com>
Subject: Re: [PATCH net-next] net: dsa: mt7530: set CPU port to fallback mode

Hi Florian

On Wed, May 13, 2020 at 11:46 PM Florian Fainelli <f.fainelli@...il.com> wrote:
>
>
>
> On 5/13/2020 8:37 AM, DENG Qingfang wrote:
> > Currently, setting a bridge's self PVID to other value and deleting
> > the default VID 1 renders untagged ports of that VLAN unable to talk to
> > the CPU port:
> >
> >       bridge vlan add dev br0 vid 2 pvid untagged self
> >       bridge vlan del dev br0 vid 1 self
> >       bridge vlan add dev sw0p0 vid 2 pvid untagged
> >       bridge vlan del dev sw0p0 vid 1
> >       # br0 cannot send untagged frames out of sw0p0 anymore
> >
> > That is because the CPU port is set to security mode and its PVID is
> > still 1, and untagged frames are dropped due to VLAN member violation.
> >
> > Set the CPU port to fallback mode so untagged frames can pass through.
>
> How about if the bridge has vlan_filtering=1? The use case you present
> seems to be valid to me, that is, you may create a VLAN just for the
> user ports and not have the CPU port be part of it at all.

I forgot to mention that this is ONLY for vlan_filtering=1
`bridge vlan` simply won't do anything if VLAN filtering is disabled.

>
> >
> > Fixes: 83163f7dca56 ("net: dsa: mediatek: add VLAN support for MT7530")
> > Signed-off-by: DENG Qingfang <dqfext@...il.com>
> > ---
> >  drivers/net/dsa/mt7530.c | 11 ++++++++---
> >  drivers/net/dsa/mt7530.h |  6 ++++++
> >  2 files changed, 14 insertions(+), 3 deletions(-)
> >
> > diff --git a/drivers/net/dsa/mt7530.c b/drivers/net/dsa/mt7530.c
> > index 5c444cd722bd..a063d914c23f 100644
> > --- a/drivers/net/dsa/mt7530.c
> > +++ b/drivers/net/dsa/mt7530.c
> > @@ -810,10 +810,15 @@ mt7530_port_set_vlan_aware(struct dsa_switch *ds, int port)
> >                  PCR_MATRIX_MASK, PCR_MATRIX(MT7530_ALL_MEMBERS));
> >
> >       /* Trapped into security mode allows packet forwarding through VLAN
> > -      * table lookup.
> > +      * table lookup. CPU port is set to fallback mode to let untagged
> > +      * frames pass through.
> >        */
> > -     mt7530_rmw(priv, MT7530_PCR_P(port), PCR_PORT_VLAN_MASK,
> > -                MT7530_PORT_SECURITY_MODE);
> > +     if (dsa_is_cpu_port(ds, port))
> > +             mt7530_rmw(priv, MT7530_PCR_P(port), PCR_PORT_VLAN_MASK,
> > +                        MT7530_PORT_FALLBACK_MODE);
> > +     else
> > +             mt7530_rmw(priv, MT7530_PCR_P(port), PCR_PORT_VLAN_MASK,
> > +                        MT7530_PORT_SECURITY_MODE);
> >
> >       /* Set the port as a user port which is to be able to recognize VID
> >        * from incoming packets before fetching entry within the VLAN table.
> > diff --git a/drivers/net/dsa/mt7530.h b/drivers/net/dsa/mt7530.h
> > index 979bb6374678..d45eb7540703 100644
> > --- a/drivers/net/dsa/mt7530.h
> > +++ b/drivers/net/dsa/mt7530.h
> > @@ -152,6 +152,12 @@ enum mt7530_port_mode {
> >       /* Port Matrix Mode: Frames are forwarded by the PCR_MATRIX members. */
> >       MT7530_PORT_MATRIX_MODE = PORT_VLAN(0),
> >
> > +     /* Fallback Mode: Forward received frames with ingress ports that do
> > +      * not belong to the VLAN member. Frames whose VID is not listed on
> > +      * the VLAN table are forwarded by the PCR_MATRIX members.
> > +      */
> > +     MT7530_PORT_FALLBACK_MODE = PORT_VLAN(1),
> > +
> >       /* Security Mode: Discard any frame due to ingress membership
> >        * violation or VID missed on the VLAN table.
> >        */
> >
>
> --
> Florian

Powered by blists - more mailing lists