lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 29 Oct 2020 08:47:17 +0100
From:   "Tobias Waldekranz" <tobias@...dekranz.com>
To:     "Vladimir Oltean" <olteanv@...il.com>
Cc:     <andrew@...n.ch>, <vivien.didelot@...il.com>,
        <f.fainelli@...il.com>, <netdev@...r.kernel.org>,
        "Ido Schimmel" <idosch@...sch.org>
Subject: Re: [RFC PATCH 4/4] net: dsa: tag_edsa: support reception of
 packets from lag devices

On Thu Oct 29, 2020 at 2:08 AM CET, Vladimir Oltean wrote:
> On Wed, Oct 28, 2020 at 11:31:58PM +0100, Tobias Waldekranz wrote:
> > The thing is, unlike L2 where the hardware will add new neighbors to
> > its FDB autonomously, every entry in the hardware FIB is under the
> > strict control of the CPU. So I think you can avoid much of this
> > headache simply by determining if a given L3 nexthop/neighbor is
> > "foreign" to the switch or not, and then just skip offloading for
> > those entries.
> > 
> > You miss out on the hardware acceleration of replacing the L2 header
> > of course. But my guess would be that once you have payed the tax of
> > receiving the buffer via the NIC driver, allocated an skb, and called
> > netif_rx() etc. the routing operation will be a rounding error. At
> > least on smaller devices where the FIB is typically quite small.
>
> Right, but in that case, there is less of an argument to have something
> like DSA injecting directly into an upper device's RX path, if only
> mv88e6xxx with bonding is ever going to use that.

Doesn't that basically boil down to the argument that "we can't merge
this change because it's never going to be used, except for when it is
used"? I don't know if I buy that.

How about the inverse question: If this change is not acceptable, do
you have any other suggestion on to solve it? The hardware is what it
is, I can not will the source port information into existence, and
injecting packets on the wrong DSA port feels even more dirty to me.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ