lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20201123071230.676469-1-idosch@idosch.org>
Date:   Mon, 23 Nov 2020 09:12:20 +0200
From:   Ido Schimmel <idosch@...sch.org>
To:     netdev@...r.kernel.org
Cc:     davem@...emloft.net, kuba@...nel.org, jiri@...dia.com,
        dsahern@...il.com, mlxsw@...dia.com,
        Ido Schimmel <idosch@...dia.com>
Subject: [PATCH net-next 00/10] mlxsw: Add support for blackhole nexthops

From: Ido Schimmel <idosch@...dia.com>

This patch set adds support for blackhole nexthops in mlxsw. These
nexthops are exactly the same as other nexthops, but instead of
forwarding packets to an egress router interface (RIF), they are
programmed to silently drop them.

Patches #1-#4 are preparations.

Patch #5 adds support for blackhole nexthops and removes the check that
prevented them from being programmed.

Patch #6 adds a selftests over mlxsw which tests that blackhole nexthops
can be programmed and are marked as offloaded.

Patch #7 extends the existing nexthop forwarding test to also test
blackhole functionality.

Patches #8-#10 add support for a new packet trap ('blackhole_nexthop')
which should be triggered whenever packets are dropped by a blackhole
nexthop. Obviously, by default, the trap action is set to 'drop' so that
dropped packets will not be reported.

Ido Schimmel (10):
  mlxsw: spectrum_router: Create loopback RIF during initialization
  mlxsw: spectrum_router: Use different trap identifier for unresolved
    nexthops
  mlxsw: spectrum_router: Use loopback RIF for unresolved nexthops
  mlxsw: spectrum_router: Resolve RIF from nexthop struct instead of
    neighbour
  mlxsw: spectrum_router: Add support for blackhole nexthops
  selftests: mlxsw: Add blackhole nexthop configuration tests
  selftests: forwarding: Add blackhole nexthops tests
  devlink: Add blackhole_nexthop trap
  mlxsw: spectrum_trap: Add blackhole_nexthop trap
  selftests: mlxsw: Add blackhole_nexthop trap test

 .../networking/devlink/devlink-trap.rst       |  4 +
 .../ethernet/mellanox/mlxsw/spectrum_dpipe.c  |  9 +-
 .../ethernet/mellanox/mlxsw/spectrum_router.c | 92 ++++++++++++++++---
 .../ethernet/mellanox/mlxsw/spectrum_router.h |  2 +
 .../ethernet/mellanox/mlxsw/spectrum_trap.c   |  8 +-
 drivers/net/ethernet/mellanox/mlxsw/trap.h    |  1 +
 include/net/devlink.h                         |  4 +-
 net/core/devlink.c                            |  1 +
 .../net/mlxsw/devlink_trap_l3_drops.sh        | 36 ++++++++
 .../selftests/drivers/net/mlxsw/rtnetlink.sh  | 25 ++++-
 .../net/forwarding/router_mpath_nh.sh         | 58 +++++++++++-
 11 files changed, 218 insertions(+), 22 deletions(-)

-- 
2.28.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ