lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 14 Jan 2021 14:49:48 +0100
From:   Rasmus Villemoes <rasmus.villemoes@...vas.dk>
To:     Andrew Lunn <andrew@...n.ch>,
        Network Development <netdev@...r.kernel.org>,
        Vivien Didelot <vivien.didelot@...il.com>
Cc:     Horatiu Vultur <horatiu.vultur@...rochip.com>
Subject: commit 4c7ea3c0791e (net: dsa: mv88e6xxx: disable SA learning for DSA
 and CPU ports)

Hi

I've noticed something rather odd with my mv88e6250, which led me to the
commit in the subject.

First, the MAC address of the master device never seems to get learned
(at least according to "mv88e6xxx_dump --atu"), so all packets destined
for the machine gets flooded out all ports - which I can verify with
wireshark. That is, I have three machines

A --- B --- C

with B being the board with an embedded mv88e6250, A pinging B, and C
running wireshark - and it shows lots of "ping request (no response
found)". Same if B pings A; the responses from A also get to C.

But this is somewhat to be expected; automatic learning has been
disabled by commit 4c7ea3c0791e (later commits have change the logic
around there somewhat, but the end result is the same: the PAV for the
cpu port being clear), and I can't find anywhere in the code which would
manually add the master device's address to the ATU.

However: Even when I do

-	if (dsa_is_cpu_port(ds, port))
+	if (dsa_is_cpu_port(ds, port) && 0)

and verify with "mv88e6xxx_dump --ports" that the CPU port now has the
expected value in port offset 0x0b:

0b 0001 0002 0004 0008 0010 0020 0040

(it's port 5, i.e. the 0020 value), I still see the above behaviour -
the master device's address doesn't get learned (nor does some garbage
address appear in the ATU), and the unicast packets are still forwarded
out all ports. So I must be missing something else.

Finally, I'm wondering how the tagging could get in the way of learning
the right address, given that the tag is inserted after the DA and SA.

====

But this is all just some odd observations; the traffic does seem to
work, though sending all unicast traffic to all neighbours seems to be a
waste of bandwidth.

What I'm _really_ trying to do is to get my mv88e6250 to participate in
an MRP ring, which AFAICT will require that the master device's MAC gets
added as a static entry in the ATU: Otherwise, when the ring goes from
open to closed, I've seen the switch wrongly learn the node's own mac
address as being in the direction of one of the normal ports, which
obviously breaks all traffic. So if the topology is

   M
 /   \
C1 *** C2

with the link between C1 and C2 being broken, both M-C1 and M-C2 links
are in forwarding (hence learning) state, so when the C1-C2 link gets
reestablished, it will take at least one received test packet for M to
decide to put one of the ports in blocking state - by which time the
damage is done, and the ATU now has a broken entry for M's own mac address.

Rasmus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ