lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210118160317.554018-1-alban.bedel@aerq.com>
Date:   Mon, 18 Jan 2021 17:03:17 +0100
From:   Alban Bedel <alban.bedel@...q.com>
To:     Vladimir Oltean <vladimir.oltean@....com>
CC:     Claudiu Manoil <claudiu.manoil@....com>,
        Alexandre Belloni <alexandre.belloni@...tlin.com>,
        UNGLinuxDriver@...rochip.com,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, Alban Bedel <alban.bedel@...q.com>
Subject: [PATCH] net: mscc: ocelot: Fix multicast to the CPU port

Multicast entries in the MAC table use the high bits of the MAC
address to encode the ports that should get the packets. But this port
mask does not work for the CPU port, to receive these packets on the
CPU port the MAC_CPU_COPY flag must be set.

Because of this IPv6 was effectively not working because neighbor
solicitations were never received. This was not apparent before commit
9403c158 (net: mscc: ocelot: support IPv4, IPv6 and plain Ethernet mdb
entries) as the IPv6 entries were broken so all incoming IPv6
multicast was then treated as unknown and flooded on all ports.

To fix this problem add a new `flags` parameter to ocelot_mact_learn()
and set MAC_CPU_COPY when the CPU port is in the port set. We still
leave the CPU port in the bitfield as it doesn't seems to hurt.

Signed-off-by: Alban Bedel <alban.bedel@...q.com>
Fixes: 9403c158 (net: mscc: ocelot: support IPv4, IPv6 and plain Ethernet mdb entries)
---
 drivers/net/ethernet/mscc/ocelot.c | 17 ++++++++++++-----
 drivers/net/ethernet/mscc/ocelot.h |  3 ++-
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/drivers/net/ethernet/mscc/ocelot.c b/drivers/net/ethernet/mscc/ocelot.c
index 0b9992bd6626..c33162dbf075 100644
--- a/drivers/net/ethernet/mscc/ocelot.c
+++ b/drivers/net/ethernet/mscc/ocelot.c
@@ -58,12 +58,13 @@ static void ocelot_mact_select(struct ocelot *ocelot,
 
 int ocelot_mact_learn(struct ocelot *ocelot, int port,
 		      const unsigned char mac[ETH_ALEN],
-		      unsigned int vid, enum macaccess_entry_type type)
+		      unsigned int vid, enum macaccess_entry_type type,
+		      u32 flags)
 {
 	ocelot_mact_select(ocelot, mac, vid);
 
 	/* Issue a write command */
-	ocelot_write(ocelot, ANA_TABLES_MACACCESS_VALID |
+	ocelot_write(ocelot, ANA_TABLES_MACACCESS_VALID | flags |
 			     ANA_TABLES_MACACCESS_DEST_IDX(port) |
 			     ANA_TABLES_MACACCESS_ENTRYTYPE(type) |
 			     ANA_TABLES_MACACCESS_MAC_TABLE_CMD(MACACCESS_CMD_LEARN),
@@ -574,7 +575,7 @@ int ocelot_fdb_add(struct ocelot *ocelot, int port,
 	if (port == ocelot->npi)
 		pgid = PGID_CPU;
 
-	return ocelot_mact_learn(ocelot, pgid, addr, vid, ENTRYTYPE_LOCKED);
+	return ocelot_mact_learn(ocelot, pgid, addr, vid, ENTRYTYPE_LOCKED, 0);
 }
 EXPORT_SYMBOL(ocelot_fdb_add);
 
@@ -1064,6 +1065,7 @@ int ocelot_port_mdb_add(struct ocelot *ocelot, int port,
 	struct ocelot_multicast *mc;
 	struct ocelot_pgid *pgid;
 	u16 vid = mdb->vid;
+	u32 flags = 0;
 
 	if (port == ocelot->npi)
 		port = ocelot->num_phys_ports;
@@ -1107,9 +1109,11 @@ int ocelot_port_mdb_add(struct ocelot *ocelot, int port,
 	    mc->entry_type != ENTRYTYPE_MACv6)
 		ocelot_write_rix(ocelot, pgid->ports, ANA_PGID_PGID,
 				 pgid->index);
+	if (mc->ports & BIT(ocelot->num_phys_ports))
+		flags |= ANA_TABLES_MACACCESS_MAC_CPU_COPY;
 
 	return ocelot_mact_learn(ocelot, pgid->index, addr, vid,
-				 mc->entry_type);
+				 mc->entry_type, flags);
 }
 EXPORT_SYMBOL(ocelot_port_mdb_add);
 
@@ -1120,6 +1124,7 @@ int ocelot_port_mdb_del(struct ocelot *ocelot, int port,
 	struct ocelot_multicast *mc;
 	struct ocelot_pgid *pgid;
 	u16 vid = mdb->vid;
+	u32 flags = 0;
 
 	if (port == ocelot->npi)
 		port = ocelot->num_phys_ports;
@@ -1151,9 +1156,11 @@ int ocelot_port_mdb_del(struct ocelot *ocelot, int port,
 	    mc->entry_type != ENTRYTYPE_MACv6)
 		ocelot_write_rix(ocelot, pgid->ports, ANA_PGID_PGID,
 				 pgid->index);
+	if (mc->ports & BIT(ocelot->num_phys_ports))
+		flags |= ANA_TABLES_MACACCESS_MAC_CPU_COPY;
 
 	return ocelot_mact_learn(ocelot, pgid->index, addr, vid,
-				 mc->entry_type);
+				 mc->entry_type, flags);
 }
 EXPORT_SYMBOL(ocelot_port_mdb_del);
 
diff --git a/drivers/net/ethernet/mscc/ocelot.h b/drivers/net/ethernet/mscc/ocelot.h
index 291d39d49c4e..63045f1ef0cd 100644
--- a/drivers/net/ethernet/mscc/ocelot.h
+++ b/drivers/net/ethernet/mscc/ocelot.h
@@ -106,7 +106,8 @@ int ocelot_port_fdb_do_dump(const unsigned char *addr, u16 vid,
 			    bool is_static, void *data);
 int ocelot_mact_learn(struct ocelot *ocelot, int port,
 		      const unsigned char mac[ETH_ALEN],
-		      unsigned int vid, enum macaccess_entry_type type);
+		      unsigned int vid, enum macaccess_entry_type type,
+		      u32 flags);
 int ocelot_mact_forget(struct ocelot *ocelot,
 		       const unsigned char mac[ETH_ALEN], unsigned int vid);
 int ocelot_port_lag_join(struct ocelot *ocelot, int port,
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ