lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YAXKdWL9CdplNrtm@lunn.ch>
Date:   Mon, 18 Jan 2021 18:50:45 +0100
From:   Andrew Lunn <andrew@...n.ch>
To:     Rasmus Villemoes <rasmus.villemoes@...vas.dk>
Cc:     Tobias Waldekranz <tobias@...dekranz.com>,
        Network Development <netdev@...r.kernel.org>,
        Vivien Didelot <vivien.didelot@...il.com>,
        Horatiu Vultur <horatiu.vultur@...rochip.com>,
        Vladimir Oltean <olteanv@...il.com>
Subject: Re: commit 4c7ea3c0791e (net: dsa: mv88e6xxx: disable SA learning
 for DSA and CPU ports)

> I suppose the real solution is having userspace do some "bridge mdb add"
> yoga, but since no code currently uses
> MV88E6XXX_G1_ATU_DATA_STATE_MC_STATIC_DA_MGMT, I don't think there's any
> way to actually achieve this. And I have no idea how to represent the
> requirement that "frames with this multicast DA are only to be directed
> at the CPU" in a hardware-agnostic way.

The switchdev interface for this exists, because there can be
multicast listeners on the bridge. When they join a group, they ask
the switch to put in a HOST MDB, which should cause the traffic for
the group to be sent to the host. What you don't have is the
exclusivity. If there is an IGMP report for the DA received on another
port, IGMP snooping will add an MDB entry to forward traffic out that
port.

	Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ