lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 31 Jul 2021 18:24:07 +0300 From: Vladimir Oltean <olteanv@...il.com> To: Prasanna Vengateshan <prasanna.vengateshan@...rochip.com> Cc: andrew@...n.ch, netdev@...r.kernel.org, robh+dt@...nel.org, UNGLinuxDriver@...rochip.com, Woojung.Huh@...rochip.com, hkallweit1@...il.com, linux@...linux.org.uk, davem@...emloft.net, kuba@...nel.org, linux-kernel@...r.kernel.org, vivien.didelot@...il.com, f.fainelli@...il.com, devicetree@...r.kernel.org Subject: Re: [PATCH v3 net-next 08/10] net: dsa: microchip: add support for port mirror operations On Fri, Jul 23, 2021 at 11:01:06PM +0530, Prasanna Vengateshan wrote: > Added support for port_mirror_add() and port_mirror_del operations > > Sniffing is limited to one port & alert the user if any new > sniffing port is selected > > Signed-off-by: Prasanna Vengateshan <prasanna.vengateshan@...rochip.com> > --- > drivers/net/dsa/microchip/lan937x_main.c | 83 ++++++++++++++++++++++++ > 1 file changed, 83 insertions(+) > > diff --git a/drivers/net/dsa/microchip/lan937x_main.c b/drivers/net/dsa/microchip/lan937x_main.c > index 3380a4617725..171c46f37fa4 100644 > --- a/drivers/net/dsa/microchip/lan937x_main.c > +++ b/drivers/net/dsa/microchip/lan937x_main.c > @@ -129,6 +129,87 @@ static void lan937x_port_stp_state_set(struct dsa_switch *ds, int port, > mutex_unlock(&dev->dev_mutex); > } > > +static int lan937x_port_mirror_add(struct dsa_switch *ds, int port, > + struct dsa_mall_mirror_tc_entry *mirror, > + bool ingress) > +{ > + struct ksz_device *dev = ds->priv; > + int ret, p; > + u8 data; > + > + /* Configure ingress/egress mirroring*/ > + if (ingress) > + ret = lan937x_port_cfg(dev, port, P_MIRROR_CTRL, PORT_MIRROR_RX, > + true); > + else > + ret = lan937x_port_cfg(dev, port, P_MIRROR_CTRL, PORT_MIRROR_TX, > + true); > + if (ret < 0) > + return ret; > + > + /* Configure sniffer port meanwhile limit to one sniffer port > + * Check if any of the port is already set for sniffing > + * If yes, instruct the user to remove the previous entry & exit > + */ > + for (p = 0; p < dev->port_cnt; p++) { > + /*Skip the current sniffing port*/ > + if (p == mirror->to_local_port) > + continue; > + > + ret = lan937x_pread8(dev, p, P_MIRROR_CTRL, &data); > + if (ret < 0) > + return ret; > + > + if (data & PORT_MIRROR_SNIFFER) { > + dev_err(dev->dev, > + "Delete existing rules towards %s & try\n", > + dsa_to_port(ds, p)->name); > + return -EBUSY; > + } > + } I think this check should be placed before you enable PORT_MIRROR_RX/PORT_MIRROR_TX. > + > + ret = lan937x_port_cfg(dev, mirror->to_local_port, P_MIRROR_CTRL, > + PORT_MIRROR_SNIFFER, true); > + if (ret < 0) > + return ret; > + > + ret = lan937x_cfg(dev, S_MIRROR_CTRL, SW_MIRROR_RX_TX, false); > + > + return ret; You can forgo an assignment to "ret" here and do "return lan937x_cfg(...)"
Powered by blists - more mailing lists