| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 31 Jul 2021 18:24:07 +0300
From: Vladimir Oltean <olteanv@...il.com>
To: Prasanna Vengateshan <prasanna.vengateshan@...rochip.com>
Cc: andrew@...n.ch, netdev@...r.kernel.org, robh+dt@...nel.org,
UNGLinuxDriver@...rochip.com, Woojung.Huh@...rochip.com,
hkallweit1@...il.com, linux@...linux.org.uk, davem@...emloft.net,
kuba@...nel.org, linux-kernel@...r.kernel.org,
vivien.didelot@...il.com, f.fainelli@...il.com,
devicetree@...r.kernel.org
Subject: Re: [PATCH v3 net-next 08/10] net: dsa: microchip: add support for
port mirror operations
On Fri, Jul 23, 2021 at 11:01:06PM +0530, Prasanna Vengateshan wrote:
> Added support for port_mirror_add() and port_mirror_del operations
>
> Sniffing is limited to one port & alert the user if any new
> sniffing port is selected
>
> Signed-off-by: Prasanna Vengateshan <prasanna.vengateshan@...rochip.com>
> ---
> drivers/net/dsa/microchip/lan937x_main.c | 83 ++++++++++++++++++++++++
> 1 file changed, 83 insertions(+)
>
> diff --git a/drivers/net/dsa/microchip/lan937x_main.c b/drivers/net/dsa/microchip/lan937x_main.c
> index 3380a4617725..171c46f37fa4 100644
> --- a/drivers/net/dsa/microchip/lan937x_main.c
> +++ b/drivers/net/dsa/microchip/lan937x_main.c
> @@ -129,6 +129,87 @@ static void lan937x_port_stp_state_set(struct dsa_switch *ds, int port,
> mutex_unlock(&dev->dev_mutex);
> }
>
> +static int lan937x_port_mirror_add(struct dsa_switch *ds, int port,
> + struct dsa_mall_mirror_tc_entry *mirror,
> + bool ingress)
> +{
> + struct ksz_device *dev = ds->priv;
> + int ret, p;
> + u8 data;
> +
> + /* Configure ingress/egress mirroring*/
> + if (ingress)
> + ret = lan937x_port_cfg(dev, port, P_MIRROR_CTRL, PORT_MIRROR_RX,
> + true);
> + else
> + ret = lan937x_port_cfg(dev, port, P_MIRROR_CTRL, PORT_MIRROR_TX,
> + true);
> + if (ret < 0)
> + return ret;
> +
> + /* Configure sniffer port meanwhile limit to one sniffer port
> + * Check if any of the port is already set for sniffing
> + * If yes, instruct the user to remove the previous entry & exit
> + */
> + for (p = 0; p < dev->port_cnt; p++) {
> + /*Skip the current sniffing port*/
> + if (p == mirror->to_local_port)
> + continue;
> +
> + ret = lan937x_pread8(dev, p, P_MIRROR_CTRL, &data);
> + if (ret < 0)
> + return ret;
> +
> + if (data & PORT_MIRROR_SNIFFER) {
> + dev_err(dev->dev,
> + "Delete existing rules towards %s & try\n",
> + dsa_to_port(ds, p)->name);
> + return -EBUSY;
> + }
> + }
I think this check should be placed before you enable
PORT_MIRROR_RX/PORT_MIRROR_TX.
> +
> + ret = lan937x_port_cfg(dev, mirror->to_local_port, P_MIRROR_CTRL,
> + PORT_MIRROR_SNIFFER, true);
> + if (ret < 0)
> + return ret;
> +
> + ret = lan937x_cfg(dev, S_MIRROR_CTRL, SW_MIRROR_RX_TX, false);
> +
> + return ret;
You can forgo an assignment to "ret" here and do "return lan937x_cfg(...)"
Powered by blists - more mailing lists