lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87a6h4xsaj.fsf@kmk-computers.de>
Date:   Mon, 13 Dec 2021 19:40:04 +0100
From:   Kurt Kanzenbach <kurt@...-computers.de>
To:     Richard Cochran <richardcochran@...il.com>,
        Jakub Kicinski <kuba@...nel.org>
Cc:     Tobias Waldekranz <tobias@...dekranz.com>,
        Andrew Lunn <andrew@...n.ch>,
        Vivien Didelot <vivien.didelot@...il.com>,
        Florian Fainelli <f.fainelli@...il.com>,
        Vladimir Oltean <olteanv@...il.com>,
        "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
Subject: Re: [PATCH net-next v1] net: dsa: mv88e6xxx: Trap PTP traffic

On Mon Dec 13 2021, Richard Cochran wrote:
> On Sat, Dec 11, 2021 at 07:39:26AM -0800, Richard Cochran wrote:
>> On Fri, Dec 10, 2021 at 09:14:10PM -0800, Jakub Kicinski wrote:
>> > On Fri, 10 Dec 2021 01:07:59 +0100 Tobias Waldekranz wrote:
>> > > Do we know how PTP is supposed to work in relation to things like STP?
>> > > I.e should you be able to run PTP over a link that is currently in
>> > > blocking?
>> > 
>> > Not sure if I'm missing the real question but IIRC the standard
>> > calls out that PTP clock distribution tree can be different that
>> > the STP tree, ergo PTP ignores STP forwarding state.
>> 
>> That is correct.  The PTP will form its own spanning tree, and that
>> might be different than the STP.  In fact, the Layer2 PTP messages
>> have special MAC addresses that are supposed to be sent
>> unconditionally, even over blocked ports.
>
> Let me correct that statement.
>
> I looked at 1588 again, and for E2E TC it states, "All PTP version 2
> messages shall be forwarded according to the addressing rules of the
> network."  I suppose that includes the STP state.
>
> For P2P TC, there is an exception that the peer delay messages are not
> forwarded.  These are generated and consumed by the switch.
>
> The PTP spanning tree still is formed by the Boundary Clocks (BC), and
> a Transparent Clock (TC) does not participate in forming the PTP
> spanning tree.
>
> What does this mean for Linux DSA switch drivers?
>
> 1. All incoming PTP frames should be forwarded to the CPU port, so
>    that the software stack may perform its BC or TC functions.
>
> 2. When used as a BC, the PTP frames sent from the CPU port should not
>    be dropped.
>
> 3. When used as a TC, PTP frames sent from the CPU port can be dropped
>    on blocked external ports, except for the Peer Delay messages.

Maybe I'm missing something, but how is #2 and #3 supposed to work with
DSA? The switch driver doesn't know whether the user wants to run BC or
TC. For #2 the STP state is ignored, for #3 it is not except for peer
delay measurements.

Thanks,
Kurt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ