lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri,  7 Jan 2022 17:00:44 +0200
From:   Vladimir Oltean <vladimir.oltean@....com>
To:     netdev@...r.kernel.org
Cc:     Andrew Lunn <andrew@...n.ch>,
        Vivien Didelot <vivien.didelot@...il.com>,
        Florian Fainelli <f.fainelli@...il.com>,
        Ansuel Smith <ansuelsmth@...il.com>,
        Tobias Waldekranz <tobias@...dekranz.com>,
        DENG Qingfang <dqfext@...il.com>
Subject: [RFC PATCH net-next 00/12] FDB entries on DSA LAG interfaces

This is an RFC for 2 reasons:
- it's a bit late in the kernel development cycle to introduce such a
  large change set
- it doesn't apply/work without the following in-flight patches:

[PATCH net] net: mscc: ocelot: fix incorrect balancing with down LAG ports
git b4 20220107135839.237534-1-vladimir.oltean@....com
[PATCH net-next] net: dsa: felix: add port fast age support
git b4 20220107144229.244584-1-vladimir.oltean@....com

This work permits having static and local FDB entries on LAG interfaces
that are offloaded by DSA ports. New API needs to be introduced in
drivers. To maintain consistency with the bridging offload code, I've
taken the liberty to reorganize the data structures added by Tobias in
the DSA core a little bit.

Lightly tested on NXP LS1028A (felix switch). Would appreciate feedback/
testing on other platforms too. Testing procedure was the one described
here:
https://patchwork.kernel.org/project/netdevbpf/cover/20210205130240.4072854-1-vladimir.oltean@nxp.com/

with this script:

ip link del bond0
ip link add bond0 type bond mode 802.3ad
ip link set swp1 down && ip link set swp1 master bond0 && ip link set swp1 up
ip link set swp2 down && ip link set swp2 master bond0 && ip link set swp2 up
ip link del br0
ip link add br0 type bridge && ip link set br0 up
ip link set br0 arp off
ip link set bond0 master br0 && ip link set bond0 up
ip link set swp0 master br0 && ip link set swp0 up
ip link set dev bond0 type bridge_slave flood off learning off
bridge fdb add dev bond0 <mac address of other eno0> master static

I'm noticing a problem in 'bridge fdb dump' with the 'self' entries, and
I didn't solve this. On Ocelot, an entry learned on a LAG is reported as
being on the first member port of it (so instead of saying 'self bond0',
it says 'self swp1'). This is better than not seeing the entry at all,
but when DSA queries for the FDBs on a port via ds->ops->port_fdb_dump,
it never queries for FDBs on a LAG. Not clear what we should do there,
we aren't in control of the ->ndo_fdb_dump of the bonding/team drivers.
Alternatively, we could just consider the 'self' entries reported via
ndo_fdb_dump as "better than nothing", and concentrate on the 'master'
entries that are in sync with the bridge when packets are flooded to
software.

Vladimir Oltean (12):
  net: dsa: rename references to "lag" as "lag_dev"
  net: dsa: mv88e6xxx: rename references to "lag" as "lag_dev"
  net: dsa: qca8k: rename references to "lag" as "lag_dev"
  net: dsa: make LAG IDs one-based
  net: dsa: mv88e6xxx: use dsa_switch_for_each_port in
    mv88e6xxx_lag_sync_masks
  net: dsa: create a dsa_lag structure
  net: switchdev: export switchdev_lower_dev_find
  net: dsa: remove "ds" and "port" from struct dsa_switchdev_event_work
  net: dsa: move dsa_foreign_dev_check above
    dsa_slave_switchdev_event_work
  net: dsa: refactor FDB event work for user ports to separate function
  net: dsa: support FDB events on offloaded LAG interfaces
  net: dsa: felix: support FDB entries on offloaded LAG interfaces

 drivers/net/dsa/mv88e6xxx/chip.c   |  46 +++---
 drivers/net/dsa/ocelot/felix.c     |  26 ++-
 drivers/net/dsa/qca8k.c            |  32 ++--
 drivers/net/ethernet/mscc/ocelot.c | 128 ++++++++++++++-
 include/net/dsa.h                  |  66 ++++++--
 include/net/switchdev.h            |   6 +
 include/soc/mscc/ocelot.h          |  12 ++
 net/dsa/dsa2.c                     |  45 ++---
 net/dsa/dsa_priv.h                 |  24 ++-
 net/dsa/port.c                     |  96 +++++++++--
 net/dsa/slave.c                    | 253 +++++++++++++++++++++++------
 net/dsa/switch.c                   | 109 +++++++++++++
 net/dsa/tag_dsa.c                  |   4 +-
 net/switchdev/switchdev.c          |   3 +-
 14 files changed, 691 insertions(+), 159 deletions(-)

-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ