| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 01 Aug 2022 17:33:49 +0200
From: netdev@...io-technology.com
To: Ido Schimmel <idosch@...dia.com>
Cc: Vladimir Oltean <olteanv@...il.com>, davem@...emloft.net,
kuba@...nel.org, netdev@...r.kernel.org,
Andrew Lunn <andrew@...n.ch>,
Vivien Didelot <vivien.didelot@...il.com>,
Florian Fainelli <f.fainelli@...il.com>,
Eric Dumazet <edumazet@...gle.com>,
Paolo Abeni <pabeni@...hat.com>, Jiri Pirko <jiri@...nulli.us>,
Ivan Vecera <ivecera@...hat.com>,
Roopa Prabhu <roopa@...dia.com>,
Nikolay Aleksandrov <razor@...ckwall.org>,
Shuah Khan <shuah@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
linux-kernel@...r.kernel.org, bridge@...ts.linux-foundation.org,
linux-kselftest@...r.kernel.org
Subject: Re: [PATCH v4 net-next 3/6] drivers: net: dsa: add locked fdb entry
flag to drivers
On 2022-07-13 14:39, Ido Schimmel wrote:
>
> What are "Storm Prevention" and "zero-DPV" FDB entries?
>
For the zero-DPV entries, I can summarize:
Since a CPU can become saturated from constant SA Miss Violations from a
denied source, source MAC address are masked by loading a zero-DPV
(Destination Port Vector) entry in the ATU. As the address now appears
in the database it will not cause more Miss Violations. ANY port trying
to send a frame to this unauthorized address is discarded. Any locked
port trying to use this unauthorized address has its frames discarded
too (as the ports SA bit is not set in the ATU entry).
Powered by blists - more mailing lists