lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 9 Sep 2022 15:34:53 +0800
From:   Jiaqing Zhao <>
To:     Paul Fertser <>
Cc:     Samuel Mendoza-Jonas <>,
        "David S. Miller" <>,
        Eric Dumazet <>,
        Paolo Abeni <>,,,
Subject: Re: [PATCH] net/ncsi: Add Intel OS2BMC OEM command

On 2022-09-09 13:59, Paul Fertser wrote:
> Hello,
> On Fri, Sep 09, 2022 at 10:57:17AM +0800, Jiaqing Zhao wrote:
>> The Intel OS2BMC OEM NCSI command is used for controlling whether
>> network traffic between host and sideband is allowed or not. By
>> default such traffic is disallowed, meaning that if the device using
>> NCS (usually BMC) does not have extra active connection, it cannot
>> reach the host.
> Can you please explain the rationale behind introducing this as a
> compile-time kernel config option? I can probably imagine how this can
> make sense as a DT switch (e.g. to describe hardware where there's no
> other communication channel between the host and BMC) but even this
> feels far-fetched.

Previously I submitted a patch to make the NCSI configurable in DT[1], but
it was not accepted by kernel community. A limitation is that currently NCSI
is not a standalone device node, it is controlled by "use-ncsi" option in the
MAC device DT node (like ftgmac100).

Other features like keep phy (also intel-specific oem) also uses kernel option.


> Can you please outline some particular use cases for this feature?
It enables access between host and BMC when BMC shares the network connection
with host using NCSI, like accessing BMC via HTTP or SSH from host. 

Powered by blists - more mailing lists