lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230404130607.GB4044@pengutronix.de> Date: Tue, 4 Apr 2023 15:06:07 +0200 From: Oleksij Rempel <o.rempel@...gutronix.de> To: Vladimir Oltean <olteanv@...il.com> Cc: "David S. Miller" <davem@...emloft.net>, Andrew Lunn <andrew@...n.ch>, Eric Dumazet <edumazet@...gle.com>, Florian Fainelli <f.fainelli@...il.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Woojung Huh <woojung.huh@...rochip.com>, Arun Ramadoss <arun.ramadoss@...rochip.com>, kernel@...gutronix.de, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, UNGLinuxDriver@...rochip.com Subject: Re: [PATCH net-next v1 2/7] net: dsa: microchip: ksz8: Implement add/del_fdb and use static MAC table operations On Tue, Apr 04, 2023 at 03:50:02PM +0300, Vladimir Oltean wrote: > On Tue, Apr 04, 2023 at 02:19:11PM +0200, Oleksij Rempel wrote: > > If I compare KSZ879CLX and KSZ8873MLL datasheets, i do not see direct > > answer. The only reason I can imagine is the size of static MAC table. > > All KSZ88xx and KSZ87xx variants have only 8 entries. One is already > > used for STP (even if STP is not enabled, can be optimized). If > > BRIDGE_VLAN compiled, each local address will be configured 2 times. > > So, depending on system configuration the static MAC table will full > > very soon. > > Yikes. KSZ8765 has num_statics = 8 and port_cnt = 5 (so 4 user ports I > assume). So if all 4 user ports had their own MAC address, it would > simply not be possible to put them under a VLAN-aware bridge, since that > would consume 2 BR_FDB_LOCAL entries for each port, so the static MAC > table would be full even without taking the bridge's MAC address into > consideration. > > Even with CONFIG_BRIDGE_VLAN_FILTERING turned off or with the bridge > option vlan_default_pvid = 0, this would still consume 4 BR_FDB_LOCAL > entries + one for the bridge's MAC address + 1 for STP, leaving only 2 > entries usable for *both* bridge fdb, *and* bridge mdb. > > I haven't opened the datasheets of these chips. Is it possible to use > the dynamic MAC table to store static(-ish) entries? According to KSZ8795CLX datasheet, dynamic MAC table is read-only. But there is Access Control Lists (ACL) with 16 entries. It is possible created a forwarding rule with match against DST MAC address. Beside, I'm working right now on KSZ9477 tc-flower support based on ACL implementation. Regards, Oleksij -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
Powered by blists - more mailing lists