lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <793efa88-2a97-4cc3-9f84-101eef51962d@lunn.ch>
Date: Mon, 17 Jul 2023 14:53:10 +0200
From: Andrew Lunn <andrew@...n.ch>
To: Riccardo Laiolo <laiolo@...ff.it>
Cc: netdev@...r.kernel.org
Subject: Re: Question on IGMP snooping on switch managment port

On Mon, Jul 17, 2023 at 09:32:35AM +0200, Riccardo Laiolo wrote:
> Hi,
> 
> I'm working on a NXP-based embedded board (imx8mp) with a Marvell mv88e6390 switch.
> I'm running Linux 5.15.71 from the NXP downstream git repository (which is a year behind
> the upstream 5.15.y LTS release, I think). I've applied all the commits related to the Marvell
> driver from the 5.15LTS upstream that I was missing into my codebase.
> 
> I can't get the IGMP snooping to works properly. On front facing ports, it appears to work fine:
> MDB rules get correctly updated and multicast packets get blocked or routed accordingly. But when
> the subscribed is my embedded device (so the subscribed device is the switch
> management port) it doesn't work. The first IGMP packet get correctly routed and
> propagated through te network and all the interested node update their MDB entry list.
> 
> From now on all the outgoing IGMP packets get dropped.
> 
> 
> Adding and removing MDB rules by hand I found the offending rule appears to be
> 	dev br0 port br0 grp 224.0.1.185 temp
> 
> this rule gets correctly appended when I open a multicast rx socket,
> but my device fails to answer to any IMGP membership query until I remove said rule.
> 
> What am I missing? Is it possible for a linux network switch to be a multicast recipient device?

Hi Riccardo

It is a good idea to test the latest kernel before reporting problems
to mainline. You can then determine if its a known and fixed issue,
and the back port is missing, or it is something new. Any fix will be
applied to the latest kernel, and will then need back porting.

I would be interested in knowing if:

commit 7bcad0f0e6fbc1d613e49e0ee35c8e5f2e685bb0
Author: Steffen Bätz <steffen@...osonix.de>
Date:   Wed Mar 29 12:01:40 2023 -0300

    net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
    
    Do not set the MV88E6XXX_PORT_CTL0_IGMP_MLD_SNOOP bit on CPU or DSA ports.
    
    This allows the host CPU port to be a regular IGMP listener by sending out
    IGMP Membership Reports, which would otherwise not be forwarded by the
    mv88exxx chip, but directly looped back to the CPU port itself.


helps.

	Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ