| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5d5cc80b20e878d01c3d7d739f0fc7e429a840ed.camel@alliedtelesis.co.nz>
Date: Mon, 20 Jan 2025 03:01:49 +0000
From: Aryan Srivastava <Aryan.Srivastava@...iedtelesis.co.nz>
To: "andrew@...n.ch" <andrew@...n.ch>
CC: "olteanv@...il.com" <olteanv@...il.com>, "davem@...emloft.net"
<davem@...emloft.net>, "linux-kernel@...r.kernel.org"
<linux-kernel@...r.kernel.org>, "pabeni@...hat.com" <pabeni@...hat.com>,
"kuba@...nel.org" <kuba@...nel.org>, "edumazet@...gle.com"
<edumazet@...gle.com>, "jiri@...nulli.us" <jiri@...nulli.us>,
"horms@...nel.org" <horms@...nel.org>, "netdev@...r.kernel.org"
<netdev@...r.kernel.org>
Subject: Re: [RFC net-next v1 2/2] net: dsa: add option for bridge port HW
offload
On Mon, 2025-01-20 at 03:39 +0100, Andrew Lunn wrote:
> On Mon, Jan 20, 2025 at 01:49:12PM +1300, Aryan Srivastava wrote:
> > Currently the DSA framework will HW offload any bridge port if
> > there is
> > a driver available to support HW offloading. This may not always be
> > the
> > preferred case. In cases where it is preferred that all traffic
> > still
> > hit the CPU, do software bridging instead.
> >
> > To prevent HW bridging (and potential CPU bypass), make the DSA
> > framework aware of the devlink port function attr, bridge_offload,
> > and
> > add a matching field to the port struct. Add get/set functions to
> > configure the field, and use this field to condition HW config for
> > offloading a bridge port.
>
> This is not a very convincing description. What is your real use case
> for not offloading?
>
The real use case for us is packet inspection. Due to the bridge ports
being offloaded in hardware, we can no longer inspect the traffic on
them, as the packets never hit the CPU.
> >
> > Signed-off-by: Aryan Srivastava
> > <aryan.srivastava@...iedtelesis.co.nz>
> > ---
> > include/net/dsa.h | 1 +
> > net/dsa/devlink.c | 27 ++++++++++++++++++++++++++-
> > net/dsa/dsa.c | 1 +
> > net/dsa/port.c | 3 ++-
> > 4 files changed, 30 insertions(+), 2 deletions(-)
> >
> > diff --git a/include/net/dsa.h b/include/net/dsa.h
> > index a0a9481c52c2..9ee2d7ccfff8 100644
> > --- a/include/net/dsa.h
> > +++ b/include/net/dsa.h
> > @@ -291,6 +291,7 @@ struct dsa_port {
> >
> > struct device_node *dn;
> > unsigned int ageing_time;
> > + bool bridge_offloading;
>
> Indentation is not consistent here.
Will fix.
>
> net-next is closed for the merge window.
I was unsure about uploading this right now (as you said net-next is
closed), but the netdev docs page states that RFC patches are welcome
anytime, please let me know if this is not case, and if so I apologize
for my erroneous submission.
>
>
> Andrew
>
> ---
> pw-bot: cr
Aryan
Powered by blists - more mailing lists