lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250210152246.4ajumdchwhvbarik@skbuf>
Date: Mon, 10 Feb 2025 17:22:46 +0200
From: Vladimir Oltean <olteanv@...il.com>
To: Ido Schimmel <idosch@...dia.com>
Cc: Eric Woudstra <ericwouds@...il.com>, Petr Machata <petrm@...dia.com>,
	Andrew Lunn <andrew+netdev@...n.ch>,
	"David S. Miller" <davem@...emloft.net>,
	Eric Dumazet <edumazet@...gle.com>,
	Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
	Nikolay Aleksandrov <razor@...ckwall.org>, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH v1 net-next] net: mlxsw_sp: Use
 switchdev_handle_port_obj_add_foreign() for vxlan

On Mon, Feb 10, 2025 at 08:48:32AM +0200, Ido Schimmel wrote:
> On Sat, Feb 08, 2025 at 03:15:18PM +0100, Eric Woudstra wrote:
> > Sending as RFC as I do not own this hardware. This code is not tested.
> > 
> > Vladimir found this part of the spectrum switchdev, while looking at
> > another issue here:
> > 
> > https://lore.kernel.org/all/20250207220408.zipucrmm2yafj4wu@skbuf/
> > 
> > As vxlan seems a foreign port, wouldn't it be better to use
> > switchdev_handle_port_obj_add_foreign() ?
> 
> Thanks for the patch, but the VXLAN port is not foreign to the other
> switch ports. That is, forwarding between these ports and VXLAN happens
> in hardware. And yes, switchdev_bridge_port_offload() does need to be
> called for the VXLAN port so that it's assigned the same hardware domain
> as the other ports.

Thanks, this is useful. I'm not providing a patch yet because there are
still things I don't understand.

Have you seen any of the typical problems associated with the software
bridge thinking vxlan isn't part of the same hwdom as the ingress
physical port, and, say, flooding packets twice to vxlan, when the
switch had already forwarded a copy of the packet? In almost 4 years
since commit 2f5dc00f7a3e ("net: bridge: switchdev: let drivers inform
which bridge ports are offloaded"), I would have expected such issues
would have been noticed?

Do we require a Fixes: tag for this?

And then, switchdev_bridge_port_offload() has a brport_dev argument,
which would pretty clearly be passed as vxlan_dev by
mlxsw_sp_bridge_8021d_vxlan_join() and
mlxsw_sp_bridge_vlan_aware_vxlan_join(), but it also has one other
"struct net_device *dev" argument, on which br_switchdev_port_offload()
wants to call dev_get_port_parent_id(), to see what hwdom (what other
bridge ports) to associate it to.

Usually we use the mlxsw_sp_port->dev as the second argument, but which
port to use here? Any random port that's under the bridge, or is there a
specific one for the vxlan that should be used?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ