lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20250429201710.330937-1-jonas.gorski@gmail.com>
Date: Tue, 29 Apr 2025 22:16:59 +0200
From: Jonas Gorski <jonas.gorski@...il.com>
To: Florian Fainelli <florian.fainelli@...adcom.com>,
	Andrew Lunn <andrew@...n.ch>,
	Vladimir Oltean <olteanv@...il.com>,
	"David S. Miller" <davem@...emloft.net>,
	Eric Dumazet <edumazet@...gle.com>,
	Jakub Kicinski <kuba@...nel.org>,
	Paolo Abeni <pabeni@...hat.com>,
	Russell King <linux@...linux.org.uk>,
	Kurt Kanzenbach <kurt@...utronix.de>
Cc: Florian Fainelli <f.fainelli@...il.com>,
	netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: [PATCH net 00/11] net: dsa: b53: accumulated fixes

This patchset aims at fixing most issues observed while running the
vlan_unaware_bridge, vlan_aware_bridge and local_termination selftests.

Most tests succeed with these patches on BCM53115, connected to a
BCM6368.

It took me a while to figure out that a lot of tests will fail if all
ports have the same MAC address, as the switches drop any frames with
DA == SA. Luckily BCM63XX boards often have enough MACs allocated for
all ports, so I just needed to assign them.

The still failing tests are:

FDB learning, both vlan aware aware and unaware:

This is expected, as b53 currently does not implement changing the
ageing time, and both the bridge code and DSA ignore that, so the
learned entries don't age out as expected.

ping and ping6 in vlan unaware:

These fail because of the now fixed learning, the switch trying to
forward packet ingressing on one of the standalone ports to the learned
port of the mac address when the packets ingressed on the bridged port.

The port VLAN masks only prevent forwarding to other ports, but the ARL
lookup will still happen, and the packet gets dropped because the port
isn't allowed to forward there.

I have a fix/workaround for that, but as it is a bit more controversial
and makes use of an unrelated feature, I decided to hold off from that
and post it later.

This wasn't noticed so far, because learning was never working in VLAN
unaware mode, so the traffic was always broadcast (which sidesteps the
issue).

Finally some of the multicast tests from local_termination fail, where
the reception worked except it shouldn't. This doesn't seem to me as a
super serious issue, so I didn't attempt to debug/fix these yet.

I'm not super confident I didn't break sf2 along the way, but I did
compile test and tried to find ways it cause issues (I failed to find
any). I hope Florian will tell me.

Jonas Gorski (11):
  net: dsa: b53: allow leaky reserved multicast
  net: dsa: b53: keep CPU port always tagged again
  net: dsa: b53: fix clearing PVID of a port
  net: dsa: b53: fix flushing old pvid VLAN on pvid change
  net: dsa: b53: fix VLAN ID for untagged vlan on bridge leave
  net: dsa: b53: always rejoin default untagged VLAN on bridge leave
  net: dsa: b53: do not allow to configure VLAN 0
  net: dsa: b53: do not program vlans when vlan filtering is off
  net: dsa: b53: fix toggling vlan_filtering
  net: dsa: b53: fix learning on VLAN unaware bridges
  net: dsa: b53: do not set learning and unicast/multicast on up

 drivers/net/dsa/b53/b53_common.c | 207 ++++++++++++++++++++++---------
 drivers/net/dsa/b53/b53_priv.h   |   3 +
 drivers/net/dsa/bcm_sf2.c        |   1 +
 3 files changed, 154 insertions(+), 57 deletions(-)

-- 
2.43.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ