Message ID | 1423854624-7631-1-git-send-email-ardeleanalex@gmail.com |
---|---|
State | Changes Requested |
Delegated to: | Jonas Gorski |
Headers | show |
On Fri, Feb 13, 2015 at 8:10 PM, Alexandru Ardelean <ardeleanalex@gmail.com> wrote: > From: Helmut Schaa <helmut.schaa@googlemail.com> > > Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com> What does it protect from? Is it available on all supported chips? What are the use cases of this? Please explain what this bit does and why we want to (un)set it. Jonas
Hello, So, I don't know on which chips this feature is supported. Our chip of interest is the BCM53128. Maybe I could first add a "is53128()" function, so that it's only specific to this chip, especially since we want to push more features that we've developed on this particular chip. Then, if others find that it works on other chips, it could be adapted/extended. To answer the questions: A port that is marked protected means that it cannot talk to another port that is marked protected. A protected port can send data to an unprotected port, and unprotected ports can send data to any port. This can be adapted into a sort of a security feature. The Broadcom default is for the protected mode to be off in hardware, but our board has this default overridden in hw, because it is required in several of our use-cases. So, unsetting those bits sets the default behaviour, which should not affect normal behaviour. Maybe I could re-spin this patch, and include a more informative comment ? Or, if there's no desire for it, we could just drop it. Either way, I will send further patches for the b53 driver, and include more informative comments. Thanks Alex On Tue, Feb 17, 2015 at 3:15 PM, Jonas Gorski <jogo@openwrt.org> wrote: > On Fri, Feb 13, 2015 at 8:10 PM, Alexandru Ardelean > <ardeleanalex@gmail.com> wrote: > > From: Helmut Schaa <helmut.schaa@googlemail.com> > > > > Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com> > > What does it protect from? Is it available on all supported chips? > What are the use cases of this? Please explain what this bit does and > why we want to (un)set it. > > > Jonas >
diff --git a/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_common.c b/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_common.c index b82bc93..e4cfc29 100644 --- a/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_common.c +++ b/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_common.c @@ -363,6 +363,7 @@ static int b53_flush_arl(struct b53_device *dev) static void b53_enable_ports(struct b53_device *dev) { unsigned i; + u16 protected = 0; b53_for_each_port(dev, i) { u8 port_ctrl; @@ -401,7 +402,13 @@ static void b53_enable_ports(struct b53_device *dev) if (!is63xx(dev) && !(is5301x(dev) && i == 6)) b53_write8(dev, B53_CTRL_PAGE, B53_PORT_CTRL(i), port_ctrl); + + /* Enable/disable port protection */ + if (dev->ports[i].protected) + protected |= BIT(i); } + + b53_write16(dev, B53_CTRL_PAGE, B53_PROTECTED_PORT_SELECTION, protected); } static void b53_enable_mib(struct b53_device *dev) @@ -862,6 +869,35 @@ static int b53_port_get_mib(struct switch_dev *sw_dev, return 0; } +static int b53_port_get_protected(struct switch_dev *sw_dev, + const struct switch_attr *attr, + struct switch_val *val) +{ + struct b53_device *dev = sw_to_b53(sw_dev); + int port = val->port_vlan; + + if (!(BIT(port) & dev->enabled_ports)) + return -1; + + val->value.i = !!(dev->ports[port].protected); + + return 0; +} + +static int b53_port_set_protected(struct switch_dev *sw_dev, + const struct switch_attr *attr, + struct switch_val *val) +{ + struct b53_device *dev = sw_to_b53(sw_dev); + int port = val->port_vlan; + + if (!(BIT(port) & dev->enabled_ports)) + return -1; + + dev->ports[port].protected = !!(val->value.i); + return 0; +} + static struct switch_attr b53_global_ops_25[] = { { .type = SWITCH_TYPE_INT, @@ -948,6 +984,14 @@ static struct switch_attr b53_port_ops[] = { .description = "Get port's MIB counters", .get = b53_port_get_mib, }, + { + .type = SWITCH_TYPE_INT, + .name = "protected", + .description = "Enable protected mode", + .set = b53_port_set_protected, + .get = b53_port_get_protected, + .max = 1, + }, }; static struct switch_attr b53_no_ops[] = { diff --git a/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_priv.h b/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_priv.h index ce5b530..87ecbb5 100644 --- a/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_priv.h +++ b/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_priv.h @@ -65,6 +65,7 @@ struct b53_vlan { struct b53_port { unsigned int pvid:12; + unsigned int protected:1; }; struct b53_device { diff --git a/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_regs.h b/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_regs.h index ba50915..0f5b2cb 100644 --- a/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_regs.h +++ b/openwrt/target/linux/generic/files/drivers/net/phy/b53/b53_regs.h @@ -95,6 +95,9 @@ #define B53_MC_FWD_EN BIT(7) /* (16 bit) */ +#define B53_PROTECTED_PORT_SELECTION 0x24 + +/* (16 bit) */ #define B53_UC_FLOOD_MASK 0x32 #define B53_MC_FLOOD_MASK 0x34 #define B53_IPMC_FLOOD_MASK 0x36