Page MenuHomeFreeBSD
Differential D46794

axgbe: Fix setting promisc mode
ClosedPublic
Actions

Authored by zlei on Sep 26 2024, 8:40 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 19, 7:13 PM
Unknown Object (File)
Sat, Nov 16, 7:09 AM
Unknown Object (File)
Wed, Nov 6, 6:42 AM
Unknown Object (File)
Fri, Nov 1, 2:46 AM
Unknown Object (File)
Thu, Oct 24, 8:56 AM
Unknown Object (File)
Oct 21 2024, 9:55 PM
Unknown Object (File)
Oct 19 2024, 10:21 PM
Unknown Object (File)
Oct 12 2024, 5:41 AM
View All 17 Files
Subscribers
franco_opnsense.org
imp
markj
stephan.dewt_yahoo.co.uk

Details

Reviewers
andrew
rajesh1.kumar_amd.com
markj
franco_opnsense.org
Group Reviewers
network
Commits
rGc7a2636889a6: axgbe: Fix setting promisc mode
Summary

Ethernet drivers should respect IFF_PROMISC rather than IFF_PPROMISC.
The latter is for user-requested promisc mode, it implies the former
but not vice versa. Some in-kernel components such as if_bridge(4) and
bpf(4) will set promisc mode for interfaces on-demand.

While here, update the debugging message to be not confusing.

This was spotted while reviewing markj@ 's work D46524.

Tested by: ???
MFC after: 1 week

Test Plan

Either of the following should suffice.

  1. Do traffic sniffing on axgbe interface. The interface will enter promisc mode and should see packets not for us.
  2. Create if_bridge(4) and bring axgbe interface a member. Make traffic over if_bridge.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

zlei created this revision.Sep 26 2024, 8:40 AM
Herald added a subscriber: imp. · View Herald TranscriptSep 26 2024, 8:40 AM
zlei requested review of this revision.Sep 26 2024, 8:40 AM
zlei added a subscriber: markj.

I do not have axgbe hardware so can not test it by myself. I'd appreciate if someone could test this fix !

zlei added inline comments.Sep 26 2024, 8:47 AM
sys/dev/axgbe/if_axgbe_pci.c
2358

Well, the allmulti mode (IFF_ALLMULTI) should also be handled correctly, but that is out of scope of this change.

markj accepted this revision as: markj.Sep 26 2024, 1:29 PM

This looks ok, but yes it needs to be tested. I don't have this hardware.

This revision is now accepted and ready to land.Sep 26 2024, 1:29 PM
franco_opnsense.org added a subscriber: franco_opnsense.org.Oct 1 2024, 5:07 AM
franco_opnsense.org accepted this revision.Oct 11 2024, 6:59 AM

Let's get this in for the sake of correctness although my testing was inconclusive and will circle back eventually.

Closed by commit rGc7a2636889a6: axgbe: Fix setting promisc mode (authored by zlei). · Explain WhyOct 12 2024, 1:58 PM
This revision was automatically updated to reflect the committed changes.
zlei added a commit: rGc7a2636889a6: axgbe: Fix setting promisc mode.
stephan.dewt_yahoo.co.uk added a subscriber: stephan.dewt_yahoo.co.uk.Oct 21 2024, 1:08 PM

Just to comment on the unconditional promisc mode initialization, this is shown in more detail here: https://github.com/freebsd/freebsd-src/blob/main/sys/dev/axgbe/xgbe-dev.c#L2032-L2036.

At the time tests showed that multicast traffic was filtered even when specifically enabled in hardware, with the above change as the only feasible workaround.

zlei added a comment.Oct 21 2024, 4:04 PM
In D46794#1076531, @stephan.dewt_yahoo.co.uk wrote:

Just to comment on the unconditional promisc mode initialization, this is shown in more detail here: https://github.com/freebsd/freebsd-src/blob/main/sys/dev/axgbe/xgbe-dev.c#L2032-L2036.

Emm, that is unfortunate.

At the time tests showed that multicast traffic was filtered even when specifically enabled in hardware, with the above change as the only feasible workaround.

Is that specific to FreeBSD only ? I do not see this workaround in Linux driver https://github.com/torvalds/linux/blob/master/drivers/net/ethernet/amd/xgbe/xgbe-dev.c#L2855 .

stephan.dewt_yahoo.co.uk added a comment.Wed, Oct 23, 11:56 AM
In D46794#1076717, @zlei wrote:

Is that specific to FreeBSD only ? I do not see this workaround in Linux driver https://github.com/torvalds/linux/blob/master/drivers/net/ethernet/amd/xgbe/xgbe-dev.c#L2855 .

I don't know for sure, but chances are this issue has never been seen on Linux given the low adoption.

FWIW, I just re-tested this and indeed CARP packets are filtered out without the "RA" bit set. In fact, even with promiscuous mode on (https://github.com/freebsd/freebsd-src/blob/main/sys/dev/axgbe/xgbe-dev.c#L974), unicast packets not destined for this MAC are filtered out as well.

zlei added a comment.Thu, Oct 24, 3:47 PM
In D46794#1077535, @stephan.dewt_yahoo.co.uk wrote:
In D46794#1076717, @zlei wrote:

Is that specific to FreeBSD only ? I do not see this workaround in Linux driver https://github.com/torvalds/linux/blob/master/drivers/net/ethernet/amd/xgbe/xgbe-dev.c#L2855 .

I don't know for sure, but chances are this issue has never been seen on Linux given the low adoption.

It will be good if the Linux's version can be tested. So that we can confirm whether it is firmware/hardware/design issue or (probably) not .

FWIW, I just re-tested this and indeed CARP packets are filtered out without the "RA" bit set. In fact, even with promiscuous mode on (https://github.com/freebsd/freebsd-src/blob/main/sys/dev/axgbe/xgbe-dev.c#L974), unicast packets not destined for this MAC are filtered out as well.

The line 974 is actually for multicast promiscuous mode (IFF_ALLMULTI). The current code do not handle it correctly. See my previous comment under axgbe_if_promisc_set().
May you please test the unicast promiscuous mode only right now ( without the "RA" bit set )?

A quick setup would be directly connected two ports / hosts via cross twist cable or DAC cable, as nowadays even cheap L2 switch is smart and will filter out unwanted packets.

Revision Contents
Changeset List

PathSize
sys/
dev/
axgbe/
10 lines
2 lines

Diff 144714

View Options

sys/dev/axgbe/if_axgbe_pci.c

Loading...
View Options

sys/dev/axgbe/xgbe-dev.c

Loading...