grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] efinet: filter multicast traffic based on addresses

From: Andrei Borzenkov
Subject: Re: [PATCH] efinet: filter multicast traffic based on addresses
Date: Fri, 20 Nov 2015 14:02:15 +0300
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 
17.11.2015 21:35, Josef Bacik пишет:

We have some hardware that claims to support PROMISCUOUS_MULTICAST but doesn't
actually work.  Instead utilize the multicast filters and specifically enable
the multicast traffic we care about.  In reality we only care about ipv6
multicast traffic but enable ipv4 multicast as well just in case.  Whenever we
add a new address to the card we calculate the solicited node multicast address
to the multicast filter.  With this patch my broken hardware is still broken but
functional.  Thanks,

Signed-off-by: Josef Bacik <address@hidden>
---
  grub-core/net/drivers/efi/efinet.c | 84 ++++++++++++++++++++++++++++++++++----
  grub-core/net/net.c                |  2 +
  include/grub/net.h                 | 54 ++++++++++++------------
  3 files changed, 105 insertions(+), 35 deletions(-)

diff --git a/grub-core/net/drivers/efi/efinet.c 
b/grub-core/net/drivers/efi/efinet.c
index c8f80a1..bbbadd2 100644
--- a/grub-core/net/drivers/efi/efinet.c
+++ b/grub-core/net/drivers/efi/efinet.c
@@ -23,6 +23,7 @@
  #include <grub/efi/api.h>
  #include <grub/efi/efi.h>
  #include <grub/i18n.h>
+#include <grub/net/ip.h>

  GRUB_MOD_LICENSE ("GPLv3+");

@@ -183,8 +184,9 @@ open_card (struct grub_net_card *dev)
         We need unicast and broadcast and additionaly all nodes and
         solicited multicast for IPv6. Solicited multicast is per-IPv6
         address and we currently do not have API to do it so simply
-        try to enable receive of all multicast packets or evertyhing in
-        the worst case (i386 PXE driver always enables promiscuous too).
+        enable the all node addresses and the link local address.  We do this
+        because some firmware has been found to not do promiscuous multicast
+        mode properly.

         This does trust firmware to do what it claims to do.
         */
@@ -192,14 +194,25 @@ open_card (struct grub_net_card *dev)
        {
          grub_uint32_t filters = GRUB_EFI_SIMPLE_NETWORK_RECEIVE_UNICAST   |
                                  GRUB_EFI_SIMPLE_NETWORK_RECEIVE_BROADCAST |
-                                 
GRUB_EFI_SIMPLE_NETWORK_RECEIVE_PROMISCUOUS_MULTICAST;
+                                 GRUB_EFI_SIMPLE_NETWORK_RECEIVE_MULTICAST;
+         grub_efi_status_t st;
+         grub_efi_mac_address_t mac_filter[2] = {
+                 { 0x1, 0, 0x5e, 0, 0, 1, },
+                 { 0x33, 0x33, 0, 0, 0, 1, },};

          filters &= net->mode->receive_filter_mask;
-         if (!(filters & 
GRUB_EFI_SIMPLE_NETWORK_RECEIVE_PROMISCUOUS_MULTICAST))
-           filters |= (net->mode->receive_filter_mask &
-                       GRUB_EFI_SIMPLE_NETWORK_RECEIVE_PROMISCUOUS);
-
could you do a favor and test whether enabling lone GRUB_EFI_SIMPLE_NETWORK_RECEIVE_PROMISCUOUS (without any additional filters flags) works for you? I.e. just do
efi_call_6 (net->receive_filters, net, GRUB_EFI_SIMPLE_NETWORK_RECEIVE_PROMISCUOUS, 0, 0, 0, NULL);
It is possible that attempt to set promiscuous together with other filters does not work.
I still believe it is better workaround in general to avoid increasing complexity.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]