[source] ramips: prevent packet forwarding on mt7620 between switch ports during init (FS#103)
LEDE Commits
lede-commits at lists.infradead.org
Sun Dec 4 02:42:02 PST 2016
nbd pushed a commit to source.git, branch master:
https://git.lede-project.org/566de813c318d6d30ec3645ee46d3e7357e49f5e
commit 566de813c318d6d30ec3645ee46d3e7357e49f5e
Author: Felix Fietkau <nbd at nbd.name>
AuthorDate: Tue Nov 29 11:59:48 2016 +0100
ramips: prevent packet forwarding on mt7620 between switch ports during init (FS#103)
By default, forwarding between all ports is allowed on init. This is
problematic in cases where some ports are supposed to be isolated from
each other, most commonly LAN/WAN separation.
REG_ESW_PORT_PCR(port) has a destination mask for a particular port,
controlling what other ports it is allowed to send packets to.
Instead of initializing all to 0xff (all ports), allow each physical
port to send to the CPU port, and the CPU port to send to all other
ports.
Signed-off-by: Felix Fietkau <nbd at nbd.name>
---
.../0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch | 6 ++++--
target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch | 6 +++---
2 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/target/linux/ramips/patches-4.4/0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch b/target/linux/ramips/patches-4.4/0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch
index 3ae5f51..4dee81d 100644
--- a/target/linux/ramips/patches-4.4/0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch
+++ b/target/linux/ramips/patches-4.4/0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch
@@ -61,7 +61,7 @@ Signed-off-by: John Crispin <blogic at openwrt.org>
GSW_ATTR_ENABLE_VLAN,
--- /dev/null
+++ b/drivers/net/ethernet/mediatek/mt7530.c
-@@ -0,0 +1,884 @@
+@@ -0,0 +1,886 @@
+/*
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
@@ -555,7 +555,9 @@ Signed-off-by: John Crispin <blogic at openwrt.org>
+
+ if (!priv->global_vlan_enable) {
+ for (i = 0; i < MT7530_NUM_PORTS; i++)
-+ mt7530_w32(priv, REG_ESW_PORT_PCR(i), 0x00ff0000);
++ mt7530_w32(priv, REG_ESW_PORT_PCR(i), 0x00400000);
++
++ mt7530_w32(priv, REG_ESW_PORT_PCR(MT7530_CPU_PORT), 0x00ff0000);
+
+ for (i = 0; i < MT7530_NUM_PORTS; i++)
+ mt7530_w32(priv, REG_ESW_PORT_PVC(i), 0x810000c0);
diff --git a/target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch b/target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch
index 45e320b..c8fbc64 100644
--- a/target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch
+++ b/target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch
@@ -1,6 +1,6 @@
--- a/drivers/net/ethernet/mediatek/mt7530.c
+++ b/drivers/net/ethernet/mediatek/mt7530.c
-@@ -541,6 +541,7 @@ mt7530_apply_config(struct switch_dev *d
+@@ -543,6 +543,7 @@ mt7530_apply_config(struct switch_dev *d
u8 etags = priv->vlan_entries[i].etags;
u32 val;
@@ -8,7 +8,7 @@
/* vid of vlan */
val = mt7530_r32(priv, REG_ESW_VLAN_VTIM(i));
if (i % 2 == 0) {
-@@ -551,7 +552,7 @@ mt7530_apply_config(struct switch_dev *d
+@@ -553,7 +554,7 @@ mt7530_apply_config(struct switch_dev *d
val |= (vid << 12);
}
mt7530_w32(priv, REG_ESW_VLAN_VTIM(i), val);
@@ -17,7 +17,7 @@
/* vlan port membership */
if (member)
mt7530_w32(priv, REG_ESW_VLAN_VAWD1, REG_ESW_VLAN_VAWD1_IVL_MAC |
-@@ -571,7 +572,11 @@ mt7530_apply_config(struct switch_dev *d
+@@ -573,7 +574,11 @@ mt7530_apply_config(struct switch_dev *d
mt7530_w32(priv, REG_ESW_VLAN_VAWD2, val);
/* write to vlan table */
More information about the lede-commits
mailing list