aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@nbd.name>2016-11-29 11:59:48 +0100
committerFelix Fietkau <nbd@nbd.name>2016-12-04 11:41:49 +0100
commit566de813c318d6d30ec3645ee46d3e7357e49f5e (patch)
treedbe65e34e292a68469e14a91601c48ea9f4cdc11
parent81b5e8e5d21437a65ebfb98112a0709f4020af36 (diff)
downloadupstream-566de813c318d6d30ec3645ee46d3e7357e49f5e.tar.gz
upstream-566de813c318d6d30ec3645ee46d3e7357e49f5e.tar.bz2
upstream-566de813c318d6d30ec3645ee46d3e7357e49f5e.zip
ramips: prevent packet forwarding on mt7620 between switch ports during init (FS#103)
By default, forwarding between all ports is allowed on init. This is problematic in cases where some ports are supposed to be isolated from each other, most commonly LAN/WAN separation. REG_ESW_PORT_PCR(port) has a destination mask for a particular port, controlling what other ports it is allowed to send packets to. Instead of initializing all to 0xff (all ports), allow each physical port to send to the CPU port, and the CPU port to send to all other ports. Signed-off-by: Felix Fietkau <nbd@nbd.name>
-rw-r--r--target/linux/ramips/patches-4.4/0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch6
-rw-r--r--target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch6
2 files changed, 7 insertions, 5 deletions
diff --git a/target/linux/ramips/patches-4.4/0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch b/target/linux/ramips/patches-4.4/0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch
index 3ae5f51363..4dee81d2e4 100644
--- a/target/linux/ramips/patches-4.4/0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch
+++ b/target/linux/ramips/patches-4.4/0513-net-mediatek-add-swconfig-driver-for-gsw_mt762x.patch
@@ -61,7 +61,7 @@ Signed-off-by: John Crispin <blogic@openwrt.org>
GSW_ATTR_ENABLE_VLAN,
--- /dev/null
+++ b/drivers/net/ethernet/mediatek/mt7530.c
-@@ -0,0 +1,884 @@
+@@ -0,0 +1,886 @@
+/*
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
@@ -555,7 +555,9 @@ Signed-off-by: John Crispin <blogic@openwrt.org>
+
+ if (!priv->global_vlan_enable) {
+ for (i = 0; i < MT7530_NUM_PORTS; i++)
-+ mt7530_w32(priv, REG_ESW_PORT_PCR(i), 0x00ff0000);
++ mt7530_w32(priv, REG_ESW_PORT_PCR(i), 0x00400000);
++
++ mt7530_w32(priv, REG_ESW_PORT_PCR(MT7530_CPU_PORT), 0x00ff0000);
+
+ for (i = 0; i < MT7530_NUM_PORTS; i++)
+ mt7530_w32(priv, REG_ESW_PORT_PVC(i), 0x810000c0);
diff --git a/target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch b/target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch
index 45e320bec3..c8fbc6404c 100644
--- a/target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch
+++ b/target/linux/ramips/patches-4.4/0519-gsw_mt7621.patch
@@ -1,6 +1,6 @@
--- a/drivers/net/ethernet/mediatek/mt7530.c
+++ b/drivers/net/ethernet/mediatek/mt7530.c
-@@ -541,6 +541,7 @@ mt7530_apply_config(struct switch_dev *d
+@@ -543,6 +543,7 @@ mt7530_apply_config(struct switch_dev *d
u8 etags = priv->vlan_entries[i].etags;
u32 val;
@@ -8,7 +8,7 @@
/* vid of vlan */
val = mt7530_r32(priv, REG_ESW_VLAN_VTIM(i));
if (i % 2 == 0) {
-@@ -551,7 +552,7 @@ mt7530_apply_config(struct switch_dev *d
+@@ -553,7 +554,7 @@ mt7530_apply_config(struct switch_dev *d
val |= (vid << 12);
}
mt7530_w32(priv, REG_ESW_VLAN_VTIM(i), val);
@@ -17,7 +17,7 @@
/* vlan port membership */
if (member)
mt7530_w32(priv, REG_ESW_VLAN_VAWD1, REG_ESW_VLAN_VAWD1_IVL_MAC |
-@@ -571,7 +572,11 @@ mt7530_apply_config(struct switch_dev *d
+@@ -573,7 +574,11 @@ mt7530_apply_config(struct switch_dev *d
mt7530_w32(priv, REG_ESW_VLAN_VAWD2, val);
/* write to vlan table */