From nobody Sat Oct 12 14:02:32 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XQlYx3Cggz5YRdV for ; Sat, 12 Oct 2024 14:02:45 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XQlYx2g5Jz4n1L; Sat, 12 Oct 2024 14:02:45 +0000 (UTC) (envelope-from zlei@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1728741765; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=sMOPiyUTOF/6ZRTu09Fi1lA3EnbktlcJ2+88aV9kiAg=; b=ibcdXUdkzmbbjV5daSUBqFLl3LXg/cfmFqtG8ENuYD+XoRfX1Yr3SlGbNYf2GKhh70KY5O 7E5M/j/chMReQD1ZEGBcXSutzYwhr0fA2sKAeLN8qSA1OiT04LNHatHcqhORvHU/3QcksH 5rpmKlgvmqrkBZxJGFhTrT53teS0U9dBqz6+irz3oY9Dtm16DLz7Dxrn8Ww4kmJuYAN0AY G++a+SusHpBFRv2fpMCF1vlU+wrN6ZkSAXiW8YerJdPnnMPoc8OLoPzV7SgVBF7qT/EG6v 1vSIEiQidodSTMFaK0qTbpVrFJ4UE083gPKp5zh2roHRwGy2XVgEGUoBXyr2UA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1728741765; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=sMOPiyUTOF/6ZRTu09Fi1lA3EnbktlcJ2+88aV9kiAg=; b=Ic93JIJQpZRbK5ksN343rfj4MnMo7gr7SApeDp7hVy9XRVxZXqmE++B1TjtPUfu7tWWLVI lQew57KaNmkb144RiKObWdD+hn3WP+m5qkFJdDKmdNbUuMsKstWxZSqGxj9bSaBEo63/kP kRBzYtmHR9MQZeun1BvrMCZTmTf4TxiemQOM97E0JxhcMnAO+lARCoyltNLXq9ddBY3fif jl25Odw58zgif/oX30D6r76A8CgK+4+6qj0Gy6MKeVesYjMhmLSNbaz7mHoDnoITgqzEhe 4tnt0Go7eUPxbEWlstG3q3/ddEEfrSpnH8cDHlp5UsfUf4rbeYvA9NLpwmZEIw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1728741765; a=rsa-sha256; cv=none; b=ONzAjRcv0LzDkmsHxsxBVt1pytVTHfC8PH5e4896dERq2s2lRds3nbphUeznB+VkkvjXFZ YDJWbJ4+lgQGfOj3CpcZZTTCJKn2vqwtmzDGClj81wsHRSgxdp5WGM4y4GRHKNFchkMHpd Z9EkJ4M3GcYwC5rOp0XHjTvsJc6plxi7riFTFY31/S4hmQnpuuwIPYACi8RkPw9wJpxExC amoOTcGyQi6ZxO1Q3Mj/HMxwa5YNOq6nDPdJA1gA4bIQTKrdoNIutZOmaMKtr71SPYcrhv T3rs4c417MVLtwrf4vCnjDWijEu61JAFZ7mMdZCH7VX+dEkBxiTYpQIy9r1FYg== Received: from smtpclient.apple (unknown [IPv6:2001:19f0:6001:9db:98f0:9fe0:3545:10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: zlei/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4XQlYv4FRVz1Pjw; Sat, 12 Oct 2024 14:02:43 +0000 (UTC) (envelope-from zlei@FreeBSD.org) From: Zhenlei Huang Message-Id: <183955FE-665B-4A5D-ADE7-A2FC29469DDC@FreeBSD.org> Content-Type: multipart/alternative; boundary="Apple-Mail=_A555533A-E415-4A52-822B-3283E87282C0" List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.10\)) Subject: Re: CALL FOR TEST axgbe promisc mode Date: Sat, 12 Oct 2024 22:02:32 +0800 In-Reply-To: Cc: Franco Fichtner , FreeBSD Net To: Mark Johnston References: <31932BD6-8427-4E68-8496-81AADCE9E290@FreeBSD.org> <54063277-FDC6-4B69-914E-08044E09346F@opnsense.org> X-Mailer: Apple Mail (2.3696.120.41.1.10) --Apple-Mail=_A555533A-E415-4A52-822B-3283E87282C0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Oct 8, 2024, at 8:25 PM, Mark Johnston wrote: >=20 > On Mon, Oct 07, 2024 at 10:52:19PM +0800, Zhenlei Huang wrote: >>=20 >>=20 >>> On Oct 2, 2024, at 3:42 PM, Mark Johnston wrote: >>>=20 >>> On Tue, Oct 01, 2024 at 12:46:07PM +0000, Franco Fichtner wrote: >>>> Hi, >>>>=20 >>>>> On 1. Oct 2024, at 02:47, Zhenlei Huang wrote: >>>>>=20 >>>>> The test plan is simple, either of the following should suffice: >>>>>=20 >>>>> =E2=80=A2 Do traffic sniffing on axgbe interface. The interface = will enter promisc mode and should see packets not for us. >>>>=20 >>>> I tested this with and without the patch and it's inconclusive: >>>>=20 >>>> 1. tcpdump sees foreign packets with and without patch >>>> 2. tcpdump -p sees foreign packets with and without patch >>>=20 >>> That's somewhat surprising. >>=20 >> Maybe the firmware / hardware happens to been ( wrongly ) set to = promisc mode already ? >=20 > Maybe, or the driver is missing some initialization step. >=20 >>>> This oddly enough matches my expectation that nobody raised issues = about >>>> promisc not working so far, but it leaves the question if we are/I = am testing the >>>> right thing? >>>=20 >>> I think you are. BPF uses ifpromisc() to enable promiscuous mode, = and >>> tcpdump uses that interface rather than setting IFF_PPROMISC = directly, >>> and without the patch I expect that that's a bit broken. >>>=20 >>> There is perhaps an unrelated driver bug there. I wonder what flags = get >>> printed by ifconfig before and during your experiments. It'd also = be >>> useful to try enabling debug logging (sysctl >>> dev.ax.0.axgbe_debug_level=3D1, I think) to see if = axgbe_if_promisc_set() >>> is getting executed as expected. >>=20 >> Probably I should firstly check D46794 in. Any idea ? >=20 > I have no objection, but it would be good to understand this better. Committed as c7a2636889a6. >=20 >>>> Cheers, >>>> Franco >>>>=20 >>>> ax0: mem = 0x80160000-0x8017ffff,0x80140000-0x8015ffff,0x80188000-0x80189fff at = device 0.4 on pci6 >>>> ax0: Using 512 TX descriptors and 512 RX descriptors >>>> ax0: Using 4 RX queues 4 TX queues >>>> ax0: Using MSI-X interrupts with 8 vectors >>>> ax0: Ethernet address: XX:XX:XX:XX:XX:XX >>>> ax0: xgbe_config_sph_mode: SPH disabled in channel 0 >>>> ax0: xgbe_config_sph_mode: SPH disabled in channel 1 >>>> ax0: xgbe_config_sph_mode: SPH disabled in channel 2 >>>> ax0: xgbe_config_sph_mode: SPH disabled in channel 3 >>>> ax0: RSS Enabled >>>> ax0: Receive checksum offload Enabled >>>> ax0: VLAN filtering Enabled >>>> ax0: VLAN Stripping Enabled >>>> ax0: Checking GPIO expander validity >>>> ax0: GPIO configuration valid >>>> ax0: SFP detected: >>>> ax0: vendor: FS ax0: part number: SFP-10G-T = ax0: revision level: A ax0: serial number: XXXXXXXXXXX = ax0: netmap queues/slots: TX 4/512, RX 4/512 >>>> ax0: Link is UP - 10Gbps/Full - flow control off >>>> ax0: link state changed to UP >>>> ax0: xgbe_config_sph_mode: SPH disabled in channel 0 >>>> ax0: xgbe_config_sph_mode: SPH disabled in channel 1 >>>> ax0: xgbe_config_sph_mode: SPH disabled in channel 2 >>>> ax0: xgbe_config_sph_mode: SPH disabled in channel 3 >>>> ax0: RSS Enabled >>>> ax0: Receive checksum offload Disabled >>>> ax0: VLAN filtering Disabled >>>> ax0: VLAN Stripping Disabled >>>> ax0: promiscuous mode enabled >>>> ax0: promiscuous mode disabled --Apple-Mail=_A555533A-E415-4A52-822B-3283E87282C0 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8

On Oct 8, 2024, at 8:25 PM, Mark Johnston <markj@freebsd.org> = wrote:

On Mon, Oct 07, 2024 at 10:52:19PM +0800, Zhenlei Huang = wrote:


On Oct 2, = 2024, at 3:42 PM, Mark Johnston <markj@freebsd.org> wrote:

On Tue, Oct 01, 2024 at 12:46:07PM +0000, Franco Fichtner = wrote:
Hi,

On 1. Oct = 2024, at 02:47, Zhenlei Huang <zlei@FreeBSD.org> wrote:

The test plan is simple, either of the following should = suffice:

=E2=80=A2 Do traffic sniffing on = axgbe interface. The interface will enter promisc mode and should see = packets not for us.

I tested = this with and without the patch and it's inconclusive:

1. tcpdump sees foreign packets with and without patch
2. tcpdump -p sees foreign packets with and without patch

That's somewhat surprising.

Maybe the firmware / hardware = happens to been ( wrongly ) set to promisc mode already ?

Maybe, or the driver is missing some initialization = step.

This oddly enough matches my expectation that nobody raised = issues about
promisc not working so far, but it leaves the = question if we are/I am testing the
right thing?

I think you are.  BPF uses = ifpromisc() to enable promiscuous mode, and
tcpdump uses = that interface rather than setting IFF_PPROMISC directly,
and without the patch I expect that that's a bit broken.

There is perhaps an unrelated driver bug = there.  I wonder what flags get
printed by ifconfig = before and during your experiments.  It'd also be
useful to try enabling debug logging (sysctl
dev.ax.0.axgbe_debug_level=3D1, I think) to see if = axgbe_if_promisc_set()
is getting executed as expected.

Probably I should firstly check = D46794 in. Any idea ?

I have no objection, but it would be good to understand this = better.

Committed as c7a2636889a6.


Cheers,
Franco

ax0: = <AMD 10 Gigabit Ethernet Driver> mem = 0x80160000-0x8017ffff,0x80140000-0x8015ffff,0x80188000-0x80189fff at = device 0.4 on pci6
ax0: Using 512 TX descriptors and 512 = RX descriptors
ax0: Using 4 RX queues 4 TX queues
ax0: Using MSI-X interrupts with 8 vectors
ax0: = Ethernet address: XX:XX:XX:XX:XX:XX
ax0: = xgbe_config_sph_mode: SPH disabled in channel 0
ax0: = xgbe_config_sph_mode: SPH disabled in channel 1
ax0: = xgbe_config_sph_mode: SPH disabled in channel 2
ax0: = xgbe_config_sph_mode: SPH disabled in channel 3
ax0: RSS = Enabled
ax0: Receive checksum offload Enabled
ax0: VLAN filtering Enabled
ax0: VLAN Stripping = Enabled
ax0: Checking GPIO expander validity
ax0: GPIO configuration valid
ax0: SFP = detected:
ax0:   vendor: FS =             &n= bsp; ax0:   part number:    SFP-10G-T =        ax0:   revision = level: A    ax0:   serial number: =  XXXXXXXXXXX      ax0: netmap = queues/slots: TX 4/512, RX 4/512
ax0: Link is UP - = 10Gbps/Full - flow control off
ax0: link state changed to = UP
ax0: xgbe_config_sph_mode: SPH disabled in channel 0
ax0: xgbe_config_sph_mode: SPH disabled in channel 1
ax0: xgbe_config_sph_mode: SPH disabled in channel 2
ax0: xgbe_config_sph_mode: SPH disabled in channel 3
ax0: RSS Enabled
ax0: Receive checksum offload = Disabled
ax0: VLAN filtering Disabled
ax0: = VLAN Stripping Disabled
ax0: promiscuous mode enabled
ax0: promiscuous mode = disabled


= --Apple-Mail=_A555533A-E415-4A52-822B-3283E87282C0--