lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 15 Sep 2014 11:19:14 -0400
From:	Vlad Yasevich <vyasevic@...hat.com>
To:	Toshiaki Makita <toshiaki.makita1@...il.com>,
	Vladislav Yasevich <vyasevich@...il.com>,
	netdev@...r.kernel.org
CC:	shemminger@...tta.com, bridge@...ts.linux-foundation.org
Subject: Re: [Bridge] [PATCH 3/3] bridge; Automatically filter vlans configured
 on top of bridge

On 09/14/2014 11:39 AM, Toshiaki Makita wrote:
> (14/09/13 (土) 5:44), Vladislav Yasevich wrote:
>> If the user configures vlan devices on top of the bridge,
>> automatically set up filter entries for it as long as
>> bridge vlan protocol matches that of the vlan.
>> This allows the user to atomatically receive vlan traffic
>> for the vlans that are convifgured.
> 
> Changing br->vlan_proto seems to cause inconsistency between vlan
> interfaces and filter settings.
> Can we automatically change filters when setting vlan_proto?
> 

I thought we already do that in br_vlan_set_proto()?  Nothing
here introduces any new kinds of issue with that code.

>>
> ...
>> +static int br_vlan_rx_kill_vid(struct net_device *br_dev,
>> +			       __be16 proto, u16 vid)
> ...
>> +	/* Don't report error.  This will fail if the vlan was
>> +	 * previousely remove by some other means and we don't
>> +	 * wan't to polute the log/bug the user.
>> +	 */
>> +	br_vlan_delete(br, vid);
>> +	return 0;
>> +}
> 
> It might lead to unexpected behaviour, for example,
> 1. create br0.10
> 2. set pvid to 10 on br0
> 3. delete br0.10
> Then, pvid will also be cleared?
> Something like ref counting is needed?

Gah!  The bitmap implementation is really starting to annoy me.  Yes, it's fast, but it
is so restrictive...

We'd need tracking per vlan id and we can't that right now.  OK, this one needs more
thought.  I'll drop it for now.

Thanks
-vlad
> 
> Thanks,
> Toshiaki Makita
> 

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ