| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 17 Dec 2023 10:32:35 +0200 From: Ido Schimmel <idosch@...dia.com> To: <netdev@...r.kernel.org>, <bridge@...ts.linux-foundation.org> CC: <davem@...emloft.net>, <kuba@...nel.org>, <pabeni@...hat.com>, <edumazet@...gle.com>, <roopa@...dia.com>, <razor@...ckwall.org>, <petrm@...dia.com>, Ido Schimmel <idosch@...dia.com> Subject: [PATCH net-next 0/9] Add MDB bulk deletion support This patchset adds MDB bulk deletion support, allowing user space to request the deletion of matching entries instead of dumping the entire MDB and issuing a separate deletion request for each matching entry. Support is added in both the bridge and VXLAN drivers in a similar fashion to the existing FDB bulk deletion support. The parameters according to which bulk deletion can be performed are similar to the FDB ones, namely: Destination port, VLAN ID, state (e.g., "permanent"), routing protocol, source / destination VNI, destination IP and UDP port. Flushing based on flags (e.g., "offload", "fast_leave", "added_by_star_ex", "blocked") is not currently supported, but can be added in the future, if a use case arises. Patch #1 adds a new uAPI attribute to allow specifying the state mask according to which bulk deletion will be performed, if any. Patch #2 adds a new policy according to which bulk deletion requests (with 'NLM_F_BULK' flag set) will be parsed. Patches #3-#4 add a new NDO for MDB bulk deletion and invoke it from the rtnetlink code when a bulk deletion request is made. Patches #5-#6 implement the MDB bulk deletion NDO in the bridge and VXLAN drivers, respectively. Patch #7 allows user space to issue MDB bulk deletion requests by no longer rejecting the 'NLM_F_BULK' flag when it is set in 'RTM_DELMDB' requests. Patches #8-#9 add selftests for both drivers, for both good and bad flows. iproute2 changes can be found here [1]. https://github.com/idosch/iproute2/tree/submit/mdb_flush_v1 Ido Schimmel (9): bridge: add MDB state mask uAPI attribute rtnetlink: bridge: Use a different policy for MDB bulk delete net: Add MDB bulk deletion device operation rtnetlink: bridge: Invoke MDB bulk deletion when needed bridge: mdb: Add MDB bulk deletion support vxlan: mdb: Add MDB bulk deletion support rtnetlink: bridge: Enable MDB bulk deletion selftests: bridge_mdb: Add MDB bulk deletion test selftests: vxlan_mdb: Add MDB bulk deletion test drivers/net/vxlan/vxlan_core.c | 1 + drivers/net/vxlan/vxlan_mdb.c | 174 ++++++++++++--- drivers/net/vxlan/vxlan_private.h | 2 + include/linux/netdevice.h | 6 + include/uapi/linux/if_bridge.h | 1 + net/bridge/br_device.c | 1 + net/bridge/br_mdb.c | 133 ++++++++++++ net/bridge/br_private.h | 8 + net/core/rtnetlink.c | 62 +++++- .../selftests/net/forwarding/bridge_mdb.sh | 191 ++++++++++++++++- tools/testing/selftests/net/test_vxlan_mdb.sh | 201 +++++++++++++++++- 11 files changed, 749 insertions(+), 31 deletions(-) -- 2.40.1
Powered by blists - more mailing lists