lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 11 May 2009 17:01:15 +0400
From:	Cyrill Gorcunov <gorcunov@...il.com>
To:	Stephen Hemminger <shemminger@...ux-foundation.org>,
	davem@...emloft.net, netdev@...r.kernel.org,
	bridge@...ts.linux-foundation.org, xemul@...nvz.org
Subject: Re: [RFC 5/5] net: bridge - handle via_phys_dev feature on a
	bridge level

quilt didn't get refreshed copy. here is an updated
one. sorry for inconvenience.

	-- Cyrill
---
From: Cyrill Gorcunov <gorcunov@...il.com>
Subject: [RFC 5/5] net: bridge - handle via_phys_dev feature on a bridge level

The idea is to use existing routing table instead of
generating new one if the bridge is to be created.

This allow to login on remote machine then create bridge
there and continue working on this machine without
session interrupted (though delay while bridge is learning
still present).

To achive this we introduce via_phys_dev feature which
force to work some real NIC as bridge.

How to use it:
 - Create a new bridge set via_phys_dev in sysfs entry for the bridge
 - Add a bridge port. This port will behave like it's a bridge
   itself, i.e. a packet recieved from network will be handled the same
   way if it was received by bridge device. Any write on this
   device from OS behaves like it is being written to bridge device
   itself too.

Typical session looks like

| ssh@...10.0.160$ brctl addbr br0
| ssh@...10.0.160$ ifconfig br0 up
| ssh@...10.0.160$ echo 1 > /sys/class/net/bridge/br0/via_phys_dev
| ssh@...10.0.160$ brctl addif br0 eth0
| (...waiting a bit...)
| ssh@...10.0.160$

Which implies that eth0 is already up and running.

Signed-off-by: Cyrill Gorcunov <gorcunov@...nvz.org>
---
 net/bridge/br.c         |    2 ++
 net/bridge/br_device.c  |   37 +++++++++++++++++++++++++++++++++++++
 net/bridge/br_forward.c |    1 +
 net/bridge/br_input.c   |   14 +++++++++++++-
 net/bridge/br_private.h |    1 +
 5 files changed, 54 insertions(+), 1 deletion(-)

Index: linux-2.6.git/net/bridge/br.c
=====================================================================
--- linux-2.6.git.orig/net/bridge/br.c
+++ linux-2.6.git/net/bridge/br.c
@@ -64,6 +64,7 @@ static int __init br_init(void)
 
 	brioctl_set(br_ioctl_deviceless_stub);
 	br_handle_frame_hook = br_handle_frame;
+	br_hard_xmit_hook = br_hard_xmit;
 
 	br_fdb_get_hook = br_fdb_get;
 	br_fdb_put_hook = br_fdb_put;
@@ -99,6 +100,7 @@ static void __exit br_deinit(void)
 	br_fdb_put_hook = NULL;
 
 	br_handle_frame_hook = NULL;
+	br_hard_xmit_hook = NULL;
 	br_fdb_fini();
 }
 
Index: linux-2.6.git/net/bridge/br_device.c
=====================================================================
--- linux-2.6.git.orig/net/bridge/br_device.c
+++ linux-2.6.git/net/bridge/br_device.c
@@ -32,6 +32,8 @@ int br_dev_xmit(struct sk_buff *skb, str
 	skb_reset_mac_header(skb);
 	skb_pull(skb, ETH_HLEN);
 
+	skb->br_seen = 1;
+
 	if (is_multicast_ether_addr(dest))
 		br_flood_deliver(br, skb);
 	else if ((dst = __br_fdb_get(br, dest)) != NULL)
@@ -42,6 +44,41 @@ int br_dev_xmit(struct sk_buff *skb, str
 	return 0;
 }
 
+int br_hard_xmit(struct sk_buff *skb, struct net_bridge_port *port)
+{
+	struct net_bridge *br = port->br;
+	const unsigned char *dest = skb->data;
+	struct net_bridge_fdb_entry *dst;
+	struct sk_buff *skb2;
+
+	/* forward via master device only */
+	if (!br->via_phys_dev || br->master_dev != port->dev)
+		return 0;
+
+	skb2 = skb_clone(skb, GFP_ATOMIC);
+	if (!skb2) {
+		br->dev->stats.tx_dropped++;
+		return 0;
+	}
+
+	br->dev->stats.tx_packets++;
+	br->dev->stats.tx_bytes += skb2->len;
+
+	skb_reset_mac_header(skb2);
+	skb_pull(skb2, ETH_HLEN);
+
+	skb2->br_seen = 1;
+
+	if (is_multicast_ether_addr(dest))
+		br_flood_deliver(br, skb2);
+	else if ((dst = __br_fdb_get(br, dest)) != NULL)
+		br_deliver(dst->dst, skb2);
+	else
+		br_flood_deliver(br, skb2);
+
+	return 0;
+}
+
 static int br_dev_open(struct net_device *dev)
 {
 	struct net_bridge *br = netdev_priv(dev);
Index: linux-2.6.git/net/bridge/br_forward.c
=====================================================================
--- linux-2.6.git.orig/net/bridge/br_forward.c
+++ linux-2.6.git/net/bridge/br_forward.c
@@ -148,5 +148,6 @@ void br_flood_deliver(struct net_bridge 
 /* called under bridge lock */
 void br_flood_forward(struct net_bridge *br, struct sk_buff *skb)
 {
+	skb->br_seen = 1;
 	br_flood(br, skb, __br_forward);
 }
Index: linux-2.6.git/net/bridge/br_input.c
=====================================================================
--- linux-2.6.git.orig/net/bridge/br_input.c
+++ linux-2.6.git/net/bridge/br_input.c
@@ -28,7 +28,15 @@ static void br_pass_frame_up(struct net_
 	brdev->stats.rx_bytes += skb->len;
 
 	indev = skb->dev;
-	skb->dev = brdev;
+
+	if (br->via_phys_dev) {
+		skb->br_seen = 1;
+		if (likely(br->master_dev))
+			skb->dev = br->master_dev;
+		else
+			skb->dev = brdev;
+	} else
+		skb->dev = brdev;
 
 	NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_IN, skb, indev, NULL,
 		netif_receive_skb);
@@ -151,6 +159,10 @@ struct sk_buff *br_handle_frame(struct n
 		}
 		/* fall through */
 	case BR_STATE_LEARNING:
+		/* if we saw this skb earlier just pass it up */
+		if (skb->br_seen)
+			return skb;
+
 		if (!compare_ether_addr(p->br->dev->dev_addr, dest))
 			skb->pkt_type = PACKET_HOST;
 
Index: linux-2.6.git/net/bridge/br_private.h
=====================================================================
--- linux-2.6.git.orig/net/bridge/br_private.h
+++ linux-2.6.git/net/bridge/br_private.h
@@ -144,6 +144,7 @@ static inline int br_is_root_bridge(cons
 /* br_device.c */
 extern void br_dev_setup(struct net_device *dev);
 extern int br_dev_xmit(struct sk_buff *skb, struct net_device *dev);
+extern int br_hard_xmit(struct sk_buff *skb, struct net_bridge_port *port);
 
 /* br_fdb.c */
 extern int br_fdb_init(void);
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists