lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Thu, 17 Jan 2019 15:19:03 -0800 (PST)
From:   David Miller <>
Subject: Re: [PATCH net-next 00/13] vxlan: Allow vetoing FDB operations

From: Petr Machata <>
Date: Wed, 16 Jan 2019 23:06:28 +0000

> mlxsw does not implement handling of the more advanced types of VXLAN
> FDB entries. In order to provide visibility to users, it is important to
> be able to reject such FDB entries, ideally with an explanation passed
> in extended ack. This patch set implements this.
> In patches #1-#4, vxlan is gradually transformed to support vetoing of
> FDB entries added (or modified) through vxlan_fdb_update(), and the
> default FDB entry added in __vxlan_dev_create().
> Patches #5-#7 deal with vxlan_changelink(). The existing code recognizes
> that vxlan_fdb_update() may fail, but doesn't attempt to keep things
> intact if it does. These patches change the function in several steps to
> gracefully handle vetoes (or other failures).
> Then in patches #8-#11, extack arguments are added, respectively, to
> ndo_fdb_add(), mlxsw's mlxsw_sp_nve_ops.fdb_replay, the functions that
> connect to the VXLAN vetoing code, and call_switchdev_notifiers(). Note
> that call_switchdev_blocking_notifiers() already does support extack.
> Finally in patch #12, mlxsw is extended to add extack messages to
> rejected FDB entries. In patch #13, the functionality is tested.

Series applied, thanks Petr.

Powered by blists - more mailing lists