lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 18 Apr 2019 18:35:30 +0100
From:   Mike Manning <mmanning@...tta.att-mail.com>
To:     netdev@...r.kernel.org, nikolay@...ulusnetworks.com,
        roopa@...ulusnetworks.com
Subject: [PATCH net-next v3 0/5] net: support binding vlan dev link state to vlan member bridge ports

For vlan filtering on bridges, the bridge may also have vlan devices
as upper devices. For switches, these are used to provide L3 packet
processing for ports that are members of a given vlan.

While it is correct that the admin state for these vlan devices is
either set directly for the device or inherited from the lower device,
the link state is also transferred from the lower device. So this is
always up if the bridge is in admin up state and there is at least one
bridge port that is up, regardless of the vlan that the port is in.

The link state of the vlan device may need to track only the state of
the subset of ports that are also members of the corresponding vlan,
rather than that of all ports.

This series provides an optional vlan flag so that the link state of
the vlan device is only up if there is at least one bridge port that is
up AND is a member of the corresponding vlan.

v2:
   - Address review comments from Nikolay Aleksandrov
     in patches 3 & 4 and add patch 5 to address bridge link down due to STP
v3:
   - Address review comment from Nikolay Aleksandrov
     in patch 4 so as to remove unnecessary inline #ifdef

Mike Manning (5):
  vlan: support binding link state to vlan member bridge ports
  vlan: do not transfer link state in vlan bridge binding mode
  bridge: support binding vlan dev link state to vlan member bridge
    ports
  bridge: update vlan dev state when port added to or deleted from vlan
  bridge: update vlan dev link state for bridge netdev changes

 include/uapi/linux/if_vlan.h |   9 +-
 net/8021q/vlan.c             |  18 +++-
 net/8021q/vlan_dev.c         |  22 +++--
 net/8021q/vlan_netlink.c     |   3 +-
 net/bridge/br.c              |  13 ++-
 net/bridge/br_private.h      |  14 +++
 net/bridge/br_vlan.c         | 214 +++++++++++++++++++++++++++++++++++++++++++
 7 files changed, 272 insertions(+), 21 deletions(-)

-- 
2.11.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ