lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <f67c2960-89ff-a6e6-14eb-27f6e4996a4a@cumulusnetworks.com>
Date:   Thu, 23 Jan 2020 23:10:12 +0200
From:   Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
To:     netdev@...r.kernel.org
Cc:     roopa@...ulusnetworks.com, davem@...emloft.net,
        bridge@...ts.linux-foundation.org
Subject: Re: [PATCH net-next 0/4] net: bridge: add per-vlan state option

On 1/23/20 3:28 PM, Nikolay Aleksandrov wrote:
> Hi,
> This set adds the first per-vlan option - state, which uses the new vlan
> infrastructure that was recently added. It gives us forwarding control on
> per-vlan basis. The first 3 patches prepare the vlan code to support option
> dumping and modification. We still compress vlan ranges which have equal
> options, each new option will have to add its own equality check to
> br_vlan_opts_eq(). The vlans are created in forwarding state by default to
> be backwards compatible and vlan state is considered only when the port
> state is forwarding (more info in patch 4).
> I'll send the selftest for the vlan state with the iproute2 patch-set.
> 
> Thanks,
>   Nik
> 
> Nikolay Aleksandrov (4):
>    net: bridge: check port state before br_allowed_egress
>    net: bridge: vlan: add basic option dumping support
>    net: bridge: vlan: add basic option setting support
>    net: bridge: vlan: add per-vlan state
> 
>   include/uapi/linux/if_bridge.h |   2 +
>   net/bridge/Makefile            |   2 +-
>   net/bridge/br_device.c         |   3 +-
>   net/bridge/br_forward.c        |   2 +-
>   net/bridge/br_input.c          |   7 +-
>   net/bridge/br_private.h        |  58 +++++++++++++-
>   net/bridge/br_vlan.c           |  99 ++++++++++++++++++-----
>   net/bridge/br_vlan_options.c   | 142 +++++++++++++++++++++++++++++++++
>   8 files changed, 287 insertions(+), 28 deletions(-)
>   create mode 100644 net/bridge/br_vlan_options.c
> 

Hm, actually I just noticed that we send port notifications even if only changing options
which should be avoided since now we have per-vlan notifications. We should be sending
only those when changing options without create/delete.
I'll make that change and send v2 after some tests tomorrow.

Cheers,
  Nik

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ