lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 17 Mar 2020 22:47:32 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     nikolay@...ulusnetworks.com
Cc:     netdev@...r.kernel.org, roopa@...ulusnetworks.com,
        bridge@...ts.linux-foundation.org
Subject: Re: [PATCH net-next 0/4] net: bridge: vlan options: add support
 for tunnel mapping

From: Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
Date: Tue, 17 Mar 2020 14:08:32 +0200

> In order to bring the new vlan API on par with the old one and be able
> to completely migrate to the new one we need to support vlan tunnel mapping
> and statistics. This patch-set takes care of the former by making it a
> vlan option. There are two notable issues to deal with:
>  - vlan range to tunnel range mapping
>    * The tunnel ids are globally unique for the vlan code and a vlan can
>      be mapped to one tunnel, so the old API took care of ranges by
>      taking the starting tunnel id value and incrementally mapping
>      vlan id(i) -> tunnel id(i). This set takes the same approach and
>      uses one new attribute - BRIDGE_VLANDB_ENTRY_TUNNEL_ID. If used
>      with a vlan range then it's the starting tunnel id to map.
> 
>  - tunnel mapping removal
>    * Since there are no reserved/special tunnel ids defined, we can't
>      encode mapping removal within the new attribute, in order to be
>      able to remove a mapping we add a vlan flag which makes the new
>      tunnel option remove the mapping
> 
> The rest is pretty straight-forward, in fact we directly re-use the old
> code for manipulating tunnels by just mapping the command (set/del). In
> order to be able to keep detecting vlan ranges we check that the current
> vlan has a tunnel and it's extending the current vlan range end's tunnel
> id.

Looks good, series applied, thank you.

Powered by blists - more mailing lists