lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 23 Feb 2022 13:00:12 +0000
From:   patchwork-bot+netdevbpf@...nel.org
To:     Hans Schultz <schultz.hans@...il.com>
Cc:     davem@...emloft.net, kuba@...nel.org, netdev@...r.kernel.org,
        schultz.hans+netdev@...il.com, andrew@...n.ch,
        vivien.didelot@...il.com, f.fainelli@...il.com, olteanv@...il.com,
        roopa@...dia.com, nikolay@...dia.com, shuah@...nel.org,
        ssuryaextr@...il.com, dsahern@...nel.org, idosch@...dia.com,
        petrm@...dia.com, amcohen@...dia.com, po-hsu.lin@...onical.com,
        baowen.zheng@...igine.com, linux-kernel@...r.kernel.org,
        bridge@...ts.linux-foundation.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH net-next v5 0/5] Add support for locked bridge ports (for
 802.1X)

Hello:

This series was applied to netdev/net-next.git (master)
by David S. Miller <davem@...emloft.net>:

On Wed, 23 Feb 2022 11:16:45 +0100 you wrote:
> This series starts by adding support for SA filtering to the bridge,
> which is then allowed to be offloaded to switchdev devices. Furthermore
> an offloading implementation is supplied for the mv88e6xxx driver.
> 
> Public Local Area Networks are often deployed such that there is a
> risk of unauthorized or unattended clients getting access to the LAN.
> To prevent such access we introduce SA filtering, such that ports
> designated as secure ports are set in locked mode, so that only
> authorized source MAC addresses are given access by adding them to
> the bridges forwarding database. Incoming packets with source MAC
> addresses that are not in the forwarding database of the bridge are
> discarded. It is then the task of user space daemons to populate the
> bridge's forwarding database with static entries of authorized entities.
> 
> [...]

Here is the summary with links:
  - [net-next,v5,1/5] net: bridge: Add support for bridge port in locked mode
    https://git.kernel.org/netdev/net-next/c/a21d9a670d81
  - [net-next,v5,2/5] net: bridge: Add support for offloading of locked port flag
    https://git.kernel.org/netdev/net-next/c/fa1c83342987
  - [net-next,v5,3/5] net: dsa: Include BR_PORT_LOCKED in the list of synced brport flags
    https://git.kernel.org/netdev/net-next/c/b9e8b58fd2cb
  - [net-next,v5,4/5] net: dsa: mv88e6xxx: Add support for bridge port locked mode
    https://git.kernel.org/netdev/net-next/c/34ea415f927e
  - [net-next,v5,5/5] selftests: forwarding: tests of locked port feature
    https://git.kernel.org/netdev/net-next/c/b2b681a41251

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ