lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 27 Feb 2022 11:10:14 +0000
To:     Vladimir Oltean <>
Subject: Re: [PATCH v2 net-next 00/10] DSA FDB isolation


This series was applied to netdev/net-next.git (master)
by David S. Miller <>:

On Fri, 25 Feb 2022 11:22:15 +0200 you wrote:
> There are use cases which need FDB isolation between standalone ports
> and bridged ports, as well as isolation between ports of different
> bridges. Most of these use cases are a result of the fact that packets
> can now be partially forwarded by the software bridge, so one port might
> need to send a packet to the CPU but its FDB lookup will see that it can
> forward it directly to a bridge port where that packet was autonomously
> learned. So the source port will attempt to shortcircuit the CPU and
> forward autonomously, which it can't due to the forwarding isolation we
> have in place. So we will have packet drops instead of proper operation.
> [...]

Here is the summary with links:
  - [v2,net-next,01/10] net: dsa: tag_8021q: replace the SVL bridging with VLAN-unaware IVL bridging
  - [v2,net-next,02/10] net: dsa: tag_8021q: add support for imprecise RX based on the VBID
  - [v2,net-next,03/10] docs: net: dsa: sja1105: document limitations of tc-flower rule VLAN awareness
  - [v2,net-next,04/10] net: dsa: felix: delete workarounds present due to SVL tag_8021q bridging
  - [v2,net-next,05/10] net: dsa: tag_8021q: merge RX and TX VLANs
  - [v2,net-next,06/10] net: dsa: tag_8021q: rename dsa_8021q_bridge_tx_fwd_offload_vid
  - [v2,net-next,07/10] net: dsa: request drivers to perform FDB isolation
  - [v2,net-next,08/10] net: dsa: pass extack to .port_bridge_join driver methods
  - [v2,net-next,09/10] net: dsa: sja1105: enforce FDB isolation
  - [v2,net-next,10/10] net: mscc: ocelot: enforce FDB isolation when VLAN-unaware

You are awesome, thank you!
Deet-doot-dot, I am a bot.

Powered by blists - more mailing lists