| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20221215175230.1907938-4-idosch@nvidia.com>
Date: Thu, 15 Dec 2022 19:52:27 +0200
From: Ido Schimmel <idosch@...dia.com>
To: netdev@...r.kernel.org
Cc: dsahern@...il.com, stephen@...workplumber.org, razor@...ckwall.org,
mlxsw@...dia.com, Ido Schimmel <idosch@...dia.com>
Subject: [PATCH iproute2-next 3/6] bridge: mdb: Add filter mode support
Allow user space to specify the filter mode of (*, G) entries by adding
the 'MDBE_ATTR_GROUP_MODE' attribute to the 'MDBA_SET_ENTRY_ATTRS' nest.
Signed-off-by: Ido Schimmel <idosch@...dia.com>
---
bridge/mdb.c | 27 ++++++++++++++++++++++++++-
man/man8/bridge.8 | 8 +++++++-
2 files changed, 33 insertions(+), 2 deletions(-)
diff --git a/bridge/mdb.c b/bridge/mdb.c
index 64db2ee03c42..ceb8b25b37a5 100644
--- a/bridge/mdb.c
+++ b/bridge/mdb.c
@@ -32,6 +32,7 @@ static void usage(void)
{
fprintf(stderr,
"Usage: bridge mdb { add | del } dev DEV port PORT grp GROUP [src SOURCE] [permanent | temp] [vid VID]\n"
+ " [ filter_mode { include | exclude } ]\n"
" bridge mdb {show} [ dev DEV ] [ vid VID ]\n");
exit(-1);
}
@@ -493,6 +494,21 @@ static int mdb_parse_src(struct nlmsghdr *n, int maxlen, const char *src)
return -1;
}
+static int mdb_parse_mode(struct nlmsghdr *n, int maxlen, const char *mode)
+{
+ if (strcmp(mode, "include") == 0) {
+ addattr8(n, maxlen, MDBE_ATTR_GROUP_MODE, MCAST_INCLUDE);
+ return 0;
+ }
+
+ if (strcmp(mode, "exclude") == 0) {
+ addattr8(n, maxlen, MDBE_ATTR_GROUP_MODE, MCAST_EXCLUDE);
+ return 0;
+ }
+
+ return -1;
+}
+
static int mdb_modify(int cmd, int flags, int argc, char **argv)
{
struct {
@@ -505,7 +521,7 @@ static int mdb_modify(int cmd, int flags, int argc, char **argv)
.n.nlmsg_type = cmd,
.bpm.family = PF_BRIDGE,
};
- char *d = NULL, *p = NULL, *grp = NULL, *src = NULL;
+ char *d = NULL, *p = NULL, *grp = NULL, *src = NULL, *mode = NULL;
struct br_mdb_entry entry = {};
bool set_attrs = false;
short vid = 0;
@@ -532,6 +548,10 @@ static int mdb_modify(int cmd, int flags, int argc, char **argv)
NEXT_ARG();
src = *argv;
set_attrs = true;
+ } else if (strcmp(*argv, "filter_mode") == 0) {
+ NEXT_ARG();
+ mode = *argv;
+ set_attrs = true;
} else {
if (matches(*argv, "help") == 0)
usage();
@@ -570,6 +590,11 @@ static int mdb_modify(int cmd, int flags, int argc, char **argv)
return -1;
}
+ if (mode && mdb_parse_mode(&req.n, sizeof(req), mode)) {
+ fprintf(stderr, "Invalid filter mode \"%s\"\n", mode);
+ return -1;
+ }
+
addattr_nest_end(&req.n, nest);
}
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index e72826d750ca..e829b9cb592a 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -138,7 +138,8 @@ bridge \- show / manipulate bridge addresses and devices
.IR SOURCE " ] [ "
.BR permanent " | " temp " ] [ "
.B vid
-.IR VID " ] "
+.IR VID " ] [ "
+.BR filter_mode " { " include " | " exclude " } ] "
.ti -8
.BR "bridge mdb show" " [ "
@@ -931,6 +932,11 @@ forwarding multicast traffic.
.BI vid " VID"
the VLAN ID which is known to have members of this multicast group.
+.TP
+.BR "filter_mode include " or " filter_mode exclude "
+controls whether the sources in the entry's source list are in INCLUDE or
+EXCLUDE mode. Can only be set for (*, G) entries.
+
.in -8
.SS bridge mdb delete - delete a multicast group database entry
This command removes an existing mdb entry.
--
2.37.3
Powered by blists - more mailing lists