lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20221215175230.1907938-4-idosch@nvidia.com>
Date:   Thu, 15 Dec 2022 19:52:27 +0200
From:   Ido Schimmel <idosch@...dia.com>
To:     netdev@...r.kernel.org
Cc:     dsahern@...il.com, stephen@...workplumber.org, razor@...ckwall.org,
        mlxsw@...dia.com, Ido Schimmel <idosch@...dia.com>
Subject: [PATCH iproute2-next 3/6] bridge: mdb: Add filter mode support

Allow user space to specify the filter mode of (*, G) entries by adding
the 'MDBE_ATTR_GROUP_MODE' attribute to the 'MDBA_SET_ENTRY_ATTRS' nest.

Signed-off-by: Ido Schimmel <idosch@...dia.com>
---
 bridge/mdb.c      | 27 ++++++++++++++++++++++++++-
 man/man8/bridge.8 |  8 +++++++-
 2 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/bridge/mdb.c b/bridge/mdb.c
index 64db2ee03c42..ceb8b25b37a5 100644
--- a/bridge/mdb.c
+++ b/bridge/mdb.c
@@ -32,6 +32,7 @@ static void usage(void)
 {
 	fprintf(stderr,
 		"Usage: bridge mdb { add | del } dev DEV port PORT grp GROUP [src SOURCE] [permanent | temp] [vid VID]\n"
+		"              [ filter_mode { include | exclude } ]\n"
 		"       bridge mdb {show} [ dev DEV ] [ vid VID ]\n");
 	exit(-1);
 }
@@ -493,6 +494,21 @@ static int mdb_parse_src(struct nlmsghdr *n, int maxlen, const char *src)
 	return -1;
 }
 
+static int mdb_parse_mode(struct nlmsghdr *n, int maxlen, const char *mode)
+{
+	if (strcmp(mode, "include") == 0) {
+		addattr8(n, maxlen, MDBE_ATTR_GROUP_MODE, MCAST_INCLUDE);
+		return 0;
+	}
+
+	if (strcmp(mode, "exclude") == 0) {
+		addattr8(n, maxlen, MDBE_ATTR_GROUP_MODE, MCAST_EXCLUDE);
+		return 0;
+	}
+
+	return -1;
+}
+
 static int mdb_modify(int cmd, int flags, int argc, char **argv)
 {
 	struct {
@@ -505,7 +521,7 @@ static int mdb_modify(int cmd, int flags, int argc, char **argv)
 		.n.nlmsg_type = cmd,
 		.bpm.family = PF_BRIDGE,
 	};
-	char *d = NULL, *p = NULL, *grp = NULL, *src = NULL;
+	char *d = NULL, *p = NULL, *grp = NULL, *src = NULL, *mode = NULL;
 	struct br_mdb_entry entry = {};
 	bool set_attrs = false;
 	short vid = 0;
@@ -532,6 +548,10 @@ static int mdb_modify(int cmd, int flags, int argc, char **argv)
 			NEXT_ARG();
 			src = *argv;
 			set_attrs = true;
+		} else if (strcmp(*argv, "filter_mode") == 0) {
+			NEXT_ARG();
+			mode = *argv;
+			set_attrs = true;
 		} else {
 			if (matches(*argv, "help") == 0)
 				usage();
@@ -570,6 +590,11 @@ static int mdb_modify(int cmd, int flags, int argc, char **argv)
 			return -1;
 		}
 
+		if (mode && mdb_parse_mode(&req.n, sizeof(req), mode)) {
+			fprintf(stderr, "Invalid filter mode \"%s\"\n", mode);
+			return -1;
+		}
+
 		addattr_nest_end(&req.n, nest);
 	}
 
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index e72826d750ca..e829b9cb592a 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -138,7 +138,8 @@ bridge \- show / manipulate bridge addresses and devices
 .IR SOURCE " ] [ "
 .BR permanent " | " temp " ] [ "
 .B vid
-.IR VID " ] "
+.IR VID " ] [ "
+.BR filter_mode " { " include " | " exclude " } ] "
 
 .ti -8
 .BR "bridge mdb show" " [ "
@@ -931,6 +932,11 @@ forwarding multicast traffic.
 .BI vid " VID"
 the VLAN ID which is known to have members of this multicast group.
 
+.TP
+.BR "filter_mode include " or " filter_mode exclude "
+controls whether the sources in the entry's source list are in INCLUDE or
+EXCLUDE mode. Can only be set for (*, G) entries.
+
 .in -8
 .SS bridge mdb delete - delete a multicast group database entry
 This command removes an existing mdb entry.
-- 
2.37.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ