| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Oct 2023 12:36:42 +0300
From: Nikolay Aleksandrov <razor@...ckwall.org>
To: Amit Cohen <amcohen@...dia.com>, netdev@...r.kernel.org
Cc: dsahern@...il.com, stephen@...workplumber.org, mlxsw@...dia.com,
roopa@...dia.com
Subject: Re: [PATCH iproute2-next 3/8] bridge: fdb: support match on nexthop
ID in flush command
On 10/17/23 10:02, Amit Cohen wrote:
> Extend "fdb flush" command to match fdb entries with a specific nexthop ID.
>
> Example:
> $ bridge fdb flush dev vx10 nhid 2
> This will flush all fdb entries pointing to vx10 with nexthop ID 2.
>
> Signed-off-by: Amit Cohen <amcohen@...dia.com>
> ---
> bridge/fdb.c | 10 +++++++++-
> man/man8/bridge.8 | 7 +++++++
> 2 files changed, 16 insertions(+), 1 deletion(-)
>
> diff --git a/bridge/fdb.c b/bridge/fdb.c
> index 12d19f08..6ae1011a 100644
> --- a/bridge/fdb.c
> +++ b/bridge/fdb.c
> @@ -46,7 +46,8 @@ static void usage(void)
> " bridge fdb get [ to ] LLADDR [ br BRDEV ] { brport | dev } DEV\n"
> " [ vlan VID ] [ vni VNI ] [ self ] [ master ] [ dynamic ]\n"
> " bridge fdb flush dev DEV [ brport DEV ] [ vlan VID ] [ src_vni VNI ]\n"
> - " [ self ] [ master ] [ [no]permanent | [no]static | [no]dynamic ]\n"
> + " [ nhid NHID ] [ self ] [ master ]\n"
> + " [ [no]permanent | [no]static | [no]dynamic ]\n"
> " [ [no]added_by_user ] [ [no]extern_learn ] [ [no]sticky ]\n"
> " [ [no]offloaded ]\n");
> exit(-1);
> @@ -701,6 +702,7 @@ static int fdb_flush(int argc, char **argv)
> unsigned short ndm_flags = 0;
> unsigned short ndm_state = 0;
> unsigned long src_vni = ~0;
> + __u32 nhid = 0;
> char *endptr;
>
> while (argc > 0) {
> @@ -769,6 +771,10 @@ static int fdb_flush(int argc, char **argv)
> if ((endptr && *endptr) ||
> (src_vni >> 24) || src_vni == ULONG_MAX)
> invarg("invalid src VNI\n", *argv);
> + } else if (strcmp(*argv, "nhid") == 0) {
> + NEXT_ARG();
> + if (get_u32(&nhid, *argv, 0))
> + invarg("\"id\" value is invalid\n", *argv);
id -> nhid in the error ?
> } else if (strcmp(*argv, "help") == 0) {
> NEXT_ARG();
> } else {
> @@ -817,6 +823,8 @@ static int fdb_flush(int argc, char **argv)
> addattr16(&req.n, sizeof(req), NDA_VLAN, vid);
> if (src_vni != ~0)
> addattr32(&req.n, sizeof(req), NDA_SRC_VNI, src_vni);
> + if (nhid > 0)
> + addattr32(&req.n, sizeof(req), NDA_NH_ID, nhid);
> if (ndm_flags_mask)
> addattr8(&req.n, sizeof(req), NDA_NDM_FLAGS_MASK,
> ndm_flags_mask);
> diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
> index b1e96327..eaeee81b 100644
> --- a/man/man8/bridge.8
> +++ b/man/man8/bridge.8
> @@ -130,6 +130,8 @@ bridge \- show / manipulate bridge addresses and devices
> .IR VID " ] [ "
> .B src_vni
> .IR VNI " ] [ "
> +.B nhid
> +.IR NHID " ] ["
> .BR self " ] [ " master " ] [ "
> .BR [no]permanent " | " [no]static " | " [no]dynamic " ] [ "
> .BR [no]added_by_user " ] [ " [no]extern_learn " ] [ "
> @@ -900,6 +902,11 @@ the src VNI Network Identifier (or VXLAN Segment ID) for the operation. Match
> forwarding table entries only with the specified VNI. Valid if the referenced
> device is a VXLAN type device.
>
> +.TP
> +.BI nhid " NHID"
> +the ecmp nexthop group for the operation. Match forwarding table entries only
perhaps ECMP ?
> +with the specified NHID. Valid if the referenced device is a VXLAN type device.
> +
> .TP
> .B self
> the operation is fulfilled directly by the driver for the specified network
Powered by blists - more mailing lists