| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Oct 2023 17:46:54 +0200
From: Ido Schimmel <idosch@...dia.com>
To: <netdev@...r.kernel.org>
CC: <dsahern@...il.com>, <stephen@...workplumber.org>, <razor@...ckwall.org>,
<mlxsw@...dia.com>, Ido Schimmel <idosch@...dia.com>
Subject: [PATCH iproute2-next] bridge: mdb: Add get support
Implement MDB get functionality, allowing user space to query a single
MDB entry from the kernel instead of dumping all the entries. Example
usage:
# bridge mdb add dev br0 port swp1 grp 239.1.1.1 vid 10
# bridge mdb add dev br0 port swp2 grp 239.1.1.1 vid 10
# bridge mdb add dev br0 port swp2 grp 239.1.1.5 vid 10
# bridge mdb get dev br0 grp 239.1.1.1 vid 10
dev br0 port swp1 grp 239.1.1.1 temp vid 10
dev br0 port swp2 grp 239.1.1.1 temp vid 10
# bridge -j -p mdb get dev br0 grp 239.1.1.1 vid 10
[ {
"index": 10,
"dev": "br0",
"port": "swp1",
"grp": "239.1.1.1",
"state": "temp",
"flags": [ ],
"vid": 10
},{
"index": 10,
"dev": "br0",
"port": "swp2",
"grp": "239.1.1.1",
"state": "temp",
"flags": [ ],
"vid": 10
} ]
# bridge mdb get dev br0 grp 239.1.1.1 vid 20
Error: bridge: MDB entry not found.
# bridge mdb get dev br0 grp 239.1.1.2 vid 10
Error: bridge: MDB entry not found.
Signed-off-by: Ido Schimmel <idosch@...dia.com>
---
bridge/mdb.c | 99 ++++++++++++++++++++++++++++++++++++++++++++++-
man/man8/bridge.8 | 35 +++++++++++++++++
2 files changed, 133 insertions(+), 1 deletion(-)
diff --git a/bridge/mdb.c b/bridge/mdb.c
index 18793458ecca..cdebb085fdce 100644
--- a/bridge/mdb.c
+++ b/bridge/mdb.c
@@ -36,7 +36,8 @@ static void usage(void)
"Usage: bridge mdb { add | del | replace } dev DEV port PORT grp GROUP [src SOURCE] [permanent | temp] [vid VID]\n"
" [ filter_mode { include | exclude } ] [ source_list SOURCE_LIST ] [ proto PROTO ] [ dst IPADDR ]\n"
" [ dst_port DST_PORT ] [ vni VNI ] [ src_vni SRC_VNI ] [ via DEV ]\n"
- " bridge mdb {show} [ dev DEV ] [ vid VID ]\n");
+ " bridge mdb {show} [ dev DEV ] [ vid VID ]\n"
+ " bridge mdb get dev DEV grp GROUP [ src SOURCE ] [ vid VID ] [ src_vni SRC_VNI ]\n");
exit(-1);
}
@@ -848,6 +849,100 @@ static int mdb_modify(int cmd, int flags, int argc, char **argv)
return 0;
}
+static int mdb_get(int argc, char **argv)
+{
+ struct {
+ struct nlmsghdr n;
+ struct br_port_msg bpm;
+ char buf[1024];
+ } req = {
+ .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct br_port_msg)),
+ .n.nlmsg_flags = NLM_F_REQUEST,
+ .n.nlmsg_type = RTM_GETMDB,
+ .bpm.family = PF_BRIDGE,
+ };
+ char *d = NULL, *grp = NULL, *src = NULL, *src_vni = NULL;
+ struct br_mdb_entry entry = {};
+ struct nlmsghdr *answer;
+ bool get_attrs = false;
+ short vid = 0;
+ int ret = 0;
+
+ while (argc > 0) {
+ if (strcmp(*argv, "dev") == 0) {
+ NEXT_ARG();
+ d = *argv;
+ } else if (strcmp(*argv, "grp") == 0) {
+ NEXT_ARG();
+ grp = *argv;
+ } else if (strcmp(*argv, "vid") == 0) {
+ NEXT_ARG();
+ vid = atoi(*argv);
+ } else if (strcmp(*argv, "src") == 0) {
+ NEXT_ARG();
+ src = *argv;
+ get_attrs = true;
+ } else if (strcmp(*argv, "src_vni") == 0) {
+ NEXT_ARG();
+ src_vni = *argv;
+ get_attrs = true;
+ } else {
+ if (strcmp(*argv, "help") == 0)
+ usage();
+ }
+ argc--; argv++;
+ }
+
+ if (d == NULL || grp == NULL) {
+ fprintf(stderr, "Device and group address are required arguments.\n");
+ return -1;
+ }
+
+ req.bpm.ifindex = ll_name_to_index(d);
+ if (!req.bpm.ifindex)
+ return nodev(d);
+
+ if (mdb_parse_grp(grp, &entry)) {
+ fprintf(stderr, "Invalid address \"%s\"\n", grp);
+ return -1;
+ }
+
+ entry.vid = vid;
+ addattr_l(&req.n, sizeof(req), MDBA_GET_ENTRY, &entry, sizeof(entry));
+ if (get_attrs) {
+ struct rtattr *nest = addattr_nest(&req.n, sizeof(req),
+ MDBA_GET_ENTRY_ATTRS);
+
+ nest->rta_type |= NLA_F_NESTED;
+
+ if (src && mdb_parse_src(&req.n, sizeof(req), src)) {
+ fprintf(stderr, "Invalid source address \"%s\"\n", src);
+ return -1;
+ }
+
+ if (src_vni && mdb_parse_vni(&req.n, sizeof(req), src_vni,
+ MDBE_ATTR_SRC_VNI)) {
+ fprintf(stderr, "Invalid source VNI \"%s\"\n", src_vni);
+ return -1;
+ }
+
+ addattr_nest_end(&req.n, nest);
+ }
+
+ if (rtnl_talk(&rth, &req.n, &answer) < 0)
+ return -2;
+
+ new_json_obj(json);
+
+ if (print_mdbs(answer, stdout) < 0)
+ ret = -1;
+
+ delete_json_obj();
+ free(answer);
+
+ return ret;
+}
+
int do_mdb(int argc, char **argv)
{
ll_init_map(&rth);
@@ -865,6 +960,8 @@ int do_mdb(int argc, char **argv)
matches(*argv, "lst") == 0 ||
matches(*argv, "list") == 0)
return mdb_show(argc-1, argv+1);
+ if (matches(*argv, "get") == 0)
+ return mdb_get(argc-1, argv+1);
if (matches(*argv, "help") == 0)
usage();
} else
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index 07bb97878554..7c1b22f6435e 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -177,6 +177,16 @@ bridge \- show / manipulate bridge addresses and devices
.B dev
.IR DEV " ]"
+.ti -8
+.B "bridge mdb get"
+.BI dev " DEV " grp " GROUP "
+.RB "[ " src
+.IR SOURCE " ]"
+.RB "[ " vid
+.IR VID " ]"
+.RB "[ " src_vni
+.IR SRC_VNI " ]"
+
.ti -8
.BR "bridge vlan" " { " add " | " del " } "
.B dev
@@ -1137,6 +1147,31 @@ With the
.B -statistics
option, the command displays timer values for mdb and router port entries.
+.SS bridge mdb get - get multicast group database entry.
+
+This command retrieves a multicast group database entry based on its key.
+
+.TP
+.BI dev " DEV"
+the interface where this group address is associated.
+
+.TP
+.BI grp " GROUP"
+the multicast group address (IPv4, IPv6 or L2 multicast).
+
+.TP
+.BI src " SOURCE"
+the source IP address. Only relevant when retrieving an (S, G) entry.
+
+.TP
+.BI vid " VID"
+the VLAN ID. Only relevant when the bridge is VLAN-aware.
+
+.TP
+.BI src_vni " SRC_VNI"
+the source VNI Network Identifier. Only relevant when the VXLAN device is in
+external mode.
+
.SH bridge vlan - VLAN filter list
.B vlan
--
2.40.1
Powered by blists - more mailing lists