| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251120174949.3827500-1-skorodumov.dmitry@huawei.com> Date: Thu, 20 Nov 2025 20:49:37 +0300 From: Dmitry Skorodumov <skorodumov.dmitry@...wei.com> To: <netdev@...r.kernel.org> CC: <andrey.bokhanko@...wei.com>, <edumazet@...gle.com>, Dmitry Skorodumov <skorodumov.dmitry@...wei.com> Subject: [PATCH v5 net-next 00/12] ipvlan: support mac-nat mode pvlan: support mac-nat mode ipvlan: Add support of MAC-NAT translation in L2-bridge Make it is possible to create link in L2_MACNAT mode: learnable bridge with MAC Address Translation. The IPs and MAC addresses will be learned from TX-packets of child interfaces. Also, dev_add_pack() protocol is attached to the main port to support communication from main to child interfaces. This mode is intended for the desktop virtual machines, for bridging to Wireless interfaces. The mode should be specified while creating first child interface. It is not possible to change it after this. This functionality is quite often requested by users. diff from v4 - Patch "Fix compilation warning about __be32 -> u32" was sent as a separate patch, out of this series - Fixed unused-variable "orig_skb" in "Support IPv6 in macnat mode." patch - Fixed shellcheck and pylint warnings in "selftests: net" patch - Fixed conflict with Makefile in selftests/net - Fixed "suspicious RCU usage" warning in ipvlan_addr_event() func: need to use ipvlan_port_get_rcu_rtnl(), since this function can be called with either rtnl or just with rcu for some ipv6 events diff from v3: - Restructured code, to place all new functionality under if (ipvlan_is_macnat(port) condition and minimize refactoring of existing code. - Added kselftest for the new functionality - Removed patch with unnecessary gso_segment() call - Patches 1-3 were merged into 1 - Fixed compilation warnings about __be16/__be32 conversions diff from v2: - forgotten patches (10..14) added diff from v1: - changed name of the mode to be L2_MACNAT - Fixed use of uninitialized variable, found by Intel CI/CD - Fixed style problems with lines more then 80 chars - Try to use xmastree style of vars declarations - Fixed broken intermediate compilation - Added check, that child-ip doesn't use IP of the main port - Added patch to ignore PACKET_LOOPBACK in handle_mode_l2() - Some patches with style-refactoring of addr-event notifications *** BLURB HERE *** Dmitry Skorodumov (12): ipvlan: Support MACNAT mode ipvlan: macnat: Handle rx mcast-ip and unicast eth ipvlan: Forget all IP when device goes down ipvlan: Support IPv6 in macnat mode. ipvlan: Make the addrs_lock be per port ipvlan: Take addr_lock in ipvlan_open() ipvlan: Don't allow children to use IPs of main ipvlan: const-specifier for functions that use iaddr ipvlan: Common code from v6/v4 validator_event ipvlan: common code to handle ipv6/ipv4 address events ipvlan: Ignore PACKET_LOOPBACK in handle_mode_l2() selftests: net: selftest for ipvlan-macnat mode Documentation/networking/ipvlan.rst | 22 +- drivers/net/ipvlan/ipvlan.h | 51 +- drivers/net/ipvlan/ipvlan_core.c | 479 ++++++++++++++++- drivers/net/ipvlan/ipvlan_main.c | 506 ++++++++++++++---- include/uapi/linux/if_link.h | 1 + tools/testing/selftests/net/Makefile | 2 + .../selftests/net/ipvtap_macnat_bridge.py | 168 ++++++ .../selftests/net/ipvtap_macnat_test.sh | 333 ++++++++++++ 8 files changed, 1422 insertions(+), 140 deletions(-) create mode 100755 tools/testing/selftests/net/ipvtap_macnat_bridge.py create mode 100755 tools/testing/selftests/net/ipvtap_macnat_test.sh -- 2.25.1
Powered by blists - more mailing lists