Re: [PATCH v5 net-next 1/6] net: bridge: add locked entry fdb flag to extend locked port feature

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2022-08-27 13:30, Nikolay Aleksandrov wrote:
@@ -879,6 +888,10 @@ void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source,
 						      &fdb->flags)))
 					clear_bit(BR_FDB_ADDED_BY_EXT_LEARN,
 						  &fdb->flags);
+				if (source->flags & BR_PORT_MAB)
+					set_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags);
+				else
+					clear_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags);
Please add a test for that bit and only then change it.


Okay, I have revised this part now. I hope that it is suitable?

@@ -749,6 +756,10 @@ void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source,
                                                      &fdb->flags)))
clear_bit(BR_FDB_ADDED_BY_EXT_LEARN,
                                                  &fdb->flags);
+ /* Allow roaming from an unauthorized port to an
+                                * authorized port */
+ if (unlikely(test_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags))) + clear_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags);
                        }

if (unlikely(test_bit(BR_FDB_ADDED_BY_USER, &flags)))




[Index of Archives]     [Netdev]     [AoE Tools]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux