On 2022-08-27 13:30, Nikolay Aleksandrov wrote:
@@ -879,6 +888,10 @@ void br_fdb_update(struct net_bridge *br, struct
net_bridge_port *source,
&fdb->flags)))
clear_bit(BR_FDB_ADDED_BY_EXT_LEARN,
&fdb->flags);
+ if (source->flags & BR_PORT_MAB)
+ set_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags);
+ else
+ clear_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags);
Please add a test for that bit and only then change it.
Okay, I have revised this part now. I hope that it is suitable?
@@ -749,6 +756,10 @@ void br_fdb_update(struct net_bridge *br, struct
net_bridge_port *source,
&fdb->flags)))
clear_bit(BR_FDB_ADDED_BY_EXT_LEARN,
&fdb->flags);
+ /* Allow roaming from an unauthorized
port to an
+ * authorized port */
+ if
(unlikely(test_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags)))
+ clear_bit(BR_FDB_ENTRY_LOCKED,
&fdb->flags);
}
if (unlikely(test_bit(BR_FDB_ADDED_BY_USER,
&flags)))
