On 2022-08-27 17:19, Ido Schimmel wrote:
On Fri, Aug 26, 2022 at 01:45:33PM +0200, Hans Schultz wrote:
How about the below (untested):
diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
index 68b3e850bcb9..9143a94a1c57 100644
--- a/net/bridge/br_input.c
+++ b/net/bridge/br_input.c
@@ -109,9 +109,18 @@ int br_handle_frame_finish(struct net *net,
struct sock *sk, struct sk_buff *skb
struct net_bridge_fdb_entry *fdb_src =
br_fdb_find_rcu(br, eth_hdr(skb)->h_source,
vid);
- if (!fdb_src || READ_ONCE(fdb_src->dst) != p ||
- test_bit(BR_FDB_LOCAL, &fdb_src->flags))
+ if (!fdb_src) {
+ if (p->flags & BR_PORT_MAB) {
+ __set_bit(BR_FDB_ENTRY_LOCKED, &flags);
+ br_fdb_update(br, p,
eth_hdr(skb)->h_source,
+ vid, flags);
+ }
+ goto drop;
+ } else if (READ_ONCE(fdb_src->dst) != p ||
+ test_bit(BR_FDB_LOCAL, &fdb_src->flags) ||
+ test_bit(BR_FDB_LOCKED, &fdb_src->flags)) {
goto drop;
+ }
}
The semantics are very clear, IMO. On FDB miss, add a locked FDB entry
and drop the packet. On FDB mismatch, drop the packet.
Entry can roam from an unauthorized port to an authorized port, but not
the other way around. Not sure what is the use case for allowing
roaming
between unauthorized ports.
Note that with the above, locked entries are not refreshed and will
therefore age out unless replaced by user space.
Okay I was under the impression that entries should be able to roam
freely between authorized and unauthorized ports in the bridge as long
as the locked flag is on when roaming to the MAB enabled port. As you
know roaming is not a big issue with mv88e6xxx.
As I see this code, an entry cannot roam to an authorized port as there
is no update after the port mismatch check and the packet is dropped as
it should in this case in the locked section.