Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Ido Schimmel <idosch@xxxxxxxxxx>
Subject: Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
From: Vladimir Oltean <olteanv@xxxxxxxxx>
Date: Thu, 20 Oct 2022 17:11:04 +0300
Cc: "Hans J. Schultz" <netdev@xxxxxxxxxxxxxxxxxxxx>, davem@xxxxxxxxxxxxx, kuba@xxxxxxxxxx, netdev@xxxxxxxxxxxxxxx, Florian Fainelli <f.fainelli@xxxxxxxxx>, Andrew Lunn <andrew@xxxxxxx>, Vivien Didelot <vivien.didelot@xxxxxxxxx>, Eric Dumazet <edumazet@xxxxxxxxxx>, Paolo Abeni <pabeni@xxxxxxxxxx>, Kurt Kanzenbach <kurt@xxxxxxxxxxxxx>, Hauke Mehrtens <hauke@xxxxxxxxxx>, Woojung Huh <woojung.huh@xxxxxxxxxxxxx>, UNGLinuxDriver@xxxxxxxxxxxxx, Sean Wang <sean.wang@xxxxxxxxxxxx>, Landen Chao <Landen.Chao@xxxxxxxxxxxx>, DENG Qingfang <dqfext@xxxxxxxxx>, Matthias Brugger <matthias.bgg@xxxxxxxxx>, Claudiu Manoil <claudiu.manoil@xxxxxxx>, Alexandre Belloni <alexandre.belloni@xxxxxxxxxxx>, Jiri Pirko <jiri@xxxxxxxxxxx>, Ivan Vecera <ivecera@xxxxxxxxxx>, Roopa Prabhu <roopa@xxxxxxxxxx>, Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>, Shuah Khan <shuah@xxxxxxxxxx>, Russell King <linux@xxxxxxxxxxxxxxx>, Christian Marangi <ansuelsmth@xxxxxxxxx>, Daniel Borkmann <daniel@xxxxxxxxxxxxx>, Yuwei Wang <wangyuweihx@xxxxxxxxx>, Petr Machata <petrm@xxxxxxxxxx>, Florent Fourcot <florent.fourcot@xxxxxxxxxx>, Hans Schultz <schultz.hans@xxxxxxxxx>, Joachim Wiberg <troglobit@xxxxxxxxx>, Amit Cohen <amcohen@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-arm-kernel@xxxxxxxxxxxxxxxxxxx, linux-mediatek@xxxxxxxxxxxxxxxxxxx, bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx, linux-kselftest@xxxxxxxxxxxxxxx
In-reply-to: <Y1FTzyPdTbAF+ODT@shredder>

On Thu, Oct 20, 2022 at 04:57:35PM +0300, Ido Schimmel wrote:
> > Right now this packet isn't generated, right?
> 
> Right. We don't support BR_PORT_LOCKED so these checks are not currently
> enabled in hardware. To be clear, only packets received via locked ports
> are able to trigger the check.

You mean BR_PORT_MAB, not BR_PORT_LOCKED, right? AFAIU, "locked" means
drop unknown MAC SA, "mab" means "install BR_FDB_LOCKED entry on port"
(and also maybe still drop, if "locked" is also set on port).

Sad there isn't any good documentation about these flags in the patches
that Hans is proposing.

Follow-Ups:
- Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
  - From: Ido Schimmel

References:
- [PATCH v8 net-next 00/12] Extend locked port feature with FDB locked flag (MAC-Auth/MAB)
  - From: Hans J. Schultz
- [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
  - From: Hans J. Schultz
- Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
  - From: Vladimir Oltean
- Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
  - From: Ido Schimmel
- Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
  - From: Vladimir Oltean
- Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
  - From: Ido Schimmel

Prev by Date: Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
Next by Date: Re: [PATCH v1] selftests: Use optional USERCFLAGS and USERLDFLAGS
Previous by thread: Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
Next by thread: Re: [PATCH v8 net-next 05/12] net: dsa: propagate the locked flag down through the DSA layer
Index(es):
- Date
- Thread

[Index of Archives] [Linux Wireless] [Linux Kernel] [ATH6KL] [Linux Bluetooth] [Linux Netdev] [Kernel Newbies] [Share Photos] [IDE] [Security] [Git] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Linux ATA RAID] [Samba] [Device Mapper]