From: Toshiaki Makita <toshiaki.makita1@gmail.com>
To: Vladislav Yasevich <vyasevich@gmail.com>, netdev@vger.kernel.org
Cc: shemminger@vyatta.com,
Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>,
Vladislav Yasevich <vyasevic@redhat.com>
Subject: Re: [PATCH 1/2] bridge: Check if vlan filtering is enabled only once.
Date: Sun, 14 Sep 2014 23:43:56 +0900 [thread overview]
Message-ID: <5415A9AC.1020400@gmail.com> (raw)
In-Reply-To: <1410553577-17519-2-git-send-email-vyasevic@redhat.com>
(14/09/13 (土) 5:26), Vladislav Yasevich wrote:
> The bridge code checks if vlan filtering is enabled on both
> ingress and egress. When the state flip happens, it
> is possible for the bridge to currently be forwarding packets
> and forwarding behavior becomes non-deterministic. Bridge
> may drop packets on some interfaces, but not others.
>
> This patch solves this by caching the filtered state of the
> packet into skb_cb on ingress. The skb_cb is guaranteed to
> not be over-written between the time packet entres bridge
> forwarding path and the time it leaves it. On egress, we
> can then check the cached state to see if we need to
> apply filtering information.
...
> @@ -270,7 +275,8 @@ bool br_should_learn(struct net_bridge_port *p, struct sk_buff *skb, u16 *vid)
> struct net_bridge *br = p->br;
> struct net_port_vlans *v;
>
> - if (!br->vlan_enabled)
> + /* If filtering was disabled at input, let it pass. */
> + if (!BR_INPUT_SKB_CB(skb)->vlan_filtered)
> return true;
>
> v = rcu_dereference(p->vlan_info);
>
I'm afraid br_should_learn() is not called after calling
br_allowed_ingress(), so vlan_filtered doesn't seem to be initialized at
this point.
Thanks,
Toshiaki Makita
next prev parent reply other threads:[~2014-09-14 14:44 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-12 20:26 [PATCH 0/2] bridge: Two small fixes to vlan filtering code Vladislav Yasevich
2014-09-12 20:26 ` [PATCH 1/2] bridge: Check if vlan filtering is enabled only once Vladislav Yasevich
2014-09-14 14:43 ` Toshiaki Makita [this message]
2014-09-15 15:04 ` Vlad Yasevich
2014-09-12 20:26 ` [PATCH 2/2] bridge: Allow clearing of pvid and untagged bitmap Vladislav Yasevich
2014-09-13 21:22 ` [PATCH 0/2] bridge: Two small fixes to vlan filtering code David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5415A9AC.1020400@gmail.com \
--to=toshiaki.makita1@gmail.com \
--cc=makita.toshiaki@lab.ntt.co.jp \
--cc=netdev@vger.kernel.org \
--cc=shemminger@vyatta.com \
--cc=vyasevic@redhat.com \
--cc=vyasevich@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.