From: Ido Schimmel <idosch@nvidia.com>
To: netdev@kapio-technology.com
Cc: petrm@nvidia.com, ivecera@redhat.com, netdev@vger.kernel.org,
razor@blackwall.org, bridge@lists.linux-foundation.org,
roopa@nvidia.com, vladimir.oltean@nxp.com, edumazet@google.com,
mlxsw@nvidia.com, jiri@nvidia.com, kuba@kernel.org,
pabeni@redhat.com, davem@davemloft.net
Subject: Re: [Bridge] [RFC PATCH net-next 01/16] bridge: Add MAC Authentication Bypass (MAB) support
Date: Mon, 31 Oct 2022 16:43:56 +0200 [thread overview]
Message-ID: <Y1/fLCe3xApcBXCE@shredder> (raw)
In-Reply-To: <0b1655f30a383f9b12c0d0c9c11efa56@kapio-technology.com>
On Sun, Oct 30, 2022 at 11:09:31PM +0100, netdev@kapio-technology.com wrote:
> On 2022-10-25 12:00, Ido Schimmel wrote:
> > @@ -943,6 +946,14 @@ static int br_setport(struct net_bridge_port *p,
> > struct nlattr *tb[],
> > br_set_port_flag(p, tb, IFLA_BRPORT_NEIGH_SUPPRESS,
> > BR_NEIGH_SUPPRESS);
> > br_set_port_flag(p, tb, IFLA_BRPORT_ISOLATED, BR_ISOLATED);
> > br_set_port_flag(p, tb, IFLA_BRPORT_LOCKED, BR_PORT_LOCKED);
> > + br_set_port_flag(p, tb, IFLA_BRPORT_MAB, BR_PORT_MAB);
> > +
> > + if ((p->flags & BR_PORT_MAB) &&
> > + (!(p->flags & BR_PORT_LOCKED) || !(p->flags & BR_LEARNING))) {
> > + NL_SET_ERR_MSG(extack, "MAB can only be enabled on a locked port
> > with learning enabled");
>
> It's a bit odd to get this message when turning off learning on a port with
> MAB on, e.g....
>
> # bridge link set dev a2 learning off
> Error: MAB can only be enabled on a locked port with learning enabled.
It's better if you suggest something else. How about:
"Bridge port must be locked and have learning enabled when MAB is enabled"
?
WARNING: multiple messages have this Message-ID (diff)
From: Ido Schimmel <idosch@nvidia.com>
To: netdev@kapio-technology.com
Cc: netdev@vger.kernel.org, bridge@lists.linux-foundation.org,
davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com,
edumazet@google.com, jiri@nvidia.com, petrm@nvidia.com,
ivecera@redhat.com, roopa@nvidia.com, razor@blackwall.org,
vladimir.oltean@nxp.com, mlxsw@nvidia.com
Subject: Re: [RFC PATCH net-next 01/16] bridge: Add MAC Authentication Bypass (MAB) support
Date: Mon, 31 Oct 2022 16:43:56 +0200 [thread overview]
Message-ID: <Y1/fLCe3xApcBXCE@shredder> (raw)
In-Reply-To: <0b1655f30a383f9b12c0d0c9c11efa56@kapio-technology.com>
On Sun, Oct 30, 2022 at 11:09:31PM +0100, netdev@kapio-technology.com wrote:
> On 2022-10-25 12:00, Ido Schimmel wrote:
> > @@ -943,6 +946,14 @@ static int br_setport(struct net_bridge_port *p,
> > struct nlattr *tb[],
> > br_set_port_flag(p, tb, IFLA_BRPORT_NEIGH_SUPPRESS,
> > BR_NEIGH_SUPPRESS);
> > br_set_port_flag(p, tb, IFLA_BRPORT_ISOLATED, BR_ISOLATED);
> > br_set_port_flag(p, tb, IFLA_BRPORT_LOCKED, BR_PORT_LOCKED);
> > + br_set_port_flag(p, tb, IFLA_BRPORT_MAB, BR_PORT_MAB);
> > +
> > + if ((p->flags & BR_PORT_MAB) &&
> > + (!(p->flags & BR_PORT_LOCKED) || !(p->flags & BR_LEARNING))) {
> > + NL_SET_ERR_MSG(extack, "MAB can only be enabled on a locked port
> > with learning enabled");
>
> It's a bit odd to get this message when turning off learning on a port with
> MAB on, e.g....
>
> # bridge link set dev a2 learning off
> Error: MAB can only be enabled on a locked port with learning enabled.
It's better if you suggest something else. How about:
"Bridge port must be locked and have learning enabled when MAB is enabled"
?
next prev parent reply other threads:[~2022-10-31 14:43 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-25 10:00 [Bridge] [RFC PATCH net-next 00/16] bridge: Add MAC Authentication Bypass (MAB) support with offload Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 01/16] bridge: Add MAC Authentication Bypass (MAB) support Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 11:00 ` [Bridge] " Nikolay Aleksandrov
2022-10-25 11:00 ` Nikolay Aleksandrov
2022-10-27 22:58 ` [Bridge] " Vladimir Oltean
2022-10-27 22:58 ` Vladimir Oltean
2022-10-28 7:45 ` [Bridge] " netdev
2022-10-28 7:45 ` netdev
2022-10-30 12:59 ` [Bridge] " Ido Schimmel
2022-10-30 12:59 ` Ido Schimmel
2022-10-30 12:48 ` [Bridge] " Ido Schimmel
2022-10-30 12:48 ` Ido Schimmel
2022-10-30 22:09 ` [Bridge] " netdev
2022-10-30 22:09 ` netdev
2022-10-31 14:43 ` Ido Schimmel [this message]
2022-10-31 14:43 ` Ido Schimmel
2022-10-31 16:40 ` [Bridge] " netdev
2022-10-31 16:40 ` netdev
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 02/16] selftests: forwarding: Add MAC Authentication Bypass (MAB) test cases Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 03/16] bridge: switchdev: Let device drivers determine FDB offload indication Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-27 23:10 ` [Bridge] " Vladimir Oltean
2022-10-27 23:10 ` Vladimir Oltean
2022-10-30 9:25 ` [Bridge] " Ido Schimmel
2022-10-30 9:25 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 04/16] bridge: switchdev: Allow device drivers to install locked FDB entries Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 11:03 ` [Bridge] " Nikolay Aleksandrov
2022-10-25 11:03 ` Nikolay Aleksandrov
2022-10-27 23:27 ` [Bridge] " Vladimir Oltean
2022-10-27 23:27 ` Vladimir Oltean
2022-10-30 13:38 ` [Bridge] " Ido Schimmel
2022-10-30 13:38 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 05/16] devlink: Add packet traps for 802.1X operation Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 06/16] mlxsw: spectrum_trap: Register 802.1X packet traps with devlink Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 07/16] mlxsw: reg: Add Switch Port FDB Security Register Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 08/16] mlxsw: spectrum: Add an API to configure security checks Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 09/16] mlxsw: spectrum_switchdev: Prepare for locked FDB notifications Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 10/16] mlxsw: spectrum_switchdev: Add support " Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-27 23:39 ` [Bridge] " Vladimir Oltean
2022-10-27 23:39 ` Vladimir Oltean
2022-10-30 8:23 ` [Bridge] " Ido Schimmel
2022-10-30 8:23 ` Ido Schimmel
2022-10-31 8:32 ` [Bridge] " Vladimir Oltean
2022-10-31 8:32 ` Vladimir Oltean
2022-11-03 22:31 ` [Bridge] " Vladimir Oltean
2022-11-03 22:31 ` Vladimir Oltean
2022-11-03 22:54 ` [Bridge] " Ido Schimmel
2022-11-03 22:54 ` Ido Schimmel
2022-11-03 23:03 ` [Bridge] " Vladimir Oltean
2022-11-03 23:03 ` Vladimir Oltean
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 11/16] mlxsw: spectrum_switchdev: Use extack in bridge port flag validation Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 12/16] mlxsw: spectrum_switchdev: Add locked bridge port support Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 13/16] selftests: devlink_lib: Split out helper Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 14/16] selftests: mlxsw: Add a test for EAPOL trap Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 15/16] selftests: mlxsw: Add a test for locked port trap Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 10:00 ` [Bridge] [RFC PATCH net-next 16/16] selftests: mlxsw: Add a test for invalid locked bridge port configurations Ido Schimmel
2022-10-25 10:00 ` Ido Schimmel
2022-10-25 14:09 ` [Bridge] [RFC PATCH net-next 00/16] bridge: Add MAC Authentication Bypass (MAB) support with offload netdev
2022-10-25 14:09 ` netdev
2022-10-25 17:43 ` [Bridge] " Ido Schimmel
2022-10-25 17:43 ` Ido Schimmel
2022-10-27 23:49 ` [Bridge] " Vladimir Oltean
2022-10-27 23:49 ` Vladimir Oltean
2022-11-06 12:04 ` [Bridge] " netdev
2022-11-06 12:04 ` netdev
2022-11-06 13:21 ` [Bridge] " Ido Schimmel
2022-11-06 13:21 ` Ido Schimmel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y1/fLCe3xApcBXCE@shredder \
--to=idosch@nvidia.com \
--cc=bridge@lists.linux-foundation.org \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=ivecera@redhat.com \
--cc=jiri@nvidia.com \
--cc=kuba@kernel.org \
--cc=mlxsw@nvidia.com \
--cc=netdev@kapio-technology.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=petrm@nvidia.com \
--cc=razor@blackwall.org \
--cc=roopa@nvidia.com \
--cc=vladimir.oltean@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.