From: Nikolay Aleksandrov <razor@blackwall.org>
To: netdev@vger.kernel.org
Cc: roopa@nvidia.com, idosch@idosch.org, kuba@kernel.org,
davem@davemloft.net, bridge@lists.linux-foundation.org,
Nikolay Aleksandrov <razor@blackwall.org>
Subject: [PATCH net-next v2 8/8] net: bridge: fdb: add support for flush filtering based on ifindex and vlan
Date: Mon, 11 Apr 2022 20:29:34 +0300 [thread overview]
Message-ID: <20220411172934.1813604-9-razor@blackwall.org> (raw)
In-Reply-To: <20220411172934.1813604-1-razor@blackwall.org>
Add support for fdb flush filtering based on destination ifindex and
vlan id. The ifindex must either match a port's device ifindex or the
bridge's. The vlan support is trivial since it's already validated by
rtnl_fdb_flush, we just need to fill it in.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>
---
v2: validate ifindex and fill in vlan id
net/bridge/br_fdb.c | 42 +++++++++++++++++++++++++++++++++++++++++-
1 file changed, 41 insertions(+), 1 deletion(-)
diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c
index 2cea03cbc55f..b078a656776a 100644
--- a/net/bridge/br_fdb.c
+++ b/net/bridge/br_fdb.c
@@ -622,12 +622,44 @@ static unsigned long __ndm_flags_to_fdb_flags(u8 ndm_flags)
return flags;
}
+static int __fdb_flush_validate_ifindex(const struct net_bridge *br,
+ int ifindex,
+ struct netlink_ext_ack *extack)
+{
+ const struct net_device *dev;
+
+ dev = __dev_get_by_index(dev_net(br->dev), ifindex);
+ if (!dev) {
+ NL_SET_ERR_MSG_MOD(extack, "Unknown flush device ifindex");
+ return -ENODEV;
+ }
+ if (!netif_is_bridge_master(dev) && !netif_is_bridge_port(dev)) {
+ NL_SET_ERR_MSG_MOD(extack, "Flush device is not a bridge or bridge port");
+ return -EINVAL;
+ }
+ if (netif_is_bridge_master(dev) && dev != br->dev) {
+ NL_SET_ERR_MSG_MOD(extack,
+ "Flush bridge device does not match target bridge device");
+ return -EINVAL;
+ }
+ if (netif_is_bridge_port(dev)) {
+ struct net_bridge_port *p = br_port_get_rtnl(dev);
+
+ if (p->br != br) {
+ NL_SET_ERR_MSG_MOD(extack, "Port belongs to a different bridge device");
+ return -EINVAL;
+ }
+ }
+
+ return 0;
+}
+
int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[],
struct net_device *dev, u16 vid,
struct netlink_ext_ack *extack)
{
u8 ndm_flags = ndm->ndm_flags & ~FDB_FLUSH_IGNORED_NDM_FLAGS;
- struct net_bridge_fdb_flush_desc desc = {};
+ struct net_bridge_fdb_flush_desc desc = { .vlan_id = vid };
struct net_bridge *br;
if (netif_is_bridge_master(dev)) {
@@ -663,6 +695,14 @@ int br_fdb_flush(struct ndmsg *ndm, struct nlattr *tb[],
desc.flags_mask |= __ndm_flags_to_fdb_flags(ndm_flags_mask);
}
+ if (tb[NDFA_IFINDEX]) {
+ int err, ifidx = nla_get_s32(tb[NDFA_IFINDEX]);
+
+ err = __fdb_flush_validate_ifindex(br, ifidx, extack);
+ if (err)
+ return err;
+ desc.port_ifindex = ifidx;
+ }
br_debug(br, "flushing port ifindex: %d vlan id: %u flags: 0x%lx flags mask: 0x%lx\n",
desc.port_ifindex, desc.vlan_id, desc.flags, desc.flags_mask);
--
2.35.1
next prev parent reply other threads:[~2022-04-11 17:30 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-11 17:29 [PATCH net-next v2 0/8] net: bridge: add flush filtering support Nikolay Aleksandrov
2022-04-11 17:29 ` [PATCH net-next v2 1/8] net: rtnetlink: add RTM_FLUSHNEIGH Nikolay Aleksandrov
2022-04-11 22:57 ` David Ahern
2022-04-11 17:29 ` [PATCH net-next v2 2/8] net: add ndo_fdb_flush op Nikolay Aleksandrov
2022-04-11 17:29 ` [PATCH net-next v2 3/8] net: bridge: fdb: " Nikolay Aleksandrov
2022-04-11 17:29 ` [PATCH net-next v2 4/8] net: rtnetlink: register a generic rtnl_fdb_flush call Nikolay Aleksandrov
2022-04-11 17:29 ` [PATCH net-next v2 5/8] net: rtnetlink: add common flush attributes Nikolay Aleksandrov
2022-04-11 17:29 ` [PATCH net-next v2 6/8] net: bridge: fdb: add support for fine-grained flushing Nikolay Aleksandrov
2022-04-11 17:29 ` [PATCH net-next v2 7/8] net: bridge: fdb: add support for flush filtering based on ndm flags and state Nikolay Aleksandrov
2022-04-11 17:29 ` Nikolay Aleksandrov [this message]
2022-04-11 17:42 ` [PATCH net-next v2 0/8] net: bridge: add flush filtering support Nikolay Aleksandrov
2022-04-11 18:08 ` Roopa Prabhu
2022-04-11 18:18 ` Nikolay Aleksandrov
2022-04-11 18:31 ` Nikolay Aleksandrov
2022-04-11 19:22 ` Roopa Prabhu
2022-04-11 19:49 ` Jakub Kicinski
2022-04-11 20:34 ` Nikolay Aleksandrov
2022-04-11 20:48 ` Jakub Kicinski
2022-04-11 21:17 ` Nikolay Aleksandrov
2022-04-11 21:35 ` Jakub Kicinski
2022-04-11 23:03 ` David Ahern
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220411172934.1813604-9-razor@blackwall.org \
--to=razor@blackwall.org \
--cc=bridge@lists.linux-foundation.org \
--cc=davem@davemloft.net \
--cc=idosch@idosch.org \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=roopa@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).