Re: [PATCH v2 net-next 1/4] net: bridge: add fdb flag to extent locked port feature

From: Ido Schimmel
Date: Thu Mar 17 2022 - 09:44:16 EST

Next message: Rafael J. Wysocki: "Re: [PATCH v2] PM: fix dynamic debug within pm_pr_debug()"
Previous message: Paul E. McKenney: "Re: mmotm 2022-03-16-17-42 uploaded (uml sub-x86_64, sched/fair, RCU)"
In reply to: Nikolay Aleksandrov: "Re: [PATCH v2 net-next 1/4] net: bridge: add fdb flag to extent locked port feature"
Next in thread: Nikolay Aleksandrov: "Re: [PATCH v2 net-next 1/4] net: bridge: add fdb flag to extent locked port feature"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Mar 17, 2022 at 10:38:59AM +0100, Hans Schultz wrote:
> Add an intermediate state for clients behind a locked port to allow for
> possible opening of the port for said clients. This feature corresponds
> to the Mac-Auth and MAC Authentication Bypass (MAB) named features. The
> latter defined by Cisco.
> Only the kernel can set this FDB entry flag, while userspace can read
> the flag and remove it by deleting the FDB entry.

Can you explain where this flag is rejected by the kernel?

Nik, it seems the bridge ignores 'NDA_FLAGS_EXT', but I think that for
new flags we should do a better job and reject unsupported
configurations. WDYT?

The neighbour code will correctly reject the new flag due to
'NTF_EXT_MASK'.

Next message: Rafael J. Wysocki: "Re: [PATCH v2] PM: fix dynamic debug within pm_pr_debug()"
Previous message: Paul E. McKenney: "Re: mmotm 2022-03-16-17-42 uploaded (uml sub-x86_64, sched/fair, RCU)"
In reply to: Nikolay Aleksandrov: "Re: [PATCH v2 net-next 1/4] net: bridge: add fdb flag to extent locked port feature"
Next in thread: Nikolay Aleksandrov: "Re: [PATCH v2 net-next 1/4] net: bridge: add fdb flag to extent locked port feature"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]