From: Ido Schimmel <idosch@nvidia.com> To: netdev@kapio-technology.com Cc: Vladimir Oltean <olteanv@gmail.com>, davem@davemloft.net, kuba@kernel.org, netdev@vger.kernel.org, Andrew Lunn <andrew@lunn.ch>, Vivien Didelot <vivien.didelot@gmail.com>, Florian Fainelli <f.fainelli@gmail.com>, Eric Dumazet <edumazet@google.com>, Paolo Abeni <pabeni@redhat.com>, Jiri Pirko <jiri@resnulli.us>, Ivan Vecera <ivecera@redhat.com>, Roopa Prabhu <roopa@nvidia.com>, Nikolay Aleksandrov <razor@blackwall.org>, Shuah Khan <shuah@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, linux-kernel@vger.kernel.org, bridge@lists.linux-foundation.org, linux-kselftest@vger.kernel.org Subject: Re: [PATCH v4 net-next 3/6] drivers: net: dsa: add locked fdb entry flag to drivers Date: Tue, 23 Aug 2022 10:24:38 +0300 [thread overview] Message-ID: <YwSAtgS7fgHNLMEy@shredder> (raw) In-Reply-To: <9dcb4db4a77811308c56fe5b9b7c5257@kapio-technology.com> On Tue, Aug 23, 2022 at 09:13:54AM +0200, netdev@kapio-technology.com wrote: > On 2022-08-23 08:48, Ido Schimmel wrote: > > On Mon, Aug 22, 2022 at 09:49:28AM +0200, netdev@kapio-technology.com > > wrote: > > > > As I am not familiar with roaming in this context, I need to know > > > how the SW > > > bridge should behave in this case. > > > > > > In this case, is the roaming only between locked ports or does the > > > roaming include that the entry can move to a unlocked port, resulting > > > in the locked flag getting removed? > > > > Any two ports. If the "locked" entry in mv88e6xxx cannot move once > > installed, then the "sticky" flag accurately describes it. > > > > But since I am also doing the SW bridge implementation without mv88e6xxx I > need it to function according to needs. > Thus the locked entries created in the bridge I shall not put the sticky > flag on, but there will be the situation where a locked entry can move to an > unlocked port, which we regarded as a bug. I do not regard this as a bug. It makes sense to me that an authorized port can cause an entry pointing to an unauthorized port to roam to itself. Just like normal learned entries. What I considered as a bug is the fact that the "locked" flag is not cleared when roaming to an authorized port. > In that case there is two possibilities, the locked entry can move to > an unlocked port with the locked flag being removed or the locked > entry can only move to another locked port? My suggestion is to allow roaming and maintain / clear the "locked" flag based on whether the new destination port is locked or not.
WARNING: multiple messages have this Message-ID (diff)
From: Ido Schimmel <idosch@nvidia.com> To: netdev@kapio-technology.com Cc: Ivan Vecera <ivecera@redhat.com>, Andrew Lunn <andrew@lunn.ch>, Florian Fainelli <f.fainelli@gmail.com>, Jiri Pirko <jiri@resnulli.us>, Daniel Borkmann <daniel@iogearbox.net>, netdev@vger.kernel.org, Nikolay Aleksandrov <razor@blackwall.org>, bridge@lists.linux-foundation.org, linux-kernel@vger.kernel.org, Vivien Didelot <vivien.didelot@gmail.com>, Eric Dumazet <edumazet@google.com>, Paolo Abeni <pabeni@redhat.com>, linux-kselftest@vger.kernel.org, Roopa Prabhu <roopa@nvidia.com>, kuba@kernel.org, Vladimir Oltean <olteanv@gmail.com>, Shuah Khan <shuah@kernel.org>, davem@davemloft.net Subject: Re: [Bridge] [PATCH v4 net-next 3/6] drivers: net: dsa: add locked fdb entry flag to drivers Date: Tue, 23 Aug 2022 10:24:38 +0300 [thread overview] Message-ID: <YwSAtgS7fgHNLMEy@shredder> (raw) In-Reply-To: <9dcb4db4a77811308c56fe5b9b7c5257@kapio-technology.com> On Tue, Aug 23, 2022 at 09:13:54AM +0200, netdev@kapio-technology.com wrote: > On 2022-08-23 08:48, Ido Schimmel wrote: > > On Mon, Aug 22, 2022 at 09:49:28AM +0200, netdev@kapio-technology.com > > wrote: > > > > As I am not familiar with roaming in this context, I need to know > > > how the SW > > > bridge should behave in this case. > > > > > > In this case, is the roaming only between locked ports or does the > > > roaming include that the entry can move to a unlocked port, resulting > > > in the locked flag getting removed? > > > > Any two ports. If the "locked" entry in mv88e6xxx cannot move once > > installed, then the "sticky" flag accurately describes it. > > > > But since I am also doing the SW bridge implementation without mv88e6xxx I > need it to function according to needs. > Thus the locked entries created in the bridge I shall not put the sticky > flag on, but there will be the situation where a locked entry can move to an > unlocked port, which we regarded as a bug. I do not regard this as a bug. It makes sense to me that an authorized port can cause an entry pointing to an unauthorized port to roam to itself. Just like normal learned entries. What I considered as a bug is the fact that the "locked" flag is not cleared when roaming to an authorized port. > In that case there is two possibilities, the locked entry can move to > an unlocked port with the locked flag being removed or the locked > entry can only move to another locked port? My suggestion is to allow roaming and maintain / clear the "locked" flag based on whether the new destination port is locked or not.
next prev parent reply other threads:[~2022-08-23 7:24 UTC|newest] Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-08-12 12:29 [PATCH v4 net-next 3/6] drivers: net: dsa: add locked fdb entry flag to drivers netdev 2022-08-12 12:29 ` [Bridge] " netdev 2022-08-14 14:55 ` Ido Schimmel 2022-08-14 14:55 ` [Bridge] " Ido Schimmel 2022-08-19 9:51 ` netdev 2022-08-19 9:51 ` [Bridge] " netdev 2022-08-21 7:08 ` Ido Schimmel 2022-08-21 7:08 ` [Bridge] " Ido Schimmel 2022-08-21 13:43 ` netdev 2022-08-21 13:43 ` [Bridge] " netdev 2022-08-22 5:40 ` Ido Schimmel 2022-08-22 5:40 ` [Bridge] " Ido Schimmel 2022-08-22 7:49 ` netdev 2022-08-22 7:49 ` [Bridge] " netdev 2022-08-23 6:48 ` Ido Schimmel 2022-08-23 6:48 ` [Bridge] " Ido Schimmel 2022-08-23 7:13 ` netdev 2022-08-23 7:13 ` [Bridge] " netdev 2022-08-23 7:24 ` Ido Schimmel [this message] 2022-08-23 7:24 ` Ido Schimmel 2022-08-23 7:37 ` netdev 2022-08-23 7:37 ` [Bridge] " netdev 2022-08-23 12:36 ` Ido Schimmel 2022-08-23 12:36 ` [Bridge] " Ido Schimmel 2022-08-24 7:07 ` netdev 2022-08-24 7:07 ` [Bridge] " netdev 2022-08-23 11:41 ` netdev 2022-08-23 11:41 ` [Bridge] " netdev 2022-08-25 9:36 ` Ido Schimmel 2022-08-25 9:36 ` [Bridge] " Ido Schimmel 2022-08-25 10:28 ` netdev 2022-08-25 10:28 ` [Bridge] " netdev 2022-08-25 15:14 ` netdev 2022-08-25 15:14 ` [Bridge] " netdev 2022-08-24 20:29 ` netdev 2022-08-24 20:29 ` [Bridge] " netdev 2022-08-25 9:23 ` Ido Schimmel 2022-08-25 9:23 ` [Bridge] " Ido Schimmel 2022-08-25 10:27 ` netdev 2022-08-25 10:27 ` [Bridge] " netdev 2022-08-25 11:58 ` Ido Schimmel 2022-08-25 11:58 ` [Bridge] " Ido Schimmel 2022-08-25 13:41 ` netdev 2022-08-25 13:41 ` [Bridge] " netdev -- strict thread matches above, loose matches on Subject: below -- 2022-07-07 15:29 [PATCH v4 net-next 0/6] Extend locked port feature with FDB locked flag (MAC-Auth/MAB) Hans Schultz 2022-07-07 15:29 ` [PATCH v4 net-next 3/6] drivers: net: dsa: add locked fdb entry flag to drivers Hans Schultz 2022-07-08 7:12 ` kernel test robot 2022-07-08 8:49 ` Vladimir Oltean 2022-07-08 9:06 ` netdev 2022-07-08 9:15 ` Vladimir Oltean 2022-07-08 9:27 ` netdev 2022-07-08 9:50 ` netdev 2022-07-08 11:56 ` Vladimir Oltean 2022-07-08 12:34 ` netdev 2022-07-10 8:35 ` Ido Schimmel 2022-07-13 7:09 ` netdev 2022-07-13 12:39 ` Ido Schimmel 2022-07-17 12:21 ` netdev 2022-07-17 12:57 ` Vladimir Oltean 2022-07-17 13:09 ` netdev 2022-07-17 13:59 ` Vladimir Oltean 2022-07-17 14:57 ` netdev 2022-07-17 15:08 ` Vladimir Oltean 2022-07-17 16:10 ` netdev 2022-07-21 11:54 ` Vladimir Oltean 2022-07-17 15:20 ` Ido Schimmel 2022-07-17 15:53 ` netdev 2022-07-21 11:59 ` Vladimir Oltean 2022-07-21 13:27 ` Ido Schimmel 2022-07-21 14:20 ` Vladimir Oltean 2022-07-24 11:10 ` Ido Schimmel 2022-08-01 11:57 ` netdev 2022-08-01 13:14 ` netdev 2022-08-02 12:54 ` netdev 2022-08-01 15:33 ` netdev 2022-08-09 9:20 ` Ido Schimmel 2022-08-09 20:00 ` netdev 2022-08-10 7:21 ` Ido Schimmel 2022-08-10 8:40 ` netdev 2022-08-11 11:28 ` Ido Schimmel 2022-08-12 15:33 ` netdev 2022-08-16 7:51 ` netdev 2022-08-17 6:21 ` Ido Schimmel 2022-07-21 11:51 ` Vladimir Oltean 2022-07-08 20:39 ` kernel test robot
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=YwSAtgS7fgHNLMEy@shredder \ --to=idosch@nvidia.com \ --cc=andrew@lunn.ch \ --cc=bridge@lists.linux-foundation.org \ --cc=daniel@iogearbox.net \ --cc=davem@davemloft.net \ --cc=edumazet@google.com \ --cc=f.fainelli@gmail.com \ --cc=ivecera@redhat.com \ --cc=jiri@resnulli.us \ --cc=kuba@kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-kselftest@vger.kernel.org \ --cc=netdev@kapio-technology.com \ --cc=netdev@vger.kernel.org \ --cc=olteanv@gmail.com \ --cc=pabeni@redhat.com \ --cc=razor@blackwall.org \ --cc=roopa@nvidia.com \ --cc=shuah@kernel.org \ --cc=vivien.didelot@gmail.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.