Message ID | 20220218155148.2329797-3-schultz.hans+netdev@gmail.com (mailing list archive) |
---|---|
State | Accepted |
Commit | fa1c83342987d8b2fd246894295393e09b0af18f |
Headers | show |
Series | Add support for locked bridge ports (for 802.1X) | expand |
On 18/02/2022 17:51, Hans Schultz wrote: > Various switchcores support setting ports in locked mode, so that > clients behind locked ports cannot send traffic through the port > unless a fdb entry is added with the clients MAC address. > > Signed-off-by: Hans Schultz <schultz.hans+netdev@gmail.com> > --- > net/bridge/br_switchdev.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c > index f8fbaaa7c501..bf549fc22556 100644 > --- a/net/bridge/br_switchdev.c > +++ b/net/bridge/br_switchdev.c > @@ -72,7 +72,7 @@ bool nbp_switchdev_allowed_egress(const struct net_bridge_port *p, > > /* Flags that can be offloaded to hardware */ > #define BR_PORT_FLAGS_HW_OFFLOAD (BR_LEARNING | BR_FLOOD | \ > - BR_MCAST_FLOOD | BR_BCAST_FLOOD) > + BR_MCAST_FLOOD | BR_BCAST_FLOOD | BR_PORT_LOCKED) > > int br_switchdev_set_port_flag(struct net_bridge_port *p, > unsigned long flags, Acked-by: Nikolay Aleksandrov <nikolay@nvidia.com>
On Fri, Feb 18, 2022 at 04:51:45PM +0100, Hans Schultz wrote: > Various switchcores support setting ports in locked mode, so that > clients behind locked ports cannot send traffic through the port > unless a fdb entry is added with the clients MAC address. > > Signed-off-by: Hans Schultz <schultz.hans+netdev@gmail.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com>
diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index f8fbaaa7c501..bf549fc22556 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -72,7 +72,7 @@ bool nbp_switchdev_allowed_egress(const struct net_bridge_port *p, /* Flags that can be offloaded to hardware */ #define BR_PORT_FLAGS_HW_OFFLOAD (BR_LEARNING | BR_FLOOD | \ - BR_MCAST_FLOOD | BR_BCAST_FLOOD) + BR_MCAST_FLOOD | BR_BCAST_FLOOD | BR_PORT_LOCKED) int br_switchdev_set_port_flag(struct net_bridge_port *p, unsigned long flags,
Various switchcores support setting ports in locked mode, so that clients behind locked ports cannot send traffic through the port unless a fdb entry is added with the clients MAC address. Signed-off-by: Hans Schultz <schultz.hans+netdev@gmail.com> --- net/bridge/br_switchdev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)