Displaying 2 results from an estimated 2 matches for "fdb_modified".
Did you mean:
fb_modifier
2023 Jun 19
2
[Bridge] [PATCH net-next v2 2/3] bridge: Add a limit on learned FDB entries
...@@ -894,7 +940,7 @@ void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source,
}
if (unlikely(test_bit(BR_FDB_ADDED_BY_USER, &flags)))
- set_bit(BR_FDB_ADDED_BY_USER, &fdb->flags);
+ fdb_set_flag_not_learned(br, fdb, BR_FDB_ADDED_BY_USER);
if (unlikely(fdb_modified)) {
trace_br_fdb_update(br, source, addr, vid, flags);
fdb_notify(br, fdb, RTM_NEWNEIGH, true);
@@ -1070,6 +1116,8 @@ static int fdb_add_entry(struct net_bridge *br, struct net_bridge_port *source,
modified = true;
}
+ if (!(fdb->flags & BR_FDB_NOT_LEARNED_MASK))
+ br-&...
2023 Jun 19
4
[Bridge] [PATCH net-next v2 0/3, iproute2-next 0/1] bridge: Add a limit on learned FDB entries
Introduce a limit on the amount of learned FDB entries on a bridge,
configured by netlink with a build time default on bridge creation in
the kernel config.
For backwards compatibility the kernel config default is disabling the
limit (0).
Without any limit a malicious actor may OOM a kernel by spamming packets
with changing MAC addresses on their bridge port, so allow the bridge
creator to limit