git.baikalelectronics.ru Git - kernel.git/commit

author	Vladimir Oltean <vladimir.oltean@nxp.com>
	Tue, 16 Feb 2021 11:41:19 +0000 (13:41 +0200)
committer	David S. Miller <davem@davemloft.net>
	Tue, 16 Feb 2021 22:02:46 +0000 (14:02 -0800)
commit	6cccd7bf2a417f25b3c44bf314de3b6683c63708
tree	f274f922b50633cbda873252f5fcec2786fb3d4a	tree \| snapshot
parent	83f702f9c21e78a4d7272778d2a9188911d12b78	commit \| diff

net: dsa: sja1105: fix leakage of flooded frames outside bridging domain

Quite embarrasingly, I managed to fool myself into thinking that the
flooding domain of sja1105 source ports is restricted by the forwarding
domain, which it isn't. Frames which match an FDB entry are forwarded
towards that entry's DESTPORTS restricted by REACH_PORT[SRC_PORT], while
frames that don't match any FDB entry are forwarded towards
FL_DOMAIN[SRC_PORT] or BC_DOMAIN[SRC_PORT].

This means we can't get away with doing the simple thing, and we must
manage the flooding domain ourselves such that it is restricted by the
forwarding domain. This new function must be called from the
.port_bridge_join and .port_bridge_leave methods too, not just from
.port_bridge_flags as we did before.

Fixes: 30abb4062fc1 ("net: dsa: sja1105: offload bridge port flags to device")
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

drivers/net/dsa/sja1105/sja1105.h		diff \| blob \| history
drivers/net/dsa/sja1105/sja1105_main.c		diff \| blob \| history