On 2022-08-27 13:30, Nikolay Aleksandrov wrote:
@@ -879,6 +888,10 @@ void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, &fdb->flags))) clear_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags);
if (source->flags & BR_PORT_MAB)set_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags);elseclear_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags);Please add a test for that bit and only then change it.
Okay, I have revised this part now. I hope that it is suitable?
@@ -749,6 +756,10 @@ void br_fdb_update(struct net_bridge *br, struct net_bridge_port *source, &fdb->flags)))
clear_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags); + /* Allow roaming from an unauthorized port to an + * authorized port */ + if (unlikely(test_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags))) + clear_bit(BR_FDB_ENTRY_LOCKED, &fdb->flags); }
if (unlikely(test_bit(BR_FDB_ADDED_BY_USER, &flags)))