Blame - recipes-kernel/linux/linux-mediatek-5.4/generic/hack-5.4/640-bridge-only-accept-EAP-locally.patch - filogic/rdk-b/meta-filogic

blob: 9f4534f5e840cb67a70bce5f8fcb732981f27bea [file] [log] [blame]

developer	ec4ebe4	2022-04-12 11:17:45 +0800	[diff] [blame]	1	From: Felix Fietkau <nbd@nbd.name>
				2	Date: Fri, 7 Jul 2017 17:18:54 +0200
				3	Subject: bridge: only accept EAP locally
				4
				5	When bridging, do not forward EAP frames to other ports, only deliver
				6	them locally, regardless of the state.
				7
				8	Signed-off-by: Felix Fietkau <nbd@nbd.name>
				9	[add disable_eap_hack sysfs attribute]
				10	Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
				11	---
				12
				13	--- a/net/bridge/br_input.c
				14	+++ b/net/bridge/br_input.c
developer	9c03829	2022-07-06 15:03:09 +0800	[diff] [blame]	15	@@ -110,10 +110,14 @@ int br_handle_frame_finish(struct net *n
developer	ec4ebe4	2022-04-12 11:17:45 +0800	[diff] [blame]	16	}
				17	}
				18
				19	+ BR_INPUT_SKB_CB(skb)->brdev = br->dev;
				20	+
				21	+ if (skb->protocol == htons(ETH_P_PAE) && !br->disable_eap_hack)
				22	+ return br_pass_frame_up(skb);
				23	+
				24	if (p->state == BR_STATE_LEARNING)
				25	goto drop;
				26
				27	- BR_INPUT_SKB_CB(skb)->brdev = br->dev;
				28	BR_INPUT_SKB_CB(skb)->src_port_isolated = !!(p->flags & BR_ISOLATED);
				29
				30	if (IS_ENABLED(CONFIG_INET) &&
				31	--- a/net/bridge/br_private.h
				32	+++ b/net/bridge/br_private.h
				33	@@ -345,6 +345,8 @@ struct net_bridge {
				34	u16 group_fwd_mask;
				35	u16 group_fwd_mask_required;
				36
				37	+ bool disable_eap_hack;
				38	+
				39	/* STP */
				40	bridge_id designated_root;
				41	bridge_id bridge_id;
				42	--- a/net/bridge/br_sysfs_br.c
				43	+++ b/net/bridge/br_sysfs_br.c
				44	@@ -166,6 +166,30 @@ static ssize_t group_fwd_mask_store(stru
				45	}
				46	static DEVICE_ATTR_RW(group_fwd_mask);
				47
				48	+static ssize_t disable_eap_hack_show(struct device *d,
				49	+ struct device_attribute *attr,
				50	+ char *buf)
				51	+{
				52	+ struct net_bridge *br = to_bridge(d);
				53	+ return sprintf(buf, "%u\n", br->disable_eap_hack);
				54	+}
				55	+
				56	+static int set_disable_eap_hack(struct net_bridge *br, unsigned long val)
				57	+{
				58	+ br->disable_eap_hack = !!val;
				59	+
				60	+ return 0;
				61	+}
				62	+
				63	+static ssize_t disable_eap_hack_store(struct device *d,
				64	+ struct device_attribute *attr,
				65	+ const char *buf,
				66	+ size_t len)
				67	+{
				68	+ return store_bridge_parm(d, buf, len, set_disable_eap_hack);
				69	+}
				70	+static DEVICE_ATTR_RW(disable_eap_hack);
				71	+
				72	static ssize_t priority_show(struct device d, struct device_attribute attr,
				73	char *buf)
				74	{
				75	@@ -851,6 +875,7 @@ static struct attribute *bridge_attrs[]
				76	&dev_attr_ageing_time.attr,
				77	&dev_attr_stp_state.attr,
				78	&dev_attr_group_fwd_mask.attr,
				79	+ &dev_attr_disable_eap_hack.attr,
				80	&dev_attr_priority.attr,
				81	&dev_attr_bridge_id.attr,
				82	&dev_attr_root_id.attr,