Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp4317230imw; Tue, 12 Jul 2022 06:04:06 -0700 (PDT) X-Google-Smtp-Source: AGRyM1ucY+hoTB9EmMXFYtfsRxYDICanMd/Bw578U8vG8M5IzX++xlrRw/t0cHWrSgD3xWw/oJE2 X-Received: by 2002:a17:907:6d86:b0:72b:5ad6:6df1 with SMTP id sb6-20020a1709076d8600b0072b5ad66df1mr9616684ejc.264.1657631046224; Tue, 12 Jul 2022 06:04:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657631046; cv=none; d=google.com; s=arc-20160816; b=F3BrjggLovUtVYtbl5/b+A42vSIiT+LomE5JB+ddXxEUdXhHkMkiehT8ymR9lUDtOp WZ4FcJ6Y2Itmraj4j+ibyDDtGvUHVSDu/lLNiqtsNg4qK8B9+xSA8Hiwu3O1gACvAF6u s/awDy3NKZqrOGobxTbzY63Y9AzAC2wXqQP1+gSULE4oYFa3Rto1AkJg6t8iyJK3iM40 7DBZ/AUNiEUjAoSPD34C4+y1geVnflMewgxNwxnshXvtnaJ+GoaduSdbYrZQ+UlkNFjx y0qy3WEDABSOFZFHc/8zA7hYWSlZLsKr1t8tXTZ9KWCb88DaLaSG/RclVdTJZYuFR6MW Uv1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:message-id:user-agent :references:in-reply-to:subject:cc:to:from:date:mime-version; bh=FABaxaHpBYPALKHkKwlSZtOeorgYBORIY7V+SXh+/0o=; b=vP9svMtmlMPyqXZaxlcT1DQKpQUtNmVc72j5xU9d5HyKl07zeYs1EvIU8k3YvhxHJO vjZJ2ksj9N8Ii9I8+2NMgE8QX2UUZmYxUvWVZDG0j5ZCMASET+RXUluftsMrATMXKSsY FstgT2AVHtuqS+ms+QxUIRIA/C+akNQGn6+p6hWVCofumz63gMN50ysIelX0AWGbKyLg 4SZPZN1n73o53SXtgIU5JRo6MUzLR+7URkffwL8rEhh8ZwFMYQkirKanHp9Bf5QIr7Vq hjbedJLiyzMqfc6HMxJXJYONwTjMpkYCQ9pilFafBPgMpPrLfpKtnWrtVLkKuhxCk+73 cfXQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q13-20020a056402248d00b0043a7351594dsi12958504eda.254.2022.07.12.06.03.40; Tue, 12 Jul 2022 06:04:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232760AbiGLM2n (ORCPT + 99 others); Tue, 12 Jul 2022 08:28:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45630 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229729AbiGLM2m (ORCPT ); Tue, 12 Jul 2022 08:28:42 -0400 Received: from mailout-taastrup.gigahost.dk (mailout-taastrup.gigahost.dk [46.183.139.199]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 78BC27679; Tue, 12 Jul 2022 05:28:37 -0700 (PDT) Received: from mailout.gigahost.dk (mailout.gigahost.dk [89.186.169.112]) by mailout-taastrup.gigahost.dk (Postfix) with ESMTP id 17772188604C; Tue, 12 Jul 2022 12:28:36 +0000 (UTC) Received: from smtp.gigahost.dk (smtp.gigahost.dk [89.186.169.109]) by mailout.gigahost.dk (Postfix) with ESMTP id DF31225032B7; Tue, 12 Jul 2022 12:28:35 +0000 (UTC) Received: by smtp.gigahost.dk (Postfix, from userid 1000) id D267BA1E00AD; Tue, 12 Jul 2022 12:28:35 +0000 (UTC) X-Screener-Id: 413d8c6ce5bf6eab4824d0abaab02863e8e3f662 MIME-Version: 1.0 Date: Tue, 12 Jul 2022 14:28:35 +0200 From: netdev@kapio-technology.com To: Ido Schimmel Cc: davem@davemloft.net, kuba@kernel.org, netdev@vger.kernel.org, Andrew Lunn , Vivien Didelot , Florian Fainelli , Vladimir Oltean , Eric Dumazet , Paolo Abeni , Jiri Pirko , Ivan Vecera , Roopa Prabhu , Nikolay Aleksandrov , Shuah Khan , Daniel Borkmann , linux-kernel@vger.kernel.org, bridge@lists.linux-foundation.org, linux-kselftest@vger.kernel.org Subject: Re: [PATCH v4 net-next 6/6] selftests: forwarding: add test of MAC-Auth Bypass to locked port tests In-Reply-To: References: <20220707152930.1789437-1-netdev@kapio-technology.com> <20220707152930.1789437-7-netdev@kapio-technology.com> User-Agent: Gigahost Webmail Message-ID: X-Sender: netdev@kapio-technology.com Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00,FROM_FMBLA_NEWDOM14, RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2022-07-10 09:29, Ido Schimmel wrote: > On Thu, Jul 07, 2022 at 05:29:30PM +0200, Hans Schultz wrote: >> +locked_port_mab() >> +{ >> + RET=0 >> + check_locked_port_support || return 0 >> + >> + ping_do $h1 192.0.2.2 >> + check_err $? "MAB: Ping did not work before locking port" >> + >> + bridge link set dev $swp1 locked on >> + bridge link set dev $swp1 learning on > > I was under the impression that we agreed that learning does not need > to > be enabled in the bridge driver > Sorry, you are right. I forgot to change it here. >> + >> + ping_do $h1 192.0.2.2 >> + check_fail $? "MAB: Ping worked on locked port without FDB entry" >> + >> + bridge fdb show | grep `mac_get $h1` | grep -q "locked" >> + check_err $? "MAB: No locked fdb entry after ping on locked port" >> + >> + bridge fdb replace `mac_get $h1` dev $swp1 master static >> + >> + ping_do $h1 192.0.2.2 >> + check_err $? "MAB: Ping did not work with fdb entry without locked >> flag" >> + >> + bridge fdb del `mac_get $h1` dev $swp1 master >> + bridge link set dev $swp1 learning off >> + bridge link set dev $swp1 locked off >> + >> + log_test "Locked port MAB" >> +} >> trap cleanup EXIT >> >> setup_prepare >> -- >> 2.30.2 >>