Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp643804rdb; Tue, 19 Sep 2023 06:22:08 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGLuvpDZPATt3LVWAVryo64lAZKWagSzUPBgIsaHQY3Ta5UjsqQvlgz6DGjxc4fx221KT6l X-Received: by 2002:a05:6a20:8e17:b0:13e:fb5e:b460 with SMTP id y23-20020a056a208e1700b0013efb5eb460mr3228419pzj.0.1695129727975; Tue, 19 Sep 2023 06:22:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695129727; cv=none; d=google.com; s=arc-20160816; b=iey17dVOZ2OsSMkEspd4ddzK69WRLhWNHjK4nkexLfzWUk98FmDmdXpa7Mcnyezc3f A3LFgkoguR3fIRfLeu7lqUzKs2q/c1VlLtQjMBFciOovp5fCABpYA0VAYaF1p25RLhqR zz18Y5DlJ8n5G6rloT/5MUnhFTj8QXKAvd8qxHm7wLNXOLs+FQqDf2sqP2JsuKDrlyo1 goq9cZ3Q1n/hbPlJHCLKKY3KWE7ukipKJxxsqkkZrolEn9vLdcTaRmanRIO5XgdvMUo4 psNmel+U5s93t4tOT23vkuFLapjgwBrSW04wYQdN3SJlS/tM3XCEZMIHJZXYfMUxhvde 6ZNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:in-reply-to:references:message-id :content-transfer-encoding:mime-version:subject:date:from :dkim-signature; bh=CUSb/3XqlYDH5OBrOWVNP9Z/sZJ3V5JqfOPS90ZjmaQ=; fh=vdy8fLmkzgLosg2v5sVYMftPpjJTf1v+KansN80xFQ8=; b=MifAhsRPQTb/CzurDzDFoSPalR7gUqCylSdvvNrCO4U/ISH5lN1Me8uYZEFnLLkc+G y/7QJv/rNQzc5SHxizcJe+K8rkWS7+vvlboS9RpnKx/Md6U1Hg2k+noY+394HeH2qcfw tlTC6xeucNiF+O2P7fysveTXg8lt9x9Mtf3THIyEUPt0S1/4wAODiEIOr+KW5p+/LNxU XSuMY5sn+TW3MgyALNfBw49JEpS+a6wo9LO4kPmBlb7UTYyUnvSveKynnYNMoIWN5pM0 Oq+gx4idxvw45veDr69u0ISydeuXzW9d2MVnsWi71sPj2MtpZ+JGcHgsnbMdiTec6yYW PN/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@avm.de header.s=mail header.b=AQhHrDYW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=avm.de Return-Path: Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id l2-20020a635702000000b005648d20203dsi9801468pgb.233.2023.09.19.06.22.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 06:22:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; dkim=pass header.i=@avm.de header.s=mail header.b=AQhHrDYW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=avm.de Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id F320F817733C; Tue, 19 Sep 2023 05:18:23 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232135AbjISMR4 (ORCPT + 99 others); Tue, 19 Sep 2023 08:17:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60110 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232038AbjISMR1 (ORCPT ); Tue, 19 Sep 2023 08:17:27 -0400 Received: from mail.avm.de (mail.avm.de [212.42.244.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6A228CFF; Tue, 19 Sep 2023 05:16:37 -0700 (PDT) Received: from mail-auth.avm.de (unknown [IPv6:2001:bf0:244:244::71]) by mail.avm.de (Postfix) with ESMTPS; Tue, 19 Sep 2023 14:16:34 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=avm.de; s=mail; t=1695125794; bh=4WWlKNadMGkTnmL4PvXNuKsmDGQzVnZw8UxCfJCcdGo=; h=From:Date:Subject:References:In-Reply-To:To:Cc:From; b=AQhHrDYWb6C5/W81I+QHjRKyGz9lFv7uqkddFFFLGz4p7PDwnoRUFQBdFQcmaU3Vh 4iGpkpELubYLVuPqKg5TGMUyr/xqsodyGqZMsQvIruePXSkTr77dL27BvlDEpNYRlO pv+xymiJ+XycD3vfVZa6B5UuF/OdDZbEyezHt/v4= Received: from localhost (unknown [172.17.88.63]) by mail-auth.avm.de (Postfix) with ESMTPSA id B029981FF3; Tue, 19 Sep 2023 14:16:34 +0200 (CEST) From: Johannes Nixdorf Date: Tue, 19 Sep 2023 10:12:52 +0200 Subject: [PATCH net-next v4 5/6] net: bridge: Add a configurable default FDB learning limit MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <20230919-fdb_limit-v4-5-39f0293807b8@avm.de> References: <20230919-fdb_limit-v4-0-39f0293807b8@avm.de> In-Reply-To: <20230919-fdb_limit-v4-0-39f0293807b8@avm.de> To: "David S. Miller" , Andrew Lunn , David Ahern , Eric Dumazet , Florian Fainelli , Ido Schimmel , Jakub Kicinski , Nikolay Aleksandrov , Oleksij Rempel , Paolo Abeni , Roopa Prabhu , Shuah Khan , Vladimir Oltean Cc: bridge@lists.linux-foundation.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Johannes Nixdorf X-Mailer: b4 0.12.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1695111167; l=1565; i=jnixdorf-oss@avm.de; s=20230906; h=from:subject:message-id; bh=4WWlKNadMGkTnmL4PvXNuKsmDGQzVnZw8UxCfJCcdGo=; b=3HzsbfRG3KYhjoiwx/RBTjUfK2g+eK0Drdteo88S8c9J1zbRGXz4OWkMv4rEWPGO3oxFM69eM rnRUxWTpRKnD1uWCZGXa6BZiqvjxwL7gW+l8doEF/Z1HfVuyzdAN4D1 X-Developer-Key: i=jnixdorf-oss@avm.de; a=ed25519; pk=KMraV4q7ANHRrwjf9EVhvU346JsqGGNSbPKeNILOQfo= X-purgate-ID: 149429::1695125794-81FD3D8B-3590D177/0/0 X-purgate-type: clean X-purgate-size: 1567 X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de X-purgate: This mail is considered clean (visit http://www.eleven.de for further information) X-purgate: clean X-Spam-Status: No, score=0.2 required=5.0 tests=DATE_IN_PAST_03_06, DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Tue, 19 Sep 2023 05:18:24 -0700 (PDT) Add a Kconfig option to configure a default FDB learning limit system wide, so a distributor building a special purpose kernel can limit all created bridges by default. The limit is only a soft default setting and overrideable on a per bridge basis using netlink. Signed-off-by: Johannes Nixdorf --- net/bridge/Kconfig | 13 +++++++++++++ net/bridge/br_device.c | 2 ++ 2 files changed, 15 insertions(+) diff --git a/net/bridge/Kconfig b/net/bridge/Kconfig index 3c8ded7d3e84..c0d9c08088c4 100644 --- a/net/bridge/Kconfig +++ b/net/bridge/Kconfig @@ -84,3 +84,16 @@ config BRIDGE_CFM Say N to exclude this support and reduce the binary size. If unsure, say N. + +config BRIDGE_DEFAULT_FDB_MAX_LEARNED + int "Default FDB learning limit" + default 0 + depends on BRIDGE + help + Sets a default limit on the number of learned FDB entries on + new bridges. This limit can be overwritten via netlink on a + per bridge basis. + + The default of 0 disables the limit. + + If unsure, say 0. diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index 9a5ea06236bd..3214391c15a0 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -531,6 +531,8 @@ void br_dev_setup(struct net_device *dev) br->bridge_ageing_time = br->ageing_time = BR_DEFAULT_AGEING_TIME; dev->max_mtu = ETH_MAX_MTU; + br->fdb_max_learned = CONFIG_BRIDGE_DEFAULT_FDB_MAX_LEARNED; + br_netfilter_rtable_init(br); br_stp_timer_init(br); br_multicast_init(br); -- 2.42.0