net: bridge: allow add/remove permanent mdb entries on disabled ports
authorCasper Andersson <casper.casan@gmail.com>
Tue, 14 Jun 2022 06:32:23 +0000 (08:32 +0200)
committerDavid S. Miller <davem@davemloft.net>
Wed, 15 Jun 2022 08:35:21 +0000 (09:35 +0100)
Adding mdb entries on disabled ports allows you to do setup before
accepting any traffic, avoiding any time where the port is not in the
multicast group.

Signed-off-by: Casper Andersson <casper.casan@gmail.com>
Acked-by: Nikolay Aleksandrov <razor@blackwall.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/bridge/br_mdb.c

index fdcc641fc89a3f2b39ad7c87ad6058bbedf6667b..589ff497d50c529433e2c765424eb90e97e8f1e8 100644 (file)
@@ -1025,8 +1025,8 @@ static int br_mdb_add(struct sk_buff *skb, struct nlmsghdr *nlh,
                        NL_SET_ERR_MSG_MOD(extack, "Port belongs to a different bridge device");
                        return -EINVAL;
                }
-               if (p->state == BR_STATE_DISABLED) {
-                       NL_SET_ERR_MSG_MOD(extack, "Port is in disabled state");
+               if (p->state == BR_STATE_DISABLED && entry->state != MDB_PERMANENT) {
+                       NL_SET_ERR_MSG_MOD(extack, "Port is in disabled state and entry is not permanent");
                        return -EINVAL;
                }
                vg = nbp_vlan_group(p);
@@ -1086,9 +1086,6 @@ static int __br_mdb_del(struct net_bridge *br, struct br_mdb_entry *entry,
                if (!p->key.port || p->key.port->dev->ifindex != entry->ifindex)
                        continue;
 
-               if (p->key.port->state == BR_STATE_DISABLED)
-                       goto unlock;
-
                br_multicast_del_pg(mp, p, pp);
                err = 0;
                break;
@@ -1124,8 +1121,14 @@ static int br_mdb_del(struct sk_buff *skb, struct nlmsghdr *nlh,
                        return -ENODEV;
 
                p = br_port_get_rtnl(pdev);
-               if (!p || p->br != br || p->state == BR_STATE_DISABLED)
+               if (!p) {
+                       NL_SET_ERR_MSG_MOD(extack, "Net device is not a bridge port");
+                       return -EINVAL;
+               }
+               if (p->br != br) {
+                       NL_SET_ERR_MSG_MOD(extack, "Port belongs to a different bridge device");
                        return -EINVAL;
+               }
                vg = nbp_vlan_group(p);
        } else {
                vg = br_vlan_group(br);