[OpenWrt-Devel] [PATCH] [RFC] kernel: disable EAP local hack when using group_fwd_mask

Petr Štetiar ynezz at true.cz
Thu Aug 1 04:51:07 EDT 2019

Etienne Champetier <champetier.etienne at gmail.com> [2019-07-26 19:23:02]:


I've noticed your request for feedback on IRC.

> and 640-bridge-only-accept-EAP-locally.patch hack is there to prevent
> bridges from forwarding these EAP frames

it would be nice to know if this patch is still needed so we could possibly
remove[1] it from 4.19 kernel.

> -+	if (skb->protocol == htons(ETH_P_PAE))
> ++	if (skb->protocol == htons(ETH_P_PAE) && !(br->group_fwd_mask & (1u << 3)))
>  +		return br_pass_frame_up(skb);

This usage of magic numbers is usually a warn sign to me, so I went ahead and
read the surrounding code and it seems to me, that you probably wanted
something like this instead:

  u16 fwd_mask = p->br->group_fwd_mask_required;
  fwd_mask |= p->br->group_fwd_mask;
  const unsigned char *dest = eth_hdr(skb)->h_dest;

  if (skb->protocol == htons(ETH_P_PAE) && !(fwd_mask & (1u << dest[5])))
          return br_pass_frame_up(skb);

1. https://patchwork.ozlabs.org/patch/884518/

-- ynezz

openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list