On 2022-09-11 02:13, Vladimir Oltean wrote:

On Fri, Sep 09, 2022 at 03:11:56PM +0200, netdev@kapio-technology.com 
wrote:

quoted

quoted

quoted

quoted

On Wed, Sep 07, 2022 at 11:10:07PM +0200, netdev@kapio-technology.com wrote:

quoted

I am at the blackhole driver implementation now, as I suppose that the
iproute2 command should work with the mv88e6xxx driver when adding blackhole
entries (with a added selftest)?
I decided to add the blackhole feature as new ops for drivers with functions
blackhole_fdb_add() and blackhole_fdb_del(). Do you agree with that approach?

I assume you are talking about extending 'dsa_switch_ops'?

Yes, that is the idea.

quoted

If so, it's up to the DSA maintainers to decide.

What will be the usefulness of adding a blackhole FDB entry from user
space?

With the software bridge it could be used to signal a untrusted host 
in
connection with a locked port entry attempt. I don't see so much use 
other
that test purposes with the driver though.

Not a huge selling point, to be honest. Can't the blackhole flag remain
settable only in the device -> bridge direction, with user space just
reading it?

That is possible, but it would of course not make sense to have 
selftests of the feature as that would not work unless there is a driver 
with this capability (now just mv88e6xxx).