Date: Mon, 1 Sep 2025 10:16:08 GMT From: Zhenlei Huang <zlei@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 9764aa1ccad0 - main - bridge: Fix adding gif(4) interface assigned with IP addresses as bridge memeber Message-ID: <202509011016.581AG84W075363@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by zlei: URL: https://cgit.FreeBSD.org/src/commit/?id=9764aa1ccad08a7ec53ed9b80741b9553f3fa4e6 commit 9764aa1ccad08a7ec53ed9b80741b9553f3fa4e6 Author: Zhenlei Huang <zlei@FreeBSD.org> AuthorDate: 2025-09-01 10:14:22 +0000 Commit: Zhenlei Huang <zlei@FreeBSD.org> CommitDate: 2025-09-01 10:14:22 +0000 bridge: Fix adding gif(4) interface assigned with IP addresses as bridge memeber and fix assigning IP addresses to the gif(4) interface when it is a member of a if_bridge(4) interface. When setting the sysctl net.link.bridge.member_ifaddrs to 1, if_bridge(4) can eliminate unnecessary walk of the member list to determine whether the inbound unicast packets are for us or not. Well when a gif(4) interface is member of a if_bridge(4) interface, it acts as the tunnel endpoint to tunnel Ethernet frames over IP network, aka the EtherIP protocol, so the IP addresses configured on it are independent of the if_bridge(4) interface or other if_bridge(4) members, hence the sysctl net.link.bridge.member_ifaddrs should not have any influnce over gif(4) interfaces's behavior of assigning IP addresses. PR: 227450 Reported by: Siva Mahadevan <me@svmhdvn.name> Reviewed by: ivy, #bridge MFC after: 1 week Fixes: 0a1294f6c610 bridge: allow IP addresses on members to be disabled Differential Revision: https://reviews.freebsd.org/D52200 --- sys/net/if_bridge.c | 6 +++--- sys/netinet/in.c | 4 ++-- sys/netinet6/in6.c | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index 66555fd1feb5..a854bbb96394 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -1447,10 +1447,10 @@ bridge_ioctl_add(struct bridge_softc *sc, void *arg) #endif /* - * If member_ifaddrs is disabled, do not allow an interface with - * assigned IP addresses to be added to a bridge. + * If member_ifaddrs is disabled, do not allow an Ethernet-like + * interface with assigned IP addresses to be added to a bridge. */ - if (!V_member_ifaddrs) { + if (!V_member_ifaddrs && ifs->if_type != IFT_GIF) { struct ifaddr *ifa; CK_STAILQ_FOREACH(ifa, &ifs->if_addrhead, ifa_link) { diff --git a/sys/netinet/in.c b/sys/netinet/in.c index 963449d4b4b1..0e283a7d099d 100644 --- a/sys/netinet/in.c +++ b/sys/netinet/in.c @@ -522,8 +522,8 @@ in_aifaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, struct ucred *cred /* * Check if bridge wants to allow adding addrs to member interfaces. */ - if (ifp->if_bridge && bridge_member_ifaddrs_p && - !bridge_member_ifaddrs_p()) + if (ifp->if_bridge != NULL && ifp->if_type != IFT_GIF && + bridge_member_ifaddrs_p != NULL && !bridge_member_ifaddrs_p()) return (EINVAL); /* diff --git a/sys/netinet6/in6.c b/sys/netinet6/in6.c index ce0655408a28..a9e6c4eaa51b 100644 --- a/sys/netinet6/in6.c +++ b/sys/netinet6/in6.c @@ -1236,8 +1236,8 @@ in6_addifaddr(struct ifnet *ifp, struct in6_aliasreq *ifra, struct in6_ifaddr *i int error; /* Check if this interface is a bridge member */ - if (ifp->if_bridge && bridge_member_ifaddrs_p && - !bridge_member_ifaddrs_p()) { + if (ifp->if_bridge != NULL && ifp->if_type != IFT_GIF && + bridge_member_ifaddrs_p != NULL && !bridge_member_ifaddrs_p()) { error = EINVAL; goto out; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202509011016.581AG84W075363>