linux_dsm_epyc7002/net/bridge
Nikolay Aleksandrov 31a4562d74 net: bridge: fix dest lookup when vlan proto doesn't match
With 802.1ad support the vlan_ingress code started checking for vlan
protocol mismatch which causes the current tag to be inserted and the
bridge vlan protocol & pvid to be set. The vlan tag insertion changes
the skb mac_header and thus the lookup mac dest pointer which was loaded
prior to calling br_allowed_ingress in br_handle_frame_finish is VLAN_HLEN
bytes off now, pointing to the last two bytes of the destination mac and
the first four of the source mac causing lookups to always fail and
broadcasting all such packets to all ports. Same thing happens for locally
originated packets when passing via br_dev_xmit. So load the dest pointer
after the vlan checks and possible skb change.

Fixes: 8580e2117c ("bridge: Prepare for 802.1ad vlan filtering support")
Reported-by: Anitha Narasimha Murthy <anitha@cumulusnetworks.com>
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Acked-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-14 08:19:23 -07:00
..
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2017-07-06 14:02:22 +01:00
br_device.c net: bridge: fix dest lookup when vlan proto doesn't match 2017-07-14 08:19:23 -07:00
br_fdb.c
br_forward.c
br_if.c
br_input.c net: bridge: fix dest lookup when vlan proto doesn't match 2017-07-14 08:19:23 -07:00
br_ioctl.c
br_mdb.c bridge: mdb: fix leak on complete_info ptr on fail path 2017-07-11 20:01:39 -07:00
br_multicast.c
br_netfilter_hooks.c
br_netfilter_ipv6.c
br_netlink_tunnel.c
br_netlink.c
br_nf_core.c
br_private_stp.h
br_private_tunnel.h
br_private.h
br_stp_bpdu.c
br_stp_if.c
br_stp_timer.c
br_stp.c
br_switchdev.c
br_sysfs_br.c
br_sysfs_if.c
br_vlan_tunnel.c
br_vlan.c
br.c
Kconfig
Makefile