[Bridge] [PATCH net] net: bridge: fix dest lookup when vlan proto doesn't match
Toshiaki Makita
makita.toshiaki at lab.ntt.co.jp
Fri Jul 14 01:02:33 UTC 2017
On 2017/07/13 22:09, Nikolay Aleksandrov wrote:
> With 802.1ad support the vlan_ingress code started checking for vlan
> protocol mismatch which causes the current tag to be inserted and the
> bridge vlan protocol & pvid to be set. The vlan tag insertion changes
> the skb mac_header and thus the lookup mac dest pointer which was loaded
> prior to calling br_allowed_ingress in br_handle_frame_finish is VLAN_HLEN
> bytes off now, pointing to the last two bytes of the destination mac and
> the first four of the source mac causing lookups to always fail and
> broadcasting all such packets to all ports. Same thing happens for locally
> originated packets when passing via br_dev_xmit. So load the dest pointer
> after the vlan checks and possible skb change.
>
> Fixes: 8580e2117c06 ("bridge: Prepare for 802.1ad vlan filtering support")
> Reported-by: Anitha Narasimha Murthy <anitha at cumulusnetworks.com>
> Signed-off-by: Nikolay Aleksandrov <nikolay at cumulusnetworks.com>
Oops. Thank you for fixing it.
Acked-by: Toshiaki Makita <makita.toshiaki at lab.ntt.co.jp>
More information about the Bridge
mailing list