[Bridge] [PATCH net] net: bridge: fix dest lookup when vlan proto doesn't match
David Miller
davem at davemloft.net
Fri Jul 14 15:19:42 UTC 2017
From: Nikolay Aleksandrov <nikolay at cumulusnetworks.com>
Date: Thu, 13 Jul 2017 16:09:10 +0300
> With 802.1ad support the vlan_ingress code started checking for vlan
> protocol mismatch which causes the current tag to be inserted and the
> bridge vlan protocol & pvid to be set. The vlan tag insertion changes
> the skb mac_header and thus the lookup mac dest pointer which was loaded
> prior to calling br_allowed_ingress in br_handle_frame_finish is VLAN_HLEN
> bytes off now, pointing to the last two bytes of the destination mac and
> the first four of the source mac causing lookups to always fail and
> broadcasting all such packets to all ports. Same thing happens for locally
> originated packets when passing via br_dev_xmit. So load the dest pointer
> after the vlan checks and possible skb change.
>
> Fixes: 8580e2117c06 ("bridge: Prepare for 802.1ad vlan filtering support")
> Reported-by: Anitha Narasimha Murthy <anitha at cumulusnetworks.com>
> Signed-off-by: Nikolay Aleksandrov <nikolay at cumulusnetworks.com>
Applied.
More information about the Bridge
mailing list