linux/net/bridge
Ido Schimmel 56fae404fb bridge: Fix incorrect re-injection of STP packets
Commit 8626c56c82 ("bridge: fix potential use-after-free when hook
returns QUEUE or STOLEN verdict") fixed incorrect usage of NF_HOOK's
return value by consuming packets in okfn via br_pass_frame_up().

However, this function re-injects packets to the Rx path with skb->dev
set to the bridge device, which breaks kernel's STP, as all STP packets
appear to originate from the bridge device itself.

Instead, if STP is enabled and bridge isn't a 802.1ad bridge, then learn
packet's SMAC and inject it back to the Rx path for further processing
by the packet handlers.

The patch also makes netfilter's behavior consistent with regards to
packets destined to the Bridge Group Address, as no hook registered at
LOCAL_IN will ever be called, regardless if STP is enabled or not.

Cc: Florian Westphal <fw@strlen.de>
Cc: Shmulik Ladkani <shmulik.ladkani@gmail.com>
Cc: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>
Fixes: 8626c56c82 ("bridge: fix potential use-after-free when hook returns QUEUE or STOLEN verdict")
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-06-10 22:41:58 -07:00
..
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-04-23 18:51:33 -04:00
br_device.c bridge: fix lockdep addr_list_lock false positive splat 2016-01-15 15:40:45 -05:00
br_fdb.c bridge: Don't insert unnecessary local fdb entry on changing mac address 2016-06-08 00:31:38 -07:00
br_forward.c net: remove skb_sender_cpu_clear() 2016-03-01 17:36:47 -05:00
br_if.c bridge: update max_gso_segs and max_gso_size 2016-03-21 13:35:56 -04:00
br_input.c bridge: Fix incorrect re-injection of STP packets 2016-06-10 22:41:58 -07:00
br_ioctl.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-05-09 15:59:24 -04:00
br_mdb.c bridge: mdb: Marking port-group as offloaded 2016-04-24 14:23:32 -04:00
br_multicast.c bridge: fix igmp / mld query parsing 2016-05-06 12:55:13 -04:00
br_netfilter_hooks.c net: rename IP_INC_STATS_BH() 2016-04-27 22:48:23 -04:00
br_netfilter_ipv6.c ipv6: rename IP6_INC_STATS_BH() 2016-04-27 22:48:24 -04:00
br_netlink.c bridge: netlink: export per-vlan stats 2016-05-02 22:27:06 -04:00
br_nf_core.c net: Remove protocol from struct dst_ops 2015-03-09 16:06:10 -04:00
br_private_stp.h net: 8021q/bluetooth/bridge/can/ceph: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
br_private.h bridge: netlink: export per-vlan stats 2016-05-02 22:27:06 -04:00
br_stp_bpdu.c netfilter: Pass net into okfn 2015-09-17 17:18:37 -07:00
br_stp_if.c net: bridge: log port STP state on change 2016-02-18 14:20:08 -05:00
br_stp_timer.c net: bridge: log port STP state on change 2016-02-18 14:20:08 -05:00
br_stp.c bridge: Allow set bridge ageing time when switchdev disabled 2016-03-30 15:38:13 -04:00
br_sysfs_br.c bridge: vlan: learn to count 2016-05-02 22:27:06 -04:00
br_sysfs_if.c bridge: a netlink notification should be sent when those attributes are changed by br_sysfs_if 2016-04-13 22:42:33 -04:00
br_vlan.c bridge: netlink: export per-vlan stats 2016-05-02 22:27:06 -04:00
br.c switchdev: Require RTNL mutex to be held when sending FDB notifications 2016-01-28 16:21:31 -08:00
Kconfig
Makefile netfilter: bridge: split ipv6 code into separated file 2015-06-18 21:14:21 +02:00