summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2015-11-17 20:38:36 +0100
committerDavid S. Miller <davem@davemloft.net>2015-11-17 20:38:36 +0100
commiteb3f8b42aaba19325eff7e99842ca36429a0a3b8 (patch)
treed7eeee0f1222b51aa0803ab2c50fd0eabfaa2fa5
parentvia-velocity: unconditionally drop frames with bad l2 length (diff)
parentvlan: Do not put vlan headers back on bridge and macvlan ports (diff)
downloadlinux-eb3f8b42aaba19325eff7e99842ca36429a0a3b8.tar.xz
linux-eb3f8b42aaba19325eff7e99842ca36429a0a3b8.zip
Merge branch 'vlan-reorder'
Vladislav Yasevich says: ==================== Fix issues with vlans without REORDER_HEADER A while ago Phil Sutter brought up an issue with vlans without REORDER_HEADER and bridges. The problem was that if a vlan without REORDER_HEADER was a port in the bridge, the bridge ended up forwarding corrupted packets that still contained the vlan header. The same issue exists for bridge mode macvlan/macvtap devices. An additional issue with vlans without REORDER_HEADER is that stacking them also doesn't work. The reason here is that skb_reorder_vlan_header() function assumes that it on ETH_HLEN bytes deep into the packet. That is not the case, when you a vlan without REORRDER_HEADER flag set. This series attempts to correct these 2 issues. 1) To solve the stacked vlans problem, the patch simply use skb->mac_len as an offset to start copying mac addresses that is part of header reordering. 2) To fix the issue with bridge/macvlan/macvtap, the second patch simply doesn't write the vlan header back to the packet if the vlan device is either a bridge or a macvlan port. This ends up being the simplest and least performance intrussive solution. I've considered extending patch 2 to all stacked devices (essentially checked for the presense of rx_handler), but that feels like a broader restriction and _may_ break existing uses. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--include/linux/netdevice.h5
-rw-r--r--net/8021q/vlan_core.c4
-rw-r--r--net/core/skbuff.c3
3 files changed, 10 insertions, 2 deletions
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index cc221b967687..67bfac1abfc1 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -3857,6 +3857,11 @@ static inline bool netif_is_bridge_master(const struct net_device *dev)
return dev->priv_flags & IFF_EBRIDGE;
}
+static inline bool netif_is_bridge_port(const struct net_device *dev)
+{
+ return dev->priv_flags & IFF_BRIDGE_PORT;
+}
+
static inline bool netif_is_ovs_master(const struct net_device *dev)
{
return dev->priv_flags & IFF_OPENVSWITCH;
diff --git a/net/8021q/vlan_core.c b/net/8021q/vlan_core.c
index 496b27588493..e2ed69850489 100644
--- a/net/8021q/vlan_core.c
+++ b/net/8021q/vlan_core.c
@@ -30,7 +30,9 @@ bool vlan_do_receive(struct sk_buff **skbp)
skb->pkt_type = PACKET_HOST;
}
- if (!(vlan_dev_priv(vlan_dev)->flags & VLAN_FLAG_REORDER_HDR)) {
+ if (!(vlan_dev_priv(vlan_dev)->flags & VLAN_FLAG_REORDER_HDR) &&
+ !netif_is_macvlan_port(vlan_dev) &&
+ !netif_is_bridge_port(vlan_dev)) {
unsigned int offset = skb->data - skb_mac_header(skb);
/*
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index aa41e6dd6429..152b9c70e252 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -4268,7 +4268,8 @@ static struct sk_buff *skb_reorder_vlan_header(struct sk_buff *skb)
return NULL;
}
- memmove(skb->data - ETH_HLEN, skb->data - VLAN_ETH_HLEN, 2 * ETH_ALEN);
+ memmove(skb->data - ETH_HLEN, skb->data - skb->mac_len,
+ 2 * ETH_ALEN);
skb->mac_header += VLAN_HLEN;
return skb;
}