diff options
| author | Jakub Kicinski <kuba@kernel.org> | 2023-04-21 01:27:33 +0200 |
|---|---|---|
| committer | Jakub Kicinski <kuba@kernel.org> | 2023-04-21 01:29:51 +0200 |
| commit | 681c5b51dc6b8ff1ec05555243eccf64a08cb2fd (patch) | |
| tree | 713e0523bc617cbda9ff930568dd2341907b87b8 /net/bridge | |
| parent | net: libwx: fix memory leak in wx_setup_rx_resources (diff) | |
| parent | wifi: ath9k: Don't mark channelmap stack variable read-only in ath9k_mci_upda... (diff) | |
| download | linux-681c5b51dc6b8ff1ec05555243eccf64a08cb2fd.tar.xz linux-681c5b51dc6b8ff1ec05555243eccf64a08cb2fd.zip | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
Adjacent changes:
net/mptcp/protocol.h
63740448a32e ("mptcp: fix accept vs worker race")
2a6a870e44dd ("mptcp: stops worker on unaccepted sockets at listener close")
ddb1a072f858 ("mptcp: move first subflow allocation at mpc access time")
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'net/bridge')
| -rw-r--r-- | net/bridge/br_netfilter_hooks.c | 17 | ||||
| -rw-r--r-- | net/bridge/br_switchdev.c | 11 |
2 files changed, 22 insertions, 6 deletions
diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c index 3e3065bc0465..1a801fab9543 100644 --- a/net/bridge/br_netfilter_hooks.c +++ b/net/bridge/br_netfilter_hooks.c @@ -869,12 +869,17 @@ static unsigned int ip_sabotage_in(void *priv, { struct nf_bridge_info *nf_bridge = nf_bridge_info_get(skb); - if (nf_bridge && !nf_bridge->in_prerouting && - !netif_is_l3_master(skb->dev) && - !netif_is_l3_slave(skb->dev)) { - nf_bridge_info_free(skb); - state->okfn(state->net, state->sk, skb); - return NF_STOLEN; + if (nf_bridge) { + if (nf_bridge->sabotage_in_done) + return NF_ACCEPT; + + if (!nf_bridge->in_prerouting && + !netif_is_l3_master(skb->dev) && + !netif_is_l3_slave(skb->dev)) { + nf_bridge->sabotage_in_done = 1; + state->okfn(state->net, state->sk, skb); + return NF_STOLEN; + } } return NF_ACCEPT; diff --git a/net/bridge/br_switchdev.c b/net/bridge/br_switchdev.c index de18e9c1d7a7..ba95c4d74a60 100644 --- a/net/bridge/br_switchdev.c +++ b/net/bridge/br_switchdev.c @@ -148,6 +148,17 @@ br_switchdev_fdb_notify(struct net_bridge *br, if (test_bit(BR_FDB_LOCKED, &fdb->flags)) return; + /* Entries with these flags were created using ndm_state == NUD_REACHABLE, + * ndm_flags == NTF_MASTER( | NTF_STICKY), ext_flags == 0 by something + * equivalent to 'bridge fdb add ... master dynamic (sticky)'. + * Drivers don't know how to deal with these, so don't notify them to + * avoid confusing them. + */ + if (test_bit(BR_FDB_ADDED_BY_USER, &fdb->flags) && + !test_bit(BR_FDB_STATIC, &fdb->flags) && + !test_bit(BR_FDB_ADDED_BY_EXT_LEARN, &fdb->flags)) + return; + br_switchdev_fdb_populate(br, &item, fdb, NULL); switch (type) { |