diff options
author | Tobias Waldekranz <tobias@waldekranz.com> | 2022-01-24 22:09:44 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2022-01-25 11:45:39 +0000 |
commit | 108dc8741c203e9d6ce4e973367f1bac20c7192b (patch) | |
tree | c5a76c79c11f457ac3822fcf5b7afdf7a558da68 /net | |
parent | 381a730182f1d174e1950cd4e63e885b1c302051 (diff) |
net: dsa: Avoid cross-chip syncing of VLAN filtering
Changes to VLAN filtering are not applicable to cross-chip
notifications.
On a system like this:
.-----. .-----. .-----.
| sw1 +---+ sw2 +---+ sw3 |
'-1-2-' '-1-2-' '-1-2-'
Before this change, upon sw1p1 leaving a bridge, a call to
dsa_port_vlan_filtering would also be made to sw2p1 and sw3p1.
In this scenario:
.---------. .-----. .-----.
| sw1 +---+ sw2 +---+ sw3 |
'-1-2-3-4-' '-1-2-' '-1-2-'
When sw1p4 would leave a bridge, dsa_port_vlan_filtering would be
called for sw2 and sw3 with a non-existing port - leading to array
out-of-bounds accesses and crashes on mv88e6xxx.
Fixes: d371b7c92d19 ("net: dsa: Unset vlan_filtering when ports leave the bridge")
Signed-off-by: Tobias Waldekranz <tobias@waldekranz.com>
Reviewed-by: Vladimir Oltean <olteanv@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/dsa/switch.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/net/dsa/switch.c b/net/dsa/switch.c index 9f9b70d6070a..517cc83d13cc 100644 --- a/net/dsa/switch.c +++ b/net/dsa/switch.c @@ -180,9 +180,11 @@ static int dsa_switch_bridge_leave(struct dsa_switch *ds, info->sw_index, info->port, info->bridge); - err = dsa_switch_sync_vlan_filtering(ds, info); - if (err) - return err; + if (ds->dst->index == info->tree_index && ds->index == info->sw_index) { + err = dsa_switch_sync_vlan_filtering(ds, info); + if (err) + return err; + } return dsa_tag_8021q_bridge_leave(ds, info); } |