Revision - 3b2e290 - net: bridge: fix per-port af_packet sockets

Revision 3b2e2904deb314cc77a2192f506f2fd44e3d10d0 authored by Nikolay Aleksandrov on 11 April 2019, 10:56:39 UTC, committed by David S. Miller on 17 April 2019, 03:30:40 UTC

net: bridge: fix per-port af_packet sockets

When the commit below was introduced it changed two visible things:
 - the skb was no longer passed through the protocol handlers with the
   original device
 - the skb was passed up the stack with skb->dev = bridge

The first change broke af_packet sockets on bridge ports. For example we
use them for hostapd which listens for ETH_P_PAE packets on the ports.
We discussed two possible fixes:
 - create a clone and pass it through NF_HOOK(), act on the original skb
   based on the result
 - somehow signal to the caller from the okfn() that it was called,
   meaning the skb is ok to be passed, which this patch is trying to
   implement via returning 1 from the bridge link-local okfn()

Note that we rely on the fact that NF_QUEUE/STOLEN would return 0 and
drop/error would return < 0 thus the okfn() is called only when the
return was 1, so we signal to the caller that it was called by preserving
the return value from nf_hook().

Fixes: 8626c56c8279 ("bridge: fix potential use-after-free when hook returns QUEUE or STOLEN verdict")
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

1 parent 614c70f

Files
Changes

Permalinks

File	Mode	Size
include
Kconfig	-rw-r--r--	5.0 KB
Makefile	-rw-r--r--	1.8 KB
Makefile.boot	-rw-r--r--	87 bytes
ams-delta-fiq-handler.S	-rw-r--r--	8.6 KB
ams-delta-fiq.c	-rw-r--r--	6.6 KB
ams-delta-fiq.h	-rw-r--r--	1.1 KB
board-ams-delta.c	-rw-r--r--	23.8 KB
board-ams-delta.h	-rw-r--r--	1.7 KB
board-fsample.c	-rw-r--r--	8.6 KB
board-generic.c	-rw-r--r--	2.1 KB
board-h2-mmc.c	-rw-r--r--	1.8 KB
board-h2.c	-rw-r--r--	10.0 KB
board-h2.h	-rw-r--r--	1.5 KB
board-h3-mmc.c	-rw-r--r--	1.5 KB
board-h3.c	-rw-r--r--	10.5 KB
board-h3.h	-rw-r--r--	1.5 KB
board-htcherald.c	-rw-r--r--	17.0 KB
board-innovator.c	-rw-r--r--	11.3 KB
board-nand.c	-rw-r--r--	898 bytes
board-nokia770.c	-rw-r--r--	7.5 KB
board-osk.c	-rw-r--r--	16.1 KB
board-palmte.c	-rw-r--r--	6.5 KB
board-palmtt.c	-rw-r--r--	6.4 KB
board-palmz71.c	-rw-r--r--	7.2 KB
board-perseus2.c	-rw-r--r--	7.3 KB
board-sx1-mmc.c	-rw-r--r--	1.5 KB
board-sx1.c	-rw-r--r--	8.5 KB
board-sx1.h	-rw-r--r--	1.4 KB
camera.h	-rw-r--r--	328 bytes
clock.c	-rw-r--r--	22.1 KB
clock.h	-rw-r--r--	10.4 KB
clock_data.c	-rw-r--r--	26.3 KB
common.h	-rw-r--r--	2.8 KB
devices.c	-rw-r--r--	10.5 KB
dma.c	-rw-r--r--	10.7 KB
fb.c	-rw-r--r--	2.0 KB
flash.c	-rw-r--r--	585 bytes
flash.h	-rw-r--r--	401 bytes
fpga.c	-rw-r--r--	5.1 KB
fpga.h	-rw-r--r--	2.2 KB
gpio15xx.c	-rw-r--r--	3.1 KB
gpio16xx.c	-rw-r--r--	6.4 KB
gpio7xx.c	-rw-r--r--	6.5 KB
i2c.c	-rw-r--r--	4.5 KB
i2c.h	-rw-r--r--	1.4 KB
id.c	-rw-r--r--	6.3 KB
io.c	-rw-r--r--	3.8 KB
iomap.h	-rw-r--r--	1.5 KB
irq.c	-rw-r--r--	7.9 KB
lcd_dma.c	-rw-r--r--	10.6 KB
mcbsp.c	-rw-r--r--	8.6 KB
mmc.h	-rw-r--r--	523 bytes
mux.c	-rw-r--r--	21.4 KB
ocpi.c	-rw-r--r--	2.7 KB
opp.h	-rw-r--r--	719 bytes
opp_data.c	-rw-r--r--	2.1 KB
pm.c	-rw-r--r--	18.7 KB
pm.h	-rw-r--r--	8.9 KB
pm_bus.c	-rw-r--r--	1.0 KB
reset.c	-rw-r--r--	1.7 KB
serial.c	-rw-r--r--	6.1 KB
sleep.S	-rw-r--r--	9.1 KB
soc.h	-rw-r--r--	87 bytes
sram-init.c	-rw-r--r--	1.9 KB
sram.S	-rw-r--r--	1.5 KB
sram.h	-rw-r--r--	266 bytes
time.c	-rw-r--r--	6.4 KB
timer.c	-rw-r--r--	4.0 KB
timer32k.c	-rw-r--r--	5.6 KB
usb.c	-rw-r--r--	14.9 KB

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...