lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 Feb 2019 14:30:11 -0800 From: Florian Fainelli <f.fainelli@...il.com> To: netdev@...r.kernel.org Cc: davem@...emloft.net, frank-w@...lic-files.de, Florian Fainelli <f.fainelli@...il.com>, Andrew Lunn <andrew@...n.ch>, Vivien Didelot <vivien.didelot@...oirfairelinux.com>, linux-kernel@...r.kernel.org (open list) Subject: [PATCH net v4.15..v4.19] net: dsa: Fix NPD checking for br_vlan_enabled() It is possible for the DSA slave network device not to be part of a bridge, yet have an upper device like a VLAN device be part of a bridge. When that VLAN device is enslaved, since it does not define any switchdev_ops, we will recurse down to the lower/physical port device, call switchdev_port_obj_add() with a VLAN, and here we will check br_vlan_enabled() on a NULL dp->bridge_dev, thus causing a NULL pointer de-reference. This is no longer a problem upstream after commit d17d9f5e5143 ("switchdev: Replace port obj add/del SDO with a notification"). Fixes: 2ea7a679ca2a ("net: dsa: Don't add vlans when vlan filtering is disabled") Reported-by: Frank Wunderlich <frank-w@...lic-files.de> Signed-off-by: Florian Fainelli <f.fainelli@...il.com> --- David, This affects v4.15..v4.19, but not v5.0-rc1 can you still queue this up for -stable? Thanks! net/dsa/port.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/dsa/port.c b/net/dsa/port.c index ed0595459df1..792a13068c50 100644 --- a/net/dsa/port.c +++ b/net/dsa/port.c @@ -255,7 +255,7 @@ int dsa_port_vlan_add(struct dsa_port *dp, if (netif_is_bridge_master(vlan->obj.orig_dev)) return -EOPNOTSUPP; - if (br_vlan_enabled(dp->bridge_dev)) + if (dp->bridge_dev && br_vlan_enabled(dp->bridge_dev)) return dsa_port_notify(dp, DSA_NOTIFIER_VLAN_ADD, &info); return 0; @@ -273,7 +273,7 @@ int dsa_port_vlan_del(struct dsa_port *dp, if (netif_is_bridge_master(vlan->obj.orig_dev)) return -EOPNOTSUPP; - if (br_vlan_enabled(dp->bridge_dev)) + if (dp->bridge_dev && br_vlan_enabled(dp->bridge_dev)) return dsa_port_notify(dp, DSA_NOTIFIER_VLAN_DEL, &info); return 0; -- 2.19.1
Powered by blists - more mailing lists