| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Mar 2022 15:45:33 +0000
From: Vladimir Oltean <vladimir.oltean@....com>
To: Marek Behún <kabel@...nel.org>
CC: Tobias Waldekranz <tobias@...dekranz.com>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
Andrew Lunn <andrew@...n.ch>,
Jan Bětík <hagrid@...ne.us>
Subject: Re: [PATCH net] net: dsa: fix panic when port leaves a bridge
On Mon, Mar 14, 2022 at 04:34:10PM +0100, Marek Behún wrote:
> Fix a data structure breaking / NULL-pointer dereference in
> dsa_switch_bridge_leave().
>
> When a DSA port leaves a bridge, dsa_switch_bridge_leave() is called by
> notifier for every DSA switch that contains ports that are in the
> bridge.
>
> But the part of the code that unsets vlan_filtering expects that the ds
> argument refers to the same switch that contains the leaving port.
>
> This leads to various problems, including a NULL pointer dereference,
> which was observed on Turris MOX with 2 switches (one with 8 user ports
> and another with 4 user ports).
>
> Thus we need to move the vlan_filtering change code to the non-crosschip
> branch.
>
> Fixes: d371b7c92d190 ("net: dsa: Unset vlan_filtering when ports leave the bridge")
> Reported-by: Jan Bětík <hagrid@...ne.us>
> Signed-off-by: Marek Behún <kabel@...nel.org>
> ---
Ah, wait a minute, you're missing Tobias' patch
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=108dc8741c203e9d6ce4e973367f1bac20c7192b
What happened is that it was applied to "net-next" instead of "net",
despite being correctly targeted.
https://patchwork.kernel.org/project/netdevbpf/patch/20220124210944.3749235-3-tobias@waldekranz.com/
Hmmm...
Powered by blists - more mailing lists