lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20220314170645.0df5e5c9@dellmb>
Date:   Mon, 14 Mar 2022 17:06:45 +0100
From:   Marek Behún <kabel@...nel.org>
To:     Vladimir Oltean <vladimir.oltean@....com>
Cc:     Tobias Waldekranz <tobias@...dekranz.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        Andrew Lunn <andrew@...n.ch>,
        Jan Bětík <hagrid@...ne.us>
Subject: Re: [PATCH net] net: dsa: fix panic when port leaves a bridge

On Mon, 14 Mar 2022 15:45:33 +0000
Vladimir Oltean <vladimir.oltean@....com> wrote:

> On Mon, Mar 14, 2022 at 04:34:10PM +0100, Marek Behún wrote:
> > Fix a data structure breaking / NULL-pointer dereference in
> > dsa_switch_bridge_leave().
> > 
> > When a DSA port leaves a bridge, dsa_switch_bridge_leave() is called by
> > notifier for every DSA switch that contains ports that are in the
> > bridge.
> > 
> > But the part of the code that unsets vlan_filtering expects that the ds
> > argument refers to the same switch that contains the leaving port.
> > 
> > This leads to various problems, including a NULL pointer dereference,
> > which was observed on Turris MOX with 2 switches (one with 8 user ports
> > and another with 4 user ports).
> > 
> > Thus we need to move the vlan_filtering change code to the non-crosschip
> > branch.
> > 
> > Fixes: d371b7c92d190 ("net: dsa: Unset vlan_filtering when ports leave the bridge")
> > Reported-by: Jan Bětík <hagrid@...ne.us>
> > Signed-off-by: Marek Behún <kabel@...nel.org>
> > ---  
> 
> Ah, wait a minute, you're missing Tobias' patch
> https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=108dc8741c203e9d6ce4e973367f1bac20c7192b
> 
> What happened is that it was applied to "net-next" instead of "net",
> despite being correctly targeted.
> https://patchwork.kernel.org/project/netdevbpf/patch/20220124210944.3749235-3-tobias@waldekranz.com/
> Hmmm...

OK thx.

Marek

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ