lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20220314174700.56feb3da@dellmb>
Date:   Mon, 14 Mar 2022 17:47:00 +0100
From:   Marek Behún <kabel@...nel.org>
To:     Tobias Waldekranz <tobias@...dekranz.com>
Cc:     Vladimir Oltean <vladimir.oltean@....com>, netdev@...r.kernel.org,
        Andrew Lunn <andrew@...n.ch>,
        Jan Bětík <hagrid@...ne.us>
Subject: Re: [PATCH net] net: dsa: fix panic when port leaves a bridge

On Mon, 14 Mar 2022 16:48:47 +0100
Tobias Waldekranz <tobias@...dekranz.com> wrote:

> On Mon, Mar 14, 2022 at 16:34, Marek Behún <kabel@...nel.org> wrote:
> > Fix a data structure breaking / NULL-pointer dereference in
> > dsa_switch_bridge_leave().
> >
> > When a DSA port leaves a bridge, dsa_switch_bridge_leave() is called by
> > notifier for every DSA switch that contains ports that are in the
> > bridge.
> >
> > But the part of the code that unsets vlan_filtering expects that the ds
> > argument refers to the same switch that contains the leaving port.
> >
> > This leads to various problems, including a NULL pointer dereference,
> > which was observed on Turris MOX with 2 switches (one with 8 user ports
> > and another with 4 user ports).
> >
> > Thus we need to move the vlan_filtering change code to the non-crosschip
> > branch.
> >
> > Fixes: d371b7c92d190 ("net: dsa: Unset vlan_filtering when ports leave the bridge")
> > Reported-by: Jan Bětík <hagrid@...ne.us>
> > Signed-off-by: Marek Behún <kabel@...nel.org>
> > ---  
> 
> Hi Marek,
> 
> I ran into the same issue a while back and fixed it (or at least thought
> I did) in 108dc8741c20. Has that been applied to your tree? Maybe I
> missed some tag that caused it to not be back-ported?

Tobias, I can backport these patches to 5.4+ stable. Or have you
already prepared backports?

Marek

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ