leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2909946235
linux/net/bridge
History
wenxu 2909946235 netfilter: bridge: Fix non-untagged fragment packet 
ip netns exec ns1 ip a a dev eth0 10.0.0.7/24
ip netns exec ns2 ip link a link eth0 name vlan type vlan id 200
ip netns exec ns2 ip a a dev vlan 10.0.0.8/24

ip l add dev br0 type bridge vlan_filtering 1
brctl addif br0 veth1
brctl addif br0 veth2

bridge vlan add dev veth1 vid 200 pvid untagged
bridge vlan add dev veth2 vid 200

A two fragment packet sent from ns2 contains the vlan tag 200.  In the
bridge conntrack, this packet will defrag to one skb with fraglist.
When the packet is forwarded to ns1 through veth1, the first skb vlan
tag will be cleared by the "untagged" flags. But the vlan tag in the
second skb is still tagged, so the second fragment ends up with tag 200
to ns1. So if the first fragment packet doesn't contain the vlan tag,
all of the remain should not contain vlan tag.

Fixes: 3c171f496e ("netfilter: bridge: add connection tracking system")
Signed-off-by: wenxu <wenxu@ucloud.cn>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2019-06-21 17:21:12 +02:00
..
netfilter netfilter: bridge: Fix non-untagged fragment packet 2019-06-21 17:21:12 +02:00
br_arp_nd_proxy.c bridge: reduce size of input cb to 16 bytes 2019-04-12 01:47:27 +02:00
br_device.c netfilter: bridge: add connection tracking system 2019-05-30 14:18:18 -07:00
br_fdb.c rhashtable: use bit_spin_locks to protect hash bucket. 2019-04-07 19:12:12 -07:00
br_forward.c net: bridge: update multicast stats from maybe_deliver() 2019-04-04 10:49:27 -07:00
br_if.c bridge: Fix error path for kobject_init_and_add() 2019-05-10 15:05:08 -07:00
br_input.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-04-17 11:26:25 -07:00
br_ioctl.c net: bridge: add notifications for the bridge dev on vlan change 2017-11-02 15:53:40 +09:00
br_mdb.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
br_multicast.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-04-17 11:26:25 -07:00
br_netfilter_hooks.c netfilter: bridge: prevent UAF in brnf_exit_net() 2019-06-20 12:23:33 +02:00
br_netfilter_ipv6.c netfilter: bridge: port sysctls to use brnf_net 2019-06-17 16:36:30 +02:00
br_netlink_tunnel.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
br_netlink.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
br_nf_core.c xfrm: Move dst->path into struct xfrm_dst 2017-11-30 09:54:26 -05:00
br_private_stp.h
br_private_tunnel.h bridge: netlink: make setlink/dellink notifications more accurate 2017-10-29 11:03:43 +09:00
br_private.h netfilter: bridge: add connection tracking system 2019-05-30 14:18:18 -07:00
br_stp_bpdu.c net: introduce __skb_put_[zero, data, u8] 2017-06-20 13:30:14 -04:00
br_stp_if.c net: bridge: optimize backup_port fdb convergence 2019-04-04 17:39:47 -07:00
br_stp_timer.c net: bridge: Convert timers to use timer_setup() 2017-11-03 15:42:49 +09:00
br_stp.c net: bridge: add notifications for the bridge dev on vlan change 2017-11-02 15:53:40 +09:00
br_switchdev.c net: switchdev: Replace port attr set SDO with a notification 2019-02-27 12:39:56 -08:00
br_sysfs_br.c net: bridge: mark hash_elasticity as obsolete 2018-12-05 17:01:51 -08:00
br_sysfs_if.c net: bridge: remove redundant checks for null p->dev and p->br 2018-11-25 10:25:43 -08:00
br_vlan_tunnel.c rhashtable: use bit_spin_locks to protect hash bucket. 2019-04-07 19:12:12 -07:00
br_vlan.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
br.c bridge: Fix possible use-after-free when deleting bridge port 2019-04-22 22:17:47 -07:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00