mirror of https://github.com/hak5/openwrt.git
kernel: bridge: backport two snooping related patches
With this patch the following two patches are backported: * bridge: fix parsing of MLDv2 reports * bridge: allow setting hash_max + multicast_router if interface is down The former one is an important fix which got just applied to the net-tree and is queued for stable. The latter is a patch which is needed to make the hash_max and multicast_router attributes configurable through netifd. Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue> SVN-Revision: 45783lede-17.01
parent
e814e946a6
commit
388404764d
|
@ -0,0 +1,58 @@
|
|||
From 1430a5975e1a5f249875faab7fd35b915a8d2397 Mon Sep 17 00:00:00 2001
|
||||
From: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
|
||||
Date: Fri, 22 May 2015 12:18:59 -0300
|
||||
Subject: [PATCH] bridge: fix parsing of MLDv2 reports
|
||||
|
||||
When more than a multicast address is present in a MLDv2 report, all but
|
||||
the first address is ignored, because the code breaks out of the loop if
|
||||
there has not been an error adding that address.
|
||||
|
||||
This has caused failures when two guests connected through the bridge
|
||||
tried to communicate using IPv6. Neighbor discoveries would not be
|
||||
transmitted to the other guest when both used a link-local address and a
|
||||
static address.
|
||||
|
||||
This only happens when there is a MLDv2 querier in the network.
|
||||
|
||||
The fix will only break out of the loop when there is a failure adding a
|
||||
multicast address.
|
||||
|
||||
The mdb before the patch:
|
||||
|
||||
dev ovirtmgmt port vnet0 grp ff02::1:ff7d:6603 temp
|
||||
dev ovirtmgmt port vnet1 grp ff02::1:ff7d:6604 temp
|
||||
dev ovirtmgmt port bond0.86 grp ff02::2 temp
|
||||
|
||||
After the patch:
|
||||
|
||||
dev ovirtmgmt port vnet0 grp ff02::1:ff7d:6603 temp
|
||||
dev ovirtmgmt port vnet1 grp ff02::1:ff7d:6604 temp
|
||||
dev ovirtmgmt port bond0.86 grp ff02::fb temp
|
||||
dev ovirtmgmt port bond0.86 grp ff02::2 temp
|
||||
dev ovirtmgmt port bond0.86 grp ff02::d temp
|
||||
dev ovirtmgmt port vnet0 grp ff02::1:ff00:76 temp
|
||||
dev ovirtmgmt port bond0.86 grp ff02::16 temp
|
||||
dev ovirtmgmt port vnet1 grp ff02::1:ff00:77 temp
|
||||
dev ovirtmgmt port bond0.86 grp ff02::1:ff00:def temp
|
||||
dev ovirtmgmt port bond0.86 grp ff02::1:ffa1:40bf temp
|
||||
|
||||
Fixes: 08b202b67264 ("bridge br_multicast: IPv6 MLD support.")
|
||||
Reported-by: Rik Theys <Rik.Theys@esat.kuleuven.be>
|
||||
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
|
||||
Tested-by: Rik Theys <Rik.Theys@esat.kuleuven.be>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/bridge/br_multicast.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- a/net/bridge/br_multicast.c
|
||||
+++ b/net/bridge/br_multicast.c
|
||||
@@ -1071,7 +1071,7 @@ static int br_ip6_multicast_mld2_report(
|
||||
|
||||
err = br_ip6_multicast_add_group(br, port, &grec->grec_mca,
|
||||
vid);
|
||||
- if (!err)
|
||||
+ if (err)
|
||||
break;
|
||||
}
|
||||
|
|
@ -0,0 +1,99 @@
|
|||
From 6ae4ae8e512bd229f806c22f8a2cd751e4f987c2 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Linus=20L=C3=BCssing?= <linus.luessing@c0d3.blue>
|
||||
Date: Sat, 23 May 2015 03:12:34 +0200
|
||||
Subject: [PATCH] bridge: allow setting hash_max + multicast_router if
|
||||
interface is down
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Network managers like netifd (used in OpenWRT for instance) try to
|
||||
configure interface options after creation but before setting the
|
||||
interface up.
|
||||
|
||||
Unfortunately the sysfs / bridge currently only allows to configure the
|
||||
hash_max and multicast_router options when the bridge interface is up.
|
||||
But since br_multicast_init() doesn't start any timers and only sets
|
||||
default values and initializes timers it should be save to reconfigure
|
||||
the default values after that, before things actually get active after
|
||||
the bridge is set up.
|
||||
|
||||
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
net/bridge/br_multicast.c | 24 +++---------------------
|
||||
1 file changed, 3 insertions(+), 21 deletions(-)
|
||||
|
||||
--- a/net/bridge/br_multicast.c
|
||||
+++ b/net/bridge/br_multicast.c
|
||||
@@ -1949,11 +1949,9 @@ out:
|
||||
|
||||
int br_multicast_set_router(struct net_bridge *br, unsigned long val)
|
||||
{
|
||||
- int err = -ENOENT;
|
||||
+ int err = -EINVAL;
|
||||
|
||||
spin_lock_bh(&br->multicast_lock);
|
||||
- if (!netif_running(br->dev))
|
||||
- goto unlock;
|
||||
|
||||
switch (val) {
|
||||
case 0:
|
||||
@@ -1964,13 +1962,8 @@ int br_multicast_set_router(struct net_b
|
||||
br->multicast_router = val;
|
||||
err = 0;
|
||||
break;
|
||||
-
|
||||
- default:
|
||||
- err = -EINVAL;
|
||||
- break;
|
||||
}
|
||||
|
||||
-unlock:
|
||||
spin_unlock_bh(&br->multicast_lock);
|
||||
|
||||
return err;
|
||||
@@ -1979,11 +1972,9 @@ unlock:
|
||||
int br_multicast_set_port_router(struct net_bridge_port *p, unsigned long val)
|
||||
{
|
||||
struct net_bridge *br = p->br;
|
||||
- int err = -ENOENT;
|
||||
+ int err = -EINVAL;
|
||||
|
||||
spin_lock(&br->multicast_lock);
|
||||
- if (!netif_running(br->dev) || p->state == BR_STATE_DISABLED)
|
||||
- goto unlock;
|
||||
|
||||
switch (val) {
|
||||
case 0:
|
||||
@@ -2005,13 +1996,8 @@ int br_multicast_set_port_router(struct
|
||||
|
||||
br_multicast_add_router(br, p);
|
||||
break;
|
||||
-
|
||||
- default:
|
||||
- err = -EINVAL;
|
||||
- break;
|
||||
}
|
||||
|
||||
-unlock:
|
||||
spin_unlock(&br->multicast_lock);
|
||||
|
||||
return err;
|
||||
@@ -2116,15 +2102,11 @@ unlock:
|
||||
|
||||
int br_multicast_set_hash_max(struct net_bridge *br, unsigned long val)
|
||||
{
|
||||
- int err = -ENOENT;
|
||||
+ int err = -EINVAL;
|
||||
u32 old;
|
||||
struct net_bridge_mdb_htable *mdb;
|
||||
|
||||
spin_lock_bh(&br->multicast_lock);
|
||||
- if (!netif_running(br->dev))
|
||||
- goto unlock;
|
||||
-
|
||||
- err = -EINVAL;
|
||||
if (!is_power_of_2(val))
|
||||
goto unlock;
|
||||
|
|
@ -130,7 +130,7 @@
|
|||
err = br_ip6_multicast_add_group(br, port, &grec->grec_mca,
|
||||
- vid);
|
||||
+ vid, src);
|
||||
if (!err)
|
||||
if (err)
|
||||
break;
|
||||
}
|
||||
@@ -1407,7 +1434,8 @@ br_multicast_leave_group(struct net_brid
|
||||
|
|
Loading…
Reference in New Issue