diff options
author | Stephen Hemminger <shemminger@linux-foundation.org> | 2007-04-25 22:05:55 -0700 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2007-04-25 22:30:01 -0700 |
commit | 2111f8b9e58fd04b87b8b07d66485f255a57b0bb (patch) | |
tree | aaeb558abcc903e8d4960368e7a4650c4ef6f4e9 | |
parent | 83aa0938ff59e8ef6d0b99260063ebe84fc84a16 (diff) | |
download | kernel-crypto-2111f8b9e58fd04b87b8b07d66485f255a57b0bb.tar.gz kernel-crypto-2111f8b9e58fd04b87b8b07d66485f255a57b0bb.tar.xz kernel-crypto-2111f8b9e58fd04b87b8b07d66485f255a57b0bb.zip |
[BRIDGE]: drop PAUSE frames
Pause frames should never make it out of the network device into
the stack. But if a device was misconfigured, it might happen.
So drop pause frames in bridge.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | include/linux/if_ether.h | 1 | ||||
-rw-r--r-- | net/bridge/br_input.c | 7 |
2 files changed, 7 insertions, 1 deletions
diff --git a/include/linux/if_ether.h b/include/linux/if_ether.h index f6863fbcf33..1db774cf9dc 100644 --- a/include/linux/if_ether.h +++ b/include/linux/if_ether.h @@ -61,6 +61,7 @@ #define ETH_P_8021Q 0x8100 /* 802.1Q VLAN Extended Header */ #define ETH_P_IPX 0x8137 /* IPX over DIX */ #define ETH_P_IPV6 0x86DD /* IPv6 over bluebook */ +#define ETH_P_PAUSE 0x8808 /* IEEE Pause frames. See 802.3 31B */ #define ETH_P_SLOW 0x8809 /* Slow Protocol. See 802.3ad 43B */ #define ETH_P_WCCP 0x883E /* Web-cache coordination protocol * defined in draft-wilson-wrec-wccp-v2-00.txt */ diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c index 364e0ba4415..5662567c8ae 100644 --- a/net/bridge/br_input.c +++ b/net/bridge/br_input.c @@ -131,9 +131,14 @@ struct sk_buff *br_handle_frame(struct net_bridge_port *p, struct sk_buff *skb) if (!is_valid_ether_addr(eth_hdr(skb)->h_source)) goto drop; - if (unlikely(is_link_local(dest))) + if (unlikely(is_link_local(dest))) { + /* Pause frames shouldn't be passed up by driver anyway */ + if (skb->protocol == htons(ETH_P_PAUSE)) + goto drop; + return (NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_IN, skb, skb->dev, NULL, br_handle_local_finish) == 0) ? skb : NULL; + } switch (p->state) { case BR_STATE_FORWARDING: |