diff options
| author | Josh Boyer <jwboyer@redhat.com> | 2011-10-25 13:52:02 -0400 |
|---|---|---|
| committer | Josh Boyer <jwboyer@redhat.com> | 2011-10-25 13:52:02 -0400 |
| commit | 78ef95d1929b11d2bf2fd082a4106e7597415f30 (patch) | |
| tree | 7adfda48043ba1f98b50c6e7808beeb2bf0f79fa /be2net-non-member-vlan-pkts-not-received-in-promisco.patch | |
| parent | 158212310892f03adfb47f54ae3464d5c5cfe943 (diff) | |
| download | kernel-78ef95d1929b11d2bf2fd082a4106e7597415f30.tar.gz kernel-78ef95d1929b11d2bf2fd082a4106e7597415f30.tar.xz kernel-78ef95d1929b11d2bf2fd082a4106e7597415f30.zip | |
CVE-2011-3347: be2net: promiscuous mode and non-member VLAN packets DoS
(rhbz 748691)
Diffstat (limited to 'be2net-non-member-vlan-pkts-not-received-in-promisco.patch')
| -rw-r--r-- | be2net-non-member-vlan-pkts-not-received-in-promisco.patch | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/be2net-non-member-vlan-pkts-not-received-in-promisco.patch b/be2net-non-member-vlan-pkts-not-received-in-promisco.patch new file mode 100644 index 000000000..866473efd --- /dev/null +++ b/be2net-non-member-vlan-pkts-not-received-in-promisco.patch @@ -0,0 +1,63 @@ +From c0e64ef4899df4cedc872871e54e2c069d29e519 Mon Sep 17 00:00:00 2001 +From: Sathya Perla <sathya.perla@emulex.com> +Date: Tue, 2 Aug 2011 19:57:43 +0000 +Subject: [PATCH] be2net: non-member vlan pkts not received in promiscous mode + +While configuring promiscous mode, explicitly set the +VLAN_PROMISCOUS bit to make this happen. When switching off +promiscous mode, re-program the vids. + +Signed-off-by: Xavier Selvin <xavier.selvin@emulex.com> +Signed-off-by: Sathya Perla <sathya.perla@emulex.com> +Signed-off-by: David S. Miller <davem@davemloft.net> +--- + drivers/net/benet/be_cmds.c | 6 ++++-- + drivers/net/benet/be_main.c | 7 +++++++ + 2 files changed, 11 insertions(+), 2 deletions(-) + +diff --git a/drivers/net/benet/be_cmds.c b/drivers/net/benet/be_cmds.c +index 1c25dbd..73fd949 100644 +--- a/drivers/net/benet/be_cmds.c ++++ b/drivers/net/benet/be_cmds.c +@@ -1586,9 +1586,11 @@ int be_cmd_promiscuous_config(struct be_adapter *adapter, bool en) + OPCODE_COMMON_NTWK_RX_FILTER, sizeof(*req)); + + req->if_id = cpu_to_le32(adapter->if_handle); +- req->if_flags_mask = cpu_to_le32(BE_IF_FLAGS_PROMISCUOUS); ++ req->if_flags_mask = cpu_to_le32(BE_IF_FLAGS_PROMISCUOUS ++ | BE_IF_FLAGS_VLAN_PROMISCUOUS); + if (en) +- req->if_flags = cpu_to_le32(BE_IF_FLAGS_PROMISCUOUS); ++ req->if_flags = cpu_to_le32(BE_IF_FLAGS_PROMISCUOUS ++ | BE_IF_FLAGS_VLAN_PROMISCUOUS); + + sge->pa_hi = cpu_to_le32(upper_32_bits(promiscous_cmd.dma)); + sge->pa_lo = cpu_to_le32(promiscous_cmd.dma & 0xFFFFFFFF); +diff --git a/drivers/net/benet/be_main.c b/drivers/net/benet/be_main.c +index 3b2c5e6..32a5b11 100644 +--- a/drivers/net/benet/be_main.c ++++ b/drivers/net/benet/be_main.c +@@ -728,6 +728,10 @@ static int be_vid_config(struct be_adapter *adapter, bool vf, u32 vf_num) + status = be_cmd_vlan_config(adapter, if_handle, vtag, 1, 1, 0); + } + ++ /* No need to further configure vids if in promiscuous mode */ ++ if (adapter->promiscuous) ++ return 0; ++ + if (adapter->vlans_added <= adapter->max_vlans) { + /* Construct VLAN Table to give to HW */ + for (i = 0; i < VLAN_N_VID; i++) { +@@ -787,6 +791,9 @@ static void be_set_multicast_list(struct net_device *netdev) + if (adapter->promiscuous) { + adapter->promiscuous = false; + be_cmd_promiscuous_config(adapter, false); ++ ++ if (adapter->vlans_added) ++ be_vid_config(adapter, false, 0); + } + + /* Enable multicast promisc if num configured exceeds what we support */ +-- +1.7.6.4 + |