Patchwork [2/5] bridge: ignore bogus STP config packets

login
register
mail settings
Submitter stephen hemminger
Date July 22, 2011, 5:47 p.m.
Message ID <20110722174757.876819895@vyatta.com>
Download mbox | patch
Permalink /patch/106360/
State Accepted
Delegated to: David Miller
Headers show

Comments

stephen hemminger - July 22, 2011, 5:47 p.m.
If the message_age is already greater than the max_age, then the
BPDU is bogus. Linux won't generate BPDU, but conformance tester
or buggy implementation might.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>

---
Patch against net-next. Do not apply to stable.




--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

--- a/net/bridge/br_stp_bpdu.c	2011-07-21 20:25:02.991988983 -0700
+++ b/net/bridge/br_stp_bpdu.c	2011-07-21 20:29:11.175988844 -0700
@@ -210,6 +210,17 @@  void br_stp_rcv(const struct stp_proto *
 		bpdu.hello_time = br_get_ticks(buf+28);
 		bpdu.forward_delay = br_get_ticks(buf+30);
 
+		if (bpdu.message_age > bpdu.max_age) {
+			if (net_ratelimit())
+				br_notice(p->br,
+					  "port %u config from %pM"
+					  " (message_age %ul > max_age %ul)\n",
+					  p->port_no,
+					  eth_hdr(skb)->h_source,
+					  bpdu.message_age, bpdu.max_age);
+			goto out;
+		}
+
 		br_received_config_bpdu(p, &bpdu);
 	}