[PATCH 2/3] be2net: non-member vlan pkts not received in promiscous mode

Brad Figg brad.figg at canonical.com
Tue Feb 14 21:20:07 UTC 2012 

From: Sathya Perla <sathya.perla at emulex.com>

CVE-CVE-2011-3347

BugLink: http://bugs.launchpad.net/bugs/880893

While configuring promiscous mode, explicitly set the
VLAN_PROMISCOUS bit to make this happen. When switching off
promiscous mode, re-program the vids.

Signed-off-by: Xavier Selvin <xavier.selvin at emulex.com>
Signed-off-by: Sathya Perla <sathya.perla at emulex.com>
Signed-off-by: David S. Miller <davem at davemloft.net>
(cherry picked from commit c0e64ef4899df4cedc872871e54e2c069d29e519)
Signed-off-by: Brad Figg <brad.figg at canonical.com>
---
 drivers/net/benet/be_cmds.c |    6 ++++--
 drivers/net/benet/be_main.c |    7 +++++++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/drivers/net/benet/be_cmds.c b/drivers/net/benet/be_cmds.c
index 81654ae..5e5c62e 100644
--- a/drivers/net/benet/be_cmds.c
+++ b/drivers/net/benet/be_cmds.c
@@ -1506,9 +1506,11 @@ int be_cmd_promiscuous_config(struct be_adapter *adapter, bool en)
 			OPCODE_COMMON_NTWK_RX_FILTER, sizeof(*req));
 
 	req->if_id = cpu_to_le32(adapter->if_handle);
-	req->if_flags_mask = cpu_to_le32(BE_IF_FLAGS_PROMISCUOUS);
+	req->if_flags_mask = cpu_to_le32(BE_IF_FLAGS_PROMISCUOUS
+				| BE_IF_FLAGS_VLAN_PROMISCUOUS);
 	if (en)
-		req->if_flags = cpu_to_le32(BE_IF_FLAGS_PROMISCUOUS);
+		req->if_flags = cpu_to_le32(BE_IF_FLAGS_PROMISCUOUS
+				| BE_IF_FLAGS_VLAN_PROMISCUOUS);
 
 	sge->pa_hi = cpu_to_le32(upper_32_bits(promiscous_cmd.dma));
 	sge->pa_lo = cpu_to_le32(promiscous_cmd.dma & 0xFFFFFFFF);
diff --git a/drivers/net/benet/be_main.c b/drivers/net/benet/be_main.c
index 146e420..bf8d198 100644
--- a/drivers/net/benet/be_main.c
+++ b/drivers/net/benet/be_main.c
@@ -824,6 +824,10 @@ static int be_vid_config(struct be_adapter *adapter, bool vf, u32 vf_num)
 		status = be_cmd_vlan_config(adapter, if_handle, vtag, 1, 1, 0);
 	}
 
+	/* No need to further configure vids if in promiscuous mode */
+	if (adapter->promiscuous)
+		return 0;
+
 	if (adapter->vlans_added <= adapter->max_vlans)  {
 		/* Construct VLAN Table to give to HW */
 		for (i = 0; i < VLAN_N_VID; i++) {
@@ -883,6 +887,9 @@ static void be_set_multicast_list(struct net_device *netdev)
 	if (adapter->promiscuous) {
 		adapter->promiscuous = false;
 		be_cmd_promiscuous_config(adapter, false);
+
+		if (adapter->vlans_added)
+			be_vid_config(adapter, false, 0);
 	}
 
 	/* Enable multicast promisc if num configured exceeds what we support */
-- 
1.7.5.4

More information about the kernel-team mailing list