Commit d9fc8462 authored Mar 27, 2024 by DENG Qingfang Committed by GONG, Ruiqi Mar 27, 2024

net: dsa: mt7530: fix VLAN traffic leaks

stable inclusion
from stable-v4.19.193
commit ae389812733b1b1e8e07fcc238e41db166b5c78d
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9BHG2
CVE: CVE-2021-47160

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ae389812733b1b1e8e07fcc238e41db166b5c78d



--------------------------------

commit 474a2dda upstream.

PCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but
was not reset when it is disabled, which may cause traffic leaks:

	ip link add br0 type bridge vlan_filtering 1
	ip link add br1 type bridge vlan_filtering 1
	ip link set swp0 master br0
	ip link set swp1 master br1
	ip link set br0 type bridge vlan_filtering 0
	ip link set br1 type bridge vlan_filtering 0
	# traffic in br0 and br1 will start leaking to each other

As port_bridge_{add,del} have set up PCR_MATRIX properly, remove the
PCR_MATRIX write from mt7530_port_set_vlan_aware.

Fixes: 83163f7d ("net: dsa: mediatek: add VLAN support for MT7530")
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Conflicts:
	drivers/net/dsa/mt7530.c
Signed-off-by: GONG, Ruiqi <gongruiqi1@huawei.com>

parent 55d14eb3

Show whitespace changes

Inline Side-by-side

Please to comment