diff mbox

[net,mlxsw] mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG

Message ID 72ffc13424de1e5a9b3dada6a6b62e0e2525f722.1526996911.git.petrm@mellanox.com (mailing list archive)
State Accepted
Delegated to: Ido Schimmel
Headers show

Commit Message

Petr Machata May 22, 2018, 1:49 p.m. UTC 
VLAN 1 is internally used for untagged traffic. Prevent creation of
explicit netdevice for that VLAN, because that currently isn't supported
and leads to the NULL pointer dereference cited below.

Fix by preventing creation of VLAN devices with VID of 1 over mlxsw
devices or LAG devices that involve mlxsw devices.

[  327.184544] UBSAN: Undefined behaviour in drivers/net/ethernet/mellanox/mlxsw/spectrum_fid.c:200:12
[  327.193667] member access within null pointer of type 'const struct mlxsw_sp_fid'
[  327.201226] CPU: 0 PID: 8983 Comm: ip Not tainted 4.17.0-rc4-petrm_net_ip6gre_headroom-custom-140 #11
[  327.210496] Hardware name: Mellanox Technologies Ltd. "MSN2410-CB2F"/"SA000874", BIOS 4.6.5 03/08/2016
[  327.219872] Call Trace:
[  327.222384] dump_stack (lib/dump_stackc:115)
[  327.225848] ? show_regs_print_info (lib/dump_stackc:89)
[  327.230092] ? ubsan_prologue (lib/ubsanc:150)
[  327.234007] ubsan_epilogue (lib/ubsanc:160)
[  327.237638] ubsan_type_mismatch_common (lib/ubsanc:276 lib/ubsanc:318)
[  327.242582] ? ucs2_as_utf8 (lib/ubsanc:315)
[  327.246493] ? debug_check_no_locks_freed (kernel/locking/lockdepc:3290)
[  327.251599] ? addrconf_ifdown (net/ipv6/addrconfc:3762)
[  327.255769] __ubsan_handle_type_mismatch (lib/ubsanc:327)
[  327.260710] ? ubsan_epilogue (lib/ubsanc:327)
[  327.264716] mlxsw_sp_fid_type (drivers/net/ethernet/mellanox/mlxsw/spectrum_fidc:200) mlxsw_spectrum
[  327.270255] mlxsw_sp_port_vlan_router_leave (drivers/net/ethernet/mellanox/mlxsw/spectrum_routerc:6295) mlxsw_spectrum
[  327.277019] mlxsw_sp_inetaddr_port_vlan_event (drivers/net/ethernet/mellanox/mlxsw/spectrum_routerc:6329) mlxsw_spectrum
[  327.284058] ? mlxsw_sp_port_vlan_router_leave (drivers/net/ethernet/mellanox/mlxsw/spectrum_routerc:6312) mlxsw_spectrum
[  327.290984] ? mlxsw_sp_lower_get (drivers/net/ethernet/mellanox/mlxsw/spectrumc:4027 (discriminator 1)) mlxsw_spectrum
[  327.296739] ? mlxsw_core_res_get (drivers/net/ethernet/mellanox/mlxsw/resourcesh:127 drivers/net/ethernet/mellanox/mlxsw/corec:1684) mlxsw_core
[  327.302180] ? mlxsw_sp_port_dev_check (drivers/net/ethernet/mellanox/mlxsw/spectrumc:3993) mlxsw_spectrum
[  327.308430] ? __mlxsw_sp_inetaddr_event (/include/linux/netdeviceh:4303 drivers/net/ethernet/mellanox/mlxsw/spectrum_routerc:6337 drivers/net/ethernet/mellanox/mlxsw/spectrum_routerc:6431) mlxsw_spectrum
[  327.315031] mlxsw_sp_netdevice_vrf_event (drivers/net/ethernet/mellanox/mlxsw/spectrum_routerc:6658 drivers/net/ethernet/mellanox/mlxsw/spectrum_routerc:6689) mlxsw_spectrum
[  327.321626] mlxsw_sp_netdevice_event (drivers/net/ethernet/mellanox/mlxsw/spectrumc:4659) mlxsw_spectrum
[  327.327923] ? mlxsw_sp_netdevice_port_event (drivers/net/ethernet/mellanox/mlxsw/spectrumh:285 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4222 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4456 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4504) mlxsw_spectrum
[  327.335024] ? mlxsw_sp_netdevice_port_event (drivers/net/ethernet/mellanox/mlxsw/spectrumh:285 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4222 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4456 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4504) mlxsw_spectrum
[  327.342125] ? mlxsw_sp_netdevice_port_event (drivers/net/ethernet/mellanox/mlxsw/spectrumh:285 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4222 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4456 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4504) mlxsw_spectrum
[  327.349231] ? mlxsw_sp_netdevice_port_event (drivers/net/ethernet/mellanox/mlxsw/spectrumh:285 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4222 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4456 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4504) mlxsw_spectrum
[  327.356259] ? __module_text_address (kernel/modulec:4349)
[  327.360818] ? mlxsw_sp_netdevice_port_event (drivers/net/ethernet/mellanox/mlxsw/spectrumh:285 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4222 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4456 drivers/net/ethernet/mellanox/mlxsw/spectrumc:4504) mlxsw_spectrum
[  327.367863] notifier_call_chain (kernel/notifierc:95)
[  327.372128] __netdev_upper_dev_link (/include/linux/notifierh:182 net/core/devc:6471)
[  327.376816] ? netdev_upper_dev_unlink (net/core/devc:6426)
[  327.381671] ? debug_check_no_locks_freed (kernel/locking/lockdepc:3290)
[  327.386800] ? deref_stack_reg (arch/x86/kernel/unwind_orcc:320)
[  327.390793] ? vrf_add_slave (drivers/net/vrfc:784 drivers/net/vrfc:808) vrf
[  327.395208] ? __dev_get_by_index (net/core/devc:817)
[  327.399450] vrf_add_slave (drivers/net/vrfc:784 drivers/net/vrfc:808) vrf
[  327.403703] do_setlink (net/core/rtnetlinkc:2369)
[... etc ...]

Fixes: 9589a7b5d7d9 ("mlxsw: spectrum: Handle VLAN devices linking / unlinking")
Suggested-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Petr Machata <petrm@mellanox.com>
---
 drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 5 +++++
 1 file changed, 5 insertions(+)
diff mbox

Patch

diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c
index ca38a30..adc6ab2 100644
--- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c
+++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c
@@ -4433,6 +4433,11 @@  static int mlxsw_sp_netdevice_port_upper_event(struct net_device *lower_dev,
 			NL_SET_ERR_MSG_MOD(extack, "Can not put a VLAN on an OVS port");
 			return -EINVAL;
 		}
+		if (is_vlan_dev(upper_dev) &&
+		    vlan_dev_vlan_id(upper_dev) == 1) {
+			NL_SET_ERR_MSG_MOD(extack, "Creating a VLAN device with VID 1 is unsupported: VLAN 1 carries untagged traffic");
+			return -EINVAL;
+		}
 		break;
 	case NETDEV_CHANGEUPPER:
 		upper_dev = info->upper_dev;