• Herbert Xu's avatar
    bridge: Fix netpoll support · 91d2c34a
    Herbert Xu authored
    There are multiple problems with the newly added netpoll support:
    
    1) Use-after-free on each netpoll packet.
    2) Invoking unsafe code on netpoll/IRQ path.
    3) Breaks when netpoll is enabled on the underlying device.
    
    This patch fixes all of these problems.  In particular, we now
    allocate proper netpoll structures for each underlying device.
    
    We only allow netpoll to be enabled on the bridge when all the
    devices underneath it support netpoll.  Once it is enabled, we
    do not allow non-netpoll devices to join the bridge (until netpoll
    is disabled again).
    
    This allows us to do away with the npinfo juggling that caused
    problem number 1.
    
    Incidentally this patch fixes number 2 by bypassing unsafe code
    such as multicast snooping and netfilter.
    Reported-by: default avatarQianfeng Zhang <frzhang@redhat.com>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    91d2c34a
br_forward.c 6.13 KB