Date: Fri, 20 Dec 2002 18:48:49 +0100 (CET) From: Dan Lukes <dan@obluda.cz> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/46405: [PATCH] Bad VLAN handling on NIC's with VLAN hardware support Message-ID: <200212201748.gBKHmn9s006509@obluda.cz>
next in thread | raw e-mail | index | archive | help
>Number: 46405 >Category: kern >Synopsis: [PATCH] Bad VLAN handling on NIC's with VLAN hardware support >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Dec 20 09:50:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Dan Lukes >Release: FreeBSD 4.7-STABLE i386 and FreeBSD 5.0-CURRENT >Organization: Obludarium >Environment: System: FreeBSD 4.7-STABLE System: FreeBSD 5.0-CURRENT On 4: src/sys/net/if_vlan.c,v 1.15.2.12 2002/04/04 05:51:55 luigi Exp On 5: src/sys/net/if_vlan.c,v 1.44 2002/11/14 23:43:16 sam Exp An NIC with hardware support for VLANs (using vlan_input_tag routine on 4 or MTAG_VLAN_TAG on 5) >Description: The TAG_CONTROL_INFO word on front of VLAN packet contain not only the 12 bites of VLAN tag, but also 3 bites of priority and 1 bite CFI. The driver pass unmodified TAG to vlan driver (either thru vlan_input_tag call or via mbuf's MTAG_VLAN_TAG). VLAN driver doesn't strip the CFI and priority bits from tag, so it fail to match correponding vlan unless all priority bits and CFI are zero. The packet with non-zero priority is dropped. >How-To-Repeat: See hardware configuration above. Then send a vlan packet with non-zero priority bit to FreeBSD's NIC (for example from CISCO 2950 sends some) We also should think about special VLAN ID "zero" - the FreeBSD can't correctly process them for now. It problem is not covered by patches presented bellow. >Fix: Extract the VLAN ID only bits from tag on vlan_input(_tag) routine. On STABLE: *** if_vlan.c.ORIG Tue Apr 9 10:46:12 2002 --- if_vlan.c Fri Dec 20 18:17:28 2002 *************** *** 420,425 **** --- 420,426 ---- { struct ifvlan *ifv; + t = EVL_VLANOFTAG(t); /* * Fake up a header and send the packet to the physical interface's * bpf tap if active. On CURRENT: *** if_vlan.c.ORIG Mon Nov 18 11:39:41 2002 --- if_vlan.c Fri Dec 20 18:15:56 2002 *************** *** 394,400 **** * Packet is tagged, m contains a normal * Ethernet frame; the tag is stored out-of-band. */ ! tag = *(u_int*)(mtag+1); m_tag_delete(m, mtag); } else { switch (ifp->if_type) { --- 394,400 ---- * Packet is tagged, m contains a normal * Ethernet frame; the tag is stored out-of-band. */ ! tag = EVL_VLANOFTAG(*(u_int*)(mtag+1)); m_tag_delete(m, mtag); } else { switch (ifp->if_type) { >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212201748.gBKHmn9s006509>