kernel: re-add bridge allow reception on disabled port
authorChen Minqiang <ptpt52@gmail.com>
Fri, 10 May 2019 11:13:07 +0000 (19:13 +0800)
committerKoen Vandeputte <koen.vandeputte@ncentric.com>
Fri, 7 Jun 2019 16:22:20 +0000 (18:22 +0200)
The "bridge allow reception on disabled port" implementation
was broken after these commits:

08802d93e2c1 ("kernel: bump 4.19 to 4.19.37")
b765f4be407c ("kernel: bump 4.14 to 4.14.114")
456f486b53a7 ("kernel: bump 4.9 to 4.9.171")

This leads to issues when for example WDS is used, tied to a bridge:

[ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3)
[ 96.517956] wlan1: authenticated
[ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3)
[ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3)
[ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1)
[ 97.208706] wlan1: associated
[ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID)

It seems upstream introduced a new patch, [1]
so we have to reimplement these patches properly:

target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch

[1] https://lkml.org/lkml/2019/4/24/1228

Fixes: 08802d93e2c1 ("kernel: bump 4.19 to 4.19.37")
Fixes: b765f4be407c ("kernel: bump 4.14 to 4.14.114")
Fixes: 456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
[updated commit message and title]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch

index 4a53161..d50280a 100644 (file)
@@ -27,7 +27,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
        /* return 1 to signal the okfn() was called so it's ok to use the skb */
        return 1;
-@@ -332,6 +335,15 @@ rx_handler_result_t br_handle_frame(stru
+@@ -332,6 +335,17 @@ rx_handler_result_t br_handle_frame(stru
  
  forward:
        switch (p->state) {
@@ -35,9 +35,11 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +              if (ether_addr_equal(p->br->dev->dev_addr, dest))
 +                      skb->pkt_type = PACKET_HOST;
 +
-+              NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING,
++              if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING,
 +                      dev_net(skb->dev), NULL, skb, skb->dev, NULL,
-+                      br_handle_local_finish);
++                      br_handle_local_finish) == 1) {
++                      return RX_HANDLER_PASS;
++              }
 +              break;
 +
        case BR_STATE_FORWARDING:
index 9d9e3a0..2afdeef 100644 (file)
@@ -25,7 +25,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
        __br_handle_local_finish(skb);
  
        /* return 1 to signal the okfn() was called so it's ok to use the skb */
-@@ -291,6 +294,15 @@ rx_handler_result_t br_handle_frame(stru
+@@ -291,6 +294,17 @@ rx_handler_result_t br_handle_frame(stru
  
  forward:
        switch (p->state) {
@@ -33,9 +33,11 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +              if (ether_addr_equal(p->br->dev->dev_addr, dest))
 +                      skb->pkt_type = PACKET_HOST;
 +
-+              NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING,
++              if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING,
 +                      dev_net(skb->dev), NULL, skb, skb->dev, NULL,
-+                      br_handle_local_finish);
++                      br_handle_local_finish) == 1) {
++                      return RX_HANDLER_PASS;
++              }
 +              break;
 +
        case BR_STATE_FORWARDING:
index c62eea3..9ee93c9 100644 (file)
@@ -27,7 +27,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
        /* return 1 to signal the okfn() was called so it's ok to use the skb */
        return 1;
-@@ -321,6 +324,15 @@ rx_handler_result_t br_handle_frame(stru
+@@ -321,6 +324,17 @@ rx_handler_result_t br_handle_frame(stru
  
  forward:
        switch (p->state) {
@@ -35,9 +35,11 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +              if (ether_addr_equal(p->br->dev->dev_addr, dest))
 +                      skb->pkt_type = PACKET_HOST;
 +
-+              NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING,
++              if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING,
 +                      dev_net(skb->dev), NULL, skb, skb->dev, NULL,
-+                      br_handle_local_finish);
++                      br_handle_local_finish) == 1) {
++                      return RX_HANDLER_PASS;
++              }
 +              break;
 +
        case BR_STATE_FORWARDING: