diff options
author | Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp> | 2013-10-16 17:07:13 +0900 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2013-10-18 16:02:52 -0400 |
commit | 8adff41c3d259eb5e313b7b04669eee545925154 (patch) | |
tree | 0457c19489a9c482ff5c15fc16729673aa633dda /net/bridge/br_netlink.c | |
parent | 4b6c7879d84ad06a2ac5b964808ed599187a188d (diff) | |
download | linux-8adff41c3d259eb5e313b7b04669eee545925154.tar.gz linux-8adff41c3d259eb5e313b7b04669eee545925154.tar.bz2 linux-8adff41c3d259eb5e313b7b04669eee545925154.zip |
bridge: Don't use VID 0 and 4095 in vlan filtering
IEEE 802.1Q says that:
- VID 0 shall not be configured as a PVID, or configured in any Filtering
Database entry.
- VID 4095 shall not be configured as a PVID, or transmitted in a tag
header. This VID value may be used to indicate a wildcard match for the VID
in management operations or Filtering Database entries.
(See IEEE 802.1Q-2011 6.9.1 and Table 9-2)
Don't accept adding these VIDs in the vlan_filtering implementation.
Signed-off-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>
Reviewed-by: Vlad Yasevich <vyasevic@redhat.com>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/bridge/br_netlink.c')
-rw-r--r-- | net/bridge/br_netlink.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c index e74ddc1c29a8..f75d92e4f96b 100644 --- a/net/bridge/br_netlink.c +++ b/net/bridge/br_netlink.c @@ -243,7 +243,7 @@ static int br_afspec(struct net_bridge *br, vinfo = nla_data(tb[IFLA_BRIDGE_VLAN_INFO]); - if (vinfo->vid >= VLAN_N_VID) + if (!vinfo->vid || vinfo->vid >= VLAN_VID_MASK) return -EINVAL; switch (cmd) { |