summaryrefslogtreecommitdiffstats
path: root/net/bridge/br_netlink.c
diff options
context:
space:
mode:
authorToshiaki Makita <makita.toshiaki@lab.ntt.co.jp>2013-10-16 17:07:13 +0900
committerDavid S. Miller <davem@davemloft.net>2013-10-18 16:02:52 -0400
commit8adff41c3d259eb5e313b7b04669eee545925154 (patch)
tree0457c19489a9c482ff5c15fc16729673aa633dda /net/bridge/br_netlink.c
parent4b6c7879d84ad06a2ac5b964808ed599187a188d (diff)
downloadlinux-8adff41c3d259eb5e313b7b04669eee545925154.tar.gz
linux-8adff41c3d259eb5e313b7b04669eee545925154.tar.bz2
linux-8adff41c3d259eb5e313b7b04669eee545925154.zip
bridge: Don't use VID 0 and 4095 in vlan filtering
IEEE 802.1Q says that: - VID 0 shall not be configured as a PVID, or configured in any Filtering Database entry. - VID 4095 shall not be configured as a PVID, or transmitted in a tag header. This VID value may be used to indicate a wildcard match for the VID in management operations or Filtering Database entries. (See IEEE 802.1Q-2011 6.9.1 and Table 9-2) Don't accept adding these VIDs in the vlan_filtering implementation. Signed-off-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp> Reviewed-by: Vlad Yasevich <vyasevic@redhat.com> Acked-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/bridge/br_netlink.c')
-rw-r--r--net/bridge/br_netlink.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
index e74ddc1c29a8..f75d92e4f96b 100644
--- a/net/bridge/br_netlink.c
+++ b/net/bridge/br_netlink.c
@@ -243,7 +243,7 @@ static int br_afspec(struct net_bridge *br,
vinfo = nla_data(tb[IFLA_BRIDGE_VLAN_INFO]);
- if (vinfo->vid >= VLAN_N_VID)
+ if (!vinfo->vid || vinfo->vid >= VLAN_VID_MASK)
return -EINVAL;
switch (cmd) {