Disallow a new sub-interface for an existing vlan

Do not do a 'preset' on mirror packets When sub-interfaces with the same vlan id are added again with a different vif index, we overwrite the existing entry in the vlan table with the new vif. On deletion of the old vif, we check whether the pointer in the vlan table match or not. If it does not match, we do not remove the napi setup, but go ahead and free the napi structure. This could potentially result in memory corruption. To avoid such scenarios, return an error if a vif already exists for a particular vlan When a packet comes from vhost, we typically accept the layer 2 header that is supplied by the host and hence a 'preset' is done to reset the packet to what it was before it entered vRouter. Unfortunately, this was also done for packets those mirrored such packets, leading to offset issues since we do end up adding a lot more headers than what the original packets contain. This leads to wrong length calculation and hence searching for more skbs than that is originally present and a crash. Change-Id: I34ab1173a2cb7904323d37cce238df2600a5eb7a Closes-BUG: #1543534, #1544832
Juniper · Feb 12, 2016 · 1795a26 · 1795a26
1 parent b12a01b
commit 1795a26
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/dp-core/vr_interface.c b/dp-core/vr_interface.c
@@ -955,7 +955,8 @@ eth_set_rewrite(struct vr_interface *vif, struct vr_packet *pkt,
     if (!len)
         return pkt_data(pkt);
 
-    if (pkt->vp_if->vif_type == VIF_TYPE_HOST) {
+    if ((pkt->vp_if->vif_type == VIF_TYPE_HOST) &&
+            !(pkt->vp_flags & VP_FLAG_FROM_DP)) {
         vr_preset(pkt);
         return pkt_data(pkt);
     }
@@ -1158,6 +1159,10 @@ eth_drv_add_sub_interface(struct vr_interface *pvif, struct vr_interface *vif)
              * time of the interface
              */
         }
+
+        if (pvif->vif_sub_interfaces[vif->vif_vlan_id])
+            return -EEXIST;
+
         pvif->vif_sub_interfaces[vif->vif_vlan_id] = vif;
     }