From dan@obluda.cz  Fri Dec 20 09:48:53 2002
Return-Path: <dan@obluda.cz>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8B02A37B401
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 20 Dec 2002 09:48:53 -0800 (PST)
Received: from smtp.kolej.mff.cuni.cz (smtp.kolej.mff.cuni.cz [195.113.25.225])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C012943EF7
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 20 Dec 2002 09:48:51 -0800 (PST)
	(envelope-from dan@obluda.cz)
Received: from dan.kolej.mff.cuni.cz (dan.kolej.mff.cuni.cz [195.113.21.110])
	by smtp.kolej.mff.cuni.cz (8.11.6/8.11.6) with ESMTP id gBKHmrr20646
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 20 Dec 2002 18:48:54 +0100 (CET)
	(envelope-from dan@obluda.cz)
Received: from obluda.cz (localhost [127.0.0.1])
	by dan.kolej.mff.cuni.cz (8.12.6/8.12.6) with ESMTP id gBKHmnUD006510
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 20 Dec 2002 18:48:49 +0100 (CET)
	(envelope-from dan@obluda.cz)
Received: (from dan@localhost)
	by obluda.cz (8.12.6/8.12.6/Submit) id gBKHmn9s006509;
	Fri, 20 Dec 2002 18:48:49 +0100 (CET)
Message-Id: <200212201748.gBKHmn9s006509@obluda.cz>
Date: Fri, 20 Dec 2002 18:48:49 +0100 (CET)
From: Dan Lukes <dan@obluda.cz>
Reply-To: Dan Lukes <dan@obluda.cz>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [PATCH] Bad VLAN handling on NIC's with VLAN hardware support
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         46405
>Category:       kern
>Synopsis:       [PATCH] Bad VLAN handling on NIC's with VLAN hardware support
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Dec 20 09:50:01 PST 2002
>Closed-Date:    Tue Jul 08 14:57:01 PDT 2003
>Last-Modified:  Wed May 26 15:30:27 PDT 2004
>Originator:     Dan Lukes
>Release:        FreeBSD 4.7-STABLE i386 and FreeBSD 5.0-CURRENT
>Organization:
Obludarium
>Environment:
System: FreeBSD 4.7-STABLE 
System: FreeBSD 5.0-CURRENT 
On 4:
src/sys/net/if_vlan.c,v 1.15.2.12 2002/04/04 05:51:55 luigi Exp
On 5:
src/sys/net/if_vlan.c,v 1.44 2002/11/14 23:43:16 sam Exp

	An NIC with hardware support for VLANs (using vlan_input_tag routine
on 4 or MTAG_VLAN_TAG on 5)

>Description:

	The TAG_CONTROL_INFO word on front of VLAN packet contain not only
the 12 bites of VLAN tag, but also 3 bites of priority and 1 bite CFI.

	The driver pass unmodified TAG to vlan driver (either thru
vlan_input_tag call or via mbuf's MTAG_VLAN_TAG). 

	VLAN driver doesn't strip the CFI and priority bits from tag, so it
fail to match correponding vlan unless all priority bits and CFI are zero.
	
	The packet with non-zero priority is dropped.

>How-To-Repeat:

	See hardware configuration above. Then send a vlan packet with
non-zero priority bit to FreeBSD's NIC (for example from CISCO 2950 sends
some)

	We also should think about special VLAN ID "zero" - the FreeBSD
can't correctly process them for now. It problem is not covered by patches
presented bellow.

>Fix:

Extract the VLAN ID only bits from tag on vlan_input(_tag) routine.

On STABLE:
*** if_vlan.c.ORIG	Tue Apr  9 10:46:12 2002
--- if_vlan.c	Fri Dec 20 18:17:28 2002
***************
*** 420,425 ****
--- 420,426 ----
  {
  	struct ifvlan *ifv;
  
+ 	t = EVL_VLANOFTAG(t);
  	/*
  	 * Fake up a header and send the packet to the physical interface's
  	 * bpf tap if active.


On CURRENT:

*** if_vlan.c.ORIG	Mon Nov 18 11:39:41 2002
--- if_vlan.c	Fri Dec 20 18:15:56 2002
***************
*** 394,400 ****
  		 * Packet is tagged, m contains a normal
  		 * Ethernet frame; the tag is stored out-of-band.
  		 */
! 		tag = *(u_int*)(mtag+1);
  		m_tag_delete(m, mtag);
  	} else {
  		switch (ifp->if_type) {
--- 394,400 ----
  		 * Packet is tagged, m contains a normal
  		 * Ethernet frame; the tag is stored out-of-band.
  		 */
! 		tag = EVL_VLANOFTAG(*(u_int*)(mtag+1));
  		m_tag_delete(m, mtag);
  	} else {
  		switch (ifp->if_type) {


>Release-Note:
>Audit-Trail:

From: Dan Lukes <dan@obluda.cz>
To: freebsd-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: kern/46405: [PATCH] Bad VLAN handling on NIC's with VLAN hardware
 support
Date: Fri, 20 Dec 2002 19:30:58 +0100

 The patch for STABLE isn't as good as should be - it strip priority bits 
 before passing the packet to bpf
 
 	Corrected patch follows:
 
 *** if_vlan.c.ORIG      Tue Apr  9 10:46:12 2002
 --- if_vlan.c   Fri Dec 20 19:01:07 2002
 ***************
 *** 440,445 ****
 --- 440,446 ----
                  bpf_mtap(m->m_pkthdr.rcvif, (struct mbuf *)&mh);
          }
 
 +       t = EVL_VLANOFTAG(t);
          for (ifv = LIST_FIRST(&ifv_list); ifv != NULL;
              ifv = LIST_NEXT(ifv, ifv_list)) {
                  if (m->m_pkthdr.rcvif == ifv->ifv_p
 
 
 
 					Dan
 
 -- 
 Dan Lukes      tel: +420 2 21914205, fax: +420 2 21914206
 root  of FIONet,  KolejNET,  webmaster  of www.freebsd.cz
 AKA: dan@obluda.cz, dan@freebsd.cz, dan@kolej.mff.cuni.cz
 
State-Changed-From-To: open->closed 
State-Changed-By: wpaul 
State-Changed-When: Tue Jul 8 14:55:11 PDT 2003 
State-Changed-Why:  
Fix applied to -current. EVL_VLANOFTAG() is applied in both the 
IFCAP_VLAN_HWTAGGING case and the software tagging case. Also, the 
user is now prevented from using ifconfig(8) to set a tag ID 
with anything except the VLAN ID bits set (setting any of the 
other bits would cause an interface matching failure in vlan_input(). 
-Bill 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46405 

From: Christoph Loibl <c@tix.at>
To: freebsd-gnats-submit@FreeBSD.org, dan@obluda.cz
Cc:  
Subject: kern/46405:[PATCH] Bad VLAN handling on NIC's with VLAN hardware support
Date: Wed, 26 May 2004 22:56:37 +0200

 hi!
 
 it seems that this patch didn't make it into the fbsd-kernel-src (at least not
 into 4.9). the problem is still existent, but the bugreport closed. any
 ideas why?
 
 regards
 
 christoph loibl
 
 -- 
 CHRISTOPH LOIBL >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 mailto:c@tix.at     |                "My other computer  
 http://pix.tix.at   |               is your Windows box."
 CHL-RIPE >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> PGP-Key-ID: 0x4B2C0055 >>>

From: Dan Lukes <dan@obluda.cz>
To: Christoph Loibl <c@tix.at>
Cc: freebsd-gnats-submit@FreeBSD.org, wpaul@FreeBSD.org
Subject: Re: kern/46405:[PATCH] Bad VLAN handling on NIC's with VLAN hardware
 support
Date: Thu, 27 May 2004 00:21:14 +0200

 Christoph Loibl wrote:
 
 > it seems that this patch didn't make it into the fbsd-kernel-src (at least not
 > into 4.9). the problem is still existent, but the bugreport closed. any
 > ideas why?
 
 	Maybe the Bill only forgot that 4.x exist ... ;-(
 
 						Dan
 
 
 -- 
 Dan Lukes,  SISAL, MFF UK  tel: +420 2 21914205, fax: +420 2 21914206
 AKA: dan@obluda.cz, dan@freebsd.cz, dan@kolej.mff.cuni.cz, dan@fio.cz
 
>Unformatted:
