[v4_1_esv] LPF now only uses 12-bit value from VLAN TCI for VID

    Merges in rt40591.

diff --git a/RELNOTES b/RELNOTES
index 7225fe6382aa782af075e4e33d33d1240123f1df..0eb2bbf047f9f8694e25aeaa820ff4fd3912db39 100644 (file)
--- a/RELNOTES
+++ b/RELNOTES
@@ -60,6 +60,13 @@ by Eric Young (eay@cryptsoft.com).
 
                        Changes since 4.1-ESV-R12
 
+- The linux packet fitler code now correctly treats only least significant
+  12 bits an inbound packet's TCI value as the VLAN id (per IEEE 802.1Q).
+  Prior to this it was using the entire 16 bit value as the VLAN id and
+  incorrectly discarding packets.  Thanks to Jiri Popelka at Red Hat for
+  reporting this issue and supplying its patch.
+  [ISC-Bugs #40591]
+
 - Corrected a static analyzer warning in common/execute.c
   [ISC-Bugs #40374]
 

diff --git a/common/lpf.c b/common/lpf.c
index 211bffe90b86b11e2aa3d105593307a11ec3ebbf..9234c5181a5d477d59c4b2be4dc832c8effb39df 100644 (file)
--- a/common/lpf.c
+++ b/common/lpf.c
@@ -400,10 +400,10 @@ ssize_t receive_packet (interface, buf, len, from, hfrom)
                if (cmsg->cmsg_level == SOL_PACKET &&
                    cmsg->cmsg_type == PACKET_AUXDATA) {
                        struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg);
-                       /* Discard packets with stripped vlan id */
-
 #ifdef VLAN_TCI_PRESENT
-                       if (aux->tp_vlan_tci != 0)
+                       /* Discard packets with stripped vlan id */
+                       /* VLAN ID is only bottom 12-bits of TCI */
+                       if (aux->tp_vlan_tci & 0x0fff)
                                return 0;
 #endif