5.10-stable patches

added patches:
	macvlan-fix-leaking-skb-in-source-mode-with-nodst-option.patch

diff --git a/queue-5.10/macvlan-fix-leaking-skb-in-source-mode-with-nodst-option.patch b/queue-5.10/macvlan-fix-leaking-skb-in-source-mode-with-nodst-option.patch
new file mode 100644 (file)
index 0000000..40dec34
--- /dev/null
+++ b/queue-5.10/macvlan-fix-leaking-skb-in-source-mode-with-nodst-option.patch
@@ -0,0 +1,54 @@
+From e16b859872b87650bb55b12cca5a5fcdc49c1442 Mon Sep 17 00:00:00 2001
+From: Martin Willi <martin@strongswan.org>
+Date: Tue, 12 Apr 2022 11:34:57 +0200
+Subject: macvlan: Fix leaking skb in source mode with nodst option
+
+From: Martin Willi <martin@strongswan.org>
+
+commit e16b859872b87650bb55b12cca5a5fcdc49c1442 upstream.
+
+The MACVLAN receive handler clones skbs to all matching source MACVLAN
+interfaces, before it passes the packet along to match on destination
+based MACVLANs.
+
+When using the MACVLAN nodst mode, passing the packet to destination based
+MACVLANs is omitted and the handler returns with RX_HANDLER_CONSUMED.
+However, the passed skb is not freed, leaking for any packet processed
+with the nodst option.
+
+Properly free the skb when consuming packets to fix that leak.
+
+Fixes: 427f0c8c194b ("macvlan: Add nodst option to macvlan type source")
+Signed-off-by: Martin Willi <martin@strongswan.org>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/macvlan.c |    8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+--- a/drivers/net/macvlan.c
++++ b/drivers/net/macvlan.c
+@@ -464,8 +464,10 @@ static rx_handler_result_t macvlan_handl
+                       return RX_HANDLER_CONSUMED;
+               *pskb = skb;
+               eth = eth_hdr(skb);
+-              if (macvlan_forward_source(skb, port, eth->h_source))
++              if (macvlan_forward_source(skb, port, eth->h_source)) {
++                      kfree_skb(skb);
+                       return RX_HANDLER_CONSUMED;
++              }
+               src = macvlan_hash_lookup(port, eth->h_source);
+               if (src && src->mode != MACVLAN_MODE_VEPA &&
+                   src->mode != MACVLAN_MODE_BRIDGE) {
+@@ -484,8 +486,10 @@ static rx_handler_result_t macvlan_handl
+               return RX_HANDLER_PASS;
+       }
+ 
+-      if (macvlan_forward_source(skb, port, eth->h_source))
++      if (macvlan_forward_source(skb, port, eth->h_source)) {
++              kfree_skb(skb);
+               return RX_HANDLER_CONSUMED;
++      }
+       if (macvlan_passthru(port))
+               vlan = list_first_or_null_rcu(&port->vlans,
+                                             struct macvlan_dev, list);

diff --git a/queue-5.10/series b/queue-5.10/series
index ff94a310acbafb7925429f76b0a270a2460d428e..0cec3ab45092490aa7c16250055dab9763666940 100644 (file)
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -41,3 +41,4 @@ dmaengine-ti-dma-crossbar-fix-device-leak-on-dra7x-route-allocation.patch
 dmaengine-ti-dma-crossbar-fix-device-leak-on-am335x-route-allocation.patch
 dmaengine-ti-k3-udma-fix-device-leak-on-udma-lookup.patch
 btrfs-fix-deadlock-in-wait_current_trans-due-to-ignored-transaction-type.patch
+macvlan-fix-leaking-skb-in-source-mode-with-nodst-option.patch