Public bug reported:
[ Impact ]
Since jammy:linux commit 0158242f01a0 ("net: bridge: switchdev: Skip MDB
replays of deferred events on offload"), the kernel build fails when
CONFIG_NET_SWITCHDEV=n, as observed in e.g. jammy:linux-kvm. The error
is as follows:
/build/jammy/net/bridge/br_mdb.c: In function 'br_mdb_queue_one':
/build/jammy/net/bridge/br_mdb.c:640:13: error: implicit declaration of
function
'switchdev_port_obj_act_is_deferred'; did you mean 'switchdev_port_obj_add'?
[-Werror=implicit- function-declaration]
640 | switchdev_port_obj_act_is_deferred(dev, action,
&mdb.obj)) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| switchdev_port_obj_add
[ Fix ]
Add a dummy implementation of switchdev_port_obj_act_is_deferred() for
the CONFIG_NET_SWITCHDEV=n case. This approach was chosen because it is
less risky and also requires minimal changes compared to the
alternatives:
* Backport 9776457c784f ("net: bridge: mdb: move all switchdev logic to
br_switchdev.c"), which would involve resolving significant conflicts, or
* Revert the CVE fix, cherry-pick nearly all prerequisite patches from [1] and
[2], and then reapply the CVE fix.
Note that register_switchdev_blocking_notifier() does nothing when
CONFIG_NET_SWITCHDEV=n. Therefore, nbp_switchdev_(un)sync_objs (the sole
caller of br_mdb_replay()) does not run in the first place.
[1]
https://lore.kernel.org/all/20211026142743.1298877-1-vladimir.olt...@nxp.com/
[2]
https://lore.kernel.org/all/20211027162119.2496321-1-vladimir.olt...@nxp.com/
[ Test Plan ]
Compile test with both CONFIG_NET_SWITCHDEV=y and
CONFIG_NET_SWITCHDEV=n.
[ Where problems could occur ]
Any regressions caused by this tiny fix-the-fix patch should be caught
during compilation.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Affects: linux (Ubuntu Jammy)
Importance: Undecided
Status: New
** Description changed:
[ Impact ]
Since jammy:linux commit 0158242f01a0 ("net: bridge: switchdev: Skip MDB
replays of deferred events on offload"), the kernel build fails when
CONFIG_NET_SWITCHDEV=n, as observed in e.g. jammy:linux-kvm. The error
is as follows:
- /build/jammy/net/bridge/br_mdb.c: In function 'br_mdb_queue_one':
- /build/jammy/net/bridge/br_mdb.c:640:13: error: implicit declaration of
function
- 'switchdev_port_obj_act_is_deferred'; did you mean
'switchdev_port_obj_add'? [-Werror=implicit- function-declaration]
- 640 | switchdev_port_obj_act_is_deferred(dev, action,
&mdb.obj)) {
- | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- | switchdev_port_obj_add
+ /build/jammy/net/bridge/br_mdb.c: In function 'br_mdb_queue_one':
+ /build/jammy/net/bridge/br_mdb.c:640:13: error: implicit declaration of
function
+ 'switchdev_port_obj_act_is_deferred'; did you mean
'switchdev_port_obj_add'? [-Werror=implicit- function-declaration]
+ 640 | switchdev_port_obj_act_is_deferred(dev, action,
&mdb.obj)) {
+ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ | switchdev_port_obj_add
[ Fix ]
Add a dummy implementation of switchdev_port_obj_act_is_deferred() for
the CONFIG_NET_SWITCHDEV=n case. This approach was chosen because it is
less risky and also requires minimal changes compared to the
alternatives:
* Backport 9776457c784f ("net: bridge: mdb: move all switchdev logic to
br_switchdev.c"), which would involve resolving significant conflicts, or
* Revert the CVE fix, cherry-pick nearly all prerequisite patches from [1]
and [2], and then reapply the CVE fix.
Note that register_switchdev_blocking_notifier() does nothing when
CONFIG_NET_SWITCHDEV=n. Therefore, nbp_switchdev_(un)sync_objs (the sole
- caller of br_mdb_replay()) is not executed in the first place.
+ caller of br_mdb_replay()) does not run in the first place.
[1]
https://lore.kernel.org/all/20211026142743.1298877-1-vladimir.olt...@nxp.com/
[2]
https://lore.kernel.org/all/20211027162119.2496321-1-vladimir.olt...@nxp.com/
[ Test Plan ]
Compile test with both CONFIG_NET_SWITCHDEV=y and
CONFIG_NET_SWITCHDEV=n.
[ Where problems could occur ]
Any regressions caused by this tiny fix-the-fix patch should be caught
during compilation.
** Also affects: linux (Ubuntu Jammy)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2104380
Title:
Build failure when CONFIG_NET_SWITCHDEV=n due to CVE-2024-26837 fix
backport
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2104380/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
