ACK: [SRU][J][PATCH 0/1] build failure when CONFIG_NET_SWITCHDEV=n (CVE-2024-26837 follow-up)

Massimiliano Pellizzer massimiliano.pellizzer at canonical.com
Thu Mar 27 14:34:07 UTC 2025 

On Thu, 27 Mar 2025 at 15:02, Stefan Bader <stefan.bader at canonical.com> wrote:
>
> On 27.03.25 14:56, Koichiro Den wrote:
> > BugLink: https://bugs.launchpad.net/bugs/2104380
> >
> > [ Impact ]
> >
> > Since jammy:linux commit 0158242f01a0 ("net: bridge: switchdev: Skip MDB
> > replays of deferred events on offload"), the kernel build fails when
> > CONFIG_NET_SWITCHDEV=n, as observed in e.g. jammy:linux-kvm. The error is
> > as follows:
> >
> > /build/jammy/net/bridge/br_mdb.c: In function 'br_mdb_queue_one':
> > /build/jammy/net/bridge/br_mdb.c:640:13: error: implicit declaration of function
> > 'switchdev_port_obj_act_is_deferred'; did you mean 'switchdev_port_obj_add'? \
> >    [-Werror=implicit- function-declaration]
> >    640 |             switchdev_port_obj_act_is_deferred(dev, action, &mdb.obj)) {
> >        |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >        |             switchdev_port_obj_add
> >
> > [ Fix ]
> >
> > Add a dummy implementation of switchdev_port_obj_act_is_deferred() for the
> > CONFIG_NET_SWITCHDEV=n case. This approach was chosen because it is less
> > risky and also requires minimal changes compared to the alternatives:
> >
> > * Backport 9776457c784f ("net: bridge: mdb: move all switchdev logic to
> >    br_switchdev.c"), which would involve resolving significant conflicts, or
> > * Revert the CVE fix, cherry-pick nearly all prerequisite patches from [1]
> >    and [2], and then reapply the CVE fix.
> >
> > Note that register_switchdev_blocking_notifier() does nothing when
> > CONFIG_NET_SWITCHDEV=n. Therefore, nbp_switchdev_(un)sync_objs (the sole
> > caller of br_mdb_replay()) does not run in the first place.
> >
> > [1] https://lore.kernel.org/all/20211026142743.1298877-1-vladimir.oltean@nxp.com/
> > [2] https://lore.kernel.org/all/20211027162119.2496321-1-vladimir.oltean@nxp.com/
> >
> > [ Test Plan ]
> >
> > Compile test with both CONFIG_NET_SWITCHDEV=y and CONFIG_NET_SWITCHDEV=n.
> >
> > [ Where problems could occur ]
> >
> > Any regressions caused by this tiny fix-the-fix patch should be caught
> > during compilation.
> >
> >
> > Koichiro Den (1):
> >    UBUNTU: SAUCE: net: switchdev: fix compilation error for
> >      CONFIG_NET_SWITCHDEV=n
> >
> >   include/net/switchdev.h | 7 +++++++
> >   1 file changed, 7 insertions(+)
> >
> Acked-by: Stefan Bader <stefan.bader at canonical.com>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

Acked-by: Massimiliano Pellizzer <massimiliano.pellizzer at canonical.com>

-- 
Massimiliano Pellizzer

More information about the kernel-team mailing list