APPLIED[jammy:linux-kvm/Cmnt]: [SRU][J][PATCH 0/1] build failure when CONFIG_NET_SWITCHDEV=n (CVE-2024-26837 follow-up)

Stefan Bader stefan.bader at canonical.com
Thu Mar 27 15:50:53 UTC 2025 

On 27.03.25 14:56, Koichiro Den wrote:
> BugLink: https://bugs.launchpad.net/bugs/2104380
> 
> [ Impact ]
> 
> Since jammy:linux commit 0158242f01a0 ("net: bridge: switchdev: Skip MDB
> replays of deferred events on offload"), the kernel build fails when
> CONFIG_NET_SWITCHDEV=n, as observed in e.g. jammy:linux-kvm. The error is
> as follows:
> 
> /build/jammy/net/bridge/br_mdb.c: In function 'br_mdb_queue_one':
> /build/jammy/net/bridge/br_mdb.c:640:13: error: implicit declaration of function
> 'switchdev_port_obj_act_is_deferred'; did you mean 'switchdev_port_obj_add'? \
>    [-Werror=implicit- function-declaration]
>    640 |             switchdev_port_obj_act_is_deferred(dev, action, &mdb.obj)) {
>        |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>        |             switchdev_port_obj_add
> 
> [ Fix ]
> 
> Add a dummy implementation of switchdev_port_obj_act_is_deferred() for the
> CONFIG_NET_SWITCHDEV=n case. This approach was chosen because it is less
> risky and also requires minimal changes compared to the alternatives:
> 
> * Backport 9776457c784f ("net: bridge: mdb: move all switchdev logic to
>    br_switchdev.c"), which would involve resolving significant conflicts, or
> * Revert the CVE fix, cherry-pick nearly all prerequisite patches from [1]
>    and [2], and then reapply the CVE fix.
> 
> Note that register_switchdev_blocking_notifier() does nothing when
> CONFIG_NET_SWITCHDEV=n. Therefore, nbp_switchdev_(un)sync_objs (the sole
> caller of br_mdb_replay()) does not run in the first place.
> 
> [1] https://lore.kernel.org/all/20211026142743.1298877-1-vladimir.oltean@nxp.com/
> [2] https://lore.kernel.org/all/20211027162119.2496321-1-vladimir.oltean@nxp.com/
> 
> [ Test Plan ]
> 
> Compile test with both CONFIG_NET_SWITCHDEV=y and CONFIG_NET_SWITCHDEV=n.
> 
> [ Where problems could occur ]
> 
> Any regressions caused by this tiny fix-the-fix patch should be caught
> during compilation.
> 
> 
> Koichiro Den (1):
>    UBUNTU: SAUCE: net: switchdev: fix compilation error for
>      CONFIG_NET_SWITCHDEV=n
> 
>   include/net/switchdev.h | 7 +++++++
>   1 file changed, 7 insertions(+)
> 
Applied to jammy:linux-kvm preparing for 2025.03.17 cycle. Thanks.

-Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 47863 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250327/2ebe903e/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250327/2ebe903e/attachment-0001.sig>

More information about the kernel-team mailing list