[master] LPF now only uses 12-bit value from VLAN TCI for VID

    Merges in rt40591.

2 files changed, 10 insertions, 3 deletions

diff --git a/RELNOTES b/RELNOTES
index f34c82d1..39c4666d 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -54,6 +54,13 @@ by Eric Young (eay@cryptsoft.com).
 
 			Changes since 4.3.3
 
+- The linux packet fitler code now correctly treats only least significant
+  12 bits an inbound packet's TCI value as the VLAN id (per IEEE 802.1Q).
+  Prior to this it was using the entire 16 bit value as the VLAN id and
+  incorrectly discarding packets.  Thanks to Jiri Popelka at Red Hat for
+  reporting this issue and supplying its patch.
+  [ISC-Bugs #40591]
+
 - Corrected a static analyzer warning in common/execute.c
   [ISC-Bugs #40374]
 
diff --git a/common/lpf.c b/common/lpf.c
index 7889b6bb..ee3820b6 100644
--- a/common/lpf.c
+++ b/common/lpf.c
@@ -422,10 +422,10 @@ ssize_t receive_packet (interface, buf, len, from, hfrom)
 		if (cmsg->cmsg_level == SOL_PACKET &&
 		    cmsg->cmsg_type == PACKET_AUXDATA) {
 			struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg);
-			/* Discard packets with stripped vlan id */
-
 #ifdef VLAN_TCI_PRESENT
-			if (aux->tp_vlan_tci != 0)
+			/* Discard packets with stripped vlan id */
+			/* VLAN ID is only bottom 12-bits of TCI */
+			if (aux->tp_vlan_tci & 0x0fff)
 				return 0;
 #endif