Fix potential L2 forwarding crash with stale L2FIB entry (VPP-516)

On moving interface between L2 and L3 forwarding modes, adjust the
l2-output node next index for the sw_if_index of the interface so
packet output via stale MAC entries in L2 FIB will be dropped.

Change-Id: I25afd7a617edb4ae35ce296bac33e62683edad9a
Signed-off-by: John Lo <loj@cisco.com>

1 files changed, 14 insertions, 7 deletions

diff --git a/vnet/vnet/l2/l2_input.c b/vnet/vnet/l2/l2_input.c
index 171ba7344f1..9515250decf 100644
--- a/vnet/vnet/l2/l2_input.c
+++ b/vnet/vnet/l2/l2_input.c
@@ -606,22 +606,29 @@ set_int_l2_mode (vlib_main_t * vm, vnet_main_t * vnet_main, u32 mode, u32 sw_if_
       l2_if_adjust--;
     }
 
+  /*
+   * Directs the l2 output path to work out the interface
+   * output next-arc itself. Needed when recycling a sw_if_index.
+   */
+  vec_validate_init_empty (l2om->next_nodes.output_node_index_vec,
+			   sw_if_index, ~0);
+  l2om->next_nodes.output_node_index_vec[sw_if_index] = ~0;
+
   /* Initialize the l2-input configuration for the interface */
   if (mode == MODE_L3)
     {
+      /* Set L2 config to BD index 0 so that if any packet accidentally
+       * came in on L2 path, it will be dropped in BD 0 */
       config->xconnect = 0;
       config->bridge = 0;
       config->shg = 0;
       config->bd_index = 0;
       config->feature_bitmap = L2INPUT_FEAT_DROP;
-      /*
-       * Directs the l2 output path to work out the interface
-       * output next-arc itself. Needed when recycling a sw_if_index.
-       */
-      vec_validate_init_empty (l2om->next_nodes.output_node_index_vec,
-			       sw_if_index, ~0);
-      l2om->next_nodes.output_node_index_vec[sw_if_index] = ~0;
 
+      /* Make sure any L2-output packet to this interface now in L3 mode is
+       * dropped. This may happen if L2 FIB MAC entry is stale */
+      l2om->next_nodes.output_node_index_vec[sw_if_index] =
+	L2OUTPUT_NEXT_BAD_INTF;
     }
   else if (mode == MODE_L2_CLASSIFY)
     {