diff options
author | Allan Stephens <Allan.Stephens@windriver.com> | 2011-04-21 01:24:07 +0400 |
---|---|---|
committer | Paul Gortmaker <paul.gortmaker@windriver.com> | 2011-05-11 00:03:55 +0400 |
commit | 66e019a6af827a254641e83e96ee36b0f4adc5e3 (patch) | |
tree | 8a0245a404564b9bcfb01d5378c35714c99240de /net/tipc/bearer.c | |
parent | 1f3de471adf5c2a584480a6010808d7a17063897 (diff) | |
download | linux-66e019a6af827a254641e83e96ee36b0f4adc5e3.tar.xz |
tipc: Strengthen checks for neighboring node discovery
Enhances existing checks on the discovery domain associated with a TIPC
bearer. A bearer can no longer be configured to accept links from itself
only (which would be pointless), or to nodes outside its own cluster
(since multi-cluster support has now been removed from TIPC). Also, the
neighbor discovery routine now validates link setup requests against the
configured discovery domain for the bearer, rather than simply ensuring
the requesting node belongs to the node's own cluster.
Signed-off-by: Allan Stephens <Allan.Stephens@windriver.com>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Diffstat (limited to 'net/tipc/bearer.c')
-rw-r--r-- | net/tipc/bearer.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/net/tipc/bearer.c b/net/tipc/bearer.c index 411719feb803..f7c29af4ab81 100644 --- a/net/tipc/bearer.c +++ b/net/tipc/bearer.c @@ -493,8 +493,15 @@ int tipc_enable_bearer(const char *name, u32 disc_domain, u32 priority) warn("Bearer <%s> rejected, illegal name\n", name); return -EINVAL; } - if (!tipc_addr_domain_valid(disc_domain) || - !tipc_in_scope(disc_domain, tipc_own_addr)) { + if (tipc_addr_domain_valid(disc_domain) && + (disc_domain != tipc_own_addr)) { + if (tipc_in_scope(disc_domain, tipc_own_addr)) { + disc_domain = tipc_own_addr & TIPC_CLUSTER_MASK; + res = 0; /* accept any node in own cluster */ + } else if (in_own_cluster(disc_domain)) + res = 0; /* accept specified node in own cluster */ + } + if (res) { warn("Bearer <%s> rejected, illegal discovery domain\n", name); return -EINVAL; } |