summaryrefslogtreecommitdiff
path: root/net/tipc/bearer.c
diff options
context:
space:
mode:
authorAllan Stephens <Allan.Stephens@windriver.com>2011-04-21 01:24:07 +0400
committerPaul Gortmaker <paul.gortmaker@windriver.com>2011-05-11 00:03:55 +0400
commit66e019a6af827a254641e83e96ee36b0f4adc5e3 (patch)
tree8a0245a404564b9bcfb01d5378c35714c99240de /net/tipc/bearer.c
parent1f3de471adf5c2a584480a6010808d7a17063897 (diff)
downloadlinux-66e019a6af827a254641e83e96ee36b0f4adc5e3.tar.xz
tipc: Strengthen checks for neighboring node discovery
Enhances existing checks on the discovery domain associated with a TIPC bearer. A bearer can no longer be configured to accept links from itself only (which would be pointless), or to nodes outside its own cluster (since multi-cluster support has now been removed from TIPC). Also, the neighbor discovery routine now validates link setup requests against the configured discovery domain for the bearer, rather than simply ensuring the requesting node belongs to the node's own cluster. Signed-off-by: Allan Stephens <Allan.Stephens@windriver.com> Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Diffstat (limited to 'net/tipc/bearer.c')
-rw-r--r--net/tipc/bearer.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/net/tipc/bearer.c b/net/tipc/bearer.c
index 411719feb803..f7c29af4ab81 100644
--- a/net/tipc/bearer.c
+++ b/net/tipc/bearer.c
@@ -493,8 +493,15 @@ int tipc_enable_bearer(const char *name, u32 disc_domain, u32 priority)
warn("Bearer <%s> rejected, illegal name\n", name);
return -EINVAL;
}
- if (!tipc_addr_domain_valid(disc_domain) ||
- !tipc_in_scope(disc_domain, tipc_own_addr)) {
+ if (tipc_addr_domain_valid(disc_domain) &&
+ (disc_domain != tipc_own_addr)) {
+ if (tipc_in_scope(disc_domain, tipc_own_addr)) {
+ disc_domain = tipc_own_addr & TIPC_CLUSTER_MASK;
+ res = 0; /* accept any node in own cluster */
+ } else if (in_own_cluster(disc_domain))
+ res = 0; /* accept specified node in own cluster */
+ }
+ if (res) {
warn("Bearer <%s> rejected, illegal discovery domain\n", name);
return -EINVAL;
}