diff options
author | Brenden Blanco <bblanco@plumgrid.com> | 2016-07-21 03:22:34 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2016-07-21 08:07:23 +0300 |
commit | 262d8625045e0c81b7859ecd192e9811710f19da (patch) | |
tree | 7a0d58ff3aa3c0268bb7b33e49d766745496762f /net | |
parent | cb7386d37eae20141cbc292a883e5e358cb5a929 (diff) | |
download | linux-262d8625045e0c81b7859ecd192e9811710f19da.tar.xz |
rtnl: protect do_setlink from IFLA_XDP_ATTACHED
The IFLA_XDP_ATTACHED nested attribute is meant for read-only, and while
do_setlink properly ignores it, it should be more paranoid and reject
commands that try to set it.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/core/rtnetlink.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index eba2b8260dbd..189cc78c77eb 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -2109,6 +2109,10 @@ static int do_setlink(const struct sk_buff *skb, if (err < 0) goto errout; + if (xdp[IFLA_XDP_ATTACHED]) { + err = -EINVAL; + goto errout; + } if (xdp[IFLA_XDP_FD]) { err = dev_change_xdp_fd(dev, nla_get_s32(xdp[IFLA_XDP_FD])); |