diff options
author | Davide Caratti <dcaratti@redhat.com> | 2018-10-21 00:33:07 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2018-10-23 05:40:55 +0300 |
commit | 9469f375ab0900075bd3f1f58083c19b0224d978 (patch) | |
tree | da98fc3fad1ea83d51bf884ba2e8b2d9c50e4dbc | |
parent | 92c9d5627a79b02299dd13e3e0ec695475726cf8 (diff) | |
download | linux-9469f375ab0900075bd3f1f58083c19b0224d978.tar.xz |
net/sched: act_gact: disallow 'goto chain' on fallback control action
in the following command:
# tc action add action <c1> random <rand_type> <c2> <rand_param>
'goto chain x' is allowed only for c1: setting it for c2 makes the kernel
crash with NULL pointer dereference, since TC core doesn't initialize the
chain handle.
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/sched/act_gact.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/net/sched/act_gact.c b/net/sched/act_gact.c index c89a7fa43d1b..b61c20ebb314 100644 --- a/net/sched/act_gact.c +++ b/net/sched/act_gact.c @@ -88,6 +88,11 @@ static int tcf_gact_init(struct net *net, struct nlattr *nla, p_parm = nla_data(tb[TCA_GACT_PROB]); if (p_parm->ptype >= MAX_RAND) return -EINVAL; + if (TC_ACT_EXT_CMP(p_parm->paction, TC_ACT_GOTO_CHAIN)) { + NL_SET_ERR_MSG(extack, + "goto chain not allowed on fallback"); + return -EINVAL; + } } #endif |