fib, fib6: reject invalid feature bits
Feature bits that are invalid should not be accepted by the kernel, only the lower 4 bits may be configured, but not the remaining ones. Even from these 4, 2 of them are unused. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
1bb14807bc
commit
b8d3e4163a
|
@ -418,10 +418,13 @@ enum {
|
|||
|
||||
#define RTAX_MAX (__RTAX_MAX - 1)
|
||||
|
||||
#define RTAX_FEATURE_ECN 0x00000001
|
||||
#define RTAX_FEATURE_SACK 0x00000002
|
||||
#define RTAX_FEATURE_TIMESTAMP 0x00000004
|
||||
#define RTAX_FEATURE_ALLFRAG 0x00000008
|
||||
#define RTAX_FEATURE_ECN (1 << 0)
|
||||
#define RTAX_FEATURE_SACK (1 << 1)
|
||||
#define RTAX_FEATURE_TIMESTAMP (1 << 2)
|
||||
#define RTAX_FEATURE_ALLFRAG (1 << 3)
|
||||
|
||||
#define RTAX_FEATURE_MASK (RTAX_FEATURE_ECN | RTAX_FEATURE_SACK | \
|
||||
RTAX_FEATURE_TIMESTAMP | RTAX_FEATURE_ALLFRAG)
|
||||
|
||||
struct rta_session {
|
||||
__u8 proto;
|
||||
|
|
|
@ -908,6 +908,8 @@ fib_convert_metrics(struct fib_info *fi, const struct fib_config *cfg)
|
|||
val = 65535 - 40;
|
||||
if (type == RTAX_MTU && val > 65535 - 15)
|
||||
val = 65535 - 15;
|
||||
if (type == RTAX_FEATURES && (val & ~RTAX_FEATURE_MASK))
|
||||
return -EINVAL;
|
||||
fi->fib_metrics[type - 1] = val;
|
||||
}
|
||||
|
||||
|
|
|
@ -1728,6 +1728,8 @@ static int ip6_convert_metrics(struct mx6_config *mxc,
|
|||
} else {
|
||||
val = nla_get_u32(nla);
|
||||
}
|
||||
if (type == RTAX_FEATURES && (val & ~RTAX_FEATURE_MASK))
|
||||
goto err;
|
||||
|
||||
mp[type - 1] = val;
|
||||
__set_bit(type - 1, mxc->mx_valid);
|
||||
|
|
Loading…
Reference in New Issue