diff options
| author |   Brenden Blanco <bblanco@plumgrid.com> | 2016-07-20 17:22:34 -0700 |
|---|---|---|
| committer |   David S. Miller <davem@davemloft.net> | 2016-07-20 22:07:23 -0700 |
| commit | 262d8625045e0c81b7859ecd192e9811710f19da (patch) | |
| tree | 7a0d58ff3aa3c0268bb7b33e49d766745496762f /net | |
| parent | net/mlx4_en: use READ_ONCE when freeing xdp_prog (diff) | |
| download | linux-dev-262d8625045e0c81b7859ecd192e9811710f19da.tar.xz linux-dev-262d8625045e0c81b7859ecd192e9811710f19da.zip | |
rtnl: protect do_setlink from IFLA_XDP_ATTACHED
The IFLA_XDP_ATTACHED nested attribute is meant for read-only, and while
do_setlink properly ignores it, it should be more paranoid and reject
commands that try to set it.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/core/rtnetlink.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index eba2b8260dbd..189cc78c77eb 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -2109,6 +2109,10 @@ static int do_setlink(const struct sk_buff *skb, if (err < 0) goto errout; + if (xdp[IFLA_XDP_ATTACHED]) { + err = -EINVAL; + goto errout; + } if (xdp[IFLA_XDP_FD]) { err = dev_change_xdp_fd(dev, nla_get_s32(xdp[IFLA_XDP_FD])); |