From 75425657fe3ad853b300976966d8fafa3f209b89 Mon Sep 17 00:00:00 2001 From: David Ahern Date: Wed, 22 May 2019 12:07:43 -0700 Subject: net: Set strict_start_type for routes and rules New userspace on an older kernel can send unknown and unsupported attributes resulting in an incompelete config which is almost always wrong for routing (few exceptions are passthrough settings like the protocol that installed the route). Set strict_start_type in the policies for IPv4 and IPv6 routes and rules to detect new, unsupported attributes and fail the route add. Signed-off-by: David Ahern Signed-off-by: David S. Miller --- include/net/fib_rules.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/net/fib_rules.h') diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h index b473df5b9512..eba8465e1d86 100644 --- a/include/net/fib_rules.h +++ b/include/net/fib_rules.h @@ -103,6 +103,7 @@ struct fib_rule_notifier_info { }; #define FRA_GENERIC_POLICY \ + [FRA_UNSPEC] = { .strict_start_type = FRA_DPORT_RANGE + 1 }, \ [FRA_IIFNAME] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 }, \ [FRA_OIFNAME] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 }, \ [FRA_PRIORITY] = { .type = NLA_U32 }, \ -- cgit v1.2.3-59-g8ed1b