Patch "ipv4: Fix incorrect table ID in IOCTL path" has been added to the 6.1-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    ipv4: Fix incorrect table ID in IOCTL path

to the 6.1-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ipv4-fix-incorrect-table-id-in-ioctl-path.patch
and it can be found in the queue-6.1 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit a56e1ef351c5c72583bd03b52efc7854db44f6f9
Author: Ido Schimmel <idosch@xxxxxxxxxx>
Date:   Wed Mar 15 14:40:09 2023 +0200

    ipv4: Fix incorrect table ID in IOCTL path
    
    [ Upstream commit 8a2618e14f81604a9b6ad305d57e0c8da939cd65 ]
    
    Commit f96a3d74554d ("ipv4: Fix incorrect route flushing when source
    address is deleted") started to take the table ID field in the FIB info
    structure into account when determining if two structures are identical
    or not. This field is initialized using the 'fc_table' field in the
    route configuration structure, which is not set when adding a route via
    IOCTL.
    
    The above can result in user space being able to install two identical
    routes that only differ in the table ID field of their associated FIB
    info.
    
    Fix by initializing the table ID field in the route configuration
    structure in the IOCTL path.
    
    Before the fix:
    
     # ip route add default via 192.0.2.2
     # route add default gw 192.0.2.2
     # ip -4 r show default
     # default via 192.0.2.2 dev dummy10
     # default via 192.0.2.2 dev dummy10
    
    After the fix:
    
     # ip route add default via 192.0.2.2
     # route add default gw 192.0.2.2
     SIOCADDRT: File exists
     # ip -4 r show default
     default via 192.0.2.2 dev dummy10
    
    Audited the code paths to ensure there are no other paths that do not
    properly initialize the route configuration structure when installing a
    route.
    
    Fixes: 5a56a0b3a45d ("net: Don't delete routes in different VRFs")
    Fixes: f96a3d74554d ("ipv4: Fix incorrect route flushing when source address is deleted")
    Reported-by: gaoxingwang <gaoxingwang1@xxxxxxxxxx>
    Link: https://lore.kernel.org/netdev/20230314144159.2354729-1-gaoxingwang1@xxxxxxxxxx/
    Tested-by: gaoxingwang <gaoxingwang1@xxxxxxxxxx>
    Signed-off-by: Ido Schimmel <idosch@xxxxxxxxxx>
    Reviewed-by: David Ahern <dsahern@xxxxxxxxxx>
    Link: https://lore.kernel.org/r/20230315124009.4015212-1-idosch@xxxxxxxxxx
    Signed-off-by: Jakub Kicinski <kuba@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index b5736ef16ed2d..390f4be7f7bec 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -576,6 +576,9 @@ static int rtentry_to_fib_config(struct net *net, int cmd, struct rtentry *rt,
 			cfg->fc_scope = RT_SCOPE_UNIVERSE;
 	}
 
+	if (!cfg->fc_table)
+		cfg->fc_table = RT_TABLE_MAIN;
+
 	if (cmd == SIOCDELRT)
 		return 0;
 



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux