Patch "net: vrf: do not allow table id 0" has been added to the 4.9-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    net: vrf: do not allow table id 0

to the 4.9-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     net-vrf-do-not-allow-table-id-0.patch
and it can be found in the queue-4.9 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From foo@baz Thu Jan 12 21:37:26 CET 2017
From: David Ahern <dsa@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 10 Jan 2017 15:22:25 -0800
Subject: net: vrf: do not allow table id 0

From: David Ahern <dsa@xxxxxxxxxxxxxxxxxxx>


[ Upstream commit 24c63bbc18e25d5d8439422aa5fd2d66390b88eb ]

Frank reported that vrf devices can be created with a table id of 0.
This breaks many of the run time table id checks and should not be
allowed. Detect this condition at create time and fail with EINVAL.

Fixes: 193125dbd8eb ("net: Introduce VRF device driver")
Reported-by: Frank Kellermann <frank.kellermann@xxxxxxxx>
Signed-off-by: David Ahern <dsa@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 drivers/net/vrf.c |    2 ++
 1 file changed, 2 insertions(+)

--- a/drivers/net/vrf.c
+++ b/drivers/net/vrf.c
@@ -1239,6 +1239,8 @@ static int vrf_newlink(struct net *src_n
 		return -EINVAL;
 
 	vrf->tb_id = nla_get_u32(data[IFLA_VRF_TABLE]);
+	if (vrf->tb_id == RT_TABLE_UNSPEC)
+		return -EINVAL;
 
 	dev->priv_flags |= IFF_L3MDEV_MASTER;
 


Patches currently in stable-queue which might be from dsa@xxxxxxxxxxxxxxxxxxx are

queue-4.9/net-vrf-drop-conntrack-data-after-pass-through-vrf-device-on-tx.patch
queue-4.9/net-ipv4-fix-multipath-selection-with-vrf.patch
queue-4.9/net-ipv4-dst-for-local-input-routes-should-use-l3mdev-if-relevant.patch
queue-4.9/net-vrf-add-missing-rx-counters.patch
queue-4.9/net-vrf-do-not-allow-table-id-0.patch
queue-4.9/net-vrf-fix-nat-within-a-vrf.patch
queue-4.9/net-fix-incorrect-original-ingress-device-index-in-pktinfo.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]