From: Thomas Deutschmann <whissi@xxxxxxxxxx>
Date: Sat, 10 Nov 2018 20:20:01 +0100
> Hi,
>
> all stable kernels carrying
>
>> From 8b4c3cdd9dd8290343ce959a132d3b334062c5b9 Mon Sep 17 00:00:00 2001
>> From: David Ahern <dsahern@xxxxxxxxx>
>> Date: Wed, 3 Oct 2018 15:05:36 -0700
>> Subject: [PATCH] net: sched: Add policy validation for tc attributes
>>
>> A number of TC attributes are processed without proper validation
>> (e.g., length checks). Add a tca policy for all input attributes and use
>> when invoking nlmsg_parse.
>>
>> The 2 Fixes tags below cover the latest additions. The other attributes
>> are a string (KIND), nested attribute (OPTIONS which does seem to have
>> validation in most cases), for dumps only or a flag.
>>
>> Fixes: 5bc1701881e39 ("net: sched: introduce multichain support for filters")
>> Fixes: d47a6b0e7c492 ("net: sched: introduce ingress/egress block index attributes for qdisc")
>> Signed-off-by: David Ahern <dsahern@xxxxxxxxx>
>> Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
>
> should backport
>
>> From e72bde6b66299602087c8c2350d36a525e75d06e Mon Sep 17 00:00:00 2001
>> From: David Ahern <dsahern@xxxxxxxxx>
>> Date: Wed, 24 Oct 2018 08:32:49 -0700
>> Subject: [PATCH] net: sched: Remove TCA_OPTIONS from policy
>>
>> Marco reported an error with hfsc:
>> root@Calimero:~# tc qdisc add dev eth0 root handle 1:0 hfsc default 1
>> Error: Attribute failed policy validation.
>>
>> Apparently a few implementations pass TCA_OPTIONS as a binary instead
>> of nested attribute, so drop TCA_OPTIONS from the policy.
>>
>> Fixes: 8b4c3cdd9dd8 ("net: sched: Add policy validation for tc attributes")
>> Reported-by: Marco Berizzi <pupilla@xxxxxxxxx>
>> Signed-off-by: David Ahern <dsahern@xxxxxxxxx>
>> Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
>
> See https://lkml.org/lkml/2018/10/26/80.
Indeed, -stable folks please add this latter patch on top.
Thank you.
