From: Stephen Hemminger <stephen@networkplumber.org>
To: Serhey Popovych <serhe.popovych@gmail.com>
Cc: netdev@vger.kernel.org
Subject: Re: [PATCH 1/3] dev: Prevent creating network devices with negative ifindex
Date: Fri, 16 Jun 2017 09:18:06 -0700 [thread overview]
Message-ID: <20170616091806.2dd229e2@xeon-e3> (raw)
In-Reply-To: <d365b6f06598d041a177b91b15929285c2649935.1497621810.git.serhe.popovych@gmail.com>
On Fri, 16 Jun 2017 17:23:51 +0300
Serhey Popovych <serhe.popovych@gmail.com> wrote:
> Interface index is signed integer, we can pass ifm->ifi_index
> from userspace via netlink and create network device with
> negative ifindex value.
>
> Fixes: 9c7dafbfab15 ("net: Allow to create links with given ifindex")
> Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com>
> ---
> net/core/dev.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/core/dev.c b/net/core/dev.c
> index 8658074..dae8010 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -7491,7 +7491,7 @@ int register_netdevice(struct net_device *dev)
> }
>
> ret = -EBUSY;
> - if (!dev->ifindex)
> + if (dev->ifindex <= 0)
> dev->ifindex = dev_new_index(net);
> else if (__dev_get_by_index(net, dev->ifindex))
> goto err_uninit;
You should fix this by adding error check in the netlink portion
that allows creating devices with given ifindex. Passing < 0
should be an error.
next prev parent reply other threads:[~2017-06-16 16:18 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-16 14:23 [PATCH 0/3] dev: Fix network device ifindex allocation Serhey Popovych
2017-06-16 14:23 ` [PATCH 1/3] dev: Prevent creating network devices with negative ifindex Serhey Popovych
2017-06-16 16:18 ` Stephen Hemminger [this message]
2017-06-16 16:44 ` Serhey Popovych
2017-06-16 17:25 ` Stephen Hemminger
2017-06-16 18:14 ` Serhey Popovych
2017-06-16 14:23 ` [PATCH 2/3] dev: Avoid infinite loop on network device index exhaustion Serhey Popovych
2017-06-16 16:16 ` Stephen Hemminger
2017-06-16 16:32 ` Serhey Popovych
2017-06-16 16:39 ` dev: Reclaim network device indexes Serhey Popovych
2017-06-20 16:42 ` David Miller
2017-06-16 14:23 ` [PATCH 3/3] veth: Set ifindex only if given and not negative Serhey Popovych
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170616091806.2dd229e2@xeon-e3 \
--to=stephen@networkplumber.org \
--cc=netdev@vger.kernel.org \
--cc=serhe.popovych@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.