From: Patrick McHardy <kaber@trash.net>
To: Thomas Graf <tgraf@suug.ch>
Cc: Linux Netdev List <netdev@vger.kernel.org>,
"David S. Miller" <davem@davemloft.net>,
lartc@mailman.ds9a.nl
Subject: Re: [LARTC] [BUG?] ip ru flush && RTNETLINK answers: Numerical result
Date: Tue, 20 Mar 2007 06:42:49 +0000 [thread overview]
Message-ID: <45FF8269.3000606@trash.net> (raw)
In-Reply-To: <45FF7D07.4040103@trash.net>
[-- Attachment #1: Type: text/plain, Size: 153 bytes --]
Patrick McHardy wrote:
> [NET]: Fix fib_rules compatibility breakage
I forgot to remove FRA_SRC/FRA_DST from fib6_rule_policy.
Updated patch attached.
[-- Attachment #2: x --]
[-- Type: text/plain, Size: 4282 bytes --]
[NET]: Fix fib_rules compatibility breakage
The fib_rules netlink attribute policy introduced in 2.6.19 broke
userspace compatibilty. When specifying a rule with "from all"
or "to all", iproute adds a zero byte long netlink attribute,
but the policy requires all addresses to have a size equal to
sizeof(struct in_addr)/sizeof(struct in6_addr), resulting in a
validation error.
Fix by only looking at the FRA_SRC/FRA_DST attributes if src_len
or dst_len is larger than zero.
DECnet is unaffected since iproute doesn't support specifying
addresses as "all".
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit 676307508e675dcf434f4f18e619b195f2f503ad
tree aa87342144b3b19ebddb5011380c3ac96c38dbbc
parent db98e0b434a6265c451ffe94ec0a29b8d0aaf587
author Patrick McHardy <kaber@trash.net> Tue, 20 Mar 2007 07:08:38 +0100
committer Patrick McHardy <kaber@trash.net> Tue, 20 Mar 2007 07:42:19 +0100
net/ipv4/fib_rules.c | 18 ++++++++++++------
net/ipv6/fib6_rules.c | 18 ++++++++++++------
2 files changed, 24 insertions(+), 12 deletions(-)
diff --git a/net/ipv4/fib_rules.c b/net/ipv4/fib_rules.c
index b837c33..9524b2e 100644
--- a/net/ipv4/fib_rules.c
+++ b/net/ipv4/fib_rules.c
@@ -171,8 +171,6 @@ static struct fib_table *fib_empty_table
static struct nla_policy fib4_rule_policy[FRA_MAX+1] __read_mostly = {
FRA_GENERIC_POLICY,
- [FRA_SRC] = { .type = NLA_U32 },
- [FRA_DST] = { .type = NLA_U32 },
[FRA_FLOW] = { .type = NLA_U32 },
};
@@ -187,6 +185,12 @@ static int fib4_rule_configure(struct fi
(frh->tos & ~IPTOS_TOS_MASK))
goto errout;
+ if (frh->src_len && tb[FRA_SRC] && nla_len(tb[FRA_SRC]) != sizeof(u32))
+ goto errout;
+
+ if (frh->dst_len && tb[FRA_DST] && nla_len(tb[FRA_DST]) != sizeof(u32))
+ goto errout;
+
if (rule->table == RT_TABLE_UNSPEC) {
if (rule->action == FR_ACT_TO_TBL) {
struct fib_table *table;
@@ -201,10 +205,10 @@ static int fib4_rule_configure(struct fi
}
}
- if (tb[FRA_SRC])
+ if (frh->src_len && tb[FRA_SRC])
rule4->src = nla_get_be32(tb[FRA_SRC]);
- if (tb[FRA_DST])
+ if (frh->dst_len && tb[FRA_DST])
rule4->dst = nla_get_be32(tb[FRA_DST]);
#ifdef CONFIG_NET_CLS_ROUTE
@@ -242,10 +246,12 @@ #ifdef CONFIG_NET_CLS_ROUTE
return 0;
#endif
- if (tb[FRA_SRC] && (rule4->src != nla_get_be32(tb[FRA_SRC])))
+ if (frh->src_len && tb[FRA_SRC] &&
+ (rule4->src != nla_get_be32(tb[FRA_SRC])))
return 0;
- if (tb[FRA_DST] && (rule4->dst != nla_get_be32(tb[FRA_DST])))
+ if (frh->dst_len && tb[FRA_DST] &&
+ (rule4->dst != nla_get_be32(tb[FRA_DST])))
return 0;
return 1;
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c
index 0862809..6331306 100644
--- a/net/ipv6/fib6_rules.c
+++ b/net/ipv6/fib6_rules.c
@@ -131,8 +131,6 @@ static int fib6_rule_match(struct fib_ru
static struct nla_policy fib6_rule_policy[FRA_MAX+1] __read_mostly = {
FRA_GENERIC_POLICY,
- [FRA_SRC] = { .len = sizeof(struct in6_addr) },
- [FRA_DST] = { .len = sizeof(struct in6_addr) },
};
static int fib6_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
@@ -145,6 +143,14 @@ static int fib6_rule_configure(struct fi
if (frh->src_len > 128 || frh->dst_len > 128)
goto errout;
+ if (frh->src_len && tb[FRA_SRC] &&
+ nla_len(tb[FRA_SRC]) != sizeof(struct in6_addr))
+ goto errout;
+
+ if (frh->dst_len && tb[FRA_DST] &&
+ nla_len(tb[FRA_DST]) != sizeof(struct in6_addr))
+ goto errout;
+
if (rule->action == FR_ACT_TO_TBL) {
if (rule->table == RT6_TABLE_UNSPEC)
goto errout;
@@ -155,11 +161,11 @@ static int fib6_rule_configure(struct fi
}
}
- if (tb[FRA_SRC])
+ if (frh->src_len && tb[FRA_SRC])
nla_memcpy(&rule6->src.addr, tb[FRA_SRC],
sizeof(struct in6_addr));
- if (tb[FRA_DST])
+ if (frh->dst_len && tb[FRA_DST])
nla_memcpy(&rule6->dst.addr, tb[FRA_DST],
sizeof(struct in6_addr));
@@ -186,11 +192,11 @@ static int fib6_rule_compare(struct fib_
if (frh->tos && (rule6->tclass != frh->tos))
return 0;
- if (tb[FRA_SRC] &&
+ if (frh->src_len && tb[FRA_SRC] &&
nla_memcmp(tb[FRA_SRC], &rule6->src.addr, sizeof(struct in6_addr)))
return 0;
- if (tb[FRA_DST] &&
+ if (frh->dst_len && tb[FRA_DST] &&
nla_memcmp(tb[FRA_DST], &rule6->dst.addr, sizeof(struct in6_addr)))
return 0;
[-- Attachment #3: Type: text/plain, Size: 143 bytes --]
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
WARNING: multiple messages have this Message-ID (diff)
From: Patrick McHardy <kaber@trash.net>
To: Thomas Graf <tgraf@suug.ch>
Cc: Linux Netdev List <netdev@vger.kernel.org>,
"David S. Miller" <davem@davemloft.net>,
lartc@mailman.ds9a.nl
Subject: Re: [LARTC] [BUG?] ip ru flush && RTNETLINK answers: Numerical result out of range
Date: Tue, 20 Mar 2007 07:42:49 +0100 [thread overview]
Message-ID: <45FF8269.3000606@trash.net> (raw)
In-Reply-To: <45FF7D07.4040103@trash.net>
[-- Attachment #1: Type: text/plain, Size: 153 bytes --]
Patrick McHardy wrote:
> [NET]: Fix fib_rules compatibility breakage
I forgot to remove FRA_SRC/FRA_DST from fib6_rule_policy.
Updated patch attached.
[-- Attachment #2: x --]
[-- Type: text/plain, Size: 4282 bytes --]
[NET]: Fix fib_rules compatibility breakage
The fib_rules netlink attribute policy introduced in 2.6.19 broke
userspace compatibilty. When specifying a rule with "from all"
or "to all", iproute adds a zero byte long netlink attribute,
but the policy requires all addresses to have a size equal to
sizeof(struct in_addr)/sizeof(struct in6_addr), resulting in a
validation error.
Fix by only looking at the FRA_SRC/FRA_DST attributes if src_len
or dst_len is larger than zero.
DECnet is unaffected since iproute doesn't support specifying
addresses as "all".
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit 676307508e675dcf434f4f18e619b195f2f503ad
tree aa87342144b3b19ebddb5011380c3ac96c38dbbc
parent db98e0b434a6265c451ffe94ec0a29b8d0aaf587
author Patrick McHardy <kaber@trash.net> Tue, 20 Mar 2007 07:08:38 +0100
committer Patrick McHardy <kaber@trash.net> Tue, 20 Mar 2007 07:42:19 +0100
net/ipv4/fib_rules.c | 18 ++++++++++++------
net/ipv6/fib6_rules.c | 18 ++++++++++++------
2 files changed, 24 insertions(+), 12 deletions(-)
diff --git a/net/ipv4/fib_rules.c b/net/ipv4/fib_rules.c
index b837c33..9524b2e 100644
--- a/net/ipv4/fib_rules.c
+++ b/net/ipv4/fib_rules.c
@@ -171,8 +171,6 @@ static struct fib_table *fib_empty_table
static struct nla_policy fib4_rule_policy[FRA_MAX+1] __read_mostly = {
FRA_GENERIC_POLICY,
- [FRA_SRC] = { .type = NLA_U32 },
- [FRA_DST] = { .type = NLA_U32 },
[FRA_FLOW] = { .type = NLA_U32 },
};
@@ -187,6 +185,12 @@ static int fib4_rule_configure(struct fi
(frh->tos & ~IPTOS_TOS_MASK))
goto errout;
+ if (frh->src_len && tb[FRA_SRC] && nla_len(tb[FRA_SRC]) != sizeof(u32))
+ goto errout;
+
+ if (frh->dst_len && tb[FRA_DST] && nla_len(tb[FRA_DST]) != sizeof(u32))
+ goto errout;
+
if (rule->table == RT_TABLE_UNSPEC) {
if (rule->action == FR_ACT_TO_TBL) {
struct fib_table *table;
@@ -201,10 +205,10 @@ static int fib4_rule_configure(struct fi
}
}
- if (tb[FRA_SRC])
+ if (frh->src_len && tb[FRA_SRC])
rule4->src = nla_get_be32(tb[FRA_SRC]);
- if (tb[FRA_DST])
+ if (frh->dst_len && tb[FRA_DST])
rule4->dst = nla_get_be32(tb[FRA_DST]);
#ifdef CONFIG_NET_CLS_ROUTE
@@ -242,10 +246,12 @@ #ifdef CONFIG_NET_CLS_ROUTE
return 0;
#endif
- if (tb[FRA_SRC] && (rule4->src != nla_get_be32(tb[FRA_SRC])))
+ if (frh->src_len && tb[FRA_SRC] &&
+ (rule4->src != nla_get_be32(tb[FRA_SRC])))
return 0;
- if (tb[FRA_DST] && (rule4->dst != nla_get_be32(tb[FRA_DST])))
+ if (frh->dst_len && tb[FRA_DST] &&
+ (rule4->dst != nla_get_be32(tb[FRA_DST])))
return 0;
return 1;
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c
index 0862809..6331306 100644
--- a/net/ipv6/fib6_rules.c
+++ b/net/ipv6/fib6_rules.c
@@ -131,8 +131,6 @@ static int fib6_rule_match(struct fib_ru
static struct nla_policy fib6_rule_policy[FRA_MAX+1] __read_mostly = {
FRA_GENERIC_POLICY,
- [FRA_SRC] = { .len = sizeof(struct in6_addr) },
- [FRA_DST] = { .len = sizeof(struct in6_addr) },
};
static int fib6_rule_configure(struct fib_rule *rule, struct sk_buff *skb,
@@ -145,6 +143,14 @@ static int fib6_rule_configure(struct fi
if (frh->src_len > 128 || frh->dst_len > 128)
goto errout;
+ if (frh->src_len && tb[FRA_SRC] &&
+ nla_len(tb[FRA_SRC]) != sizeof(struct in6_addr))
+ goto errout;
+
+ if (frh->dst_len && tb[FRA_DST] &&
+ nla_len(tb[FRA_DST]) != sizeof(struct in6_addr))
+ goto errout;
+
if (rule->action == FR_ACT_TO_TBL) {
if (rule->table == RT6_TABLE_UNSPEC)
goto errout;
@@ -155,11 +161,11 @@ static int fib6_rule_configure(struct fi
}
}
- if (tb[FRA_SRC])
+ if (frh->src_len && tb[FRA_SRC])
nla_memcpy(&rule6->src.addr, tb[FRA_SRC],
sizeof(struct in6_addr));
- if (tb[FRA_DST])
+ if (frh->dst_len && tb[FRA_DST])
nla_memcpy(&rule6->dst.addr, tb[FRA_DST],
sizeof(struct in6_addr));
@@ -186,11 +192,11 @@ static int fib6_rule_compare(struct fib_
if (frh->tos && (rule6->tclass != frh->tos))
return 0;
- if (tb[FRA_SRC] &&
+ if (frh->src_len && tb[FRA_SRC] &&
nla_memcmp(tb[FRA_SRC], &rule6->src.addr, sizeof(struct in6_addr)))
return 0;
- if (tb[FRA_DST] &&
+ if (frh->dst_len && tb[FRA_DST] &&
nla_memcmp(tb[FRA_DST], &rule6->dst.addr, sizeof(struct in6_addr)))
return 0;
next prev parent reply other threads:[~2007-03-20 6:42 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-03-19 3:46 [LARTC] [BUG?] ip ru flush && RTNETLINK answers: Numerical result Luciano Ruete
2007-03-19 5:54 ` Patrick McHardy
2007-03-19 5:54 ` [LARTC] [BUG?] ip ru flush && RTNETLINK answers: Numerical result out of range Patrick McHardy
2007-03-19 15:25 ` [LARTC] [BUG?] ip ru flush && RTNETLINK answers: Numerical result Thomas Graf
2007-03-19 15:25 ` [LARTC] [BUG?] ip ru flush && RTNETLINK answers: Numerical result out of range Thomas Graf
2007-03-20 6:19 ` [LARTC] [BUG?] ip ru flush && RTNETLINK answers: Numerical result Patrick McHardy
2007-03-20 6:19 ` [BUG?] ip ru flush && RTNETLINK answers: Numerical result out of range Patrick McHardy
2007-03-20 6:42 ` Patrick McHardy [this message]
2007-03-20 6:42 ` [LARTC] " Patrick McHardy
2007-03-20 16:40 ` [LARTC] [NET]: Fix fib_rules compatibility breakage Thomas Graf
2007-03-20 16:40 ` Thomas Graf
2007-03-20 16:59 ` [LARTC] " Patrick McHardy
2007-03-20 16:59 ` Patrick McHardy
2007-03-20 18:15 ` [LARTC] " Thomas Graf
2007-03-20 18:15 ` Thomas Graf
2007-03-20 19:58 ` [LARTC] " Patrick McHardy
2007-03-20 19:58 ` Patrick McHardy
2007-03-24 19:48 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45FF8269.3000606@trash.net \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=lartc@mailman.ds9a.nl \
--cc=netdev@vger.kernel.org \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.