From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Ido Schimmel <idosch@nvidia.com>,
Guillaume Nault <gnault@redhat.com>,
Paolo Abeni <pabeni@redhat.com>, Sasha Levin <sashal@kernel.org>,
davem@davemloft.net, dsahern@kernel.org, edumazet@google.com,
kuba@kernel.org, netdev@vger.kernel.org
Subject: [PATCH AUTOSEL 6.6 039/139] ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family
Date: Wed, 25 Sep 2024 08:07:39 -0400 [thread overview]
Message-ID: <20240925121137.1307574-39-sashal@kernel.org> (raw)
In-Reply-To: <20240925121137.1307574-1-sashal@kernel.org>
From: Ido Schimmel <idosch@nvidia.com>
[ Upstream commit 8fed54758cd248cd311a2b5c1e180abef1866237 ]
The NETLINK_FIB_LOOKUP netlink family can be used to perform a FIB
lookup according to user provided parameters and communicate the result
back to user space.
However, unlike other users of the FIB lookup API, the upper DSCP bits
and the ECN bits of the DS field are not masked, which can result in the
wrong result being returned.
Solve this by masking the upper DSCP bits and the ECN bits using
IPTOS_RT_MASK.
The structure that communicates the request and the response is not
exported to user space, so it is unlikely that this netlink family is
actually in use [1].
[1] https://lore.kernel.org/netdev/ZpqpB8vJU%2FQ6LSqa@debian/
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
Reviewed-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/ipv4/fib_frontend.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index 390f4be7f7bec..90ce87ffed461 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -1343,7 +1343,7 @@ static void nl_fib_lookup(struct net *net, struct fib_result_nl *frn)
struct flowi4 fl4 = {
.flowi4_mark = frn->fl_mark,
.daddr = frn->fl_addr,
- .flowi4_tos = frn->fl_tos,
+ .flowi4_tos = frn->fl_tos & IPTOS_RT_MASK,
.flowi4_scope = frn->fl_scope,
};
struct fib_table *tb;
--
2.43.0
next prev parent reply other threads:[~2024-09-25 12:12 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20240925121137.1307574-1-sashal@kernel.org>
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 007/139] ice: Adjust over allocation of memory in ice_sched_add_root_node() and ice_sched_add_node() Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 010/139] wifi: cfg80211: Set correct chandef when starting CAC Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 011/139] net/xen-netback: prevent UAF in xenvif_flush_hash() Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 012/139] net: hisilicon: hip04: fix OF node leak in probe() Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 013/139] net: hisilicon: hns_dsaf_mac: fix OF node leak in hns_mac_get_info() Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 014/139] net: hisilicon: hns_mdio: fix OF node leak in probe() Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 018/139] e1000e: avoid failing the system during pm_suspend Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 020/139] net: sched: consistently use rcu_replace_pointer() in taprio_change() Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 030/139] l2tp: don't use tunnel socket sk_user_data in ppp procfs output Sasha Levin
2024-09-25 14:27 ` James Chapman
2024-10-11 13:52 ` Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 033/139] tipc: guard against string buffer overrun Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 034/139] net: mvpp2: Increase size of queue_name buffer Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 035/139] bnxt_en: Extend maximum length of version string by 1 byte Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 036/139] ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 038/139] netfilter: nf_tables: don't initialize registers in nft_do_chain() Sasha Levin
2024-09-25 12:07 ` Sasha Levin [this message]
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 040/139] net: atlantic: Avoid warning about potential string truncation Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 042/139] netpoll: Ensure clean state on setup failures Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 043/139] tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 046/139] wifi: mac80211: fix RCU list iterations Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 050/139] can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 054/139] net: tls: wait for async completion on last message Sasha Levin
2024-10-02 12:50 ` Jakub Kicinski
2024-10-06 0:31 ` Sasha Levin
2024-09-25 12:07 ` [PATCH AUTOSEL 6.6 056/139] nfp: Use IRQF_NO_AUTOEN flag in request_irq() Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240925121137.1307574-39-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=gnault@redhat.com \
--cc=idosch@nvidia.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).