* [PATCH 0/2] ip_tunnel fixes
@ 2014-12-16 20:05 Thomas Graf
2014-12-16 20:05 ` [PATCH 1/2] ip_tunnel: Add sanity checks to ip_tunnel_encap_add_ops() Thomas Graf
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Thomas Graf @ 2014-12-16 20:05 UTC (permalink / raw)
To: davem; +Cc: netdev, therbert
Thomas Graf (2):
ip_tunnel: Add sanity checks to ip_tunnel_encap_add_ops()
ip_tunnel: Add missing validation of encap type to
ip_tunnel_encap_setup()
net/ipv4/ip_tunnel.c | 9 +++++++++
1 file changed, 9 insertions(+)
--
1.9.3
^ permalink raw reply [flat|nested] 6+ messages in thread* [PATCH 1/2] ip_tunnel: Add sanity checks to ip_tunnel_encap_add_ops() 2014-12-16 20:05 [PATCH 0/2] ip_tunnel fixes Thomas Graf @ 2014-12-16 20:05 ` Thomas Graf 2014-12-16 20:05 ` [PATCH 2/2] ip_tunnel: Add missing validation of encap type to ip_tunnel_encap_setup() Thomas Graf 2014-12-16 20:22 ` [PATCH 0/2] ip_tunnel fixes David Miller 2 siblings, 0 replies; 6+ messages in thread From: Thomas Graf @ 2014-12-16 20:05 UTC (permalink / raw) To: davem; +Cc: netdev, therbert The symbols are exported and could be used by external modules. Fixes: a8c5f9 ("ip_tunnel: Ops registration for secondary encap (fou, gue)") Signed-off-by: Thomas Graf <tgraf@suug•ch> --- net/ipv4/ip_tunnel.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c index 63e745a..2f498f8 100644 --- a/net/ipv4/ip_tunnel.c +++ b/net/ipv4/ip_tunnel.c @@ -514,6 +514,9 @@ const struct ip_tunnel_encap_ops __rcu * int ip_tunnel_encap_add_ops(const struct ip_tunnel_encap_ops *ops, unsigned int num) { + if (num >= MAX_IPTUN_ENCAP_OPS) + return -ERANGE; + return !cmpxchg((const struct ip_tunnel_encap_ops **) &iptun_encaps[num], NULL, ops) ? 0 : -1; @@ -525,6 +528,9 @@ int ip_tunnel_encap_del_ops(const struct ip_tunnel_encap_ops *ops, { int ret; + if (num >= MAX_IPTUN_ENCAP_OPS) + return -ERANGE; + ret = (cmpxchg((const struct ip_tunnel_encap_ops **) &iptun_encaps[num], ops, NULL) == ops) ? 0 : -1; -- 1.9.3 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/2] ip_tunnel: Add missing validation of encap type to ip_tunnel_encap_setup() 2014-12-16 20:05 [PATCH 0/2] ip_tunnel fixes Thomas Graf 2014-12-16 20:05 ` [PATCH 1/2] ip_tunnel: Add sanity checks to ip_tunnel_encap_add_ops() Thomas Graf @ 2014-12-16 20:05 ` Thomas Graf 2014-12-16 20:23 ` Tom Herbert 2014-12-16 20:22 ` [PATCH 0/2] ip_tunnel fixes David Miller 2 siblings, 1 reply; 6+ messages in thread From: Thomas Graf @ 2014-12-16 20:05 UTC (permalink / raw) To: davem; +Cc: netdev, therbert The encap->type comes straight from Netlink. Validate it against max supported encap types just like ip_encap_hlen() already does. Fixes: a8c5f9 ("ip_tunnel: Ops registration for secondary encap (fou, gue)") Signed-off-by: Thomas Graf <tgraf@suug•ch> --- net/ipv4/ip_tunnel.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c index 2f498f8..d3e4479 100644 --- a/net/ipv4/ip_tunnel.c +++ b/net/ipv4/ip_tunnel.c @@ -573,6 +573,9 @@ int ip_tunnel_encap(struct sk_buff *skb, struct ip_tunnel *t, if (t->encap.type == TUNNEL_ENCAP_NONE) return 0; + if (t->encap.type >= MAX_IPTUN_ENCAP_OPS) + return -EINVAL; + rcu_read_lock(); ops = rcu_dereference(iptun_encaps[t->encap.type]); if (likely(ops && ops->build_header)) -- 1.9.3 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 2/2] ip_tunnel: Add missing validation of encap type to ip_tunnel_encap_setup() 2014-12-16 20:05 ` [PATCH 2/2] ip_tunnel: Add missing validation of encap type to ip_tunnel_encap_setup() Thomas Graf @ 2014-12-16 20:23 ` Tom Herbert 2014-12-16 20:50 ` Thomas Graf 0 siblings, 1 reply; 6+ messages in thread From: Tom Herbert @ 2014-12-16 20:23 UTC (permalink / raw) To: Thomas Graf; +Cc: David Miller, Linux Netdev List On Tue, Dec 16, 2014 at 12:05 PM, Thomas Graf <tgraf@suug•ch> wrote: > The encap->type comes straight from Netlink. Validate it against > max supported encap types just like ip_encap_hlen() already does. > > Fixes: a8c5f9 ("ip_tunnel: Ops registration for secondary encap (fou, gue)") > Signed-off-by: Thomas Graf <tgraf@suug•ch> > --- > net/ipv4/ip_tunnel.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c > index 2f498f8..d3e4479 100644 > --- a/net/ipv4/ip_tunnel.c > +++ b/net/ipv4/ip_tunnel.c > @@ -573,6 +573,9 @@ int ip_tunnel_encap(struct sk_buff *skb, struct ip_tunnel *t, > if (t->encap.type == TUNNEL_ENCAP_NONE) > return 0; > > + if (t->encap.type >= MAX_IPTUN_ENCAP_OPS) > + return -EINVAL; > + I don't think this is technically needed, we should have already verified the type when setting up the tunnel (ip_encap_hlen). > rcu_read_lock(); > ops = rcu_dereference(iptun_encaps[t->encap.type]); > if (likely(ops && ops->build_header)) > -- > 1.9.3 > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 2/2] ip_tunnel: Add missing validation of encap type to ip_tunnel_encap_setup() 2014-12-16 20:23 ` Tom Herbert @ 2014-12-16 20:50 ` Thomas Graf 0 siblings, 0 replies; 6+ messages in thread From: Thomas Graf @ 2014-12-16 20:50 UTC (permalink / raw) To: Tom Herbert; +Cc: David Miller, Linux Netdev List On 12/16/14 at 12:23pm, Tom Herbert wrote: > On Tue, Dec 16, 2014 at 12:05 PM, Thomas Graf <tgraf@suug•ch> wrote: > > The encap->type comes straight from Netlink. Validate it against > > max supported encap types just like ip_encap_hlen() already does. > > > > Fixes: a8c5f9 ("ip_tunnel: Ops registration for secondary encap (fou, gue)") > > Signed-off-by: Thomas Graf <tgraf@suug•ch> > > --- > > net/ipv4/ip_tunnel.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c > > index 2f498f8..d3e4479 100644 > > --- a/net/ipv4/ip_tunnel.c > > +++ b/net/ipv4/ip_tunnel.c > > @@ -573,6 +573,9 @@ int ip_tunnel_encap(struct sk_buff *skb, struct ip_tunnel *t, > > if (t->encap.type == TUNNEL_ENCAP_NONE) > > return 0; > > > > + if (t->encap.type >= MAX_IPTUN_ENCAP_OPS) > > + return -EINVAL; > > + > > I don't think this is technically needed, we should have already > verified the type when setting up the tunnel (ip_encap_hlen). Right, assuming that every API user always calls ip_tunnel_encap_setup() on changelink. It's currently the case but since this is a exported API I figured we better be safe than sorry, in particular as ip_tunnel_encap() is called before ip_encap_hlen() on xmit. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 0/2] ip_tunnel fixes 2014-12-16 20:05 [PATCH 0/2] ip_tunnel fixes Thomas Graf 2014-12-16 20:05 ` [PATCH 1/2] ip_tunnel: Add sanity checks to ip_tunnel_encap_add_ops() Thomas Graf 2014-12-16 20:05 ` [PATCH 2/2] ip_tunnel: Add missing validation of encap type to ip_tunnel_encap_setup() Thomas Graf @ 2014-12-16 20:22 ` David Miller 2 siblings, 0 replies; 6+ messages in thread From: David Miller @ 2014-12-16 20:22 UTC (permalink / raw) To: tgraf; +Cc: netdev, therbert From: Thomas Graf <tgraf@suug•ch> Date: Tue, 16 Dec 2014 21:05:19 +0100 > Thomas Graf (2): > ip_tunnel: Add sanity checks to ip_tunnel_encap_add_ops() > ip_tunnel: Add missing validation of encap type to > ip_tunnel_encap_setup() Both applied, thanks Thomas. ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2014-12-16 20:50 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2014-12-16 20:05 [PATCH 0/2] ip_tunnel fixes Thomas Graf 2014-12-16 20:05 ` [PATCH 1/2] ip_tunnel: Add sanity checks to ip_tunnel_encap_add_ops() Thomas Graf 2014-12-16 20:05 ` [PATCH 2/2] ip_tunnel: Add missing validation of encap type to ip_tunnel_encap_setup() Thomas Graf 2014-12-16 20:23 ` Tom Herbert 2014-12-16 20:50 ` Thomas Graf 2014-12-16 20:22 ` [PATCH 0/2] ip_tunnel fixes David Miller
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox