rtnl: protect do_setlink from IFLA_XDP_ATTACHED

The IFLA_XDP_ATTACHED nested attribute is meant for read-only, and while do_setlink properly ignores it, it should be more paranoid and reject commands that try to set it. Signed-off-by: N Brenden Blanco <bblanco@plumgrid.com> Acked-by: N Alexei Starovoitov <ast@kernel.org> Signed-off-by: N David S. Miller <davem@davemloft.net>

rtnl: protect do_setlink from IFLA_XDP_ATTACHED
The IFLA_XDP_ATTACHED nested attribute is meant for read-only, and while do_setlink properly ignores it, it should be more paranoid and reject commands that try to set it. Signed-off-by: N Brenden Blanco <bblanco@plumgrid.com> Acked-by: N Alexei Starovoitov <ast@kernel.org> Signed-off-by: N David S. Miller <davem@davemloft.net>
262d8625 · Brenden Blanco · David S. Miller · cb7386d3 · 262d8625
隐藏空白更改
内联并排

Showing with 4 addition and 0 deletion

net/core/rtnetlink.c net/core/rtnetlink.c +4 -0

未找到文件。
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -2109,6 +2109,10 @@ static int do_setlink(const struct sk_buff *skb,
 		if (err < 0)
 			goto errout;
+		if (xdp[IFLA_XDP_ATTACHED]) {
+			err = -EINVAL;
+			goto errout;
+		}
 		if (xdp[IFLA_XDP_FD]) {
 			err = dev_change_xdp_fd(dev,
 						nla_get_s32(xdp[IFLA_XDP_FD]));