Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7de33309 authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'ipv4-Prevent-user-triggerable-warning' 



Ido Schimmel says:

====================
net: ipv4: Prevent user triggerable warning

Patch #1 prevents a user triaggerable warning in the flow dissector by
setting 'skb->dev' in skbs used for IPv4 output route get requests.

Patch #2 adds a test case that triggers the warning without the first
patch.

I have audited all the RTM_GETROUTE handlers and could not find any
other callpath where an skb is passed to the flow dissector with both
'skb->dev' and 'skb->sk' cleared.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 639c1b26 676f4bb1

net/ipv4/route.c

+1 −0
Original line number Diff line number Diff line
@@ -2849,6 +2849,7 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, 
			err = -rt->dst.error;

	} else {

		fl4.flowi4_iif = LOOPBACK_IFINDEX;

		skb->dev = net->loopback_dev;

		rt = ip_route_output_key_hash_rcu(net, &fl4, &res, skb);

		err = 0;

		if (IS_ERR(rt))

tools/testing/selftests/net/rtnetlink.sh

+15 −0
Original line number Diff line number Diff line
@@ -205,6 +205,8 @@ kci_test_polrouting() 


kci_test_route_get()

{

	local hash_policy=$(sysctl -n net.ipv4.fib_multipath_hash_policy)



	ret=0



	ip route get 127.0.0.1 > /dev/null
@@ -223,6 +225,19 @@ kci_test_route_get() 
	check_err $?

	ip route get 10.23.7.11 from 10.23.7.12 iif "$devdummy" > /dev/null

	check_err $?

	ip route add 10.23.8.0/24 \

		nexthop via 10.23.7.13 dev "$devdummy" \

		nexthop via 10.23.7.14 dev "$devdummy"

	check_err $?

	sysctl -wq net.ipv4.fib_multipath_hash_policy=0

	ip route get 10.23.8.11 > /dev/null

	check_err $?

	sysctl -wq net.ipv4.fib_multipath_hash_policy=1

	ip route get 10.23.8.11 > /dev/null

	check_err $?

	sysctl -wq net.ipv4.fib_multipath_hash_policy="$hash_policy"

	ip route del 10.23.8.0/24

	check_err $?

	ip addr del dev "$devdummy" 10.23.7.11/24

	check_err $?