Commit 1a7fca63 authored by Benjamin LaHaise's avatar Benjamin LaHaise Committed by David S. Miller

flower: check unused bits in MPLS fields

Since several of the the netlink attributes used to configure the flower
classifier's MPLS TC, BOS and Label fields have additional bits which are
unused, check those bits to ensure that they are actually 0 as suggested
by Jamal.
Signed-off-by: default avatarBenjamin LaHaise <benjamin.lahaise@netronome.com>
Cc: David Miller <davem@davemloft.net>
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Cc: Simon Horman <simon.horman@netronome.com>
Cc: Jakub Kicinski <kubakici@wp.pl>
Cc: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent a01aa920
...@@ -439,7 +439,7 @@ static void fl_set_key_val(struct nlattr **tb, ...@@ -439,7 +439,7 @@ static void fl_set_key_val(struct nlattr **tb,
memcpy(mask, nla_data(tb[mask_type]), len); memcpy(mask, nla_data(tb[mask_type]), len);
} }
static void fl_set_key_mpls(struct nlattr **tb, static int fl_set_key_mpls(struct nlattr **tb,
struct flow_dissector_key_mpls *key_val, struct flow_dissector_key_mpls *key_val,
struct flow_dissector_key_mpls *key_mask) struct flow_dissector_key_mpls *key_mask)
{ {
...@@ -448,20 +448,30 @@ static void fl_set_key_mpls(struct nlattr **tb, ...@@ -448,20 +448,30 @@ static void fl_set_key_mpls(struct nlattr **tb,
key_mask->mpls_ttl = MPLS_TTL_MASK; key_mask->mpls_ttl = MPLS_TTL_MASK;
} }
if (tb[TCA_FLOWER_KEY_MPLS_BOS]) { if (tb[TCA_FLOWER_KEY_MPLS_BOS]) {
key_val->mpls_bos = nla_get_u8(tb[TCA_FLOWER_KEY_MPLS_BOS]); u8 bos = nla_get_u8(tb[TCA_FLOWER_KEY_MPLS_BOS]);
if (bos & ~MPLS_BOS_MASK)
return -EINVAL;
key_val->mpls_bos = bos;
key_mask->mpls_bos = MPLS_BOS_MASK; key_mask->mpls_bos = MPLS_BOS_MASK;
} }
if (tb[TCA_FLOWER_KEY_MPLS_TC]) { if (tb[TCA_FLOWER_KEY_MPLS_TC]) {
key_val->mpls_tc = u8 tc = nla_get_u8(tb[TCA_FLOWER_KEY_MPLS_TC]);
nla_get_u8(tb[TCA_FLOWER_KEY_MPLS_TC]) & MPLS_TC_MASK;
if (tc & ~MPLS_TC_MASK)
return -EINVAL;
key_val->mpls_tc = tc;
key_mask->mpls_tc = MPLS_TC_MASK; key_mask->mpls_tc = MPLS_TC_MASK;
} }
if (tb[TCA_FLOWER_KEY_MPLS_LABEL]) { if (tb[TCA_FLOWER_KEY_MPLS_LABEL]) {
key_val->mpls_label = u32 label = nla_get_u32(tb[TCA_FLOWER_KEY_MPLS_LABEL]);
nla_get_u32(tb[TCA_FLOWER_KEY_MPLS_LABEL]) &
MPLS_LABEL_MASK; if (label & ~MPLS_LABEL_MASK)
return -EINVAL;
key_val->mpls_label = label;
key_mask->mpls_label = MPLS_LABEL_MASK; key_mask->mpls_label = MPLS_LABEL_MASK;
} }
return 0;
} }
static void fl_set_key_vlan(struct nlattr **tb, static void fl_set_key_vlan(struct nlattr **tb,
...@@ -622,7 +632,9 @@ static int fl_set_key(struct net *net, struct nlattr **tb, ...@@ -622,7 +632,9 @@ static int fl_set_key(struct net *net, struct nlattr **tb,
sizeof(key->icmp.code)); sizeof(key->icmp.code));
} else if (key->basic.n_proto == htons(ETH_P_MPLS_UC) || } else if (key->basic.n_proto == htons(ETH_P_MPLS_UC) ||
key->basic.n_proto == htons(ETH_P_MPLS_MC)) { key->basic.n_proto == htons(ETH_P_MPLS_MC)) {
fl_set_key_mpls(tb, &key->mpls, &mask->mpls); ret = fl_set_key_mpls(tb, &key->mpls, &mask->mpls);
if (ret)
return ret;
} else if (key->basic.n_proto == htons(ETH_P_ARP) || } else if (key->basic.n_proto == htons(ETH_P_ARP) ||
key->basic.n_proto == htons(ETH_P_RARP)) { key->basic.n_proto == htons(ETH_P_RARP)) {
fl_set_key_val(tb, &key->arp.sip, TCA_FLOWER_KEY_ARP_SIP, fl_set_key_val(tb, &key->arp.sip, TCA_FLOWER_KEY_ARP_SIP,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment