From: Julian Anastasov <j...@ssi.bg>
Date: Sun, 10 Jul 2016 21:11:55 +0300
> Vegard Nossum is reporting for a crash in fib_dump_info
> when nh_dev = NULL and fib_nhs == 1:
...
> $ addr2line -e vmlinux -i 0x602b3d18
> include/linux/inetdevice.h:222
> net/ipv4/fib_semantics.c:1264
>
> Problem happens when RTNH_F_LINKDOWN is provided from user space
> when creating routes that do not use the flag, catched with
> netlink fuzzer.
>
> Currently, the kernel allows user space to set both flags
> to nh_flags and fib_flags but this is not intentional, the
> assumption was that they are not set. Fix this by rejecting
> both flags with EINVAL.
>
> Reported-by: Vegard Nossum <vegard.nos...@oracle.com>
> Fixes: 0eeb075fad73 ("net: ipv4 sysctl option to ignore routes when nexthop
> link is down")
> Signed-off-by: Julian Anastasov <j...@ssi.bg>
Applied and queud up for -stable, thanks Julian.
