On Thu, 2017-09-21 at 21:32 +0800, Zhang Shengju wrote:
> Currently, any mtu value can be assigned when adding a new dummy device:
> [~]# ip link add name dummy1 mtu 100000 type dummy
> [~]# ip link show dummy1
> 15: dummy1: <BROADCAST,NOARP> mtu 100000 qdisc noop state DOWN mode DEFAULT
> group default qlen 1000
> link/ether 0a:61:6b:16:14:ce brd ff:ff:ff:ff:ff:ff
>
> This patch adds device MTU validation check.
What is wrong with big MTU on dummy ?
If this is a generic rule, this check should belong in core network
stack.
>
> Signed-off-by: Zhang Shengju <zhangshen...@cmss.chinamobile.com>
> ---
> drivers/net/dummy.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/drivers/net/dummy.c b/drivers/net/dummy.c
> index e31ab3b..0276b2b 100644
> --- a/drivers/net/dummy.c
> +++ b/drivers/net/dummy.c
> @@ -365,6 +365,14 @@ static int dummy_validate(struct nlattr *tb[], struct
> nlattr *data[],
> if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS])))
> return -EADDRNOTAVAIL;
> }
> +
> + if (tb[IFLA_MTU]) {
> + u32 mtu = nla_get_u32(tb[IFLA_MTU]);
You do not verify/validate nla_len(tb[IFLA_MTU]).
Do not ever trust user space.
> +
> + if (mtu > ETH_MAX_MTU)
> + return -EINVAL;
> + }
> +
> return 0;
> }
>
