On Thu, Oct 04, 2018 at 02:33:51PM -0700, David Ahern wrote:
> From: David Ahern <dsah...@gmail.com>
>
> Update rtnl_net_dumpid for strict data checking. If the flag is set,
> the dump request is expected to have an rtgenmsg struct as the header
> which has the family as the only element. No data may be appended.
>
> Signed-off-by: David Ahern <dsah...@gmail.com>
Acked-by: Christian Brauner <christ...@brauner.io>
> ---
> net/core/net_namespace.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
> index 670c84b1bfc2..63659c512ba8 100644
> --- a/net/core/net_namespace.c
> +++ b/net/core/net_namespace.c
> @@ -844,6 +844,7 @@ static int rtnl_net_dumpid_one(int id, void *peer, void
> *data)
>
> static int rtnl_net_dumpid(struct sk_buff *skb, struct netlink_callback *cb)
> {
> + const struct nlmsghdr *nlh = cb->nlh;
> struct net *net = sock_net(skb->sk);
> struct rtnl_net_dump_cb net_cb = {
> .net = net,
> @@ -853,6 +854,13 @@ static int rtnl_net_dumpid(struct sk_buff *skb, struct
> netlink_callback *cb)
> .s_idx = cb->args[0],
> };
>
> + if (cb->strict_check) {
> + if (nlh->nlmsg_len != nlmsg_msg_size(sizeof(struct rtgenmsg))) {
> + NL_SET_ERR_MSG(cb->extack, "Unknown data in dump
> request");
> + return -EINVAL;
> + }
> + }
> +
> spin_lock_bh(&net->nsid_lock);
> idr_for_each(&net->netns_ids, rtnl_net_dumpid_one, &net_cb);
> spin_unlock_bh(&net->nsid_lock);
> --
> 2.11.0
>
