net: ipv4: netconf: perform strict checks also for doit handlers

Make RTM_GETNETCONF's doit handler use strict checks when NETLINK_F_STRICT_CHK is set. Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Jakub Kicinski <jakub.kicinski@netronome.com> 2019-01-18 13:46:18 -0500
committer: David S. Miller <davem@davemloft.net> 2019-01-19 13:09:58 -0500
commit: eede370d65ab8f5d0c6b2eb9c5213dd71710b18d (patch)
tree: f3c6bc57b0d92d90d6b9d18b17f6e6f7d6e07fda /net/ipv4/devinet.c
parent: 4d165f614e12d7c089c0fec78a0fb63e7452d62e (diff)
1 files changed, 39 insertions, 4 deletions
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index e258a00b4a3d..cd027639df2f 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -2063,13 +2063,49 @@ static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
        [NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN]  = { .len = sizeof(int) },
 };
+static int inet_netconf_valid_get_req(struct sk_buff *skb,
+                                      const struct nlmsghdr *nlh,
+                                      struct nlattr **tb,
+                                      struct netlink_ext_ack *extack)
+{
+        int i, err;
+        if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
+                NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
+                return -EINVAL;
+        }
+        if (!netlink_strict_get_check(skb))
+                return nlmsg_parse(nlh, sizeof(struct netconfmsg), tb,
+                                   NETCONFA_MAX, devconf_ipv4_policy, extack);
+        err = nlmsg_parse_strict(nlh, sizeof(struct netconfmsg), tb,
+                                 NETCONFA_MAX, devconf_ipv4_policy, extack);
+        if (err)
+                return err;
+        for (i = 0; i <= NETCONFA_MAX; i++) {
+                if (!tb[i])
+                        continue;
+                switch (i) {
+                case NETCONFA_IFINDEX:
+                        break;
+                default:
+                        NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
+                        return -EINVAL;
+                }
+        }
+        return 0;
+}
 static int inet_netconf_get_devconf(struct sk_buff *in_skb,
                                    struct nlmsghdr *nlh,
                                    struct netlink_ext_ack *extack)
 {
        struct net *net = sock_net(in_skb->sk);
        struct nlattr *tb[NETCONFA_MAX+1];
-        struct netconfmsg *ncm;
        struct sk_buff *skb;
        struct ipv4_devconf *devconf;
        struct in_device *in_dev;
@@ -2077,9 +2113,8 @@ static int inet_netconf_get_devconf(struct sk_buff *in_skb,
        int ifindex;
        int err;
-        err = nlmsg_parse(nlh, sizeof(*ncm), tb, NETCONFA_MAX,
+        err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
-                          devconf_ipv4_policy, extack);
+        if (err)
-        if (err < 0)
                goto errout;
        err = -EINVAL;
author	Jakub Kicinski <jakub.kicinski@netronome.com>	2019-01-18 13:46:18 -0500
committer	David S. Miller <davem@davemloft.net>	2019-01-19 13:09:58 -0500
commit	eede370d65ab8f5d0c6b2eb9c5213dd71710b18d (patch)
tree	f3c6bc57b0d92d90d6b9d18b17f6e6f7d6e07fda /net/ipv4/devinet.c
parent	4d165f614e12d7c089c0fec78a0fb63e7452d62e (diff)

diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index e258a00b4a3d..cd027639df2f 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c
@@ -2063,13 +2063,49 @@ static const struct nla_policy devconf_ipv4_policy[NETCONFA_MAX+1] = {
2063	[NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },	2063	[NETCONFA_IGNORE_ROUTES_WITH_LINKDOWN] = { .len = sizeof(int) },
2064	};	2064	};
2065		2065
		2066	static int inet_netconf_valid_get_req(struct sk_buff *skb,
		2067	const struct nlmsghdr *nlh,
		2068	struct nlattr **tb,
		2069	struct netlink_ext_ack *extack)
		2070	{
		2071	int i, err;
		2072
		2073	if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(struct netconfmsg))) {
		2074	NL_SET_ERR_MSG(extack, "ipv4: Invalid header for netconf get request");
		2075	return -EINVAL;
		2076	}
		2077
		2078	if (!netlink_strict_get_check(skb))
		2079	return nlmsg_parse(nlh, sizeof(struct netconfmsg), tb,
		2080	NETCONFA_MAX, devconf_ipv4_policy, extack);
		2081
		2082	err = nlmsg_parse_strict(nlh, sizeof(struct netconfmsg), tb,
		2083	NETCONFA_MAX, devconf_ipv4_policy, extack);
		2084	if (err)
		2085	return err;
		2086
		2087	for (i = 0; i <= NETCONFA_MAX; i++) {
		2088	if (!tb[i])
		2089	continue;
		2090
		2091	switch (i) {
		2092	case NETCONFA_IFINDEX:
		2093	break;
		2094	default:
		2095	NL_SET_ERR_MSG(extack, "ipv4: Unsupported attribute in netconf get request");
		2096	return -EINVAL;
		2097	}
		2098	}
		2099
		2100	return 0;
		2101	}
		2102
2066	static int inet_netconf_get_devconf(struct sk_buff *in_skb,	2103	static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2067	struct nlmsghdr *nlh,	2104	struct nlmsghdr *nlh,
2068	struct netlink_ext_ack *extack)	2105	struct netlink_ext_ack *extack)
2069	{	2106	{
2070	struct net *net = sock_net(in_skb->sk);	2107	struct net *net = sock_net(in_skb->sk);
2071	struct nlattr *tb[NETCONFA_MAX+1];	2108	struct nlattr *tb[NETCONFA_MAX+1];
2072	struct netconfmsg *ncm;
2073	struct sk_buff *skb;	2109	struct sk_buff *skb;
2074	struct ipv4_devconf *devconf;	2110	struct ipv4_devconf *devconf;
2075	struct in_device *in_dev;	2111	struct in_device *in_dev;
@@ -2077,9 +2113,8 @@ static int inet_netconf_get_devconf(struct sk_buff *in_skb,
2077	int ifindex;	2113	int ifindex;
2078	int err;	2114	int err;
2079		2115
2080	err = nlmsg_parse(nlh, sizeof(*ncm), tb, NETCONFA_MAX,	2116	err = inet_netconf_valid_get_req(in_skb, nlh, tb, extack);
2081	devconf_ipv4_policy, extack);	2117	if (err)
2082	if (err < 0)
2083	goto errout;	2118	goto errout;
2084		2119
2085	err = -EINVAL;	2120	err = -EINVAL;