aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPavel Emelyanov <xemul@openvz.org>2008-02-27 02:51:04 -0500
committerDavid S. Miller <davem@davemloft.net>2008-02-27 02:51:04 -0500
commitb37d428b24ad38034f56b614de05686ba151b614 (patch)
treedfa41745c88edb80a47c246d13a899ee06a7510f
parentd9595a7b9c777d45a74774f1428c263a0a47f4c0 (diff)
[INET]: Don't create tunnels with '%' in name.
Four tunnel drivers (ip_gre, ipip, ip6_tunnel and sit) can receive a pre-defined name for a device from the userspace. Since these drivers call the register_netdevice() (rtnl_lock, is held), which does _not_ generate the device's name, this name may contain a '%' character. Not sure how bad is this to have a device with a '%' in its name, but all the other places either use the register_netdev(), which call the dev_alloc_name(), or explicitly call the dev_alloc_name() before registering, i.e. do not allow for such names. This had to be prior to the commit 34cc7b, but I forgot to number the patches and this one got lost, sorry. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/ip_gre.c14
-rw-r--r--net/ipv4/ipip.c14
-rw-r--r--net/ipv6/ip6_tunnel.c15
-rw-r--r--net/ipv6/sit.c13
4 files changed, 38 insertions, 18 deletions
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index 906cb1ada4c3..e7821ba7a9a0 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -266,20 +266,24 @@ static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int
266 if (!dev) 266 if (!dev)
267 return NULL; 267 return NULL;
268 268
269 if (strchr(name, '%')) {
270 if (dev_alloc_name(dev, name) < 0)
271 goto failed_free;
272 }
273
269 dev->init = ipgre_tunnel_init; 274 dev->init = ipgre_tunnel_init;
270 nt = netdev_priv(dev); 275 nt = netdev_priv(dev);
271 nt->parms = *parms; 276 nt->parms = *parms;
272 277
273 if (register_netdevice(dev) < 0) { 278 if (register_netdevice(dev) < 0)
274 free_netdev(dev); 279 goto failed_free;
275 goto failed;
276 }
277 280
278 dev_hold(dev); 281 dev_hold(dev);
279 ipgre_tunnel_link(nt); 282 ipgre_tunnel_link(nt);
280 return nt; 283 return nt;
281 284
282failed: 285failed_free:
286 free_netdev(dev);
283 return NULL; 287 return NULL;
284} 288}
285 289
diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c
index e77e3b855834..dbaed69de06a 100644
--- a/net/ipv4/ipip.c
+++ b/net/ipv4/ipip.c
@@ -228,20 +228,24 @@ static struct ip_tunnel * ipip_tunnel_locate(struct ip_tunnel_parm *parms, int c
228 if (dev == NULL) 228 if (dev == NULL)
229 return NULL; 229 return NULL;
230 230
231 if (strchr(name, '%')) {
232 if (dev_alloc_name(dev, name) < 0)
233 goto failed_free;
234 }
235
231 nt = netdev_priv(dev); 236 nt = netdev_priv(dev);
232 dev->init = ipip_tunnel_init; 237 dev->init = ipip_tunnel_init;
233 nt->parms = *parms; 238 nt->parms = *parms;
234 239
235 if (register_netdevice(dev) < 0) { 240 if (register_netdevice(dev) < 0)
236 free_netdev(dev); 241 goto failed_free;
237 goto failed;
238 }
239 242
240 dev_hold(dev); 243 dev_hold(dev);
241 ipip_tunnel_link(nt); 244 ipip_tunnel_link(nt);
242 return nt; 245 return nt;
243 246
244failed: 247failed_free:
248 free_netdev(dev);
245 return NULL; 249 return NULL;
246} 250}
247 251
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index 2a124e9a1b2d..78f438880923 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -238,17 +238,24 @@ static struct ip6_tnl *ip6_tnl_create(struct ip6_tnl_parm *p)
238 if (dev == NULL) 238 if (dev == NULL)
239 goto failed; 239 goto failed;
240 240
241 if (strchr(name, '%')) {
242 if (dev_alloc_name(dev, name) < 0)
243 goto failed_free;
244 }
245
241 t = netdev_priv(dev); 246 t = netdev_priv(dev);
242 dev->init = ip6_tnl_dev_init; 247 dev->init = ip6_tnl_dev_init;
243 t->parms = *p; 248 t->parms = *p;
244 249
245 if ((err = register_netdevice(dev)) < 0) { 250 if ((err = register_netdevice(dev)) < 0)
246 free_netdev(dev); 251 goto failed_free;
247 goto failed; 252
248 }
249 dev_hold(dev); 253 dev_hold(dev);
250 ip6_tnl_link(t); 254 ip6_tnl_link(t);
251 return t; 255 return t;
256
257failed_free:
258 free_netdev(dev);
252failed: 259failed:
253 return NULL; 260 return NULL;
254} 261}
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index dde7801abeff..1656c003b989 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -171,6 +171,11 @@ static struct ip_tunnel * ipip6_tunnel_locate(struct ip_tunnel_parm *parms, int
171 if (dev == NULL) 171 if (dev == NULL)
172 return NULL; 172 return NULL;
173 173
174 if (strchr(name, '%')) {
175 if (dev_alloc_name(dev, name) < 0)
176 goto failed_free;
177 }
178
174 nt = netdev_priv(dev); 179 nt = netdev_priv(dev);
175 dev->init = ipip6_tunnel_init; 180 dev->init = ipip6_tunnel_init;
176 nt->parms = *parms; 181 nt->parms = *parms;
@@ -178,16 +183,16 @@ static struct ip_tunnel * ipip6_tunnel_locate(struct ip_tunnel_parm *parms, int
178 if (parms->i_flags & SIT_ISATAP) 183 if (parms->i_flags & SIT_ISATAP)
179 dev->priv_flags |= IFF_ISATAP; 184 dev->priv_flags |= IFF_ISATAP;
180 185
181 if (register_netdevice(dev) < 0) { 186 if (register_netdevice(dev) < 0)
182 free_netdev(dev); 187 goto failed_free;
183 goto failed;
184 }
185 188
186 dev_hold(dev); 189 dev_hold(dev);
187 190
188 ipip6_tunnel_link(nt); 191 ipip6_tunnel_link(nt);
189 return nt; 192 return nt;
190 193
194failed_free:
195 free_netdev(dev);
191failed: 196failed:
192 return NULL; 197 return NULL;
193} 198}