diff options
| author | Pavel Emelyanov <xemul@openvz.org> | 2008-02-27 02:51:04 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-02-27 02:51:04 -0500 |
| commit | b37d428b24ad38034f56b614de05686ba151b614 (patch) | |
| tree | dfa41745c88edb80a47c246d13a899ee06a7510f /net/ipv4 | |
| parent | d9595a7b9c777d45a74774f1428c263a0a47f4c0 (diff) | |
[INET]: Don't create tunnels with '%' in name.
Four tunnel drivers (ip_gre, ipip, ip6_tunnel and sit) can receive a
pre-defined name for a device from the userspace. Since these drivers
call the register_netdevice() (rtnl_lock, is held), which does _not_
generate the device's name, this name may contain a '%' character.
Not sure how bad is this to have a device with a '%' in its name, but
all the other places either use the register_netdev(), which call the
dev_alloc_name(), or explicitly call the dev_alloc_name() before
registering, i.e. do not allow for such names.
This had to be prior to the commit 34cc7b, but I forgot to number the
patches and this one got lost, sorry.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
| -rw-r--r-- | net/ipv4/ip_gre.c | 14 | ||||
| -rw-r--r-- | net/ipv4/ipip.c | 14 |
2 files changed, 18 insertions, 10 deletions
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c index 906cb1ada4c3..e7821ba7a9a0 100644 --- a/net/ipv4/ip_gre.c +++ b/net/ipv4/ip_gre.c | |||
| @@ -266,20 +266,24 @@ static struct ip_tunnel * ipgre_tunnel_locate(struct ip_tunnel_parm *parms, int | |||
| 266 | if (!dev) | 266 | if (!dev) |
| 267 | return NULL; | 267 | return NULL; |
| 268 | 268 | ||
| 269 | if (strchr(name, '%')) { | ||
| 270 | if (dev_alloc_name(dev, name) < 0) | ||
| 271 | goto failed_free; | ||
| 272 | } | ||
| 273 | |||
| 269 | dev->init = ipgre_tunnel_init; | 274 | dev->init = ipgre_tunnel_init; |
| 270 | nt = netdev_priv(dev); | 275 | nt = netdev_priv(dev); |
| 271 | nt->parms = *parms; | 276 | nt->parms = *parms; |
| 272 | 277 | ||
| 273 | if (register_netdevice(dev) < 0) { | 278 | if (register_netdevice(dev) < 0) |
| 274 | free_netdev(dev); | 279 | goto failed_free; |
| 275 | goto failed; | ||
| 276 | } | ||
| 277 | 280 | ||
| 278 | dev_hold(dev); | 281 | dev_hold(dev); |
| 279 | ipgre_tunnel_link(nt); | 282 | ipgre_tunnel_link(nt); |
| 280 | return nt; | 283 | return nt; |
| 281 | 284 | ||
| 282 | failed: | 285 | failed_free: |
| 286 | free_netdev(dev); | ||
| 283 | return NULL; | 287 | return NULL; |
| 284 | } | 288 | } |
| 285 | 289 | ||
diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c index e77e3b855834..dbaed69de06a 100644 --- a/net/ipv4/ipip.c +++ b/net/ipv4/ipip.c | |||
| @@ -228,20 +228,24 @@ static struct ip_tunnel * ipip_tunnel_locate(struct ip_tunnel_parm *parms, int c | |||
| 228 | if (dev == NULL) | 228 | if (dev == NULL) |
| 229 | return NULL; | 229 | return NULL; |
| 230 | 230 | ||
| 231 | if (strchr(name, '%')) { | ||
| 232 | if (dev_alloc_name(dev, name) < 0) | ||
| 233 | goto failed_free; | ||
| 234 | } | ||
| 235 | |||
| 231 | nt = netdev_priv(dev); | 236 | nt = netdev_priv(dev); |
| 232 | dev->init = ipip_tunnel_init; | 237 | dev->init = ipip_tunnel_init; |
| 233 | nt->parms = *parms; | 238 | nt->parms = *parms; |
| 234 | 239 | ||
| 235 | if (register_netdevice(dev) < 0) { | 240 | if (register_netdevice(dev) < 0) |
| 236 | free_netdev(dev); | 241 | goto failed_free; |
| 237 | goto failed; | ||
| 238 | } | ||
| 239 | 242 | ||
| 240 | dev_hold(dev); | 243 | dev_hold(dev); |
| 241 | ipip_tunnel_link(nt); | 244 | ipip_tunnel_link(nt); |
| 242 | return nt; | 245 | return nt; |
| 243 | 246 | ||
| 244 | failed: | 247 | failed_free: |
| 248 | free_netdev(dev); | ||
| 245 | return NULL; | 249 | return NULL; |
| 246 | } | 250 | } |
| 247 | 251 | ||