| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1506006138.29839.132.camel@edumazet-glaptop3.roam.corp.google.com>
Date: Thu, 21 Sep 2017 08:02:18 -0700
From: Eric Dumazet <eric.dumazet@...il.com>
To: Zhang Shengju <zhangshengju@...s.chinamobile.com>
Cc: davem@...emloft.net, willemb@...gle.com,
stephen@...workplumber.org, netdev@...r.kernel.org
Subject: Re: [net-next 1/2] dummy: add device MTU validation check
On Thu, 2017-09-21 at 21:32 +0800, Zhang Shengju wrote:
> Currently, any mtu value can be assigned when adding a new dummy device:
> [~]# ip link add name dummy1 mtu 100000 type dummy
> [~]# ip link show dummy1
> 15: dummy1: <BROADCAST,NOARP> mtu 100000 qdisc noop state DOWN mode DEFAULT group default qlen 1000
> link/ether 0a:61:6b:16:14:ce brd ff:ff:ff:ff:ff:ff
>
> This patch adds device MTU validation check.
What is wrong with big MTU on dummy ?
If this is a generic rule, this check should belong in core network
stack.
>
> Signed-off-by: Zhang Shengju <zhangshengju@...s.chinamobile.com>
> ---
> drivers/net/dummy.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/drivers/net/dummy.c b/drivers/net/dummy.c
> index e31ab3b..0276b2b 100644
> --- a/drivers/net/dummy.c
> +++ b/drivers/net/dummy.c
> @@ -365,6 +365,14 @@ static int dummy_validate(struct nlattr *tb[], struct nlattr *data[],
> if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS])))
> return -EADDRNOTAVAIL;
> }
> +
> + if (tb[IFLA_MTU]) {
> + u32 mtu = nla_get_u32(tb[IFLA_MTU]);
You do not verify/validate nla_len(tb[IFLA_MTU]).
Do not ever trust user space.
> +
> + if (mtu > ETH_MAX_MTU)
> + return -EINVAL;
> + }
> +
> return 0;
> }
>
Powered by blists - more mailing lists