From patchwork Fri Jul 27 15:54:44 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dmitry Safonov X-Patchwork-Id: 950272 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=quarantine dis=none) header.from=arista.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=arista.com header.i=@arista.com header.b="db6j5TP1"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 41cYSZ0XKnz9s0R for ; Sat, 28 Jul 2018 01:54:54 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388712AbeG0RRT (ORCPT ); Fri, 27 Jul 2018 13:17:19 -0400 Received: from mail-wm0-f67.google.com ([74.125.82.67]:50839 "EHLO mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732752AbeG0RRT (ORCPT ); Fri, 27 Jul 2018 13:17:19 -0400 Received: by mail-wm0-f67.google.com with SMTP id s12-v6so5753163wmc.0 for ; Fri, 27 Jul 2018 08:54:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=arista.com; s=googlenew; h=from:to:cc:subject:date:message-id; bh=KPyvd5o+I9Jov49HHmbeHutGib2mspLlbfetN7M1LJA=; b=db6j5TP1lZV2eJkpXW4jimetZmkeTqTz5yWhJblDbbVIq2vpr+5MaaYOtn013VlIt+ EhB5CC6780kiNyWLBHtK3JJFnfW9vD6MNoil/yZ/pOf/Oo/fQeyyQTodtIrdz9WXIsne 0jV9ZPTpCHF1hK+FBg/Ss388F7sOzbexAYV5ItJdnR7td4B3+4JKAMkJQGlWFTBPk3Sc mpK+gwjQgQzAry/75WdIR4+cOBJdaxOHVP+oogOGBh2vENjFwyyMCOHzpANMFbKB4pmO BfaCkgBMo55tpSsg/duDwMD67hkq+tmY+edRLEhc6ueKqLUXTgIGjGnr2RMqCSnB3HyM tJSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=KPyvd5o+I9Jov49HHmbeHutGib2mspLlbfetN7M1LJA=; b=CuzNn+06JjOKjcHegG762X2nRj3XPEXSnAMryK3uJFEMFDQCLrGfieQwU1SJTxDSrY ZoApfTPkWkbmznmgF0LmVdZvBz4+X72ZypZAb0VpleHzPb0EfPlQ+IuoFSHOKz2xLHpZ ZxzGAnUUT+lHmsQ3emkism8gO0J3hY6mSa8Qs65THBsgMcrd9nUBTnM/Xsde7WrmyUKn H1jIcvCpI96s1vRqCytor0NBugqsN3/Zc0DBrqA+ICrjBwWJ8yCnB8DdOmlKsUmuLUYV P/wBw0AUaQD+He31rJBc1AAKo9yL1b5KlWXH4RmhvcKiPbs4Jlz24Vtb/bCniM5Fi0WP dCoA== X-Gm-Message-State: AOUpUlENQBa9ChKA63VtlaQHTv5EkRYxD8ZtpTexQl6mjsD/4YZbe1aj wjI/1SWJBeiblFXzeOC2tiPO1A== X-Google-Smtp-Source: AAOMgpfTNoyJuGR7NH6OddSSYHTBqz5cW+znCcL4NvUtXE+MFozlOuv+7+P+Ljik3gd0kyRlSs4KjQ== X-Received: by 2002:a1c:ea9c:: with SMTP id g28-v6mr4754416wmi.65.1532706887207; Fri, 27 Jul 2018 08:54:47 -0700 (PDT) Received: from dhcp.ire.aristanetworks.com ([217.173.96.166]) by smtp.gmail.com with ESMTPSA id g125-v6sm3319590wmf.16.2018.07.27.08.54.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 27 Jul 2018 08:54:46 -0700 (PDT) From: Dmitry Safonov To: linux-kernel@vger.kernel.org Cc: Dmitry Safonov , "David S. Miller" , Herbert Xu , Steffen Klassert , netdev@vger.kernel.org Subject: [PATCH] netlink: Do not subscribe to non-existent groups Date: Fri, 27 Jul 2018 16:54:44 +0100 Message-Id: <20180727155444.17081-1-dima@arista.com> X-Mailer: git-send-email 2.13.6 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Make ABI more strict about subscribing to group > ngroups. Code doesn't check for that and it looks bogus. (one can subscribe to non-existing group) Still, it's possible to bind() to all possible groups with (-1) Cc: "David S. Miller" Cc: Herbert Xu Cc: Steffen Klassert Cc: netdev@vger.kernel.org Signed-off-by: Dmitry Safonov --- net/netlink/af_netlink.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 393573a99a5a..ac805caed2e2 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1008,6 +1008,7 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr, if (err) return err; } + groups &= (1UL << nlk->ngroups) - 1; bound = nlk->bound; if (bound) {