Kernel/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-06 05:13:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ip_rt_ioctl(): take copyin to caller

Browse Source 
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro 2017-07-01 08:03:10 -04:00
parent 03aef17bb7
commit ca25c30040
4 changed files with 10 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/net/route.h
View File

@ -217,7 +217,7 @@ unsigned int inet_addr_type_dev_table(struct net *net,
const struct net_device *dev, const struct net_device *dev,
__be32 addr); __be32 addr);
void ip_rt_multicast_event(struct in_device *); void ip_rt_multicast_event(struct in_device *);
int ip_rt_ioctl(struct net *, unsigned int cmd, void __user *arg); int ip_rt_ioctl(struct net *, unsigned int cmd, struct rtentry *rt);
void ip_rt_get_source(u8 *src, struct sk_buff *skb, struct rtable *rt); void ip_rt_get_source(u8 *src, struct sk_buff *skb, struct rtable *rt);
struct rtable *rt_dst_alloc(struct net_device *dev, struct rtable *rt_dst_alloc(struct net_device *dev,
unsigned int flags, u16 type, unsigned int flags, u16 type,

7
net/ipv4/af_inet.c
View File

@ -874,6 +874,7 @@ int inet_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
struct net *net = sock_net(sk); struct net *net = sock_net(sk);
void __user *p = (void __user *)arg; void __user *p = (void __user *)arg;
struct ifreq ifr; struct ifreq ifr;
struct rtentry rt;
switch (cmd) { switch (cmd) {
case SIOCGSTAMP: case SIOCGSTAMP:
@ -884,8 +885,12 @@ int inet_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
break; break;
case SIOCADDRT: case SIOCADDRT:
case SIOCDELRT: case SIOCDELRT:
if (copy_from_user(&rt, p, sizeof(struct rtentry)))
return -EFAULT;
err = ip_rt_ioctl(net, cmd, &rt);
break;
case SIOCRTMSG: case SIOCRTMSG:
err = ip_rt_ioctl(net, cmd, (void __user *)arg); err = -EINVAL;
break; break;
case SIOCDARP: case SIOCDARP:
case SIOCGARP: case SIOCGARP:

8
net/ipv4/fib_frontend.c
View File

@ -587,10 +587,9 @@ static int rtentry_to_fib_config(struct net *net, int cmd, struct rtentry *rt,
* Handle IP routing ioctl calls. * Handle IP routing ioctl calls.
* These are used to manipulate the routing tables * These are used to manipulate the routing tables
*/ */
int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) int ip_rt_ioctl(struct net *net, unsigned int cmd, struct rtentry *rt)
{ {
struct fib_config cfg; struct fib_config cfg;
struct rtentry rt;
int err; int err;
switch (cmd) { switch (cmd) {
@ -599,11 +598,8 @@ int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg)
if (!ns_capable(net->user_ns, CAP_NET_ADMIN)) if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
return -EPERM; return -EPERM;
if (copy_from_user(&rt, arg, sizeof(rt)))
return -EFAULT;
rtnl_lock(); rtnl_lock();
err = rtentry_to_fib_config(net, cmd, &rt, &cfg); err = rtentry_to_fib_config(net, cmd, rt, &cfg);
if (err == 0) { if (err == 0) {
struct fib_table *tb; struct fib_table *tb;

13
net/ipv4/ipconfig.c
View File

@ -340,17 +340,6 @@ static int __init ic_dev_ioctl(unsigned int cmd, struct ifreq *arg)
return res; return res;
} }
static int __init ic_route_ioctl(unsigned int cmd, struct rtentry *arg)
{
int res;
mm_segment_t oldfs = get_fs();
set_fs(get_ds());
res = ip_rt_ioctl(&init_net, cmd, (void __user *) arg);
set_fs(oldfs);
return res;
}
/* /*
* Set up interface addresses and routes. * Set up interface addresses and routes.
*/ */
@ -412,7 +401,7 @@ static int __init ic_setup_routes(void)
set_sockaddr((struct sockaddr_in *) &rm.rt_genmask, 0, 0); set_sockaddr((struct sockaddr_in *) &rm.rt_genmask, 0, 0);
set_sockaddr((struct sockaddr_in *) &rm.rt_gateway, ic_gateway, 0); set_sockaddr((struct sockaddr_in *) &rm.rt_gateway, ic_gateway, 0);
rm.rt_flags = RTF_UP | RTF_GATEWAY; rm.rt_flags = RTF_UP | RTF_GATEWAY;
if ((err = ic_route_ioctl(SIOCADDRT, &rm)) < 0) { if ((err = ip_rt_ioctl(&init_net, SIOCADDRT, &rm)) < 0) {
pr_err("IP-Config: Cannot add default route (%d)\n", pr_err("IP-Config: Cannot add default route (%d)\n",
err); err);
return -1; return -1;