[v3] restrict bridge interface name to IFNAMSIZ

[Qemu-devel] [PATCH v3 0/3] restrict bridge interface name to IFNAMSIZ

P J P posted 3 patches 4 years, 10 months ago

Diff against v2 v4
Download series mbox

Test docker-clang@ubuntu passed

Test s390x failed

Test asan passed

Test docker-mingw@fedora passed

Test FreeBSD passed

Test checkpatch passed

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20190701123558.30512-1-ppandit@redhat.com

Maintainers: Jason Wang <jasowang@redhat.com>

There is a newer version of this series

net/tap.c            | 43 +++++++++----------------------------------
qemu-bridge-helper.c | 24 +++++++++++++++++-------
2 files changed, 26 insertions(+), 41 deletions(-)

Expand all Fold all

[Qemu-devel] [PATCH v3 0/3] restrict bridge interface name to IFNAMSIZ

Posted by P J P 4 years, 10 months ago

From: Prasad J Pandit <pjp@fedoraproject.org>

Hello,

Linux net_deivce defines network interface name to be of IFNAMSIZE(=16)
bytes, including the terminating null('\0') byte.

Qemu tap deivce, while invoking 'qemu-bridge-helper' tool to set up the
network bridge interface, supplies bridge name of 16 characters, thus
allowing to create an ACL bypass scenario.

This patch series attempts to fix it. It also refactors bridge helper
invocation routine 'net_bridge_run_helper' to directly invoke the helper
command.

Thank you.
---
Prasad J Pandit (3):
  qemu-bridge-helper: restrict interface name to IFNAMSIZ
  qemu-bridge-helper: move repeating code in parse_acl_file
  net: tap: refactor net_bridge_run_helper routine

 net/tap.c            | 43 +++++++++----------------------------------
 qemu-bridge-helper.c | 24 +++++++++++++++++-------
 2 files changed, 26 insertions(+), 41 deletions(-)

-- 
2.21.0