tipc: fix netlink gate and receive-path bugs

[PATCH net v2 0/4] tipc: fix netlink gate and receive-path bugs

Michael Bommarito posted 4 patches 1 day, 9 hours ago

Download series mbox

net/tipc/discover.c   | 14 ++++++++++++++
net/tipc/name_distr.c | 11 ++++++++++-
net/tipc/netlink.c    | 12 ++++++++++++
net/tipc/socket.c     |  7 ++++++-
4 files changed, 42 insertions(+), 2 deletions(-)

Expand all Fold all

[PATCH net v2 0/4] tipc: fix netlink gate and receive-path bugs

Posted by Michael Bommarito 1 day, 9 hours ago

This is v2 of the public TIPC series. Patches 1 and 2 are the same fixes
as before, with patch 1 updated to use GENL_ADMIN_PERM for
TIPC_NL_MEDIA_SET after the duplicate public patch pointed out that the
media defaults are global rather than per-netns state. Patches 3 and 4
address Tung's review feedback.

Changes in v2:

  - Patch 1 uses GENL_ADMIN_PERM for TIPC_NL_MEDIA_SET and
    GENL_UNS_ADMIN_PERM for the netns-scoped mutators.
  - Patch 3 validates msg_conn_ack() at the start of the CONN_ACK block
    and drops invalid messages instead of capping the value.
  - Patch 4 reorders the new u32 declarations in reverse-Xmas-tree order.

Michael Bommarito (4):
  tipc: require net admin for TIPCv2 netlink mutators
  tipc: validate discovery message length before reading media address
  tipc: prevent snt_unacked underflow on CONN_ACK
  tipc: reject inverted service ranges from peer bindings

 net/tipc/discover.c   | 14 ++++++++++++++
 net/tipc/name_distr.c | 11 ++++++++++-
 net/tipc/netlink.c    | 12 ++++++++++++
 net/tipc/socket.c     |  7 ++++++-
 4 files changed, 42 insertions(+), 2 deletions(-)


base-commit: e7ae89a0c97ce2b68b0983cd01eda67cf373517d
-- 
2.53.0