redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
remarkable-linux/net/bridge
History
Xin Long 9f32011496 bridge: check brport attr show in brport_show 
[ Upstream commit 1b12580af1 ]

Now br_sysfs_if file flush doesn't have attr show. To read it will
cause kernel panic after users chmod u+r this file.

Xiong found this issue when running the commands:

  ip link add br0 type bridge
  ip link add type veth
  ip link set veth0 master br0
  chmod u+r /sys/devices/virtual/net/veth0/brport/flush
  timeout 3 cat /sys/devices/virtual/net/veth0/brport/flush

kernel crashed with NULL a pointer dereference call trace.

This patch is to fix it by return -EINVAL when brport_attr->show
is null, just the same as the check for brport_attr->store in
brport_store().

Fixes: 9cf637473c ("bridge: add sysfs hook to flush forwarding table")
Reported-by: Xiong Zhou <xzhou@redhat.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2018-03-11 16:21:31 +01:00
..
netfilter Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2016-09-25 23:34:19 +02:00
Kconfig bridge: Add vlan filtering infrastructure 2013-02-13 19:41:46 -05:00
Makefile bridge: switchdev: Add forward mark support for stacked devices 2016-08-26 13:13:36 -07:00
br.c netfilter: bridge: clarify bridge/netfilter message 2016-10-02 22:44:03 -04:00
br_device.c bridge: switchdev: Clear forward mark when transmitting packet 2017-09-20 08:19:55 +02:00
br_fdb.c rtnetlink: fdb dump: optimize by saving last interface markers 2016-09-01 16:56:15 -07:00
br_forward.c net: bridge: allow IPv6 when multicast flood is disabled 2017-03-22 12:43:32 +01:00
br_if.c net: bridge: add per-port multicast flood flag 2016-09-01 22:48:33 -07:00
br_input.c bridge: drop netfilter fake rtable unconditionally 2017-03-22 12:43:34 +01:00
br_ioctl.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-05-09 15:59:24 -04:00
br_mdb.c bridge: mdb: fix leak on complete_info ptr on fail path 2017-07-21 07:42:17 +02:00
br_multicast.c bridge: multicast: restore perm router ports on multicast enable 2016-10-18 13:52:13 -04:00
br_netfilter_hooks.c netfilter: bridge: honor frag_max_size when refragmenting 2017-12-20 10:07:20 +01:00
br_netfilter_ipv6.c netfilter: bridge: add and use br_nf_hook_thresh 2016-09-24 21:25:48 +02:00
br_netlink.c net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks 2018-01-02 20:35:12 +01:00
br_nf_core.c net: Remove protocol from struct dst_ops 2015-03-09 16:06:10 -04:00
br_private.h net: bridge: change unicast boolean to exact pkt_type 2016-09-01 22:48:33 -07:00
br_private_stp.h net: 8021q/bluetooth/bridge/can/ceph: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
br_stp.c net: bridge: br_set_ageing_time takes a clock_t 2016-07-25 10:30:03 -07:00
br_stp_bpdu.c netfilter: Pass net into okfn 2015-09-17 17:18:37 -07:00
br_stp_if.c net: bridge: start hello timer only if device is up 2017-06-14 15:05:52 +02:00
br_stp_timer.c bridge: start hello_timer when enabling KERNEL_STP in br_stp_start 2017-06-07 12:07:44 +02:00
br_switchdev.c bridge: switchdev: Add forward mark support for stacked devices 2016-08-26 13:13:36 -07:00
br_sysfs_br.c net: bridge: set error code on failure 2016-12-05 13:26:22 -05:00
br_sysfs_if.c bridge: check brport attr show in brport_show 2018-03-11 16:21:31 +01:00
br_vlan.c bridge: netlink: export per-vlan stats 2016-05-02 22:27:06 -04:00