Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1470956imm; Wed, 25 Jul 2018 19:33:10 -0700 (PDT) X-Google-Smtp-Source: AAOMgpcu1+pKjRxT8iq3QaxFP/IRv7FdIRRT4+LLMoATiNCmCGSsdB0vwDiIm1uCMkQeoAXo/21E X-Received: by 2002:a62:2304:: with SMTP id j4-v6mr133857pfj.98.1532572390734; Wed, 25 Jul 2018 19:33:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532572390; cv=none; d=google.com; s=arc-20160816; b=EbTiXD+ymKep8hJHBBf+v7FLA3v2uFMEz64EzsaDvaSrK+eyu6na1mzu4OAmSgzBVB bhGu9ftzZb9exRPLw2/tBpIcVX54IqHeXF5RPwJRA4c4/FVZX9orG4we3Hfz4rVXR+cV qe1s2O18cEISZvkRFDeTQtiLlhb5yNfhDdS8LBTOYwpGzhQ1s2DlD3ttmyiC8rGpwjRO uYm5+heviZ4blsayTwgSExPzK6fSYTEmIZDwNtGKTxpGUmcfNXjGGIMuszquEppCzB8L tZCbDUEmgDlHQSuqLlcy64oMBqsqMwPcBKgkHEVva1itnVP1UwwcpajJ7j6t7RXQjnQ5 Hdjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=KPyvd5o+I9Jov49HHmbeHutGib2mspLlbfetN7M1LJA=; b=eTm3sSoYrLGiW9WdPKbP/yGK1DMsZ6Qn1V0egdOOfeQIqhyViNsQzizgo7Js2HdFo7 cNo0lBif9tf0dJIlljij57RQUwiONC8lawPtpaG4oso9gKIEFtuu1mFsGsdP/ZhmaSXm ZAM08xnoe4lVz3ZOEgCbqNKE/acouUcWvBtymBJZxakIkUh/LhLl1TLivRMZFu/gKZgu ZdiXs+QagxGGW9zuTrSU+bA92rqgXeAmUdsmJAuH5BKNgMNpegANZ7W0MTmkYjGreO6p ahR4RGbcIlF6DEAkp89IPvphERnUeqUq7RvuqJ5dRIrkCACGaxtmtUaWfKumii0ghunN /oOA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@arista.com header.s=googlenew header.b=bn8zq0M7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=REJECT dis=NONE) header.from=arista.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h18-v6si84673pfn.158.2018.07.25.19.32.52; Wed, 25 Jul 2018 19:33:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@arista.com header.s=googlenew header.b=bn8zq0M7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=REJECT dis=NONE) header.from=arista.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729052AbeGZDq1 (ORCPT + 99 others); Wed, 25 Jul 2018 23:46:27 -0400 Received: from mail-ed1-f65.google.com ([209.85.208.65]:35754 "EHLO mail-ed1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728975AbeGZDq1 (ORCPT ); Wed, 25 Jul 2018 23:46:27 -0400 Received: by mail-ed1-f65.google.com with SMTP id e6-v6so339185edr.2 for ; Wed, 25 Jul 2018 19:31:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=arista.com; s=googlenew; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=KPyvd5o+I9Jov49HHmbeHutGib2mspLlbfetN7M1LJA=; b=bn8zq0M7lAwJea4JONbDDYyqexIzxU/As0lvD/oskkExa/sy5ZuwZDOJ0V1FlU6nxS R0I90dDdcY5vbDRh7yGstJGSJFgsznflAlOPXeHuclwJfE72dF9bIlUWIvkHDlCDZ7tG YOeBdzgJ1KJ6NXGRWay7ELBswj0IndWiomcqDCsSrKoSdyy+FZ6uUySKSM8dRlrnEDan kmBStLemWkvujmASB5ZWc5j+jneBZ651wXAuCUCvMowU3Ek8kK6/Q9iN/eogO4SRnOl+ tTZFkuJSjOA5Mfece1tPrkuD6Y3Snp024ZjGaPu50ktCumXSRqU37UjI5nefQHfd77o6 3Dsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=KPyvd5o+I9Jov49HHmbeHutGib2mspLlbfetN7M1LJA=; b=JU4HwoFE1AkmPdWRLjLsXQl/otbXYPW5CJ0EthBsDnW3lJefUVM07DqOul4or0mD7A 5pnHPiMYLH/crJj7cyht4NCoBcwQKx3ZuvJu7VIRVenpfitDjROE7Udyo3fcXrXxFXLJ wbcmpuYwaQuss8/keD5oG+YYBQYRt8dPF6eG0cy206AYmfMq9ZFOXdvZ8tVlkVIGoKEe qLRD4VkAuPQGtGPdgQRL5tVHRbt6FM0kH+v5sEvJkmRjump7CzXDNPgDrjlPXrBTpE69 LXNlgOS+8uEmdaHHbjbEV8WbWv0LQgeBkmsgPS+6jmq0fjUmusaIY1DCZU+HKHCR8NDw j8iw== X-Gm-Message-State: AOUpUlFTB+rrOhYqf8rTXuKNoPZ2mAjL//w0wxKn3OFA7hyS/OFyL2cB flz3m1txa0gnAEBETC3iTM4vqIBjjjE= X-Received: by 2002:a50:b306:: with SMTP id q6-v6mr481068edd.264.1532572313408; Wed, 25 Jul 2018 19:31:53 -0700 (PDT) Received: from dhcp.ire.aristanetworks.com ([217.173.96.166]) by smtp.gmail.com with ESMTPSA id x13-v6sm241024edx.17.2018.07.25.19.31.52 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 25 Jul 2018 19:31:52 -0700 (PDT) From: Dmitry Safonov To: linux-kernel@vger.kernel.org Cc: Dmitry Safonov , "David S. Miller" , Herbert Xu , Steffen Klassert , Dmitry Safonov <0x7f454c46@gmail.com>, netdev@vger.kernel.org Subject: [PATCH 06/18] netlink: Do not subscribe to non-existent groups Date: Thu, 26 Jul 2018 03:31:32 +0100 Message-Id: <20180726023144.31066-7-dima@arista.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20180726023144.31066-1-dima@arista.com> References: <20180726023144.31066-1-dima@arista.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Make ABI more strict about subscribing to group > ngroups. Code doesn't check for that and it looks bogus. (one can subscribe to non-existing group) Still, it's possible to bind() to all possible groups with (-1) Cc: "David S. Miller" Cc: Herbert Xu Cc: Steffen Klassert Cc: netdev@vger.kernel.org Signed-off-by: Dmitry Safonov --- net/netlink/af_netlink.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 393573a99a5a..ac805caed2e2 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1008,6 +1008,7 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr, if (err) return err; } + groups &= (1UL << nlk->ngroups) - 1; bound = nlk->bound; if (bound) { -- 2.13.6