From patchwork Sat Oct 20 21:33:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Davide Caratti X-Patchwork-Id: 987244 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42cwxt5wpQz9s8F for ; Sun, 21 Oct 2018 08:33:22 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726756AbeJUFpH (ORCPT ); Sun, 21 Oct 2018 01:45:07 -0400 Received: from mx1.redhat.com ([209.132.183.28]:36864 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726710AbeJUFpH (ORCPT ); Sun, 21 Oct 2018 01:45:07 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EA8A030832C2; Sat, 20 Oct 2018 21:33:17 +0000 (UTC) Received: from new-host.redhat.com (ovpn-204-59.brq.redhat.com [10.40.204.59]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7637817D6C; Sat, 20 Oct 2018 21:33:16 +0000 (UTC) From: Davide Caratti To: Jiri Pirko , Cong Wang , Jamal Hadi Salim , "David S. Miller" , netdev@vger.kernel.org Subject: [PATCH net 2/4] net/sched: act_police: disallow 'goto chain' on fallback control action Date: Sat, 20 Oct 2018 23:33:08 +0200 Message-Id: In-Reply-To: References: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Sat, 20 Oct 2018 21:33:18 +0000 (UTC) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org in the following command: # tc action add action police rate burst conform-exceed / 'goto chain x' is allowed only for c1: setting it for c2 makes the kernel crash with NULL pointer dereference, since TC core doesn't initialize the chain handle. Signed-off-by: Davide Caratti Acked-by: Cong Wang Acked-by: Jiri Pirko --- net/sched/act_police.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/net/sched/act_police.c b/net/sched/act_police.c index 5d8bfa878477..3b793393efd1 100644 --- a/net/sched/act_police.c +++ b/net/sched/act_police.c @@ -150,6 +150,16 @@ static int tcf_police_init(struct net *net, struct nlattr *nla, goto failure; } + if (tb[TCA_POLICE_RESULT]) { + police->tcfp_result = nla_get_u32(tb[TCA_POLICE_RESULT]); + if (TC_ACT_EXT_CMP(police->tcfp_result, TC_ACT_GOTO_CHAIN)) { + NL_SET_ERR_MSG(extack, + "goto chain not allowed on fallback"); + err = -EINVAL; + goto failure; + } + } + spin_lock_bh(&police->tcf_lock); /* No failure allowed after this point */ police->tcfp_mtu = parm->mtu; @@ -173,8 +183,6 @@ static int tcf_police_init(struct net *net, struct nlattr *nla, police->peak_present = false; } - if (tb[TCA_POLICE_RESULT]) - police->tcfp_result = nla_get_u32(tb[TCA_POLICE_RESULT]); police->tcfp_burst = PSCHED_TICKS2NS(parm->burst); police->tcfp_toks = police->tcfp_burst; if (police->peak_present) {