From: Thomas Deutschmann whissi@gentoo.org Date: Sat, 10 Nov 2018 20:20:01 +0100
Hi,
all stable kernels carrying
From 8b4c3cdd9dd8290343ce959a132d3b334062c5b9 Mon Sep 17 00:00:00 2001 From: David Ahern dsahern@gmail.com Date: Wed, 3 Oct 2018 15:05:36 -0700 Subject: [PATCH] net: sched: Add policy validation for tc attributes
A number of TC attributes are processed without proper validation (e.g., length checks). Add a tca policy for all input attributes and use when invoking nlmsg_parse.
The 2 Fixes tags below cover the latest additions. The other attributes are a string (KIND), nested attribute (OPTIONS which does seem to have validation in most cases), for dumps only or a flag.
Fixes: 5bc1701881e39 ("net: sched: introduce multichain support for filters") Fixes: d47a6b0e7c492 ("net: sched: introduce ingress/egress block index attributes for qdisc") Signed-off-by: David Ahern dsahern@gmail.com Signed-off-by: David S. Miller davem@davemloft.net
should backport
From e72bde6b66299602087c8c2350d36a525e75d06e Mon Sep 17 00:00:00 2001 From: David Ahern dsahern@gmail.com Date: Wed, 24 Oct 2018 08:32:49 -0700 Subject: [PATCH] net: sched: Remove TCA_OPTIONS from policy
Marco reported an error with hfsc: root@Calimero:~# tc qdisc add dev eth0 root handle 1:0 hfsc default 1 Error: Attribute failed policy validation.
Apparently a few implementations pass TCA_OPTIONS as a binary instead of nested attribute, so drop TCA_OPTIONS from the policy.
Fixes: 8b4c3cdd9dd8 ("net: sched: Add policy validation for tc attributes") Reported-by: Marco Berizzi pupilla@libero.it Signed-off-by: David Ahern dsahern@gmail.com Signed-off-by: David S. Miller davem@davemloft.net
Indeed, -stable folks please add this latter patch on top.
Thank you.