net: vrf: do not allow table id 0
authorDavid Ahern <dsa@cumulusnetworks.com>
Tue, 10 Jan 2017 23:22:25 +0000 (15:22 -0800)
committerDavid S. Miller <davem@davemloft.net>
Wed, 11 Jan 2017 15:04:01 +0000 (10:04 -0500)
Frank reported that vrf devices can be created with a table id of 0.
This breaks many of the run time table id checks and should not be
allowed. Detect this condition at create time and fail with EINVAL.

Fixes: 193125dbd8eb ("net: Introduce VRF device driver")
Reported-by: Frank Kellermann <frank.kellermann@atos.net>
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
drivers/net/vrf.c

index 0a067708aa39ab578b6a90d70b0fa7cab520eef2..454f907d419a7f87cc0ae1813f40c054726be7e8 100644 (file)
@@ -1252,6 +1252,8 @@ static int vrf_newlink(struct net *src_net, struct net_device *dev,
                return -EINVAL;
 
        vrf->tb_id = nla_get_u32(data[IFLA_VRF_TABLE]);
+       if (vrf->tb_id == RT_TABLE_UNSPEC)
+               return -EINVAL;
 
        dev->priv_flags |= IFF_L3MDEV_MASTER;