rtnl: protect do_setlink from IFLA_XDP_ATTACHED

The IFLA_XDP_ATTACHED nested attribute is meant for read-only, and while
do_setlink properly ignores it, it should be more paranoid and reject
commands that try to set it.

Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index eba2b8260dbdf6d78a6ee312e3dec59a0b4eab43..189cc78c77eba22b0023cc9598e719a308c77547 100644 (file)
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -2109,6 +2109,10 @@ static int do_setlink(const struct sk_buff *skb,
                if (err < 0)
                        goto errout;
 
+               if (xdp[IFLA_XDP_ATTACHED]) {
+                       err = -EINVAL;
+                       goto errout;
+               }
                if (xdp[IFLA_XDP_FD]) {
                        err = dev_change_xdp_fd(dev,
                                                nla_get_s32(xdp[IFLA_XDP_FD]));