From: Roopa Prabhu <roopa@cumulusnetworks.com>
Date: Fri, 29 May 2020 05:12:35 +0000 (-0700)
Subject: vxlan: add check to prevent use of remote ip attributes with NDA_NH_ID
X-Git-Tag: baikal/mips/sdk5.9~13530^2~43^2~1
X-Git-Url: https://git.baikalelectronics.ru/sdk/?a=commitdiff_plain;h=8efa7b4a4cf58734c85d70aa6eceee3901b2807a;p=kernel.git

vxlan: add check to prevent use of remote ip attributes with NDA_NH_ID

NDA_NH_ID represents a remote ip or a group of remote ips.
It allows use of nexthop groups in lieu of a remote ip or a
list of remote ips supported by the fdb api.

Current code ignores the other remote ip attrs when NDA_NH_ID is
specified. In the spirit of strict checking, This commit adds a
check to explicitly return an error on incorrect usage.

Fixes: feeface2e67a ("vxlan: ecmp support for mac fdb entries")
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c
index a0015cdedfafb..fe606c6888556 100644
--- a/drivers/net/vxlan.c
+++ b/drivers/net/vxlan.c
@@ -1196,6 +1196,10 @@ static int vxlan_fdb_parse(struct nlattr *tb[], struct vxlan_dev *vxlan,
 	struct net *net = dev_net(vxlan->dev);
 	int err;
 
+	if (tb[NDA_NH_ID] && (tb[NDA_DST] || tb[NDA_VNI] || tb[NDA_IFINDEX] ||
+	    tb[NDA_PORT]))
+		return -EINVAL;
+
 	if (tb[NDA_DST]) {
 		err = vxlan_nla_get_addr(ip, tb[NDA_DST]);
 		if (err)