[PATCH net v2] bonding: add ip checks when store ip target

[PATCH net v2] bonding: add ip checks when store ip target

[Ding Tianhong]

I met a Bug when I add ip target with the wrong ip address:

echo +500.500.500.500 > /sys/class/net/bond0/bonding/arp_ip_target

the wrong ip address will transfor to 245.245.245.244 and add
to the ip target success, it is uncorrect, so I add checks to avoid
adding wrong address.

The in4_pton() will set wrong ip address to 0.0.0.0, it will return by
the next check and will not add to ip target.

Thanks for Veaceslav's opinion and make the code more simplify.

Signed-off-by: Ding Tianhong <dingtianhong@huawei.com>
---
 drivers/net/bonding/bond_sysfs.c | 19 ++++++-------------
 1 file changed, 6 insertions(+), 13 deletions(-)

diff --git a/drivers/net/bonding/bond_sysfs.c b/drivers/net/bonding/bond_sysfs.c
index 25ef533..8dd34eb 100644
--- a/drivers/net/bonding/bond_sysfs.c
+++ b/drivers/net/bonding/bond_sysfs.c
@@ -611,15 +611,14 @@ static ssize_t bonding_store_arp_targets(struct device *d,
 		return restart_syscall();
 
 	targets = bond->params.arp_targets;
-	newtarget = in_aton(buf + 1);
+	if (!in4_pton(buf + 1, -1, (u8 *)&newtarget, -1, NULL) ||
+			newtarget == 0) {
+		pr_err("%s: invalid ARP target %pI4 specified for addition\n",
+		       bond->dev->name, &newtarget);
+		goto out;
+	}
 	/* look for adds */
 	if (buf[0] == '+') {
-		if ((newtarget == 0) || (newtarget == htonl(INADDR_BROADCAST))) {
-			pr_err("%s: invalid ARP target %pI4 specified for addition\n",
-			       bond->dev->name, &newtarget);
-			goto out;
-		}
-
 		if (bond_get_targets_ip(targets, newtarget) != -1) { /* dup */
 			pr_err("%s: ARP target %pI4 is already present\n",
 			       bond->dev->name, &newtarget);
@@ -642,12 +641,6 @@ static ssize_t bonding_store_arp_targets(struct device *d,
 		targets[ind] = newtarget;
 		write_unlock_bh(&bond->lock);
 	} else if (buf[0] == '-')	{
-		if ((newtarget == 0) || (newtarget == htonl(INADDR_BROADCAST))) {
-			pr_err("%s: invalid ARP target %pI4 specified for removal\n",
-			       bond->dev->name, &newtarget);
-			goto out;
-		}
-
 		ind = bond_get_targets_ip(targets, newtarget);
 		if (ind == -1) {
 			pr_err("%s: unable to remove nonexistent ARP target %pI4.\n",
-- 
1.7.12

Re: [PATCH net v2] bonding: add ip checks when store ip target

[Veaceslav Falico]

On Thu, Nov 14, 2013 at 10:35:44AM +0800, Ding Tianhong wrote:
...snip...
>-	newtarget = in_aton(buf + 1);
>+	if (!in4_pton(buf + 1, -1, (u8 *)&newtarget, -1, NULL) ||
>+			newtarget == 0) {

Good catch on that newtarget verification, forgot to add it. However, the
previous checked not only for all-zeroes, but also for the broadcast, so
it'd be great if you could maintain the previous functionality/checks.

Or, even better, you could do something like SCTP does in
IS_IPV4_UNUSABLE_ADDRESS():

353 #define IS_IPV4_UNUSABLE_ADDRESS(a)         \
354         ((htonl(INADDR_BROADCAST) == a) ||  \
355          ipv4_is_multicast(a) ||            \
356          ipv4_is_zeronet(a) ||              \
357          ipv4_is_test_198(a) ||             \
358          ipv4_is_anycast_6to4(a))

It's up to you, though, I think that either way works good - it's
sysadmin's job to know which addresses can/have to be used.

Also, fix the identation.

Thanks!

>+		pr_err("%s: invalid ARP target %pI4 specified for addition\n",
>+		       bond->dev->name, &newtarget);
>+		goto out;
>+	}
> 	/* look for adds */
> 	if (buf[0] == '+') {
>-		if ((newtarget == 0) || (newtarget == htonl(INADDR_BROADCAST))) {
>-			pr_err("%s: invalid ARP target %pI4 specified for addition\n",
>-			       bond->dev->name, &newtarget);
>-			goto out;
>-		}
>-
> 		if (bond_get_targets_ip(targets, newtarget) != -1) { /* dup */
> 			pr_err("%s: ARP target %pI4 is already present\n",
> 			       bond->dev->name, &newtarget);
...snip...

Re: [PATCH net v2] bonding: add ip checks when store ip target

[Ding Tianhong]

On 2013/11/14 18:10, Veaceslav Falico wrote:
> On Thu, Nov 14, 2013 at 10:35:44AM +0800, Ding Tianhong wrote:
> ...snip...
>> -    newtarget = in_aton(buf + 1);
>> +    if (!in4_pton(buf + 1, -1, (u8 *)&newtarget, -1, NULL) ||
>> +            newtarget == 0) {
> 
> Good catch on that newtarget verification, forgot to add it. However, the
> previous checked not only for all-zeroes, but also for the broadcast, so
> it'd be great if you could maintain the previous functionality/checks.
> 
> Or, even better, you could do something like SCTP does in
> IS_IPV4_UNUSABLE_ADDRESS():
> 
> 353 #define IS_IPV4_UNUSABLE_ADDRESS(a)         \
> 354         ((htonl(INADDR_BROADCAST) == a) ||  \
> 355          ipv4_is_multicast(a) ||            \
> 356          ipv4_is_zeronet(a) ||              \
> 357          ipv4_is_test_198(a) ||             \
> 358          ipv4_is_anycast_6to4(a))
> 
> It's up to you, though, I think that either way works good - it's
> sysadmin's job to know which addresses can/have to be used.
> 
> Also, fix the identation.
> 
> Thanks!
> 

ok

>> +        pr_err("%s: invalid ARP target %pI4 specified for addition\n",
>> +               bond->dev->name, &newtarget);
>> +        goto out;
>> +    }
>>     /* look for adds */
>>     if (buf[0] == '+') {
>> -        if ((newtarget == 0) || (newtarget == htonl(INADDR_BROADCAST))) {
>> -            pr_err("%s: invalid ARP target %pI4 specified for addition\n",
>> -                   bond->dev->name, &newtarget);
>> -            goto out;
>> -        }
>> -
>>         if (bond_get_targets_ip(targets, newtarget) != -1) { /* dup */
>>             pr_err("%s: ARP target %pI4 is already present\n",
>>                    bond->dev->name, &newtarget);
> ...snip...
> 
> .
>