net: Set strict_start_type for routes and rules
New userspace on an older kernel can send unknown and unsupported attributes resulting in an incompelete config which is almost always wrong for routing (few exceptions are passthrough settings like the protocol that installed the route). Set strict_start_type in the policies for IPv4 and IPv6 routes and rules to detect new, unsupported attributes and fail the route add. Signed-off-by: David Ahern <dsahern@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David Ahern
committed by
David S. Miller
David S. Miller
parent
e38f7cbd36
commit
75425657fe
@@ -103,6 +103,7 @@ struct fib_rule_notifier_info {
|
||||
};
|
||||
|
||||
#define FRA_GENERIC_POLICY \
|
||||
[FRA_UNSPEC] = { .strict_start_type = FRA_DPORT_RANGE + 1 }, \
|
||||
[FRA_IIFNAME] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 }, \
|
||||
[FRA_OIFNAME] = { .type = NLA_STRING, .len = IFNAMSIZ - 1 }, \
|
||||
[FRA_PRIORITY] = { .type = NLA_U32 }, \
|
||||
|
||||
Reference in New Issue
Block a user