network: reject bridge port priorities above kernel's max value. (#5877)

Bridge port priority in the kernel can only be between 0 and 63. Therefore reject values above maximum. Fixes: #5729
author: Dimitri John Ledkov <xnox@ubuntu.com> 2017-05-02 20:32:42 +0100
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2017-05-02 15:32:42 -0400
commit: f00ff0de40030ed86e7d78c8c1f77b042b51d38c (patch)
tree: 03a50b922c2b8a8455fce12e5b6fbd4f0a4fa2b4
parent: b7674ecd5b456d31c7a459f002ccb995a2daec50 (diff)
4 files changed, 47 insertions, 3 deletions
diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c
index 092a1eabb0..337241a815 100644
--- a/src/libsystemd-network/network-internal.c
+++ b/src/libsystemd-network/network-internal.c
@@ -349,6 +349,45 @@ int config_parse_iaid(const char *unit,
         return 0;
 }
 
+int config_parse_bridge_port_priority(
+                const char *unit,
+                const char *filename,
+                unsigned line,
+                const char *section,
+                unsigned section_line,
+                const char *lvalue,
+                int ltype,
+                const char *rvalue,
+                void *data,
+                void *userdata) {
+
+        uint16_t i;
+        int r;
+
+        assert(filename);
+        assert(lvalue);
+        assert(rvalue);
+        assert(data);
+
+        r = safe_atou16(rvalue, &i);
+        if (r < 0) {
+                log_syntax(unit, LOG_ERR, filename, line, r,
+                           "Failed to parse bridge port priority, ignoring: %s", rvalue);
+                return 0;
+        }
+
+        if (i > LINK_BRIDGE_PORT_PRIORITY_MAX) {
+                log_syntax(unit, LOG_ERR, filename, line, r,
+                           "Bridge port priority is larger than maximum %u, ignoring: %s", LINK_BRIDGE_PORT_PRIORITY_MAX, rvalue);
+                return 0;
+        }
+
+        *((uint16_t *)data) = i;
+
+        return 0;
+}
+
+
 void serialize_in_addrs(FILE *f, const struct in_addr *addresses, size_t size) {
         unsigned i;
 
diff --git a/src/libsystemd-network/network-internal.h b/src/libsystemd-network/network-internal.h
index 5bcd577167..4666f174e9 100644
--- a/src/libsystemd-network/network-internal.h
+++ b/src/libsystemd-network/network-internal.h
@@ -26,6 +26,9 @@
 #include "condition.h"
 #include "udev.h"
 
+#define LINK_BRIDGE_PORT_PRIORITY_INVALID 128
+#define LINK_BRIDGE_PORT_PRIORITY_MAX 63
+
 bool net_match_config(const struct ether_addr *match_mac,
                       char * const *match_path,
                       char * const *match_driver,
@@ -62,6 +65,10 @@ int config_parse_iaid(const char *unit, const char *filename, unsigned line,
                       const char *section, unsigned section_line, const char *lvalue,
                       int ltype, const char *rvalue, void *data, void *userdata);
 
+int config_parse_bridge_port_priority(const char *unit, const char *filename, unsigned line,
+                      const char *section, unsigned section_line, const char *lvalue,
+                      int ltype, const char *rvalue, void *data, void *userdata);
+
 int net_get_unique_predictable_data(struct udev_device *device, uint64_t *result);
 const char *net_get_name(struct udev_device *device);
 
diff --git a/src/network/networkd-link.h b/src/network/networkd-link.h
index 39c8430ac3..be5c4f3284 100644
--- a/src/network/networkd-link.h
+++ b/src/network/networkd-link.h
@@ -33,8 +33,6 @@
 #include "list.h"
 #include "set.h"
 
-#define LINK_BRIDGE_PORT_PRIORITY_INVALID 128
-
 typedef enum LinkState {
         LINK_STATE_PENDING,
         LINK_STATE_ENSLAVING,
diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf
index 6c4530fbd4..ee8bd6faf7 100644
--- a/src/network/networkd-network-gperf.gperf
+++ b/src/network/networkd-network-gperf.gperf
@@ -129,7 +129,7 @@ Bridge.HairPin,                         config_parse_bool,
 Bridge.FastLeave,                       config_parse_bool,                              0,                             offsetof(Network, fast_leave)
 Bridge.AllowPortToBeRoot,               config_parse_bool,                              0,                             offsetof(Network, allow_port_to_be_root)
 Bridge.UnicastFlood,                    config_parse_bool,                              0,                             offsetof(Network, unicast_flood)
-Bridge.Priority,                        config_parse_uint16,                            0,                             offsetof(Network, priority)
+Bridge.Priority,                        config_parse_bridge_port_priority,              0,                             offsetof(Network, priority)
 BridgeFDB.MACAddress,                   config_parse_fdb_hwaddr,                        0,                             0
 BridgeFDB.VLANId,                       config_parse_fdb_vlan_id,                       0,                             0
 BridgeVLAN.PVID,                        config_parse_brvlan_pvid,                       0,                             0
author	Dimitri John Ledkov <xnox@ubuntu.com>	2017-05-02 20:32:42 +0100
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2017-05-02 15:32:42 -0400
commit	f00ff0de40030ed86e7d78c8c1f77b042b51d38c (patch)
tree	03a50b922c2b8a8455fce12e5b6fbd4f0a4fa2b4
parent	b7674ecd5b456d31c7a459f002ccb995a2daec50 (diff)