vxlan: use the correct nlattr array in NL_SET_ERR_MSG_ATTR

BugLink: https://bugs.launchpad.net/bugs/1876361
[ Upstream commit cc8e7c69db4dcc565ed3020f97ddd6debab6cbe8 ]

IFLA_VXLAN_* attributes are in the data array, which is correctly
used when fetching the value, but not when setting the extended
ack. Because IFLA_VXLAN_MAX < IFLA_MAX, we avoid out of bounds
array accesses, but we don't provide a pointer to the invalid
attribute to userspace.

Fixes: 653ef6a3e4af ("vxlan: change vxlan_[config_]validate() to use netlink_ext_ack for error reporting")
Fixes: b4d3069783bc ("vxlan: Allow configuration of DF behaviour")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c
index f5e5af92564da4e11765ee3771d0ec38caeb0108..ceaeda7e61b1cb396e4cac6fcf020889771d40c8 100644 (file)
--- a/drivers/net/vxlan.c
+++ b/drivers/net/vxlan.c
@@ -3330,7 +3330,7 @@ static int vxlan_validate(struct nlattr *tb[], struct nlattr *data[],
                u32 id = nla_get_u32(data[IFLA_VXLAN_ID]);
 
                if (id >= VXLAN_N_VID) {
-                       NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_VXLAN_ID],
+                       NL_SET_ERR_MSG_ATTR(extack, data[IFLA_VXLAN_ID],
                                            "VXLAN ID must be lower than 16777216");
                        return -ERANGE;
                }
@@ -3341,7 +3341,7 @@ static int vxlan_validate(struct nlattr *tb[], struct nlattr *data[],
                        = nla_data(data[IFLA_VXLAN_PORT_RANGE]);
 
                if (ntohs(p->high) < ntohs(p->low)) {
-                       NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_VXLAN_PORT_RANGE],
+                       NL_SET_ERR_MSG_ATTR(extack, data[IFLA_VXLAN_PORT_RANGE],
                                            "Invalid source port range");
                        return -EINVAL;
                }
@@ -3351,7 +3351,7 @@ static int vxlan_validate(struct nlattr *tb[], struct nlattr *data[],
                enum ifla_vxlan_df df = nla_get_u8(data[IFLA_VXLAN_DF]);
 
                if (df < 0 || df > VXLAN_DF_MAX) {
-                       NL_SET_ERR_MSG_ATTR(extack, tb[IFLA_VXLAN_DF],
+                       NL_SET_ERR_MSG_ATTR(extack, data[IFLA_VXLAN_DF],
                                            "Invalid DF attribute");
                        return -EINVAL;
                }