* [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
@ 2023-07-23 7:50 ` Lin Ma
0 siblings, 0 replies; 14+ messages in thread
From: Lin Ma @ 2023-07-23 7:50 UTC (permalink / raw)
To: jesse.brandeburg, anthony.l.nguyen, davem, edumazet, kuba,
pabeni, richardcochran, ast, daniel, hawk, john.fastabend,
intel-wired-lan, netdev, linux-kernel
Cc: Lin Ma
The nla_for_each_nested parsing in function i40e_ndo_bridge_setlink()
does not check the length of the attribute. This can lead to an
out-of-attribute read and allow a malformed nlattr (e.g., length 0) to
be viewed as a 2 byte integer.
This patch adds the check based on nla_len() just as other code does,
see how bnxt_bridge_setlink (drivers/net/ethernet/broadcom/bnxt/bnxt.c)
parses IFLA_AF_SPEC: type checking plus length checking.
Fixes: 51616018dd1b ("i40e: Add support for getlink, setlink ndo ops")
Signed-off-by: Lin Ma <linma@zju.edu.cn>
---
drivers/net/ethernet/intel/i40e/i40e_main.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/net/ethernet/intel/i40e/i40e_main.c b/drivers/net/ethernet/intel/i40e/i40e_main.c
index 29ad1797adce..6363357bdeeb 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_main.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_main.c
@@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
if (nla_type(attr) != IFLA_BRIDGE_MODE)
continue;
+ if (nla_len(attr) < sizeof(mode))
+ return -EINVAL;
+
mode = nla_get_u16(attr);
if ((mode != BRIDGE_MODE_VEPA) &&
(mode != BRIDGE_MODE_VEB))
--
2.17.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Intel-wired-lan] [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
@ 2023-07-23 7:50 ` Lin Ma
0 siblings, 0 replies; 14+ messages in thread
From: Lin Ma @ 2023-07-23 7:50 UTC (permalink / raw)
To: jesse.brandeburg, anthony.l.nguyen, davem, edumazet, kuba,
pabeni, richardcochran, ast, daniel, hawk, john.fastabend,
intel-wired-lan, netdev, linux-kernel
Cc: Lin Ma
The nla_for_each_nested parsing in function i40e_ndo_bridge_setlink()
does not check the length of the attribute. This can lead to an
out-of-attribute read and allow a malformed nlattr (e.g., length 0) to
be viewed as a 2 byte integer.
This patch adds the check based on nla_len() just as other code does,
see how bnxt_bridge_setlink (drivers/net/ethernet/broadcom/bnxt/bnxt.c)
parses IFLA_AF_SPEC: type checking plus length checking.
Fixes: 51616018dd1b ("i40e: Add support for getlink, setlink ndo ops")
Signed-off-by: Lin Ma <linma@zju.edu.cn>
---
drivers/net/ethernet/intel/i40e/i40e_main.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/net/ethernet/intel/i40e/i40e_main.c b/drivers/net/ethernet/intel/i40e/i40e_main.c
index 29ad1797adce..6363357bdeeb 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_main.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_main.c
@@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
if (nla_type(attr) != IFLA_BRIDGE_MODE)
continue;
+ if (nla_len(attr) < sizeof(mode))
+ return -EINVAL;
+
mode = nla_get_u16(attr);
if ((mode != BRIDGE_MODE_VEPA) &&
(mode != BRIDGE_MODE_VEB))
--
2.17.1
_______________________________________________
Intel-wired-lan mailing list
Intel-wired-lan@osuosl.org
https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
2023-07-23 7:50 ` [Intel-wired-lan] " Lin Ma
@ 2023-07-24 17:44 ` Leon Romanovsky
-1 siblings, 0 replies; 14+ messages in thread
From: Leon Romanovsky @ 2023-07-24 17:44 UTC (permalink / raw)
To: Lin Ma
Cc: jesse.brandeburg, anthony.l.nguyen, davem, edumazet, kuba,
pabeni, richardcochran, ast, daniel, hawk, john.fastabend,
intel-wired-lan, netdev, linux-kernel
On Sun, Jul 23, 2023 at 03:50:42PM +0800, Lin Ma wrote:
> The nla_for_each_nested parsing in function i40e_ndo_bridge_setlink()
> does not check the length of the attribute. This can lead to an
> out-of-attribute read and allow a malformed nlattr (e.g., length 0) to
> be viewed as a 2 byte integer.
>
> This patch adds the check based on nla_len() just as other code does,
> see how bnxt_bridge_setlink (drivers/net/ethernet/broadcom/bnxt/bnxt.c)
> parses IFLA_AF_SPEC: type checking plus length checking.
>
> Fixes: 51616018dd1b ("i40e: Add support for getlink, setlink ndo ops")
> Signed-off-by: Lin Ma <linma@zju.edu.cn>
> ---
> drivers/net/ethernet/intel/i40e/i40e_main.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/net/ethernet/intel/i40e/i40e_main.c b/drivers/net/ethernet/intel/i40e/i40e_main.c
> index 29ad1797adce..6363357bdeeb 100644
> --- a/drivers/net/ethernet/intel/i40e/i40e_main.c
> +++ b/drivers/net/ethernet/intel/i40e/i40e_main.c
> @@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
> if (nla_type(attr) != IFLA_BRIDGE_MODE)
> continue;
>
> + if (nla_len(attr) < sizeof(mode))
> + return -EINVAL;
> +
I see that you added this hunk to all users of nla_for_each_nested(), it
will be great to make that iterator to skip such empty attributes.
However, i don't know nettlink good enough to say if your change is
valid in first place.
Thanks
> mode = nla_get_u16(attr);
> if ((mode != BRIDGE_MODE_VEPA) &&
> (mode != BRIDGE_MODE_VEB))
> --
> 2.17.1
>
>
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Intel-wired-lan] [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
@ 2023-07-24 17:44 ` Leon Romanovsky
0 siblings, 0 replies; 14+ messages in thread
From: Leon Romanovsky @ 2023-07-24 17:44 UTC (permalink / raw)
To: Lin Ma
Cc: hawk, daniel, intel-wired-lan, richardcochran, john.fastabend,
jesse.brandeburg, ast, edumazet, anthony.l.nguyen, netdev, kuba,
pabeni, davem, linux-kernel
On Sun, Jul 23, 2023 at 03:50:42PM +0800, Lin Ma wrote:
> The nla_for_each_nested parsing in function i40e_ndo_bridge_setlink()
> does not check the length of the attribute. This can lead to an
> out-of-attribute read and allow a malformed nlattr (e.g., length 0) to
> be viewed as a 2 byte integer.
>
> This patch adds the check based on nla_len() just as other code does,
> see how bnxt_bridge_setlink (drivers/net/ethernet/broadcom/bnxt/bnxt.c)
> parses IFLA_AF_SPEC: type checking plus length checking.
>
> Fixes: 51616018dd1b ("i40e: Add support for getlink, setlink ndo ops")
> Signed-off-by: Lin Ma <linma@zju.edu.cn>
> ---
> drivers/net/ethernet/intel/i40e/i40e_main.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/net/ethernet/intel/i40e/i40e_main.c b/drivers/net/ethernet/intel/i40e/i40e_main.c
> index 29ad1797adce..6363357bdeeb 100644
> --- a/drivers/net/ethernet/intel/i40e/i40e_main.c
> +++ b/drivers/net/ethernet/intel/i40e/i40e_main.c
> @@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
> if (nla_type(attr) != IFLA_BRIDGE_MODE)
> continue;
>
> + if (nla_len(attr) < sizeof(mode))
> + return -EINVAL;
> +
I see that you added this hunk to all users of nla_for_each_nested(), it
will be great to make that iterator to skip such empty attributes.
However, i don't know nettlink good enough to say if your change is
valid in first place.
Thanks
> mode = nla_get_u16(attr);
> if ((mode != BRIDGE_MODE_VEPA) &&
> (mode != BRIDGE_MODE_VEB))
> --
> 2.17.1
>
>
_______________________________________________
Intel-wired-lan mailing list
Intel-wired-lan@osuosl.org
https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
2023-07-24 17:44 ` [Intel-wired-lan] " Leon Romanovsky
@ 2023-07-24 21:21 ` Jakub Kicinski
-1 siblings, 0 replies; 14+ messages in thread
From: Jakub Kicinski @ 2023-07-24 21:21 UTC (permalink / raw)
To: Leon Romanovsky, Lin Ma
Cc: jesse.brandeburg, anthony.l.nguyen, davem, edumazet, pabeni,
richardcochran, ast, daniel, hawk, john.fastabend,
intel-wired-lan, netdev, linux-kernel
On Mon, 24 Jul 2023 20:44:35 +0300 Leon Romanovsky wrote:
> > @@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
> > if (nla_type(attr) != IFLA_BRIDGE_MODE)
> > continue;
> >
> > + if (nla_len(attr) < sizeof(mode))
> > + return -EINVAL;
> > +
>
> I see that you added this hunk to all users of nla_for_each_nested(), it
> will be great to make that iterator to skip such empty attributes.
>
> However, i don't know nettlink good enough to say if your change is
> valid in first place.
Empty attributes are valid, we can't do that.
But there's a loop in rtnl_bridge_setlink() which checks the attributes.
We can add the check there instead of all users, as Leon points out.
(Please just double check that all ndo_bridge_setlink implementation
expect this value to be a u16, they should/)
--
pw-bot: cr
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Intel-wired-lan] [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
@ 2023-07-24 21:21 ` Jakub Kicinski
0 siblings, 0 replies; 14+ messages in thread
From: Jakub Kicinski @ 2023-07-24 21:21 UTC (permalink / raw)
To: Leon Romanovsky, Lin Ma
Cc: hawk, daniel, netdev, richardcochran, john.fastabend,
jesse.brandeburg, ast, edumazet, anthony.l.nguyen,
intel-wired-lan, pabeni, davem, linux-kernel
On Mon, 24 Jul 2023 20:44:35 +0300 Leon Romanovsky wrote:
> > @@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
> > if (nla_type(attr) != IFLA_BRIDGE_MODE)
> > continue;
> >
> > + if (nla_len(attr) < sizeof(mode))
> > + return -EINVAL;
> > +
>
> I see that you added this hunk to all users of nla_for_each_nested(), it
> will be great to make that iterator to skip such empty attributes.
>
> However, i don't know nettlink good enough to say if your change is
> valid in first place.
Empty attributes are valid, we can't do that.
But there's a loop in rtnl_bridge_setlink() which checks the attributes.
We can add the check there instead of all users, as Leon points out.
(Please just double check that all ndo_bridge_setlink implementation
expect this value to be a u16, they should/)
--
pw-bot: cr
_______________________________________________
Intel-wired-lan mailing list
Intel-wired-lan@osuosl.org
https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
2023-07-24 21:21 ` [Intel-wired-lan] " Jakub Kicinski
@ 2023-07-25 0:00 ` Lin Ma
-1 siblings, 0 replies; 14+ messages in thread
From: Lin Ma @ 2023-07-25 0:00 UTC (permalink / raw)
To: Jakub Kicinski
Cc: Leon Romanovsky, jesse.brandeburg, anthony.l.nguyen, davem,
edumazet, pabeni, richardcochran, ast, daniel, hawk,
john.fastabend, intel-wired-lan, netdev, linux-kernel
Hello Jakub,
> On Mon, 24 Jul 2023 20:44:35 +0300 Leon Romanovsky wrote:
> > > @@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
> > > if (nla_type(attr) != IFLA_BRIDGE_MODE)
> > > continue;
> > >
> > > + if (nla_len(attr) < sizeof(mode))
> > > + return -EINVAL;
> > > +
> >
> > I see that you added this hunk to all users of nla_for_each_nested(), it
> > will be great to make that iterator to skip such empty attributes.
> >
> > However, i don't know nettlink good enough to say if your change is
> > valid in first place.
>
> Empty attributes are valid, we can't do that.
>
> But there's a loop in rtnl_bridge_setlink() which checks the attributes.
Cool, I will check this out and prepare another patch.
> We can add the check there instead of all users, as Leon points out.
> (Please just double check that all ndo_bridge_setlink implementation
> expect this value to be a u16, they should/)
Okay, I will finish that ASAP
> --
> pw-bot: cr
Regards
Lin
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Intel-wired-lan] [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
@ 2023-07-25 0:00 ` Lin Ma
0 siblings, 0 replies; 14+ messages in thread
From: Lin Ma @ 2023-07-25 0:00 UTC (permalink / raw)
To: Jakub Kicinski
Cc: daniel, Leon Romanovsky, netdev, richardcochran, john.fastabend,
jesse.brandeburg, ast, edumazet, anthony.l.nguyen,
intel-wired-lan, pabeni, davem, linux-kernel, hawk
Hello Jakub,
> On Mon, 24 Jul 2023 20:44:35 +0300 Leon Romanovsky wrote:
> > > @@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
> > > if (nla_type(attr) != IFLA_BRIDGE_MODE)
> > > continue;
> > >
> > > + if (nla_len(attr) < sizeof(mode))
> > > + return -EINVAL;
> > > +
> >
> > I see that you added this hunk to all users of nla_for_each_nested(), it
> > will be great to make that iterator to skip such empty attributes.
> >
> > However, i don't know nettlink good enough to say if your change is
> > valid in first place.
>
> Empty attributes are valid, we can't do that.
>
> But there's a loop in rtnl_bridge_setlink() which checks the attributes.
Cool, I will check this out and prepare another patch.
> We can add the check there instead of all users, as Leon points out.
> (Please just double check that all ndo_bridge_setlink implementation
> expect this value to be a u16, they should/)
Okay, I will finish that ASAP
> --
> pw-bot: cr
Regards
Lin
_______________________________________________
Intel-wired-lan mailing list
Intel-wired-lan@osuosl.org
https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Intel-wired-lan] [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
2023-07-24 21:21 ` [Intel-wired-lan] " Jakub Kicinski
@ 2023-07-25 5:40 ` Leon Romanovsky
-1 siblings, 0 replies; 14+ messages in thread
From: Leon Romanovsky @ 2023-07-25 5:40 UTC (permalink / raw)
To: Jakub Kicinski
Cc: ast, hawk, daniel, netdev, richardcochran, john.fastabend,
jesse.brandeburg, Lin Ma, edumazet, anthony.l.nguyen,
intel-wired-lan, pabeni, davem, linux-kernel
On Mon, Jul 24, 2023 at 02:21:55PM -0700, Jakub Kicinski wrote:
> On Mon, 24 Jul 2023 20:44:35 +0300 Leon Romanovsky wrote:
> > > @@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
> > > if (nla_type(attr) != IFLA_BRIDGE_MODE)
> > > continue;
> > >
> > > + if (nla_len(attr) < sizeof(mode))
> > > + return -EINVAL;
> > > +
> >
> > I see that you added this hunk to all users of nla_for_each_nested(), it
> > will be great to make that iterator to skip such empty attributes.
> >
> > However, i don't know nettlink good enough to say if your change is
> > valid in first place.
>
> Empty attributes are valid, we can't do that.
Maybe Lin can add special version of nla_for_each_nested() which will
skip these empty NLAs, for code which don't allow empty attributes.
>
> But there's a loop in rtnl_bridge_setlink() which checks the attributes.
> We can add the check there instead of all users, as Leon points out.
> (Please just double check that all ndo_bridge_setlink implementation
> expect this value to be a u16, they should/)
> --
> pw-bot: cr
_______________________________________________
Intel-wired-lan mailing list
Intel-wired-lan@osuosl.org
https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
@ 2023-07-25 5:40 ` Leon Romanovsky
0 siblings, 0 replies; 14+ messages in thread
From: Leon Romanovsky @ 2023-07-25 5:40 UTC (permalink / raw)
To: Jakub Kicinski
Cc: Lin Ma, jesse.brandeburg, anthony.l.nguyen, davem, edumazet,
pabeni, richardcochran, ast, daniel, hawk, john.fastabend,
intel-wired-lan, netdev, linux-kernel
On Mon, Jul 24, 2023 at 02:21:55PM -0700, Jakub Kicinski wrote:
> On Mon, 24 Jul 2023 20:44:35 +0300 Leon Romanovsky wrote:
> > > @@ -13186,6 +13186,9 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
> > > if (nla_type(attr) != IFLA_BRIDGE_MODE)
> > > continue;
> > >
> > > + if (nla_len(attr) < sizeof(mode))
> > > + return -EINVAL;
> > > +
> >
> > I see that you added this hunk to all users of nla_for_each_nested(), it
> > will be great to make that iterator to skip such empty attributes.
> >
> > However, i don't know nettlink good enough to say if your change is
> > valid in first place.
>
> Empty attributes are valid, we can't do that.
Maybe Lin can add special version of nla_for_each_nested() which will
skip these empty NLAs, for code which don't allow empty attributes.
>
> But there's a loop in rtnl_bridge_setlink() which checks the attributes.
> We can add the check there instead of all users, as Leon points out.
> (Please just double check that all ndo_bridge_setlink implementation
> expect this value to be a u16, they should/)
> --
> pw-bot: cr
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Intel-wired-lan] [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
2023-07-25 5:40 ` Leon Romanovsky
@ 2023-07-25 16:53 ` Jakub Kicinski
-1 siblings, 0 replies; 14+ messages in thread
From: Jakub Kicinski @ 2023-07-25 16:53 UTC (permalink / raw)
To: Leon Romanovsky
Cc: ast, hawk, daniel, netdev, richardcochran, john.fastabend,
jesse.brandeburg, Lin Ma, edumazet, anthony.l.nguyen,
intel-wired-lan, pabeni, davem, linux-kernel
On Tue, 25 Jul 2023 08:40:46 +0300 Leon Romanovsky wrote:
> > Empty attributes are valid, we can't do that.
>
> Maybe Lin can add special version of nla_for_each_nested() which will
> skip these empty NLAs, for code which don't allow empty attributes.
It's way too arbitrary. Empty attrs are 100% legit, they are called
NLA_FLAG in policy parlance. They are basically a boolean.
_______________________________________________
Intel-wired-lan mailing list
Intel-wired-lan@osuosl.org
https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
@ 2023-07-25 16:53 ` Jakub Kicinski
0 siblings, 0 replies; 14+ messages in thread
From: Jakub Kicinski @ 2023-07-25 16:53 UTC (permalink / raw)
To: Leon Romanovsky
Cc: Lin Ma, jesse.brandeburg, anthony.l.nguyen, davem, edumazet,
pabeni, richardcochran, ast, daniel, hawk, john.fastabend,
intel-wired-lan, netdev, linux-kernel
On Tue, 25 Jul 2023 08:40:46 +0300 Leon Romanovsky wrote:
> > Empty attributes are valid, we can't do that.
>
> Maybe Lin can add special version of nla_for_each_nested() which will
> skip these empty NLAs, for code which don't allow empty attributes.
It's way too arbitrary. Empty attrs are 100% legit, they are called
NLA_FLAG in policy parlance. They are basically a boolean.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
2023-07-25 16:53 ` Jakub Kicinski
@ 2023-07-25 18:36 ` Leon Romanovsky
-1 siblings, 0 replies; 14+ messages in thread
From: Leon Romanovsky @ 2023-07-25 18:36 UTC (permalink / raw)
To: Jakub Kicinski
Cc: Lin Ma, jesse.brandeburg, anthony.l.nguyen, davem, edumazet,
pabeni, richardcochran, ast, daniel, hawk, john.fastabend,
intel-wired-lan, netdev, linux-kernel
On Tue, Jul 25, 2023 at 09:53:27AM -0700, Jakub Kicinski wrote:
> On Tue, 25 Jul 2023 08:40:46 +0300 Leon Romanovsky wrote:
> > > Empty attributes are valid, we can't do that.
> >
> > Maybe Lin can add special version of nla_for_each_nested() which will
> > skip these empty NLAs, for code which don't allow empty attributes.
>
> It's way too arbitrary. Empty attrs are 100% legit, they are called
> NLA_FLAG in policy parlance. They are basically a boolean.
I afraid that these nla_length() checks will be copied all other the
kernel without any understanding and netlink API doesn't really provide
any hint when length checks are needed and when they don't.
Thank
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Intel-wired-lan] [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing
@ 2023-07-25 18:36 ` Leon Romanovsky
0 siblings, 0 replies; 14+ messages in thread
From: Leon Romanovsky @ 2023-07-25 18:36 UTC (permalink / raw)
To: Jakub Kicinski
Cc: ast, hawk, daniel, netdev, richardcochran, john.fastabend,
jesse.brandeburg, Lin Ma, edumazet, anthony.l.nguyen,
intel-wired-lan, pabeni, davem, linux-kernel
On Tue, Jul 25, 2023 at 09:53:27AM -0700, Jakub Kicinski wrote:
> On Tue, 25 Jul 2023 08:40:46 +0300 Leon Romanovsky wrote:
> > > Empty attributes are valid, we can't do that.
> >
> > Maybe Lin can add special version of nla_for_each_nested() which will
> > skip these empty NLAs, for code which don't allow empty attributes.
>
> It's way too arbitrary. Empty attrs are 100% legit, they are called
> NLA_FLAG in policy parlance. They are basically a boolean.
I afraid that these nla_length() checks will be copied all other the
kernel without any understanding and netlink API doesn't really provide
any hint when length checks are needed and when they don't.
Thank
_______________________________________________
Intel-wired-lan mailing list
Intel-wired-lan@osuosl.org
https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2023-07-25 18:37 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-07-23 7:50 [PATCH v1] i40e: Add length check for IFLA_AF_SPEC parsing Lin Ma
2023-07-23 7:50 ` [Intel-wired-lan] " Lin Ma
2023-07-24 17:44 ` Leon Romanovsky
2023-07-24 17:44 ` [Intel-wired-lan] " Leon Romanovsky
2023-07-24 21:21 ` Jakub Kicinski
2023-07-24 21:21 ` [Intel-wired-lan] " Jakub Kicinski
2023-07-25 0:00 ` Lin Ma
2023-07-25 0:00 ` [Intel-wired-lan] " Lin Ma
2023-07-25 5:40 ` Leon Romanovsky
2023-07-25 5:40 ` Leon Romanovsky
2023-07-25 16:53 ` [Intel-wired-lan] " Jakub Kicinski
2023-07-25 16:53 ` Jakub Kicinski
2023-07-25 18:36 ` Leon Romanovsky
2023-07-25 18:36 ` [Intel-wired-lan] " Leon Romanovsky
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.