From: Petr Machata <petrm@nvidia.com>
To: Jakub Kicinski <kuba@kernel.org>
Cc: Petr Machata <petrm@nvidia.com>,
Daniel Machon <daniel.machon@microchip.com>,
<netdev@vger.kernel.org>, <davem@davemloft.net>,
<maxime.chevallier@bootlin.com>, <thomas.petazzoni@bootlin.com>,
<edumazet@google.com>, <pabeni@redhat.com>,
<lars.povlsen@microchip.com>, <Steen.Hegelund@microchip.com>,
<UNGLinuxDriver@microchip.com>, <joe@perches.com>,
<linux@armlinux.org.uk>, <horatiu.vultur@microchip.com>,
<Julia.Lawall@inria.fr>, <vladimir.oltean@nxp.com>,
<linux-kernel@vger.kernel.org>,
<linux-arm-kernel@lists.infradead.org>
Subject: Re: [PATCH net-next v2 1/6] net: dcb: add new pcp selector to app object
Date: Mon, 3 Oct 2022 09:52:59 +0200 [thread overview]
Message-ID: <87pmf9xrrd.fsf@nvidia.com> (raw)
In-Reply-To: <20220930175452.1937dadd@kernel.org>
Jakub Kicinski <kuba@kernel.org> writes:
> On Fri, 30 Sep 2022 14:20:50 +0200 Petr Machata wrote:
>> > @@ -1495,7 +1536,7 @@ static int dcbnl_ieee_set(struct net_device *netdev, struct nlmsghdr *nlh,
>> > nla_for_each_nested(attr, ieee[DCB_ATTR_IEEE_APP_TABLE], rem) {
>> > struct dcb_app *app_data;
>> >
>> > - if (nla_type(attr) != DCB_ATTR_IEEE_APP)
>> > + if (!dcbnl_app_attr_type_validate(nla_type(attr)))
>>
>> Oh no! It wasn't validating the DCB_ATTR_IEEE_APP_TABLE nest against a
>> policy! Instead it was just skipping whatever is not DCB_ATTR_IEEE_APP.
>>
>> So userspace was permitted to shove random crap down here, and it would
>> just quietly be ignored. We can't start reinterpreting some of that crap
>> as information. We also can't start bouncing it.
>
> Are you saying that we can't start interpreting new attr types?
>
> "Traditionally" netlink ignored new attr types so from that perspective
> starting to interpret new types is pretty "run of the mill" for netlink.
> IOW *_deprecated() parsing routines do not use NL_VALIDATE_MAXTYPE.
>
> That does put netlink in a bit of a special category when it comes to
> input validation, but really putting in a random but valid attr is much
> harder than not initializing a struct member. Is there user space which
> does that?
>
> Sorry if I'm misinterpreting the situation.
I assumed the policy is much more strict with changes like this. If you
think it's OK, I'm fine with it as well.
The userspace (lldpad in particular) is doing the opposite thing BTW:
assuming everything in the nest is a DCB_ATTR_IEEE_APP. When we start
emitting the new attribute, it will get confused.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2022-10-03 8:00 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-29 18:52 [PATCH net-next v2 0/6] Add new PCP and APPTRUST attributes to dcbnl Daniel Machon
2022-09-29 18:52 ` [PATCH net-next v2 1/6] net: dcb: add new pcp selector to app object Daniel Machon
2022-09-30 12:20 ` Petr Machata
2022-09-30 15:41 ` Petr Machata
2022-10-01 0:54 ` Jakub Kicinski
2022-10-03 7:52 ` Petr Machata [this message]
2022-10-03 16:25 ` Jakub Kicinski
2022-10-03 21:59 ` Daniel.Machon
2022-10-03 23:34 ` Jakub Kicinski
2022-10-04 10:56 ` Petr Machata
2022-10-04 10:20 ` Petr Machata
2022-10-04 10:52 ` Petr Machata
2022-10-04 19:51 ` Jakub Kicinski
2022-10-03 6:48 ` Daniel.Machon
2022-10-03 8:22 ` Petr Machata
2022-10-03 9:33 ` Daniel.Machon
2022-10-05 10:09 ` Petr Machata
2022-09-29 18:52 ` [PATCH net-next v2 2/6] net: dcb: add new apptrust attribute Daniel Machon
2022-09-30 13:03 ` Petr Machata
2022-09-29 18:52 ` [PATCH net-next v2 3/6] net: microchip: sparx5: add support for offloading pcp table Daniel Machon
2022-09-29 18:52 ` [PATCH net-next v2 4/6] net: microchip: sparx5: add support for apptrust Daniel Machon
2022-09-30 15:49 ` Petr Machata
2022-10-03 6:52 ` Daniel.Machon
2022-10-03 8:01 ` Petr Machata
2022-10-03 8:17 ` Daniel.Machon
2022-10-03 9:34 ` Petr Machata
2022-09-29 18:52 ` [PATCH net-next v2 5/6] net: microchip: sparx5: add support for offloading dscp table Daniel Machon
2022-09-29 18:52 ` [PATCH net-next v2 6/6] net: microchip: sparx5: add support for offloading default prio Daniel Machon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87pmf9xrrd.fsf@nvidia.com \
--to=petrm@nvidia.com \
--cc=Julia.Lawall@inria.fr \
--cc=Steen.Hegelund@microchip.com \
--cc=UNGLinuxDriver@microchip.com \
--cc=daniel.machon@microchip.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=horatiu.vultur@microchip.com \
--cc=joe@perches.com \
--cc=kuba@kernel.org \
--cc=lars.povlsen@microchip.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=maxime.chevallier@bootlin.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=thomas.petazzoni@bootlin.com \
--cc=vladimir.oltean@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).