From: P J P <ppandit@redhat.com>
To: Qemu Developers <qemu-devel@nongnu.org>
Cc: "Riccardo Schirone" <rschiron@redhat.com>,
"Li Qiang" <liq3ea@gmail.com>, "Jason Wang" <jasowang@redhat.com>,
"Daniel P . Berrangé" <berrange@redhat.com>,
"Prasad J Pandit" <pjp@fedoraproject.org>
Subject: [Qemu-devel] [PATCH v3 0/3] restrict bridge interface name to IFNAMSIZ
Date: Mon, 1 Jul 2019 18:05:55 +0530 [thread overview]
Message-ID: <20190701123558.30512-1-ppandit@redhat.com> (raw)
From: Prasad J Pandit <pjp@fedoraproject.org>
Hello,
Linux net_deivce defines network interface name to be of IFNAMSIZE(=16)
bytes, including the terminating null('\0') byte.
Qemu tap deivce, while invoking 'qemu-bridge-helper' tool to set up the
network bridge interface, supplies bridge name of 16 characters, thus
allowing to create an ACL bypass scenario.
This patch series attempts to fix it. It also refactors bridge helper
invocation routine 'net_bridge_run_helper' to directly invoke the helper
command.
Thank you.
---
Prasad J Pandit (3):
qemu-bridge-helper: restrict interface name to IFNAMSIZ
qemu-bridge-helper: move repeating code in parse_acl_file
net: tap: refactor net_bridge_run_helper routine
net/tap.c | 43 +++++++++----------------------------------
qemu-bridge-helper.c | 24 +++++++++++++++++-------
2 files changed, 26 insertions(+), 41 deletions(-)
--
2.21.0
next reply other threads:[~2019-07-01 12:43 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-01 12:35 P J P [this message]
2019-07-01 12:35 ` [Qemu-devel] [PATCH v3 1/3] qemu-bridge-helper: restrict interface name to IFNAMSIZ P J P
2019-07-01 15:22 ` Li Qiang
2019-07-01 12:35 ` [Qemu-devel] [PATCH v3 2/3] qemu-bridge-helper: move repeating code in parse_acl_file P J P
2019-07-01 15:23 ` Li Qiang
2019-07-01 12:35 ` [Qemu-devel] [PATCH v3 3/3] net: tap: refactor net_bridge_run_helper routine P J P
2019-07-01 15:53 ` Li Qiang
2019-07-02 8:08 ` P J P
2019-07-02 9:54 ` Daniel P. Berrangé
2019-07-02 10:55 ` P J P
2019-07-05 12:25 ` P J P
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190701123558.30512-1-ppandit@redhat.com \
--to=ppandit@redhat.com \
--cc=berrange@redhat.com \
--cc=jasowang@redhat.com \
--cc=liq3ea@gmail.com \
--cc=pjp@fedoraproject.org \
--cc=qemu-devel@nongnu.org \
--cc=rschiron@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.