From: Jakub Kicinski <kuba@kernel.org>
To: Donald Hunter <donald.hunter@gmail.com>
Cc: Antonio Quartulli <antonio@openvpn.net>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>, Shuah Khan <shuah@kernel.org>,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-kselftest@vger.kernel.org, sd@queasysnail.net,
ryazanov.s.a@gmail.com
Subject: Re: [PATCH net-next v8 01/24] netlink: add NLA_POLICY_MAX_LEN macro
Date: Fri, 4 Oct 2024 06:38:55 -0700 [thread overview]
Message-ID: <20241004063855.1a693dd1@kernel.org> (raw)
In-Reply-To: <m2msjkf2jn.fsf@gmail.com>
On Fri, 04 Oct 2024 13:58:04 +0100 Donald Hunter wrote:
> > @@ -466,6 +466,8 @@ class TypeBinary(Type):
> > def _attr_policy(self, policy):
> > if 'exact-len' in self.checks:
> > mem = 'NLA_POLICY_EXACT_LEN(' + str(self.get_limit('exact-len')) + ')'
> > + elif 'max-len' in self.checks:
> > + mem = 'NLA_POLICY_MAX_LEN(' + str(self.get_limit('max-len')) + ')'
>
> This takes precedence over min-length. What if both are set? The logic
> should probably check and use NLA_POLICY_RANGE
Or we could check if len(self.checks) <= 1 early and throw our hands up
if there is more, for now?
> > else:
> > mem = '{ '
> > if len(self.checks) == 1 and 'min-len' in self.checks:
>
> Perhaps this should use NLA_POLICY_MIN_LEN ? In fact the current code
> looks broken to me because the NLA_BINARY len check in validate_nla() is
> a max length check, right?
>
> https://elixir.bootlin.com/linux/v6.11.1/source/lib/nlattr.c#L499
>
> The alternative is you emit an explicit initializer that includes the
> correct NLA_VALIDATE_* type and sets type, min and/or max.
Yeah, this code leads to endless confusion. We use NLA_UNSPEC (0)
if min-len is set (IOW we don't set .type to NLA_BINARY). NLA_UNSPEC
has different semantics for len.
Agreed that we should probably clean this up, but no bug AFAICT.
next prev parent reply other threads:[~2024-10-04 13:38 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-02 9:02 [PATCH net-next v8 00/24] Introducing OpenVPN Data Channel Offload Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 01/24] netlink: add NLA_POLICY_MAX_LEN macro Antonio Quartulli
2024-10-04 12:58 ` Donald Hunter
2024-10-04 13:38 ` Jakub Kicinski [this message]
2024-10-04 14:41 ` Donald Hunter
2024-10-07 10:04 ` Antonio Quartulli
2024-10-07 15:53 ` Jakub Kicinski
2024-10-08 7:51 ` Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 02/24] net: introduce OpenVPN Data Channel Offload (ovpn) Antonio Quartulli
2024-10-02 11:08 ` kernel test robot
2024-10-02 9:02 ` [PATCH net-next v8 03/24] ovpn: add basic netlink support Antonio Quartulli
2024-10-02 14:13 ` kernel test robot
2024-10-04 16:13 ` Donald Hunter
2024-10-07 10:57 ` Antonio Quartulli
2024-10-07 15:32 ` Jiri Pirko
2024-10-08 8:01 ` Antonio Quartulli
2024-10-08 8:58 ` Jiri Pirko
2024-10-08 9:16 ` Antonio Quartulli
2024-10-08 12:52 ` Jiri Pirko
2024-10-08 13:21 ` Antonio Quartulli
2024-11-01 0:17 ` Sergey Ryazanov
2024-10-02 9:02 ` [PATCH net-next v8 04/24] ovpn: add basic interface creation/destruction/management routines Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 05/24] ovpn: implement interface creation/destruction via netlink Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 06/24] ovpn: keep carrier always on Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 07/24] ovpn: introduce the ovpn_peer object Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 08/24] ovpn: introduce the ovpn_socket object Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 09/24] ovpn: implement basic TX path (UDP) Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 10/24] ovpn: implement basic RX " Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 11/24] ovpn: implement packet processing Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 12/24] ovpn: store tunnel and transport statistics Antonio Quartulli
2024-10-03 9:20 ` kernel test robot
2024-10-02 9:02 ` [PATCH net-next v8 13/24] ovpn: implement TCP transport Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 14/24] ovpn: implement multi-peer support Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 15/24] ovpn: implement peer lookup logic Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 16/24] ovpn: implement keepalive mechanism Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 17/24] ovpn: add support for updating local UDP endpoint Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 18/24] ovpn: add support for peer floating Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 19/24] ovpn: implement peer add/dump/delete via netlink Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 20/24] ovpn: implement key add/del/swap " Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 21/24] ovpn: kill key and notify userspace in case of IV exhaustion Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 22/24] ovpn: notify userspace when a peer is deleted Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 23/24] ovpn: add basic ethtool support Antonio Quartulli
2024-10-02 9:02 ` [PATCH net-next v8 24/24] testing/selftest: add test tool and scripts for ovpn module Antonio Quartulli
2024-10-02 22:35 ` Shuah Khan
2024-10-04 9:50 ` Antonio Quartulli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241004063855.1a693dd1@kernel.org \
--to=kuba@kernel.org \
--cc=antonio@openvpn.net \
--cc=donald.hunter@gmail.com \
--cc=edumazet@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=ryazanov.s.a@gmail.com \
--cc=sd@queasysnail.net \
--cc=shuah@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.