From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Jan Engelhardt <jengelh@medozas.de>
Cc: "David S. Miller" <davem@davemloft.net>,
Ben Pfaff <blp@nicira.com>,
Netfilter Developer Mailing List
<netfilter-devel@vger.kernel.org>,
Linux Networking Developer Mailing List <netdev@vger.kernel.org>
Subject: Re: [patch] Re: genetlink misinterprets NEW as GET
Date: Fri, 07 Jan 2011 14:33:08 +0100 [thread overview]
Message-ID: <4D271614.6000303@netfilter.org> (raw)
In-Reply-To: <alpine.LNX.2.01.1101071357420.27454@obet.zrqbmnf.qr>
On 07/01/11 14:15, Jan Engelhardt wrote:
> On Friday 2011-01-07 02:31, Pablo Neira Ayuso wrote:
>>>> On 04/01/11 03:14, Jan Engelhardt wrote:
>>>>> /* Modifiers to GET request */
>>>>> #define NLM_F_ROOT 0x100
>>>>> #define NLM_F_MATCH 0x200
>>>>> #define NLM_F_ATOMIC 0x400
>>>>> #define NLM_F_DUMP (NLM_F_ROOT|NLM_F_MATCH)
>>> [...]
>>>>> [N.B.: I am also wondering whether
>>>>> (nlh->nlmsg_flags & NLM_F_DUMP) == NLM_F_DUMP
>>>>> may have been desired, because NLM_F_DUMP is composed of two bits.]
>>>>
>>>> Someone may include NLM_F_ATOMIC to a dump operation, in that case the
>>>> checking that you propose is not valid.
>>>
>>> Are you saying that NLM_F_MATCH and NLM_F_ATOMIC are mutually
>>> exclusive, and that NLM_F_ROOT|NLM_F_ATOMIC would also signal a
>>> dump operation? Otherwise the test that Jan proposes looks valid
>>> to me.
>>
>> Indeed, Jan's test is fine to fix this. Please, send a patch to Davem asap.
>
> Turns out genetlink isn't the only place where &NLM_F_DUMP is used
> without ==NLM_F_DUMP.
> Thus I am adding it to other spots in net/ too.
>
>
>
> parent c235848c5a76520b90cf31bfbcc17720b24745a2 (v2.6.37-rc1-230-gc235848)
> commit eaab9042b29931730d6785bb3f27b174fb2f5518
> Author: Jan Engelhardt <jengelh@medozas.de>
> Date: Fri Jan 7 13:53:49 2011 +0100
>
> netlink: test for all flags of the NLM_F_DUMP composite
>
> Due to NLM_F_DUMP is composed of two bits, NLM_F_ROOT | NLM_F_MATCH,
> when doing "if (x & NLM_F_DUMP)", it tests for _either_ of the bits
> being set. Because NLM_F_MATCH's value overlaps with NLM_F_EXCL,
> non-dump requests with NLM_F_EXCL set are mistaken as dump requests.
>
> Substitute the condition to test for _all_ bits being set.
>
> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
next prev parent reply other threads:[~2011-01-07 13:33 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-04 2:14 genetlink misinterprets NEW as GET Jan Engelhardt
2011-01-06 13:48 ` Pablo Neira Ayuso
2011-01-06 14:25 ` Jan Engelhardt
2011-01-06 14:55 ` Pablo Neira Ayuso
2011-01-06 16:12 ` Jan Engelhardt
2011-01-06 17:23 ` Ben Pfaff
2011-01-07 1:31 ` Pablo Neira Ayuso
2011-01-07 9:38 ` Jan Engelhardt
2011-01-07 12:12 ` Pablo Neira Ayuso
2011-01-07 13:15 ` [patch] " Jan Engelhardt
2011-01-07 13:33 ` Pablo Neira Ayuso [this message]
2011-01-10 0:25 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D271614.6000303@netfilter.org \
--to=pablo@netfilter.org \
--cc=blp@nicira.com \
--cc=davem@davemloft.net \
--cc=jengelh@medozas.de \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.