From: David Ahern <dsahern@gmail.com>
To: Davide Caratti <dcaratti@redhat.com>,
"David S. Miller" <davem@davemloft.net>,
Jamal Hadi Salim <jhs@mojatatu.com>
Cc: netdev@vger.kernel.org
Subject: Re: [PATCH net] net/sched: cls_api: add missing validation of netlink attributes
Date: Tue, 9 Oct 2018 08:46:14 -0600 [thread overview]
Message-ID: <72e8eeea-a4e7-e80d-217d-7ccf4cd71e0d@gmail.com> (raw)
In-Reply-To: <05f98d2d220d443c157fc797fecc22692eeaa0da.1539090183.git.dcaratti@redhat.com>
On 10/9/18 7:10 AM, Davide Caratti wrote:
> Similarly to what has been done in 8b4c3cdd9dd8 ("net: sched: Add policy
> validation for tc attributes"), add validation for TCA_CHAIN and TCA_KIND
> netlink attributes.
>
> tested with:
> # ./tdc.py -c filter
>
> Fixes: 5bc1701881e39 ("net: sched: introduce multichain support for filters")
> Signed-off-by: Davide Caratti <dcaratti@redhat.com>
> ---
> net/sched/cls_api.c | 16 +++++++++++-----
> 1 file changed, 11 insertions(+), 5 deletions(-)
>
> diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
> index 0a75cb2e5e7b..fb1afc0e130d 100644
> --- a/net/sched/cls_api.c
> +++ b/net/sched/cls_api.c
> @@ -37,6 +37,11 @@ static LIST_HEAD(tcf_proto_base);
> /* Protects list of registered TC modules. It is pure SMP lock. */
> static DEFINE_RWLOCK(cls_mod_lock);
>
> +const struct nla_policy cls_tca_policy[TCA_MAX + 1] = {
> + [TCA_KIND] = { .type = NLA_STRING },
> + [TCA_CHAIN] = { .type = NLA_U32 },
> +};
> +
That should be static since it can not be used outside this module.
it be nice to have a tc_common module so this stuff does not have to be
defined multiple times.
next prev parent reply other threads:[~2018-10-09 22:03 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-09 13:10 [PATCH net] net/sched: cls_api: add missing validation of netlink attributes Davide Caratti
2018-10-09 14:46 ` David Ahern [this message]
2018-10-09 16:12 ` Davide Caratti
2018-10-09 17:45 ` David Ahern
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=72e8eeea-a4e7-e80d-217d-7ccf4cd71e0d@gmail.com \
--to=dsahern@gmail.com \
--cc=davem@davemloft.net \
--cc=dcaratti@redhat.com \
--cc=jhs@mojatatu.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.