From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Miller Subject: Re: [PATCH v2 2/2] netlink: add ethernet address policy types Date: Tue, 18 Sep 2018 19:51:50 -0700 (PDT) Message-ID: <20180918.195150.1706596949193461281.davem@redhat.com> References: <20180917095729.11185-1-johannes@sipsolutions.net> <20180917095729.11185-2-johannes@sipsolutions.net> Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, marcelo.leitner@gmail.com, mkubecek@suse.cz, johannes.berg@intel.com To: johannes@sipsolutions.net Return-path: Received: from mx1.redhat.com ([209.132.183.28]:53608 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725870AbeISI1f (ORCPT ); Wed, 19 Sep 2018 04:27:35 -0400 In-Reply-To: <20180917095729.11185-2-johannes@sipsolutions.net> Sender: netdev-owner@vger.kernel.org List-ID: From: Johannes Berg Date: Mon, 17 Sep 2018 11:57:29 +0200 > From: Johannes Berg > > Commonly, ethernet addresses are just using a policy of > { .len = ETH_ALEN } > which leaves userspace free to send more data than it should, > which may hide bugs. > > Introduce NLA_EXACT_LEN which checks for exact size, rejecting > the attribute if it's not exactly that length. Also add > NLA_EXACT_LEN_WARN which requires the minimum length and will > warn on longer attributes, for backward compatibility. > > Use these to define NLA_POLICY_ETH_ADDR (new strict policy) and > NLA_POLICY_ETH_ADDR_COMPAT (compatible policy with warning); > these are used like this: > > static const struct nla_policy [...] = { > [NL_ATTR_NAME] = NLA_POLICY_ETH_ADDR, > ... > }; > > Signed-off-by: Johannes Berg > --- > v2: add only NLA_EXACT_LEN/NLA_EXACT_LEN_WARN and build on top > of that for ethernet address validation, so it can be extended > for other types (e.g. IPv6 addresses) Applied.