From: Jakub Kicinski <kuba@kernel.org>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, Jakub Kicinski <kuba@kernel.org>,
Jiri Pirko <jiri@mellanox.com>,
Moshe Shemesh <moshe@mellanox.com>
Subject: [PATCH net 01/16] devlink: validate length of param values
Date: Mon, 2 Mar 2020 21:05:11 -0800 [thread overview]
Message-ID: <20200303050526.4088735-2-kuba@kernel.org> (raw)
In-Reply-To: <20200303050526.4088735-1-kuba@kernel.org>
DEVLINK_ATTR_PARAM_VALUE_DATA may have different types
so it's not checked by the normal netlink policy. Make
sure the attribute length is what we expect.
Fixes: e3b7ca18ad7b ("devlink: Add param set command")
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
---
CC: Jiri Pirko <jiri@mellanox.com>
CC: Moshe Shemesh <moshe@mellanox.com>
---
net/core/devlink.c | 31 +++++++++++++++++++------------
1 file changed, 19 insertions(+), 12 deletions(-)
diff --git a/net/core/devlink.c b/net/core/devlink.c
index 5e220809844c..8e44dc5cde73 100644
--- a/net/core/devlink.c
+++ b/net/core/devlink.c
@@ -3352,34 +3352,41 @@ devlink_param_value_get_from_info(const struct devlink_param *param,
struct genl_info *info,
union devlink_param_value *value)
{
+ struct nlattr *param_data;
int len;
- if (param->type != DEVLINK_PARAM_TYPE_BOOL &&
- !info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA])
+ param_data = info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA];
+
+ if (param->type != DEVLINK_PARAM_TYPE_BOOL && !param_data)
return -EINVAL;
switch (param->type) {
case DEVLINK_PARAM_TYPE_U8:
- value->vu8 = nla_get_u8(info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA]);
+ if (nla_len(param_data) != sizeof(u8))
+ return -EINVAL;
+ value->vu8 = nla_get_u8(param_data);
break;
case DEVLINK_PARAM_TYPE_U16:
- value->vu16 = nla_get_u16(info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA]);
+ if (nla_len(param_data) != sizeof(u16))
+ return -EINVAL;
+ value->vu16 = nla_get_u16(param_data);
break;
case DEVLINK_PARAM_TYPE_U32:
- value->vu32 = nla_get_u32(info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA]);
+ if (nla_len(param_data) != sizeof(u32))
+ return -EINVAL;
+ value->vu32 = nla_get_u32(param_data);
break;
case DEVLINK_PARAM_TYPE_STRING:
- len = strnlen(nla_data(info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA]),
- nla_len(info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA]));
- if (len == nla_len(info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA]) ||
+ len = strnlen(nla_data(param_data), nla_len(param_data));
+ if (len == nla_len(param_data) ||
len >= __DEVLINK_PARAM_MAX_STRING_VALUE)
return -EINVAL;
- strcpy(value->vstr,
- nla_data(info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA]));
+ strcpy(value->vstr, nla_data(param_data));
break;
case DEVLINK_PARAM_TYPE_BOOL:
- value->vbool = info->attrs[DEVLINK_ATTR_PARAM_VALUE_DATA] ?
- true : false;
+ if (param_data && nla_len(param_data))
+ return -EINVAL;
+ value->vbool = nla_get_flag(param_data);
break;
}
return 0;
--
2.24.1
next prev parent reply other threads:[~2020-03-03 5:06 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-03 5:05 [PATCH net 00/16] net: add missing netlink policies Jakub Kicinski
2020-03-03 5:05 ` Jakub Kicinski [this message]
2020-03-03 10:23 ` [PATCH net 01/16] devlink: validate length of param values Jiri Pirko
2020-03-03 5:05 ` [PATCH net 02/16] devlink: validate length of region addr/len Jakub Kicinski
2020-03-03 13:31 ` Jiri Pirko
2020-03-03 5:05 ` [PATCH net 03/16] fib: add missing attribute validation for tun_id Jakub Kicinski
2020-03-03 16:01 ` David Ahern
2020-03-03 5:05 ` [PATCH net 04/16] nl802154: add missing attribute validation Jakub Kicinski
2020-03-03 15:38 ` Stefan Schmidt
2020-03-03 5:05 ` [PATCH net 05/16] nl802154: add missing attribute validation for dev_type Jakub Kicinski
2020-03-03 15:39 ` Stefan Schmidt
2020-03-03 17:55 ` Jakub Kicinski
2020-03-03 5:05 ` [PATCH net 06/16] can: add missing attribute validation for termination Jakub Kicinski
2020-03-03 19:58 ` Oliver Hartkopp
2020-03-03 5:05 ` [PATCH net 07/16] macsec: add missing attribute validation for port Jakub Kicinski
2020-03-03 5:05 ` [PATCH net 08/16] openvswitch: add missing attribute validation for hash Jakub Kicinski
2020-03-03 21:24 ` [ovs-dev] " Gregory Rose
2020-03-03 5:05 ` [PATCH net 09/16] net: fq: add missing attribute validation for orphan mask Jakub Kicinski
2020-03-03 5:05 ` [PATCH net 10/16] net: taprio: add missing attribute validation for txtime delay Jakub Kicinski
2020-03-03 18:39 ` Vinicius Costa Gomes
2020-03-03 5:05 ` [PATCH net 11/16] team: add missing attribute validation for port ifindex Jakub Kicinski
2020-03-03 9:53 ` Jiri Pirko
2020-03-03 5:05 ` [PATCH net 12/16] team: add missing attribute validation for array index Jakub Kicinski
2020-03-03 9:53 ` Jiri Pirko
2020-03-03 5:05 ` [PATCH net 13/16] tipc: add missing attribute validation for MTU property Jakub Kicinski
2020-03-03 10:26 ` Xue, Ying
2020-03-03 5:05 ` [PATCH net 14/16] nfc: add missing attribute validation for SE API Jakub Kicinski
2020-03-03 5:05 ` [PATCH net 15/16] nfc: add missing attribute validation for deactivate target Jakub Kicinski
2020-03-03 5:05 ` [PATCH net 16/16] nfc: add missing attribute validation for vendor subcommand Jakub Kicinski
2020-03-03 21:29 ` [PATCH net 00/16] net: add missing netlink policies David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200303050526.4088735-2-kuba@kernel.org \
--to=kuba@kernel.org \
--cc=davem@davemloft.net \
--cc=jiri@mellanox.com \
--cc=moshe@mellanox.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).