From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9A763C433E0 for ; Wed, 27 Jan 2021 12:46:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 74911207B0 for ; Wed, 27 Jan 2021 12:46:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S313876AbhAZWy0 (ORCPT ); Tue, 26 Jan 2021 17:54:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34584 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728754AbhAZE4p (ORCPT ); Mon, 25 Jan 2021 23:56:45 -0500 Received: from mail-oi1-x234.google.com (mail-oi1-x234.google.com [IPv6:2607:f8b0:4864:20::234]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EA2DCC061793 for ; Mon, 25 Jan 2021 20:56:04 -0800 (PST) Received: by mail-oi1-x234.google.com with SMTP id x71so17274790oia.9 for ; Mon, 25 Jan 2021 20:56:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=NcZrONxYSmKxl+u1qnv2/o6viRhj5jn08YYDckIaIP8=; b=kehhMrFcKD4tdB+0hx2/JpWQDDskRrzWnQjtrnLiY1/fpz7o9KJu71RFD/AgiFxsMC 0WJ4UIJqaLB5An7fdRhGEAV8Y1/NoRzD1imEfpXTGkQoUaWEetC4DTj+oeB3kv7xYtsh BtLu8XyOE0MOxVnFeRfEBlCgvBXzNWNDaKS6CiKmU+KI7SAKvQcYH5tjQLFAXjJwXRze zDUYvKZ9uaH08keZJzvyXuY3Ymj+Ul/zngsUHRG3bI7GjCV75JOT57TJOM2PA7VQinr2 QJHLE5rCOB7GYDp7Ab0WY3zOBAAFUv/TS0NE4wB8aMoI1Kbtm4ojk5vLOuw4B0KdvPi0 LKIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=NcZrONxYSmKxl+u1qnv2/o6viRhj5jn08YYDckIaIP8=; b=FE//SNl7yd7QIagTWe8D6lzo3WlXiV0vCFHfchmcm75EFl0e7+nhjJqiR3qvrLv9m3 O7vgePQStmOsSXLWQBzQhQIMiiojfvwYe/TYn0T9yp12XigAw1Hv6NJawGLBqPj4qmKb dQQ4eYzVWyHGXkBbSVlZIE4VamzUQczj5PEdLS02QBlFFb2IEmAUZjt65gHczctBfM+8 O4l/s9XTSwcHEPJjgck4st0EGS7gq3/xbY80gRYoJWIv0TZ3fobFpkCvkeY6D0U4L0yo hBMcgzatThgI1y8I2Wje8S2oMEQiaxsryWDBo7CcnVJ/ZAC5B+2X33CoW9Vvp7rvABh7 SU3A== X-Gm-Message-State: AOAM530PzVKypTh+LfF2I9VFMEsMhUgFn2LsWNIcgNI9mYulxTwZTr0U xq00PjttosdP/2YfULxzInEYXji+0ng= X-Google-Smtp-Source: ABdhPJwxFu7ha/seJOpL8rF3DykEFFedJF1+3MYVOSaS9tYkKGLtWH6OXcuBBRvY7y89nUJguiwFag== X-Received: by 2002:aca:40c:: with SMTP id 12mr2088558oie.172.1611636964450; Mon, 25 Jan 2021 20:56:04 -0800 (PST) Received: from Davids-MacBook-Pro.local ([2601:282:800:dc80:f5f4:6dbf:d358:29ee]) by smtp.googlemail.com with ESMTPSA id s123sm2617334oos.3.2021.01.25.20.56.03 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 25 Jan 2021 20:56:03 -0800 (PST) Subject: Re: [PATCH net-next 1/4] netlink: truncate overlength attribute list in nla_nest_end() To: Edwin Peer Cc: netdev , Jakub Kicinski , Andrew Gospodarek , Michael Chan , Stephen Hemminger , Michal Kubecek References: <20210123045321.2797360-1-edwin.peer@broadcom.com> <20210123045321.2797360-2-edwin.peer@broadcom.com> <1dc163b0-d4b0-8f6c-d047-7eae6dc918c4@gmail.com> From: David Ahern Message-ID: <62a12b2c-c94e-8d89-0e75-f01dc6abbe92@gmail.com> Date: Mon, 25 Jan 2021 21:56:02 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On 1/23/21 2:03 PM, Edwin Peer wrote: > On Sat, Jan 23, 2021 at 12:42 PM Edwin Peer wrote: > >> Then, if nla_put() can detect nesting errors, there's the issue of >> what to do in the case of errors. Case in point, the IFLA_VFINFO_LIST >> scenario would now require explicit error handling in the generator >> logic, because we can't fail hard at that point. We would need to be >> sure we propagate all possible nesting errors up to a common location >> (probably where the nest ends, which is where we're dealing with the >> problem in this solution), set the truncated flag and carry on (for >> the same net effect the trim in nla_nest_end() has). > > Also, the unwind here turns out to be just as complicated, requiring a > traversal from the start and a trim anyway, because the attribute that > triggers the overflow may be deep inside the hierarchy. We can't > simply truncate at this point. We should remove whole elements at the > uppermost level, or risk having partially filled attribute trees > rather than missing attributes at the level of the exceeded nest - > which may be worse. > I'm not a fan of the skb trim idea. I think it would be better to figure out how to stop adding to the skb when an attr length is going to exceed 64kB. Not failing hard with an error (ip link sh needs to succeed), but truncating the specific attribute of a message with a flag so userspace knows it is short.