From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Jan Engelhardt <jengelh@medozas.de>
Cc: "David S. Miller" <davem@davemloft.net>,
Ben Pfaff <blp@nicira.com>,
Netfilter Developer Mailing List
<netfilter-devel@vger.kernel.org>,
Linux Networking Developer Mailing List <netdev@vger.kernel.org>
Subject: Re: [patch] Re: genetlink misinterprets NEW as GET
Date: Fri, 07 Jan 2011 14:33:08 +0100 [thread overview]
Message-ID: <4D271614.6000303@netfilter.org> (raw)
In-Reply-To: <alpine.LNX.2.01.1101071357420.27454@obet.zrqbmnf.qr>
On 07/01/11 14:15, Jan Engelhardt wrote:
> On Friday 2011-01-07 02:31, Pablo Neira Ayuso wrote:
>>>> On 04/01/11 03:14, Jan Engelhardt wrote:
>>>>> /* Modifiers to GET request */
>>>>> #define NLM_F_ROOT 0x100
>>>>> #define NLM_F_MATCH 0x200
>>>>> #define NLM_F_ATOMIC 0x400
>>>>> #define NLM_F_DUMP (NLM_F_ROOT|NLM_F_MATCH)
>>> [...]
>>>>> [N.B.: I am also wondering whether
>>>>> (nlh->nlmsg_flags & NLM_F_DUMP) == NLM_F_DUMP
>>>>> may have been desired, because NLM_F_DUMP is composed of two bits.]
>>>>
>>>> Someone may include NLM_F_ATOMIC to a dump operation, in that case the
>>>> checking that you propose is not valid.
>>>
>>> Are you saying that NLM_F_MATCH and NLM_F_ATOMIC are mutually
>>> exclusive, and that NLM_F_ROOT|NLM_F_ATOMIC would also signal a
>>> dump operation? Otherwise the test that Jan proposes looks valid
>>> to me.
>>
>> Indeed, Jan's test is fine to fix this. Please, send a patch to Davem asap.
>
> Turns out genetlink isn't the only place where &NLM_F_DUMP is used
> without ==NLM_F_DUMP.
> Thus I am adding it to other spots in net/ too.
>
>
>
> parent c235848c5a76520b90cf31bfbcc17720b24745a2 (v2.6.37-rc1-230-gc235848)
> commit eaab9042b29931730d6785bb3f27b174fb2f5518
> Author: Jan Engelhardt <jengelh@medozas.de>
> Date: Fri Jan 7 13:53:49 2011 +0100
>
> netlink: test for all flags of the NLM_F_DUMP composite
>
> Due to NLM_F_DUMP is composed of two bits, NLM_F_ROOT | NLM_F_MATCH,
> when doing "if (x & NLM_F_DUMP)", it tests for _either_ of the bits
> being set. Because NLM_F_MATCH's value overlaps with NLM_F_EXCL,
> non-dump requests with NLM_F_EXCL set are mistaken as dump requests.
>
> Substitute the condition to test for _all_ bits being set.
>
> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
next prev parent reply other threads:[~2011-01-07 13:33 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-04 2:14 genetlink misinterprets NEW as GET Jan Engelhardt
2011-01-06 13:48 ` Pablo Neira Ayuso
2011-01-06 14:25 ` Jan Engelhardt
2011-01-06 14:55 ` Pablo Neira Ayuso
2011-01-06 16:12 ` Jan Engelhardt
2011-01-06 17:23 ` Ben Pfaff
2011-01-07 1:31 ` Pablo Neira Ayuso
2011-01-07 9:38 ` Jan Engelhardt
2011-01-07 12:12 ` Pablo Neira Ayuso
2011-01-07 13:15 ` [patch] " Jan Engelhardt
2011-01-07 13:33 ` Pablo Neira Ayuso [this message]
2011-01-10 0:25 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D271614.6000303@netfilter.org \
--to=pablo@netfilter.org \
--cc=blp@nicira.com \
--cc=davem@davemloft.net \
--cc=jengelh@medozas.de \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).