From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.3 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_SBL,URIBL_SBL_A autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E549BC06510 for ; Mon, 1 Jul 2019 09:13:17 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id C198E2145D for ; Mon, 1 Jul 2019 09:13:17 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C198E2145D Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:56226 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhsNB-00070l-26 for qemu-devel@archiver.kernel.org; Mon, 01 Jul 2019 05:13:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45269) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhsLb-0005GE-3G for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:39 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hhsLa-0007rr-52 for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:39 -0400 Received: from mx1.redhat.com ([209.132.183.28]:52014) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hhsLZ-0007S0-UQ for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:38 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A3281C0586D8; Mon, 1 Jul 2019 09:11:11 +0000 (UTC) Received: from localhost.localdomain (unknown [10.33.36.5]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BCD1217502; Mon, 1 Jul 2019 09:11:08 +0000 (UTC) From: P J P To: Qemu Developers Date: Mon, 1 Jul 2019 14:39:01 +0530 Message-Id: <20190701090904.31312-1-ppandit@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Mon, 01 Jul 2019 09:11:11 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2 0/3] restrict bridge interface name to IFNAMSIZ X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Riccardo Schirone , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , Jason Wang , Li Qiang , Prasad J Pandit Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Prasad J Pandit Hello, Linux net_deivce defines network interface name to be of IFNAMSIZE(=3D16) bytes, including the terminating null('\0') byte. Qemu tap deivce, while invoking 'qemu-bridge-helper' tool to set up the network bridge interface, supplies bridge name of 16 characters, thus allowing to create an ACL bypass scenario. This patch series attempts to fix it. Thank you. --- Prasad J Pandit (3): qemu-bridge-helper: restrict interface name to IFNAMSIZ qemu-bridge-helper: move repeating code in parse_acl_file net: tap: restrict bridge name to IFNAMSIZ net/tap.c | 2 +- qemu-bridge-helper.c | 23 ++++++++++++++++------- 2 files changed, 17 insertions(+), 8 deletions(-) --=20 2.21.0