From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.3 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_SBL,URIBL_SBL_A autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D8D09C0650E for ; Mon, 1 Jul 2019 12:43:55 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B58922053B for ; Mon, 1 Jul 2019 12:43:55 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B58922053B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:58324 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhvf1-0007dF-0d for qemu-devel@archiver.kernel.org; Mon, 01 Jul 2019 08:43:55 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59118) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhvZe-00037q-Sm for qemu-devel@nongnu.org; Mon, 01 Jul 2019 08:38:31 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hhvZd-0008Sj-MT for qemu-devel@nongnu.org; Mon, 01 Jul 2019 08:38:22 -0400 Received: from mx1.redhat.com ([209.132.183.28]:49664) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hhvZc-0008Rj-Rd for qemu-devel@nongnu.org; Mon, 01 Jul 2019 08:38:21 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 190233084042; Mon, 1 Jul 2019 12:38:12 +0000 (UTC) Received: from localhost.localdomain (unknown [10.33.36.5]) by smtp.corp.redhat.com (Postfix) with ESMTPS id AD38218376; Mon, 1 Jul 2019 12:38:04 +0000 (UTC) From: P J P To: Qemu Developers Date: Mon, 1 Jul 2019 18:05:55 +0530 Message-Id: <20190701123558.30512-1-ppandit@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Mon, 01 Jul 2019 12:38:12 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v3 0/3] restrict bridge interface name to IFNAMSIZ X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Riccardo Schirone , Li Qiang , Jason Wang , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , Prasad J Pandit Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Prasad J Pandit Hello, Linux net_deivce defines network interface name to be of IFNAMSIZE(=3D16) bytes, including the terminating null('\0') byte. Qemu tap deivce, while invoking 'qemu-bridge-helper' tool to set up the network bridge interface, supplies bridge name of 16 characters, thus allowing to create an ACL bypass scenario. This patch series attempts to fix it. It also refactors bridge helper invocation routine 'net_bridge_run_helper' to directly invoke the helper command. Thank you. --- Prasad J Pandit (3): qemu-bridge-helper: restrict interface name to IFNAMSIZ qemu-bridge-helper: move repeating code in parse_acl_file net: tap: refactor net_bridge_run_helper routine net/tap.c | 43 +++++++++---------------------------------- qemu-bridge-helper.c | 24 +++++++++++++++++------- 2 files changed, 26 insertions(+), 41 deletions(-) --=20 2.21.0