Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp7182317yba; Thu, 2 May 2019 05:49:29 -0700 (PDT) X-Google-Smtp-Source: APXvYqz0sGy3bQOJNzLfhNmpoj/r4p2IKNOuS2UMAN72UgkNfYfzhJyXDXqy9vEADS4yDEmmRHnC X-Received: by 2002:a17:902:4283:: with SMTP id h3mr3490048pld.176.1556801369607; Thu, 02 May 2019 05:49:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556801369; cv=none; d=google.com; s=arc-20160816; b=nGaaq1VVAcmsdHh9re2HY7EnIvEz10rXtmHYd5Rv5KUB2wUoL+N/vUbUlab6WV40Hg 9lwdXMn5PwJXgNgA2zljwrPhzU1O09285Vmomx4zX/xLTZVP8OJIm2jspZ9RLvBra0up dPpi2Uhzy3/GblrqKvvkacy2DGT/DXzK9DgmdEMLiityfZ3Balfsq/G/tMfRqBLDXoRx e9RBb0fRcUNHWtZvTluK15MPanwZirkV/pl8tsprnWMQhCtFfMrcz5bS+qnbRS+rpaPz e8eDxMZQgkwdvU7wNgxmFOkOHZMPbi7PTvvD5bnkMHTm9yVSJeQ2Z3GYP9LS38OCq/6F ZhDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:date:cc:to:subject:from:references :in-reply-to:message-id; bh=Z591GCXQG6YJLJbpkFC088u72bR7sJo3XcgtxSkYJnM=; b=ii3tYvuV07aWfUQ0j/MgLYTz1g9BU/dipYYT2wSjuu0TRHCxIY7HNIFAp8wuMHtG6s cYXIS5xPkMCwKqrahjJiPoRtsUKSPEO2juGa40xMemhgbNdCJKPmcFAnzlbgFVm4hFG8 MDlHh6lydCiuHMEvCsVhQoao2wRxcEo3TC2fkWMyOc4FRyAKaVg7IdW4vEExNxH4EpR8 IACNHExapaKd0HnuXELWm3stT0/cT57LHXWrfa1LVOQ6W1ibzYP6jAVDjjzfrQUzO9sv N1fARxS8fI5EVbs0ISdpkeNDAZO3eGBQ68jlcbx0pDopS0b/wkFwu0lSStXzHfY2cvX2 9nSA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i9si18555592pgs.402.2019.05.02.05.49.14; Thu, 02 May 2019 05:49:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726572AbfEBMsG (ORCPT + 99 others); Thu, 2 May 2019 08:48:06 -0400 Received: from mx2.suse.de ([195.135.220.15]:33940 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726278AbfEBMsC (ORCPT ); Thu, 2 May 2019 08:48:02 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 055F3ADE0; Thu, 2 May 2019 12:48:00 +0000 (UTC) Received: by unicorn.suse.cz (Postfix, from userid 1000) id 60A55E00D0; Thu, 2 May 2019 14:48:00 +0200 (CEST) Message-Id: <0a54a4db49c20e76a998ea3e4548b22637fbad34.1556798793.git.mkubecek@suse.cz> In-Reply-To: References: From: Michal Kubecek Subject: [PATCH net-next 1/3] genetlink: do not validate dump requests if there is no policy To: "David S. Miller" Cc: netdev@vger.kernel.org, Johannes Berg , David Ahern , linux-kernel@vger.kernel.org Date: Thu, 2 May 2019 14:48:00 +0200 (CEST) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Unlike do requests, dump genetlink requests now perform strict validation by default even if the genetlink family does not set policy and maxtype because it does validation and parsing on its own (e.g. because it wants to allow different message format for different commands). While the null policy will be ignored, maxtype (which would be zero) is still checked so that any attribute will fail validation. The solution is to only call __nla_validate() from genl_family_rcv_msg() if family->maxtype is set. Fixes: ef6243acb478 ("genetlink: optionally validate strictly/dumps") Signed-off-by: Michal Kubecek --- net/netlink/genetlink.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c index 72668759cd2b..9814d6dbd2d6 100644 --- a/net/netlink/genetlink.c +++ b/net/netlink/genetlink.c @@ -537,21 +537,25 @@ static int genl_family_rcv_msg(const struct genl_family *family, return -EOPNOTSUPP; if (!(ops->validate & GENL_DONT_VALIDATE_DUMP)) { - unsigned int validate = NL_VALIDATE_STRICT; int hdrlen = GENL_HDRLEN + family->hdrsize; - if (ops->validate & GENL_DONT_VALIDATE_DUMP_STRICT) - validate = NL_VALIDATE_LIBERAL; - if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) return -EINVAL; - rc = __nla_validate(nlmsg_attrdata(nlh, hdrlen), - nlmsg_attrlen(nlh, hdrlen), - family->maxattr, family->policy, - validate, extack); - if (rc) - return rc; + if (family->maxattr) { + unsigned int validate = NL_VALIDATE_STRICT; + + if (ops->validate & + GENL_DONT_VALIDATE_DUMP_STRICT) + validate = NL_VALIDATE_LIBERAL; + rc = __nla_validate(nlmsg_attrdata(nlh, hdrlen), + nlmsg_attrlen(nlh, hdrlen), + family->maxattr, + family->policy, + validate, extack); + if (rc) + return rc; + } } if (!family->parallel_ops) { -- 2.21.0