Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp7182454yba; Thu, 2 May 2019 05:49:41 -0700 (PDT) X-Google-Smtp-Source: APXvYqy35uLkHwsKaGQ6zc3Y29vAAHBZLfx3X1gV+L/RM8NVHKZ2Sq6LpO/vVhs3kJDlXisNzzw2 X-Received: by 2002:a65:64d3:: with SMTP id t19mr3854139pgv.57.1556801380967; Thu, 02 May 2019 05:49:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556801380; cv=none; d=google.com; s=arc-20160816; b=Zu0yQNZcxgiwhHB6hoEqefRVHGTuwZj236lzxHlIW40Q/BdkaAvWtjxVodrAPdi8gK 8gCEbZT4/3A/lYCs4ZHIi+EP6gbQDysUsck8VDg4XiCkFGn5DqahFcD7ADGCgEaERZpT xwxUpy+GJZN2ZdoWW6eeNJ9LckTD5s7B70Hxr43aSPyw5aXSwc9lb5KUXLoRzi2WKK0s JD6nMIsp/KZsxf0B3hcsbdhr1W5yjhVuN5/wAKG29WsOK0Gqs4YSWp3/g9qZKD6mKov9 IsLf1H6X4BYAHr7Ym7RCNEf9eB+6HfUDZYoVrAaJbXnz2SJDqUH/wF/ZjBX88UNKB83l ym3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:date:cc:to:subject:from:message-id; bh=XV6rGhIMHwnd2xy8dWAmjvjfDtDqxkY6fx8/7JkvNaA=; b=MpfL/9E9H5I7soCD7UfXJBvBIY3akH0yAFIQXBfT55jyWxfagPMH8s+iWs0xbSwF1X dOuTLHz23TEPBJAvPrj7zeb+4VYR1OrmQzz5peALoa721dvsU7E4uLtz0JLWd+luiBT3 hNzyjr8HX8ZZ60JriiMsEz2oekUkASUNQbMi1DAwfyb4NcgYONb9r71VgnuqhrFvohdU AVzMaAVUh5LrCV7eP4iSacn87en4TtQhCiFW0LtAMFi1O67PZ2mjJCi7QCGRfXhmeMsn lNLMfxBfU1dwfaNg2+bWBg44LHkCT3uhigNPKzhmL4OLERZ9y2PD5xVjjphyiJhU5lll C1rA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f9si40993340pgv.475.2019.05.02.05.49.25; Thu, 02 May 2019 05:49:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726549AbfEBMsE (ORCPT + 99 others); Thu, 2 May 2019 08:48:04 -0400 Received: from mx2.suse.de ([195.135.220.15]:33932 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726197AbfEBMsC (ORCPT ); Thu, 2 May 2019 08:48:02 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 058F9AE9D; Thu, 2 May 2019 12:48:00 +0000 (UTC) Received: by unicorn.suse.cz (Postfix, from userid 1000) id 5E28EE0117; Thu, 2 May 2019 14:48:00 +0200 (CEST) Message-Id: From: Michal Kubecek Subject: [PATCH net-next 0/3] netlink: strict attribute checking follow-up To: "David S. Miller" Cc: netdev@vger.kernel.org, Johannes Berg , David Ahern , linux-kernel@vger.kernel.org Date: Thu, 2 May 2019 14:48:00 +0200 (CEST) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Three follow-up patches for recent strict netlink validation series. Patch 1 fixes dump handling for genetlink families which validate and parse messages themselves (e.g. because they need different policies for diferent commands). Patch 2 sets bad_attr in extack in one place where this was omitted. Patch 3 adds new NL_VALIDATE_NESTED flags for strict validation to enable checking that NLA_F_NESTED value in received messages matches expectations and includes this flag in NL_VALIDATE_STRICT. This would change userspace visible behavior but the previous switching to NL_VALIDATE_STRICT for new code is still only in net-next at the moment. Michal Kubecek (3): genetlink: do not validate dump requests if there is no policy netlink: set bad attribute also on maxtype check netlink: add validation of NLA_F_NESTED flag include/net/netlink.h | 10 +++++++++- lib/nlattr.c | 18 +++++++++++++++++- net/netlink/genetlink.c | 24 ++++++++++++++---------- 3 files changed, 40 insertions(+), 12 deletions(-) -- 2.21.0