Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp2316817rdb; Thu, 21 Sep 2023 15:15:34 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEtuMs34VgLx9XretF1+HuAIL1/1Ayl8cafjCEpsjgthEo3ItwOogxO+LnX5dIFi4sEsmv9 X-Received: by 2002:a05:6a20:7352:b0:15a:2c0b:6c73 with SMTP id v18-20020a056a20735200b0015a2c0b6c73mr7956317pzc.12.1695334534386; Thu, 21 Sep 2023 15:15:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695334534; cv=none; d=google.com; s=arc-20160816; b=IDBxOXaHxaZC79VNsJaqbLEU0Mr+u53np+kFy1DSItIuiXCHrF72nniAq8NGke+bV6 8RiyMI20jwJyH4ejkcT6L3MnjHPE6uACA8Y6TA5cnc8SWRYbg2u2JKgd5pWYlORBwIQw Ulw/ehUGOSuP5t+j1EXkmYZAfErZ2BV91K1wYua14o0CtXzTROfHpH60zQn6cnOgiuo4 Tk/RU3zSs4s1jasdZ/V5MlSWfD1WmfYcB9Tyn7jTS+McgD5tYpqj+iFOYTISiGKbrwXA G71mKvzbhJfrZLFAMvr0hFPs0Cumz2B6MUTGS9aY3ybSXVsdk5wR13H7qeo4y6G8QPsH abcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=G6QvEB2yQ03jdc3AVBNH+bssg0IPVve2atcoKBVWvOU=; fh=t8s8LidztfAxhZzYZmlL1NMpHPGXgQaZqFCbGv8IVuI=; b=KJ5cvQHiq+1jbqw7ti759P+xXJekBCsw6snN7WfhuE2myjiGVW6+Gr+41nrQQ9Izsc n/OyXs06HH2GNyZRkYiQsjaS50aR4Rm6xjI5pSPvGVXl28RCHTlDtjVtHxTEzL3gJ2WD VALycuO3vaC6KiDCuZpcZWfYofNz8DIuV54U54U9MQaZKLJdvz6AuptbFSYFn3JcS8cc RkhRw78MOtvHEJNc45/RJCoNyrQLbI6xUWnSz0TKnNxyJY1WdukR7XE1aYQU94KO2zKI pZ9FTbJAgP3DY0APUHCertAvSx5XY8godGOxJt1hhqtFwCJRvwELwIY8eCbW5vPlPRj5 Pkow== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@avm.de header.s=mail header.b=lMv+D89S; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=avm.de Return-Path: Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id h8-20020a170902f54800b001c584378322si2512200plf.619.2023.09.21.15.15.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Sep 2023 15:15:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; dkim=pass header.i=@avm.de header.s=mail header.b=lMv+D89S; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=avm.de Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id F1EE183B0079; Thu, 21 Sep 2023 14:19:25 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232728AbjIUVTV (ORCPT + 99 others); Thu, 21 Sep 2023 17:19:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42922 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232715AbjIUVTE (ORCPT ); Thu, 21 Sep 2023 17:19:04 -0400 Received: from mail.avm.de (mail.avm.de [IPv6:2001:bf0:244:244::120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E97F2A659B; Thu, 21 Sep 2023 11:00:03 -0700 (PDT) Received: from mail-auth.avm.de (dovecot-mx-01.avm.de [212.42.244.71]) by mail.avm.de (Postfix) with ESMTPS; Thu, 21 Sep 2023 09:23:46 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=avm.de; s=mail; t=1695281026; bh=MGHRpPfMK3dwPqFHNJENwclFJsK7s432jc0AWt8qpKo=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=lMv+D89SeUIroDzj3vpDvYr7y3M0PoPLmr9tkOthBnQGSLo+hcx1XT9UFQM0hgSlH xHaAXKtsZeL6XEjJmPq0Q4wHjoS0ePKH/Wgj4XjyHyUqWm4LTZ6KyEeZ6ykYL7Hb2p 9EHrhm5VgBl1R5uzbSvyn+aOT7kXqu9MTNT9n8oM= Received: from localhost (unknown [172.17.88.63]) by mail-auth.avm.de (Postfix) with ESMTPSA id E88A582147; Thu, 21 Sep 2023 09:23:46 +0200 (CEST) Date: Thu, 21 Sep 2023 09:23:46 +0200 From: Johannes Nixdorf To: Nikolay Aleksandrov Cc: "David S. Miller" , Andrew Lunn , David Ahern , Eric Dumazet , Florian Fainelli , Ido Schimmel , Jakub Kicinski , Oleksij Rempel , Paolo Abeni , Roopa Prabhu , Shuah Khan , Vladimir Oltean , bridge@lists.linux-foundation.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org Subject: Re: [PATCH net-next v4 2/6] net: bridge: Set strict_start_type for br_policy Message-ID: References: <20230919-fdb_limit-v4-0-39f0293807b8@avm.de> <20230919-fdb_limit-v4-2-39f0293807b8@avm.de> <1c12b8f2-b28b-f326-b24f-f1ea602832d7@blackwall.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1c12b8f2-b28b-f326-b24f-f1ea602832d7@blackwall.org> X-purgate-ID: 149429::1695281026-306BAD89-D1FD54B6/0/0 X-purgate-type: clean X-purgate-size: 1728 X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de X-purgate: This mail is considered clean (visit http://www.eleven.de for further information) X-purgate: clean X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Thu, 21 Sep 2023 14:19:26 -0700 (PDT) On Wed, Sep 20, 2023 at 01:46:02PM +0300, Nikolay Aleksandrov wrote: > On 9/19/23 11:12, Johannes Nixdorf wrote: > > Set any new attributes added to br_policy to be parsed strictly, to > > prevent userspace from passing garbage. > > > > Signed-off-by: Johannes Nixdorf > > --- > > net/bridge/br_netlink.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c > > index 10f0d33d8ccf..505683ef9a26 100644 > > --- a/net/bridge/br_netlink.c > > +++ b/net/bridge/br_netlink.c > > @@ -1229,6 +1229,8 @@ static size_t br_port_get_slave_size(const struct net_device *brdev, > > } > > static const struct nla_policy br_policy[IFLA_BR_MAX + 1] = { > > + [IFLA_BR_UNSPEC] = { .strict_start_type = > > + IFLA_BR_MCAST_QUERIER_STATE + 1 }, > > [IFLA_BR_FORWARD_DELAY] = { .type = NLA_U32 }, > > [IFLA_BR_HELLO_TIME] = { .type = NLA_U32 }, > > [IFLA_BR_MAX_AGE] = { .type = NLA_U32 }, > > > > instead of IFLA_BR_MCAST_QUERIER_STATE + 1, why not move around the patch > and just use the new attribute name? > These are uapi, they won't change. I wanted to avoid having a state between the two commits where the new attributes are already added, but not yet strictly verified. Otherwise they would present a slightly different UAPI at that one commit boundary than after this commit. This is also not the only place in the kernel where strict_start_type is specified that way. See e.g. commit c00041cf1cb8 ("net: bridge: Set strict_start_type at two policies"), even though that seems mostly be done to turn on strict_start_type preemtively, not in the same series that adds the new attribute.