Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp2956761rdb; Fri, 22 Sep 2023 13:15:53 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFKL2PNdkCUkO0+GiL2EdSuuAG/Zpolml9QQiah99JJIvshPN3EqFfAer21c2cSE4tc1Od3 X-Received: by 2002:a17:903:2684:b0:1c4:56a7:b632 with SMTP id jf4-20020a170903268400b001c456a7b632mr428373plb.52.1695413752890; Fri, 22 Sep 2023 13:15:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695413752; cv=none; d=google.com; s=arc-20160816; b=x+pIuIovSceM7eIvTbQcFpwi7aa+nZPxblUE7jLNFuhvKCBaK9mMhcZNEHnRmMj3AW sEl4HXRo4bsN9QraIRXjP6aX+v3bTfW9NidTJLNfQI1ijIx2rDkbenzzECNN2V4pbUB8 tcZti93svA2F0Ls4nf87MwmFhG4c7OFm6A6saTdDjXaEVhXSVGFP5IV15zCfoVXM/yA/ a1QzEujrpQLzwcQ1CibN52Yz44c/Vd+V+xSMwIBh31oYnwr4U+CtkPzG5YWoABS/6jLV 7wbCxS/kuZCikPoKJNQ1QHnlnH9t8rlolEArAWA2Y9DCmFpMujbY3rRzgWIG1XrhlOzq wBBw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=hWrDuvS2snyx/K6UNi5S6WKrnM+Oq8TVTIbSOROdvDo=; fh=t8s8LidztfAxhZzYZmlL1NMpHPGXgQaZqFCbGv8IVuI=; b=GUaaA/s43vc95Q45AuHf7Xe3p4c5UaPiDMKPlPuNEHNP3KgjRY7FEiEF168Osxk79f l+u54rsC0Q9nPtWRiur7KMH8Zo7suGkvu3Q9oEAIRMa6ELsrIiwyS5VVAKZyx9kexMRT MPTWKIjqE7gYEFVpOvf0RydrfYMIrulHniGaJKg+I8teklHYWACMJ9C3dA3MFd0FxfFJ vXEmaz80Jfn34ySYJk1ILeSEYq8U89qngOLLM5pPNu7hs91wYgAr9tDgT8bwuL7o99nG KSMAqggVFAiSj1nFwm6DlmqIzOABGCTg8DzWOy1XGK4nyQVy48skw3vJAJcXnxx+lbj1 HHKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@avm.de header.s=mail header.b=UgkpCoMm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=avm.de Return-Path: Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id l15-20020a170902f68f00b001c572ccd45bsi5180480plg.391.2023.09.22.13.15.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Sep 2023 13:15:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; dkim=pass header.i=@avm.de header.s=mail header.b=UgkpCoMm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=avm.de Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 808E6832EB29; Fri, 22 Sep 2023 05:18:50 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233890AbjIVMSs (ORCPT + 99 others); Fri, 22 Sep 2023 08:18:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47532 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233672AbjIVMSr (ORCPT ); Fri, 22 Sep 2023 08:18:47 -0400 Received: from mail.avm.de (mail.avm.de [IPv6:2001:bf0:244:244::120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EE8D699; Fri, 22 Sep 2023 05:18:39 -0700 (PDT) Received: from mail-auth.avm.de (dovecot-mx-01.avm.de [212.42.244.71]) by mail.avm.de (Postfix) with ESMTPS; Fri, 22 Sep 2023 14:18:36 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=avm.de; s=mail; t=1695385116; bh=MB5t/v3/1POR6o/v9qEGKwe4oDvbnw1fKTLa0smSnIA=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=UgkpCoMm9gpKNSJoMOa4nsPLy54Kenxk7W7YPcWMVxYStCJi3GNg2nIbT64NRTGTs kqpIJLNeQlVB1YFRVp3sBHEaWzbJ4DXffxixagYWCI7+OKjAl3zH6MEcLaInukRNIu cUghr0zYKg7+jF6xmY2tfsGW2riOpKp+BuuKuHDs= Received: from localhost (unknown [172.17.88.63]) by mail-auth.avm.de (Postfix) with ESMTPSA id 4365D804E8; Fri, 22 Sep 2023 14:18:37 +0200 (CEST) Date: Fri, 22 Sep 2023 14:18:37 +0200 From: Johannes Nixdorf To: Nikolay Aleksandrov Cc: "David S. Miller" , Andrew Lunn , David Ahern , Eric Dumazet , Florian Fainelli , Ido Schimmel , Jakub Kicinski , Oleksij Rempel , Paolo Abeni , Roopa Prabhu , Shuah Khan , Vladimir Oltean , bridge@lists.linux-foundation.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org Subject: Re: [PATCH net-next v4 2/6] net: bridge: Set strict_start_type for br_policy Message-ID: References: <20230919-fdb_limit-v4-0-39f0293807b8@avm.de> <20230919-fdb_limit-v4-2-39f0293807b8@avm.de> <1c12b8f2-b28b-f326-b24f-f1ea602832d7@blackwall.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-purgate-ID: 149429::1695385116-BF7ECD89-F100B9A2/0/0 X-purgate-type: clean X-purgate-size: 2206 X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de X-purgate: This mail is considered clean (visit http://www.eleven.de for further information) X-purgate: clean X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Fri, 22 Sep 2023 05:18:50 -0700 (PDT) On Thu, Sep 21, 2023 at 01:14:43PM +0300, Nikolay Aleksandrov wrote: > On 9/21/23 10:23, Johannes Nixdorf wrote: > > On Wed, Sep 20, 2023 at 01:46:02PM +0300, Nikolay Aleksandrov wrote: > > > On 9/19/23 11:12, Johannes Nixdorf wrote: > > > > Set any new attributes added to br_policy to be parsed strictly, to > > > > prevent userspace from passing garbage. > > > > > > > > Signed-off-by: Johannes Nixdorf > > > > --- > > > > net/bridge/br_netlink.c | 2 ++ > > > > 1 file changed, 2 insertions(+) > > > > > > > > diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c > > > > index 10f0d33d8ccf..505683ef9a26 100644 > > > > --- a/net/bridge/br_netlink.c > > > > +++ b/net/bridge/br_netlink.c > > > > @@ -1229,6 +1229,8 @@ static size_t br_port_get_slave_size(const struct net_device *brdev, > > > > } > > > > static const struct nla_policy br_policy[IFLA_BR_MAX + 1] = { > > > > + [IFLA_BR_UNSPEC] = { .strict_start_type = > > > > + IFLA_BR_MCAST_QUERIER_STATE + 1 }, > > > > [IFLA_BR_FORWARD_DELAY] = { .type = NLA_U32 }, > > > > [IFLA_BR_HELLO_TIME] = { .type = NLA_U32 }, > > > > [IFLA_BR_MAX_AGE] = { .type = NLA_U32 }, > > > > > > > > > > instead of IFLA_BR_MCAST_QUERIER_STATE + 1, why not move around the patch > > > and just use the new attribute name? > > > These are uapi, they won't change. > > > > I wanted to avoid having a state between the two commits where the new > > attributes are already added, but not yet strictly verified. Otherwise > > they would present a slightly different UAPI at that one commit boundary > > than after this commit. > > > > That's not really a problem, the attribute is the same. > > > This is also not the only place in the kernel where strict_start_type > > is specified that way. See e.g. commit c00041cf1cb8 ("net: bridge: Set > > strict_start_type at two policies"), even though that seems mostly be > > done to turn on strict_start_type preemtively, not in the same series > > that adds the new attribute. > > Please, just use the new attribute to be more explicit where the strict > parsing starts. Ok. I've changed it locally for v5.