Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp958052ybz;
        Wed, 29 Apr 2020 12:24:20 -0700 (PDT)
X-Google-Smtp-Source: APiQypKkSc+wmTajzR7zAJEqotGVy1B4XDz3NLkujbPHrRICIokyKmH9NXF0UU/RIEq2iur14uQS
X-Received: by 2002:a17:907:435d:: with SMTP id oc21mr4221683ejb.100.1588188260247;
        Wed, 29 Apr 2020 12:24:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1588188260; cv=none;
        d=google.com; s=arc-20160816;
        b=OqD/2BSzEpycN6UO9QyAPx/3XXcLUIMGJiswiwmDmHKR1NrLacFowVIW6/d5gZqt7D
         rzildJWscwcd9A62pgfDeACgL2aNCzKhIRU9mPt7hhJqQza/AQkTYkQnyS+kzKsUEwNn
         wDRUxM9RtP++RrE5ys5NkmDtn96+ZzuRkD7KvTH1LcyFqGBzA3AcD6QvJWiKtRCDzX17
         VLNTQXK1RAmk6gt/AYfZfR1PxSHItzs/7eXzvxiBalyf6CrWVC1CqDxYuRw/tgUIQ38T
         qpN/FUn99rbwX0Gn0pXj5t9pCxKu0DWyUjym4Uw7vfEgS6cr6nBCmpfLR+5/8uanB2kX
         MsQQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:date:cc:to:from:subject
         :message-id;
        bh=rDKQripOd94Hq44JdKDDrjt6YisMLwhCOtA1SSE1Guk=;
        b=y/YdE26PL4Sa4C6jxWBeBDCwpfoZJ6U2zsuDl0JSG5evrwJRurDsUWhmCrQxNBKFpL
         gE9+cCuvl6Ia1Nu78V72kCw97pqqaWDTqbIaIA+MryMR8hIf8u0GP0KOBL62gXqayvo7
         sJ8IeEXLt9Cc5o0w6p0zW5eMc6UI4Dct9SVlx702YWElqe9SRqQ/YjC+nR6EyFAodGH+
         w0Y/rJVc9KthgjQ07l9gLQ+NeDqh858BvDRKy204LckQarw2yXqtUjzgZyDkWx5BSrek
         6V2vAL56pOEHhjHxx3OGGf9NlTF4pgUeVmQQYawSkbKIylJ/prlL17uu+u2Y/CS+rW/m
         DSkQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org
Return-Path: <linux-wireless-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id d24si4540751ejc.345.2020.04.29.12.23.44;
        Wed, 29 Apr 2020 12:24:20 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727071AbgD2TVV (ORCPT <rfc822;hejilao2020@gmail.com>
        + 99 others); Wed, 29 Apr 2020 15:21:21 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50856 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL)
        by vger.kernel.org with ESMTP id S1726524AbgD2TVV (ORCPT
        <rfc822;linux-wireless@vger.kernel.org>);
        Wed, 29 Apr 2020 15:21:21 -0400
Received: from sipsolutions.net (s3.sipsolutions.net [IPv6:2a01:4f8:191:4433::2])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3AA98C03C1AE;
        Wed, 29 Apr 2020 12:21:21 -0700 (PDT)
Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256)
        (Exim 4.93)
        (envelope-from <johannes@sipsolutions.net>)
        id 1jTsGi-0025CO-Mz; Wed, 29 Apr 2020 21:21:16 +0200
Message-ID: <faf336e3ba515d41211910f3d8d207e693434cb9.camel@sipsolutions.net>
Subject: Re: [PATCH 4/7] netlink: extend policy range validation
From:   Johannes Berg <johannes@sipsolutions.net>
To:     Jakub Kicinski <kuba@kernel.org>
Cc:     netdev@vger.kernel.org, Antonio Quartulli <ordex@autistici.org>,
        linux-wireless@vger.kernel.org
Date:   Wed, 29 Apr 2020 21:21:15 +0200
In-Reply-To: <20200429111034.71ab2443@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
References: <20200429134843.42224-1-johannes@sipsolutions.net>
         <20200429154836.b86f45043a5e.I7b46d9c85e4d7a99c0b5e0c2f54bb89b5750e6dc@changeid>
         <20200429111034.71ab2443@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.34.4 (3.34.4-1.fc31) 
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Sender: linux-wireless-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-wireless.vger.kernel.org>
X-Mailing-List: linux-wireless@vger.kernel.org

On Wed, 2020-04-29 at 11:10 -0700, Jakub Kicinski wrote:

> > +static int nla_validate_int_range_unsigned(const struct nla_policy *pt,
> > +					   const struct nlattr *nla,
> > +					   struct netlink_ext_ack *extack)
> >  {
> > -	bool validate_min, validate_max;
> > -	s64 value;
> > +	struct netlink_range_validation _range = {
> > +		.min = 0,
> > +		.max = U64_MAX,
> > +	}, *range = &_range;
> > +	u64 value;
> >  
> > -	validate_min = pt->validation_type == NLA_VALIDATE_RANGE ||
> > -		       pt->validation_type == NLA_VALIDATE_MIN;
> > -	validate_max = pt->validation_type == NLA_VALIDATE_RANGE ||
> > -		       pt->validation_type == NLA_VALIDATE_MAX;
> > +	WARN_ON_ONCE(pt->min < 0 || pt->max < 0);
> 
> I'm probably missing something, but in case of NLA_VALIDATE_RANGE_PTR
> aren't min and max invalid (union has the range pointer set, so this
> will read 2 bytes of the pointer).

No, you're right of course. It's reading 4 bytes, actually, they're both
s16. Which I did because that's the maximum range that doesn't increase
the size on 32-bit.

I could move it into the switch, but, hm.. the unused ones (min/max if
only one is used) should be 0, so I guess just

	WARN_ON_ONCE(pt->validation_type != NLA_VALIDATE_RANGE_PTR &&
                     (pt->min < 0 || pt->max < 0));

will be fine.

Thanks!

johannes