lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20251014123201.6ecfd146@kernel.org>
Date: Tue, 14 Oct 2025 12:32:01 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Asbjørn Sloth Tønnesen
 <ast@...erby.net>
Cc: "David S. Miller" <davem@...emloft.net>, Eric Dumazet
 <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>, Alexei Starovoitov
 <ast@...nel.org>, Andrew Lunn <andrew+netdev@...n.ch>, Arkadiusz Kubalewski
 <arkadiusz.kubalewski@...el.com>, Daniel Borkmann <daniel@...earbox.net>,
 Daniel Zahka <daniel.zahka@...il.com>, Donald Hunter
 <donald.hunter@...il.com>, Jacob Keller <jacob.e.keller@...el.com>, Jesper
 Dangaard Brouer <hawk@...nel.org>, Jiri Pirko <jiri@...nulli.us>, Joe
 Damato <jdamato@...tly.com>, John Fastabend <john.fastabend@...il.com>,
 Jonathan Corbet <corbet@....net>, Simon Horman <horms@...nel.org>,
 Stanislav Fomichev <sdf@...ichev.me>, Toke Høiland-Jørgensen <toke@...hat.com>, Vadim Fedorenko
 <vadim.fedorenko@...ux.dev>, Willem de Bruijn <willemb@...gle.com>,
 bpf@...r.kernel.org, netdev@...r.kernel.org, linux-doc@...r.kernel.org,
 linux-kernel@...r.kernel.org, "Jason A. Donenfeld" <Jason@...c4.com>
Subject: Re: [PATCH net-next 3/6] tools: ynl-gen: use uapi mask definition
 in NLA_POLICY_MASK

On Tue, 14 Oct 2025 17:29:30 +0000 Asbjørn Sloth Tønnesen wrote:
> On 10/14/25 12:59 AM, Jakub Kicinski wrote:
> > On Mon, 13 Oct 2025 16:50:00 +0000 Asbjørn Sloth Tønnesen wrote:  
> >> Currently when generating policies using NLA_POLICY_MASK(), then
> >> we emit a pre-computed decimal mask.
> >>
> >> When render-max is set, then we can re-use the mask definition,
> >> that has been generated in the uapi header.  
> > 
> > This will encourage people to render masks in uAPI which just pollutes
> > the uAPI files.  
> 
> It might, but is that a problem, given that most flag-sets are rather small?

Problem is a strong word. But if the choice is having a constant in
auto-generated code, or pointless, cargo-cult'ed mask values in the 
uAPI headers - I choose the former.

> Example from include/uapi/linux/wireguard.h:
>  > enum wgpeer_flag {
>  >     WGPEER_F_REMOVE_ME = 1U << 0,
>  >     WGPEER_F_REPLACE_ALLOWEDIPS = 1U << 1,
>  >     WGPEER_F_UPDATE_ONLY = 1U << 2,
>  >     __WGPEER_F_ALL = WGPEER_F_REMOVE_ME | WGPEER_F_REPLACE_ALLOWEDIPS |
>  >                      WGPEER_F_UPDATE_ONLY
>  > };  
> 
> I agree that a private "WGPEER_F_ALL" would be pollution, but "__WGPEER_F_ALL"
> is less likely to accidentally be used by user-space.
> 
> I get why Jason likes having the __WGPEER_F_ALL in a place where it is easy
> to review that it has contains all flags, and why he don't like a policy like
> NLA_POLICY_MASK(.., 0x7).
> 
> We could do the mask definition in the kernel code, like many handwritten
> netlink families does, but we still need to keep NETDEV_XDP_ACT_MASK in
> netdev.h or remove it's YNL-GEN header for some time.

It's a transitional problem. People coming from hand-crafted code feel
like they need a human-readable mask. 6mo later once they are
comfortable with YNL codegen they won't care. But, sadly, at that point
it is too late to delete stuff from the uAPI header.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ