| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180918.195150.1706596949193461281.davem@redhat.com>
Date: Tue, 18 Sep 2018 19:51:50 -0700 (PDT)
From: David Miller <davem@...hat.com>
To: johannes@...solutions.net
Cc: netdev@...r.kernel.org, marcelo.leitner@...il.com,
mkubecek@...e.cz, johannes.berg@...el.com
Subject: Re: [PATCH v2 2/2] netlink: add ethernet address policy types
From: Johannes Berg <johannes@...solutions.net>
Date: Mon, 17 Sep 2018 11:57:29 +0200
> From: Johannes Berg <johannes.berg@...el.com>
>
> Commonly, ethernet addresses are just using a policy of
> { .len = ETH_ALEN }
> which leaves userspace free to send more data than it should,
> which may hide bugs.
>
> Introduce NLA_EXACT_LEN which checks for exact size, rejecting
> the attribute if it's not exactly that length. Also add
> NLA_EXACT_LEN_WARN which requires the minimum length and will
> warn on longer attributes, for backward compatibility.
>
> Use these to define NLA_POLICY_ETH_ADDR (new strict policy) and
> NLA_POLICY_ETH_ADDR_COMPAT (compatible policy with warning);
> these are used like this:
>
> static const struct nla_policy <name>[...] = {
> [NL_ATTR_NAME] = NLA_POLICY_ETH_ADDR,
> ...
> };
>
> Signed-off-by: Johannes Berg <johannes.berg@...el.com>
> ---
> v2: add only NLA_EXACT_LEN/NLA_EXACT_LEN_WARN and build on top
> of that for ethernet address validation, so it can be extended
> for other types (e.g. IPv6 addresses)
Applied.
Powered by blists - more mailing lists