lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <f630bfd637810c088ad1be782c5ce6f4cf1be8ef.camel@sipsolutions.net>
Date:   Fri, 26 Apr 2019 19:08:00 +0200
From:   Johannes Berg <johannes@...solutions.net>
To:     Pablo Neira Ayuso <pablo@...filter.org>
Cc:     netdev@...r.kernel.org
Subject: Re: [RFC] netlink: limit recursion depth in policy validation

On Fri, 2019-04-26 at 19:06 +0200, Pablo Neira Ayuso wrote:
> 
> > This basically flattens the whole thing.
> > 
> > Obviously, the walking may allocate some memory, and the last loop to
> > send it out isn't actually a loop like that because it's a netlink dump
> > with each entry being in a separate netlink message, but that's the gist
> > of it.
> 
> I see, following this approach, I can just remove the duplicated code
> in my netlink description stuff by using the list of policy
> structures.

I wrote the code in a way that you can reuse it easily, check out the
patch :-) Generic netlink is one user added by the patch, but the actual
exposing code is with general attributes and general code that you can
easily call.

Meanwhile, I'm still writing a response to your other email, give me a
few minutes.

johannes

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ