| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 3 Oct 2020 10:44:41 +0200
From: Johannes Berg <johannes@...solutions.net>
To: netdev@...r.kernel.org
Cc: Jakub Kicinski <kuba@...nel.org>, David Ahern <dsahern@...il.com>
Subject: [PATCH v3 0/5] genetlink per-op policy export
Hi,
Here's a respin, now including Jakub's patch last so that it will
do the right thing from the start.
The first patch remains the same, of course; the others have mostly
some rebasing going on, except for the actual export patch (patch 4)
which is adjusted per Jakub's review comments about exporting the
policy only if it's actually used for do/dump.
To see that, the dump for "nlctrl" (i.e. the generic netlink control)
is instructive, because the ops are this:
{
.cmd = CTRL_CMD_GETFAMILY,
.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
.policy = ctrl_policy_family,
.maxattr = ARRAY_SIZE(ctrl_policy_family) - 1,
.doit = ctrl_getfamily,
.dumpit = ctrl_dumpfamily,
},
{
.cmd = CTRL_CMD_GETPOLICY,
.policy = ctrl_policy_policy,
.maxattr = ARRAY_SIZE(ctrl_policy_policy) - 1,
.start = ctrl_dumppolicy_start,
.dumpit = ctrl_dumppolicy,
.done = ctrl_dumppolicy_done,
},
So we exercise both "don't have doit" and "GENL_DONT_VALIDATE_DUMP"
parts, and get (with the current genl patch):
$ genl ctrl policy name nlctrl
ID: 0x10 op 3 policies: do=0
ID: 0x10 op 10 policies: dump=1
ID: 0x10 policy[0]:attr[1]: type=U16 range:[0,65535]
ID: 0x10 policy[0]:attr[2]: type=NUL_STRING max len:15
ID: 0x10 policy[1]:attr[1]: type=U16 range:[0,65535]
ID: 0x10 policy[1]:attr[2]: type=NUL_STRING max len:15
ID: 0x10 policy[1]:attr[10]: type=U32 range:[0,4294967295]
johannes
Powered by blists - more mailing lists