| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201128130655.0540f3e5@kicinski-fedora-pc1c0hjn.DHCP.thefacebook.com>
Date: Sat, 28 Nov 2020 13:06:55 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Karsten Graul <kgraul@...ux.ibm.com>
Cc: David Miller <davem@...emloft.net>,
Heiko Carstens <hca@...ux.ibm.com>,
Stefan Raspl <raspl@...ux.ibm.com>, netdev@...r.kernel.org,
linux-s390@...r.kernel.org
Subject: Re: [PATCH net-next v6 08/14] net/smc: Introduce generic netlink
interface for diagnostic purposes
On Thu, 26 Nov 2020 21:39:10 +0100 Karsten Graul wrote:
> +/* SMC_GENL family definition */
> +struct genl_family smc_gen_nl_family __ro_after_init = {
> + .hdrsize = 0,
> + .name = SMC_GENL_FAMILY_NAME,
> + .version = SMC_GENL_FAMILY_VERSION,
> + .maxattr = SMC_GEN_MAX,
> + .netnsok = true,
> + .module = THIS_MODULE,
> + .ops = smc_gen_nl_ops,
> + .n_ops = ARRAY_SIZE(smc_gen_nl_ops)
> +};
Sorry, one more spin.
Now you'll let any attribute in. We try to reject any input that won't
be acted on in the kernel these days to allow the interfaces to be
extended in the future without worrying that something that was
throwing random data in the messages will suddenly start misbehaving.
You should still declare a policy just make it empty. And you can make
the policy array size 1, and set .maxattr to 1, AFAIK. These are both
pretty much* for input validation only.
* the only exception is dumping the policy to be able to tell types in
user space automatically, but I don't think you'll care.
Powered by blists - more mailing lists