lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri,  5 Aug 2022 16:41:49 -0700
From:   Jacob Keller <>
Cc:     Jacob Keller <>,
        Jonathan Corbet <>, Jiri Pirko <>,
        "David S. Miller" <>,
        Eric Dumazet <>,
        Jakub Kicinski <>,
        Paolo Abeni <>,
        David Ahern <>,
        Stephen Hemminger <>
Subject: [RFC iproute2 0/6] devlink: add policy check for all attributes

This series implements code to check the kernel policy for the devlink
commands to determine whether or not attributes are supported before adding
them to netlink messages.

It implements a new mnlu_gen_get_op_policy to extract the policy
information, and uses it to implement checks when parsing option arguments.
This is intended to eventually go along with improvements to the policy
reporting in devlink kernel code to report separate policy for each command.

I think checking every attribute makes sense and is easier to follow than
only checking specific attributes. This will help ensure that future
attributes don't accidentally get sent to commands when they aren't
supported (once the devlink kernel policy is improved to report correct
information for each command separately).

Cc: Jacob Keller <>
Cc: Jonathan Corbet <>
Cc: Jiri Pirko <>
Cc: "David S. Miller" <>
Cc: Eric Dumazet <>
Cc: Jakub Kicinski <>
Cc: Paolo Abeni <>
Cc: David Ahern <>
Cc: Stephen Hemminger <>

Jacob Keller (6):
  mnlg: remove unnused mnlg_socket structure
  utils: extract CTRL_ATTR_MAXATTR and save it
  mnl_utils: add function to dump command policy
  devlink: use dl_no_arg instead of checking dl_argc == 0
  devlink: remove dl_argv_parse_put
  devlink: check attributes against policy

 devlink/devlink.c   | 846 ++++++++++++++++++++++++++++++--------------
 devlink/mnlg.c      |   8 -
 include/mnl_utils.h |  28 ++
 lib/mnl_utils.c     | 258 +++++++++++++-
 4 files changed, 858 insertions(+), 282 deletions(-)


Powered by blists - more mailing lists