| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Oct 2022 12:20:39 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Johannes Berg <johannes@...solutions.net>
Cc: davem@...emloft.net, netdev@...r.kernel.org, edumazet@...gle.com,
pabeni@...hat.com, jiri@...nulli.us, razor@...ckwall.org,
nicolas.dichtel@...nd.com, gnault@...hat.com,
jacob.e.keller@...el.com, fw@...len.de
Subject: Re: [PATCH net-next 04/13] genetlink: load policy based on
validation flags
On Wed, 19 Oct 2022 10:01:04 +0200 Johannes Berg wrote:
> On Tue, 2022-10-18 at 16:07 -0700, Jakub Kicinski wrote:
> > Set the policy and maxattr pointers based on validation flags.
>
> I feel like you could have more commit message here
>
> > ops = ctx->ops;
> > - if (ops->validate & GENL_DONT_VALIDATE_DUMP)
> > - goto no_attrs;
> > -
> > - if (ctx->nlh->nlmsg_len < nlmsg_msg_size(ctx->hdrlen))
> > + if (!(ops->validate & GENL_DONT_VALIDATE_DUMP) &&
> > + ctx->nlh->nlmsg_len < nlmsg_msg_size(ctx->hdrlen))
> > return -EINVAL;
> >
> > attrs = genl_family_rcv_msg_attrs_parse(ctx->family, ctx->nlh, ctx->extack,
>
> especially since this actually changes things to *have* the attrs, but
> not have *validated* them, which feels a bit strange and error-prone in
> the future maybe?
Do you mean that we no longer populate op->maxattr / op->policy and
some op may be reading those? I don't see any family code looking at
info->op.policy / maxattr.
First thing genl_family_rcv_msg_attrs_parse() does is:
if (!ops->maxattr)
return NULL;
So whether we skip it or call it - no difference.
Powered by blists - more mailing lists