| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZE6AFQuv+yi7RxUL@shredder>
Date: Sun, 30 Apr 2023 17:49:57 +0300
From: Ido Schimmel <idosch@...sch.org>
To: Zahari Doychev <zahari.doychev@...ux.com>
Cc: netdev@...r.kernel.org, jhs@...atatu.com, xiyou.wangcong@...il.com,
jiri@...nulli.us, davem@...emloft.net, edumazet@...gle.com,
kuba@...nel.org, pabeni@...hat.com, hmehrtens@...linear.com,
aleksander.lobakin@...el.com, simon.horman@...igine.com,
Zahari Doychev <zdoychev@...linear.com>
Subject: Re: [PATCH net-next v4 2/3] net: flower: add support for matching
cfm fields
On Tue, Apr 25, 2023 at 11:16:29PM +0200, Zahari Doychev wrote:
> diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
> index cc49256d5318..5d77da484a88 100644
> --- a/net/sched/cls_flower.c
> +++ b/net/sched/cls_flower.c
> @@ -11,6 +11,7 @@
> #include <linux/rhashtable.h>
> #include <linux/workqueue.h>
> #include <linux/refcount.h>
> +#include <linux/bitfield.h>
>
> #include <linux/if_ether.h>
> #include <linux/in6.h>
> @@ -71,6 +72,7 @@ struct fl_flow_key {
> struct flow_dissector_key_num_of_vlans num_of_vlans;
> struct flow_dissector_key_pppoe pppoe;
> struct flow_dissector_key_l2tpv3 l2tpv3;
> + struct flow_dissector_key_cfm cfm;
> } __aligned(BITS_PER_LONG / 8); /* Ensure that we can do comparisons as longs. */
>
> struct fl_flow_mask_range {
> @@ -720,7 +722,7 @@ static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = {
> [TCA_FLOWER_KEY_PPPOE_SID] = { .type = NLA_U16 },
> [TCA_FLOWER_KEY_PPP_PROTO] = { .type = NLA_U16 },
> [TCA_FLOWER_KEY_L2TPV3_SID] = { .type = NLA_U32 },
> -
> + [TCA_FLOWER_KEY_CFM] = { .type = NLA_NESTED },
"fl_policy" is used with nla_parse_nested_deprecated(). You can enable
strict validation for new attributes using the following diff:
diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
index fc9037685458..6bccfc1722ad 100644
--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -615,7 +615,8 @@ static void *fl_get(struct tcf_proto *tp, u32 handle)
}
static const struct nla_policy fl_policy[TCA_FLOWER_MAX + 1] = {
- [TCA_FLOWER_UNSPEC] = { .type = NLA_UNSPEC },
+ [TCA_FLOWER_UNSPEC] = { .strict_start_type =
+ TCA_FLOWER_KEY_CFM },
[TCA_FLOWER_CLASSID] = { .type = NLA_U32 },
[TCA_FLOWER_INDEV] = { .type = NLA_STRING,
.len = IFNAMSIZ },
> };
>
> static const struct nla_policy
> @@ -769,6 +771,11 @@ mpls_stack_entry_policy[TCA_FLOWER_KEY_MPLS_OPT_LSE_MAX + 1] = {
> [TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL] = { .type = NLA_U32 },
> };
>
> +static const struct nla_policy cfm_opt_policy[TCA_FLOWER_KEY_CFM_OPT_MAX] = {
> + [TCA_FLOWER_KEY_CFM_MD_LEVEL] = NLA_POLICY_MAX(NLA_U8, 7),
Instead of 7, can you use FIELD_MAX(FLOW_DIS_CFM_MDL_MASK) like you did
in the previous version?
> + [TCA_FLOWER_KEY_CFM_OPCODE] = { .type = NLA_U8 },
> +};
Powered by blists - more mailing lists