lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: 
 <175634643374.908900.8830557654640227942.git-patchwork-notify@kernel.org>
Date: Thu, 28 Aug 2025 02:00:33 +0000
From: patchwork-bot+netdevbpf@...nel.org
To: Sabrina Dubroca <sd@...asysnail.net>
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH net-next v2 00/13] macsec: replace custom netlink
 attribute
 checks with policy-level checks

Hello:

This series was applied to netdev/net-next.git (main)
by Jakub Kicinski <kuba@...nel.org>:

On Tue, 26 Aug 2025 15:16:18 +0200 you wrote:
> We can simplify attribute validation a lot by describing the accepted
> ranges more precisely in the policies, using NLA_POLICY_MAX etc.
> 
> Some of the checks still need to be done later on, because the
> attribute length and acceptable range can vary based on values that
> can't be known when the policy is validated (cipher suite determines
> the key length and valid ICV length, presence of XPN changes the PN
> length, detection of duplicate SCIs or ANs, etc).
> 
> [...]

Here is the summary with links:
  - [net-next,v2,01/13] macsec: replace custom checks on MACSEC_SA_ATTR_AN with NLA_POLICY_MAX
    https://git.kernel.org/netdev/net-next/c/d5e0a8cec12c
  - [net-next,v2,02/13] macsec: replace custom checks on MACSEC_*_ATTR_ACTIVE with NLA_POLICY_MAX
    https://git.kernel.org/netdev/net-next/c/ae6a8f5abed1
  - [net-next,v2,03/13] macsec: replace custom checks on MACSEC_SA_ATTR_SALT with NLA_POLICY_EXACT_LEN
    https://git.kernel.org/netdev/net-next/c/8cf22afc152c
  - [net-next,v2,04/13] macsec: replace custom checks on MACSEC_SA_ATTR_KEYID with NLA_POLICY_EXACT_LEN
    https://git.kernel.org/netdev/net-next/c/d29ae0d7753a
  - [net-next,v2,05/13] macsec: use NLA_POLICY_MAX_LEN for MACSEC_SA_ATTR_KEY
    https://git.kernel.org/netdev/net-next/c/15a700a8429e
  - [net-next,v2,06/13] macsec: use NLA_UINT for MACSEC_SA_ATTR_PN
    https://git.kernel.org/netdev/net-next/c/82f3116132fc
  - [net-next,v2,07/13] macsec: remove validate_add_rxsc
    https://git.kernel.org/netdev/net-next/c/80810c89d39c
  - [net-next,v2,08/13] macsec: add NLA_POLICY_MAX for MACSEC_OFFLOAD_ATTR_TYPE and IFLA_MACSEC_OFFLOAD
    https://git.kernel.org/netdev/net-next/c/35a35279e8ff
  - [net-next,v2,09/13] macsec: replace custom checks on IFLA_MACSEC_ICV_LEN with NLA_POLICY_RANGE
    https://git.kernel.org/netdev/net-next/c/17882d23a6c6
  - [net-next,v2,10/13] macsec: use NLA_POLICY_VALIDATE_FN to validate IFLA_MACSEC_CIPHER_SUITE
    https://git.kernel.org/netdev/net-next/c/4d844cb1ea1f
  - [net-next,v2,11/13] macsec: validate IFLA_MACSEC_VALIDATION with NLA_POLICY_MAX
    https://git.kernel.org/netdev/net-next/c/b81d1e958867
  - [net-next,v2,12/13] macsec: replace custom checks for IFLA_MACSEC_* flags with NLA_POLICY_MAX
    https://git.kernel.org/netdev/net-next/c/b46f5ddb40c8
  - [net-next,v2,13/13] macsec: replace custom check on IFLA_MACSEC_ENCODING_SA with NLA_POLICY_MAX
    https://git.kernel.org/netdev/net-next/c/db9dfc4d30dd

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ