lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAD4GDZyvO-Uw73hRRhcu7ZSuhXR_XmpTzx_GVyO5qFVukov4dA@mail.gmail.com>
Date: Mon, 6 Oct 2025 15:08:04 +0100
From: Donald Hunter <donald.hunter@...il.com>
To: "Remy D. Farley" <one-d-wide@...tonmail.com>
Cc: Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org
Subject: Re: [PATCH] doc/netlink: Expand nftables specification

On Mon, 6 Oct 2025 at 09:29, Donald Hunter <donald.hunter@...il.com> wrote:
>
> "Remy D. Farley" <one-d-wide@...tonmail.com> writes:
>
> > Getting out changes I've accumulated while making nftables spec to work with
> > Rust netlink-bindings. Hopefully, this will be useful upstream.
> >
> > This patch:
> >
> > - Adds missing byte order annotations.
> > - Fills out attributes in some operations.
> > - Replaces non-existent "name" attribute with todo comment.
> > - Adds some missing sub-messages (and associated attributes).
> > - Adds (copies over) documentation for some attributes / enum entries.
> > - Adds "getcompat" operation defined in nft_compat.c .
>
> Can you run
>
>     yamllint Documentation/netlink/specs
>
> The patch adds several errors and warnings.
>
> Cheers!

Can you also use the nftables schema with the python cli, or at least run:

./tools/net/ynl/pyynl/cli.py --spec Documentation/netlink/specs/nftables.yaml

(This is something we should automate as part of make -C tools/net/ynl)

The spec has a lot of schema errors to resolve. You'll also need
changes to the netlink-raw.yaml schema because it is missing the 'max'
check.

diff --git a/Documentation/netlink/netlink-raw.yaml
b/Documentation/netlink/netlink-raw.yaml
index 246fa07bccf6..9cb3cc78a0af 100644
--- a/Documentation/netlink/netlink-raw.yaml
+++ b/Documentation/netlink/netlink-raw.yaml
@@ -19,6 +19,12 @@ $defs:
     type: [ string, integer ]
     pattern: ^[0-9A-Za-z_-]+( - 1)?$
     minimum: 0
+  len-or-limit:
+    # literal int, const name, or limit based on fixed-width type
+    # e.g. u8-min, u16-max, etc.
+    type: [ string, integer ]
+    pattern: ^[0-9A-Za-z_-]+$
+    minimum: 0

 # Schema for specs
 title: Protocol
@@ -270,7 +276,10 @@ properties:
                     type: string
                   min:
                     description: Min value for an integer attribute.
-                    type: integer
+                    $ref: '#/$defs/len-or-limit'
+                  max:
+                    description: Max value for an integer attribute.
+                    $ref: '#/$defs/len-or-limit'
                   min-len:
                     description: Min length for a binary attribute.
                     $ref: '#/$defs/len-or-define'

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ