lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8DeRsroLNgWYQgSbBhZxQ50aX1W-Q6so6LeuEBhe4_OJoqFqd2jEaCEIGQn3DlJeGs2Ci_lF0FRWjKkSJhbHbn_BEq-B5M3qsiJn5-FjQ1E=@protonmail.com>
Date: Thu, 09 Oct 2025 20:24:43 +0000
From: "Remy D. Farley" <one-d-wide@...tonmail.com>
To: Donald Hunter <donald.hunter@...il.com>
Cc: Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org
Subject: [PATCH] doc/netlink: Expand nftables specification

On Friday, October 3rd, 2025 at 6:05 PM, Jakub Kicinski <kuba@...nel.org> wrote:
> Hm, hm, hm. So for "do" we use empty replies to mean that the reply
> will actually arrive but it will have no attributes. Whether an
> operation returns a reply or not cannot be changed once operation
> was added without breaking uAPI. So the empty reply is a way for us
> to "reserve" the reply because we think we may need it in the future.
> 
> Or at least that's what my faulty memory of the situation is.
> 
> What an empty dump reply is I do not know. How we could have a dump
> enumerating objects without producing replies!? :$


I spent some time annotating the missing attributes, so fixing the rst script
isn't required, at least for this patch. Thanks for clarifying though, I didn't
notice the distinction at first.


On Friday, October 3rd, 2025 at 9:04 PM, Jakub Kicinski <kuba@...nel.org> wrote:
> Please don't send a reply in a previous thread and 4 min later a new
> version of the patch :(


Sorry ._. I will use this (older) thread.


On Monday, October 6th, 2025 at 2:08 PM, Donald Hunter <donald.hunter@...il.com> wrote:
> On Mon, 6 Oct 2025 at 09:29, Donald Hunter donald.hunter@...il.com wrote:
> > Can you run
> > 
> > yamllint Documentation/netlink/specs
> > 
> > The patch adds several errors and warnings.
> > 
> > Cheers!
> 
> 
> Can you also use the nftables schema with the python cli, or at least run:
> 
> ./tools/net/ynl/pyynl/cli.py --spec Documentation/netlink/specs/nftables.yaml
>
> (This is something we should automate as part of make -C tools/net/ynl)


Done. All 3 are working in patch v3.


> The spec has a lot of schema errors to resolve. You'll also need
> changes to the netlink-raw.yaml schema because it is missing the 'max'
> check.
> 
> diff --git a/Documentation/netlink/netlink-raw.yaml
> b/Documentation/netlink/netlink-raw.yaml
> index 246fa07bccf6..9cb3cc78a0af 100644
> --- a/Documentation/netlink/netlink-raw.yaml
> +++ b/Documentation/netlink/netlink-raw.yaml
> @@ -19,6 +19,12 @@ $defs:
> type: [ string, integer ]
> pattern: ^[0-9A-Za-z_-]+( - 1)?$
> minimum: 0
> + len-or-limit:
> + # literal int, const name, or limit based on fixed-width type
> + # e.g. u8-min, u16-max, etc.
> + type: [ string, integer ]
> + pattern: ^[0-9A-Za-z_-]+$
> + minimum: 0
> 
> # Schema for specs
> title: Protocol
> @@ -270,7 +276,10 @@ properties:
> type: string
> min:
> description: Min value for an integer attribute.
> - type: integer
> + $ref: '#/$defs/len-or-limit'
> + max:
> + description: Max value for an integer attribute.
> + $ref: '#/$defs/len-or-limit'
> min-len:
> description: Min length for a binary attribute.
> $ref: '#/$defs/len-or-define'


Thanks, will use. I would've otherwise ended up just removing these annotations :)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ