Re: [PATCH net-next v2 3/3] netlink: add validation of NLA_F_NESTED flag

From: Stephen Hemminger
Date: Tue Jul 23 2019 - 14:02:15 EST

Next message: Andrey Konovalov: "Re: [PATCH v19 00/15] arm64: untag user pointers passed to the kernel"
Previous message: Andrey Konovalov: "[PATCH v19 01/15] arm64: untag user pointers in access_ok and __uaccess_mask_ptr"
In reply to: Thomas Haller: "Re: [PATCH net-next v2 3/3] netlink: add validation of NLA_F_NESTED flag"
Next in thread: Johannes Berg: "Re: [PATCH net-next v2 3/3] netlink: add validation of NLA_F_NESTED flag"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2 May 2019 16:15:10 +0200 (CEST)
Michal Kubecek <mkubecek@xxxxxxx> wrote:

> Add new validation flag NL_VALIDATE_NESTED which adds three consistency
> checks of NLA_F_NESTED_FLAG:
>
> - the flag is set on attributes with NLA_NESTED{,_ARRAY} policy
> - the flag is not set on attributes with other policies except NLA_UNSPEC
> - the flag is set on attribute passed to nla_parse_nested()
>
> Signed-off-by: Michal Kubecek <mkubecek@xxxxxxx>
>
> v2: change error messages to mention NLA_F_NESTED explicitly

There are some cases where netlink related to IPv4 does not send nested
flag. You risk breaking older iproute2 and other tools being used on newer
kernel. I.e this patch may break binary compatibility. Have you tried running
with this on a very old distro (like Redhat Linux 9)?

Next message: Andrey Konovalov: "Re: [PATCH v19 00/15] arm64: untag user pointers passed to the kernel"
Previous message: Andrey Konovalov: "[PATCH v19 01/15] arm64: untag user pointers in access_ok and __uaccess_mask_ptr"
In reply to: Thomas Haller: "Re: [PATCH net-next v2 3/3] netlink: add validation of NLA_F_NESTED flag"
Next in thread: Johannes Berg: "Re: [PATCH net-next v2 3/3] netlink: add validation of NLA_F_NESTED flag"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]