Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 980257,
    "url": "http://patchwork.ozlabs.org/api/patches/980257/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netdev/patch/20181008031644.15989-15-dsahern@kernel.org/",
    "project": {
        "id": 7,
        "url": "http://patchwork.ozlabs.org/api/projects/7/?format=api",
        "name": "Linux network development",
        "link_name": "netdev",
        "list_id": "netdev.vger.kernel.org",
        "list_email": "netdev@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20181008031644.15989-15-dsahern@kernel.org>",
    "list_archive_url": null,
    "date": "2018-10-08T03:16:35",
    "name": "[v2,net-next,14/23] rtnetlink: Update fib dumps for strict data checking",
    "commit_ref": null,
    "pull_url": null,
    "state": "accepted",
    "archived": true,
    "hash": "b1c9278bfd89e4786df8bda11a88fc5ddcff58f2",
    "submitter": {
        "id": 74101,
        "url": "http://patchwork.ozlabs.org/api/people/74101/?format=api",
        "name": "David Ahern",
        "email": "dsahern@kernel.org"
    },
    "delegate": {
        "id": 34,
        "url": "http://patchwork.ozlabs.org/api/users/34/?format=api",
        "username": "davem",
        "first_name": "David",
        "last_name": "Miller",
        "email": "davem@davemloft.net"
    },
    "mbox": "http://patchwork.ozlabs.org/project/netdev/patch/20181008031644.15989-15-dsahern@kernel.org/mbox/",
    "series": [
        {
            "id": 69470,
            "url": "http://patchwork.ozlabs.org/api/series/69470/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netdev/list/?series=69470",
            "date": "2018-10-08T03:16:21",
            "name": "rtnetlink: Add support for rigid checking of data in dump request",
            "version": 2,
            "mbox": "http://patchwork.ozlabs.org/series/69470/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/980257/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/980257/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<netdev-owner@vger.kernel.org>",
        "X-Original-To": "patchwork-incoming-netdev@ozlabs.org",
        "Delivered-To": "patchwork-incoming-netdev@ozlabs.org",
        "Authentication-Results": [
            "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)",
            "ozlabs.org;\n\tdmarc=pass (p=none dis=none) header.from=kernel.org",
            "ozlabs.org; dkim=pass (1024-bit key;\n\tunprotected) header.d=kernel.org header.i=@kernel.org\n\theader.b=\"x2nSCxtn\"; dkim-atps=neutral"
        ],
        "Received": [
            "from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 42T5BF4678z9sCV\n\tfor <patchwork-incoming-netdev@ozlabs.org>;\n\tMon,  8 Oct 2018 14:16:53 +1100 (AEDT)",
            "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1727005AbeJHK0V (ORCPT\n\t<rfc822;patchwork-incoming-netdev@ozlabs.org>);\n\tMon, 8 Oct 2018 06:26:21 -0400",
            "from mail.kernel.org ([198.145.29.99]:42550 \"EHLO mail.kernel.org\"\n\trhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP\n\tid S1726897AbeJHK0V (ORCPT <rfc822;netdev@vger.kernel.org>);\n\tMon, 8 Oct 2018 06:26:21 -0400",
            "from kenny.it.cumulusnetworks.com. (fw.cumulusnetworks.com\n\t[216.129.126.126])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128\n\tbits)) (No client certificate requested)\n\tby mail.kernel.org (Postfix) with ESMTPSA id A2F6A2089C;\n\tMon,  8 Oct 2018 03:16:50 +0000 (UTC)"
        ],
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;\n\ts=default; t=1538968610;\n\tbh=OT4PCamEo6q/158YYCZB1RR6ECewZWob4UWwSRLmNSc=;\n\th=From:To:Cc:Subject:Date:In-Reply-To:References:From;\n\tb=x2nSCxtn1Oo1dv9IRDBMtZ6u7LvlAQC1C8wKhHmW+HcaBmGAjiuZu3i5UcSQXBns5\n\tXOM3D0eVxsDrcdhry0fxtY8XMeA34wBzP5JbLZi8eF25pE4r0+937eXn/Lm3lj7oP9\n\tqfZgs1U2GdmrrzH2ac6NoHhRiFSP86WMZ32xwCoE=",
        "From": "David Ahern <dsahern@kernel.org>",
        "To": "netdev@vger.kernel.org, davem@davemloft.net",
        "Cc": "christian@brauner.io, jbenc@redhat.com, stephen@networkplumber.org,\n\tDavid Ahern <dsahern@gmail.com>",
        "Subject": "[PATCH v2 net-next 14/23] rtnetlink: Update fib dumps for strict\n\tdata checking",
        "Date": "Sun,  7 Oct 2018 20:16:35 -0700",
        "Message-Id": "<20181008031644.15989-15-dsahern@kernel.org>",
        "X-Mailer": "git-send-email 2.11.0",
        "In-Reply-To": "<20181008031644.15989-1-dsahern@kernel.org>",
        "References": "<20181008031644.15989-1-dsahern@kernel.org>",
        "Sender": "netdev-owner@vger.kernel.org",
        "Precedence": "bulk",
        "List-ID": "<netdev.vger.kernel.org>",
        "X-Mailing-List": "netdev@vger.kernel.org"
    },
    "content": "From: David Ahern <dsahern@gmail.com>\n\nAdd helper to check netlink message for route dumps. If the strict flag\nis set the dump request is expected to have an rtmsg struct as the header.\nAll elements of the struct are expected to be 0 with the exception of\nrtm_flags (which is used by both ipv4 and ipv6 dumps) and no attributes\ncan be appended. rtm_flags can only have RTM_F_CLONED and RTM_F_PREFIX\nset.\n\nUpdate inet_dump_fib, inet6_dump_fib, mpls_dump_routes, ipmr_rtm_dumproute,\nand ip6mr_rtm_dumproute to call this helper if strict data checking is\nenabled.\n\nSigned-off-by: David Ahern <dsahern@gmail.com>\n---\n include/net/ip_fib.h    |  2 ++\n net/ipv4/fib_frontend.c | 42 ++++++++++++++++++++++++++++++++++++++++--\n net/ipv4/ipmr.c         |  7 +++++++\n net/ipv6/ip6_fib.c      |  8 ++++++++\n net/ipv6/ip6mr.c        |  9 +++++++++\n net/mpls/af_mpls.c      |  8 ++++++++\n 6 files changed, 74 insertions(+), 2 deletions(-)",
    "diff": "diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h\nindex f7c109e37298..9846b79c9ee1 100644\n--- a/include/net/ip_fib.h\n+++ b/include/net/ip_fib.h\n@@ -452,4 +452,6 @@ static inline void fib_proc_exit(struct net *net)\n \n u32 ip_mtu_from_fib_result(struct fib_result *res, __be32 daddr);\n \n+int ip_valid_fib_dump_req(const struct nlmsghdr *nlh,\n+\t\t\t  struct netlink_ext_ack *extack);\n #endif  /* _NET_FIB_H */\ndiff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c\nindex 30e2bcc3ef2a..038f511c73fa 100644\n--- a/net/ipv4/fib_frontend.c\n+++ b/net/ipv4/fib_frontend.c\n@@ -802,8 +802,40 @@ static int inet_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh,\n \treturn err;\n }\n \n+int ip_valid_fib_dump_req(const struct nlmsghdr *nlh,\n+\t\t\t  struct netlink_ext_ack *extack)\n+{\n+\tstruct rtmsg *rtm;\n+\n+\tif (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*rtm))) {\n+\t\tNL_SET_ERR_MSG(extack, \"Invalid header for FIB dump request\");\n+\t\treturn -EINVAL;\n+\t}\n+\n+\trtm = nlmsg_data(nlh);\n+\tif (rtm->rtm_dst_len || rtm->rtm_src_len  || rtm->rtm_tos   ||\n+\t    rtm->rtm_table   || rtm->rtm_protocol || rtm->rtm_scope ||\n+\t    rtm->rtm_type) {\n+\t\tNL_SET_ERR_MSG(extack, \"Invalid values in header for FIB dump request\");\n+\t\treturn -EINVAL;\n+\t}\n+\tif (rtm->rtm_flags & ~(RTM_F_CLONED | RTM_F_PREFIX)) {\n+\t\tNL_SET_ERR_MSG(extack, \"Invalid flags for FIB dump request\");\n+\t\treturn -EINVAL;\n+\t}\n+\n+\tif (nlmsg_attrlen(nlh, sizeof(*rtm))) {\n+\t\tNL_SET_ERR_MSG(extack, \"Invalid data after header in FIB dump request\");\n+\t\treturn -EINVAL;\n+\t}\n+\n+\treturn 0;\n+}\n+EXPORT_SYMBOL_GPL(ip_valid_fib_dump_req);\n+\n static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)\n {\n+\tconst struct nlmsghdr *nlh = cb->nlh;\n \tstruct net *net = sock_net(skb->sk);\n \tunsigned int h, s_h;\n \tunsigned int e = 0, s_e;\n@@ -811,8 +843,14 @@ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)\n \tstruct hlist_head *head;\n \tint dumped = 0, err;\n \n-\tif (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) &&\n-\t    ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED)\n+\tif (cb->strict_check) {\n+\t\terr = ip_valid_fib_dump_req(nlh, cb->extack);\n+\t\tif (err < 0)\n+\t\t\treturn err;\n+\t}\n+\n+\tif (nlmsg_len(nlh) >= sizeof(struct rtmsg) &&\n+\t    ((struct rtmsg *)nlmsg_data(nlh))->rtm_flags & RTM_F_CLONED)\n \t\treturn skb->len;\n \n \ts_h = cb->args[0];\ndiff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c\nindex e7322e407bb4..91b0d5671649 100644\n--- a/net/ipv4/ipmr.c\n+++ b/net/ipv4/ipmr.c\n@@ -2527,6 +2527,13 @@ static int ipmr_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,\n \n static int ipmr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb)\n {\n+\tif (cb->strict_check) {\n+\t\tint err = ip_valid_fib_dump_req(cb->nlh, cb->extack);\n+\n+\t\tif (err < 0)\n+\t\t\treturn err;\n+\t}\n+\n \treturn mr_rtm_dumproute(skb, cb, ipmr_mr_table_iter,\n \t\t\t\t_ipmr_fill_mroute, &mfc_unres_lock);\n }\ndiff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c\nindex cf709eadc932..e14d244c551f 100644\n--- a/net/ipv6/ip6_fib.c\n+++ b/net/ipv6/ip6_fib.c\n@@ -564,6 +564,7 @@ static int fib6_dump_table(struct fib6_table *table, struct sk_buff *skb,\n \n static int inet6_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)\n {\n+\tconst struct nlmsghdr *nlh = cb->nlh;\n \tstruct net *net = sock_net(skb->sk);\n \tunsigned int h, s_h;\n \tunsigned int e = 0, s_e;\n@@ -573,6 +574,13 @@ static int inet6_dump_fib(struct sk_buff *skb, struct netlink_callback *cb)\n \tstruct hlist_head *head;\n \tint res = 0;\n \n+\tif (cb->strict_check) {\n+\t\tint err = ip_valid_fib_dump_req(nlh, cb->extack);\n+\n+\t\tif (err < 0)\n+\t\t\treturn err;\n+\t}\n+\n \ts_h = cb->args[0];\n \ts_e = cb->args[1];\n \ndiff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c\nindex 6f07b8380425..d7563ef76518 100644\n--- a/net/ipv6/ip6mr.c\n+++ b/net/ipv6/ip6mr.c\n@@ -2457,6 +2457,15 @@ static void mrt6msg_netlink_event(struct mr_table *mrt, struct sk_buff *pkt)\n \n static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb)\n {\n+\tconst struct nlmsghdr *nlh = cb->nlh;\n+\n+\tif (cb->strict_check) {\n+\t\tint err = ip_valid_fib_dump_req(nlh, cb->extack);\n+\n+\t\tif (err < 0)\n+\t\t\treturn err;\n+\t}\n+\n \treturn mr_rtm_dumproute(skb, cb, ip6mr_mr_table_iter,\n \t\t\t\t_ip6mr_fill_mroute, &mfc_unres_lock);\n }\ndiff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c\nindex 55a30ee3d820..0458c8aa5c11 100644\n--- a/net/mpls/af_mpls.c\n+++ b/net/mpls/af_mpls.c\n@@ -2017,6 +2017,7 @@ static int mpls_dump_route(struct sk_buff *skb, u32 portid, u32 seq, int event,\n \n static int mpls_dump_routes(struct sk_buff *skb, struct netlink_callback *cb)\n {\n+\tconst struct nlmsghdr *nlh = cb->nlh;\n \tstruct net *net = sock_net(skb->sk);\n \tstruct mpls_route __rcu **platform_label;\n \tsize_t platform_labels;\n@@ -2024,6 +2025,13 @@ static int mpls_dump_routes(struct sk_buff *skb, struct netlink_callback *cb)\n \n \tASSERT_RTNL();\n \n+\tif (cb->strict_check) {\n+\t\tint err = ip_valid_fib_dump_req(nlh, cb->extack);\n+\n+\t\tif (err < 0)\n+\t\t\treturn err;\n+\t}\n+\n \tindex = cb->args[0];\n \tif (index < MPLS_LABEL_FIRST_UNRESERVED)\n \t\tindex = MPLS_LABEL_FIRST_UNRESERVED;\n",
    "prefixes": [
        "v2",
        "net-next",
        "14/23"
    ]
}