[net,00/16] net: add missing netlink policies

Message ID	20200303050526.4088735-1-kuba@kernel.org
Headers	show Return-Path: <netdev-owner@vger.kernel.org> From: Jakub Kicinski <kuba@kernel.org> To: davem@davemloft.net Cc: netdev@vger.kernel.org, Jakub Kicinski <kuba@kernel.org> Subject: [PATCH net 00/16] net: add missing netlink policies Date: Mon, 2 Mar 2020 21:05:10 -0800 Message-Id: <20200303050526.4088735-1-kuba@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: netdev-owner@vger.kernel.org Precedence: bulk
Series	net: add missing netlink policies \| expand [net,00/16] net: add missing netlink policies [net,01/16] devlink: validate length of param values [net,02/16] devlink: validate length of region addr/len [net,03/16] fib: add missing attribute validation for tun_id [net,04/16] nl802154: add missing attribute validation [net,05/16] nl802154: add missing attribute validation for dev_type [net,06/16] can: add missing attribute validation for termination [net,07/16] macsec: add missing attribute validation for port [net,08/16] openvswitch: add missing attribute validation for hash [net,09/16] net: fq: add missing attribute validation for orphan mask [net,10/16] net: taprio: add missing attribute validation for txtime delay [net,11/16] team: add missing attribute validation for port ifindex [net,12/16] team: add missing attribute validation for array index [net,13/16] tipc: add missing attribute validation for MTU property [net,14/16] nfc: add missing attribute validation for SE API [net,15/16] nfc: add missing attribute validation for deactivate target [net,16/16] nfc: add missing attribute validation for vendor subcommand

Message ID

20200303050526.4088735-1-kuba@kernel.org

Headers

From: Jakub Kicinski <kuba@kernel.org>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, Jakub Kicinski <kuba@kernel.org>
Subject: [PATCH net 00/16] net: add missing netlink policies
Date: Mon,  2 Mar 2020 21:05:10 -0800
Message-Id: <20200303050526.4088735-1-kuba@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: netdev-owner@vger.kernel.org
Precedence: bulk

Series

net: add missing netlink policies | expand

Message

Jakub Kicinski March 3, 2020, 5:05 a.m. UTC

Hi!

Recent one-off fixes motivated me to do some grepping for
more missing netlink attribute policies. I didn't manage
to even produce a KASAN splat with these, but it should
be possible with sufficient luck. All the missing policies
are pretty trivial (NLA_Uxx).

I've only tested the devlink patches, the rest compiles.

Jakub Kicinski (16):
  devlink: validate length of param values
  devlink: validate length of region addr/len
  fib: add missing attribute validation for tun_id
  nl802154: add missing attribute validation
  nl802154: add missing attribute validation for dev_type
  can: add missing attribute validation for termination
  macsec: add missing attribute validation for port
  openvswitch: add missing attribute validation for hash
  net: fq: add missing attribute validation for orphan mask
  net: taprio: add missing attribute validation for txtime delay
  team: add missing attribute validation for port ifindex
  team: add missing attribute validation for array index
  tipc: add missing attribute validation for MTU property
  nfc: add missing attribute validation for SE API
  nfc: add missing attribute validation for deactivate target
  nfc: add missing attribute validation for vendor subcommand

 drivers/net/can/dev.c      |  1 +
 drivers/net/macsec.c       |  1 +
 drivers/net/team/team.c    |  2 ++
 include/net/fib_rules.h    |  1 +
 net/core/devlink.c         | 33 +++++++++++++++++++++------------
 net/ieee802154/nl_policy.c |  6 ++++++
 net/nfc/netlink.c          |  4 ++++
 net/openvswitch/datapath.c |  1 +
 net/sched/sch_fq.c         |  1 +
 net/sched/sch_taprio.c     |  1 +
 net/tipc/netlink.c         |  1 +
 11 files changed, 40 insertions(+), 12 deletions(-)

Comments

David Miller March 3, 2020, 9:29 p.m. UTC | #1

From: Jakub Kicinski <kuba@kernel.org>
Date: Mon,  2 Mar 2020 21:05:10 -0800

> Recent one-off fixes motivated me to do some grepping for
> more missing netlink attribute policies. I didn't manage
> to even produce a KASAN splat with these, but it should
> be possible with sufficient luck. All the missing policies
> are pretty trivial (NLA_Uxx).
> 
> I've only tested the devlink patches, the rest compiles.

Looks good to me, and I'll queue these up for -stable as well.

Thanks.