From patchwork Sun Apr 30 14:28:39 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jamal Hadi Salim <jhs@mojatatu.com>
X-Patchwork-Id: 756883
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3wG90l4Gnwz9s1h
	for <patchwork-incoming@ozlabs.org>;
	Mon,  1 May 2017 00:29:11 +1000 (AEST)
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=mojatatu-com.20150623.gappssmtp.com
	header.i=@mojatatu-com.20150623.gappssmtp.com
	header.b="0b0TEBob"; dkim-atps=neutral
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1756276AbdD3O3B (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Sun, 30 Apr 2017 10:29:01 -0400
Received: from mail-io0-f196.google.com ([209.85.223.196]:35191 "EHLO
	mail-io0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752633AbdD3O25 (ORCPT
	<rfc822;netdev@vger.kernel.org>); Sun, 30 Apr 2017 10:28:57 -0400
Received: by mail-io0-f196.google.com with SMTP id d203so17263347iof.2
	for <netdev@vger.kernel.org>; Sun, 30 Apr 2017 07:28:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=mojatatu-com.20150623.gappssmtp.com; s=20150623;
	h=from:to:cc:subject:date:message-id;
	bh=CHKrh8ZEsC6ZuQUXDomA+D0jcMUGGRxlGi1tmTKkII0=;
	b=0b0TEBobsS1CiYe0OZR7zCSSg/FG+xHDOS98ojGMdA7S3/Qaz7NXRiZdrI1kRYENJT
	SRWyJWud3saHnLfB/xyPm3PI/a2LJBE/dNaOB89EZoBp2chgOrxeVauOgN75leZ6PGmV
	YJ1NNXGLR79hvhJJ09xnuMySIqEeVENKeKh3ONP8ZG8x90SG+1eSvRVumZvfahNjMIuR
	3/fhSN5fRlBPGuBjuJR6MXxj2r6NYaKLOqswXR5OrI+rZMHeKxGv3Xy58dJxltK+eUDd
	/jpgEYbEPCvy+Vbbwc9Wv/l9AwC58mr9Lq+hSBUqBx8EuV3GWygDDB/emHyvkyaE7Kra
	L0pQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=CHKrh8ZEsC6ZuQUXDomA+D0jcMUGGRxlGi1tmTKkII0=;
	b=HBH2N55BRekhtcLLktS5zgppP9sIMyLe3WMVflVo69HnjFYYpBJKUU/jd1u474VXVe
	pCXMzkl6QINSBSgVmHtCahhVs1uuN/rvyq9el6TB+N6OuCwh5JWC5r37Ms5B6xXBTJGf
	EVugdhv7z48EAdjNI8SK5qa9ZmMcL9tAf9B3AvK8ySKr1PawxQm4IjfcUzCgKAJ0MxyD
	2hI0WpcaEYdj3c4Zy05CNFQnrfzvGGUQCT7npzAqrtjZgMVPMUwrC/6CrZhWiAiIrynj
	8Q4shBTJV8vNm6lDmmvDtMPpIztvcfI42SsavkGP2DNCvHUJwtCq/pFLCMiSjAlMir6w
	P7EA==
X-Gm-Message-State: AN3rC/4NggIsH7snqP7+ztrQoYmFafXQzc5nrkbfSUxjJg8PdYFBZrFd
	ENDY3UZ60wCD7MBZ
X-Received: by 10.107.24.194 with SMTP id 185mr18623177ioy.76.1493562536219;
	Sun, 30 Apr 2017 07:28:56 -0700 (PDT)
Received: from localhost.localdomain (23-233-25-245.cpe.pppoe.ca.
	[23.233.25.245]) by smtp.gmail.com with ESMTPSA id
	f14sm5122309iod.5.2017.04.30.07.28.54
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Sun, 30 Apr 2017 07:28:55 -0700 (PDT)
From: Jamal Hadi Salim <jhs@mojatatu.com>
X-Google-Original-From: Jamal Hadi Salim <jhs@emojatatu.com>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, jiri@resnulli.us, xiyou.wangcong@gmail.com,
	Jamal Hadi Salim <jhs@mojatatu.com>
Subject: [PATCH net-next RFC 1/1] net netlink: Add new type NLA_FLAG_BITS
Date: Sun, 30 Apr 2017 10:28:39 -0400
Message-Id: <1493562519-15563-1-git-send-email-jhs@emojatatu.com>
X-Mailer: git-send-email 1.9.1
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: Jamal Hadi Salim <jhs@mojatatu.com>

Generic bitflags attribute content sent to the kernel by user.
With this type the user can either set or unset a flag in the
kernel.

The nla_flag_values is a bitmap that defines the values being set
The nla_flag_selector is a bitmask that defines which value is legit

A check is made to ensure the rules that a kernel subsystem always
conforms to bitflags the kernel already knows about. Example
if the user tries to set a bit flag that is not understood then
the _it will be rejected_.
The user specifies the attribute policy as:
[ATTR_GOO] = { .type = NLA_FLAG_BITS, .validation_data = &myvalidflags },

where myvalidflags is the bit mask of the flags the kernel understands.

If the user _does not_ provide myvalidflags then the attribute will
also be rejected.

Examples:
nla_flag_values = 0x0, and nla_flag_selector = 0x1
implies we are selecting bit 1 and we want to set its value to 0.

nla_flag_values = 0x2, and nla_flag_selector = 0x2
implies we are selecting bit 2 and we want to set its value to 1.

This patch also provides an extra feature (which should be a separate
pach): a validation callback that could be speaciliazed for other types.

So a kernel subsystem could specify validation rules of the following
nature:

[ATTR_GOO] = { .type = MYTYPE,
	       .validation_data = &myvalidation_data,
               .validate_content = mycontent_validator },

With validator callback looking like:

int mycontent_validator(const struct nlattr *nla, void *valid_data)
{
       const struct myattribute *user_data = nla_data(nla);
       struct myvalidation_struct *valid_data_constraint = valid_data;

      ... validate user_data against valid_data_constraint ...
      ... return appropriate error code etc ...
}

Only compile tested to float the idea.

Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
---
 include/net/netlink.h          | 11 +++++++++++
 include/uapi/linux/rtnetlink.h | 17 +++++++++++++++++
 lib/nlattr.c                   | 25 +++++++++++++++++++++++++
 3 files changed, 53 insertions(+)

diff --git a/include/net/netlink.h b/include/net/netlink.h
index 0170917..8ab9784 100644
--- a/include/net/netlink.h
+++ b/include/net/netlink.h
@@ -6,6 +6,11 @@
 #include <linux/jiffies.h>
 #include <linux/in6.h>
 
+struct nla_bit_flags {
+	u32 nla_flag_values;
+	u32 nla_flag_selector;
+};
+
 /* ========================================================================
  *         Netlink Messages and Attributes Interface (As Seen On TV)
  * ------------------------------------------------------------------------
@@ -178,6 +183,7 @@ enum {
 	NLA_S16,
 	NLA_S32,
 	NLA_S64,
+	NLA_FLAG_BITS,
 	__NLA_TYPE_MAX,
 };
 
@@ -206,6 +212,7 @@ enum {
  *    NLA_MSECS            Leaving the length field zero will verify the
  *                         given type fits, using it verifies minimum length
  *                         just like "All other"
+ *    NLA_FLAG_BITS        A bitmap/bitselector attribute
  *    All other            Minimum length of attribute payload
  *
  * Example:
@@ -213,11 +220,15 @@ enum {
  * 	[ATTR_FOO] = { .type = NLA_U16 },
  *	[ATTR_BAR] = { .type = NLA_STRING, .len = BARSIZ },
  *	[ATTR_BAZ] = { .len = sizeof(struct mystruct) },
+ *	[ATTR_GOO] = { .type = NLA_FLAG_BITS, .validation_data = &myvalidflags },
  * };
  */
 struct nla_policy {
 	u16		type;
 	u16		len;
+	void            *validation_data;
+	int             (*validate_content)(const struct nlattr *nla,
+					    const void *validation_data);
 };
 
 /**
diff --git a/include/uapi/linux/rtnetlink.h b/include/uapi/linux/rtnetlink.h
index cce0613..3691d8d 100644
--- a/include/uapi/linux/rtnetlink.h
+++ b/include/uapi/linux/rtnetlink.h
@@ -179,6 +179,23 @@ struct rtattr {
 #define RTA_DATA(rta)   ((void*)(((char*)(rta)) + RTA_LENGTH(0)))
 #define RTA_PAYLOAD(rta) ((int)((rta)->rta_len) - RTA_LENGTH(0))
 
+/* Generic bitflags attribute content sent to the kernel.
+ *
+ * The nla_flag_values is a bitmap that defines the values being set
+ * The nla_flag_selector is a bitmask that defines which value is legit
+ *
+ * Examples:
+ *  nla_flag_values = 0x0, and nla_flag_selector = 0x1
+ *  implies we are selecting bit 1 and we want to set its value to 0.
+ *
+ *  nla_flag_values = 0x2, and nla_flag_selector = 0x2
+ *  implies we are selecting bit 2 and we want to set its value to 1.
+ *
+ */
+struct __nla_bit_flags {
+	__u32 nla_flag_values;
+	__u32 nla_flag_selector;
+};
 
 
 
diff --git a/lib/nlattr.c b/lib/nlattr.c
index a7e0b16..78fed43 100644
--- a/lib/nlattr.c
+++ b/lib/nlattr.c
@@ -27,6 +27,21 @@
 	[NLA_S64]	= sizeof(s64),
 };
 
+static int validate_nla_bit_flags(const struct nlattr *nla, void *valid_data)
+{
+	const struct nla_bit_flags *nbf = nla_data(nla);
+	u32 *valid_flags_mask = valid_data;
+
+	if (!valid_data)
+		return -EINVAL;
+
+
+	if (nbf->nla_flag_values & ~*valid_flags_mask)
+		return -EINVAL;
+
+	return 0;
+}
+
 static int validate_nla(const struct nlattr *nla, int maxtype,
 			const struct nla_policy *policy)
 {
@@ -46,6 +61,13 @@ static int validate_nla(const struct nlattr *nla, int maxtype,
 			return -ERANGE;
 		break;
 
+	case NLA_FLAG_BITS:
+		if (attrlen != 8) /* 2 x 32 bits */
+			return -ERANGE;
+
+		return validate_nla_bit_flags(nla, pt->validation_data);
+		break;
+
 	case NLA_NUL_STRING:
 		if (pt->len)
 			minlen = min_t(int, attrlen, pt->len + 1);
@@ -103,6 +125,9 @@ static int validate_nla(const struct nlattr *nla, int maxtype,
 			return -ERANGE;
 	}
 
+	if (pt->validate_content)
+		return pt->validate_content(nla, pt->validation_data);
+
 	return 0;
 }