GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/patches/980271/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 980271,
    "url": "http://patchwork.ozlabs.org/api/patches/980271/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netdev/patch/20181008031644.15989-10-dsahern@kernel.org/",
    "project": {
        "id": 7,
        "url": "http://patchwork.ozlabs.org/api/projects/7/?format=api",
        "name": "Linux network development",
        "link_name": "netdev",
        "list_id": "netdev.vger.kernel.org",
        "list_email": "netdev@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20181008031644.15989-10-dsahern@kernel.org>",
    "list_archive_url": null,
    "date": "2018-10-08T03:16:30",
    "name": "[v2,net-next,09/23] rtnetlink: Update rtnl_dump_ifinfo for strict data checking",
    "commit_ref": null,
    "pull_url": null,
    "state": "accepted",
    "archived": true,
    "hash": "db3fcf9bad374302c7545ab9add7c6906ad57c4c",
    "submitter": {
        "id": 74101,
        "url": "http://patchwork.ozlabs.org/api/people/74101/?format=api",
        "name": "David Ahern",
        "email": "dsahern@kernel.org"
    },
    "delegate": {
        "id": 34,
        "url": "http://patchwork.ozlabs.org/api/users/34/?format=api",
        "username": "davem",
        "first_name": "David",
        "last_name": "Miller",
        "email": "davem@davemloft.net"
    },
    "mbox": "http://patchwork.ozlabs.org/project/netdev/patch/20181008031644.15989-10-dsahern@kernel.org/mbox/",
    "series": [
        {
            "id": 69470,
            "url": "http://patchwork.ozlabs.org/api/series/69470/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netdev/list/?series=69470",
            "date": "2018-10-08T03:16:21",
            "name": "rtnetlink: Add support for rigid checking of data in dump request",
            "version": 2,
            "mbox": "http://patchwork.ozlabs.org/series/69470/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/980271/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/980271/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<netdev-owner@vger.kernel.org>",
        "X-Original-To": "patchwork-incoming-netdev@ozlabs.org",
        "Delivered-To": "patchwork-incoming-netdev@ozlabs.org",
        "Authentication-Results": [
            "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)",
            "ozlabs.org;\n\tdmarc=pass (p=none dis=none) header.from=kernel.org",
            "ozlabs.org; dkim=pass (1024-bit key;\n\tunprotected) header.d=kernel.org header.i=@kernel.org\n\theader.b=\"B1tJNRL0\"; dkim-atps=neutral"
        ],
        "Received": [
            "from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 42T5Bn0h09z9sCr\n\tfor <patchwork-incoming-netdev@ozlabs.org>;\n\tMon,  8 Oct 2018 14:17:21 +1100 (AEDT)",
            "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1727122AbeJHK0t (ORCPT\n\t<rfc822;patchwork-incoming-netdev@ozlabs.org>);\n\tMon, 8 Oct 2018 06:26:49 -0400",
            "from mail.kernel.org ([198.145.29.99]:42640 \"EHLO mail.kernel.org\"\n\trhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP\n\tid S1726918AbeJHK0U (ORCPT <rfc822;netdev@vger.kernel.org>);\n\tMon, 8 Oct 2018 06:26:20 -0400",
            "from kenny.it.cumulusnetworks.com. (fw.cumulusnetworks.com\n\t[216.129.126.126])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128\n\tbits)) (No client certificate requested)\n\tby mail.kernel.org (Postfix) with ESMTPSA id 457D320882;\n\tMon,  8 Oct 2018 03:16:49 +0000 (UTC)"
        ],
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;\n\ts=default; t=1538968609;\n\tbh=mfxJYzmHo1/R9UAY3mcs1An34kaYJ50TQfkP9ak3MpQ=;\n\th=From:To:Cc:Subject:Date:In-Reply-To:References:From;\n\tb=B1tJNRL03XKXURP0B4hZpwuLbs6YwOcv6getsVpJHkUgciqK1+rp6GPHUWY6GH+gC\n\tC8TGmHP1uA5QniTV0S5fXi36Qfewy5MoYQlt9348ZZxQLs8ckehdozZNb+7OC5Ss4w\n\t7HuOVMCIW3YxWLaHVUEXBO8aar1VwEu6+3lEMahA=",
        "From": "David Ahern <dsahern@kernel.org>",
        "To": "netdev@vger.kernel.org, davem@davemloft.net",
        "Cc": "christian@brauner.io, jbenc@redhat.com, stephen@networkplumber.org,\n\tDavid Ahern <dsahern@gmail.com>",
        "Subject": "[PATCH v2 net-next 09/23] rtnetlink: Update rtnl_dump_ifinfo for\n\tstrict data checking",
        "Date": "Sun,  7 Oct 2018 20:16:30 -0700",
        "Message-Id": "<20181008031644.15989-10-dsahern@kernel.org>",
        "X-Mailer": "git-send-email 2.11.0",
        "In-Reply-To": "<20181008031644.15989-1-dsahern@kernel.org>",
        "References": "<20181008031644.15989-1-dsahern@kernel.org>",
        "Sender": "netdev-owner@vger.kernel.org",
        "Precedence": "bulk",
        "List-ID": "<netdev.vger.kernel.org>",
        "X-Mailing-List": "netdev@vger.kernel.org"
    },
    "content": "From: David Ahern <dsahern@gmail.com>\n\nUpdate rtnl_dump_ifinfo for strict data checking. If the flag is set,\nthe dump request is expected to have an ifinfomsg struct as the header\npotentially followed by one or more attributes. Any data passed in the\nheader or as an attribute is taken as a request to influence the data\nreturned. Only values supported by the dump handler are allowed to be\nnon-0 or set in the request. At the moment only the IFA_TARGET_NETNSID,\nIFLA_EXT_MASK, IFLA_MASTER, and IFLA_LINKINFO attributes are supported.\n\nExisting code does not fail the dump if nlmsg_parse fails. That behavior\nis kept for non-strict checking.\n\nSigned-off-by: David Ahern <dsahern@gmail.com>\n---\n net/core/rtnetlink.c | 113 +++++++++++++++++++++++++++++++++++++--------------\n 1 file changed, 83 insertions(+), 30 deletions(-)",
    "diff": "diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c\nindex 4486e8b7d9d0..12fd52105005 100644\n--- a/net/core/rtnetlink.c\n+++ b/net/core/rtnetlink.c\n@@ -1878,8 +1878,52 @@ struct net *rtnl_get_net_ns_capable(struct sock *sk, int netnsid)\n }\n EXPORT_SYMBOL_GPL(rtnl_get_net_ns_capable);\n \n+static int rtnl_valid_dump_ifinfo_req(const struct nlmsghdr *nlh,\n+\t\t\t\t      bool strict_check, struct nlattr **tb,\n+\t\t\t\t      struct netlink_ext_ack *extack)\n+{\n+\tint hdrlen;\n+\n+\tif (strict_check) {\n+\t\tstruct ifinfomsg *ifm;\n+\n+\t\tif (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) {\n+\t\t\tNL_SET_ERR_MSG(extack, \"Invalid header for link dump\");\n+\t\t\treturn -EINVAL;\n+\t\t}\n+\n+\t\tifm = nlmsg_data(nlh);\n+\t\tif (ifm->__ifi_pad || ifm->ifi_type || ifm->ifi_flags ||\n+\t\t    ifm->ifi_change) {\n+\t\t\tNL_SET_ERR_MSG(extack, \"Invalid values in header for link dump request\");\n+\t\t\treturn -EINVAL;\n+\t\t}\n+\t\tif (ifm->ifi_index) {\n+\t\t\tNL_SET_ERR_MSG(extack, \"Filter by device index not supported for link dumps\");\n+\t\t\treturn -EINVAL;\n+\t\t}\n+\n+\t\treturn nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFLA_MAX,\n+\t\t\t\t\t  ifla_policy, extack);\n+\t}\n+\n+\t/* A hack to preserve kernel<->userspace interface.\n+\t * The correct header is ifinfomsg. It is consistent with rtnl_getlink.\n+\t * However, before Linux v3.9 the code here assumed rtgenmsg and that's\n+\t * what iproute2 < v3.9.0 used.\n+\t * We can detect the old iproute2. Even including the IFLA_EXT_MASK\n+\t * attribute, its netlink message is shorter than struct ifinfomsg.\n+\t */\n+\thdrlen = nlmsg_len(nlh) < sizeof(struct ifinfomsg) ?\n+\t\t sizeof(struct rtgenmsg) : sizeof(struct ifinfomsg);\n+\n+\treturn nlmsg_parse(nlh, hdrlen, tb, IFLA_MAX, ifla_policy, extack);\n+}\n+\n static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)\n {\n+\tstruct netlink_ext_ack *extack = cb->extack;\n+\tconst struct nlmsghdr *nlh = cb->nlh;\n \tstruct net *net = sock_net(skb->sk);\n \tstruct net *tgt_net = net;\n \tint h, s_h;\n@@ -1892,44 +1936,54 @@ static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)\n \tunsigned int flags = NLM_F_MULTI;\n \tint master_idx = 0;\n \tint netnsid = -1;\n-\tint err;\n-\tint hdrlen;\n+\tint err, i;\n \n \ts_h = cb->args[0];\n \ts_idx = cb->args[1];\n \n-\t/* A hack to preserve kernel<->userspace interface.\n-\t * The correct header is ifinfomsg. It is consistent with rtnl_getlink.\n-\t * However, before Linux v3.9 the code here assumed rtgenmsg and that's\n-\t * what iproute2 < v3.9.0 used.\n-\t * We can detect the old iproute2. Even including the IFLA_EXT_MASK\n-\t * attribute, its netlink message is shorter than struct ifinfomsg.\n-\t */\n-\thdrlen = nlmsg_len(cb->nlh) < sizeof(struct ifinfomsg) ?\n-\t\t sizeof(struct rtgenmsg) : sizeof(struct ifinfomsg);\n+\terr = rtnl_valid_dump_ifinfo_req(nlh, cb->strict_check, tb, extack);\n+\tif (err < 0) {\n+\t\tif (cb->strict_check)\n+\t\t\treturn err;\n+\n+\t\tgoto walk_entries;\n+\t}\n+\n+\tfor (i = 0; i <= IFLA_MAX; ++i) {\n+\t\tif (!tb[i])\n+\t\t\tcontinue;\n \n-\tif (nlmsg_parse(cb->nlh, hdrlen, tb, IFLA_MAX,\n-\t\t\tifla_policy, cb->extack) >= 0) {\n-\t\tif (tb[IFLA_TARGET_NETNSID]) {\n-\t\t\tnetnsid = nla_get_s32(tb[IFLA_TARGET_NETNSID]);\n+\t\t/* new attributes should only be added with strict checking */\n+\t\tswitch (i) {\n+\t\tcase IFLA_TARGET_NETNSID:\n+\t\t\tnetnsid = nla_get_s32(tb[i]);\n \t\t\ttgt_net = rtnl_get_net_ns_capable(skb->sk, netnsid);\n-\t\t\tif (IS_ERR(tgt_net))\n+\t\t\tif (IS_ERR(tgt_net)) {\n+\t\t\t\tNL_SET_ERR_MSG(extack, \"Invalid target network namespace id\");\n \t\t\t\treturn PTR_ERR(tgt_net);\n+\t\t\t}\n+\t\t\tbreak;\n+\t\tcase IFLA_EXT_MASK:\n+\t\t\text_filter_mask = nla_get_u32(tb[i]);\n+\t\t\tbreak;\n+\t\tcase IFLA_MASTER:\n+\t\t\tmaster_idx = nla_get_u32(tb[i]);\n+\t\t\tbreak;\n+\t\tcase IFLA_LINKINFO:\n+\t\t\tkind_ops = linkinfo_to_kind_ops(tb[i]);\n+\t\t\tbreak;\n+\t\tdefault:\n+\t\t\tif (cb->strict_check) {\n+\t\t\t\tNL_SET_ERR_MSG(extack, \"Unsupported attribute in link dump request\");\n+\t\t\t\treturn -EINVAL;\n+\t\t\t}\n \t\t}\n-\n-\t\tif (tb[IFLA_EXT_MASK])\n-\t\t\text_filter_mask = nla_get_u32(tb[IFLA_EXT_MASK]);\n-\n-\t\tif (tb[IFLA_MASTER])\n-\t\t\tmaster_idx = nla_get_u32(tb[IFLA_MASTER]);\n-\n-\t\tif (tb[IFLA_LINKINFO])\n-\t\t\tkind_ops = linkinfo_to_kind_ops(tb[IFLA_LINKINFO]);\n-\n-\t\tif (master_idx || kind_ops)\n-\t\t\tflags |= NLM_F_DUMP_FILTERED;\n \t}\n \n+\tif (master_idx || kind_ops)\n+\t\tflags |= NLM_F_DUMP_FILTERED;\n+\n+walk_entries:\n \tfor (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {\n \t\tidx = 0;\n \t\thead = &tgt_net->dev_index_head[h];\n@@ -1941,8 +1995,7 @@ static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)\n \t\t\terr = rtnl_fill_ifinfo(skb, dev, net,\n \t\t\t\t\t       RTM_NEWLINK,\n \t\t\t\t\t       NETLINK_CB(cb->skb).portid,\n-\t\t\t\t\t       cb->nlh->nlmsg_seq, 0,\n-\t\t\t\t\t       flags,\n+\t\t\t\t\t       nlh->nlmsg_seq, 0, flags,\n \t\t\t\t\t       ext_filter_mask, 0, NULL, 0,\n \t\t\t\t\t       netnsid);\n \n",
    "prefixes": [
        "v2",
        "net-next",
        "09/23"
    ]
}