Re: [PATCH] net: vrf: correct FRA_L3MDEV encode type

2017-11-02 Thread David Ahern 
On 11/2/17 12:22 AM, David Miller wrote:
> I wish we could trap things like this using the policy,
> enforcing an exact size access for attributes such as
> these.


From feae5aa9dd7a26b7fbf33582738c7c89f068d81b Mon Sep 17 00:00:00 2001
From: David Ahern 
Date: Thu, 2 Nov 2017 12:18:02 -0700
Subject: [PATCH net-next] net: netlink: Update attr validation to require
 exact length for some types

Attributes using NLA_U* and NLA_S* (where * is 8, 16,32 and 64) are
expected to be an exact length. Spliti these data types from
nla_attr_minlen into nla_attr_len and update validate_nla to require
the attribute to have exact length for them.

Signed-off-by: David Ahern 
---
 lib/nlattr.c | 17 ++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/lib/nlattr.c b/lib/nlattr.c
index 927c2f19f119..b5e360e7dfc8 100644
--- a/lib/nlattr.c
+++ b/lib/nlattr.c
@@ -14,19 +14,23 @@
 #include 
 #include 
 
-static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
+/* for these data types attribute length must be exactly given size */
+static const u8 nla_attr_len[NLA_TYPE_MAX+1] = {
[NLA_U8]= sizeof(u8),
[NLA_U16]   = sizeof(u16),
[NLA_U32]   = sizeof(u32),
[NLA_U64]   = sizeof(u64),
-   [NLA_MSECS] = sizeof(u64),
-   [NLA_NESTED]= NLA_HDRLEN,
[NLA_S8]= sizeof(s8),
[NLA_S16]   = sizeof(s16),
[NLA_S32]   = sizeof(s32),
[NLA_S64]   = sizeof(s64),
 };
 
+static const u8 nla_attr_minlen[NLA_TYPE_MAX+1] = {
+   [NLA_MSECS] = sizeof(u64),
+   [NLA_NESTED]= NLA_HDRLEN,
+};
+
 static int validate_nla_bitfield32(const struct nlattr *nla,
   u32 *valid_flags_allowed)
 {
@@ -64,6 +68,13 @@ static int validate_nla(const struct nlattr *nla, int 
maxtype,
 
BUG_ON(pt->type > NLA_TYPE_MAX);
 
+   /* for data types NLA_U* and NLA_S* require exact length */
+   if (nla_attr_len[pt->type]) {
+   if (attrlen != nla_attr_len[pt->type])
+   return -ERANGE;
+   return 0;
+   }
+
switch (pt->type) {
case NLA_FLAG:
if (attrlen > 0)
-- 
2.13.5 (Apple Git-94)

Re: [PATCH] net: vrf: correct FRA_L3MDEV encode type

2017-11-02 Thread David Miller 
From: Jeff Barnhill <0xeff...@gmail.com>
Date: Wed,  1 Nov 2017 14:58:09 +

> FRA_L3MDEV is defined as U8, but is being added as a U32 attribute. On
> big endian architecture, this results in the l3mdev entry not being
> added to the FIB rules.
> 
> Fixes: 1aa6c4f6b8cd8 ("net: vrf: Add l3mdev rules on first device create")
> Signed-off-by: Jeff Barnhill <0xeff...@gmail.com>

Applied and queued up for -stable, thank you.

I wish we could trap things like this using the policy,
enforcing an exact size access for attributes such as
these.

Thanks again.

Re: [PATCH] net: vrf: correct FRA_L3MDEV encode type

2017-11-01 Thread David Ahern 
On 11/1/17 8:58 AM, Jeff Barnhill wrote:
> FRA_L3MDEV is defined as U8, but is being added as a U32 attribute. On
> big endian architecture, this results in the l3mdev entry not being
> added to the FIB rules.
> 
> Fixes: 1aa6c4f6b8cd8 ("net: vrf: Add l3mdev rules on first device create")
> Signed-off-by: Jeff Barnhill <0xeff...@gmail.com>
> ---
>  drivers/net/vrf.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c
> index 9b243e6f3008..7dc3bcac3506 100644
> --- a/drivers/net/vrf.c
> +++ b/drivers/net/vrf.c
> @@ -1165,7 +1165,7 @@ static int vrf_fib_rule(const struct net_device *dev, 
> __u8 family, bool add_it)
>   frh->family = family;
>   frh->action = FR_ACT_TO_TBL;
>  
> - if (nla_put_u32(skb, FRA_L3MDEV, 1))
> + if (nla_put_u8(skb, FRA_L3MDEV, 1))
>   goto nla_put_failure;
>  
>   if (nla_put_u32(skb, FRA_PRIORITY, FIB_RULE_PREF))
> 

Acked-by: David Ahern

[PATCH] net: vrf: correct FRA_L3MDEV encode type

2017-11-01 Thread Jeff Barnhill 
FRA_L3MDEV is defined as U8, but is being added as a U32 attribute. On
big endian architecture, this results in the l3mdev entry not being
added to the FIB rules.

Fixes: 1aa6c4f6b8cd8 ("net: vrf: Add l3mdev rules on first device create")
Signed-off-by: Jeff Barnhill <0xeff...@gmail.com>
---
 drivers/net/vrf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c
index 9b243e6f3008..7dc3bcac3506 100644
--- a/drivers/net/vrf.c
+++ b/drivers/net/vrf.c
@@ -1165,7 +1165,7 @@ static int vrf_fib_rule(const struct net_device *dev, 
__u8 family, bool add_it)
frh->family = family;
frh->action = FR_ACT_TO_TBL;
 
-   if (nla_put_u32(skb, FRA_L3MDEV, 1))
+   if (nla_put_u8(skb, FRA_L3MDEV, 1))
goto nla_put_failure;
 
if (nla_put_u32(skb, FRA_PRIORITY, FIB_RULE_PREF))
-- 
2.14.1

Re: [PATCH] net: vrf: correct FRA_L3MDEV encode type

2017-10-31 Thread David Miller 
From: Jeff Barnhill <0xeff...@gmail.com>
Date: Wed,  1 Nov 2017 01:24:14 +

> FRA_L3MDEV is defined as U8, but is being added as a U32 attribute. On
> big endian architecture, this results in the l3mdev entry not being
> added to the FIB rules.
> 
> Fixes: 1aa6c4f6b8cd8 ("net: vrf: Add l3mdev rules on first device create")

Please resubmit this with a proper "Signed-off-by: " tag, thank you.

[PATCH] net: vrf: correct FRA_L3MDEV encode type

2017-10-31 Thread Jeff Barnhill 
FRA_L3MDEV is defined as U8, but is being added as a U32 attribute. On
big endian architecture, this results in the l3mdev entry not being
added to the FIB rules.

Fixes: 1aa6c4f6b8cd8 ("net: vrf: Add l3mdev rules on first device create")
---
 drivers/net/vrf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c
index 9b243e6f3008..7dc3bcac3506 100644
--- a/drivers/net/vrf.c
+++ b/drivers/net/vrf.c
@@ -1165,7 +1165,7 @@ static int vrf_fib_rule(const struct net_device *dev, 
__u8 family, bool add_it)
frh->family = family;
frh->action = FR_ACT_TO_TBL;
 
-   if (nla_put_u32(skb, FRA_L3MDEV, 1))
+   if (nla_put_u8(skb, FRA_L3MDEV, 1))
goto nla_put_failure;
 
if (nla_put_u32(skb, FRA_PRIORITY, FIB_RULE_PREF))
-- 
2.14.1