[PATCH 47/74] backport: implement NLA_POLICY_RANGE for NLA_BINARY

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Luca Coelho <luciano.coelho@xxxxxxxxx>

The range checks for NLA_BINARY are supported since v5.10.  Unwrap the
macros and introduce a new function to test type.

Signed-off-by: Luca Coelho <luciano.coelho@xxxxxxxxx>
Signed-off-by: Johannes Berg <johannes.berg@xxxxxxxxx>
---
 backport/backport-include/net/netlink.h    | 31 +++++++++++++++++++---
 patches/0097-nla_policy_binary_range.cocci |  5 ++++
 2 files changed, 32 insertions(+), 4 deletions(-)
 create mode 100644 patches/0097-nla_policy_binary_range.cocci

diff --git a/backport/backport-include/net/netlink.h b/backport/backport-include/net/netlink.h
index ad5882347440..7192153b860c 100644
--- a/backport/backport-include/net/netlink.h
+++ b/backport/backport-include/net/netlink.h
@@ -346,10 +346,33 @@ enum nla_policy_validation {
 }
 #endif /* < 4.20 */
 
-#ifndef NLA_POLICY_MIN_LEN
-#define NLA_POLICY_MIN_LEN(_len) {		\
-	.type = NLA_BINARY			\
+#if LINUX_VERSION_IS_LESS(5,10,0)
+// pre-declare all the minimum lengths in use
+#define MIN_LEN_VALIDATION(n)						\
+static inline								\
+int nla_validate_min_len_##n(const struct nlattr *attr,			\
+			     struct netlink_ext_ack *extack)		\
+{									\
+	if (nla_len(attr) < n)						\
+		return -EINVAL;						\
+	return 0;							\
 }
-#endif
+
+MIN_LEN_VALIDATION(2)
+MIN_LEN_VALIDATION(16)
+MIN_LEN_VALIDATION(42)
+
+// double-expansion to expand _min to the actual value
+#define NLA_POLICY_BINARY_RANGE(_min, _max) _NLA_POLICY_BINARY_RANGE(_min, _max)
+#define _NLA_POLICY_BINARY_RANGE(_min, _max)		\
+{							\
+	.type = NLA_BINARY,				\
+	.len = _max,					\
+	.validation_type = NLA_VALIDATE_FUNCTION,	\
+	.validate = nla_validate_min_len_ ## _min,	\
+}
+#else
+#define NLA_POLICY_BINARY_RANGE(_min, _max) NLA_POLICY_RANGE(NLA_BINARY, _min, _max)
+#endif /* < 5.10 */
 
 #endif /* __BACKPORT_NET_NETLINK_H */
diff --git a/patches/0097-nla_policy_binary_range.cocci b/patches/0097-nla_policy_binary_range.cocci
new file mode 100644
index 000000000000..cb3b8be52b51
--- /dev/null
+++ b/patches/0097-nla_policy_binary_range.cocci
@@ -0,0 +1,5 @@
+@@
+expression MIN, MAX;
+@@
+-NLA_POLICY_RANGE(NLA_BINARY, MIN, MAX)
++NLA_POLICY_BINARY_RANGE(MIN, MAX)
-- 
2.45.1





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux