Minor follow-up series to address prior feedback from David and Jakub. Patch 1 adds a build time assertion to prevent overflows when shifting in extended flags, patch 2 is a cleanup to use NLA_POLICY_MASK instead of open-coding invalid flags rejection and patch 3 rejects creating new neighbors with NUD_PERMANENT & NTF_MANAGED. For details, see individual patches. Will push out iproute2 series after that. Thanks! Daniel Borkmann (3): net, neigh: Add build-time assertion to avoid neigh->flags overflow net, neigh: Use NLA_POLICY_MASK helper for NDA_FLAGS_EXT attribute net, neigh: Reject creating NUD_PERMANENT with NTF_MANAGED entries net/core/neighbour.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) -- 2.27.0
