On 26/01/2023 19:01, Petr Machata wrote:
> Make any attributes newly-added to br_port_policy or vlan_tunnel_policy
> parsed strictly, to prevent userspace from passing garbage. Note that this
> patchset only touches the former policy. The latter was adjusted for
> completeness' sake. There do not appear to be other _deprecated calls
> with non-NULL policies.
>
> Suggested-by: Ido Schimmel <idosch@xxxxxxxxxx>
> Signed-off-by: Petr Machata <petrm@xxxxxxxxxx>
> Reviewed-by: Ido Schimmel <idosch@xxxxxxxxxx>
> ---
> net/bridge/br_netlink.c | 2 ++
> net/bridge/br_netlink_tunnel.c | 3 +++
> 2 files changed, 5 insertions(+)
>
> diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
> index 4316cc82ae17..a6133d469885 100644
> --- a/net/bridge/br_netlink.c
> +++ b/net/bridge/br_netlink.c
> @@ -858,6 +858,8 @@ static int br_afspec(struct net_bridge *br,
> }
>
> static const struct nla_policy br_port_policy[IFLA_BRPORT_MAX + 1] = {
> + [IFLA_BRPORT_UNSPEC] = { .strict_start_type =
> + IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT + 1 },
> [IFLA_BRPORT_STATE] = { .type = NLA_U8 },
> [IFLA_BRPORT_COST] = { .type = NLA_U32 },
> [IFLA_BRPORT_PRIORITY] = { .type = NLA_U16 },
> diff --git a/net/bridge/br_netlink_tunnel.c b/net/bridge/br_netlink_tunnel.c
> index 8914290c75d4..17abf092f7ca 100644
> --- a/net/bridge/br_netlink_tunnel.c
> +++ b/net/bridge/br_netlink_tunnel.c
> @@ -188,6 +188,9 @@ int br_fill_vlan_tunnel_info(struct sk_buff *skb,
> }
>
> static const struct nla_policy vlan_tunnel_policy[IFLA_BRIDGE_VLAN_TUNNEL_MAX + 1] = {
> + [IFLA_BRIDGE_VLAN_TUNNEL_UNSPEC] = {
> + .strict_start_type = IFLA_BRIDGE_VLAN_TUNNEL_FLAGS + 1
> + },
> [IFLA_BRIDGE_VLAN_TUNNEL_ID] = { .type = NLA_U32 },
> [IFLA_BRIDGE_VLAN_TUNNEL_VID] = { .type = NLA_U16 },
> [IFLA_BRIDGE_VLAN_TUNNEL_FLAGS] = { .type = NLA_U16 },
Acked-by: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>
