On 17/12/2023 10:32, Ido Schimmel wrote:
For MDB bulk delete we will need to validate 'MDBA_SET_ENTRY' differently compared to regular delete. Specifically, allow the ifindex to be zero (in case not filtering on bridge port) and force the address to be zero as bulk delete based on address is not supported. Do that by introducing a new policy and choosing the correct policy based on the presence of the 'NLM_F_BULK' flag in the netlink message header. Use nlmsg_parse() for strict validation. Signed-off-by: Ido Schimmel <idosch@xxxxxxxxxx> Reviewed-by: Petr Machata <petrm@xxxxxxxxxx> --- net/core/rtnetlink.c | 51 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 49 insertions(+), 2 deletions(-)
Acked-by: Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>