On Thu, 2017-04-13 at 14:44 -0700, Joe Stringer wrote (something that never made it to the list, due to HTML formatting) > > I think that OVS was doing some more elaborate validation than most > users, so over time we picked up a bunch of extra parsing code that > layers on top of nla_parse(). I took a look at trying to broaden this > and make it useful to other users a while ago, but when I posted > there wasn't much interest from others on it so I just moved on. > Maybe it's about time to pick that back up. Ah, ok. I didn't realize it was actually on top of nla_parse(). Some of this does seem rather useful though, and having more expressive policy would seem very useful too - I'd love to be able to express nesting better, for example. Also, I think we should - at least with the strict checking that Jiri is proposing - think about checking the actual size, not just against a minimum. johannes
