Re: [RFC nf-next 2/4] netfilter: nf_tables: allow loads only when register is initialized

[Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>]

On Thu, Jun 27, 2024 at 03:53:22PM +0200, Florian Westphal wrote:
> @@ -11105,8 +11107,8 @@ static int nft_validate_register_load(enum nft_registers reg, unsigned int len)
>  int nft_parse_register_load(const struct nft_ctx *ctx,
>  			    const struct nlattr *attr, u8 *sreg, u32 len)
>  {
> -	u32 reg;
> -	int err;
> +	int err, invalid_reg;
> +	u32 reg, next_register;
>  
>  	err = nft_parse_register(attr, &reg);
>  	if (err < 0)
> @@ -11116,11 +11118,36 @@ int nft_parse_register_load(const struct nft_ctx *ctx,
>  	if (err < 0)
>  		return err;
>  
> +	next_register = DIV_ROUND_UP(len, NFT_REG32_SIZE) + reg;
> +
> +	/* Can't happen: nft_validate_register_load() should have failed */
> +	if (WARN_ON_ONCE(next_register > NFT_REG32_NUM))
> +		return -EINVAL;
> +
> +	/* find first register that did not see an earlier store. */
> +	invalid_reg = find_next_zero_bit(ctx->reg_inited, NFT_REG32_NUM, reg);

Is this assuming that register allocation from userspace is done secuencially?

> +	/* invalid register within the range that we're loading from? */
> +	if (invalid_reg < next_register)
> +		return -ENODATA;
> +
>  	*sreg = reg;
>  	return 0;
>  }
>  EXPORT_SYMBOL_GPL(nft_parse_register_load);