mbox series

[net-next,0/2] netlink: add range checks for network byte integers

Message ID 20220905100937.11459-1-fw@strlen.de (mailing list archive)
Headers show
Series netlink: add range checks for network byte integers | expand

Message

Florian Westphal Sept. 5, 2022, 10:09 a.m. UTC 
NLA_POLICY_MAX() can be used to let netlink core validate that the given
integer attribute is within the given min-max interval.

Add NLA_POLICY_MAX_BE to allow similar range check on unsigned integers
when those are in network byte order (big endian).

First patch adds the netlink change, second patch adds one user.

Florian Westphal (2):
  netlink: introduce NLA_POLICY_MAX_BE
  netfilter: nft_payload: reject out-of-range attributes via policy

 include/net/netlink.h       |  9 +++++++++
 lib/nlattr.c                | 31 +++++++++++++++++++++++++++----
 net/netfilter/nft_payload.c |  6 +++---
 3 files changed, 39 insertions(+), 7 deletions(-)

Comments

patchwork-bot+netdevbpf@kernel.org Sept. 7, 2022, 11:40 a.m. UTC | #1 
Hello:

This series was applied to netdev/net-next.git (master)
by David S. Miller <davem@davemloft.net>:

On Mon,  5 Sep 2022 12:09:35 +0200 you wrote:
> NLA_POLICY_MAX() can be used to let netlink core validate that the given
> integer attribute is within the given min-max interval.
> 
> Add NLA_POLICY_MAX_BE to allow similar range check on unsigned integers
> when those are in network byte order (big endian).
> 
> First patch adds the netlink change, second patch adds one user.
> 
> [...]

Here is the summary with links:
  - [net-next,1/2] netlink: introduce NLA_POLICY_MAX_BE
    https://git.kernel.org/netdev/net-next/c/08724ef69907
  - [net-next,2/2] netfilter: nft_payload: reject out-of-range attributes via policy
    https://git.kernel.org/netdev/net-next/c/e7af210e6dd0

You are awesome, thank you!