mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-28 03:40:04 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers
History
Johannes Berg 8cb081746c netlink: make validation more configurable for future strictness 
We currently have two levels of strict validation:

 1) liberal (default)
     - undefined (type >= max) & NLA_UNSPEC attributes accepted
     - attribute length >= expected accepted
     - garbage at end of message accepted
 2) strict (opt-in)
     - NLA_UNSPEC attributes accepted
     - attribute length >= expected accepted

Split out parsing strictness into four different options:
 * TRAILING     - check that there's no trailing data after parsing
                  attributes (in message or nested)
 * MAXTYPE      - reject attrs > max known type
 * UNSPEC       - reject attributes with NLA_UNSPEC policy entries
 * STRICT_ATTRS - strictly validate attribute size

The default for future things should be *everything*.
The current *_strict() is a combination of TRAILING and MAXTYPE,
and is renamed to _deprecated_strict().
The current regular parsing has none of this, and is renamed to
*_parse_deprecated().

Additionally it allows us to selectively set one of the new flags
even on old policies. Notably, the UNSPEC flag could be useful in
this case, since it can be arranged (by filling in the policy) to
not be an incompatible userspace ABI change, but would then going
forward prevent forgetting attribute entries. Similar can apply
to the POLICY flag.

We end up with the following renames:
 * nla_parse           -> nla_parse_deprecated
 * nla_parse_strict    -> nla_parse_deprecated_strict
 * nlmsg_parse         -> nlmsg_parse_deprecated
 * nlmsg_parse_strict  -> nlmsg_parse_deprecated_strict
 * nla_parse_nested    -> nla_parse_nested_deprecated
 * nla_validate_nested -> nla_validate_nested_deprecated

Using spatch, of course:
    @@
    expression TB, MAX, HEAD, LEN, POL, EXT;
    @@
    -nla_parse(TB, MAX, HEAD, LEN, POL, EXT)
    +nla_parse_deprecated(TB, MAX, HEAD, LEN, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse_strict(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated_strict(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression TB, MAX, NLA, POL, EXT;
    @@
    -nla_parse_nested(TB, MAX, NLA, POL, EXT)
    +nla_parse_nested_deprecated(TB, MAX, NLA, POL, EXT)

    @@
    expression START, MAX, POL, EXT;
    @@
    -nla_validate_nested(START, MAX, POL, EXT)
    +nla_validate_nested_deprecated(START, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, MAX, POL, EXT;
    @@
    -nlmsg_validate(NLH, HDRLEN, MAX, POL, EXT)
    +nlmsg_validate_deprecated(NLH, HDRLEN, MAX, POL, EXT)

For this patch, don't actually add the strict, non-renamed versions
yet so that it breaks compile if I get it wrong.

Also, while at it, make nla_validate and nla_parse go down to a
common __nla_validate_parse() function to avoid code duplication.

Ultimately, this allows us to have very strict validation for every
new caller of nla_parse()/nlmsg_parse() etc as re-introduced in the
next patch, while existing things will continue to work as is.

In effect then, this adds fully strict validation for any new command.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-04-27 17:07:21 -04:00
..
accessibility
acpi libnvdimm fixes v5.1-rc6 2019-04-15 16:48:51 -07:00
amba ARM: 8836/1: drivers: amba: Update component matching to use the CoreSight UCI values. 2019-02-26 11:23:49 +00:00
android binder: fix race between munmap() and direct reclaim 2019-03-21 06:51:32 +01:00
ata libata: fix using DMA buffers on stack 2019-03-28 08:16:04 -06:00
atm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-04-25 23:52:29 -04:00
auxdisplay auxdisplay: charlcd: make backlight initial state configurable 2019-03-17 08:48:45 +01:00
base mm/memory_hotplug: do not unlock after failing to take the device_hotplug_lock 2019-04-19 09:46:04 -07:00
bcma
block netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
bluetooth Bluetooth: hci_qca: Fix crash with non-serdev devices 2019-04-23 21:38:06 +02:00
bus ARM: SoC driver updates for 5.1 2019-03-06 09:41:12 -08:00
cdrom cdrom: Fix race condition in cdrom_sysctl_register 2019-02-08 06:46:59 -07:00
char ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier 2019-04-17 10:29:27 -05:00
clk clk: imx: Fix PLL_1416X not rounding rates 2019-04-12 14:21:43 -07:00
clocksource clocksource/drivers/timer-ti-dm: Remove omap_dm_timer_set_load_start 2019-04-16 14:26:54 +02:00
connector connector: fix unsafe usage of ->real_parent 2019-03-08 15:06:38 -08:00
cpufreq cpufreq/intel_pstate: Load only on Intel hardware 2019-04-01 23:39:23 +02:00
cpuidle cpuidle: governor: Add new governors to cpuidle_governors again 2019-03-12 23:46:55 +01:00
crypto crypto: caam - fix copy of next buffer for xcbc and cmac 2019-03-28 13:54:32 +08:00
dax device-dax for 5.1 2019-03-16 13:05:32 -07:00
dca
devfreq
dio
dma dmaengine: stm32-mdma: Revert "dmaengine: stm32-mdma: Add a check on read_u32_array" 2019-03-25 21:56:54 +05:30
dma-buf
edac Merge branch 'ras-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-03-08 09:11:39 -08:00
eisa
extcon extcon: ptn5150: fix COMPILE_TEST dependencies 2019-04-05 10:08:37 +09:00
firewire
firmware memblock: drop memblock_alloc_*_nopanic() variants 2019-03-12 10:04:02 -07:00
fmc
fpga Merge 5.0-rc6 into char-misc-next 2019-02-11 09:05:58 +01:00
fsi
gnss gnss: add driver for mediatek receivers 2019-02-15 16:54:38 +01:00
gpio gpio fixes for v5.1-rc3 2019-03-29 03:04:47 +01:00
gpu Revert "drm/virtio: drop prime import/export callbacks" 2019-04-24 10:52:52 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2019-04-19 10:28:27 -07:00
hsi HSI: omap_ssi_port: fix debugfs_simple_attr.cocci warnings 2019-02-14 12:36:21 +01:00
hv Char/Misc driver patches for 5.1-rc1 2019-03-06 14:18:59 -08:00
hwmon hwmon: (ntc_thermistor) Fix temperature type reporting 2019-03-29 09:51:44 -07:00
hwspinlock
hwtracing ARM updates for 5.1-rc1 2019-03-15 14:37:46 -07:00
i2c i2c: imx: don't leak the i2c adapter on error 2019-04-06 17:54:28 +02:00
i3c i3c: dw: Fix dw_i3c_master_disable controller by using correct mask 2019-04-10 12:46:20 +02:00
ide Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/ide 2019-03-11 09:34:00 -07:00
idle intel_idle: add support for Jacobsville 2019-02-15 10:49:14 +01:00
iio iio: core: fix a possible circular locking dependency 2019-03-31 11:11:31 +01:00
infiniband netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2019-04-19 10:28:27 -07:00
interconnect
iommu iommu/amd: Set exclusion range correctly 2019-04-12 12:59:45 +02:00
ipack
irqchip A couple more MIPS fixes: 2019-04-22 11:54:47 -07:00
isdn isdn:mISDN: fix misuse of %x in hfcpci.c 2019-04-23 18:33:30 -07:00
leds leds: trigger: netdev: use memcpy in device_name_store 2019-03-30 19:09:32 +01:00
lightnvm lightnvm: pblk: fix crash in pblk_end_partial_read due to multipage bvecs 2019-04-10 12:17:01 -06:00
macintosh treewide: add checks for the return value of memblock_alloc*() 2019-03-12 10:04:02 -07:00
mailbox mailbox: imx: keep MU irq working during suspend/resume 2019-03-11 02:51:43 -05:00
mcb
md dm integrity: fix deadlock with overlapping I/O 2019-04-05 18:49:08 -04:00
media bpf: add map helper functions push, pop, peek in more BPF programs 2019-04-16 10:24:02 +02:00
memory
memstick
message
mfd mfd: sun6i-prcm: Allow to compile with COMPILE_TEST 2019-04-03 08:38:07 +01:00
misc misc: fastrpc: add checked value for dma_set_mask 2019-04-02 17:56:54 +02:00
mmc mmc: sdhci-omap: Don't finish_mrq() on a command error during tuning 2019-04-11 12:40:32 +02:00
mtd mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer 2019-04-05 00:39:19 +02:00
mux
net netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
nfc NFC: st95hf: remove set but not used variables 'dev, nfcddev' 2019-04-26 12:07:18 -04:00
ntb Fixes for switchtec debugability and mapping table entries, NTB 2019-03-15 14:32:59 -07:00
nubus
nvdimm libnvdimm/pmem: fix a possible OOB access when read and write pmem 2019-04-07 14:36:04 -07:00
nvme nvmet: fix discover log page when offsets are used 2019-04-11 17:28:30 +02:00
nvmem Char/Misc driver patches for 5.1-rc1 2019-03-06 14:18:59 -08:00
of of_net: Fix residues after of_get_nvmem_mac_address removal 2019-04-19 11:58:30 -07:00
opp PM / OPP: Update performance state when freq == old_freq 2019-03-12 09:45:56 +01:00
oprofile
parisc Revert: parisc: Use F_EXTEND() macro in iosapic code 2019-04-06 19:07:55 +02:00
parport Revert "parport: daisy: use new parport device model" 2019-03-25 14:49:00 -07:00
pci PCI: pciehp: Ignore Link State Changes after powering off a slot 2019-04-10 16:06:43 -05:00
pcmcia
perf arm64 updates for 5.1: 2019-03-10 10:17:23 -07:00
phy phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs 2019-03-26 16:48:55 +09:00
pinctrl This is the bulk of pin control changes for the v5.1 kernel cycle. 2019-03-11 11:12:50 -07:00
platform Here's more than a handful of clk driver fixes for changes that came in 2019-04-13 14:33:56 -07:00
pnp ACPI/ACPICA: Trivial: fix spelling mistakes and fix whitespace formatting 2019-02-24 21:12:01 +01:00
power drivers: power: supply: goldfish_battery: Fix bogus SPDX identifier 2019-04-15 11:16:31 +02:00
powercap powercap/intel_rapl: add Ice Lake mobile 2019-02-18 11:31:39 +01:00
pps
ps3
ptp Merge branch 'timers-2038-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-03-05 14:08:26 -08:00
pwm pwm: atmel: Remove useless symbolic definitions 2019-03-04 12:52:49 +01:00
rapidio rapidio/mport_cdev: mark expected switch fall-through 2019-03-07 18:32:02 -08:00
ras
regulator regulator: mc13xxx: Constify regulator_ops variables 2019-03-04 00:01:08 +00:00
remoteproc remoteproc updates for v5.1 2019-03-14 09:00:06 -07:00
reset reset: meson-audio-arb: Fix missing .owner setting of reset_controller_dev 2019-03-25 16:22:10 +01:00
rpmsg rpmsg: virtio: change header file sort style 2019-02-20 21:15:54 -08:00
rtc rtc: da9063: set uie_unsupported when relevant 2019-04-02 23:33:09 +02:00
s390 s390/qeth: trust non-IP cast type in qeth_l3_fill_header() 2019-04-26 11:14:06 -04:00
sbus
scsi SCSI fixes on 20190420 2019-04-20 12:52:23 -07:00
sfi
sh
siox
slimbus
sn
soc This pull request brings in a build fix for arm64 with bcm2835 2019-03-18 10:31:24 -07:00
soundwire
spi pci-v5.1-changes 2019-03-09 14:57:08 -08:00
spmi spmi: pmic-arb: select IRQ_DOMAIN_HIERARCHY in Kconfig 2019-02-14 09:14:50 +01:00
ssb
staging Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-04-25 23:52:29 -04:00
target Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-03-27 17:37:58 -07:00
tc
tee ARM: SoC driver updates for 5.1 2019-03-06 09:41:12 -08:00
thermal Merge branches 'fixes' and 'thermal-intel' into next 2019-03-18 22:37:44 +08:00
thunderbolt
tty sc16is7xx: put err_spi and err_i2c into correct #ifdef 2019-04-19 14:09:23 +02:00
uio
usb USB-serial fixes for 5.1-rc3 2019-03-29 15:31:16 +01:00
uwb
vfio vfio/type1: Limit DMA mappings per container 2019-04-03 12:43:05 -06:00
vhost vhost: reject zero size iova range 2019-04-10 22:45:38 -07:00
video fbdev changes for v5.1: 2019-03-15 14:22:59 -07:00
virt virt: vbox: Implement passing requestor info to the host for VirtualBox 6.0.x 2019-03-28 01:55:18 +09:00
virtio virtio: Honour 'may_reduce_num' in vring_create_virtqueue 2019-04-08 17:05:52 -04:00
visorbus
vlynq
vme
w1
watchdog linux-watchdog 5.1-rc1 tag 2019-03-11 11:22:15 -07:00
xen xen: fixes for 5.1-rc4 2019-04-07 06:12:10 -10:00
zorro
Kconfig
Makefile IOMMU Updates for Linux v5.1 2019-03-10 12:29:52 -07:00