Jason Wang
2023-Jul-24 07:11 UTC
[PATCH v1] vdpa: Complement vdpa_nl_policy for nlattr length check
On Sun, Jul 23, 2023 at 6:02?PM Michael S. Tsirkin <mst at redhat.com> wrote:> > On Sun, Jul 23, 2023 at 05:48:46PM +0800, Lin Ma wrote: > > > > > Sure, that is another undergoing task I'm working on. If the nlattr is parsed with > > > NL_VALIDATE_UNSPEC, any forgotten nlattr will be rejected, therefore (which is the default > > > for modern nla_parse). > > > > For the general netlink interface, the deciding flag should be genl_ops.validate defined in > > each ops. The default validate flag is strict, while the developer can overwrite the flag > > with GENL_DONT_VALIDATE_STRICT to ease the validation. That is to say, safer code should > > enforce NL_VALIDATE_STRICT by not overwriting the validate flag. > > > > Regrads > > Lin > > > Oh I see. > > It started here: > > commit 33b347503f014ebf76257327cbc7001c6b721956 > Author: Parav Pandit <parav at nvidia.com> > Date: Tue Jan 5 12:32:00 2021 +0200 > > vdpa: Define vdpa mgmt device, ops and a netlink interface > > which did: > > + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, > > > which was most likely just a copy paste from somewhere, right Parav? > > and then everyone kept copying this around. > > Parav, Eli can we drop these? There's a tiny chance of breaking something > but I feel there aren't that many users outside mlx5 yet, so if you > guys can test on mlx5 and confirm no breakage, I think we are good.Adding Dragos. Thanks> > -- > MST >
Dragos Tatulea
2023-Jul-24 08:38 UTC
[PATCH v1] vdpa: Complement vdpa_nl_policy for nlattr length check
On Mon, 2023-07-24 at 15:11 +0800, Jason Wang wrote:> On Sun, Jul 23, 2023 at 6:02?PM Michael S. Tsirkin <mst at redhat.com> wrote: > > > > On Sun, Jul 23, 2023 at 05:48:46PM +0800, Lin Ma wrote: > > > > > > > Sure, that is another undergoing task I'm working on. If the nlattr is > > > > parsed with > > > > NL_VALIDATE_UNSPEC, any forgotten nlattr will be rejected, therefore > > > > (which is the default > > > > for modern nla_parse). > > > > > > For the general netlink interface, the deciding flag should be > > > genl_ops.validate defined in > > > each ops. The default validate flag is strict, while the developer can > > > overwrite the flag > > > with GENL_DONT_VALIDATE_STRICT to ease the validation. That is to say, > > > safer code should > > > enforce NL_VALIDATE_STRICT by not overwriting the validate flag. > > > > > > Regrads > > > Lin > > > > > > Oh I see. > > > > It started here: > > > > commit 33b347503f014ebf76257327cbc7001c6b721956 > > Author: Parav Pandit <parav at nvidia.com> > > Date:?? Tue Jan 5 12:32:00 2021 +0200 > > > > ??? vdpa: Define vdpa mgmt device, ops and a netlink interface > > > > which did: > > > > +?????????????? .validate = GENL_DONT_VALIDATE_STRICT | > > GENL_DONT_VALIDATE_DUMP, > > > > > > which was most likely just a copy paste from somewhere, right Parav? > > > > and then everyone kept copying this around. > > > > Parav, Eli can we drop these? There's a tiny chance of breaking something > > but I feel there aren't that many users outside mlx5 yet, so if you > > guys can test on mlx5 and confirm no breakage, I think we are good. > > Adding Dragos. >I will check. Just to make sure I understand correctly: you want me to drop the .validate flags all together in all vdpa ops and check, right? Thanks, Dragos