Michael S. Tsirkin
2023-Jul-24 20:08 UTC
[PATCH v1] vdpa: Complement vdpa_nl_policy for nlattr length check
On Mon, Jul 24, 2023 at 11:42:42AM +0000, Dragos Tatulea wrote:> On Mon, 2023-07-24 at 05:16 -0400, Michael S. Tsirkin wrote: > > On Mon, Jul 24, 2023 at 08:38:04AM +0000, Dragos Tatulea wrote: > > > > > > On Mon, 2023-07-24 at 15:11 +0800, Jason Wang wrote: > > > > On Sun, Jul 23, 2023 at 6:02?PM Michael S. Tsirkin <mst at redhat.com> wrote: > > > > > > > > > > On Sun, Jul 23, 2023 at 05:48:46PM +0800, Lin Ma wrote: > > > > > > > > > > > > > Sure, that is another undergoing task I'm working on. If the nlattr > > > > > > > is > > > > > > > parsed with > > > > > > > NL_VALIDATE_UNSPEC, any forgotten nlattr will be rejected, therefore > > > > > > > (which is the default > > > > > > > for modern nla_parse). > > > > > > > > > > > > For the general netlink interface, the deciding flag should be > > > > > > genl_ops.validate defined in > > > > > > each ops. The default validate flag is strict, while the developer can > > > > > > overwrite the flag > > > > > > with GENL_DONT_VALIDATE_STRICT to ease the validation. That is to say, > > > > > > safer code should > > > > > > enforce NL_VALIDATE_STRICT by not overwriting the validate flag. > > > > > > > > > > > > Regrads > > > > > > Lin > > > > > > > > > > > > > > > Oh I see. > > > > > > > > > > It started here: > > > > > > > > > > commit 33b347503f014ebf76257327cbc7001c6b721956 > > > > > Author: Parav Pandit <parav at nvidia.com> > > > > > Date:?? Tue Jan 5 12:32:00 2021 +0200 > > > > > > > > > > ??? vdpa: Define vdpa mgmt device, ops and a netlink interface > > > > > > > > > > which did: > > > > > > > > > > +?????????????? .validate = GENL_DONT_VALIDATE_STRICT | > > > > > GENL_DONT_VALIDATE_DUMP, > > > > > > > > > > > > > > > which was most likely just a copy paste from somewhere, right Parav? > > > > > > > > > > and then everyone kept copying this around. > > > > > > > > > > Parav, Eli can we drop these? There's a tiny chance of breaking > > > > > something > > > > > but I feel there aren't that many users outside mlx5 yet, so if you > > > > > guys can test on mlx5 and confirm no breakage, I think we are good. > > > > > > > > Adding Dragos. > > > > > > > I will check. Just to make sure I understand correctly: you want me to drop > > > the > > > .validate flags all together in all vdpa ops and check, right? > > > > > > Thanks, > > > Dragos > > > > yes - I suspect you will then need this patch to make things work. > > > Yep. Adding the patch and removing the .validate config on the vdpa_nl_ops > seems to work just fine. > > Thanks, > DragosOK, post a patch? -- MST
Dragos Tatulea
2023-Jul-25 08:26 UTC
[PATCH v1] vdpa: Complement vdpa_nl_policy for nlattr length check
On Mon, 2023-07-24 at 16:08 -0400, Michael S. Tsirkin wrote:> On Mon, Jul 24, 2023 at 11:42:42AM +0000, Dragos Tatulea wrote: > > On Mon, 2023-07-24 at 05:16 -0400, Michael S. Tsirkin wrote: > > > On Mon, Jul 24, 2023 at 08:38:04AM +0000, Dragos Tatulea wrote: > > > > > > > > On Mon, 2023-07-24 at 15:11 +0800, Jason Wang wrote: > > > > > On Sun, Jul 23, 2023 at 6:02?PM Michael S. Tsirkin <mst at redhat.com> > > > > > wrote: > > > > > > > > > > > > On Sun, Jul 23, 2023 at 05:48:46PM +0800, Lin Ma wrote: > > > > > > > > > > > > > > > Sure, that is another undergoing task I'm working on. If the > > > > > > > > nlattr > > > > > > > > is > > > > > > > > parsed with > > > > > > > > NL_VALIDATE_UNSPEC, any forgotten nlattr will be rejected, > > > > > > > > therefore > > > > > > > > (which is the default > > > > > > > > for modern nla_parse). > > > > > > > > > > > > > > For the general netlink interface, the deciding flag should be > > > > > > > genl_ops.validate defined in > > > > > > > each ops. The default validate flag is strict, while the developer > > > > > > > can > > > > > > > overwrite the flag > > > > > > > with GENL_DONT_VALIDATE_STRICT to ease the validation. That is to > > > > > > > say, > > > > > > > safer code should > > > > > > > enforce NL_VALIDATE_STRICT by not overwriting the validate flag. > > > > > > > > > > > > > > Regrads > > > > > > > Lin > > > > > > > > > > > > > > > > > > Oh I see. > > > > > > > > > > > > It started here: > > > > > > > > > > > > commit 33b347503f014ebf76257327cbc7001c6b721956 > > > > > > Author: Parav Pandit <parav at nvidia.com> > > > > > > Date:?? Tue Jan 5 12:32:00 2021 +0200 > > > > > > > > > > > > ??? vdpa: Define vdpa mgmt device, ops and a netlink interface > > > > > > > > > > > > which did: > > > > > > > > > > > > +?????????????? .validate = GENL_DONT_VALIDATE_STRICT | > > > > > > GENL_DONT_VALIDATE_DUMP, > > > > > > > > > > > > > > > > > > which was most likely just a copy paste from somewhere, right Parav? > > > > > > > > > > > > and then everyone kept copying this around. > > > > > > > > > > > > Parav, Eli can we drop these? There's a tiny chance of breaking > > > > > > something > > > > > > but I feel there aren't that many users outside mlx5 yet, so if you > > > > > > guys can test on mlx5 and confirm no breakage, I think we are good. > > > > > > > > > > Adding Dragos. > > > > > > > > > I will check. Just to make sure I understand correctly: you want me to > > > > drop > > > > the > > > > .validate flags all together in all vdpa ops and check, right? > > > > > > > > Thanks, > > > > Dragos > > > > > > yes - I suspect you will then need this patch to make things work. > > > > > Yep. Adding the patch and removing the .validate config on the vdpa_nl_ops > > seems to work just fine. > > > > Thanks, > > Dragos > > OK, post a patch? >Sure, but how do I make it depend on this patch? Otherwise it will break things. Thanks, Dragos