[09/75] backport: implement NLA_POLICY_RANGE for NLA_BINARY

Message ID	20240627234808.1253337-10-hauke@hauke-m.de (mailing list archive)
State	New, archived
Headers	show Received: from mout-p-202.mailbox.org (mout-p-202.mailbox.org [80.241.56.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 02EE01A38C3 for <backports@vger.kernel.org>; Thu, 27 Jun 2024 23:48:51 +0000 (UTC) From: Hauke Mehrtens <hauke@hauke-m.de> To: backports@vger.kernel.org Cc: Luca Coelho <luciano.coelho@intel.com> Subject: [PATCH 09/75] backport: implement NLA_POLICY_RANGE for NLA_BINARY Date: Fri, 28 Jun 2024 01:46:55 +0200 Message-ID: <20240627234808.1253337-10-hauke@hauke-m.de> In-Reply-To: <20240627234808.1253337-1-hauke@hauke-m.de> References: <20240627234808.1253337-1-hauke@hauke-m.de> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	backports: Update to kernel 6.1.95 \| expand [00/75] backports: Update to kernel 6.1.95 [01/75] backports: Remove no-pointer-sign option [02/75] backports: Remove BPAUTO_REFCOUNT [03/75] backports: Remove verification backport [04/75] backports: Remove compat/memneq.c [05/75] backports: Remove mpls.h [06/75] backports: Remove driver headers [07/75] gentree: fix python quoting errors [08/75] Makefile: Generate new CPTCFG_KERNEL_ [09/75] backport: implement NLA_POLICY_RANGE for NLA_BINARY [10/75] backports: bpgit: handle copied files properly in status() [11/75] backport: add dev_sw_netstats_tx/rx_add() functions [12/75] backports: add kthread.h [13/75] backports: stub structs but remove ndo_fill_forward_path [14/75] backports: add memset_after/memset_startat [15/75] patches: add spatch to adjust to changed ethtool ringparam API [16/75] backport: update 0099-netlink-range patch to apply on v5.18-rc1 [17/75] backports: define __is_constexpr() for older kernels [18/75] backports: update mac80211-status.patch to v6.0-rc1 [19/75] backports: add linux/efi.h [20/75] backports: add eth_hw_addr_set() [21/75] backports: add module namespace support [22/75] backports: add lockdep_is_held() when needed [23/75] backports: add netif_rx() [24/75] backports: add rfkill_soft_blocked() [25/75] backports: add skb_list_del_init() [26/75] backports: add skb_get_dsfield() [27/75] backports: add NLA_POLICY_MIN_LEN() [28/75] backports: add netlink length validation for 13 [29/75] backports: add mul_u64_u64_div_u64() [30/75] backports: add thermal_zone_device_enable() [31/75] backports: add virtio_reset_device [32/75] headers: backport napi add functions [33/75] headers: backport usb_maxpacket api change [34/75] headers: add txq_trans_cond_update [35/75] headers: add __vstring and __assign_vstr [36/75] headers: backport mmc_sw_reset and mmc_hw_reset API changes [37/75] headers: add DEFINE_SIMPLE_DEV_PM_OPS [38/75] headers: backport device_get_mac_address api change [39/75] headers: add skb_tcp_all_headers [40/75] headers: backport get_random_u16, get_random_u8 [41/75] headers: backport hwrng_msleep [42/75] headers: backport napi_build_skb [43/75] patches: Refresh on 6.1.95 [44/75] headers: Add linux/soc/mediatek/mtk_wed.h [45/75] header: Add linux/platform_data/brcmnand.h [46/75] patches: Handle changed spi_driver->remove signature [47/75] headers: Handle skb_recv_datagram() signature change. [48/75] dependencies: Make MHI_BUS_EP depend on 5.19 [49/75] headere: add netif_napi_add_weight() [50/75] backports: Use compile using GNU11 [51/75] patches: Remove genl_family.resv_start_op [52/75] patches: Adapt struct msi_desc reorganization [53/75] patch: Adapt struct pcpu_sw_netstats change to u64_stats_t [54/75] patch: bcma: Fill of_node instead of fwnode on older kernel [55/75] header: Add dev_addr_mod() [56/75] backports: Add devm_bitmap_zalloc() [57/75] headr: Add empty dev_set_threaded() [58/75] header: Add empty request_partial_firmware_into_buf() [59/75] header: Add DEVICE_ATTR_ADMIN_RO [60/75] backports: Add sysfs_emit_at() [61/75] dependencies: Make CONFIG_R8188EU depend on 5.10 [62/75] header: Add linux/minmax.h [63/75] header: Add pm_runtime_resume_and_get [64/75] header: Add module.h include to firmware.h [65/75] header Add SENSOR_DEVICE_ATTR_RO [66/75] backports Add bitmap_alloc and bitmap_alloc [67/75] dependencies: Deactivate mt76 driver on kernel < 4.19 [68/75] dependencies: MAC80211_HWSIM depends on 4.19 [69/75] patches: Remove additional DMI match in brcmfmac [70/75] backports: Move usb_check_bulk_endpoints to 6.4 [71/75] backports: Add usb_check_int_endpoints() [72/75] github: Use kernel 6.1 in github action [73/75] patches: add build system workaround for pre 5.17 [74/75] headers: Add timer_delete_sync() [75/75] CI: Add gcc-12 to devcontainer

Message ID

20240627234808.1253337-10-hauke@hauke-m.de (mailing list archive)

State

New, archived

Headers

From: Hauke Mehrtens <hauke@hauke-m.de>
To: backports@vger.kernel.org
Cc: Luca Coelho <luciano.coelho@intel.com>
Subject: [PATCH 09/75] backport: implement NLA_POLICY_RANGE for NLA_BINARY
Date: Fri, 28 Jun 2024 01:46:55 +0200
Message-ID: <20240627234808.1253337-10-hauke@hauke-m.de>
In-Reply-To: <20240627234808.1253337-1-hauke@hauke-m.de>
References: <20240627234808.1253337-1-hauke@hauke-m.de>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

backports: Update to kernel 6.1.95 | expand

Commit Message

Hauke Mehrtens June 27, 2024, 11:46 p.m. UTC

From: Luca Coelho <luciano.coelho@intel.com>

The range checks for NLA_BINARY are supported since v5.10.  Unwrap the
macros and introduce a new function to test type.

type=maint
ticket=jira:WIFI-85592

Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Reviewed-on: https://git-ger-8.devtools.intel.com/gerrit/135576
---
 backport/backport-include/net/netlink.h    | 31 +++++++++++++++++++---
 patches/0097-nla_policy_binary_range.cocci |  5 ++++
 2 files changed, 32 insertions(+), 4 deletions(-)
 create mode 100644 patches/0097-nla_policy_binary_range.cocci

Comments

Johannes Berg June 28, 2024, 10:33 a.m. UTC | #1

On Fri, 2024-06-28 at 01:46 +0200, Hauke Mehrtens wrote:
> From: Luca Coelho <luciano.coelho@intel.com>
> 
> The range checks for NLA_BINARY are supported since v5.10.  Unwrap the
> macros and introduce a new function to test type.
> 
> type=maint
> ticket=jira:WIFI-85592
...
> Reviewed-on: https://git-ger-8.devtools.intel.com/gerrit/135576

Sorry, looks like I forgot to remove our internal stuff here. Maybe
remove it.

(that URL doesn't even exist internally any more!)

johannes

diff --git a/backport/backport-include/net/netlink.h b/backport/backport-include/net/netlink.h
index ad588234..7192153b 100644
--- a/backport/backport-include/net/netlink.h
+++ b/backport/backport-include/net/netlink.h
@@ -346,10 +346,33 @@  enum nla_policy_validation {
 }
 #endif /* < 4.20 */
 
-#ifndef NLA_POLICY_MIN_LEN
-#define NLA_POLICY_MIN_LEN(_len) {		\
-	.type = NLA_BINARY			\
+#if LINUX_VERSION_IS_LESS(5,10,0)
+// pre-declare all the minimum lengths in use
+#define MIN_LEN_VALIDATION(n)						\
+static inline								\
+int nla_validate_min_len_##n(const struct nlattr *attr,			\
+			     struct netlink_ext_ack *extack)		\
+{									\
+	if (nla_len(attr) < n)						\
+		return -EINVAL;						\
+	return 0;							\
 }
-#endif
+
+MIN_LEN_VALIDATION(2)
+MIN_LEN_VALIDATION(16)
+MIN_LEN_VALIDATION(42)
+
+// double-expansion to expand _min to the actual value
+#define NLA_POLICY_BINARY_RANGE(_min, _max) _NLA_POLICY_BINARY_RANGE(_min, _max)
+#define _NLA_POLICY_BINARY_RANGE(_min, _max)		\
+{							\
+	.type = NLA_BINARY,				\
+	.len = _max,					\
+	.validation_type = NLA_VALIDATE_FUNCTION,	\
+	.validate = nla_validate_min_len_ ## _min,	\
+}
+#else
+#define NLA_POLICY_BINARY_RANGE(_min, _max) NLA_POLICY_RANGE(NLA_BINARY, _min, _max)
+#endif /* < 5.10 */
 
 #endif /* __BACKPORT_NET_NETLINK_H */
diff --git a/patches/0097-nla_policy_binary_range.cocci b/patches/0097-nla_policy_binary_range.cocci
new file mode 100644
index 00000000..cb3b8be5
--- /dev/null
+++ b/patches/0097-nla_policy_binary_range.cocci
@@ -0,0 +1,5 @@ 
+@@
+expression MIN, MAX;
+@@
+-NLA_POLICY_RANGE(NLA_BINARY, MIN, MAX)
++NLA_POLICY_BINARY_RANGE(MIN, MAX)

[09/75] backport: implement NLA_POLICY_RANGE for NLA_BINARY

Commit Message

Comments

Patch