[47/74] backport: implement NLA_POLICY_RANGE for NLA_BINARY

Message ID	20240524190907.84d051bc3c68.Ife595e2dc94955bda3d7d3089ec6a219fde272c1@changeid (mailing list archive)
State	New
Headers	show Received: from sipsolutions.net (s3.sipsolutions.net [168.119.38.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0AAE712EBC9 for <backports@vger.kernel.org>; Fri, 24 May 2024 17:10:03 +0000 (UTC) From: Johannes Berg <johannes@sipsolutions.net> To: backports@vger.kernel.org Cc: Luca Coelho <luciano.coelho@intel.com> Subject: [PATCH 47/74] backport: implement NLA_POLICY_RANGE for NLA_BINARY Date: Fri, 24 May 2024 19:07:59 +0200 Message-ID: <20240524190907.84d051bc3c68.Ife595e2dc94955bda3d7d3089ec6a219fde272c1@changeid> In-Reply-To: <20240524170906.54680-76-johannes@sipsolutions.net> References: <20240524170906.54680-76-johannes@sipsolutions.net> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	backport updates from Intel \| expand [00/74] backport updates from Intel [01/74] gentree: fix python quoting errors [02/74] backports: build: allow kernel versions >= 6 [03/74] backport: add v6.* to the Makefile [04/74] backports: move to -std=gnu11 [05/74] backports: add crypto/utils.h header file [06/74] backports: add id_2 argument to find_asymmetric_key() [07/74] backports: align x509_loader with newer kernels [08/74] backports: add kunit/visibility.h [09/74] backports: add linux/acpi_amd_wbrf.h [10/74] backports: Add __counted_by attribute [11/74] backports: add stubs to handle debugfs cancellation API [12/74] backports: adjust namespace argument const [13/74] backports: add linux/efi.h [14/74] backports: add eth_hw_addr_set() [15/74] backports: add module namespace support [16/74] backports: define __is_constexpr() for older kernels [17/74] backports: add kthread.h [18/74] backport: adjust led_trigger_blink*() to v6.5 [19/74] backports: add lockdep_is_held() when needed [20/74] backports: add mul_u64_u64_div_u64() [21/74] backports: add minmax.h [22/74] backports: add support for kvmemdup [23/74] backports: add DMI_OEM_STRING for older kernels [24/74] backport: fix __CFI_ADDRESSABLE use [25/74] backports: stub structs but remove ndo_fill_forward_path [26/74] headers: add DEFINE_SIMPLE_DEV_PM_OPS [27/74] backport: add get_random_u32_inclusive() [28/74] backports: add get_random_u16() [29/74] backports: add rfkill_soft_blocked() [30/74] backports: add skb_list_del_init() [31/74] backports: handle kfree_skb_reason for older kernels [32/74] backports: kunit: add kunit_add_cleanup [33/74] backports: handle dropreason for kernels < 6.4 [34/74] backport: fix dropreason handling [35/74] backports: add memset_after/memset_startat [36/74] backports: support strscpy_pad in older kernels [37/74] headers: add skb_tcp_all_headers [38/74] thermal: return errors w/o CONFIG_THERMAL [39/74] backports: handle thermal_zone_device_priv() for kernels < 6.4 [40/74] backports: handle thermal_trip for kernels < 6.0 [41/74] backport: move backport-6.4 forward to 6.5 [42/74] backports: adjust thermal APIs to 6.9 [43/74] backports: fix thermal backports [44/74] backports: add virtio_reset_device [45/74] backport: add gso.h [46/74] backports: add skb_get_dsfield() [47/74] backport: implement NLA_POLICY_RANGE for NLA_BINARY [48/74] backports: add NLA_POLICY_MIN_LEN() [49/74] backports: add netlink length validation for 13 [50/74] headers: add __vstring and __assign_vstr [51/74] headers: backport napi add functions [52/74] dependencies: limit IWLWIFI KUNIT 6.3+ [53/74] backports: add napi_schedule() [54/74] backports: add netif_rx() [55/74] backports: fix get_random_u32_below() version [56/74] backports: add ktime_get_coarse_boottime_ns [57/74] backport: don't call thermal_zone_device_register for 6.0+ [58/74] backports: update x509.asn1.[ch] [59/74] backports: bpgit: handle copied files properly in status() [60/74] backport: update pv trace fixes patch [61/74] backport: update iwl-debug patch [62/74] patches: fix wireless.patch [63/74] backports: update 0028-select_queue/mac80211.patch [64/74] backports: update mac80211-status.patch to v6.0-rc1 [65/74] patches: add spatch to adjust to changed ethtool ringparam API [66/74] backports: add split_ops to nl80211 [67/74] backports: adjust timer functions [68/74] patches: adjust verify.patch to v6.5-rc7 [69/74] rediff patches against 6.9 [70/74] gentree: print spatch stdout/stderr on errors [71/74] patches: ifdef resv_start_op in hwsim [72/74] patches: add patch for class_create() in hwsim [73/74] patches: add build system workaround for pre 5.17 [74/74] copy-list: minimal updates

Message ID

20240524190907.84d051bc3c68.Ife595e2dc94955bda3d7d3089ec6a219fde272c1@changeid (mailing list archive)

State

New

Headers

From: Johannes Berg <johannes@sipsolutions.net>
To: backports@vger.kernel.org
Cc: Luca Coelho <luciano.coelho@intel.com>
Subject: [PATCH 47/74] backport: implement NLA_POLICY_RANGE for NLA_BINARY
Date: Fri, 24 May 2024 19:07:59 +0200
Message-ID: 
 <20240524190907.84d051bc3c68.Ife595e2dc94955bda3d7d3089ec6a219fde272c1@changeid>
In-Reply-To: <20240524170906.54680-76-johannes@sipsolutions.net>
References: <20240524170906.54680-76-johannes@sipsolutions.net>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

backport updates from Intel | expand

Commit Message

Johannes Berg May 24, 2024, 5:07 p.m. UTC

From: Luca Coelho <luciano.coelho@intel.com>

The range checks for NLA_BINARY are supported since v5.10.  Unwrap the
macros and introduce a new function to test type.

Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
---
 backport/backport-include/net/netlink.h    | 31 +++++++++++++++++++---
 patches/0097-nla_policy_binary_range.cocci |  5 ++++
 2 files changed, 32 insertions(+), 4 deletions(-)
 create mode 100644 patches/0097-nla_policy_binary_range.cocci

diff --git a/backport/backport-include/net/netlink.h b/backport/backport-include/net/netlink.h
index ad5882347440..7192153b860c 100644
--- a/backport/backport-include/net/netlink.h
+++ b/backport/backport-include/net/netlink.h
@@ -346,10 +346,33 @@  enum nla_policy_validation {
 }
 #endif /* < 4.20 */
 
-#ifndef NLA_POLICY_MIN_LEN
-#define NLA_POLICY_MIN_LEN(_len) {		\
-	.type = NLA_BINARY			\
+#if LINUX_VERSION_IS_LESS(5,10,0)
+// pre-declare all the minimum lengths in use
+#define MIN_LEN_VALIDATION(n)						\
+static inline								\
+int nla_validate_min_len_##n(const struct nlattr *attr,			\
+			     struct netlink_ext_ack *extack)		\
+{									\
+	if (nla_len(attr) < n)						\
+		return -EINVAL;						\
+	return 0;							\
 }
-#endif
+
+MIN_LEN_VALIDATION(2)
+MIN_LEN_VALIDATION(16)
+MIN_LEN_VALIDATION(42)
+
+// double-expansion to expand _min to the actual value
+#define NLA_POLICY_BINARY_RANGE(_min, _max) _NLA_POLICY_BINARY_RANGE(_min, _max)
+#define _NLA_POLICY_BINARY_RANGE(_min, _max)		\
+{							\
+	.type = NLA_BINARY,				\
+	.len = _max,					\
+	.validation_type = NLA_VALIDATE_FUNCTION,	\
+	.validate = nla_validate_min_len_ ## _min,	\
+}
+#else
+#define NLA_POLICY_BINARY_RANGE(_min, _max) NLA_POLICY_RANGE(NLA_BINARY, _min, _max)
+#endif /* < 5.10 */
 
 #endif /* __BACKPORT_NET_NETLINK_H */
diff --git a/patches/0097-nla_policy_binary_range.cocci b/patches/0097-nla_policy_binary_range.cocci
new file mode 100644
index 000000000000..cb3b8be52b51
--- /dev/null
+++ b/patches/0097-nla_policy_binary_range.cocci
@@ -0,0 +1,5 @@ 
+@@
+expression MIN, MAX;
+@@
+-NLA_POLICY_RANGE(NLA_BINARY, MIN, MAX)
++NLA_POLICY_BINARY_RANGE(MIN, MAX)

[47/74] backport: implement NLA_POLICY_RANGE for NLA_BINARY

Commit Message

Patch