diff options
author | Johannes Berg <johannes.berg@intel.com> | 2018-09-27 11:28:35 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2018-10-01 23:05:31 -0700 |
commit | 3e48be05f3c7eb6f6126939e9d957903c5cfeee5 (patch) | |
tree | 866035464b1e44661e6ac5459f80db6580364a93 /crypto/Makefile | |
parent | 6140cc20caf7da861fb113a707e0acc36bd358ec (diff) | |
download | linux-3e48be05f3c7eb6f6126939e9d957903c5cfeee5.tar.bz2 |
netlink: add attribute range validation to policy
Without further bloating the policy structs, we can overload
the `validation_data' pointer with a struct of s16 min, max
and use those to validate ranges in NLA_{U,S}{8,16,32,64}
attributes.
It may sound strange to validate NLA_U32 with a s16 max, but
in many cases NLA_U32 is used for enums etc. since there's no
size benefit in using a smaller attribute width anyway, due
to netlink attribute alignment; in cases like that it's still
useful, particularly when the attribute really transports an
enum value.
Doing so lets us remove quite a bit of validation code, if we
can be sure that these attributes aren't used by userspace in
places where they're ignored today.
To achieve all this, split the 'type' field and introduce a
new 'validation_type' field which indicates what further
validation (beyond the validation prescribed by the type of
the attribute) is done. This currently allows for no further
validation (the default), as well as min, max and range checks.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'crypto/Makefile')
0 files changed, 0 insertions, 0 deletions