On 10/6/20 12:07 AM, Jakub Kicinski wrote:
> Since ethtool uses strict attribute validation there's no need
> to initialize all attributes in policy tables. 0 is NLA_UNSPEC
> which is going to be rejected. Remove the NLA_REJECTs.
>
> Similarly attributes above maxattrs are rejected, so there's
> no need to always size the policy tables to ETHTOOL_A_..._MAX.
>
This implies that all policy tables must be 'complete'.
strset_stringsets_policy[] for example is :
static const struct nla_policy strset_stringsets_policy[] = {
[ETHTOOL_A_STRINGSETS_STRINGSET] = { .type = NLA_NESTED },
};
So when later strset_parse_request() does :
req_info->counts_only = tb[ETHTOOL_A_STRSET_COUNTS_ONLY];
We have an out-of-bound access since ETHTOOL_A_STRSET_COUNTS_ONLY >
ETHTOOL_A_STRINGSETS_STRINGSET
Not sure what was the expected type for this attribute, the kernel
only looks at its presence, not its value.
- [PATCH net-next v2 0/7] ethtool: allow dumping policies to... Jakub Kicinski
- [PATCH net-next v2 4/7] ethtool: link up ethnl_header... Jakub Kicinski
- [PATCH net-next v2 7/7] ethtool: specify which header... Jakub Kicinski
- [PATCH net-next v2 3/7] ethtool: trim policy tables Jakub Kicinski
- Re: [PATCH net-next v2 3/7] ethtool: trim policy ... Eric Dumazet
- Re: [PATCH net-next v2 3/7] ethtool: trim pol... Johannes Berg
- Re: [PATCH net-next v2 3/7] ethtool: trim... Johannes Berg
- Re: [PATCH net-next v2 3/7] ethtool:... Eric Dumazet
- [PATCH net-next v2 6/7] netlink: add mask validation Jakub Kicinski
- [PATCH net-next v2 2/7] ethtool: wire up set policies... Jakub Kicinski
- [PATCH net-next v2 5/7] netlink: create helpers for c... Jakub Kicinski
- [PATCH net-next v2 1/7] ethtool: wire up get policies... Jakub Kicinski
- Re: [PATCH net-next v2 0/7] ethtool: allow dumping po... Johannes Berg
- Re: [PATCH net-next v2 0/7] ethtool: allow dumpin... David Miller
- Re: [PATCH net-next v2 0/7] ethtool: allow du... Leon Romanovsky
