netlink: add mask validation
We don't have good validation policy for existing unsigned int attrs which serve as flags (for new ones we could use NLA_BITFIELD32). With increased use of policy dumping having the validation be expressed as part of the policy is important. Add validation policy in form of a mask of supported/valid bits. Support u64 in the uAPI to be future-proof, but really for now the embedded mask member can only hold 32 bits, so anything with bit 32+ set will always fail validation. Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Jakub Kicinski
committed by
David S. Miller
David S. Miller
parent
ddcf3b70c5
commit
bdbb4e29df
@@ -331,6 +331,7 @@ enum netlink_attribute_type {
|
||||
* the index, if limited inside the nesting (U32)
|
||||
* @NL_POLICY_TYPE_ATTR_BITFIELD32_MASK: valid mask for the
|
||||
* bitfield32 type (U32)
|
||||
* @NL_POLICY_TYPE_ATTR_MASK: mask of valid bits for unsigned integers (U64)
|
||||
* @NL_POLICY_TYPE_ATTR_PAD: pad attribute for 64-bit alignment
|
||||
*/
|
||||
enum netlink_policy_type_attr {
|
||||
@@ -346,6 +347,7 @@ enum netlink_policy_type_attr {
|
||||
NL_POLICY_TYPE_ATTR_POLICY_MAXTYPE,
|
||||
NL_POLICY_TYPE_ATTR_BITFIELD32_MASK,
|
||||
NL_POLICY_TYPE_ATTR_PAD,
|
||||
NL_POLICY_TYPE_ATTR_MASK,
|
||||
|
||||
/* keep last */
|
||||
__NL_POLICY_TYPE_ATTR_MAX,
|
||||
|
||||
Reference in New Issue
Block a user