Skip to content

Commit da7d8e6

Browse files
davem330davem330
committed
Merge branch 'netlink-be-policy'
Signed-off-by: David S. Miller <[email protected]>
2 parents 98ba810 + e7af210 commit da7d8e6

File tree

3 files changed

+39
-7
lines changed

3 files changed

+39
-7
lines changed

include/net/netlink.h

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -325,6 +325,7 @@ struct nla_policy {
325325
struct netlink_range_validation_signed *range_signed;
326326
struct {
327327
s16 min, max;
328+
u8 network_byte_order:1;
328329
};
329330
int (*validate)(const struct nlattr *attr,
330331
struct netlink_ext_ack *extack);
@@ -418,6 +419,14 @@ struct nla_policy {
418419
.type = NLA_ENSURE_INT_OR_BINARY_TYPE(tp), \
419420
.validation_type = NLA_VALIDATE_MAX, \
420421
.max = _max, \
422+
.network_byte_order = 0, \
423+
}
424+
425+
#define NLA_POLICY_MAX_BE(tp, _max) { \
426+
.type = NLA_ENSURE_UINT_TYPE(tp), \
427+
.validation_type = NLA_VALIDATE_MAX, \
428+
.max = _max, \
429+
.network_byte_order = 1, \
421430
}
422431

423432
#define NLA_POLICY_MASK(tp, _mask) { \

lib/nlattr.c

Lines changed: 27 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -159,6 +159,31 @@ void nla_get_range_unsigned(const struct nla_policy *pt,
159159
}
160160
}
161161

162+
static u64 nla_get_attr_bo(const struct nla_policy *pt,
163+
const struct nlattr *nla)
164+
{
165+
switch (pt->type) {
166+
case NLA_U16:
167+
if (pt->network_byte_order)
168+
return ntohs(nla_get_be16(nla));
169+
170+
return nla_get_u16(nla);
171+
case NLA_U32:
172+
if (pt->network_byte_order)
173+
return ntohl(nla_get_be32(nla));
174+
175+
return nla_get_u32(nla);
176+
case NLA_U64:
177+
if (pt->network_byte_order)
178+
return be64_to_cpu(nla_get_be64(nla));
179+
180+
return nla_get_u64(nla);
181+
}
182+
183+
WARN_ON_ONCE(1);
184+
return 0;
185+
}
186+
162187
static int nla_validate_range_unsigned(const struct nla_policy *pt,
163188
const struct nlattr *nla,
164189
struct netlink_ext_ack *extack,
@@ -172,12 +197,10 @@ static int nla_validate_range_unsigned(const struct nla_policy *pt,
172197
value = nla_get_u8(nla);
173198
break;
174199
case NLA_U16:
175-
value = nla_get_u16(nla);
176-
break;
177200
case NLA_U32:
178-
value = nla_get_u32(nla);
179-
break;
180201
case NLA_U64:
202+
value = nla_get_attr_bo(pt, nla);
203+
break;
181204
case NLA_MSECS:
182205
value = nla_get_u64(nla);
183206
break;

net/netfilter/nft_payload.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -173,10 +173,10 @@ static const struct nla_policy nft_payload_policy[NFTA_PAYLOAD_MAX + 1] = {
173173
[NFTA_PAYLOAD_SREG] = { .type = NLA_U32 },
174174
[NFTA_PAYLOAD_DREG] = { .type = NLA_U32 },
175175
[NFTA_PAYLOAD_BASE] = { .type = NLA_U32 },
176-
[NFTA_PAYLOAD_OFFSET] = { .type = NLA_U32 },
177-
[NFTA_PAYLOAD_LEN] = { .type = NLA_U32 },
176+
[NFTA_PAYLOAD_OFFSET] = NLA_POLICY_MAX_BE(NLA_U32, 255),
177+
[NFTA_PAYLOAD_LEN] = NLA_POLICY_MAX_BE(NLA_U32, 255),
178178
[NFTA_PAYLOAD_CSUM_TYPE] = { .type = NLA_U32 },
179-
[NFTA_PAYLOAD_CSUM_OFFSET] = { .type = NLA_U32 },
179+
[NFTA_PAYLOAD_CSUM_OFFSET] = NLA_POLICY_MAX_BE(NLA_U32, 255),
180180
[NFTA_PAYLOAD_CSUM_FLAGS] = { .type = NLA_U32 },
181181
};
182182

0 commit comments

Comments
 (0)