netlink: add NLA_MIN_LEN

Rather than using NLA_UNSPEC for this type of thing, use NLA_MIN_LEN
so we can make NLA_UNSPEC be NLA_REJECT under certain conditions for
future attributes.

While at it, also use NLA_EXACT_LEN for the struct example.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/include/net/netlink.h b/include/net/netlink.h
index 1f18b47f41b4b65a05c6a27767b016517a697d5b..c77ed51c18f1bb8faa614b25d3d659a85fb7f665 100644 (file)
--- a/include/net/netlink.h
+++ b/include/net/netlink.h
@@ -183,6 +183,7 @@ enum {
        NLA_REJECT,
        NLA_EXACT_LEN,
        NLA_EXACT_LEN_WARN,
+       NLA_MIN_LEN,
        __NLA_TYPE_MAX,
 };
 
@@ -212,6 +213,7 @@ enum nla_policy_validation {
  *    NLA_NUL_STRING       Maximum length of string (excluding NUL)
  *    NLA_FLAG             Unused
  *    NLA_BINARY           Maximum length of attribute payload
+ *    NLA_MIN_LEN          Minimum length of attribute payload
  *    NLA_NESTED,
  *    NLA_NESTED_ARRAY     Length verification is done by checking len of
  *                         nested header (or empty); len field is used if
@@ -230,6 +232,7 @@ enum nla_policy_validation {
  *                         it is rejected.
  *    NLA_EXACT_LEN_WARN   Attribute should have exactly this length, a warning
  *                         is logged if it is longer, shorter is rejected.
+ *    NLA_MIN_LEN          Minimum length of attribute payload
  *    All other            Minimum length of attribute payload
  *
  * Meaning of `validation_data' field:
@@ -281,7 +284,7 @@ enum nla_policy_validation {
  * static const struct nla_policy my_policy[ATTR_MAX+1] = {
  *     [ATTR_FOO] = { .type = NLA_U16 },
  *     [ATTR_BAR] = { .type = NLA_STRING, .len = BARSIZ },
- *     [ATTR_BAZ] = { .len = sizeof(struct mystruct) },
+ *     [ATTR_BAZ] = { .type = NLA_EXACT_LEN, .len = sizeof(struct mystruct) },
  *     [ATTR_GOO] = { .type = NLA_BITFIELD32, .validation_data = &myvalidflags },
  * };
  */
@@ -302,6 +305,7 @@ struct nla_policy {
 #define NLA_POLICY_EXACT_LEN(_len)     { .type = NLA_EXACT_LEN, .len = _len }
 #define NLA_POLICY_EXACT_LEN_WARN(_len)        { .type = NLA_EXACT_LEN_WARN, \
                                          .len = _len }
+#define NLA_POLICY_MIN_LEN(_len)       { .type = NLA_MIN_LEN, .len = _len }
 
 #define NLA_POLICY_ETH_ADDR            NLA_POLICY_EXACT_LEN(ETH_ALEN)
 #define NLA_POLICY_ETH_ADDR_COMPAT     NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN)

diff --git a/lib/nlattr.c b/lib/nlattr.c
index d26de6156b97db73803cb617bcd81fd7415ac7b1..465c9e8ef8a563c33d03da316665edf5f5eb7440 100644 (file)
--- a/lib/nlattr.c
+++ b/lib/nlattr.c
@@ -278,10 +278,17 @@ static int validate_nla(const struct nlattr *nla, int maxtype,
                        }
                }
                break;
+
+       case NLA_UNSPEC:
+       case NLA_MIN_LEN:
+               if (attrlen < pt->len)
+                       goto out_err;
+               break;
+
        default:
                if (pt->len)
                        minlen = pt->len;
-               else if (pt->type != NLA_UNSPEC)
+               else
                        minlen = nla_attr_minlen[pt->type];
 
                if (attrlen < minlen)