[NET_SCHED]: Use nla_policy for attribute validation in packet schedulers

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Patrick McHardy 2008-01-23 20:35:39 -08:00 committed by David S. Miller
parent 5feb5e1aaa
commit 27a3421e48
9 changed files with 87 additions and 93 deletions

View File

@ -195,6 +195,11 @@ static const u8 llc_oui_ip[] = {
0x08, 0x00 0x08, 0x00
}; /* Ethertype IP (0800) */ }; /* Ethertype IP (0800) */
static const struct nla_policy atm_policy[TCA_ATM_MAX + 1] = {
[TCA_ATM_FD] = { .type = NLA_U32 },
[TCA_ATM_EXCESS] = { .type = NLA_U32 },
};
static int atm_tc_change(struct Qdisc *sch, u32 classid, u32 parent, static int atm_tc_change(struct Qdisc *sch, u32 classid, u32 parent,
struct nlattr **tca, unsigned long *arg) struct nlattr **tca, unsigned long *arg)
{ {
@ -225,11 +230,12 @@ static int atm_tc_change(struct Qdisc *sch, u32 classid, u32 parent,
return -EBUSY; return -EBUSY;
if (opt == NULL) if (opt == NULL)
return -EINVAL; return -EINVAL;
error = nla_parse_nested(tb, TCA_ATM_MAX, opt, NULL);
error = nla_parse_nested(tb, TCA_ATM_MAX, opt, atm_policy);
if (error < 0) if (error < 0)
return error; return error;
if (!tb[TCA_ATM_FD] || nla_len(tb[TCA_ATM_FD]) < sizeof(fd)) if (!tb[TCA_ATM_FD])
return -EINVAL; return -EINVAL;
fd = nla_get_u32(tb[TCA_ATM_FD]); fd = nla_get_u32(tb[TCA_ATM_FD]);
pr_debug("atm_tc_change: fd %d\n", fd); pr_debug("atm_tc_change: fd %d\n", fd);
@ -243,8 +249,6 @@ static int atm_tc_change(struct Qdisc *sch, u32 classid, u32 parent,
if (!tb[TCA_ATM_EXCESS]) if (!tb[TCA_ATM_EXCESS])
excess = NULL; excess = NULL;
else { else {
if (nla_len(tb[TCA_ATM_EXCESS]) != sizeof(u32))
return -EINVAL;
excess = (struct atm_flow_data *) excess = (struct atm_flow_data *)
atm_tc_get(sch, nla_get_u32(tb[TCA_ATM_EXCESS])); atm_tc_get(sch, nla_get_u32(tb[TCA_ATM_EXCESS]));
if (!excess) if (!excess)

View File

@ -1377,6 +1377,16 @@ static int cbq_set_fopt(struct cbq_class *cl, struct tc_cbq_fopt *fopt)
return 0; return 0;
} }
static const struct nla_policy cbq_policy[TCA_CBQ_MAX + 1] = {
[TCA_CBQ_LSSOPT] = { .len = sizeof(struct tc_cbq_lssopt) },
[TCA_CBQ_WRROPT] = { .len = sizeof(struct tc_cbq_wrropt) },
[TCA_CBQ_FOPT] = { .len = sizeof(struct tc_cbq_fopt) },
[TCA_CBQ_OVL_STRATEGY] = { .len = sizeof(struct tc_cbq_ovl) },
[TCA_CBQ_RATE] = { .len = sizeof(struct tc_ratespec) },
[TCA_CBQ_RTAB] = { .type = NLA_BINARY, .len = TC_RTAB_SIZE },
[TCA_CBQ_POLICE] = { .len = sizeof(struct tc_cbq_police) },
};
static int cbq_init(struct Qdisc *sch, struct nlattr *opt) static int cbq_init(struct Qdisc *sch, struct nlattr *opt)
{ {
struct cbq_sched_data *q = qdisc_priv(sch); struct cbq_sched_data *q = qdisc_priv(sch);
@ -1384,16 +1394,11 @@ static int cbq_init(struct Qdisc *sch, struct nlattr *opt)
struct tc_ratespec *r; struct tc_ratespec *r;
int err; int err;
err = nla_parse_nested(tb, TCA_CBQ_MAX, opt, NULL); err = nla_parse_nested(tb, TCA_CBQ_MAX, opt, cbq_policy);
if (err < 0) if (err < 0)
return err; return err;
if (tb[TCA_CBQ_RTAB] == NULL || tb[TCA_CBQ_RATE] == NULL || if (tb[TCA_CBQ_RTAB] == NULL || tb[TCA_CBQ_RATE] == NULL)
nla_len(tb[TCA_CBQ_RATE]) < sizeof(struct tc_ratespec))
return -EINVAL;
if (tb[TCA_CBQ_LSSOPT] &&
nla_len(tb[TCA_CBQ_LSSOPT]) < sizeof(struct tc_cbq_lssopt))
return -EINVAL; return -EINVAL;
r = nla_data(tb[TCA_CBQ_RATE]); r = nla_data(tb[TCA_CBQ_RATE]);
@ -1771,36 +1776,10 @@ cbq_change_class(struct Qdisc *sch, u32 classid, u32 parentid, struct nlattr **t
if (opt == NULL) if (opt == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_CBQ_MAX, opt, NULL); err = nla_parse_nested(tb, TCA_CBQ_MAX, opt, cbq_policy);
if (err < 0) if (err < 0)
return err; return err;
if (tb[TCA_CBQ_OVL_STRATEGY] &&
nla_len(tb[TCA_CBQ_OVL_STRATEGY]) < sizeof(struct tc_cbq_ovl))
return -EINVAL;
if (tb[TCA_CBQ_FOPT] &&
nla_len(tb[TCA_CBQ_FOPT]) < sizeof(struct tc_cbq_fopt))
return -EINVAL;
if (tb[TCA_CBQ_RATE] &&
nla_len(tb[TCA_CBQ_RATE]) < sizeof(struct tc_ratespec))
return -EINVAL;
if (tb[TCA_CBQ_LSSOPT] &&
nla_len(tb[TCA_CBQ_LSSOPT]) < sizeof(struct tc_cbq_lssopt))
return -EINVAL;
if (tb[TCA_CBQ_WRROPT] &&
nla_len(tb[TCA_CBQ_WRROPT]) < sizeof(struct tc_cbq_wrropt))
return -EINVAL;
#ifdef CONFIG_NET_CLS_ACT
if (tb[TCA_CBQ_POLICE] &&
nla_len(tb[TCA_CBQ_POLICE]) < sizeof(struct tc_cbq_police))
return -EINVAL;
#endif
if (cl) { if (cl) {
/* Check parent */ /* Check parent */
if (parentid) { if (parentid) {

View File

@ -99,6 +99,14 @@ static void dsmark_put(struct Qdisc *sch, unsigned long cl)
{ {
} }
static const struct nla_policy dsmark_policy[TCA_DSMARK_MAX + 1] = {
[TCA_DSMARK_INDICES] = { .type = NLA_U16 },
[TCA_DSMARK_DEFAULT_INDEX] = { .type = NLA_U16 },
[TCA_DSMARK_SET_TC_INDEX] = { .type = NLA_FLAG },
[TCA_DSMARK_MASK] = { .type = NLA_U8 },
[TCA_DSMARK_VALUE] = { .type = NLA_U8 },
};
static int dsmark_change(struct Qdisc *sch, u32 classid, u32 parent, static int dsmark_change(struct Qdisc *sch, u32 classid, u32 parent,
struct nlattr **tca, unsigned long *arg) struct nlattr **tca, unsigned long *arg)
{ {
@ -119,21 +127,15 @@ static int dsmark_change(struct Qdisc *sch, u32 classid, u32 parent,
if (!opt) if (!opt)
goto errout; goto errout;
err = nla_parse_nested(tb, TCA_DSMARK_MAX, opt, NULL); err = nla_parse_nested(tb, TCA_DSMARK_MAX, opt, dsmark_policy);
if (err < 0) if (err < 0)
return err; goto errout;
err = -EINVAL; if (tb[TCA_DSMARK_MASK])
if (tb[TCA_DSMARK_MASK]) {
if (nla_len(tb[TCA_DSMARK_MASK]) < sizeof(u8))
goto errout;
mask = nla_get_u8(tb[TCA_DSMARK_MASK]); mask = nla_get_u8(tb[TCA_DSMARK_MASK]);
}
if (tb[TCA_DSMARK_VALUE]) { if (tb[TCA_DSMARK_VALUE])
if (nla_len(tb[TCA_DSMARK_VALUE]) < sizeof(u8))
goto errout;
p->value[*arg-1] = nla_get_u8(tb[TCA_DSMARK_VALUE]); p->value[*arg-1] = nla_get_u8(tb[TCA_DSMARK_VALUE]);
}
if (tb[TCA_DSMARK_MASK]) if (tb[TCA_DSMARK_MASK])
p->mask[*arg-1] = mask; p->mask[*arg-1] = mask;
@ -359,23 +361,18 @@ static int dsmark_init(struct Qdisc *sch, struct nlattr *opt)
if (!opt) if (!opt)
goto errout; goto errout;
err = nla_parse_nested(tb, TCA_DSMARK_MAX, opt, NULL); err = nla_parse_nested(tb, TCA_DSMARK_MAX, opt, dsmark_policy);
if (err < 0) if (err < 0)
goto errout; goto errout;
err = -EINVAL; err = -EINVAL;
if (nla_len(tb[TCA_DSMARK_INDICES]) < sizeof(u16))
goto errout;
indices = nla_get_u16(tb[TCA_DSMARK_INDICES]); indices = nla_get_u16(tb[TCA_DSMARK_INDICES]);
if (hweight32(indices) != 1) if (hweight32(indices) != 1)
goto errout; goto errout;
if (tb[TCA_DSMARK_DEFAULT_INDEX]) { if (tb[TCA_DSMARK_DEFAULT_INDEX])
if (nla_len(tb[TCA_DSMARK_DEFAULT_INDEX]) < sizeof(u16))
goto errout;
default_index = nla_get_u16(tb[TCA_DSMARK_DEFAULT_INDEX]); default_index = nla_get_u16(tb[TCA_DSMARK_DEFAULT_INDEX]);
}
mask = kmalloc(indices * 2, GFP_KERNEL); mask = kmalloc(indices * 2, GFP_KERNEL);
if (mask == NULL) { if (mask == NULL) {

View File

@ -356,7 +356,7 @@ static inline int gred_change_table_def(struct Qdisc *sch, struct nlattr *dps)
struct tc_gred_sopt *sopt; struct tc_gred_sopt *sopt;
int i; int i;
if (dps == NULL || nla_len(dps) < sizeof(*sopt)) if (dps == NULL)
return -EINVAL; return -EINVAL;
sopt = nla_data(dps); sopt = nla_data(dps);
@ -425,6 +425,12 @@ static inline int gred_change_vq(struct Qdisc *sch, int dp,
return 0; return 0;
} }
static const struct nla_policy gred_policy[TCA_GRED_MAX + 1] = {
[TCA_GRED_PARMS] = { .len = sizeof(struct tc_gred_qopt) },
[TCA_GRED_STAB] = { .len = 256 },
[TCA_GRED_DPS] = { .len = sizeof(struct tc_gred_sopt) },
};
static int gred_change(struct Qdisc *sch, struct nlattr *opt) static int gred_change(struct Qdisc *sch, struct nlattr *opt)
{ {
struct gred_sched *table = qdisc_priv(sch); struct gred_sched *table = qdisc_priv(sch);
@ -436,7 +442,7 @@ static int gred_change(struct Qdisc *sch, struct nlattr *opt)
if (opt == NULL) if (opt == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_GRED_MAX, opt, NULL); err = nla_parse_nested(tb, TCA_GRED_MAX, opt, gred_policy);
if (err < 0) if (err < 0)
return err; return err;
@ -444,9 +450,7 @@ static int gred_change(struct Qdisc *sch, struct nlattr *opt)
return gred_change_table_def(sch, opt); return gred_change_table_def(sch, opt);
if (tb[TCA_GRED_PARMS] == NULL || if (tb[TCA_GRED_PARMS] == NULL ||
nla_len(tb[TCA_GRED_PARMS]) < sizeof(*ctl) || tb[TCA_GRED_STAB] == NULL)
tb[TCA_GRED_STAB] == NULL ||
nla_len(tb[TCA_GRED_STAB]) < 256)
return -EINVAL; return -EINVAL;
err = -EINVAL; err = -EINVAL;
@ -499,7 +503,7 @@ static int gred_init(struct Qdisc *sch, struct nlattr *opt)
if (opt == NULL) if (opt == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_GRED_MAX, opt, NULL); err = nla_parse_nested(tb, TCA_GRED_MAX, opt, gred_policy);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -986,6 +986,12 @@ hfsc_change_usc(struct hfsc_class *cl, struct tc_service_curve *usc,
cl->cl_flags |= HFSC_USC; cl->cl_flags |= HFSC_USC;
} }
static const struct nla_policy hfsc_policy[TCA_HFSC_MAX + 1] = {
[TCA_HFSC_RSC] = { .len = sizeof(struct tc_service_curve) },
[TCA_HFSC_FSC] = { .len = sizeof(struct tc_service_curve) },
[TCA_HFSC_USC] = { .len = sizeof(struct tc_service_curve) },
};
static int static int
hfsc_change_class(struct Qdisc *sch, u32 classid, u32 parentid, hfsc_change_class(struct Qdisc *sch, u32 classid, u32 parentid,
struct nlattr **tca, unsigned long *arg) struct nlattr **tca, unsigned long *arg)
@ -1002,29 +1008,23 @@ hfsc_change_class(struct Qdisc *sch, u32 classid, u32 parentid,
if (opt == NULL) if (opt == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_HFSC_MAX, opt, NULL); err = nla_parse_nested(tb, TCA_HFSC_MAX, opt, hfsc_policy);
if (err < 0) if (err < 0)
return err; return err;
if (tb[TCA_HFSC_RSC]) { if (tb[TCA_HFSC_RSC]) {
if (nla_len(tb[TCA_HFSC_RSC]) < sizeof(*rsc))
return -EINVAL;
rsc = nla_data(tb[TCA_HFSC_RSC]); rsc = nla_data(tb[TCA_HFSC_RSC]);
if (rsc->m1 == 0 && rsc->m2 == 0) if (rsc->m1 == 0 && rsc->m2 == 0)
rsc = NULL; rsc = NULL;
} }
if (tb[TCA_HFSC_FSC]) { if (tb[TCA_HFSC_FSC]) {
if (nla_len(tb[TCA_HFSC_FSC]) < sizeof(*fsc))
return -EINVAL;
fsc = nla_data(tb[TCA_HFSC_FSC]); fsc = nla_data(tb[TCA_HFSC_FSC]);
if (fsc->m1 == 0 && fsc->m2 == 0) if (fsc->m1 == 0 && fsc->m2 == 0)
fsc = NULL; fsc = NULL;
} }
if (tb[TCA_HFSC_USC]) { if (tb[TCA_HFSC_USC]) {
if (nla_len(tb[TCA_HFSC_USC]) < sizeof(*usc))
return -EINVAL;
usc = nla_data(tb[TCA_HFSC_USC]); usc = nla_data(tb[TCA_HFSC_USC]);
if (usc->m1 == 0 && usc->m2 == 0) if (usc->m1 == 0 && usc->m2 == 0)
usc = NULL; usc = NULL;

View File

@ -992,6 +992,13 @@ static void htb_reset(struct Qdisc *sch)
INIT_LIST_HEAD(q->drops + i); INIT_LIST_HEAD(q->drops + i);
} }
static const struct nla_policy htb_policy[TCA_HTB_MAX + 1] = {
[TCA_HTB_PARMS] = { .len = sizeof(struct tc_htb_opt) },
[TCA_HTB_INIT] = { .len = sizeof(struct tc_htb_glob) },
[TCA_HTB_CTAB] = { .type = NLA_BINARY, .len = TC_RTAB_SIZE },
[TCA_HTB_RTAB] = { .type = NLA_BINARY, .len = TC_RTAB_SIZE },
};
static int htb_init(struct Qdisc *sch, struct nlattr *opt) static int htb_init(struct Qdisc *sch, struct nlattr *opt)
{ {
struct htb_sched *q = qdisc_priv(sch); struct htb_sched *q = qdisc_priv(sch);
@ -1003,12 +1010,11 @@ static int htb_init(struct Qdisc *sch, struct nlattr *opt)
if (!opt) if (!opt)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_HTB_INIT, opt, NULL); err = nla_parse_nested(tb, TCA_HTB_INIT, opt, htb_policy);
if (err < 0) if (err < 0)
return err; return err;
if (tb[TCA_HTB_INIT] == NULL || if (tb[TCA_HTB_INIT] == NULL) {
nla_len(tb[TCA_HTB_INIT]) < sizeof(*gopt)) {
printk(KERN_ERR "HTB: hey probably you have bad tc tool ?\n"); printk(KERN_ERR "HTB: hey probably you have bad tc tool ?\n");
return -EINVAL; return -EINVAL;
} }
@ -1319,13 +1325,12 @@ static int htb_change_class(struct Qdisc *sch, u32 classid,
if (!opt) if (!opt)
goto failure; goto failure;
err = nla_parse_nested(tb, TCA_HTB_RTAB, opt, NULL); err = nla_parse_nested(tb, TCA_HTB_RTAB, opt, htb_policy);
if (err < 0) if (err < 0)
goto failure; goto failure;
err = -EINVAL; err = -EINVAL;
if (tb[TCA_HTB_PARMS] == NULL || if (tb[TCA_HTB_PARMS] == NULL)
nla_len(tb[TCA_HTB_PARMS]) < sizeof(*hopt))
goto failure; goto failure;
parent = parentid == TC_H_ROOT ? NULL : htb_find(parentid, sch); parent = parentid == TC_H_ROOT ? NULL : htb_find(parentid, sch);

View File

@ -368,9 +368,6 @@ static int get_correlation(struct Qdisc *sch, const struct nlattr *attr)
struct netem_sched_data *q = qdisc_priv(sch); struct netem_sched_data *q = qdisc_priv(sch);
const struct tc_netem_corr *c = nla_data(attr); const struct tc_netem_corr *c = nla_data(attr);
if (nla_len(attr) != sizeof(*c))
return -EINVAL;
init_crandom(&q->delay_cor, c->delay_corr); init_crandom(&q->delay_cor, c->delay_corr);
init_crandom(&q->loss_cor, c->loss_corr); init_crandom(&q->loss_cor, c->loss_corr);
init_crandom(&q->dup_cor, c->dup_corr); init_crandom(&q->dup_cor, c->dup_corr);
@ -382,9 +379,6 @@ static int get_reorder(struct Qdisc *sch, const struct nlattr *attr)
struct netem_sched_data *q = qdisc_priv(sch); struct netem_sched_data *q = qdisc_priv(sch);
const struct tc_netem_reorder *r = nla_data(attr); const struct tc_netem_reorder *r = nla_data(attr);
if (nla_len(attr) != sizeof(*r))
return -EINVAL;
q->reorder = r->probability; q->reorder = r->probability;
init_crandom(&q->reorder_cor, r->correlation); init_crandom(&q->reorder_cor, r->correlation);
return 0; return 0;
@ -395,14 +389,17 @@ static int get_corrupt(struct Qdisc *sch, const struct nlattr *attr)
struct netem_sched_data *q = qdisc_priv(sch); struct netem_sched_data *q = qdisc_priv(sch);
const struct tc_netem_corrupt *r = nla_data(attr); const struct tc_netem_corrupt *r = nla_data(attr);
if (nla_len(attr) != sizeof(*r))
return -EINVAL;
q->corrupt = r->probability; q->corrupt = r->probability;
init_crandom(&q->corrupt_cor, r->correlation); init_crandom(&q->corrupt_cor, r->correlation);
return 0; return 0;
} }
static const struct nla_policy netem_policy[TCA_NETEM_MAX + 1] = {
[TCA_NETEM_CORR] = { .len = sizeof(struct tc_netem_corr) },
[TCA_NETEM_REORDER] = { .len = sizeof(struct tc_netem_reorder) },
[TCA_NETEM_CORRUPT] = { .len = sizeof(struct tc_netem_corrupt) },
};
/* Parse netlink message to set options */ /* Parse netlink message to set options */
static int netem_change(struct Qdisc *sch, struct nlattr *opt) static int netem_change(struct Qdisc *sch, struct nlattr *opt)
{ {
@ -414,8 +411,8 @@ static int netem_change(struct Qdisc *sch, struct nlattr *opt)
if (opt == NULL) if (opt == NULL)
return -EINVAL; return -EINVAL;
ret = nla_parse_nested_compat(tb, TCA_NETEM_MAX, opt, NULL, qopt, ret = nla_parse_nested_compat(tb, TCA_NETEM_MAX, opt, netem_policy,
sizeof(*qopt)); qopt, sizeof(*qopt));
if (ret < 0) if (ret < 0)
return ret; return ret;

View File

@ -201,6 +201,11 @@ static struct Qdisc *red_create_dflt(struct Qdisc *sch, u32 limit)
return NULL; return NULL;
} }
static const struct nla_policy red_policy[TCA_RED_MAX + 1] = {
[TCA_RED_PARMS] = { .len = sizeof(struct tc_red_qopt) },
[TCA_RED_STAB] = { .len = RED_STAB_SIZE },
};
static int red_change(struct Qdisc *sch, struct nlattr *opt) static int red_change(struct Qdisc *sch, struct nlattr *opt)
{ {
struct red_sched_data *q = qdisc_priv(sch); struct red_sched_data *q = qdisc_priv(sch);
@ -212,14 +217,12 @@ static int red_change(struct Qdisc *sch, struct nlattr *opt)
if (opt == NULL) if (opt == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_RED_MAX, opt, NULL); err = nla_parse_nested(tb, TCA_RED_MAX, opt, red_policy);
if (err < 0) if (err < 0)
return err; return err;
if (tb[TCA_RED_PARMS] == NULL || if (tb[TCA_RED_PARMS] == NULL ||
nla_len(tb[TCA_RED_PARMS]) < sizeof(*ctl) || tb[TCA_RED_STAB] == NULL)
tb[TCA_RED_STAB] == NULL ||
nla_len(tb[TCA_RED_STAB]) < RED_STAB_SIZE)
return -EINVAL; return -EINVAL;
ctl = nla_data(tb[TCA_RED_PARMS]); ctl = nla_data(tb[TCA_RED_PARMS]);

View File

@ -270,6 +270,12 @@ static struct Qdisc *tbf_create_dflt_qdisc(struct Qdisc *sch, u32 limit)
return NULL; return NULL;
} }
static const struct nla_policy tbf_policy[TCA_TBF_MAX + 1] = {
[TCA_TBF_PARMS] = { .len = sizeof(struct tc_tbf_qopt) },
[TCA_TBF_RTAB] = { .type = NLA_BINARY, .len = TC_RTAB_SIZE },
[TCA_TBF_PTAB] = { .type = NLA_BINARY, .len = TC_RTAB_SIZE },
};
static int tbf_change(struct Qdisc* sch, struct nlattr *opt) static int tbf_change(struct Qdisc* sch, struct nlattr *opt)
{ {
int err; int err;
@ -281,13 +287,12 @@ static int tbf_change(struct Qdisc* sch, struct nlattr *opt)
struct Qdisc *child = NULL; struct Qdisc *child = NULL;
int max_size,n; int max_size,n;
err = nla_parse_nested(tb, TCA_TBF_PTAB, opt, NULL); err = nla_parse_nested(tb, TCA_TBF_PTAB, opt, tbf_policy);
if (err < 0) if (err < 0)
return err; return err;
err = -EINVAL; err = -EINVAL;
if (tb[TCA_TBF_PARMS] == NULL || if (tb[TCA_TBF_PARMS] == NULL)
nla_len(tb[TCA_TBF_PARMS]) < sizeof(*qopt))
goto done; goto done;
qopt = nla_data(tb[TCA_TBF_PARMS]); qopt = nla_data(tb[TCA_TBF_PARMS]);