Re: [PATCH V4 for-next 3/4] IB/core: Export ib_create/destroy_flow through uverbs
From: Jason Gunthorpe <hidden>
Date: 2013-08-28 16:20:50
Possibly related (same subject, not in this thread)
- 2013-09-17 · Re: [PATCH V4 for-next 3/4] IB/core: Export ib_create/destroy_flow through uverbs · Matan Barak <hidden>
- 2013-09-11 · Re: [PATCH V4 for-next 3/4] IB/core: Export ib_create/destroy_flow through uverbs · Or Gerlitz <hidden>
- 2013-09-11 · Re: [PATCH V4 for-next 3/4] IB/core: Export ib_create/destroy_flow through uverbs · Yann Droneaud <hidden>
- 2013-09-03 · Re: [PATCH V4 for-next 3/4] IB/core: Export ib_create/destroy_flow through uverbs · Matan Barak <hidden>
- 2013-09-03 · Re: [PATCH V4 for-next 3/4] IB/core: Export ib_create/destroy_flow through uverbs · Jason Gunthorpe <hidden>
On Wed, Aug 28, 2013 at 03:47:54PM +0300, Matan Barak wrote:
+ + if (cmd.comp_mask) + return -EINVAL;
So, how do you propose to interoperate with new user space/old kernels? How will user space know what comp_mask values the kernel will support? The notion that was established in the verbs patches is that extra structure fields are ignored by old software.
+ if ((cmd.flow_attr.type == IB_FLOW_ATTR_SNIFFER && + !capable(CAP_NET_ADMIN)) || !capable(CAP_NET_RAW)) + return -EPERM; + + if (cmd.flow_attr.num_of_specs < 0 || + cmd.flow_attr.num_of_specs > IB_FLOW_SPEC_SUPPORT_LAYERS) + return -EINVAL; + + kern_attr_size = cmd.flow_attr.size - sizeof(cmd) - + sizeof(struct ib_uverbs_cmd_hdr_ex); + + if (cmd.flow_attr.size < 0 || cmd.flow_attr.size > in_len || + kern_attr_size < 0 || kern_attr_size > + (cmd.flow_attr.num_of_specs * sizeof(struct ib_kern_spec)))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Watch out for integer overflow here.. Jason -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org More majordomo info at http://vger.kernel.org/majordomo-info.html