Hey Eugene,

On Sat, Oct 6, 2018 at 9:43 PM Eugene Syromiatnikov [off-list ref] wrote:

On Sat, Oct 06, 2018 at 04:57:09AM +0200, Jason A. Donenfeld wrote:

quoted

+static int get_allowedips(void *ctx, const u8 *ip, u8 cidr, int family)
+{
+     struct allowedips_ctx *actx = ctx;
+     struct nlattr *allowedip_nest;
+
+     allowedip_nest = nla_nest_start(actx->skb, actx->i++);

Second parameter of nl_nest_start is an attribute type; (ab)using it as
array index leads to special handling of such structures in parsers.
It's better to have some type like WGDEVICE_A_PEER_ITEM and provide an
additional attribute inside it for index (WGPEER_A_INDEX?).
See, for example, commit v4.12-rc1~119^2~131 ("nbd: add a status netlink
command").

quoted

+static int get_peer(struct wireguard_peer *peer, unsigned int index,
+                 struct allowedips_cursor *rt_cursor, struct sk_buff *skb)
+{
+     struct nlattr *allowedips_nest, *peer_nest = nla_nest_start(skb, index);

Same here.

Good point. Actually the index aspect is totally arbitrary and not
useful at all, and so that part can just be entirely excised.

Jason