• David Ahern's avatar
    netlink: Add new socket option to enable strict checking on dumps · 89d35528
    David Ahern authored
    Add a new socket option, NETLINK_DUMP_STRICT_CHK, that userspace
    can use via setsockopt to request strict checking of headers and
    attributes on dump requests.
    
    To get dump features such as kernel side filtering based on data in
    the header or attributes appended to the dump request, userspace
    must call setsockopt() for NETLINK_DUMP_STRICT_CHK and a non-zero
    value. Since the netlink sock and its flags are private to the
    af_netlink code, the strict checking flag is passed to dump handlers
    via a flag in the netlink_callback struct.
    
    For old userspace on new kernel there is no impact as all of the data
    checks in later patches are wrapped in a check on the new strict flag.
    
    For new userspace on old kernel, the setsockopt will fail and even if
    new userspace sets data in the headers and appended attributes the
    kernel will silently ignore it. Moving forward when the setsockopt
    succeeds, the new userspace on old kernel means the dump request can
    pass an attribute the kernel does not understand. The dump will then
    fail as the older kernel does not understand it.
    
    New userspace on new kernel setting the socket option gets the benefit
    of the improved data dump.
    
    Kernel side the NETLINK_DUMP_STRICT_CHK uapi is converted to a generic
    NETLINK_F_STRICT_CHK flag which can potentially be leveraged for tighter
    checking on the NEW, DEL, and SET commands.
    Signed-off-by: default avatarDavid Ahern <dsahern@gmail.com>
    Acked-by: default avatarChristian Brauner <christian@brauner.io>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    89d35528
af_netlink.c 65.3 KB