tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

wireguard: netlink: use NLA_POLICY_MASK where possible

Rather than manually validating flags against the various __ALL_*
constants, put this in the netlink policy description and have the upper
layer machinery check it for us.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Link: https://patch.msgid.link/20250521212707.1767879-4-Jason@zx2c4.com
Signed-off-by: Paolo Abeni <pabeni@redhat.com>

authored by

Jason A. Donenfeld and committed by
Paolo Abeni c8529020 71e5da46

+2 -8
+2 -8
drivers/net/wireguard/netlink.c
··· 24 24 [WGDEVICE_A_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ - 1 }, 25 25 [WGDEVICE_A_PRIVATE_KEY] = NLA_POLICY_EXACT_LEN(NOISE_PUBLIC_KEY_LEN), 26 26 [WGDEVICE_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(NOISE_PUBLIC_KEY_LEN), 27 - [WGDEVICE_A_FLAGS] = { .type = NLA_U32 }, 27 + [WGDEVICE_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, __WGDEVICE_F_ALL), 28 28 [WGDEVICE_A_LISTEN_PORT] = { .type = NLA_U16 }, 29 29 [WGDEVICE_A_FWMARK] = { .type = NLA_U32 }, 30 30 [WGDEVICE_A_PEERS] = { .type = NLA_NESTED } ··· 33 33 static const struct nla_policy peer_policy[WGPEER_A_MAX + 1] = { 34 34 [WGPEER_A_PUBLIC_KEY] = NLA_POLICY_EXACT_LEN(NOISE_PUBLIC_KEY_LEN), 35 35 [WGPEER_A_PRESHARED_KEY] = NLA_POLICY_EXACT_LEN(NOISE_SYMMETRIC_KEY_LEN), 36 - [WGPEER_A_FLAGS] = { .type = NLA_U32 }, 36 + [WGPEER_A_FLAGS] = NLA_POLICY_MASK(NLA_U32, __WGPEER_F_ALL), 37 37 [WGPEER_A_ENDPOINT] = NLA_POLICY_MIN_LEN(sizeof(struct sockaddr)), 38 38 [WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL] = { .type = NLA_U16 }, 39 39 [WGPEER_A_LAST_HANDSHAKE_TIME] = NLA_POLICY_EXACT_LEN(sizeof(struct __kernel_timespec)), ··· 373 373 374 374 if (attrs[WGPEER_A_FLAGS]) 375 375 flags = nla_get_u32(attrs[WGPEER_A_FLAGS]); 376 - ret = -EOPNOTSUPP; 377 - if (flags & ~__WGPEER_F_ALL) 378 - goto out; 379 376 380 377 ret = -EPFNOSUPPORT; 381 378 if (attrs[WGPEER_A_PROTOCOL_VERSION]) { ··· 503 506 504 507 if (info->attrs[WGDEVICE_A_FLAGS]) 505 508 flags = nla_get_u32(info->attrs[WGDEVICE_A_FLAGS]); 506 - ret = -EOPNOTSUPP; 507 - if (flags & ~__WGDEVICE_F_ALL) 508 - goto out; 509 509 510 510 if (info->attrs[WGDEVICE_A_LISTEN_PORT] || info->attrs[WGDEVICE_A_FWMARK]) { 511 511 struct net *net;