From a0f466387dbca955f3681d7a163a5af174df0a4b Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Tue, 7 Jan 2020 07:27:40 +0100
Subject: sys/linux: fix 2 netlink data layout bugs

1. Turns out that NLA_F_NESTED is actually used and checked
(nla_parse_nested checks it, while nla_parse_nested_deprecated does not).
Similarly, ipset extensively checks NLA_F_NET_BYTEORDER.
So we need these bits.

2. nla_len must not account for the trailing alighnment padding.
This means we set wrong len for payloads that are not multiple of 4
(int8/int16/strings/arrays/some structs/etc).
---
 sys/test/exec.txt | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

(limited to 'sys/test/exec.txt')

diff --git a/sys/test/exec.txt b/sys/test/exec.txt
index a2fb377cf..527895748 100644
--- a/sys/test/exec.txt
+++ b/sys/test/exec.txt
@@ -40,8 +40,41 @@ compare_data [
 	str	string
 	blob	array[int8]
 	arr16be	array[int16be]
+	nla	array[compare_nla]
 ] [varlen]
 
+compare_nla [
+	a0	nlattr[0xaa, int8]
+	a1	nlattr[0xbb, int16]
+	a2	nlattr[0xcc, int32]
+	a3	nlattr[0xdd, int64]
+	a4	nlattr[0xee, stringnoz]
+	a5	nlnest[0xaa, int8]
+	a6	nlnest[0xaa, int32]
+	a7	nlnetw[0xaa, int8]
+	a8	nlnetw[0xaa, int32]
+] [varlen]
+
+type nlattr_t[TYPE, PAYLOAD] {
+	nla_len		offsetof[size, int16]
+	nla_type	TYPE
+	payload		PAYLOAD
+	size		void
+} [packed, align_4]
+
+type nlattr_tt[TYPE, NETORDER, NESTED, PAYLOAD] {
+	nla_len			offsetof[size, int16]
+	nla_type		TYPE
+	NLA_F_NET_BYTEORDER	const[NETORDER, int16:1]
+	NLA_F_NESTED		const[NESTED, int16:1]
+	payload			PAYLOAD
+	size			void
+} [packed, align_4]
+
+type nlattr[TYPE, PAYLOAD] nlattr_t[const[TYPE, int16], PAYLOAD]
+type nlnest[TYPE, PAYLOAD] nlattr_tt[const[TYPE, int16:14], 0, 1, PAYLOAD]
+type nlnetw[TYPE, PAYLOAD] nlattr_tt[const[TYPE, int16:14], 1, 0, PAYLOAD]
+
 align0 {
 	f0	int16
 	f1	int32
-- 
cgit mrf-deployment