netlink: make validation more configurable for future strictness

We currently have two levels of strict validation:

 1) liberal (default)
     - undefined (type >= max) & NLA_UNSPEC attributes accepted
     - attribute length >= expected accepted
     - garbage at end of message accepted
 2) strict (opt-in)
     - NLA_UNSPEC attributes accepted
     - attribute length >= expected accepted

Split out parsing strictness into four different options:
 * TRAILING     - check that there's no trailing data after parsing
                  attributes (in message or nested)
 * MAXTYPE      - reject attrs > max known type
 * UNSPEC       - reject attributes with NLA_UNSPEC policy entries
 * STRICT_ATTRS - strictly validate attribute size

The default for future things should be *everything*.
The current *_strict() is a combination of TRAILING and MAXTYPE,
and is renamed to _deprecated_strict().
The current regular parsing has none of this, and is renamed to
*_parse_deprecated().

Additionally it allows us to selectively set one of the new flags
even on old policies. Notably, the UNSPEC flag could be useful in
this case, since it can be arranged (by filling in the policy) to
not be an incompatible userspace ABI change, but would then going
forward prevent forgetting attribute entries. Similar can apply
to the POLICY flag.

We end up with the following renames:
 * nla_parse           -> nla_parse_deprecated
 * nla_parse_strict    -> nla_parse_deprecated_strict
 * nlmsg_parse         -> nlmsg_parse_deprecated
 * nlmsg_parse_strict  -> nlmsg_parse_deprecated_strict
 * nla_parse_nested    -> nla_parse_nested_deprecated
 * nla_validate_nested -> nla_validate_nested_deprecated

Using spatch, of course:
    @@
    expression TB, MAX, HEAD, LEN, POL, EXT;
    @@
    -nla_parse(TB, MAX, HEAD, LEN, POL, EXT)
    +nla_parse_deprecated(TB, MAX, HEAD, LEN, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse_strict(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated_strict(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression TB, MAX, NLA, POL, EXT;
    @@
    -nla_parse_nested(TB, MAX, NLA, POL, EXT)
    +nla_parse_nested_deprecated(TB, MAX, NLA, POL, EXT)

    @@
    expression START, MAX, POL, EXT;
    @@
    -nla_validate_nested(START, MAX, POL, EXT)
    +nla_validate_nested_deprecated(START, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, MAX, POL, EXT;
    @@
    -nlmsg_validate(NLH, HDRLEN, MAX, POL, EXT)
    +nlmsg_validate_deprecated(NLH, HDRLEN, MAX, POL, EXT)

For this patch, don't actually add the strict, non-renamed versions
yet so that it breaks compile if I get it wrong.

Also, while at it, make nla_validate and nla_parse go down to a
common __nla_validate_parse() function to avoid code duplication.

Ultimately, this allows us to have very strict validation for every
new caller of nla_parse()/nlmsg_parse() etc as re-introduced in the
next patch, while existing things will continue to work as is.

In effect then, this adds fully strict validation for any new command.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Johannes Berg 2019-04-26 14:07:28 +02:00 committed by David S. Miller
parent 6f455f5f4e
commit 8cb081746c
145 changed files with 1243 additions and 943 deletions

View File

@ -465,8 +465,8 @@ static int crypto_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh,
return err; return err;
} }
err = nlmsg_parse(nlh, crypto_msg_min[type], attrs, CRYPTOCFGA_MAX, err = nlmsg_parse_deprecated(nlh, crypto_msg_min[type], attrs,
crypto_policy, extack); CRYPTOCFGA_MAX, crypto_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -35,7 +35,8 @@ int drbd_nla_parse_nested(struct nlattr *tb[], int maxtype, struct nlattr *nla,
err = drbd_nla_check_mandatory(maxtype, nla); err = drbd_nla_check_mandatory(maxtype, nla);
if (!err) if (!err)
err = nla_parse_nested(tb, maxtype, nla, policy, NULL); err = nla_parse_nested_deprecated(tb, maxtype, nla, policy,
NULL);
return err; return err;
} }

View File

@ -1797,8 +1797,10 @@ again:
ret = -EINVAL; ret = -EINVAL;
goto out; goto out;
} }
ret = nla_parse_nested(socks, NBD_SOCK_MAX, attr, ret = nla_parse_nested_deprecated(socks, NBD_SOCK_MAX,
nbd_sock_policy, info->extack); attr,
nbd_sock_policy,
info->extack);
if (ret != 0) { if (ret != 0) {
printk(KERN_ERR "nbd: error processing sock list\n"); printk(KERN_ERR "nbd: error processing sock list\n");
ret = -EINVAL; ret = -EINVAL;
@ -1968,8 +1970,10 @@ static int nbd_genl_reconfigure(struct sk_buff *skb, struct genl_info *info)
ret = -EINVAL; ret = -EINVAL;
goto out; goto out;
} }
ret = nla_parse_nested(socks, NBD_SOCK_MAX, attr, ret = nla_parse_nested_deprecated(socks, NBD_SOCK_MAX,
nbd_sock_policy, info->extack); attr,
nbd_sock_policy,
info->extack);
if (ret != 0) { if (ret != 0) {
printk(KERN_ERR "nbd: error processing sock list\n"); printk(KERN_ERR "nbd: error processing sock list\n");
ret = -EINVAL; ret = -EINVAL;

View File

@ -86,8 +86,8 @@ static inline bool ib_nl_is_good_ip_resp(const struct nlmsghdr *nlh)
if (nlh->nlmsg_flags & RDMA_NL_LS_F_ERR) if (nlh->nlmsg_flags & RDMA_NL_LS_F_ERR)
return false; return false;
ret = nla_parse(tb, LS_NLA_TYPE_MAX - 1, nlmsg_data(nlh), ret = nla_parse_deprecated(tb, LS_NLA_TYPE_MAX - 1, nlmsg_data(nlh),
nlmsg_len(nlh), ib_nl_addr_policy, NULL); nlmsg_len(nlh), ib_nl_addr_policy, NULL);
if (ret) if (ret)
return false; return false;

View File

@ -506,14 +506,14 @@ int iwpm_parse_nlmsg(struct netlink_callback *cb, int policy_max,
int ret; int ret;
const char *err_str = ""; const char *err_str = "";
ret = nlmsg_validate(cb->nlh, nlh_len, policy_max - 1, nlmsg_policy, ret = nlmsg_validate_deprecated(cb->nlh, nlh_len, policy_max - 1,
NULL); nlmsg_policy, NULL);
if (ret) { if (ret) {
err_str = "Invalid attribute"; err_str = "Invalid attribute";
goto parse_nlmsg_error; goto parse_nlmsg_error;
} }
ret = nlmsg_parse(cb->nlh, nlh_len, nltb, policy_max - 1, ret = nlmsg_parse_deprecated(cb->nlh, nlh_len, nltb, policy_max - 1,
nlmsg_policy, NULL); nlmsg_policy, NULL);
if (ret) { if (ret) {
err_str = "Unable to parse the nlmsg"; err_str = "Unable to parse the nlmsg";
goto parse_nlmsg_error; goto parse_nlmsg_error;

View File

@ -608,8 +608,8 @@ static int nldev_get_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
u32 index; u32 index;
int err; int err;
err = nlmsg_parse(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1, err = nlmsg_parse_deprecated(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1,
nldev_policy, extack); nldev_policy, extack);
if (err || !tb[RDMA_NLDEV_ATTR_DEV_INDEX]) if (err || !tb[RDMA_NLDEV_ATTR_DEV_INDEX])
return -EINVAL; return -EINVAL;
@ -653,8 +653,8 @@ static int nldev_set_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
u32 index; u32 index;
int err; int err;
err = nlmsg_parse(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1, nldev_policy, err = nlmsg_parse_deprecated(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1,
extack); nldev_policy, extack);
if (err || !tb[RDMA_NLDEV_ATTR_DEV_INDEX]) if (err || !tb[RDMA_NLDEV_ATTR_DEV_INDEX])
return -EINVAL; return -EINVAL;
@ -722,8 +722,8 @@ static int nldev_port_get_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
u32 port; u32 port;
int err; int err;
err = nlmsg_parse(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1, err = nlmsg_parse_deprecated(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1,
nldev_policy, extack); nldev_policy, extack);
if (err || if (err ||
!tb[RDMA_NLDEV_ATTR_DEV_INDEX] || !tb[RDMA_NLDEV_ATTR_DEV_INDEX] ||
!tb[RDMA_NLDEV_ATTR_PORT_INDEX]) !tb[RDMA_NLDEV_ATTR_PORT_INDEX])
@ -778,8 +778,8 @@ static int nldev_port_get_dumpit(struct sk_buff *skb,
int err; int err;
unsigned int p; unsigned int p;
err = nlmsg_parse(cb->nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1, err = nlmsg_parse_deprecated(cb->nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1,
nldev_policy, NULL); nldev_policy, NULL);
if (err || !tb[RDMA_NLDEV_ATTR_DEV_INDEX]) if (err || !tb[RDMA_NLDEV_ATTR_DEV_INDEX])
return -EINVAL; return -EINVAL;
@ -833,8 +833,8 @@ static int nldev_res_get_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
u32 index; u32 index;
int ret; int ret;
ret = nlmsg_parse(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1, ret = nlmsg_parse_deprecated(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1,
nldev_policy, extack); nldev_policy, extack);
if (ret || !tb[RDMA_NLDEV_ATTR_DEV_INDEX]) if (ret || !tb[RDMA_NLDEV_ATTR_DEV_INDEX])
return -EINVAL; return -EINVAL;
@ -982,8 +982,8 @@ static int res_get_common_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
struct sk_buff *msg; struct sk_buff *msg;
int ret; int ret;
ret = nlmsg_parse(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1, ret = nlmsg_parse_deprecated(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1,
nldev_policy, extack); nldev_policy, extack);
if (ret || !tb[RDMA_NLDEV_ATTR_DEV_INDEX] || !fe->id || !tb[fe->id]) if (ret || !tb[RDMA_NLDEV_ATTR_DEV_INDEX] || !fe->id || !tb[fe->id])
return -EINVAL; return -EINVAL;
@ -1071,8 +1071,8 @@ static int res_get_common_dumpit(struct sk_buff *skb,
u32 index, port = 0; u32 index, port = 0;
bool filled = false; bool filled = false;
err = nlmsg_parse(cb->nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1, err = nlmsg_parse_deprecated(cb->nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1,
nldev_policy, NULL); nldev_policy, NULL);
/* /*
* Right now, we are expecting the device index to get res information, * Right now, we are expecting the device index to get res information,
* but it is possible to extend this code to return all devices in * but it is possible to extend this code to return all devices in
@ -1250,8 +1250,8 @@ static int nldev_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
char type[IFNAMSIZ]; char type[IFNAMSIZ];
int err; int err;
err = nlmsg_parse(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1, err = nlmsg_parse_deprecated(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1,
nldev_policy, extack); nldev_policy, extack);
if (err || !tb[RDMA_NLDEV_ATTR_DEV_NAME] || if (err || !tb[RDMA_NLDEV_ATTR_DEV_NAME] ||
!tb[RDMA_NLDEV_ATTR_LINK_TYPE] || !tb[RDMA_NLDEV_ATTR_NDEV_NAME]) !tb[RDMA_NLDEV_ATTR_LINK_TYPE] || !tb[RDMA_NLDEV_ATTR_NDEV_NAME])
return -EINVAL; return -EINVAL;
@ -1294,8 +1294,8 @@ static int nldev_dellink(struct sk_buff *skb, struct nlmsghdr *nlh,
u32 index; u32 index;
int err; int err;
err = nlmsg_parse(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1, err = nlmsg_parse_deprecated(nlh, 0, tb, RDMA_NLDEV_ATTR_MAX - 1,
nldev_policy, extack); nldev_policy, extack);
if (err || !tb[RDMA_NLDEV_ATTR_DEV_INDEX]) if (err || !tb[RDMA_NLDEV_ATTR_DEV_INDEX])
return -EINVAL; return -EINVAL;

View File

@ -1028,8 +1028,8 @@ int ib_nl_handle_set_timeout(struct sk_buff *skb,
!(NETLINK_CB(skb).sk)) !(NETLINK_CB(skb).sk))
return -EPERM; return -EPERM;
ret = nla_parse(tb, LS_NLA_TYPE_MAX - 1, nlmsg_data(nlh), ret = nla_parse_deprecated(tb, LS_NLA_TYPE_MAX - 1, nlmsg_data(nlh),
nlmsg_len(nlh), ib_nl_policy, NULL); nlmsg_len(nlh), ib_nl_policy, NULL);
attr = (const struct nlattr *)tb[LS_NLA_TYPE_TIMEOUT]; attr = (const struct nlattr *)tb[LS_NLA_TYPE_TIMEOUT];
if (ret || !attr) if (ret || !attr)
goto settimeout_out; goto settimeout_out;
@ -1080,8 +1080,8 @@ static inline int ib_nl_is_good_resolve_resp(const struct nlmsghdr *nlh)
if (nlh->nlmsg_flags & RDMA_NL_LS_F_ERR) if (nlh->nlmsg_flags & RDMA_NL_LS_F_ERR)
return 0; return 0;
ret = nla_parse(tb, LS_NLA_TYPE_MAX - 1, nlmsg_data(nlh), ret = nla_parse_deprecated(tb, LS_NLA_TYPE_MAX - 1, nlmsg_data(nlh),
nlmsg_len(nlh), ib_nl_policy, NULL); nlmsg_len(nlh), ib_nl_policy, NULL);
if (ret) if (ret)
return 0; return 0;

View File

@ -430,9 +430,7 @@ static int hwsim_new_edge_nl(struct sk_buff *msg, struct genl_info *info)
!info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE]) !info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE])
return -EINVAL; return -EINVAL;
if (nla_parse_nested(edge_attrs, MAC802154_HWSIM_EDGE_ATTR_MAX, if (nla_parse_nested_deprecated(edge_attrs, MAC802154_HWSIM_EDGE_ATTR_MAX, info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE], hwsim_edge_policy, NULL))
info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE],
hwsim_edge_policy, NULL))
return -EINVAL; return -EINVAL;
if (!edge_attrs[MAC802154_HWSIM_EDGE_ATTR_ENDPOINT_ID]) if (!edge_attrs[MAC802154_HWSIM_EDGE_ATTR_ENDPOINT_ID])
@ -494,9 +492,7 @@ static int hwsim_del_edge_nl(struct sk_buff *msg, struct genl_info *info)
!info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE]) !info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE])
return -EINVAL; return -EINVAL;
if (nla_parse_nested(edge_attrs, MAC802154_HWSIM_EDGE_ATTR_MAX, if (nla_parse_nested_deprecated(edge_attrs, MAC802154_HWSIM_EDGE_ATTR_MAX, info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE], hwsim_edge_policy, NULL))
info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE],
hwsim_edge_policy, NULL))
return -EINVAL; return -EINVAL;
if (!edge_attrs[MAC802154_HWSIM_EDGE_ATTR_ENDPOINT_ID]) if (!edge_attrs[MAC802154_HWSIM_EDGE_ATTR_ENDPOINT_ID])
@ -544,9 +540,7 @@ static int hwsim_set_edge_lqi(struct sk_buff *msg, struct genl_info *info)
!info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE]) !info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE])
return -EINVAL; return -EINVAL;
if (nla_parse_nested(edge_attrs, MAC802154_HWSIM_EDGE_ATTR_MAX, if (nla_parse_nested_deprecated(edge_attrs, MAC802154_HWSIM_EDGE_ATTR_MAX, info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE], hwsim_edge_policy, NULL))
info->attrs[MAC802154_HWSIM_ATTR_RADIO_EDGE],
hwsim_edge_policy, NULL))
return -EINVAL; return -EINVAL;
if (!edge_attrs[MAC802154_HWSIM_EDGE_ATTR_ENDPOINT_ID] && if (!edge_attrs[MAC802154_HWSIM_EDGE_ATTR_ENDPOINT_ID] &&

View File

@ -1611,9 +1611,7 @@ static int parse_sa_config(struct nlattr **attrs, struct nlattr **tb_sa)
if (!attrs[MACSEC_ATTR_SA_CONFIG]) if (!attrs[MACSEC_ATTR_SA_CONFIG])
return -EINVAL; return -EINVAL;
if (nla_parse_nested(tb_sa, MACSEC_SA_ATTR_MAX, if (nla_parse_nested_deprecated(tb_sa, MACSEC_SA_ATTR_MAX, attrs[MACSEC_ATTR_SA_CONFIG], macsec_genl_sa_policy, NULL))
attrs[MACSEC_ATTR_SA_CONFIG],
macsec_genl_sa_policy, NULL))
return -EINVAL; return -EINVAL;
return 0; return 0;
@ -1624,9 +1622,7 @@ static int parse_rxsc_config(struct nlattr **attrs, struct nlattr **tb_rxsc)
if (!attrs[MACSEC_ATTR_RXSC_CONFIG]) if (!attrs[MACSEC_ATTR_RXSC_CONFIG])
return -EINVAL; return -EINVAL;
if (nla_parse_nested(tb_rxsc, MACSEC_RXSC_ATTR_MAX, if (nla_parse_nested_deprecated(tb_rxsc, MACSEC_RXSC_ATTR_MAX, attrs[MACSEC_ATTR_RXSC_CONFIG], macsec_genl_rxsc_policy, NULL))
attrs[MACSEC_ATTR_RXSC_CONFIG],
macsec_genl_rxsc_policy, NULL))
return -EINVAL; return -EINVAL;
return 0; return 0;

View File

@ -2510,9 +2510,11 @@ static int team_nl_cmd_options_set(struct sk_buff *skb, struct genl_info *info)
err = -EINVAL; err = -EINVAL;
goto team_put; goto team_put;
} }
err = nla_parse_nested(opt_attrs, TEAM_ATTR_OPTION_MAX, err = nla_parse_nested_deprecated(opt_attrs,
nl_option, team_nl_option_policy, TEAM_ATTR_OPTION_MAX,
info->extack); nl_option,
team_nl_option_policy,
info->extack);
if (err) if (err)
goto team_put; goto team_put;
if (!opt_attrs[TEAM_ATTR_OPTION_NAME] || if (!opt_attrs[TEAM_ATTR_OPTION_NAME] ||

View File

@ -416,8 +416,8 @@ int ath10k_tm_cmd(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
struct nlattr *tb[ATH10K_TM_ATTR_MAX + 1]; struct nlattr *tb[ATH10K_TM_ATTR_MAX + 1];
int ret; int ret;
ret = nla_parse(tb, ATH10K_TM_ATTR_MAX, data, len, ath10k_tm_policy, ret = nla_parse_deprecated(tb, ATH10K_TM_ATTR_MAX, data, len,
NULL); ath10k_tm_policy, NULL);
if (ret) if (ret)
return ret; return ret;

View File

@ -74,8 +74,8 @@ int ath6kl_tm_cmd(struct wiphy *wiphy, struct wireless_dev *wdev,
int err, buf_len; int err, buf_len;
void *buf; void *buf;
err = nla_parse(tb, ATH6KL_TM_ATTR_MAX, data, len, ath6kl_tm_policy, err = nla_parse_deprecated(tb, ATH6KL_TM_ATTR_MAX, data, len,
NULL); ath6kl_tm_policy, NULL);
if (err) if (err)
return err; return err;

View File

@ -132,8 +132,8 @@ int wcn36xx_tm_cmd(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
unsigned short attr; unsigned short attr;
wcn36xx_dbg_dump(WCN36XX_DBG_TESTMODE_DUMP, "Data:", data, len); wcn36xx_dbg_dump(WCN36XX_DBG_TESTMODE_DUMP, "Data:", data, len);
ret = nla_parse(tb, WCN36XX_TM_ATTR_MAX, data, len, ret = nla_parse_deprecated(tb, WCN36XX_TM_ATTR_MAX, data, len,
wcn36xx_tm_policy, NULL); wcn36xx_tm_policy, NULL);
if (ret) if (ret)
return ret; return ret;

View File

@ -2620,8 +2620,8 @@ static int wil_rf_sector_get_cfg(struct wiphy *wiphy,
if (!test_bit(WMI_FW_CAPABILITY_RF_SECTORS, wil->fw_capabilities)) if (!test_bit(WMI_FW_CAPABILITY_RF_SECTORS, wil->fw_capabilities))
return -EOPNOTSUPP; return -EOPNOTSUPP;
rc = nla_parse(tb, QCA_ATTR_DMG_RF_SECTOR_MAX, data, data_len, rc = nla_parse_deprecated(tb, QCA_ATTR_DMG_RF_SECTOR_MAX, data,
wil_rf_sector_policy, NULL); data_len, wil_rf_sector_policy, NULL);
if (rc) { if (rc) {
wil_err(wil, "Invalid rf sector ATTR\n"); wil_err(wil, "Invalid rf sector ATTR\n");
return rc; return rc;
@ -2740,8 +2740,8 @@ static int wil_rf_sector_set_cfg(struct wiphy *wiphy,
if (!test_bit(WMI_FW_CAPABILITY_RF_SECTORS, wil->fw_capabilities)) if (!test_bit(WMI_FW_CAPABILITY_RF_SECTORS, wil->fw_capabilities))
return -EOPNOTSUPP; return -EOPNOTSUPP;
rc = nla_parse(tb, QCA_ATTR_DMG_RF_SECTOR_MAX, data, data_len, rc = nla_parse_deprecated(tb, QCA_ATTR_DMG_RF_SECTOR_MAX, data,
wil_rf_sector_policy, NULL); data_len, wil_rf_sector_policy, NULL);
if (rc) { if (rc) {
wil_err(wil, "Invalid rf sector ATTR\n"); wil_err(wil, "Invalid rf sector ATTR\n");
return rc; return rc;
@ -2773,9 +2773,11 @@ static int wil_rf_sector_set_cfg(struct wiphy *wiphy,
cmd.sector_type = sector_type; cmd.sector_type = sector_type;
nla_for_each_nested(nl_cfg, tb[QCA_ATTR_DMG_RF_SECTOR_CFG], nla_for_each_nested(nl_cfg, tb[QCA_ATTR_DMG_RF_SECTOR_CFG],
tmp) { tmp) {
rc = nla_parse_nested(tb2, QCA_ATTR_DMG_RF_SECTOR_CFG_MAX, rc = nla_parse_nested_deprecated(tb2,
nl_cfg, wil_rf_sector_cfg_policy, QCA_ATTR_DMG_RF_SECTOR_CFG_MAX,
NULL); nl_cfg,
wil_rf_sector_cfg_policy,
NULL);
if (rc) { if (rc) {
wil_err(wil, "invalid sector cfg\n"); wil_err(wil, "invalid sector cfg\n");
return -EINVAL; return -EINVAL;
@ -2847,8 +2849,8 @@ static int wil_rf_sector_get_selected(struct wiphy *wiphy,
if (!test_bit(WMI_FW_CAPABILITY_RF_SECTORS, wil->fw_capabilities)) if (!test_bit(WMI_FW_CAPABILITY_RF_SECTORS, wil->fw_capabilities))
return -EOPNOTSUPP; return -EOPNOTSUPP;
rc = nla_parse(tb, QCA_ATTR_DMG_RF_SECTOR_MAX, data, data_len, rc = nla_parse_deprecated(tb, QCA_ATTR_DMG_RF_SECTOR_MAX, data,
wil_rf_sector_policy, NULL); data_len, wil_rf_sector_policy, NULL);
if (rc) { if (rc) {
wil_err(wil, "Invalid rf sector ATTR\n"); wil_err(wil, "Invalid rf sector ATTR\n");
return rc; return rc;
@ -2955,8 +2957,8 @@ static int wil_rf_sector_set_selected(struct wiphy *wiphy,
if (!test_bit(WMI_FW_CAPABILITY_RF_SECTORS, wil->fw_capabilities)) if (!test_bit(WMI_FW_CAPABILITY_RF_SECTORS, wil->fw_capabilities))
return -EOPNOTSUPP; return -EOPNOTSUPP;
rc = nla_parse(tb, QCA_ATTR_DMG_RF_SECTOR_MAX, data, data_len, rc = nla_parse_deprecated(tb, QCA_ATTR_DMG_RF_SECTOR_MAX, data,
wil_rf_sector_policy, NULL); data_len, wil_rf_sector_policy, NULL);
if (rc) { if (rc) {
wil_err(wil, "Invalid rf sector ATTR\n"); wil_err(wil, "Invalid rf sector ATTR\n");
return rc; return rc;

View File

@ -4465,8 +4465,8 @@ static int __iwl_mvm_mac_testmode_cmd(struct iwl_mvm *mvm,
int err; int err;
u32 noa_duration; u32 noa_duration;
err = nla_parse(tb, IWL_MVM_TM_ATTR_MAX, data, len, iwl_mvm_tm_policy, err = nla_parse_deprecated(tb, IWL_MVM_TM_ATTR_MAX, data, len,
NULL); iwl_mvm_tm_policy, NULL);
if (err) if (err)
return err; return err;

View File

@ -409,8 +409,8 @@ static int mac80211_hwsim_vendor_cmd_test(struct wiphy *wiphy,
int err; int err;
u32 val; u32 val;
err = nla_parse(tb, QCA_WLAN_VENDOR_ATTR_MAX, data, data_len, err = nla_parse_deprecated(tb, QCA_WLAN_VENDOR_ATTR_MAX, data,
hwsim_vendor_test_policy, NULL); data_len, hwsim_vendor_test_policy, NULL);
if (err) if (err)
return err; return err;
if (!tb[QCA_WLAN_VENDOR_ATTR_TEST]) if (!tb[QCA_WLAN_VENDOR_ATTR_TEST])
@ -1936,8 +1936,8 @@ static int mac80211_hwsim_testmode_cmd(struct ieee80211_hw *hw,
struct sk_buff *skb; struct sk_buff *skb;
int err, ps; int err, ps;
err = nla_parse(tb, HWSIM_TM_ATTR_MAX, data, len, err = nla_parse_deprecated(tb, HWSIM_TM_ATTR_MAX, data, len,
hwsim_testmode_policy, NULL); hwsim_testmode_policy, NULL);
if (err) if (err)
return err; return err;

View File

@ -4059,8 +4059,8 @@ static int mwifiex_tm_cmd(struct wiphy *wiphy, struct wireless_dev *wdev,
if (!priv) if (!priv)
return -EINVAL; return -EINVAL;
err = nla_parse(tb, MWIFIEX_TM_ATTR_MAX, data, len, mwifiex_tm_policy, err = nla_parse_deprecated(tb, MWIFIEX_TM_ATTR_MAX, data, len,
NULL); mwifiex_tm_policy, NULL);
if (err) if (err)
return err; return err;

View File

@ -372,8 +372,8 @@ int wl1271_tm_cmd(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
u32 nla_cmd; u32 nla_cmd;
int err; int err;
err = nla_parse(tb, WL1271_TM_ATTR_MAX, data, len, wl1271_tm_policy, err = nla_parse_deprecated(tb, WL1271_TM_ATTR_MAX, data, len,
NULL); wl1271_tm_policy, NULL);
if (err) if (err)
return err; return err;

View File

@ -41,8 +41,8 @@ wlcore_vendor_cmd_smart_config_start(struct wiphy *wiphy,
if (!data) if (!data)
return -EINVAL; return -EINVAL;
ret = nla_parse(tb, MAX_WLCORE_VENDOR_ATTR, data, data_len, ret = nla_parse_deprecated(tb, MAX_WLCORE_VENDOR_ATTR, data, data_len,
wlcore_vendor_attr_policy, NULL); wlcore_vendor_attr_policy, NULL);
if (ret) if (ret)
return ret; return ret;
@ -122,8 +122,8 @@ wlcore_vendor_cmd_smart_config_set_group_key(struct wiphy *wiphy,
if (!data) if (!data)
return -EINVAL; return -EINVAL;
ret = nla_parse(tb, MAX_WLCORE_VENDOR_ATTR, data, data_len, ret = nla_parse_deprecated(tb, MAX_WLCORE_VENDOR_ATTR, data, data_len,
wlcore_vendor_attr_policy, NULL); wlcore_vendor_attr_policy, NULL);
if (ret) if (ret)
return ret; return ret;

View File

@ -165,7 +165,7 @@ static inline struct nlmsghdr *genlmsg_nlhdr(void *user_hdr)
} }
/** /**
* genlmsg_parse - parse attributes of a genetlink message * genlmsg_parse_deprecated - parse attributes of a genetlink message
* @nlh: netlink message header * @nlh: netlink message header
* @family: genetlink message family * @family: genetlink message family
* @tb: destination array with maxtype+1 elements * @tb: destination array with maxtype+1 elements
@ -173,14 +173,14 @@ static inline struct nlmsghdr *genlmsg_nlhdr(void *user_hdr)
* @policy: validation policy * @policy: validation policy
* @extack: extended ACK report struct * @extack: extended ACK report struct
*/ */
static inline int genlmsg_parse(const struct nlmsghdr *nlh, static inline int genlmsg_parse_deprecated(const struct nlmsghdr *nlh,
const struct genl_family *family, const struct genl_family *family,
struct nlattr *tb[], int maxtype, struct nlattr *tb[], int maxtype,
const struct nla_policy *policy, const struct nla_policy *policy,
struct netlink_ext_ack *extack) struct netlink_ext_ack *extack)
{ {
return nlmsg_parse(nlh, family->hdrsize + GENL_HDRLEN, tb, maxtype, return __nlmsg_parse(nlh, family->hdrsize + GENL_HDRLEN, tb, maxtype,
policy, extack); policy, NL_VALIDATE_LIBERAL, extack);
} }
/** /**

View File

@ -369,21 +369,48 @@ struct nl_info {
bool skip_notify; bool skip_notify;
}; };
/**
* enum netlink_validation - netlink message/attribute validation levels
* @NL_VALIDATE_LIBERAL: Old-style "be liberal" validation, not caring about
* extra data at the end of the message, attributes being longer than
* they should be, or unknown attributes being present.
* @NL_VALIDATE_TRAILING: Reject junk data encountered after attribute parsing.
* @NL_VALIDATE_MAXTYPE: Reject attributes > max type; Together with _TRAILING
* this is equivalent to the old nla_parse_strict()/nlmsg_parse_strict().
* @NL_VALIDATE_UNSPEC: Reject attributes with NLA_UNSPEC in the policy.
* This can safely be set by the kernel when the given policy has no
* NLA_UNSPEC anymore, and can thus be used to ensure policy entries
* are enforced going forward.
* @NL_VALIDATE_STRICT_ATTRS: strict attribute policy parsing (e.g.
* U8, U16, U32 must have exact size, etc.)
*/
enum netlink_validation {
NL_VALIDATE_LIBERAL = 0,
NL_VALIDATE_TRAILING = BIT(0),
NL_VALIDATE_MAXTYPE = BIT(1),
NL_VALIDATE_UNSPEC = BIT(2),
NL_VALIDATE_STRICT_ATTRS = BIT(3),
};
#define NL_VALIDATE_DEPRECATED_STRICT (NL_VALIDATE_TRAILING |\
NL_VALIDATE_MAXTYPE)
#define NL_VALIDATE_STRICT (NL_VALIDATE_TRAILING |\
NL_VALIDATE_MAXTYPE |\
NL_VALIDATE_UNSPEC |\
NL_VALIDATE_STRICT_ATTRS)
int netlink_rcv_skb(struct sk_buff *skb, int netlink_rcv_skb(struct sk_buff *skb,
int (*cb)(struct sk_buff *, struct nlmsghdr *, int (*cb)(struct sk_buff *, struct nlmsghdr *,
struct netlink_ext_ack *)); struct netlink_ext_ack *));
int nlmsg_notify(struct sock *sk, struct sk_buff *skb, u32 portid, int nlmsg_notify(struct sock *sk, struct sk_buff *skb, u32 portid,
unsigned int group, int report, gfp_t flags); unsigned int group, int report, gfp_t flags);
int nla_validate(const struct nlattr *head, int len, int maxtype, int __nla_validate(const struct nlattr *head, int len, int maxtype,
const struct nla_policy *policy, const struct nla_policy *policy, unsigned int validate,
struct netlink_ext_ack *extack); struct netlink_ext_ack *extack);
int nla_parse(struct nlattr **tb, int maxtype, const struct nlattr *head, int __nla_parse(struct nlattr **tb, int maxtype, const struct nlattr *head,
int len, const struct nla_policy *policy, int len, const struct nla_policy *policy, unsigned int validate,
struct netlink_ext_ack *extack); struct netlink_ext_ack *extack);
int nla_parse_strict(struct nlattr **tb, int maxtype, const struct nlattr *head,
int len, const struct nla_policy *policy,
struct netlink_ext_ack *extack);
int nla_policy_len(const struct nla_policy *, int); int nla_policy_len(const struct nla_policy *, int);
struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype); struct nlattr *nla_find(const struct nlattr *head, int len, int attrtype);
size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize); size_t nla_strlcpy(char *dst, const struct nlattr *nla, size_t dstsize);
@ -512,42 +539,121 @@ nlmsg_next(const struct nlmsghdr *nlh, int *remaining)
} }
/** /**
* nlmsg_parse - parse attributes of a netlink message * nla_parse_deprecated - Parse a stream of attributes into a tb buffer
* @tb: destination array with maxtype+1 elements
* @maxtype: maximum attribute type to be expected
* @head: head of attribute stream
* @len: length of attribute stream
* @policy: validation policy
* @extack: extended ACK pointer
*
* Parses a stream of attributes and stores a pointer to each attribute in
* the tb array accessible via the attribute type. Attributes with a type
* exceeding maxtype will be ignored and attributes from the policy are not
* always strictly validated (only for new attributes).
*
* Returns 0 on success or a negative error code.
*/
static inline int nla_parse_deprecated(struct nlattr **tb, int maxtype,
const struct nlattr *head, int len,
const struct nla_policy *policy,
struct netlink_ext_ack *extack)
{
return __nla_parse(tb, maxtype, head, len, policy,
NL_VALIDATE_LIBERAL, extack);
}
/**
* nla_parse_deprecated_strict - Parse a stream of attributes into a tb buffer
* @tb: destination array with maxtype+1 elements
* @maxtype: maximum attribute type to be expected
* @head: head of attribute stream
* @len: length of attribute stream
* @policy: validation policy
* @extack: extended ACK pointer
*
* Parses a stream of attributes and stores a pointer to each attribute in
* the tb array accessible via the attribute type. Attributes with a type
* exceeding maxtype will be rejected as well as trailing data, but the
* policy is not completely strictly validated (only for new attributes).
*
* Returns 0 on success or a negative error code.
*/
static inline int nla_parse_deprecated_strict(struct nlattr **tb, int maxtype,
const struct nlattr *head,
int len,
const struct nla_policy *policy,
struct netlink_ext_ack *extack)
{
return __nla_parse(tb, maxtype, head, len, policy,
NL_VALIDATE_DEPRECATED_STRICT, extack);
}
/**
* __nlmsg_parse - parse attributes of a netlink message
* @nlh: netlink message header * @nlh: netlink message header
* @hdrlen: length of family specific header * @hdrlen: length of family specific header
* @tb: destination array with maxtype+1 elements * @tb: destination array with maxtype+1 elements
* @maxtype: maximum attribute type to be expected * @maxtype: maximum attribute type to be expected
* @policy: validation policy * @policy: validation policy
* @validate: validation strictness
* @extack: extended ACK report struct * @extack: extended ACK report struct
* *
* See nla_parse() * See nla_parse()
*/ */
static inline int nlmsg_parse(const struct nlmsghdr *nlh, int hdrlen, static inline int __nlmsg_parse(const struct nlmsghdr *nlh, int hdrlen,
struct nlattr *tb[], int maxtype,
const struct nla_policy *policy,
unsigned int validate,
struct netlink_ext_ack *extack)
{
if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) {
NL_SET_ERR_MSG(extack, "Invalid header length");
return -EINVAL;
}
return __nla_parse(tb, maxtype, nlmsg_attrdata(nlh, hdrlen),
nlmsg_attrlen(nlh, hdrlen), policy, validate,
extack);
}
/**
* nlmsg_parse_deprecated - parse attributes of a netlink message
* @nlh: netlink message header
* @hdrlen: length of family specific header
* @tb: destination array with maxtype+1 elements
* @maxtype: maximum attribute type to be expected
* @extack: extended ACK report struct
*
* See nla_parse_deprecated()
*/
static inline int nlmsg_parse_deprecated(const struct nlmsghdr *nlh, int hdrlen,
struct nlattr *tb[], int maxtype,
const struct nla_policy *policy,
struct netlink_ext_ack *extack)
{
return __nlmsg_parse(nlh, hdrlen, tb, maxtype, policy,
NL_VALIDATE_LIBERAL, extack);
}
/**
* nlmsg_parse_deprecated_strict - parse attributes of a netlink message
* @nlh: netlink message header
* @hdrlen: length of family specific header
* @tb: destination array with maxtype+1 elements
* @maxtype: maximum attribute type to be expected
* @extack: extended ACK report struct
*
* See nla_parse_deprecated_strict()
*/
static inline int
nlmsg_parse_deprecated_strict(const struct nlmsghdr *nlh, int hdrlen,
struct nlattr *tb[], int maxtype, struct nlattr *tb[], int maxtype,
const struct nla_policy *policy, const struct nla_policy *policy,
struct netlink_ext_ack *extack) struct netlink_ext_ack *extack)
{ {
if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) { return __nlmsg_parse(nlh, hdrlen, tb, maxtype, policy,
NL_SET_ERR_MSG(extack, "Invalid header length"); NL_VALIDATE_DEPRECATED_STRICT, extack);
return -EINVAL;
}
return nla_parse(tb, maxtype, nlmsg_attrdata(nlh, hdrlen),
nlmsg_attrlen(nlh, hdrlen), policy, extack);
}
static inline int nlmsg_parse_strict(const struct nlmsghdr *nlh, int hdrlen,
struct nlattr *tb[], int maxtype,
const struct nla_policy *policy,
struct netlink_ext_ack *extack)
{
if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) {
NL_SET_ERR_MSG(extack, "Invalid header length");
return -EINVAL;
}
return nla_parse_strict(tb, maxtype, nlmsg_attrdata(nlh, hdrlen),
nlmsg_attrlen(nlh, hdrlen), policy, extack);
} }
/** /**
@ -566,26 +672,53 @@ static inline struct nlattr *nlmsg_find_attr(const struct nlmsghdr *nlh,
} }
/** /**
* nlmsg_validate - validate a netlink message including attributes * nla_validate_deprecated - Validate a stream of attributes
* @head: head of attribute stream
* @len: length of attribute stream
* @maxtype: maximum attribute type to be expected
* @policy: validation policy
* @validate: validation strictness
* @extack: extended ACK report struct
*
* Validates all attributes in the specified attribute stream against the
* specified policy. Validation is done in liberal mode.
* See documenation of struct nla_policy for more details.
*
* Returns 0 on success or a negative error code.
*/
static inline int nla_validate_deprecated(const struct nlattr *head, int len,
int maxtype,
const struct nla_policy *policy,
struct netlink_ext_ack *extack)
{
return __nla_validate(head, len, maxtype, policy, NL_VALIDATE_LIBERAL,
extack);
}
/**
* nlmsg_validate_deprecated - validate a netlink message including attributes
* @nlh: netlinket message header * @nlh: netlinket message header
* @hdrlen: length of familiy specific header * @hdrlen: length of familiy specific header
* @maxtype: maximum attribute type to be expected * @maxtype: maximum attribute type to be expected
* @policy: validation policy * @policy: validation policy
* @extack: extended ACK report struct * @extack: extended ACK report struct
*/ */
static inline int nlmsg_validate(const struct nlmsghdr *nlh, static inline int nlmsg_validate_deprecated(const struct nlmsghdr *nlh,
int hdrlen, int maxtype, int hdrlen, int maxtype,
const struct nla_policy *policy, const struct nla_policy *policy,
struct netlink_ext_ack *extack) struct netlink_ext_ack *extack)
{ {
if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen)) if (nlh->nlmsg_len < nlmsg_msg_size(hdrlen))
return -EINVAL; return -EINVAL;
return nla_validate(nlmsg_attrdata(nlh, hdrlen), return __nla_validate(nlmsg_attrdata(nlh, hdrlen),
nlmsg_attrlen(nlh, hdrlen), maxtype, policy, nlmsg_attrlen(nlh, hdrlen), maxtype,
extack); policy, NL_VALIDATE_LIBERAL, extack);
} }
/** /**
* nlmsg_report - need to report back to application? * nlmsg_report - need to report back to application?
* @nlh: netlink message header * @nlh: netlink message header
@ -899,22 +1032,22 @@ nla_find_nested(const struct nlattr *nla, int attrtype)
} }
/** /**
* nla_parse_nested - parse nested attributes * nla_parse_nested_deprecated - parse nested attributes
* @tb: destination array with maxtype+1 elements * @tb: destination array with maxtype+1 elements
* @maxtype: maximum attribute type to be expected * @maxtype: maximum attribute type to be expected
* @nla: attribute containing the nested attributes * @nla: attribute containing the nested attributes
* @policy: validation policy * @policy: validation policy
* @extack: extended ACK report struct * @extack: extended ACK report struct
* *
* See nla_parse() * See nla_parse_deprecated()
*/ */
static inline int nla_parse_nested(struct nlattr *tb[], int maxtype, static inline int nla_parse_nested_deprecated(struct nlattr *tb[], int maxtype,
const struct nlattr *nla, const struct nlattr *nla,
const struct nla_policy *policy, const struct nla_policy *policy,
struct netlink_ext_ack *extack) struct netlink_ext_ack *extack)
{ {
return nla_parse(tb, maxtype, nla_data(nla), nla_len(nla), policy, return __nla_parse(tb, maxtype, nla_data(nla), nla_len(nla), policy,
extack); NL_VALIDATE_LIBERAL, extack);
} }
/** /**
@ -1489,6 +1622,7 @@ static inline void nla_nest_cancel(struct sk_buff *skb, struct nlattr *start)
* @start: container attribute * @start: container attribute
* @maxtype: maximum attribute type to be expected * @maxtype: maximum attribute type to be expected
* @policy: validation policy * @policy: validation policy
* @validate: validation strictness
* @extack: extended ACK report struct * @extack: extended ACK report struct
* *
* Validates all attributes in the nested attribute stream against the * Validates all attributes in the nested attribute stream against the
@ -1497,12 +1631,22 @@ static inline void nla_nest_cancel(struct sk_buff *skb, struct nlattr *start)
* *
* Returns 0 on success or a negative error code. * Returns 0 on success or a negative error code.
*/ */
static inline int nla_validate_nested(const struct nlattr *start, int maxtype, static inline int __nla_validate_nested(const struct nlattr *start, int maxtype,
const struct nla_policy *policy, const struct nla_policy *policy,
struct netlink_ext_ack *extack) unsigned int validate,
struct netlink_ext_ack *extack)
{ {
return nla_validate(nla_data(start), nla_len(start), maxtype, policy, return __nla_validate(nla_data(start), nla_len(start), maxtype, policy,
extack); validate, extack);
}
static inline int
nla_validate_nested_deprecated(const struct nlattr *start, int maxtype,
const struct nla_policy *policy,
struct netlink_ext_ack *extack)
{
return __nla_validate_nested(start, maxtype, policy,
NL_VALIDATE_LIBERAL, extack);
} }
/** /**

View File

@ -677,8 +677,9 @@ static int taskstats_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
return -EINVAL; return -EINVAL;
} }
return nlmsg_validate(info->nlhdr, GENL_HDRLEN, TASKSTATS_CMD_ATTR_MAX, return nlmsg_validate_deprecated(info->nlhdr, GENL_HDRLEN,
policy, info->extack); TASKSTATS_CMD_ATTR_MAX, policy,
info->extack);
} }
static struct genl_family family __ro_after_init = { static struct genl_family family __ro_after_init = {

View File

@ -69,7 +69,8 @@ static int validate_nla_bitfield32(const struct nlattr *nla,
static int nla_validate_array(const struct nlattr *head, int len, int maxtype, static int nla_validate_array(const struct nlattr *head, int len, int maxtype,
const struct nla_policy *policy, const struct nla_policy *policy,
struct netlink_ext_ack *extack) struct netlink_ext_ack *extack,
unsigned int validate)
{ {
const struct nlattr *entry; const struct nlattr *entry;
int rem; int rem;
@ -86,8 +87,8 @@ static int nla_validate_array(const struct nlattr *head, int len, int maxtype,
return -ERANGE; return -ERANGE;
} }
ret = nla_validate(nla_data(entry), nla_len(entry), ret = __nla_validate(nla_data(entry), nla_len(entry),
maxtype, policy, extack); maxtype, policy, validate, extack);
if (ret < 0) if (ret < 0)
return ret; return ret;
} }
@ -154,7 +155,7 @@ static int nla_validate_int_range(const struct nla_policy *pt,
} }
static int validate_nla(const struct nlattr *nla, int maxtype, static int validate_nla(const struct nlattr *nla, int maxtype,
const struct nla_policy *policy, const struct nla_policy *policy, unsigned int validate,
struct netlink_ext_ack *extack) struct netlink_ext_ack *extack)
{ {
const struct nla_policy *pt; const struct nla_policy *pt;
@ -172,6 +173,11 @@ static int validate_nla(const struct nlattr *nla, int maxtype,
(pt->type == NLA_EXACT_LEN_WARN && attrlen != pt->len)) { (pt->type == NLA_EXACT_LEN_WARN && attrlen != pt->len)) {
pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n", pr_warn_ratelimited("netlink: '%s': attribute type %d has an invalid length.\n",
current->comm, type); current->comm, type);
if (validate & NL_VALIDATE_STRICT_ATTRS) {
NL_SET_ERR_MSG_ATTR(extack, nla,
"invalid attribute length");
return -EINVAL;
}
} }
switch (pt->type) { switch (pt->type) {
@ -244,8 +250,9 @@ static int validate_nla(const struct nlattr *nla, int maxtype,
if (attrlen < NLA_HDRLEN) if (attrlen < NLA_HDRLEN)
goto out_err; goto out_err;
if (pt->validation_data) { if (pt->validation_data) {
err = nla_validate(nla_data(nla), nla_len(nla), pt->len, err = __nla_validate(nla_data(nla), nla_len(nla), pt->len,
pt->validation_data, extack); pt->validation_data, validate,
extack);
if (err < 0) { if (err < 0) {
/* /*
* return directly to preserve the inner * return directly to preserve the inner
@ -268,7 +275,7 @@ static int validate_nla(const struct nlattr *nla, int maxtype,
err = nla_validate_array(nla_data(nla), nla_len(nla), err = nla_validate_array(nla_data(nla), nla_len(nla),
pt->len, pt->validation_data, pt->len, pt->validation_data,
extack); extack, validate);
if (err < 0) { if (err < 0) {
/* /*
* return directly to preserve the inner * return directly to preserve the inner
@ -280,6 +287,12 @@ static int validate_nla(const struct nlattr *nla, int maxtype,
break; break;
case NLA_UNSPEC: case NLA_UNSPEC:
if (validate & NL_VALIDATE_UNSPEC) {
NL_SET_ERR_MSG_ATTR(extack, nla,
"Unsupported attribute");
return -EINVAL;
}
/* fall through */
case NLA_MIN_LEN: case NLA_MIN_LEN:
if (attrlen < pt->len) if (attrlen < pt->len)
goto out_err; goto out_err;
@ -322,37 +335,75 @@ out_err:
return err; return err;
} }
/** static int __nla_validate_parse(const struct nlattr *head, int len, int maxtype,
* nla_validate - Validate a stream of attributes const struct nla_policy *policy,
* @head: head of attribute stream unsigned int validate,
* @len: length of attribute stream struct netlink_ext_ack *extack,
* @maxtype: maximum attribute type to be expected struct nlattr **tb)
* @policy: validation policy
* @extack: extended ACK report struct
*
* Validates all attributes in the specified attribute stream against the
* specified policy. Attributes with a type exceeding maxtype will be
* ignored. See documenation of struct nla_policy for more details.
*
* Returns 0 on success or a negative error code.
*/
int nla_validate(const struct nlattr *head, int len, int maxtype,
const struct nla_policy *policy,
struct netlink_ext_ack *extack)
{ {
const struct nlattr *nla; const struct nlattr *nla;
int rem; int rem;
nla_for_each_attr(nla, head, len, rem) { if (tb)
int err = validate_nla(nla, maxtype, policy, extack); memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
if (err < 0) nla_for_each_attr(nla, head, len, rem) {
return err; u16 type = nla_type(nla);
if (type == 0 || type > maxtype) {
if (validate & NL_VALIDATE_MAXTYPE) {
NL_SET_ERR_MSG(extack, "Unknown attribute type");
return -EINVAL;
}
continue;
}
if (policy) {
int err = validate_nla(nla, maxtype, policy,
validate, extack);
if (err < 0)
return err;
}
if (tb)
tb[type] = (struct nlattr *)nla;
}
if (unlikely(rem > 0)) {
pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
rem, current->comm);
NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes");
if (validate & NL_VALIDATE_TRAILING)
return -EINVAL;
} }
return 0; return 0;
} }
EXPORT_SYMBOL(nla_validate);
/**
* __nla_validate - Validate a stream of attributes
* @head: head of attribute stream
* @len: length of attribute stream
* @maxtype: maximum attribute type to be expected
* @policy: validation policy
* @validate: validation strictness
* @extack: extended ACK report struct
*
* Validates all attributes in the specified attribute stream against the
* specified policy. Validation depends on the validate flags passed, see
* &enum netlink_validation for more details on that.
* See documenation of struct nla_policy for more details.
*
* Returns 0 on success or a negative error code.
*/
int __nla_validate(const struct nlattr *head, int len, int maxtype,
const struct nla_policy *policy, unsigned int validate,
struct netlink_ext_ack *extack)
{
return __nla_validate_parse(head, len, maxtype, policy, validate,
extack, NULL);
}
EXPORT_SYMBOL(__nla_validate);
/** /**
* nla_policy_len - Determin the max. length of a policy * nla_policy_len - Determin the max. length of a policy
@ -384,76 +435,30 @@ nla_policy_len(const struct nla_policy *p, int n)
EXPORT_SYMBOL(nla_policy_len); EXPORT_SYMBOL(nla_policy_len);
/** /**
* nla_parse - Parse a stream of attributes into a tb buffer * __nla_parse - Parse a stream of attributes into a tb buffer
* @tb: destination array with maxtype+1 elements * @tb: destination array with maxtype+1 elements
* @maxtype: maximum attribute type to be expected * @maxtype: maximum attribute type to be expected
* @head: head of attribute stream * @head: head of attribute stream
* @len: length of attribute stream * @len: length of attribute stream
* @policy: validation policy * @policy: validation policy
* @validate: validation strictness
* @extack: extended ACK pointer
* *
* Parses a stream of attributes and stores a pointer to each attribute in * Parses a stream of attributes and stores a pointer to each attribute in
* the tb array accessible via the attribute type. Attributes with a type * the tb array accessible via the attribute type.
* exceeding maxtype will be silently ignored for backwards compatibility * Validation is controlled by the @validate parameter.
* reasons. policy may be set to NULL if no validation is required.
* *
* Returns 0 on success or a negative error code. * Returns 0 on success or a negative error code.
*/ */
static int __nla_parse(struct nlattr **tb, int maxtype, int __nla_parse(struct nlattr **tb, int maxtype,
const struct nlattr *head, int len, const struct nlattr *head, int len,
bool strict, const struct nla_policy *policy, const struct nla_policy *policy, unsigned int validate,
struct netlink_ext_ack *extack) struct netlink_ext_ack *extack)
{ {
const struct nlattr *nla; return __nla_validate_parse(head, len, maxtype, policy, validate,
int rem; extack, tb);
memset(tb, 0, sizeof(struct nlattr *) * (maxtype + 1));
nla_for_each_attr(nla, head, len, rem) {
u16 type = nla_type(nla);
if (type == 0 || type > maxtype) {
if (strict) {
NL_SET_ERR_MSG(extack, "Unknown attribute type");
return -EINVAL;
}
continue;
}
if (policy) {
int err = validate_nla(nla, maxtype, policy, extack);
if (err < 0)
return err;
}
tb[type] = (struct nlattr *)nla;
}
if (unlikely(rem > 0)) {
pr_warn_ratelimited("netlink: %d bytes leftover after parsing attributes in process `%s'.\n",
rem, current->comm);
NL_SET_ERR_MSG(extack, "bytes leftover after parsing attributes");
if (strict)
return -EINVAL;
}
return 0;
} }
EXPORT_SYMBOL(__nla_parse);
int nla_parse(struct nlattr **tb, int maxtype, const struct nlattr *head,
int len, const struct nla_policy *policy,
struct netlink_ext_ack *extack)
{
return __nla_parse(tb, maxtype, head, len, false, policy, extack);
}
EXPORT_SYMBOL(nla_parse);
int nla_parse_strict(struct nlattr **tb, int maxtype, const struct nlattr *head,
int len, const struct nla_policy *policy,
struct netlink_ext_ack *extack)
{
return __nla_parse(tb, maxtype, head, len, true, policy, extack);
}
EXPORT_SYMBOL(nla_parse_strict);
/** /**
* nla_find - Find a specific attribute in a stream of attributes * nla_find - Find a specific attribute in a stream of attributes

View File

@ -35,8 +35,8 @@ static inline int vlan_validate_qos_map(struct nlattr *attr)
{ {
if (!attr) if (!attr)
return 0; return 0;
return nla_validate_nested(attr, IFLA_VLAN_QOS_MAX, vlan_map_policy, return nla_validate_nested_deprecated(attr, IFLA_VLAN_QOS_MAX,
NULL); vlan_map_policy, NULL);
} }
static int vlan_validate(struct nlattr *tb[], struct nlattr *data[], static int vlan_validate(struct nlattr *tb[], struct nlattr *data[],

View File

@ -530,8 +530,8 @@ static int br_mdb_parse(struct sk_buff *skb, struct nlmsghdr *nlh,
struct net_device *dev; struct net_device *dev;
int err; int err;
err = nlmsg_parse(nlh, sizeof(*bpm), tb, MDBA_SET_ENTRY_MAX, NULL, err = nlmsg_parse_deprecated(nlh, sizeof(*bpm), tb,
NULL); MDBA_SET_ENTRY_MAX, NULL, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -880,8 +880,10 @@ int br_setlink(struct net_device *dev, struct nlmsghdr *nlh, u16 flags,
if (p && protinfo) { if (p && protinfo) {
if (protinfo->nla_type & NLA_F_NESTED) { if (protinfo->nla_type & NLA_F_NESTED) {
err = nla_parse_nested(tb, IFLA_BRPORT_MAX, protinfo, err = nla_parse_nested_deprecated(tb, IFLA_BRPORT_MAX,
br_port_policy, NULL); protinfo,
br_port_policy,
NULL);
if (err) if (err)
return err; return err;

View File

@ -230,8 +230,8 @@ int br_parse_vlan_tunnel_info(struct nlattr *attr,
memset(tinfo, 0, sizeof(*tinfo)); memset(tinfo, 0, sizeof(*tinfo));
err = nla_parse_nested(tb, IFLA_BRIDGE_VLAN_TUNNEL_MAX, attr, err = nla_parse_nested_deprecated(tb, IFLA_BRIDGE_VLAN_TUNNEL_MAX,
vlan_tunnel_policy, NULL); attr, vlan_tunnel_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -662,8 +662,8 @@ static int cgw_parse_attr(struct nlmsghdr *nlh, struct cf_mod *mod,
/* initialize modification & checksum data space */ /* initialize modification & checksum data space */
memset(mod, 0, sizeof(*mod)); memset(mod, 0, sizeof(*mod));
err = nlmsg_parse(nlh, sizeof(struct rtcanmsg), tb, CGW_MAX, err = nlmsg_parse_deprecated(nlh, sizeof(struct rtcanmsg), tb,
cgw_policy, NULL); CGW_MAX, cgw_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -3674,9 +3674,10 @@ static int devlink_nl_cmd_region_read_dumpit(struct sk_buff *skb,
if (!attrs) if (!attrs)
return -ENOMEM; return -ENOMEM;
err = nlmsg_parse(cb->nlh, GENL_HDRLEN + devlink_nl_family.hdrsize, err = nlmsg_parse_deprecated(cb->nlh,
attrs, DEVLINK_ATTR_MAX, devlink_nl_family.policy, GENL_HDRLEN + devlink_nl_family.hdrsize,
cb->extack); attrs, DEVLINK_ATTR_MAX,
devlink_nl_family.policy, cb->extack);
if (err) if (err)
goto out_free; goto out_free;

View File

@ -746,7 +746,8 @@ int fib_nl_newrule(struct sk_buff *skb, struct nlmsghdr *nlh,
goto errout; goto errout;
} }
err = nlmsg_parse(nlh, sizeof(*frh), tb, FRA_MAX, ops->policy, extack); err = nlmsg_parse_deprecated(nlh, sizeof(*frh), tb, FRA_MAX,
ops->policy, extack);
if (err < 0) { if (err < 0) {
NL_SET_ERR_MSG(extack, "Error parsing msg"); NL_SET_ERR_MSG(extack, "Error parsing msg");
goto errout; goto errout;
@ -853,7 +854,8 @@ int fib_nl_delrule(struct sk_buff *skb, struct nlmsghdr *nlh,
goto errout; goto errout;
} }
err = nlmsg_parse(nlh, sizeof(*frh), tb, FRA_MAX, ops->policy, extack); err = nlmsg_parse_deprecated(nlh, sizeof(*frh), tb, FRA_MAX,
ops->policy, extack);
if (err < 0) { if (err < 0) {
NL_SET_ERR_MSG(extack, "Error parsing msg"); NL_SET_ERR_MSG(extack, "Error parsing msg");
goto errout; goto errout;

View File

@ -343,8 +343,8 @@ static int bpf_parse_prog(struct nlattr *attr, struct bpf_lwt_prog *prog,
int ret; int ret;
u32 fd; u32 fd;
ret = nla_parse_nested(tb, LWT_BPF_PROG_MAX, attr, bpf_prog_policy, ret = nla_parse_nested_deprecated(tb, LWT_BPF_PROG_MAX, attr,
NULL); bpf_prog_policy, NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;
@ -385,7 +385,8 @@ static int bpf_build_state(struct nlattr *nla,
if (family != AF_INET && family != AF_INET6) if (family != AF_INET && family != AF_INET6)
return -EAFNOSUPPORT; return -EAFNOSUPPORT;
ret = nla_parse_nested(tb, LWT_BPF_MAX, nla, bpf_nl_policy, extack); ret = nla_parse_nested_deprecated(tb, LWT_BPF_MAX, nla, bpf_nl_policy,
extack);
if (ret < 0) if (ret < 0)
return ret; return ret;

View File

@ -1862,7 +1862,8 @@ static int neigh_add(struct sk_buff *skb, struct nlmsghdr *nlh,
int err; int err;
ASSERT_RTNL(); ASSERT_RTNL();
err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, nda_policy, extack); err = nlmsg_parse_deprecated(nlh, sizeof(*ndm), tb, NDA_MAX,
nda_policy, extack);
if (err < 0) if (err < 0)
goto out; goto out;
@ -2181,8 +2182,8 @@ static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh,
bool found = false; bool found = false;
int err, tidx; int err, tidx;
err = nlmsg_parse(nlh, sizeof(*ndtmsg), tb, NDTA_MAX, err = nlmsg_parse_deprecated(nlh, sizeof(*ndtmsg), tb, NDTA_MAX,
nl_neightbl_policy, extack); nl_neightbl_policy, extack);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -2219,8 +2220,9 @@ static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh,
struct neigh_parms *p; struct neigh_parms *p;
int i, ifindex = 0; int i, ifindex = 0;
err = nla_parse_nested(tbp, NDTPA_MAX, tb[NDTA_PARMS], err = nla_parse_nested_deprecated(tbp, NDTPA_MAX,
nl_ntbl_parm_policy, extack); tb[NDTA_PARMS],
nl_ntbl_parm_policy, extack);
if (err < 0) if (err < 0)
goto errout_tbl_lock; goto errout_tbl_lock;
@ -2660,11 +2662,12 @@ static int neigh_valid_dump_req(const struct nlmsghdr *nlh,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(struct ndmsg), tb, NDA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg),
nda_policy, extack); tb, NDA_MAX, nda_policy,
extack);
} else { } else {
err = nlmsg_parse(nlh, sizeof(struct ndmsg), tb, NDA_MAX, err = nlmsg_parse_deprecated(nlh, sizeof(struct ndmsg), tb,
nda_policy, extack); NDA_MAX, nda_policy, extack);
} }
if (err < 0) if (err < 0)
return err; return err;
@ -2764,8 +2767,8 @@ static int neigh_valid_get_req(const struct nlmsghdr *nlh,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(struct ndmsg), tb, NDA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg), tb,
nda_policy, extack); NDA_MAX, nda_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -682,8 +682,8 @@ static int rtnl_net_newid(struct sk_buff *skb, struct nlmsghdr *nlh,
struct net *peer; struct net *peer;
int nsid, err; int nsid, err;
err = nlmsg_parse(nlh, sizeof(struct rtgenmsg), tb, NETNSA_MAX, err = nlmsg_parse_deprecated(nlh, sizeof(struct rtgenmsg), tb,
rtnl_net_policy, extack); NETNSA_MAX, rtnl_net_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
if (!tb[NETNSA_NSID]) { if (!tb[NETNSA_NSID]) {
@ -787,11 +787,13 @@ static int rtnl_net_valid_getid_req(struct sk_buff *skb,
int i, err; int i, err;
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(struct rtgenmsg), tb, NETNSA_MAX, return nlmsg_parse_deprecated(nlh, sizeof(struct rtgenmsg),
rtnl_net_policy, extack); tb, NETNSA_MAX, rtnl_net_policy,
extack);
err = nlmsg_parse_strict(nlh, sizeof(struct rtgenmsg), tb, NETNSA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct rtgenmsg), tb,
rtnl_net_policy, extack); NETNSA_MAX, rtnl_net_policy,
extack);
if (err) if (err)
return err; return err;
@ -929,8 +931,9 @@ static int rtnl_valid_dump_net_req(const struct nlmsghdr *nlh, struct sock *sk,
struct nlattr *tb[NETNSA_MAX + 1]; struct nlattr *tb[NETNSA_MAX + 1];
int err, i; int err, i;
err = nlmsg_parse_strict(nlh, sizeof(struct rtgenmsg), tb, NETNSA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct rtgenmsg), tb,
rtnl_net_policy, extack); NETNSA_MAX, rtnl_net_policy,
extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -1797,8 +1797,7 @@ static const struct rtnl_link_ops *linkinfo_to_kind_ops(const struct nlattr *nla
const struct rtnl_link_ops *ops = NULL; const struct rtnl_link_ops *ops = NULL;
struct nlattr *linfo[IFLA_INFO_MAX + 1]; struct nlattr *linfo[IFLA_INFO_MAX + 1];
if (nla_parse_nested(linfo, IFLA_INFO_MAX, nla, if (nla_parse_nested_deprecated(linfo, IFLA_INFO_MAX, nla, ifla_info_policy, NULL) < 0)
ifla_info_policy, NULL) < 0)
return NULL; return NULL;
if (linfo[IFLA_INFO_KIND]) { if (linfo[IFLA_INFO_KIND]) {
@ -1897,8 +1896,9 @@ static int rtnl_valid_dump_ifinfo_req(const struct nlmsghdr *nlh,
return -EINVAL; return -EINVAL;
} }
return nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFLA_MAX, return nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb,
ifla_policy, extack); IFLA_MAX, ifla_policy,
extack);
} }
/* A hack to preserve kernel<->userspace interface. /* A hack to preserve kernel<->userspace interface.
@ -1911,7 +1911,8 @@ static int rtnl_valid_dump_ifinfo_req(const struct nlmsghdr *nlh,
hdrlen = nlmsg_len(nlh) < sizeof(struct ifinfomsg) ? hdrlen = nlmsg_len(nlh) < sizeof(struct ifinfomsg) ?
sizeof(struct rtgenmsg) : sizeof(struct ifinfomsg); sizeof(struct rtgenmsg) : sizeof(struct ifinfomsg);
return nlmsg_parse(nlh, hdrlen, tb, IFLA_MAX, ifla_policy, extack); return nlmsg_parse_deprecated(nlh, hdrlen, tb, IFLA_MAX, ifla_policy,
extack);
} }
static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
@ -2019,7 +2020,8 @@ out_err:
int rtnl_nla_parse_ifla(struct nlattr **tb, const struct nlattr *head, int len, int rtnl_nla_parse_ifla(struct nlattr **tb, const struct nlattr *head, int len,
struct netlink_ext_ack *exterr) struct netlink_ext_ack *exterr)
{ {
return nla_parse(tb, IFLA_MAX, head, len, ifla_policy, exterr); return nla_parse_deprecated(tb, IFLA_MAX, head, len, ifla_policy,
exterr);
} }
EXPORT_SYMBOL(rtnl_nla_parse_ifla); EXPORT_SYMBOL(rtnl_nla_parse_ifla);
@ -2564,8 +2566,10 @@ static int do_setlink(const struct sk_buff *skb,
err = -EINVAL; err = -EINVAL;
goto errout; goto errout;
} }
err = nla_parse_nested(vfinfo, IFLA_VF_MAX, attr, err = nla_parse_nested_deprecated(vfinfo, IFLA_VF_MAX,
ifla_vf_policy, NULL); attr,
ifla_vf_policy,
NULL);
if (err < 0) if (err < 0)
goto errout; goto errout;
err = do_setvfinfo(dev, vfinfo); err = do_setvfinfo(dev, vfinfo);
@ -2592,8 +2596,10 @@ static int do_setlink(const struct sk_buff *skb,
err = -EINVAL; err = -EINVAL;
goto errout; goto errout;
} }
err = nla_parse_nested(port, IFLA_PORT_MAX, attr, err = nla_parse_nested_deprecated(port, IFLA_PORT_MAX,
ifla_port_policy, NULL); attr,
ifla_port_policy,
NULL);
if (err < 0) if (err < 0)
goto errout; goto errout;
if (!port[IFLA_PORT_VF]) { if (!port[IFLA_PORT_VF]) {
@ -2612,9 +2618,9 @@ static int do_setlink(const struct sk_buff *skb,
if (tb[IFLA_PORT_SELF]) { if (tb[IFLA_PORT_SELF]) {
struct nlattr *port[IFLA_PORT_MAX+1]; struct nlattr *port[IFLA_PORT_MAX+1];
err = nla_parse_nested(port, IFLA_PORT_MAX, err = nla_parse_nested_deprecated(port, IFLA_PORT_MAX,
tb[IFLA_PORT_SELF], ifla_port_policy, tb[IFLA_PORT_SELF],
NULL); ifla_port_policy, NULL);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -2661,8 +2667,9 @@ static int do_setlink(const struct sk_buff *skb,
struct nlattr *xdp[IFLA_XDP_MAX + 1]; struct nlattr *xdp[IFLA_XDP_MAX + 1];
u32 xdp_flags = 0; u32 xdp_flags = 0;
err = nla_parse_nested(xdp, IFLA_XDP_MAX, tb[IFLA_XDP], err = nla_parse_nested_deprecated(xdp, IFLA_XDP_MAX,
ifla_xdp_policy, NULL); tb[IFLA_XDP],
ifla_xdp_policy, NULL);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -2716,8 +2723,8 @@ static int rtnl_setlink(struct sk_buff *skb, struct nlmsghdr *nlh,
struct nlattr *tb[IFLA_MAX+1]; struct nlattr *tb[IFLA_MAX+1];
char ifname[IFNAMSIZ]; char ifname[IFNAMSIZ];
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFLA_MAX,
extack); ifla_policy, extack);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -2813,7 +2820,8 @@ static int rtnl_dellink(struct sk_buff *skb, struct nlmsghdr *nlh,
int err; int err;
int netnsid = -1; int netnsid = -1;
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy, extack); err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFLA_MAX,
ifla_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -2990,7 +2998,8 @@ static int __rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
#ifdef CONFIG_MODULES #ifdef CONFIG_MODULES
replay: replay:
#endif #endif
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy, extack); err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFLA_MAX,
ifla_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -3024,9 +3033,9 @@ replay:
return err; return err;
if (tb[IFLA_LINKINFO]) { if (tb[IFLA_LINKINFO]) {
err = nla_parse_nested(linkinfo, IFLA_INFO_MAX, err = nla_parse_nested_deprecated(linkinfo, IFLA_INFO_MAX,
tb[IFLA_LINKINFO], ifla_info_policy, tb[IFLA_LINKINFO],
NULL); ifla_info_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
} else } else
@ -3046,9 +3055,9 @@ replay:
return -EINVAL; return -EINVAL;
if (ops->maxtype && linkinfo[IFLA_INFO_DATA]) { if (ops->maxtype && linkinfo[IFLA_INFO_DATA]) {
err = nla_parse_nested(attr, ops->maxtype, err = nla_parse_nested_deprecated(attr, ops->maxtype,
linkinfo[IFLA_INFO_DATA], linkinfo[IFLA_INFO_DATA],
ops->policy, extack); ops->policy, extack);
if (err < 0) if (err < 0)
return err; return err;
data = attr; data = attr;
@ -3067,9 +3076,11 @@ replay:
if (m_ops->slave_maxtype && if (m_ops->slave_maxtype &&
linkinfo[IFLA_INFO_SLAVE_DATA]) { linkinfo[IFLA_INFO_SLAVE_DATA]) {
err = nla_parse_nested(slave_attr, m_ops->slave_maxtype, err = nla_parse_nested_deprecated(slave_attr,
linkinfo[IFLA_INFO_SLAVE_DATA], m_ops->slave_maxtype,
m_ops->slave_policy, extack); linkinfo[IFLA_INFO_SLAVE_DATA],
m_ops->slave_policy,
extack);
if (err < 0) if (err < 0)
return err; return err;
slave_data = slave_attr; slave_data = slave_attr;
@ -3250,8 +3261,8 @@ static int rtnl_valid_getlink_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy, return nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFLA_MAX,
extack); ifla_policy, extack);
ifm = nlmsg_data(nlh); ifm = nlmsg_data(nlh);
if (ifm->__ifi_pad || ifm->ifi_type || ifm->ifi_flags || if (ifm->__ifi_pad || ifm->ifi_type || ifm->ifi_flags ||
@ -3260,8 +3271,8 @@ static int rtnl_valid_getlink_req(struct sk_buff *skb,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFLA_MAX, ifla_policy, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFLA_MAX,
extack); ifla_policy, extack);
if (err) if (err)
return err; return err;
@ -3366,7 +3377,7 @@ static u16 rtnl_calcit(struct sk_buff *skb, struct nlmsghdr *nlh)
hdrlen = nlmsg_len(nlh) < sizeof(struct ifinfomsg) ? hdrlen = nlmsg_len(nlh) < sizeof(struct ifinfomsg) ?
sizeof(struct rtgenmsg) : sizeof(struct ifinfomsg); sizeof(struct rtgenmsg) : sizeof(struct ifinfomsg);
if (nlmsg_parse(nlh, hdrlen, tb, IFLA_MAX, ifla_policy, NULL) >= 0) { if (nlmsg_parse_deprecated(nlh, hdrlen, tb, IFLA_MAX, ifla_policy, NULL) >= 0) {
if (tb[IFLA_EXT_MASK]) if (tb[IFLA_EXT_MASK])
ext_filter_mask = nla_get_u32(tb[IFLA_EXT_MASK]); ext_filter_mask = nla_get_u32(tb[IFLA_EXT_MASK]);
} }
@ -3639,7 +3650,8 @@ static int rtnl_fdb_add(struct sk_buff *skb, struct nlmsghdr *nlh,
u16 vid; u16 vid;
int err; int err;
err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL, extack); err = nlmsg_parse_deprecated(nlh, sizeof(*ndm), tb, NDA_MAX, NULL,
extack);
if (err < 0) if (err < 0)
return err; return err;
@ -3749,7 +3761,8 @@ static int rtnl_fdb_del(struct sk_buff *skb, struct nlmsghdr *nlh,
if (!netlink_capable(skb, CAP_NET_ADMIN)) if (!netlink_capable(skb, CAP_NET_ADMIN))
return -EPERM; return -EPERM;
err = nlmsg_parse(nlh, sizeof(*ndm), tb, NDA_MAX, NULL, extack); err = nlmsg_parse_deprecated(nlh, sizeof(*ndm), tb, NDA_MAX, NULL,
extack);
if (err < 0) if (err < 0)
return err; return err;
@ -3898,8 +3911,8 @@ static int valid_fdb_dump_strict(const struct nlmsghdr *nlh,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(struct ndmsg), tb, NDA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg), tb,
NULL, extack); NDA_MAX, NULL, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -3951,8 +3964,9 @@ static int valid_fdb_dump_legacy(const struct nlmsghdr *nlh,
nla_attr_size(sizeof(u32)))) { nla_attr_size(sizeof(u32)))) {
struct ifinfomsg *ifm; struct ifinfomsg *ifm;
err = nlmsg_parse(nlh, sizeof(struct ifinfomsg), tb, IFLA_MAX, err = nlmsg_parse_deprecated(nlh, sizeof(struct ifinfomsg),
ifla_policy, extack); tb, IFLA_MAX, ifla_policy,
extack);
if (err < 0) { if (err < 0) {
return -EINVAL; return -EINVAL;
} else if (err == 0) { } else if (err == 0) {
@ -4091,8 +4105,8 @@ static int valid_fdb_get_strict(const struct nlmsghdr *nlh,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(struct ndmsg), tb, NDA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct ndmsg), tb,
nda_policy, extack); NDA_MAX, nda_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -4354,11 +4368,14 @@ static int valid_bridge_getlink_req(const struct nlmsghdr *nlh,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(struct ifinfomsg), tb, err = nlmsg_parse_deprecated_strict(nlh,
IFLA_MAX, ifla_policy, extack); sizeof(struct ifinfomsg),
tb, IFLA_MAX, ifla_policy,
extack);
} else { } else {
err = nlmsg_parse(nlh, sizeof(struct ifinfomsg), tb, err = nlmsg_parse_deprecated(nlh, sizeof(struct ifinfomsg),
IFLA_MAX, ifla_policy, extack); tb, IFLA_MAX, ifla_policy,
extack);
} }
if (err < 0) if (err < 0)
return err; return err;

View File

@ -241,8 +241,9 @@ static int dcbnl_getpfccfg(struct net_device *netdev, struct nlmsghdr *nlh,
if (!netdev->dcbnl_ops->getpfccfg) if (!netdev->dcbnl_ops->getpfccfg)
return -EOPNOTSUPP; return -EOPNOTSUPP;
ret = nla_parse_nested(data, DCB_PFC_UP_ATTR_MAX, ret = nla_parse_nested_deprecated(data, DCB_PFC_UP_ATTR_MAX,
tb[DCB_ATTR_PFC_CFG], dcbnl_pfc_up_nest, NULL); tb[DCB_ATTR_PFC_CFG],
dcbnl_pfc_up_nest, NULL);
if (ret) if (ret)
return ret; return ret;
@ -299,8 +300,9 @@ static int dcbnl_getcap(struct net_device *netdev, struct nlmsghdr *nlh,
if (!netdev->dcbnl_ops->getcap) if (!netdev->dcbnl_ops->getcap)
return -EOPNOTSUPP; return -EOPNOTSUPP;
ret = nla_parse_nested(data, DCB_CAP_ATTR_MAX, tb[DCB_ATTR_CAP], ret = nla_parse_nested_deprecated(data, DCB_CAP_ATTR_MAX,
dcbnl_cap_nest, NULL); tb[DCB_ATTR_CAP], dcbnl_cap_nest,
NULL);
if (ret) if (ret)
return ret; return ret;
@ -343,8 +345,9 @@ static int dcbnl_getnumtcs(struct net_device *netdev, struct nlmsghdr *nlh,
if (!netdev->dcbnl_ops->getnumtcs) if (!netdev->dcbnl_ops->getnumtcs)
return -EOPNOTSUPP; return -EOPNOTSUPP;
ret = nla_parse_nested(data, DCB_NUMTCS_ATTR_MAX, tb[DCB_ATTR_NUMTCS], ret = nla_parse_nested_deprecated(data, DCB_NUMTCS_ATTR_MAX,
dcbnl_numtcs_nest, NULL); tb[DCB_ATTR_NUMTCS],
dcbnl_numtcs_nest, NULL);
if (ret) if (ret)
return ret; return ret;
@ -388,8 +391,9 @@ static int dcbnl_setnumtcs(struct net_device *netdev, struct nlmsghdr *nlh,
if (!netdev->dcbnl_ops->setnumtcs) if (!netdev->dcbnl_ops->setnumtcs)
return -EOPNOTSUPP; return -EOPNOTSUPP;
ret = nla_parse_nested(data, DCB_NUMTCS_ATTR_MAX, tb[DCB_ATTR_NUMTCS], ret = nla_parse_nested_deprecated(data, DCB_NUMTCS_ATTR_MAX,
dcbnl_numtcs_nest, NULL); tb[DCB_ATTR_NUMTCS],
dcbnl_numtcs_nest, NULL);
if (ret) if (ret)
return ret; return ret;
@ -447,8 +451,9 @@ static int dcbnl_getapp(struct net_device *netdev, struct nlmsghdr *nlh,
if (!tb[DCB_ATTR_APP]) if (!tb[DCB_ATTR_APP])
return -EINVAL; return -EINVAL;
ret = nla_parse_nested(app_tb, DCB_APP_ATTR_MAX, tb[DCB_ATTR_APP], ret = nla_parse_nested_deprecated(app_tb, DCB_APP_ATTR_MAX,
dcbnl_app_nest, NULL); tb[DCB_ATTR_APP], dcbnl_app_nest,
NULL);
if (ret) if (ret)
return ret; return ret;
@ -515,8 +520,9 @@ static int dcbnl_setapp(struct net_device *netdev, struct nlmsghdr *nlh,
if (!tb[DCB_ATTR_APP]) if (!tb[DCB_ATTR_APP])
return -EINVAL; return -EINVAL;
ret = nla_parse_nested(app_tb, DCB_APP_ATTR_MAX, tb[DCB_ATTR_APP], ret = nla_parse_nested_deprecated(app_tb, DCB_APP_ATTR_MAX,
dcbnl_app_nest, NULL); tb[DCB_ATTR_APP], dcbnl_app_nest,
NULL);
if (ret) if (ret)
return ret; return ret;
@ -573,8 +579,9 @@ static int __dcbnl_pg_getcfg(struct net_device *netdev, struct nlmsghdr *nlh,
!netdev->dcbnl_ops->getpgbwgcfgrx) !netdev->dcbnl_ops->getpgbwgcfgrx)
return -EOPNOTSUPP; return -EOPNOTSUPP;
ret = nla_parse_nested(pg_tb, DCB_PG_ATTR_MAX, tb[DCB_ATTR_PG_CFG], ret = nla_parse_nested_deprecated(pg_tb, DCB_PG_ATTR_MAX,
dcbnl_pg_nest, NULL); tb[DCB_ATTR_PG_CFG], dcbnl_pg_nest,
NULL);
if (ret) if (ret)
return ret; return ret;
@ -593,8 +600,9 @@ static int __dcbnl_pg_getcfg(struct net_device *netdev, struct nlmsghdr *nlh,
data = pg_tb[DCB_PG_ATTR_TC_ALL]; data = pg_tb[DCB_PG_ATTR_TC_ALL];
else else
data = pg_tb[i]; data = pg_tb[i];
ret = nla_parse_nested(param_tb, DCB_TC_ATTR_PARAM_MAX, data, ret = nla_parse_nested_deprecated(param_tb,
dcbnl_tc_param_nest, NULL); DCB_TC_ATTR_PARAM_MAX, data,
dcbnl_tc_param_nest, NULL);
if (ret) if (ret)
goto err_pg; goto err_pg;
@ -730,8 +738,9 @@ static int dcbnl_setpfccfg(struct net_device *netdev, struct nlmsghdr *nlh,
if (!netdev->dcbnl_ops->setpfccfg) if (!netdev->dcbnl_ops->setpfccfg)
return -EOPNOTSUPP; return -EOPNOTSUPP;
ret = nla_parse_nested(data, DCB_PFC_UP_ATTR_MAX, ret = nla_parse_nested_deprecated(data, DCB_PFC_UP_ATTR_MAX,
tb[DCB_ATTR_PFC_CFG], dcbnl_pfc_up_nest, NULL); tb[DCB_ATTR_PFC_CFG],
dcbnl_pfc_up_nest, NULL);
if (ret) if (ret)
return ret; return ret;
@ -786,8 +795,9 @@ static int __dcbnl_pg_setcfg(struct net_device *netdev, struct nlmsghdr *nlh,
!netdev->dcbnl_ops->setpgbwgcfgrx) !netdev->dcbnl_ops->setpgbwgcfgrx)
return -EOPNOTSUPP; return -EOPNOTSUPP;
ret = nla_parse_nested(pg_tb, DCB_PG_ATTR_MAX, tb[DCB_ATTR_PG_CFG], ret = nla_parse_nested_deprecated(pg_tb, DCB_PG_ATTR_MAX,
dcbnl_pg_nest, NULL); tb[DCB_ATTR_PG_CFG], dcbnl_pg_nest,
NULL);
if (ret) if (ret)
return ret; return ret;
@ -795,8 +805,10 @@ static int __dcbnl_pg_setcfg(struct net_device *netdev, struct nlmsghdr *nlh,
if (!pg_tb[i]) if (!pg_tb[i])
continue; continue;
ret = nla_parse_nested(param_tb, DCB_TC_ATTR_PARAM_MAX, ret = nla_parse_nested_deprecated(param_tb,
pg_tb[i], dcbnl_tc_param_nest, NULL); DCB_TC_ATTR_PARAM_MAX,
pg_tb[i],
dcbnl_tc_param_nest, NULL);
if (ret) if (ret)
return ret; return ret;
@ -884,8 +896,9 @@ static int dcbnl_bcn_getcfg(struct net_device *netdev, struct nlmsghdr *nlh,
!netdev->dcbnl_ops->getbcncfg) !netdev->dcbnl_ops->getbcncfg)
return -EOPNOTSUPP; return -EOPNOTSUPP;
ret = nla_parse_nested(bcn_tb, DCB_BCN_ATTR_MAX, tb[DCB_ATTR_BCN], ret = nla_parse_nested_deprecated(bcn_tb, DCB_BCN_ATTR_MAX,
dcbnl_bcn_nest, NULL); tb[DCB_ATTR_BCN], dcbnl_bcn_nest,
NULL);
if (ret) if (ret)
return ret; return ret;
@ -943,8 +956,9 @@ static int dcbnl_bcn_setcfg(struct net_device *netdev, struct nlmsghdr *nlh,
!netdev->dcbnl_ops->setbcnrp) !netdev->dcbnl_ops->setbcnrp)
return -EOPNOTSUPP; return -EOPNOTSUPP;
ret = nla_parse_nested(data, DCB_BCN_ATTR_MAX, tb[DCB_ATTR_BCN], ret = nla_parse_nested_deprecated(data, DCB_BCN_ATTR_MAX,
dcbnl_pfc_up_nest, NULL); tb[DCB_ATTR_BCN], dcbnl_pfc_up_nest,
NULL);
if (ret) if (ret)
return ret; return ret;
@ -1431,8 +1445,9 @@ static int dcbnl_ieee_set(struct net_device *netdev, struct nlmsghdr *nlh,
if (!tb[DCB_ATTR_IEEE]) if (!tb[DCB_ATTR_IEEE])
return -EINVAL; return -EINVAL;
err = nla_parse_nested(ieee, DCB_ATTR_IEEE_MAX, tb[DCB_ATTR_IEEE], err = nla_parse_nested_deprecated(ieee, DCB_ATTR_IEEE_MAX,
dcbnl_ieee_policy, NULL); tb[DCB_ATTR_IEEE],
dcbnl_ieee_policy, NULL);
if (err) if (err)
return err; return err;
@ -1531,8 +1546,9 @@ static int dcbnl_ieee_del(struct net_device *netdev, struct nlmsghdr *nlh,
if (!tb[DCB_ATTR_IEEE]) if (!tb[DCB_ATTR_IEEE])
return -EINVAL; return -EINVAL;
err = nla_parse_nested(ieee, DCB_ATTR_IEEE_MAX, tb[DCB_ATTR_IEEE], err = nla_parse_nested_deprecated(ieee, DCB_ATTR_IEEE_MAX,
dcbnl_ieee_policy, NULL); tb[DCB_ATTR_IEEE],
dcbnl_ieee_policy, NULL);
if (err) if (err)
return err; return err;
@ -1604,8 +1620,9 @@ static int dcbnl_getfeatcfg(struct net_device *netdev, struct nlmsghdr *nlh,
if (!tb[DCB_ATTR_FEATCFG]) if (!tb[DCB_ATTR_FEATCFG])
return -EINVAL; return -EINVAL;
ret = nla_parse_nested(data, DCB_FEATCFG_ATTR_MAX, ret = nla_parse_nested_deprecated(data, DCB_FEATCFG_ATTR_MAX,
tb[DCB_ATTR_FEATCFG], dcbnl_featcfg_nest, NULL); tb[DCB_ATTR_FEATCFG],
dcbnl_featcfg_nest, NULL);
if (ret) if (ret)
return ret; return ret;
@ -1648,8 +1665,9 @@ static int dcbnl_setfeatcfg(struct net_device *netdev, struct nlmsghdr *nlh,
if (!tb[DCB_ATTR_FEATCFG]) if (!tb[DCB_ATTR_FEATCFG])
return -EINVAL; return -EINVAL;
ret = nla_parse_nested(data, DCB_FEATCFG_ATTR_MAX, ret = nla_parse_nested_deprecated(data, DCB_FEATCFG_ATTR_MAX,
tb[DCB_ATTR_FEATCFG], dcbnl_featcfg_nest, NULL); tb[DCB_ATTR_FEATCFG],
dcbnl_featcfg_nest, NULL);
if (ret) if (ret)
goto err; goto err;
@ -1738,8 +1756,8 @@ static int dcb_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
if ((nlh->nlmsg_type == RTM_SETDCB) && !netlink_capable(skb, CAP_NET_ADMIN)) if ((nlh->nlmsg_type == RTM_SETDCB) && !netlink_capable(skb, CAP_NET_ADMIN))
return -EPERM; return -EPERM;
ret = nlmsg_parse(nlh, sizeof(*dcb), tb, DCB_ATTR_MAX, ret = nlmsg_parse_deprecated(nlh, sizeof(*dcb), tb, DCB_ATTR_MAX,
dcbnl_rtnl_policy, extack); dcbnl_rtnl_policy, extack);
if (ret < 0) if (ret < 0)
return ret; return ret;

View File

@ -583,8 +583,8 @@ static int dn_nl_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
if (!net_eq(net, &init_net)) if (!net_eq(net, &init_net))
goto errout; goto errout;
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, dn_ifa_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
extack); dn_ifa_policy, extack);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -629,8 +629,8 @@ static int dn_nl_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
if (!net_eq(net, &init_net)) if (!net_eq(net, &init_net))
return -EINVAL; return -EINVAL;
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, dn_ifa_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
extack); dn_ifa_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -517,8 +517,8 @@ static int dn_fib_rtm_delroute(struct sk_buff *skb, struct nlmsghdr *nlh,
if (!net_eq(net, &init_net)) if (!net_eq(net, &init_net))
return -EINVAL; return -EINVAL;
err = nlmsg_parse(nlh, sizeof(*r), attrs, RTA_MAX, rtm_dn_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*r), attrs, RTA_MAX,
extack); rtm_dn_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -544,8 +544,8 @@ static int dn_fib_rtm_newroute(struct sk_buff *skb, struct nlmsghdr *nlh,
if (!net_eq(net, &init_net)) if (!net_eq(net, &init_net))
return -EINVAL; return -EINVAL;
err = nlmsg_parse(nlh, sizeof(*r), attrs, RTA_MAX, rtm_dn_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*r), attrs, RTA_MAX,
extack); rtm_dn_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -1651,8 +1651,8 @@ static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh,
if (!net_eq(net, &init_net)) if (!net_eq(net, &init_net))
return -EINVAL; return -EINVAL;
err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_dn_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
extack); rtm_dn_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -247,9 +247,11 @@ nl802154_prepare_wpan_dev_dump(struct sk_buff *skb,
rtnl_lock(); rtnl_lock();
if (!cb->args[0]) { if (!cb->args[0]) {
err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl802154_fam.hdrsize, err = nlmsg_parse_deprecated(cb->nlh,
genl_family_attrbuf(&nl802154_fam), GENL_HDRLEN + nl802154_fam.hdrsize,
nl802154_fam.maxattr, nl802154_policy, NULL); genl_family_attrbuf(&nl802154_fam),
nl802154_fam.maxattr,
nl802154_policy, NULL);
if (err) if (err)
goto out_unlock; goto out_unlock;
@ -562,8 +564,10 @@ static int nl802154_dump_wpan_phy_parse(struct sk_buff *skb,
struct nl802154_dump_wpan_phy_state *state) struct nl802154_dump_wpan_phy_state *state)
{ {
struct nlattr **tb = genl_family_attrbuf(&nl802154_fam); struct nlattr **tb = genl_family_attrbuf(&nl802154_fam);
int ret = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl802154_fam.hdrsize, tb, int ret = nlmsg_parse_deprecated(cb->nlh,
nl802154_fam.maxattr, nl802154_policy, NULL); GENL_HDRLEN + nl802154_fam.hdrsize,
tb, nl802154_fam.maxattr,
nl802154_policy, NULL);
/* TODO check if we can handle error here, /* TODO check if we can handle error here,
* we have no backward compatibility * we have no backward compatibility
@ -1308,8 +1312,7 @@ ieee802154_llsec_parse_dev_addr(struct nlattr *nla,
{ {
struct nlattr *attrs[NL802154_DEV_ADDR_ATTR_MAX + 1]; struct nlattr *attrs[NL802154_DEV_ADDR_ATTR_MAX + 1];
if (!nla || nla_parse_nested(attrs, NL802154_DEV_ADDR_ATTR_MAX, nla, if (!nla || nla_parse_nested_deprecated(attrs, NL802154_DEV_ADDR_ATTR_MAX, nla, nl802154_dev_addr_policy, NULL))
nl802154_dev_addr_policy, NULL))
return -EINVAL; return -EINVAL;
if (!attrs[NL802154_DEV_ADDR_ATTR_PAN_ID] || if (!attrs[NL802154_DEV_ADDR_ATTR_PAN_ID] ||
@ -1348,8 +1351,7 @@ ieee802154_llsec_parse_key_id(struct nlattr *nla,
{ {
struct nlattr *attrs[NL802154_KEY_ID_ATTR_MAX + 1]; struct nlattr *attrs[NL802154_KEY_ID_ATTR_MAX + 1];
if (!nla || nla_parse_nested(attrs, NL802154_KEY_ID_ATTR_MAX, nla, if (!nla || nla_parse_nested_deprecated(attrs, NL802154_KEY_ID_ATTR_MAX, nla, nl802154_key_id_policy, NULL))
nl802154_key_id_policy, NULL))
return -EINVAL; return -EINVAL;
if (!attrs[NL802154_KEY_ID_ATTR_MODE]) if (!attrs[NL802154_KEY_ID_ATTR_MODE])
@ -1564,9 +1566,7 @@ static int nl802154_add_llsec_key(struct sk_buff *skb, struct genl_info *info)
struct ieee802154_llsec_key_id id = { }; struct ieee802154_llsec_key_id id = { };
u32 commands[NL802154_CMD_FRAME_NR_IDS / 32] = { }; u32 commands[NL802154_CMD_FRAME_NR_IDS / 32] = { };
if (nla_parse_nested(attrs, NL802154_KEY_ATTR_MAX, if (nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))
info->attrs[NL802154_ATTR_SEC_KEY],
nl802154_key_policy, info->extack))
return -EINVAL; return -EINVAL;
if (!attrs[NL802154_KEY_ATTR_USAGE_FRAMES] || if (!attrs[NL802154_KEY_ATTR_USAGE_FRAMES] ||
@ -1614,9 +1614,7 @@ static int nl802154_del_llsec_key(struct sk_buff *skb, struct genl_info *info)
struct nlattr *attrs[NL802154_KEY_ATTR_MAX + 1]; struct nlattr *attrs[NL802154_KEY_ATTR_MAX + 1];
struct ieee802154_llsec_key_id id; struct ieee802154_llsec_key_id id;
if (nla_parse_nested(attrs, NL802154_KEY_ATTR_MAX, if (nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))
info->attrs[NL802154_ATTR_SEC_KEY],
nl802154_key_policy, info->extack))
return -EINVAL; return -EINVAL;
if (ieee802154_llsec_parse_key_id(attrs[NL802154_KEY_ATTR_ID], &id) < 0) if (ieee802154_llsec_parse_key_id(attrs[NL802154_KEY_ATTR_ID], &id) < 0)
@ -1730,8 +1728,7 @@ ieee802154_llsec_parse_device(struct nlattr *nla,
{ {
struct nlattr *attrs[NL802154_DEV_ATTR_MAX + 1]; struct nlattr *attrs[NL802154_DEV_ATTR_MAX + 1];
if (!nla || nla_parse_nested(attrs, NL802154_DEV_ATTR_MAX, if (!nla || nla_parse_nested_deprecated(attrs, NL802154_DEV_ATTR_MAX, nla, nl802154_dev_policy, NULL))
nla, nl802154_dev_policy, NULL))
return -EINVAL; return -EINVAL;
memset(dev, 0, sizeof(*dev)); memset(dev, 0, sizeof(*dev));
@ -1782,9 +1779,7 @@ static int nl802154_del_llsec_dev(struct sk_buff *skb, struct genl_info *info)
struct nlattr *attrs[NL802154_DEV_ATTR_MAX + 1]; struct nlattr *attrs[NL802154_DEV_ATTR_MAX + 1];
__le64 extended_addr; __le64 extended_addr;
if (nla_parse_nested(attrs, NL802154_DEV_ATTR_MAX, if (nla_parse_nested_deprecated(attrs, NL802154_DEV_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_DEVICE], nl802154_dev_policy, info->extack))
info->attrs[NL802154_ATTR_SEC_DEVICE],
nl802154_dev_policy, info->extack))
return -EINVAL; return -EINVAL;
if (!attrs[NL802154_DEV_ATTR_EXTENDED_ADDR]) if (!attrs[NL802154_DEV_ATTR_EXTENDED_ADDR])
@ -1910,9 +1905,7 @@ static int nl802154_add_llsec_devkey(struct sk_buff *skb, struct genl_info *info
__le64 extended_addr; __le64 extended_addr;
if (!info->attrs[NL802154_ATTR_SEC_DEVKEY] || if (!info->attrs[NL802154_ATTR_SEC_DEVKEY] ||
nla_parse_nested(attrs, NL802154_DEVKEY_ATTR_MAX, nla_parse_nested_deprecated(attrs, NL802154_DEVKEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_DEVKEY], nl802154_devkey_policy, info->extack) < 0)
info->attrs[NL802154_ATTR_SEC_DEVKEY],
nl802154_devkey_policy, info->extack) < 0)
return -EINVAL; return -EINVAL;
if (!attrs[NL802154_DEVKEY_ATTR_FRAME_COUNTER] || if (!attrs[NL802154_DEVKEY_ATTR_FRAME_COUNTER] ||
@ -1942,9 +1935,7 @@ static int nl802154_del_llsec_devkey(struct sk_buff *skb, struct genl_info *info
struct ieee802154_llsec_device_key key; struct ieee802154_llsec_device_key key;
__le64 extended_addr; __le64 extended_addr;
if (nla_parse_nested(attrs, NL802154_DEVKEY_ATTR_MAX, if (nla_parse_nested_deprecated(attrs, NL802154_DEVKEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_DEVKEY], nl802154_devkey_policy, info->extack))
info->attrs[NL802154_ATTR_SEC_DEVKEY],
nl802154_devkey_policy, info->extack))
return -EINVAL; return -EINVAL;
if (!attrs[NL802154_DEVKEY_ATTR_EXTENDED_ADDR]) if (!attrs[NL802154_DEVKEY_ATTR_EXTENDED_ADDR])
@ -2064,8 +2055,7 @@ llsec_parse_seclevel(struct nlattr *nla, struct ieee802154_llsec_seclevel *sl)
{ {
struct nlattr *attrs[NL802154_SECLEVEL_ATTR_MAX + 1]; struct nlattr *attrs[NL802154_SECLEVEL_ATTR_MAX + 1];
if (!nla || nla_parse_nested(attrs, NL802154_SECLEVEL_ATTR_MAX, if (!nla || nla_parse_nested_deprecated(attrs, NL802154_SECLEVEL_ATTR_MAX, nla, nl802154_seclevel_policy, NULL))
nla, nl802154_seclevel_policy, NULL))
return -EINVAL; return -EINVAL;
memset(sl, 0, sizeof(*sl)); memset(sl, 0, sizeof(*sl));

View File

@ -621,8 +621,8 @@ static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
ASSERT_RTNL(); ASSERT_RTNL();
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
extack); ifa_ipv4_policy, extack);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -793,8 +793,8 @@ static struct in_ifaddr *rtm_to_ifaddr(struct net *net, struct nlmsghdr *nlh,
struct in_device *in_dev; struct in_device *in_dev;
int err; int err;
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv4_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
extack); ifa_ipv4_policy, extack);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -1689,8 +1689,8 @@ static int inet_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
fillargs->flags |= NLM_F_DUMP_FILTERED; fillargs->flags |= NLM_F_DUMP_FILTERED;
} }
err = nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
ifa_ipv4_policy, extack); ifa_ipv4_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -1906,7 +1906,8 @@ static int inet_validate_link_af(const struct net_device *dev,
if (dev && !__in_dev_get_rcu(dev)) if (dev && !__in_dev_get_rcu(dev))
return -EAFNOSUPPORT; return -EAFNOSUPPORT;
err = nla_parse_nested(tb, IFLA_INET_MAX, nla, inet_af_policy, NULL); err = nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla,
inet_af_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -1934,7 +1935,7 @@ static int inet_set_link_af(struct net_device *dev, const struct nlattr *nla)
if (!in_dev) if (!in_dev)
return -EAFNOSUPPORT; return -EAFNOSUPPORT;
if (nla_parse_nested(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0) if (nla_parse_nested_deprecated(tb, IFLA_INET_MAX, nla, NULL, NULL) < 0)
BUG(); BUG();
if (tb[IFLA_INET_CONF]) { if (tb[IFLA_INET_CONF]) {
@ -2076,11 +2077,13 @@ static int inet_netconf_valid_get_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(struct netconfmsg), tb, return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
NETCONFA_MAX, devconf_ipv4_policy, extack); tb, NETCONFA_MAX,
devconf_ipv4_policy, extack);
err = nlmsg_parse_strict(nlh, sizeof(struct netconfmsg), tb, err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
NETCONFA_MAX, devconf_ipv4_policy, extack); tb, NETCONFA_MAX,
devconf_ipv4_policy, extack);
if (err) if (err)
return err; return err;

View File

@ -718,8 +718,8 @@ static int rtm_to_fib_config(struct net *net, struct sk_buff *skb,
int err, remaining; int err, remaining;
struct rtmsg *rtm; struct rtmsg *rtm;
err = nlmsg_validate(nlh, sizeof(*rtm), RTA_MAX, rtm_ipv4_policy, err = nlmsg_validate_deprecated(nlh, sizeof(*rtm), RTA_MAX,
extack); rtm_ipv4_policy, extack);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -896,8 +896,8 @@ int ip_valid_fib_dump_req(struct net *net, const struct nlmsghdr *nlh,
filter->rt_type = rtm->rtm_type; filter->rt_type = rtm->rtm_type;
filter->table_id = rtm->rtm_table; filter->table_id = rtm->rtm_table;
err = nlmsg_parse_strict(nlh, sizeof(*rtm), tb, RTA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_ipv4_policy, extack); rtm_ipv4_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -239,8 +239,8 @@ static int ip_tun_build_state(struct nlattr *attr,
struct nlattr *tb[LWTUNNEL_IP_MAX + 1]; struct nlattr *tb[LWTUNNEL_IP_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, LWTUNNEL_IP_MAX, attr, ip_tun_policy, err = nla_parse_nested_deprecated(tb, LWTUNNEL_IP_MAX, attr,
extack); ip_tun_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -356,8 +356,8 @@ static int ip6_tun_build_state(struct nlattr *attr,
struct nlattr *tb[LWTUNNEL_IP6_MAX + 1]; struct nlattr *tb[LWTUNNEL_IP6_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, LWTUNNEL_IP6_MAX, attr, ip6_tun_policy, err = nla_parse_nested_deprecated(tb, LWTUNNEL_IP6_MAX, attr,
extack); ip6_tun_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -2498,8 +2498,8 @@ static int ipmr_rtm_valid_getroute_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, return nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_ipv4_policy, extack); rtm_ipv4_policy, extack);
rtm = nlmsg_data(nlh); rtm = nlmsg_data(nlh);
if ((rtm->rtm_src_len && rtm->rtm_src_len != 32) || if ((rtm->rtm_src_len && rtm->rtm_src_len != 32) ||
@ -2510,8 +2510,8 @@ static int ipmr_rtm_valid_getroute_req(struct sk_buff *skb,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(*rtm), tb, RTA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_ipv4_policy, extack); rtm_ipv4_policy, extack);
if (err) if (err)
return err; return err;
@ -2674,8 +2674,8 @@ static int rtm_to_ipmr_mfcc(struct net *net, struct nlmsghdr *nlh,
struct rtmsg *rtm; struct rtmsg *rtm;
int ret, rem; int ret, rem;
ret = nlmsg_validate(nlh, sizeof(*rtm), RTA_MAX, rtm_ipmr_policy, ret = nlmsg_validate_deprecated(nlh, sizeof(*rtm), RTA_MAX,
extack); rtm_ipmr_policy, extack);
if (ret < 0) if (ret < 0)
goto out; goto out;
rtm = nlmsg_data(nlh); rtm = nlmsg_data(nlh);

View File

@ -2877,8 +2877,8 @@ static int inet_rtm_valid_getroute_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, return nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_ipv4_policy, extack); rtm_ipv4_policy, extack);
rtm = nlmsg_data(nlh); rtm = nlmsg_data(nlh);
if ((rtm->rtm_src_len && rtm->rtm_src_len != 32) || if ((rtm->rtm_src_len && rtm->rtm_src_len != 32) ||
@ -2896,8 +2896,8 @@ static int inet_rtm_valid_getroute_req(struct sk_buff *skb,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(*rtm), tb, RTA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_ipv4_policy, extack); rtm_ipv4_policy, extack);
if (err) if (err)
return err; return err;

View File

@ -611,11 +611,13 @@ static int inet6_netconf_valid_get_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(struct netconfmsg), tb, return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
NETCONFA_MAX, devconf_ipv6_policy, extack); tb, NETCONFA_MAX,
devconf_ipv6_policy, extack);
err = nlmsg_parse_strict(nlh, sizeof(struct netconfmsg), tb, err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
NETCONFA_MAX, devconf_ipv6_policy, extack); tb, NETCONFA_MAX,
devconf_ipv6_policy, extack);
if (err) if (err)
return err; return err;
@ -4565,8 +4567,8 @@ inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh,
u32 ifa_flags; u32 ifa_flags;
int err; int err;
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
extack); ifa_ipv6_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -4729,8 +4731,8 @@ inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh,
struct ifa6_config cfg; struct ifa6_config cfg;
int err; int err;
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_ipv6_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
extack); ifa_ipv6_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -5086,8 +5088,8 @@ static int inet6_valid_dump_ifaddr_req(const struct nlmsghdr *nlh,
fillargs->flags |= NLM_F_DUMP_FILTERED; fillargs->flags |= NLM_F_DUMP_FILTERED;
} }
err = nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
ifa_ipv6_policy, extack); ifa_ipv6_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -5237,11 +5239,11 @@ static int inet6_rtm_valid_getaddr_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, return nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
ifa_ipv6_policy, extack); ifa_ipv6_policy, extack);
err = nlmsg_parse_strict(nlh, sizeof(*ifm), tb, IFA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifm), tb, IFA_MAX,
ifa_ipv6_policy, extack); ifa_ipv6_policy, extack);
if (err) if (err)
return err; return err;
@ -5667,8 +5669,8 @@ static int inet6_validate_link_af(const struct net_device *dev,
if (dev && !__in6_dev_get(dev)) if (dev && !__in6_dev_get(dev))
return -EAFNOSUPPORT; return -EAFNOSUPPORT;
return nla_parse_nested(tb, IFLA_INET6_MAX, nla, inet6_af_policy, return nla_parse_nested_deprecated(tb, IFLA_INET6_MAX, nla,
NULL); inet6_af_policy, NULL);
} }
static int check_addr_gen_mode(int mode) static int check_addr_gen_mode(int mode)
@ -5700,7 +5702,7 @@ static int inet6_set_link_af(struct net_device *dev, const struct nlattr *nla)
if (!idev) if (!idev)
return -EAFNOSUPPORT; return -EAFNOSUPPORT;
if (nla_parse_nested(tb, IFLA_INET6_MAX, nla, NULL, NULL) < 0) if (nla_parse_nested_deprecated(tb, IFLA_INET6_MAX, nla, NULL, NULL) < 0)
BUG(); BUG();
if (tb[IFLA_INET6_TOKEN]) { if (tb[IFLA_INET6_TOKEN]) {

View File

@ -383,8 +383,8 @@ static int ip6addrlbl_newdel(struct sk_buff *skb, struct nlmsghdr *nlh,
u32 label; u32 label;
int err = 0; int err = 0;
err = nlmsg_parse(nlh, sizeof(*ifal), tb, IFAL_MAX, ifal_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*ifal), tb, IFAL_MAX,
extack); ifal_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -537,8 +537,8 @@ static int ip6addrlbl_valid_get_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(*ifal), tb, IFAL_MAX, return nlmsg_parse_deprecated(nlh, sizeof(*ifal), tb,
ifal_policy, extack); IFAL_MAX, ifal_policy, extack);
ifal = nlmsg_data(nlh); ifal = nlmsg_data(nlh);
if (ifal->__ifal_reserved || ifal->ifal_flags || ifal->ifal_seq) { if (ifal->__ifal_reserved || ifal->ifal_flags || ifal->ifal_seq) {
@ -546,8 +546,8 @@ static int ip6addrlbl_valid_get_req(struct sk_buff *skb,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(*ifal), tb, IFAL_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*ifal), tb, IFAL_MAX,
ifal_policy, extack); ifal_policy, extack);
if (err) if (err)
return err; return err;

View File

@ -146,7 +146,8 @@ static int ila_build_state(struct nlattr *nla,
if (family != AF_INET6) if (family != AF_INET6)
return -EINVAL; return -EINVAL;
ret = nla_parse_nested(tb, ILA_ATTR_MAX, nla, ila_nl_policy, extack); ret = nla_parse_nested_deprecated(tb, ILA_ATTR_MAX, nla,
ila_nl_policy, extack);
if (ret < 0) if (ret < 0)
return ret; return ret;

View File

@ -4239,8 +4239,8 @@ static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh,
unsigned int pref; unsigned int pref;
int err; int err;
err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv6_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
extack); rtm_ipv6_policy, extack);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -4886,8 +4886,8 @@ static int inet6_rtm_valid_getroute_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, return nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_ipv6_policy, extack); rtm_ipv6_policy, extack);
rtm = nlmsg_data(nlh); rtm = nlmsg_data(nlh);
if ((rtm->rtm_src_len && rtm->rtm_src_len != 128) || if ((rtm->rtm_src_len && rtm->rtm_src_len != 128) ||
@ -4903,8 +4903,8 @@ static int inet6_rtm_valid_getroute_req(struct sk_buff *skb,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(*rtm), tb, RTA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_ipv6_policy, extack); rtm_ipv6_policy, extack);
if (err) if (err)
return err; return err;

View File

@ -396,8 +396,8 @@ static int seg6_build_state(struct nlattr *nla,
if (family != AF_INET && family != AF_INET6) if (family != AF_INET && family != AF_INET6)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, SEG6_IPTUNNEL_MAX, nla, err = nla_parse_nested_deprecated(tb, SEG6_IPTUNNEL_MAX, nla,
seg6_iptunnel_policy, extack); seg6_iptunnel_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -823,8 +823,9 @@ static int parse_nla_bpf(struct nlattr **attrs, struct seg6_local_lwt *slwt)
int ret; int ret;
u32 fd; u32 fd;
ret = nla_parse_nested(tb, SEG6_LOCAL_BPF_PROG_MAX, ret = nla_parse_nested_deprecated(tb, SEG6_LOCAL_BPF_PROG_MAX,
attrs[SEG6_LOCAL_BPF], bpf_prog_policy, NULL); attrs[SEG6_LOCAL_BPF],
bpf_prog_policy, NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;
@ -959,8 +960,8 @@ static int seg6_local_build_state(struct nlattr *nla, unsigned int family,
if (family != AF_INET6) if (family != AF_INET6)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, SEG6_LOCAL_MAX, nla, seg6_local_policy, err = nla_parse_nested_deprecated(tb, SEG6_LOCAL_MAX, nla,
extack); seg6_local_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -1223,11 +1223,13 @@ static int mpls_netconf_valid_get_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(struct netconfmsg), tb, return nlmsg_parse_deprecated(nlh, sizeof(struct netconfmsg),
NETCONFA_MAX, devconf_mpls_policy, extack); tb, NETCONFA_MAX,
devconf_mpls_policy, extack);
err = nlmsg_parse_strict(nlh, sizeof(struct netconfmsg), tb, err = nlmsg_parse_deprecated_strict(nlh, sizeof(struct netconfmsg),
NETCONFA_MAX, devconf_mpls_policy, extack); tb, NETCONFA_MAX,
devconf_mpls_policy, extack);
if (err) if (err)
return err; return err;
@ -1788,8 +1790,8 @@ static int rtm_to_route_config(struct sk_buff *skb,
int index; int index;
int err; int err;
err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_mpls_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
extack); rtm_mpls_policy, extack);
if (err < 0) if (err < 0)
goto errout; goto errout;
@ -2106,8 +2108,8 @@ static int mpls_valid_fib_dump_req(struct net *net, const struct nlmsghdr *nlh,
cb->answer_flags = NLM_F_DUMP_FILTERED; cb->answer_flags = NLM_F_DUMP_FILTERED;
} }
err = nlmsg_parse_strict(nlh, sizeof(*rtm), tb, RTA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_mpls_policy, extack); rtm_mpls_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -2290,8 +2292,8 @@ static int mpls_valid_getroute_req(struct sk_buff *skb,
} }
if (!netlink_strict_get_check(skb)) if (!netlink_strict_get_check(skb))
return nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, return nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_mpls_policy, extack); rtm_mpls_policy, extack);
rtm = nlmsg_data(nlh); rtm = nlmsg_data(nlh);
if ((rtm->rtm_dst_len && rtm->rtm_dst_len != 20) || if ((rtm->rtm_dst_len && rtm->rtm_dst_len != 20) ||
@ -2306,8 +2308,8 @@ static int mpls_valid_getroute_req(struct sk_buff *skb,
return -EINVAL; return -EINVAL;
} }
err = nlmsg_parse_strict(nlh, sizeof(*rtm), tb, RTA_MAX, err = nlmsg_parse_deprecated_strict(nlh, sizeof(*rtm), tb, RTA_MAX,
rtm_mpls_policy, extack); rtm_mpls_policy, extack);
if (err) if (err)
return err; return err;

View File

@ -178,8 +178,8 @@ static int mpls_build_state(struct nlattr *nla,
u8 n_labels; u8 n_labels;
int ret; int ret;
ret = nla_parse_nested(tb, MPLS_IPTUNNEL_MAX, nla, ret = nla_parse_nested_deprecated(tb, MPLS_IPTUNNEL_MAX, nla,
mpls_iptunnel_policy, extack); mpls_iptunnel_policy, extack);
if (ret < 0) if (ret < 0)
return ret; return ret;

View File

@ -220,8 +220,8 @@ static int ncsi_pkg_info_all_nl(struct sk_buff *skb,
void *hdr; void *hdr;
int rc; int rc;
rc = genlmsg_parse(cb->nlh, &ncsi_genl_family, attrs, NCSI_ATTR_MAX, rc = genlmsg_parse_deprecated(cb->nlh, &ncsi_genl_family, attrs, NCSI_ATTR_MAX,
ncsi_genl_policy, NULL); ncsi_genl_policy, NULL);
if (rc) if (rc)
return rc; return rc;

View File

@ -299,8 +299,7 @@ ip_set_get_ipaddr4(struct nlattr *nla, __be32 *ipaddr)
if (unlikely(!flag_nested(nla))) if (unlikely(!flag_nested(nla)))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
if (nla_parse_nested(tb, IPSET_ATTR_IPADDR_MAX, nla, if (nla_parse_nested_deprecated(tb, IPSET_ATTR_IPADDR_MAX, nla, ipaddr_policy, NULL))
ipaddr_policy, NULL))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV4))) if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV4)))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
@ -318,8 +317,7 @@ ip_set_get_ipaddr6(struct nlattr *nla, union nf_inet_addr *ipaddr)
if (unlikely(!flag_nested(nla))) if (unlikely(!flag_nested(nla)))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
if (nla_parse_nested(tb, IPSET_ATTR_IPADDR_MAX, nla, if (nla_parse_nested_deprecated(tb, IPSET_ATTR_IPADDR_MAX, nla, ipaddr_policy, NULL))
ipaddr_policy, NULL))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV6))) if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV6)))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
@ -939,8 +937,7 @@ static int ip_set_create(struct net *net, struct sock *ctnl,
/* Without holding any locks, create private part. */ /* Without holding any locks, create private part. */
if (attr[IPSET_ATTR_DATA] && if (attr[IPSET_ATTR_DATA] &&
nla_parse_nested(tb, IPSET_ATTR_CREATE_MAX, attr[IPSET_ATTR_DATA], nla_parse_nested_deprecated(tb, IPSET_ATTR_CREATE_MAX, attr[IPSET_ATTR_DATA], set->type->create_policy, NULL)) {
set->type->create_policy, NULL)) {
ret = -IPSET_ERR_PROTOCOL; ret = -IPSET_ERR_PROTOCOL;
goto put_out; goto put_out;
} }
@ -1298,8 +1295,9 @@ dump_init(struct netlink_callback *cb, struct ip_set_net *inst)
ip_set_id_t index; ip_set_id_t index;
/* Second pass, so parser can't fail */ /* Second pass, so parser can't fail */
nla_parse(cda, IPSET_ATTR_CMD_MAX, attr, nlh->nlmsg_len - min_len, nla_parse_deprecated(cda, IPSET_ATTR_CMD_MAX, attr,
ip_set_setname_policy, NULL); nlh->nlmsg_len - min_len, ip_set_setname_policy,
NULL);
cb->args[IPSET_CB_PROTO] = nla_get_u8(cda[IPSET_ATTR_PROTOCOL]); cb->args[IPSET_CB_PROTO] = nla_get_u8(cda[IPSET_ATTR_PROTOCOL]);
if (cda[IPSET_ATTR_SETNAME]) { if (cda[IPSET_ATTR_SETNAME]) {
@ -1546,8 +1544,9 @@ call_ad(struct sock *ctnl, struct sk_buff *skb, struct ip_set *set,
memcpy(&errmsg->msg, nlh, nlh->nlmsg_len); memcpy(&errmsg->msg, nlh, nlh->nlmsg_len);
cmdattr = (void *)&errmsg->msg + min_len; cmdattr = (void *)&errmsg->msg + min_len;
nla_parse(cda, IPSET_ATTR_CMD_MAX, cmdattr, nla_parse_deprecated(cda, IPSET_ATTR_CMD_MAX, cmdattr,
nlh->nlmsg_len - min_len, ip_set_adt_policy, NULL); nlh->nlmsg_len - min_len,
ip_set_adt_policy, NULL);
errline = nla_data(cda[IPSET_ATTR_LINENO]); errline = nla_data(cda[IPSET_ATTR_LINENO]);
@ -1592,9 +1591,7 @@ static int ip_set_uadd(struct net *net, struct sock *ctnl, struct sk_buff *skb,
use_lineno = !!attr[IPSET_ATTR_LINENO]; use_lineno = !!attr[IPSET_ATTR_LINENO];
if (attr[IPSET_ATTR_DATA]) { if (attr[IPSET_ATTR_DATA]) {
if (nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, if (nla_parse_nested_deprecated(tb, IPSET_ATTR_ADT_MAX, attr[IPSET_ATTR_DATA], set->type->adt_policy, NULL))
attr[IPSET_ATTR_DATA],
set->type->adt_policy, NULL))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
ret = call_ad(ctnl, skb, set, tb, IPSET_ADD, flags, ret = call_ad(ctnl, skb, set, tb, IPSET_ADD, flags,
use_lineno); use_lineno);
@ -1605,8 +1602,7 @@ static int ip_set_uadd(struct net *net, struct sock *ctnl, struct sk_buff *skb,
memset(tb, 0, sizeof(tb)); memset(tb, 0, sizeof(tb));
if (nla_type(nla) != IPSET_ATTR_DATA || if (nla_type(nla) != IPSET_ATTR_DATA ||
!flag_nested(nla) || !flag_nested(nla) ||
nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, nla, nla_parse_nested_deprecated(tb, IPSET_ATTR_ADT_MAX, nla, set->type->adt_policy, NULL))
set->type->adt_policy, NULL))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
ret = call_ad(ctnl, skb, set, tb, IPSET_ADD, ret = call_ad(ctnl, skb, set, tb, IPSET_ADD,
flags, use_lineno); flags, use_lineno);
@ -1647,9 +1643,7 @@ static int ip_set_udel(struct net *net, struct sock *ctnl, struct sk_buff *skb,
use_lineno = !!attr[IPSET_ATTR_LINENO]; use_lineno = !!attr[IPSET_ATTR_LINENO];
if (attr[IPSET_ATTR_DATA]) { if (attr[IPSET_ATTR_DATA]) {
if (nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, if (nla_parse_nested_deprecated(tb, IPSET_ATTR_ADT_MAX, attr[IPSET_ATTR_DATA], set->type->adt_policy, NULL))
attr[IPSET_ATTR_DATA],
set->type->adt_policy, NULL))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
ret = call_ad(ctnl, skb, set, tb, IPSET_DEL, flags, ret = call_ad(ctnl, skb, set, tb, IPSET_DEL, flags,
use_lineno); use_lineno);
@ -1660,8 +1654,7 @@ static int ip_set_udel(struct net *net, struct sock *ctnl, struct sk_buff *skb,
memset(tb, 0, sizeof(*tb)); memset(tb, 0, sizeof(*tb));
if (nla_type(nla) != IPSET_ATTR_DATA || if (nla_type(nla) != IPSET_ATTR_DATA ||
!flag_nested(nla) || !flag_nested(nla) ||
nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, nla, nla_parse_nested_deprecated(tb, IPSET_ATTR_ADT_MAX, nla, set->type->adt_policy, NULL))
set->type->adt_policy, NULL))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
ret = call_ad(ctnl, skb, set, tb, IPSET_DEL, ret = call_ad(ctnl, skb, set, tb, IPSET_DEL,
flags, use_lineno); flags, use_lineno);
@ -1692,8 +1685,7 @@ static int ip_set_utest(struct net *net, struct sock *ctnl, struct sk_buff *skb,
if (!set) if (!set)
return -ENOENT; return -ENOENT;
if (nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, attr[IPSET_ATTR_DATA], if (nla_parse_nested_deprecated(tb, IPSET_ATTR_ADT_MAX, attr[IPSET_ATTR_DATA], set->type->adt_policy, NULL))
set->type->adt_policy, NULL))
return -IPSET_ERR_PROTOCOL; return -IPSET_ERR_PROTOCOL;
rcu_read_lock_bh(); rcu_read_lock_bh();

View File

@ -3116,8 +3116,7 @@ static int ip_vs_genl_parse_service(struct netns_ipvs *ipvs,
/* Parse mandatory identifying service fields first */ /* Parse mandatory identifying service fields first */
if (nla == NULL || if (nla == NULL ||
nla_parse_nested(attrs, IPVS_SVC_ATTR_MAX, nla, nla_parse_nested_deprecated(attrs, IPVS_SVC_ATTR_MAX, nla, ip_vs_svc_policy, NULL))
ip_vs_svc_policy, NULL))
return -EINVAL; return -EINVAL;
nla_af = attrs[IPVS_SVC_ATTR_AF]; nla_af = attrs[IPVS_SVC_ATTR_AF];
@ -3279,8 +3278,7 @@ static int ip_vs_genl_dump_dests(struct sk_buff *skb,
mutex_lock(&__ip_vs_mutex); mutex_lock(&__ip_vs_mutex);
/* Try to find the service for which to dump destinations */ /* Try to find the service for which to dump destinations */
if (nlmsg_parse(cb->nlh, GENL_HDRLEN, attrs, IPVS_CMD_ATTR_MAX, if (nlmsg_parse_deprecated(cb->nlh, GENL_HDRLEN, attrs, IPVS_CMD_ATTR_MAX, ip_vs_cmd_policy, cb->extack))
ip_vs_cmd_policy, cb->extack))
goto out_err; goto out_err;
@ -3316,8 +3314,7 @@ static int ip_vs_genl_parse_dest(struct ip_vs_dest_user_kern *udest,
/* Parse mandatory identifying destination fields first */ /* Parse mandatory identifying destination fields first */
if (nla == NULL || if (nla == NULL ||
nla_parse_nested(attrs, IPVS_DEST_ATTR_MAX, nla, nla_parse_nested_deprecated(attrs, IPVS_DEST_ATTR_MAX, nla, ip_vs_dest_policy, NULL))
ip_vs_dest_policy, NULL))
return -EINVAL; return -EINVAL;
nla_addr = attrs[IPVS_DEST_ATTR_ADDR]; nla_addr = attrs[IPVS_DEST_ATTR_ADDR];
@ -3561,9 +3558,7 @@ static int ip_vs_genl_set_daemon(struct sk_buff *skb, struct genl_info *info)
struct nlattr *daemon_attrs[IPVS_DAEMON_ATTR_MAX + 1]; struct nlattr *daemon_attrs[IPVS_DAEMON_ATTR_MAX + 1];
if (!info->attrs[IPVS_CMD_ATTR_DAEMON] || if (!info->attrs[IPVS_CMD_ATTR_DAEMON] ||
nla_parse_nested(daemon_attrs, IPVS_DAEMON_ATTR_MAX, nla_parse_nested_deprecated(daemon_attrs, IPVS_DAEMON_ATTR_MAX, info->attrs[IPVS_CMD_ATTR_DAEMON], ip_vs_daemon_policy, info->extack))
info->attrs[IPVS_CMD_ATTR_DAEMON],
ip_vs_daemon_policy, info->extack))
goto out; goto out;
if (cmd == IPVS_CMD_NEW_DAEMON) if (cmd == IPVS_CMD_NEW_DAEMON)

View File

@ -1020,12 +1020,12 @@ static int ctnetlink_parse_tuple_ip(struct nlattr *attr,
struct nlattr *tb[CTA_IP_MAX+1]; struct nlattr *tb[CTA_IP_MAX+1];
int ret = 0; int ret = 0;
ret = nla_parse_nested(tb, CTA_IP_MAX, attr, NULL, NULL); ret = nla_parse_nested_deprecated(tb, CTA_IP_MAX, attr, NULL, NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;
ret = nla_validate_nested(attr, CTA_IP_MAX, ret = nla_validate_nested_deprecated(attr, CTA_IP_MAX,
cta_ip_nla_policy, NULL); cta_ip_nla_policy, NULL);
if (ret) if (ret)
return ret; return ret;
@ -1052,8 +1052,8 @@ static int ctnetlink_parse_tuple_proto(struct nlattr *attr,
struct nlattr *tb[CTA_PROTO_MAX+1]; struct nlattr *tb[CTA_PROTO_MAX+1];
int ret = 0; int ret = 0;
ret = nla_parse_nested(tb, CTA_PROTO_MAX, attr, proto_nla_policy, ret = nla_parse_nested_deprecated(tb, CTA_PROTO_MAX, attr,
NULL); proto_nla_policy, NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;
@ -1065,8 +1065,9 @@ static int ctnetlink_parse_tuple_proto(struct nlattr *attr,
l4proto = nf_ct_l4proto_find(tuple->dst.protonum); l4proto = nf_ct_l4proto_find(tuple->dst.protonum);
if (likely(l4proto->nlattr_to_tuple)) { if (likely(l4proto->nlattr_to_tuple)) {
ret = nla_validate_nested(attr, CTA_PROTO_MAX, ret = nla_validate_nested_deprecated(attr, CTA_PROTO_MAX,
l4proto->nla_policy, NULL); l4proto->nla_policy,
NULL);
if (ret == 0) if (ret == 0)
ret = l4proto->nlattr_to_tuple(tb, tuple); ret = l4proto->nlattr_to_tuple(tb, tuple);
} }
@ -1129,8 +1130,8 @@ ctnetlink_parse_tuple(const struct nlattr * const cda[],
memset(tuple, 0, sizeof(*tuple)); memset(tuple, 0, sizeof(*tuple));
err = nla_parse_nested(tb, CTA_TUPLE_MAX, cda[type], tuple_nla_policy, err = nla_parse_nested_deprecated(tb, CTA_TUPLE_MAX, cda[type],
NULL); tuple_nla_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -1180,7 +1181,8 @@ static int ctnetlink_parse_help(const struct nlattr *attr, char **helper_name,
int err; int err;
struct nlattr *tb[CTA_HELP_MAX+1]; struct nlattr *tb[CTA_HELP_MAX+1];
err = nla_parse_nested(tb, CTA_HELP_MAX, attr, help_nla_policy, NULL); err = nla_parse_nested_deprecated(tb, CTA_HELP_MAX, attr,
help_nla_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -1721,8 +1723,8 @@ static int ctnetlink_change_protoinfo(struct nf_conn *ct,
struct nlattr *tb[CTA_PROTOINFO_MAX+1]; struct nlattr *tb[CTA_PROTOINFO_MAX+1];
int err = 0; int err = 0;
err = nla_parse_nested(tb, CTA_PROTOINFO_MAX, attr, protoinfo_policy, err = nla_parse_nested_deprecated(tb, CTA_PROTOINFO_MAX, attr,
NULL); protoinfo_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -1745,7 +1747,8 @@ static int change_seq_adj(struct nf_ct_seqadj *seq,
int err; int err;
struct nlattr *cda[CTA_SEQADJ_MAX+1]; struct nlattr *cda[CTA_SEQADJ_MAX+1];
err = nla_parse_nested(cda, CTA_SEQADJ_MAX, attr, seqadj_policy, NULL); err = nla_parse_nested_deprecated(cda, CTA_SEQADJ_MAX, attr,
seqadj_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -1822,8 +1825,9 @@ static int ctnetlink_change_synproxy(struct nf_conn *ct,
if (!synproxy) if (!synproxy)
return 0; return 0;
err = nla_parse_nested(tb, CTA_SYNPROXY_MAX, cda[CTA_SYNPROXY], err = nla_parse_nested_deprecated(tb, CTA_SYNPROXY_MAX,
synproxy_policy, NULL); cda[CTA_SYNPROXY], synproxy_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -2553,7 +2557,8 @@ ctnetlink_glue_parse(const struct nlattr *attr, struct nf_conn *ct)
struct nlattr *cda[CTA_MAX+1]; struct nlattr *cda[CTA_MAX+1];
int ret; int ret;
ret = nla_parse_nested(cda, CTA_MAX, attr, ct_nla_policy, NULL); ret = nla_parse_nested_deprecated(cda, CTA_MAX, attr, ct_nla_policy,
NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;
@ -2586,8 +2591,8 @@ ctnetlink_glue_attach_expect(const struct nlattr *attr, struct nf_conn *ct,
struct nf_conntrack_expect *exp; struct nf_conntrack_expect *exp;
int err; int err;
err = nla_parse_nested(cda, CTA_EXPECT_MAX, attr, exp_nla_policy, err = nla_parse_nested_deprecated(cda, CTA_EXPECT_MAX, attr,
NULL); exp_nla_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -3209,8 +3214,8 @@ ctnetlink_parse_expect_nat(const struct nlattr *attr,
struct nf_conntrack_tuple nat_tuple = {}; struct nf_conntrack_tuple nat_tuple = {};
int err; int err;
err = nla_parse_nested(tb, CTA_EXPECT_NAT_MAX, attr, err = nla_parse_nested_deprecated(tb, CTA_EXPECT_NAT_MAX, attr,
exp_nat_nla_policy, NULL); exp_nat_nla_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -639,8 +639,8 @@ static int nlattr_to_dccp(struct nlattr *cda[], struct nf_conn *ct)
if (!attr) if (!attr)
return 0; return 0;
err = nla_parse_nested(tb, CTA_PROTOINFO_DCCP_MAX, attr, err = nla_parse_nested_deprecated(tb, CTA_PROTOINFO_DCCP_MAX, attr,
dccp_nla_policy, NULL); dccp_nla_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -563,8 +563,8 @@ static int nlattr_to_sctp(struct nlattr *cda[], struct nf_conn *ct)
if (!attr) if (!attr)
return 0; return 0;
err = nla_parse_nested(tb, CTA_PROTOINFO_SCTP_MAX, attr, err = nla_parse_nested_deprecated(tb, CTA_PROTOINFO_SCTP_MAX, attr,
sctp_nla_policy, NULL); sctp_nla_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -1248,8 +1248,8 @@ static int nlattr_to_tcp(struct nlattr *cda[], struct nf_conn *ct)
if (!pattr) if (!pattr)
return 0; return 0;
err = nla_parse_nested(tb, CTA_PROTOINFO_TCP_MAX, pattr, err = nla_parse_nested_deprecated(tb, CTA_PROTOINFO_TCP_MAX, pattr,
tcp_nla_policy, NULL); tcp_nla_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -890,8 +890,8 @@ static int nfnetlink_parse_nat_proto(struct nlattr *attr,
struct nlattr *tb[CTA_PROTONAT_MAX+1]; struct nlattr *tb[CTA_PROTONAT_MAX+1];
int err; int err;
err = nla_parse_nested(tb, CTA_PROTONAT_MAX, attr, err = nla_parse_nested_deprecated(tb, CTA_PROTONAT_MAX, attr,
protonat_nla_policy, NULL); protonat_nla_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -949,7 +949,8 @@ nfnetlink_parse_nat(const struct nlattr *nat,
memset(range, 0, sizeof(*range)); memset(range, 0, sizeof(*range));
err = nla_parse_nested(tb, CTA_NAT_MAX, nat, nat_nla_policy, NULL); err = nla_parse_nested_deprecated(tb, CTA_NAT_MAX, nat,
nat_nla_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -1420,8 +1420,8 @@ static struct nft_stats __percpu *nft_stats_alloc(const struct nlattr *attr)
struct nft_stats *stats; struct nft_stats *stats;
int err; int err;
err = nla_parse_nested(tb, NFTA_COUNTER_MAX, attr, nft_counter_policy, err = nla_parse_nested_deprecated(tb, NFTA_COUNTER_MAX, attr,
NULL); nft_counter_policy, NULL);
if (err < 0) if (err < 0)
return ERR_PTR(err); return ERR_PTR(err);
@ -1525,8 +1525,9 @@ static int nft_chain_parse_hook(struct net *net,
lockdep_assert_held(&net->nft.commit_mutex); lockdep_assert_held(&net->nft.commit_mutex);
lockdep_nfnl_nft_mutex_not_held(); lockdep_nfnl_nft_mutex_not_held();
err = nla_parse_nested(ha, NFTA_HOOK_MAX, nla[NFTA_CHAIN_HOOK], err = nla_parse_nested_deprecated(ha, NFTA_HOOK_MAX,
nft_hook_policy, NULL); nla[NFTA_CHAIN_HOOK],
nft_hook_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -2105,7 +2106,8 @@ static int nf_tables_expr_parse(const struct nft_ctx *ctx,
struct nlattr *tb[NFTA_EXPR_MAX + 1]; struct nlattr *tb[NFTA_EXPR_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, NFTA_EXPR_MAX, nla, nft_expr_policy, NULL); err = nla_parse_nested_deprecated(tb, NFTA_EXPR_MAX, nla,
nft_expr_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -2114,8 +2116,9 @@ static int nf_tables_expr_parse(const struct nft_ctx *ctx,
return PTR_ERR(type); return PTR_ERR(type);
if (tb[NFTA_EXPR_DATA]) { if (tb[NFTA_EXPR_DATA]) {
err = nla_parse_nested(info->tb, type->maxattr, err = nla_parse_nested_deprecated(info->tb, type->maxattr,
tb[NFTA_EXPR_DATA], type->policy, NULL); tb[NFTA_EXPR_DATA],
type->policy, NULL);
if (err < 0) if (err < 0)
goto err1; goto err1;
} else } else
@ -3443,8 +3446,8 @@ static int nf_tables_set_desc_parse(struct nft_set_desc *desc,
struct nlattr *da[NFTA_SET_DESC_MAX + 1]; struct nlattr *da[NFTA_SET_DESC_MAX + 1];
int err; int err;
err = nla_parse_nested(da, NFTA_SET_DESC_MAX, nla, err = nla_parse_nested_deprecated(da, NFTA_SET_DESC_MAX, nla,
nft_set_desc_policy, NULL); nft_set_desc_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -4170,8 +4173,8 @@ static int nft_get_set_elem(struct nft_ctx *ctx, struct nft_set *set,
void *priv; void *priv;
int err; int err;
err = nla_parse_nested(nla, NFTA_SET_ELEM_MAX, attr, err = nla_parse_nested_deprecated(nla, NFTA_SET_ELEM_MAX, attr,
nft_set_elem_policy, NULL); nft_set_elem_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -4402,8 +4405,8 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
u8 ulen; u8 ulen;
int err; int err;
err = nla_parse_nested(nla, NFTA_SET_ELEM_MAX, attr, err = nla_parse_nested_deprecated(nla, NFTA_SET_ELEM_MAX, attr,
nft_set_elem_policy, NULL); nft_set_elem_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -4696,8 +4699,8 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
void *priv; void *priv;
int err; int err;
err = nla_parse_nested(nla, NFTA_SET_ELEM_MAX, attr, err = nla_parse_nested_deprecated(nla, NFTA_SET_ELEM_MAX, attr,
nft_set_elem_policy, NULL); nft_set_elem_policy, NULL);
if (err < 0) if (err < 0)
goto err1; goto err1;
@ -4971,8 +4974,8 @@ static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
goto err1; goto err1;
if (attr) { if (attr) {
err = nla_parse_nested(tb, type->maxattr, attr, type->policy, err = nla_parse_nested_deprecated(tb, type->maxattr, attr,
NULL); type->policy, NULL);
if (err < 0) if (err < 0)
goto err2; goto err2;
} else { } else {
@ -5548,8 +5551,8 @@ static int nf_tables_flowtable_parse_hook(const struct nft_ctx *ctx,
int hooknum, priority; int hooknum, priority;
int err, n = 0, i; int err, n = 0, i;
err = nla_parse_nested(tb, NFTA_FLOWTABLE_HOOK_MAX, attr, err = nla_parse_nested_deprecated(tb, NFTA_FLOWTABLE_HOOK_MAX, attr,
nft_flowtable_hook_policy, NULL); nft_flowtable_hook_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -7206,8 +7209,8 @@ static int nft_verdict_init(const struct nft_ctx *ctx, struct nft_data *data,
struct nft_chain *chain; struct nft_chain *chain;
int err; int err;
err = nla_parse_nested(tb, NFTA_VERDICT_MAX, nla, nft_verdict_policy, err = nla_parse_nested_deprecated(tb, NFTA_VERDICT_MAX, nla,
NULL); nft_verdict_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -7337,7 +7340,8 @@ int nft_data_init(const struct nft_ctx *ctx,
struct nlattr *tb[NFTA_DATA_MAX + 1]; struct nlattr *tb[NFTA_DATA_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, NFTA_DATA_MAX, nla, nft_data_policy, NULL); err = nla_parse_nested_deprecated(tb, NFTA_DATA_MAX, nla,
nft_data_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -206,8 +206,9 @@ replay:
return -ENOMEM; return -ENOMEM;
} }
err = nla_parse(cda, ss->cb[cb_id].attr_count, attr, attrlen, err = nla_parse_deprecated(cda, ss->cb[cb_id].attr_count,
ss->cb[cb_id].policy, extack); attr, attrlen,
ss->cb[cb_id].policy, extack);
if (err < 0) { if (err < 0) {
rcu_read_unlock(); rcu_read_unlock();
return err; return err;
@ -421,8 +422,10 @@ replay:
goto ack; goto ack;
} }
err = nla_parse(cda, ss->cb[cb_id].attr_count, attr, err = nla_parse_deprecated(cda,
attrlen, ss->cb[cb_id].policy, NULL); ss->cb[cb_id].attr_count,
attr, attrlen,
ss->cb[cb_id].policy, NULL);
if (err < 0) if (err < 0)
goto ack; goto ack;
@ -520,8 +523,8 @@ static void nfnetlink_rcv_skb_batch(struct sk_buff *skb, struct nlmsghdr *nlh)
if (skb->len < NLMSG_HDRLEN + sizeof(struct nfgenmsg)) if (skb->len < NLMSG_HDRLEN + sizeof(struct nfgenmsg))
return; return;
err = nla_parse(cda, NFNL_BATCH_MAX, attr, attrlen, nfnl_batch_policy, err = nla_parse_deprecated(cda, NFNL_BATCH_MAX, attr, attrlen,
NULL); nfnl_batch_policy, NULL);
if (err < 0) { if (err < 0) {
netlink_ack(skb, nlh, err, NULL); netlink_ack(skb, nlh, err, NULL);
return; return;

View File

@ -248,8 +248,8 @@ static int nfnl_acct_start(struct netlink_callback *cb)
if (!attr) if (!attr)
return 0; return 0;
err = nla_parse_nested(tb, NFACCT_FILTER_MAX, attr, filter_policy, err = nla_parse_nested_deprecated(tb, NFACCT_FILTER_MAX, attr,
NULL); filter_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -78,8 +78,8 @@ nfnl_cthelper_parse_tuple(struct nf_conntrack_tuple *tuple,
int err; int err;
struct nlattr *tb[NFCTH_TUPLE_MAX+1]; struct nlattr *tb[NFCTH_TUPLE_MAX+1];
err = nla_parse_nested(tb, NFCTH_TUPLE_MAX, attr, err = nla_parse_nested_deprecated(tb, NFCTH_TUPLE_MAX, attr,
nfnl_cthelper_tuple_pol, NULL); nfnl_cthelper_tuple_pol, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -139,8 +139,8 @@ nfnl_cthelper_expect_policy(struct nf_conntrack_expect_policy *expect_policy,
int err; int err;
struct nlattr *tb[NFCTH_POLICY_MAX+1]; struct nlattr *tb[NFCTH_POLICY_MAX+1];
err = nla_parse_nested(tb, NFCTH_POLICY_MAX, attr, err = nla_parse_nested_deprecated(tb, NFCTH_POLICY_MAX, attr,
nfnl_cthelper_expect_pol, NULL); nfnl_cthelper_expect_pol, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -176,8 +176,9 @@ nfnl_cthelper_parse_expect_policy(struct nf_conntrack_helper *helper,
struct nlattr *tb[NFCTH_POLICY_SET_MAX+1]; struct nlattr *tb[NFCTH_POLICY_SET_MAX+1];
unsigned int class_max; unsigned int class_max;
ret = nla_parse_nested(tb, NFCTH_POLICY_SET_MAX, attr, ret = nla_parse_nested_deprecated(tb, NFCTH_POLICY_SET_MAX, attr,
nfnl_cthelper_expect_policy_set, NULL); nfnl_cthelper_expect_policy_set,
NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;
@ -289,8 +290,8 @@ nfnl_cthelper_update_policy_one(const struct nf_conntrack_expect_policy *policy,
struct nlattr *tb[NFCTH_POLICY_MAX + 1]; struct nlattr *tb[NFCTH_POLICY_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, NFCTH_POLICY_MAX, attr, err = nla_parse_nested_deprecated(tb, NFCTH_POLICY_MAX, attr,
nfnl_cthelper_expect_pol, NULL); nfnl_cthelper_expect_pol, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -361,8 +362,9 @@ static int nfnl_cthelper_update_policy(struct nf_conntrack_helper *helper,
unsigned int class_max; unsigned int class_max;
int err; int err;
err = nla_parse_nested(tb, NFCTH_POLICY_SET_MAX, attr, err = nla_parse_nested_deprecated(tb, NFCTH_POLICY_SET_MAX, attr,
nfnl_cthelper_expect_policy_set, NULL); nfnl_cthelper_expect_policy_set,
NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -59,8 +59,11 @@ ctnl_timeout_parse_policy(void *timeout,
if (!tb) if (!tb)
return -ENOMEM; return -ENOMEM;
ret = nla_parse_nested(tb, l4proto->ctnl_timeout.nlattr_max, attr, ret = nla_parse_nested_deprecated(tb,
l4proto->ctnl_timeout.nla_policy, NULL); l4proto->ctnl_timeout.nlattr_max,
attr,
l4proto->ctnl_timeout.nla_policy,
NULL);
if (ret < 0) if (ret < 0)
goto err; goto err;

View File

@ -1139,8 +1139,9 @@ static int nfqa_parse_bridge(struct nf_queue_entry *entry,
struct nlattr *tb[NFQA_VLAN_MAX + 1]; struct nlattr *tb[NFQA_VLAN_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, NFQA_VLAN_MAX, nfqa[NFQA_VLAN], err = nla_parse_nested_deprecated(tb, NFQA_VLAN_MAX,
nfqa_vlan_policy, NULL); nfqa[NFQA_VLAN],
nfqa_vlan_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -198,8 +198,8 @@ static int nft_parse_compat(const struct nlattr *attr, u16 *proto, bool *inv)
u32 flags; u32 flags;
int err; int err;
err = nla_parse_nested(tb, NFTA_RULE_COMPAT_MAX, attr, err = nla_parse_nested_deprecated(tb, NFTA_RULE_COMPAT_MAX, attr,
nft_rule_compat_policy, NULL); nft_rule_compat_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -797,9 +797,11 @@ nft_ct_timeout_parse_policy(void *timeouts,
if (!tb) if (!tb)
return -ENOMEM; return -ENOMEM;
ret = nla_parse_nested(tb, l4proto->ctnl_timeout.nlattr_max, ret = nla_parse_nested_deprecated(tb,
attr, l4proto->ctnl_timeout.nla_policy, l4proto->ctnl_timeout.nlattr_max,
NULL); attr,
l4proto->ctnl_timeout.nla_policy,
NULL);
if (ret < 0) if (ret < 0)
goto err; goto err;

View File

@ -166,8 +166,8 @@ static int nft_tunnel_obj_ip_init(const struct nft_ctx *ctx,
struct nlattr *tb[NFTA_TUNNEL_KEY_IP_MAX + 1]; struct nlattr *tb[NFTA_TUNNEL_KEY_IP_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, NFTA_TUNNEL_KEY_IP_MAX, attr, err = nla_parse_nested_deprecated(tb, NFTA_TUNNEL_KEY_IP_MAX, attr,
nft_tunnel_ip_policy, NULL); nft_tunnel_ip_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -195,8 +195,8 @@ static int nft_tunnel_obj_ip6_init(const struct nft_ctx *ctx,
struct nlattr *tb[NFTA_TUNNEL_KEY_IP6_MAX + 1]; struct nlattr *tb[NFTA_TUNNEL_KEY_IP6_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, NFTA_TUNNEL_KEY_IP6_MAX, attr, err = nla_parse_nested_deprecated(tb, NFTA_TUNNEL_KEY_IP6_MAX, attr,
nft_tunnel_ip6_policy, NULL); nft_tunnel_ip6_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -231,8 +231,8 @@ static int nft_tunnel_obj_vxlan_init(const struct nlattr *attr,
struct nlattr *tb[NFTA_TUNNEL_KEY_VXLAN_MAX + 1]; struct nlattr *tb[NFTA_TUNNEL_KEY_VXLAN_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, NFTA_TUNNEL_KEY_VXLAN_MAX, attr, err = nla_parse_nested_deprecated(tb, NFTA_TUNNEL_KEY_VXLAN_MAX, attr,
nft_tunnel_opts_vxlan_policy, NULL); nft_tunnel_opts_vxlan_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -260,8 +260,9 @@ static int nft_tunnel_obj_erspan_init(const struct nlattr *attr,
uint8_t hwid, dir; uint8_t hwid, dir;
int err, version; int err, version;
err = nla_parse_nested(tb, NFTA_TUNNEL_KEY_ERSPAN_MAX, attr, err = nla_parse_nested_deprecated(tb, NFTA_TUNNEL_KEY_ERSPAN_MAX,
nft_tunnel_opts_erspan_policy, NULL); attr, nft_tunnel_opts_erspan_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -309,8 +310,8 @@ static int nft_tunnel_obj_opts_init(const struct nft_ctx *ctx,
struct nlattr *tb[NFTA_TUNNEL_KEY_OPTS_MAX + 1]; struct nlattr *tb[NFTA_TUNNEL_KEY_OPTS_MAX + 1];
int err; int err;
err = nla_parse_nested(tb, NFTA_TUNNEL_KEY_OPTS_MAX, attr, err = nla_parse_nested_deprecated(tb, NFTA_TUNNEL_KEY_OPTS_MAX, attr,
nft_tunnel_opts_policy, NULL); nft_tunnel_opts_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -99,9 +99,10 @@ static int netlbl_cipsov4_add_common(struct genl_info *info,
doi_def->doi = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_DOI]); doi_def->doi = nla_get_u32(info->attrs[NLBL_CIPSOV4_A_DOI]);
if (nla_validate_nested(info->attrs[NLBL_CIPSOV4_A_TAGLST], if (nla_validate_nested_deprecated(info->attrs[NLBL_CIPSOV4_A_TAGLST],
NLBL_CIPSOV4_A_MAX, NLBL_CIPSOV4_A_MAX,
netlbl_cipsov4_genl_policy, NULL) != 0) netlbl_cipsov4_genl_policy,
NULL) != 0)
return -EINVAL; return -EINVAL;
nla_for_each_nested(nla, info->attrs[NLBL_CIPSOV4_A_TAGLST], nla_rem) nla_for_each_nested(nla, info->attrs[NLBL_CIPSOV4_A_TAGLST], nla_rem)
@ -146,9 +147,10 @@ static int netlbl_cipsov4_add_std(struct genl_info *info,
!info->attrs[NLBL_CIPSOV4_A_MLSLVLLST]) !info->attrs[NLBL_CIPSOV4_A_MLSLVLLST])
return -EINVAL; return -EINVAL;
if (nla_validate_nested(info->attrs[NLBL_CIPSOV4_A_MLSLVLLST], if (nla_validate_nested_deprecated(info->attrs[NLBL_CIPSOV4_A_MLSLVLLST],
NLBL_CIPSOV4_A_MAX, NLBL_CIPSOV4_A_MAX,
netlbl_cipsov4_genl_policy, NULL) != 0) netlbl_cipsov4_genl_policy,
NULL) != 0)
return -EINVAL; return -EINVAL;
doi_def = kmalloc(sizeof(*doi_def), GFP_KERNEL); doi_def = kmalloc(sizeof(*doi_def), GFP_KERNEL);
@ -170,9 +172,10 @@ static int netlbl_cipsov4_add_std(struct genl_info *info,
info->attrs[NLBL_CIPSOV4_A_MLSLVLLST], info->attrs[NLBL_CIPSOV4_A_MLSLVLLST],
nla_a_rem) nla_a_rem)
if (nla_type(nla_a) == NLBL_CIPSOV4_A_MLSLVL) { if (nla_type(nla_a) == NLBL_CIPSOV4_A_MLSLVL) {
if (nla_validate_nested(nla_a, NLBL_CIPSOV4_A_MAX, if (nla_validate_nested_deprecated(nla_a,
netlbl_cipsov4_genl_policy, NLBL_CIPSOV4_A_MAX,
NULL) != 0) netlbl_cipsov4_genl_policy,
NULL) != 0)
goto add_std_failure; goto add_std_failure;
nla_for_each_nested(nla_b, nla_a, nla_b_rem) nla_for_each_nested(nla_b, nla_a, nla_b_rem)
switch (nla_type(nla_b)) { switch (nla_type(nla_b)) {
@ -234,19 +237,20 @@ static int netlbl_cipsov4_add_std(struct genl_info *info,
} }
if (info->attrs[NLBL_CIPSOV4_A_MLSCATLST]) { if (info->attrs[NLBL_CIPSOV4_A_MLSCATLST]) {
if (nla_validate_nested(info->attrs[NLBL_CIPSOV4_A_MLSCATLST], if (nla_validate_nested_deprecated(info->attrs[NLBL_CIPSOV4_A_MLSCATLST],
NLBL_CIPSOV4_A_MAX, NLBL_CIPSOV4_A_MAX,
netlbl_cipsov4_genl_policy, NULL) != 0) netlbl_cipsov4_genl_policy,
NULL) != 0)
goto add_std_failure; goto add_std_failure;
nla_for_each_nested(nla_a, nla_for_each_nested(nla_a,
info->attrs[NLBL_CIPSOV4_A_MLSCATLST], info->attrs[NLBL_CIPSOV4_A_MLSCATLST],
nla_a_rem) nla_a_rem)
if (nla_type(nla_a) == NLBL_CIPSOV4_A_MLSCAT) { if (nla_type(nla_a) == NLBL_CIPSOV4_A_MLSCAT) {
if (nla_validate_nested(nla_a, if (nla_validate_nested_deprecated(nla_a,
NLBL_CIPSOV4_A_MAX, NLBL_CIPSOV4_A_MAX,
netlbl_cipsov4_genl_policy, netlbl_cipsov4_genl_policy,
NULL) != 0) NULL) != 0)
goto add_std_failure; goto add_std_failure;
nla_for_each_nested(nla_b, nla_a, nla_b_rem) nla_for_each_nested(nla_b, nla_a, nla_b_rem)
switch (nla_type(nla_b)) { switch (nla_type(nla_b)) {

View File

@ -577,8 +577,9 @@ static int genl_family_rcv_msg(const struct genl_family *family,
attrbuf = family->attrbuf; attrbuf = family->attrbuf;
if (attrbuf) { if (attrbuf) {
err = nlmsg_parse(nlh, hdrlen, attrbuf, family->maxattr, err = nlmsg_parse_deprecated(nlh, hdrlen, attrbuf,
family->policy, extack); family->maxattr, family->policy,
extack);
if (err < 0) if (err < 0)
goto out; goto out;
} }

View File

@ -119,9 +119,10 @@ static struct nfc_dev *__get_device_from_cb(struct netlink_callback *cb)
int rc; int rc;
u32 idx; u32 idx;
rc = nlmsg_parse(cb->nlh, GENL_HDRLEN + nfc_genl_family.hdrsize, rc = nlmsg_parse_deprecated(cb->nlh,
attrbuf, nfc_genl_family.maxattr, nfc_genl_policy, GENL_HDRLEN + nfc_genl_family.hdrsize,
NULL); attrbuf, nfc_genl_family.maxattr,
nfc_genl_policy, NULL);
if (rc < 0) if (rc < 0)
return ERR_PTR(rc); return ERR_PTR(rc);
@ -1177,8 +1178,9 @@ static int nfc_genl_llc_sdreq(struct sk_buff *skb, struct genl_info *info)
tlvs_len = 0; tlvs_len = 0;
nla_for_each_nested(attr, info->attrs[NFC_ATTR_LLC_SDP], rem) { nla_for_each_nested(attr, info->attrs[NFC_ATTR_LLC_SDP], rem) {
rc = nla_parse_nested(sdp_attrs, NFC_SDP_ATTR_MAX, attr, rc = nla_parse_nested_deprecated(sdp_attrs, NFC_SDP_ATTR_MAX,
nfc_sdp_genl_policy, info->extack); attr, nfc_sdp_genl_policy,
info->extack);
if (rc != 0) { if (rc != 0) {
rc = -EINVAL; rc = -EINVAL;

View File

@ -1375,8 +1375,8 @@ static int ovs_flow_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb)
u32 ufid_flags; u32 ufid_flags;
int err; int err;
err = genlmsg_parse(cb->nlh, &dp_flow_genl_family, a, err = genlmsg_parse_deprecated(cb->nlh, &dp_flow_genl_family, a,
OVS_FLOW_ATTR_MAX, flow_policy, NULL); OVS_FLOW_ATTR_MAX, flow_policy, NULL);
if (err) if (err)
return err; return err;
ufid_flags = ovs_nla_get_ufid_flags(a[OVS_FLOW_ATTR_UFID_FLAGS]); ufid_flags = ovs_nla_get_ufid_flags(a[OVS_FLOW_ATTR_UFID_FLAGS]);

View File

@ -2854,8 +2854,8 @@ static int validate_userspace(const struct nlattr *attr)
struct nlattr *a[OVS_USERSPACE_ATTR_MAX + 1]; struct nlattr *a[OVS_USERSPACE_ATTR_MAX + 1];
int error; int error;
error = nla_parse_nested(a, OVS_USERSPACE_ATTR_MAX, attr, error = nla_parse_nested_deprecated(a, OVS_USERSPACE_ATTR_MAX, attr,
userspace_policy, NULL); userspace_policy, NULL);
if (error) if (error)
return error; return error;
@ -2885,8 +2885,9 @@ static int validate_and_copy_check_pkt_len(struct net *net,
int nested_acts_start; int nested_acts_start;
int start, err; int start, err;
err = nla_parse_strict(a, OVS_CHECK_PKT_LEN_ATTR_MAX, nla_data(attr), err = nla_parse_deprecated_strict(a, OVS_CHECK_PKT_LEN_ATTR_MAX,
nla_len(attr), cpl_policy, NULL); nla_data(attr), nla_len(attr),
cpl_policy, NULL);
if (err) if (err)
return err; return err;

View File

@ -227,9 +227,9 @@ static struct dp_meter *dp_meter_create(struct nlattr **a)
struct nlattr *attr[OVS_BAND_ATTR_MAX + 1]; struct nlattr *attr[OVS_BAND_ATTR_MAX + 1];
u32 band_max_delta_t; u32 band_max_delta_t;
err = nla_parse((struct nlattr **)&attr, OVS_BAND_ATTR_MAX, err = nla_parse_deprecated((struct nlattr **)&attr,
nla_data(nla), nla_len(nla), band_policy, OVS_BAND_ATTR_MAX, nla_data(nla),
NULL); nla_len(nla), band_policy, NULL);
if (err) if (err)
goto exit_free_meter; goto exit_free_meter;

View File

@ -70,8 +70,8 @@ static int vxlan_configure_exts(struct vport *vport, struct nlattr *attr,
if (nla_len(attr) < sizeof(struct nlattr)) if (nla_len(attr) < sizeof(struct nlattr))
return -EINVAL; return -EINVAL;
err = nla_parse_nested(exts, OVS_VXLAN_EXT_MAX, attr, exts_policy, err = nla_parse_nested_deprecated(exts, OVS_VXLAN_EXT_MAX, attr,
NULL); exts_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -79,8 +79,8 @@ static int addr_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
ASSERT_RTNL(); ASSERT_RTNL();
err = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, ifa_phonet_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
extack); ifa_phonet_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -246,8 +246,8 @@ static int route_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
ASSERT_RTNL(); ASSERT_RTNL();
err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_phonet_policy, err = nlmsg_parse_deprecated(nlh, sizeof(*rtm), tb, RTA_MAX,
extack); rtm_phonet_policy, extack);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -1091,7 +1091,8 @@ static int qrtr_addr_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
ASSERT_RTNL(); ASSERT_RTNL();
rc = nlmsg_parse(nlh, sizeof(*ifm), tb, IFA_MAX, qrtr_policy, extack); rc = nlmsg_parse_deprecated(nlh, sizeof(*ifm), tb, IFA_MAX,
qrtr_policy, extack);
if (rc < 0) if (rc < 0)
return rc; return rc;

View File

@ -849,7 +849,8 @@ struct tc_action *tcf_action_init_1(struct net *net, struct tcf_proto *tp,
int err; int err;
if (name == NULL) { if (name == NULL) {
err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, extack); err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX, nla, NULL,
extack);
if (err < 0) if (err < 0)
goto err_out; goto err_out;
err = -EINVAL; err = -EINVAL;
@ -964,7 +965,8 @@ int tcf_action_init(struct net *net, struct tcf_proto *tp, struct nlattr *nla,
int err; int err;
int i; int i;
err = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL, extack); err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX_PRIO, nla, NULL,
extack);
if (err < 0) if (err < 0)
return err; return err;
@ -1099,7 +1101,7 @@ static struct tc_action *tcf_action_get_1(struct net *net, struct nlattr *nla,
int index; int index;
int err; int err;
err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, extack); err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX, nla, NULL, extack);
if (err < 0) if (err < 0)
goto err_out; goto err_out;
@ -1153,7 +1155,7 @@ static int tca_action_flush(struct net *net, struct nlattr *nla,
b = skb_tail_pointer(skb); b = skb_tail_pointer(skb);
err = nla_parse_nested(tb, TCA_ACT_MAX, nla, NULL, extack); err = nla_parse_nested_deprecated(tb, TCA_ACT_MAX, nla, NULL, extack);
if (err < 0) if (err < 0)
goto err_out; goto err_out;
@ -1282,7 +1284,8 @@ tca_action_gd(struct net *net, struct nlattr *nla, struct nlmsghdr *n,
size_t attr_size = 0; size_t attr_size = 0;
struct tc_action *actions[TCA_ACT_MAX_PRIO] = {}; struct tc_action *actions[TCA_ACT_MAX_PRIO] = {};
ret = nla_parse_nested(tb, TCA_ACT_MAX_PRIO, nla, NULL, extack); ret = nla_parse_nested_deprecated(tb, TCA_ACT_MAX_PRIO, nla, NULL,
extack);
if (ret < 0) if (ret < 0)
return ret; return ret;
@ -1384,8 +1387,8 @@ static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n,
!netlink_capable(skb, CAP_NET_ADMIN)) !netlink_capable(skb, CAP_NET_ADMIN))
return -EPERM; return -EPERM;
ret = nlmsg_parse(n, sizeof(struct tcamsg), tca, TCA_ROOT_MAX, NULL, ret = nlmsg_parse_deprecated(n, sizeof(struct tcamsg), tca,
extack); TCA_ROOT_MAX, NULL, extack);
if (ret < 0) if (ret < 0)
return ret; return ret;
@ -1436,13 +1439,12 @@ static struct nlattr *find_dump_kind(struct nlattr **nla)
if (tb1 == NULL) if (tb1 == NULL)
return NULL; return NULL;
if (nla_parse(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), if (nla_parse_deprecated(tb, TCA_ACT_MAX_PRIO, nla_data(tb1), NLMSG_ALIGN(nla_len(tb1)), NULL, NULL) < 0)
NLMSG_ALIGN(nla_len(tb1)), NULL, NULL) < 0)
return NULL; return NULL;
if (tb[1] == NULL) if (tb[1] == NULL)
return NULL; return NULL;
if (nla_parse_nested(tb2, TCA_ACT_MAX, tb[1], NULL, NULL) < 0) if (nla_parse_nested_deprecated(tb2, TCA_ACT_MAX, tb[1], NULL, NULL) < 0)
return NULL; return NULL;
kind = tb2[TCA_ACT_KIND]; kind = tb2[TCA_ACT_KIND];
@ -1466,8 +1468,8 @@ static int tc_dump_action(struct sk_buff *skb, struct netlink_callback *cb)
u32 msecs_since = 0; u32 msecs_since = 0;
u32 act_count = 0; u32 act_count = 0;
ret = nlmsg_parse(cb->nlh, sizeof(struct tcamsg), tb, TCA_ROOT_MAX, ret = nlmsg_parse_deprecated(cb->nlh, sizeof(struct tcamsg), tb,
tcaa_policy, cb->extack); TCA_ROOT_MAX, tcaa_policy, cb->extack);
if (ret < 0) if (ret < 0)
return ret; return ret;

View File

@ -293,7 +293,8 @@ static int tcf_bpf_init(struct net *net, struct nlattr *nla,
if (!nla) if (!nla)
return -EINVAL; return -EINVAL;
ret = nla_parse_nested(tb, TCA_ACT_BPF_MAX, nla, act_bpf_policy, NULL); ret = nla_parse_nested_deprecated(tb, TCA_ACT_BPF_MAX, nla,
act_bpf_policy, NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;

View File

@ -111,8 +111,8 @@ static int tcf_connmark_init(struct net *net, struct nlattr *nla,
if (!nla) if (!nla)
return -EINVAL; return -EINVAL;
ret = nla_parse_nested(tb, TCA_CONNMARK_MAX, nla, connmark_policy, ret = nla_parse_nested_deprecated(tb, TCA_CONNMARK_MAX, nla,
NULL); connmark_policy, NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;

View File

@ -61,7 +61,8 @@ static int tcf_csum_init(struct net *net, struct nlattr *nla,
if (nla == NULL) if (nla == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_CSUM_MAX, nla, csum_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_CSUM_MAX, nla, csum_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -74,7 +74,8 @@ static int tcf_gact_init(struct net *net, struct nlattr *nla,
if (nla == NULL) if (nla == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_GACT_MAX, nla, gact_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_GACT_MAX, nla, gact_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -486,7 +486,8 @@ static int tcf_ife_init(struct net *net, struct nlattr *nla,
int ret = 0; int ret = 0;
int err; int err;
err = nla_parse_nested(tb, TCA_IFE_MAX, nla, ife_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_IFE_MAX, nla, ife_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;
@ -567,8 +568,9 @@ static int tcf_ife_init(struct net *net, struct nlattr *nla,
INIT_LIST_HEAD(&ife->metalist); INIT_LIST_HEAD(&ife->metalist);
if (tb[TCA_IFE_METALST]) { if (tb[TCA_IFE_METALST]) {
err = nla_parse_nested(tb2, IFE_META_MAX, tb[TCA_IFE_METALST], err = nla_parse_nested_deprecated(tb2, IFE_META_MAX,
NULL, NULL); tb[TCA_IFE_METALST], NULL,
NULL);
if (err) if (err)
goto metadata_parse_err; goto metadata_parse_err;
err = populate_metalist(ife, tb2, exists, rtnl_held); err = populate_metalist(ife, tb2, exists, rtnl_held);

View File

@ -113,7 +113,8 @@ static int __tcf_ipt_init(struct net *net, unsigned int id, struct nlattr *nla,
if (nla == NULL) if (nla == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_IPT_MAX, nla, ipt_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_IPT_MAX, nla, ipt_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -111,7 +111,8 @@ static int tcf_mirred_init(struct net *net, struct nlattr *nla,
NL_SET_ERR_MSG_MOD(extack, "Mirred requires attributes to be passed"); NL_SET_ERR_MSG_MOD(extack, "Mirred requires attributes to be passed");
return -EINVAL; return -EINVAL;
} }
ret = nla_parse_nested(tb, TCA_MIRRED_MAX, nla, mirred_policy, extack); ret = nla_parse_nested_deprecated(tb, TCA_MIRRED_MAX, nla,
mirred_policy, extack);
if (ret < 0) if (ret < 0)
return ret; return ret;
if (!tb[TCA_MIRRED_PARMS]) { if (!tb[TCA_MIRRED_PARMS]) {

View File

@ -52,7 +52,8 @@ static int tcf_nat_init(struct net *net, struct nlattr *nla, struct nlattr *est,
if (nla == NULL) if (nla == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_NAT_MAX, nla, nat_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_NAT_MAX, nla, nat_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -70,8 +70,9 @@ static struct tcf_pedit_key_ex *tcf_pedit_keys_ex_parse(struct nlattr *nla,
goto err_out; goto err_out;
} }
err = nla_parse_nested(tb, TCA_PEDIT_KEY_EX_MAX, ka, err = nla_parse_nested_deprecated(tb, TCA_PEDIT_KEY_EX_MAX,
pedit_key_ex_policy, NULL); ka, pedit_key_ex_policy,
NULL);
if (err) if (err)
goto err_out; goto err_out;
@ -158,7 +159,8 @@ static int tcf_pedit_init(struct net *net, struct nlattr *nla,
return -EINVAL; return -EINVAL;
} }
err = nla_parse_nested(tb, TCA_PEDIT_MAX, nla, pedit_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_PEDIT_MAX, nla,
pedit_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -100,7 +100,8 @@ static int tcf_police_init(struct net *net, struct nlattr *nla,
if (nla == NULL) if (nla == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_POLICE_MAX, nla, police_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_POLICE_MAX, nla,
police_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -53,7 +53,8 @@ static int tcf_sample_init(struct net *net, struct nlattr *nla,
if (!nla) if (!nla)
return -EINVAL; return -EINVAL;
ret = nla_parse_nested(tb, TCA_SAMPLE_MAX, nla, sample_policy, NULL); ret = nla_parse_nested_deprecated(tb, TCA_SAMPLE_MAX, nla,
sample_policy, NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;
if (!tb[TCA_SAMPLE_PARMS] || !tb[TCA_SAMPLE_RATE] || if (!tb[TCA_SAMPLE_PARMS] || !tb[TCA_SAMPLE_RATE] ||

View File

@ -104,7 +104,8 @@ static int tcf_simp_init(struct net *net, struct nlattr *nla,
if (nla == NULL) if (nla == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_DEF_MAX, nla, simple_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_DEF_MAX, nla, simple_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -114,7 +114,8 @@ static int tcf_skbedit_init(struct net *net, struct nlattr *nla,
if (nla == NULL) if (nla == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_SKBEDIT_MAX, nla, skbedit_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_SKBEDIT_MAX, nla,
skbedit_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -102,7 +102,8 @@ static int tcf_skbmod_init(struct net *net, struct nlattr *nla,
if (!nla) if (!nla)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_SKBMOD_MAX, nla, skbmod_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_SKBMOD_MAX, nla,
skbmod_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -76,8 +76,9 @@ tunnel_key_copy_geneve_opt(const struct nlattr *nla, void *dst, int dst_len,
int err, data_len, opt_len; int err, data_len, opt_len;
u8 *data; u8 *data;
err = nla_parse_nested(tb, TCA_TUNNEL_KEY_ENC_OPT_GENEVE_MAX, err = nla_parse_nested_deprecated(tb,
nla, geneve_opt_policy, extack); TCA_TUNNEL_KEY_ENC_OPT_GENEVE_MAX,
nla, geneve_opt_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -125,8 +126,8 @@ static int tunnel_key_copy_opts(const struct nlattr *nla, u8 *dst,
int err, rem, opt_len, len = nla_len(nla), opts_len = 0; int err, rem, opt_len, len = nla_len(nla), opts_len = 0;
const struct nlattr *attr, *head = nla_data(nla); const struct nlattr *attr, *head = nla_data(nla);
err = nla_validate(head, len, TCA_TUNNEL_KEY_ENC_OPTS_MAX, err = nla_validate_deprecated(head, len, TCA_TUNNEL_KEY_ENC_OPTS_MAX,
enc_opts_policy, extack); enc_opts_policy, extack);
if (err) if (err)
return err; return err;
@ -235,8 +236,8 @@ static int tunnel_key_init(struct net *net, struct nlattr *nla,
return -EINVAL; return -EINVAL;
} }
err = nla_parse_nested(tb, TCA_TUNNEL_KEY_MAX, nla, tunnel_key_policy, err = nla_parse_nested_deprecated(tb, TCA_TUNNEL_KEY_MAX, nla,
extack); tunnel_key_policy, extack);
if (err < 0) { if (err < 0) {
NL_SET_ERR_MSG(extack, "Failed to parse nested tunnel key attributes"); NL_SET_ERR_MSG(extack, "Failed to parse nested tunnel key attributes");
return err; return err;

View File

@ -124,7 +124,8 @@ static int tcf_vlan_init(struct net *net, struct nlattr *nla,
if (!nla) if (!nla)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_VLAN_MAX, nla, vlan_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_VLAN_MAX, nla, vlan_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -2006,7 +2006,8 @@ static int tc_new_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
replay: replay:
tp_created = 0; tp_created = 0;
err = nlmsg_parse(n, sizeof(*t), tca, TCA_MAX, rtm_tca_policy, extack); err = nlmsg_parse_deprecated(n, sizeof(*t), tca, TCA_MAX,
rtm_tca_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -2217,7 +2218,8 @@ static int tc_del_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN))
return -EPERM; return -EPERM;
err = nlmsg_parse(n, sizeof(*t), tca, TCA_MAX, rtm_tca_policy, extack); err = nlmsg_parse_deprecated(n, sizeof(*t), tca, TCA_MAX,
rtm_tca_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -2366,7 +2368,8 @@ static int tc_get_tfilter(struct sk_buff *skb, struct nlmsghdr *n,
int err; int err;
bool rtnl_held = false; bool rtnl_held = false;
err = nlmsg_parse(n, sizeof(*t), tca, TCA_MAX, rtm_tca_policy, extack); err = nlmsg_parse_deprecated(n, sizeof(*t), tca, TCA_MAX,
rtm_tca_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -2558,8 +2561,8 @@ static int tc_dump_tfilter(struct sk_buff *skb, struct netlink_callback *cb)
if (nlmsg_len(cb->nlh) < sizeof(*tcm)) if (nlmsg_len(cb->nlh) < sizeof(*tcm))
return skb->len; return skb->len;
err = nlmsg_parse(cb->nlh, sizeof(*tcm), tca, TCA_MAX, NULL, err = nlmsg_parse_deprecated(cb->nlh, sizeof(*tcm), tca, TCA_MAX,
cb->extack); NULL, cb->extack);
if (err) if (err)
return err; return err;
@ -2806,7 +2809,8 @@ static int tc_ctl_chain(struct sk_buff *skb, struct nlmsghdr *n,
return -EPERM; return -EPERM;
replay: replay:
err = nlmsg_parse(n, sizeof(*t), tca, TCA_MAX, rtm_tca_policy, extack); err = nlmsg_parse_deprecated(n, sizeof(*t), tca, TCA_MAX,
rtm_tca_policy, extack);
if (err < 0) if (err < 0)
return err; return err;
@ -2937,8 +2941,8 @@ static int tc_dump_chain(struct sk_buff *skb, struct netlink_callback *cb)
if (nlmsg_len(cb->nlh) < sizeof(*tcm)) if (nlmsg_len(cb->nlh) < sizeof(*tcm))
return skb->len; return skb->len;
err = nlmsg_parse(cb->nlh, sizeof(*tcm), tca, TCA_MAX, rtm_tca_policy, err = nlmsg_parse_deprecated(cb->nlh, sizeof(*tcm), tca, TCA_MAX,
cb->extack); rtm_tca_policy, cb->extack);
if (err) if (err)
return err; return err;

View File

@ -185,8 +185,8 @@ static int basic_change(struct net *net, struct sk_buff *in_skb,
if (tca[TCA_OPTIONS] == NULL) if (tca[TCA_OPTIONS] == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_BASIC_MAX, tca[TCA_OPTIONS], err = nla_parse_nested_deprecated(tb, TCA_BASIC_MAX, tca[TCA_OPTIONS],
basic_policy, NULL); basic_policy, NULL);
if (err < 0) if (err < 0)
return err; return err;

View File

@ -468,8 +468,8 @@ static int cls_bpf_change(struct net *net, struct sk_buff *in_skb,
if (tca[TCA_OPTIONS] == NULL) if (tca[TCA_OPTIONS] == NULL)
return -EINVAL; return -EINVAL;
ret = nla_parse_nested(tb, TCA_BPF_MAX, tca[TCA_OPTIONS], bpf_policy, ret = nla_parse_nested_deprecated(tb, TCA_BPF_MAX, tca[TCA_OPTIONS],
NULL); bpf_policy, NULL);
if (ret < 0) if (ret < 0)
return ret; return ret;

View File

@ -104,8 +104,9 @@ static int cls_cgroup_change(struct net *net, struct sk_buff *in_skb,
goto errout; goto errout;
new->handle = handle; new->handle = handle;
new->tp = tp; new->tp = tp;
err = nla_parse_nested(tb, TCA_CGROUP_MAX, tca[TCA_OPTIONS], err = nla_parse_nested_deprecated(tb, TCA_CGROUP_MAX,
cgroup_policy, NULL); tca[TCA_OPTIONS], cgroup_policy,
NULL);
if (err < 0) if (err < 0)
goto errout; goto errout;

View File

@ -408,7 +408,8 @@ static int flow_change(struct net *net, struct sk_buff *in_skb,
if (opt == NULL) if (opt == NULL)
return -EINVAL; return -EINVAL;
err = nla_parse_nested(tb, TCA_FLOW_MAX, opt, flow_policy, NULL); err = nla_parse_nested_deprecated(tb, TCA_FLOW_MAX, opt, flow_policy,
NULL);
if (err < 0) if (err < 0)
return err; return err;

Some files were not shown because too many files have changed in this diff Show More