On 6/20/25 4:32 AM, Sasha Levin wrote:
This is a note to let you know that I've just added the patch titled
openvswitch: Stricter validation for the userspace actionto the 6.15-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: openvswitch-stricter-validation-for-the-userspace-ac.patch and it can be found in the queue-6.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
FWIW, backporting of this change was previously discussed here: https://lore.kernel.org/netdev/2025060520-slacking-swimmer-1b31@gregkh/
With the conclusion to drop it as it's not a bug fix and hence there is no reason to backport it.
Best regards, Ilya Maximets.
commit 77c2ef6608f0cb47cbcc0d3e0a4371e35f70e125 Author: Eelco Chaudron echaudro@redhat.com Date: Mon May 12 10:08:24 2025 +0200
openvswitch: Stricter validation for the userspace action[ Upstream commit 88906f55954131ed2d3974e044b7fb48129b86ae ] This change enhances the robustness of validate_userspace() by ensuring that all Netlink attributes are fully contained within the parent attribute. The previous use of nla_parse_nested_deprecated() could silently skip trailing or malformed attributes, as it stops parsing at the first invalid entry. By switching to nla_parse_deprecated_strict(), we make sure only fully validated attributes are copied for later use. Signed-off-by: Eelco Chaudron echaudro@redhat.com Reviewed-by: Simon Horman horms@kernel.org Acked-by: Ilya Maximets i.maximets@ovn.org Link: https://patch.msgid.link/67eb414e2d250e8408bb8afeb982deca2ff2b10b.1747037304... Signed-off-by: Jakub Kicinski kuba@kernel.org Signed-off-by: Sasha Levin sashal@kernel.org
diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c index 518be23e48ea9..ad64bb9ab5e25 100644 --- a/net/openvswitch/flow_netlink.c +++ b/net/openvswitch/flow_netlink.c @@ -3049,7 +3049,8 @@ static int validate_userspace(const struct nlattr *attr) struct nlattr *a[OVS_USERSPACE_ATTR_MAX + 1]; int error;
- error = nla_parse_nested_deprecated(a, OVS_USERSPACE_ATTR_MAX, attr,
- error = nla_parse_deprecated_strict(a, OVS_USERSPACE_ATTR_MAX,
nla_data(attr), nla_len(attr), userspace_policy, NULL);