Taken from
https://git.zx2c4.com/WireGuard/commit/src?id=3120425f69003be287cb2d308f89c7a6a0335ff0

Reported-by: Bruno Wolff III <br...@wolff.to>
---
 drivers/net/wireguard/netlink.c | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/drivers/net/wireguard/netlink.c b/drivers/net/wireguard/netlink.c
index 3763e8c14ea5..676d36725120 100644
--- a/drivers/net/wireguard/netlink.c
+++ b/drivers/net/wireguard/netlink.c
@@ -21,8 +21,8 @@ static struct genl_family genl_family;
 static const struct nla_policy device_policy[WGDEVICE_A_MAX + 1] = {
        [WGDEVICE_A_IFINDEX]            = { .type = NLA_U32 },
        [WGDEVICE_A_IFNAME]             = { .type = NLA_NUL_STRING, .len = 
IFNAMSIZ - 1 },
-       [WGDEVICE_A_PRIVATE_KEY]        = { .len = NOISE_PUBLIC_KEY_LEN },
-       [WGDEVICE_A_PUBLIC_KEY]         = { .len = NOISE_PUBLIC_KEY_LEN },
+       [WGDEVICE_A_PRIVATE_KEY]        = { .type = NLA_EXACT_LEN, .len = 
NOISE_PUBLIC_KEY_LEN },
+       [WGDEVICE_A_PUBLIC_KEY]         = { .type = NLA_EXACT_LEN, .len = 
NOISE_PUBLIC_KEY_LEN },
        [WGDEVICE_A_FLAGS]              = { .type = NLA_U32 },
        [WGDEVICE_A_LISTEN_PORT]        = { .type = NLA_U16 },
        [WGDEVICE_A_FWMARK]             = { .type = NLA_U32 },
@@ -30,12 +30,12 @@ static const struct nla_policy device_policy[WGDEVICE_A_MAX 
+ 1] = {
 };
 
 static const struct nla_policy peer_policy[WGPEER_A_MAX + 1] = {
-       [WGPEER_A_PUBLIC_KEY]                           = { .len = 
NOISE_PUBLIC_KEY_LEN },
-       [WGPEER_A_PRESHARED_KEY]                        = { .len = 
NOISE_SYMMETRIC_KEY_LEN },
+       [WGPEER_A_PUBLIC_KEY]                           = { .type = 
NLA_EXACT_LEN, .len = NOISE_PUBLIC_KEY_LEN },
+       [WGPEER_A_PRESHARED_KEY]                        = { .type = 
NLA_EXACT_LEN, .len = NOISE_SYMMETRIC_KEY_LEN },
        [WGPEER_A_FLAGS]                                = { .type = NLA_U32 },
-       [WGPEER_A_ENDPOINT]                             = { .len = 
sizeof(struct sockaddr) },
+       [WGPEER_A_ENDPOINT]                             = { .type = 
NLA_MIN_LEN, .len = sizeof(struct sockaddr) },
        [WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL]        = { .type = NLA_U16 },
-       [WGPEER_A_LAST_HANDSHAKE_TIME]                  = { .len = 
sizeof(struct __kernel_timespec) },
+       [WGPEER_A_LAST_HANDSHAKE_TIME]                  = { .type = 
NLA_EXACT_LEN, .len = sizeof(struct __kernel_timespec) },
        [WGPEER_A_RX_BYTES]                             = { .type = NLA_U64 },
        [WGPEER_A_TX_BYTES]                             = { .type = NLA_U64 },
        [WGPEER_A_ALLOWEDIPS]                           = { .type = NLA_NESTED 
},
@@ -44,7 +44,7 @@ static const struct nla_policy peer_policy[WGPEER_A_MAX + 1] 
= {
 
 static const struct nla_policy allowedip_policy[WGALLOWEDIP_A_MAX + 1] = {
        [WGALLOWEDIP_A_FAMILY]          = { .type = NLA_U16 },
-       [WGALLOWEDIP_A_IPADDR]          = { .len = sizeof(struct in_addr) },
+       [WGALLOWEDIP_A_IPADDR]          = { .type = NLA_MIN_LEN, .len = 
sizeof(struct in_addr) },
        [WGALLOWEDIP_A_CIDR_MASK]       = { .type = NLA_U8 }
 };
 
@@ -591,12 +591,10 @@ static const struct genl_ops genl_ops[] = {
                .start = wg_get_device_start,
                .dumpit = wg_get_device_dump,
                .done = wg_get_device_done,
-               .policy = device_policy,
                .flags = GENL_UNS_ADMIN_PERM
        }, {
                .cmd = WG_CMD_SET_DEVICE,
                .doit = wg_set_device,
-               .policy = device_policy,
                .flags = GENL_UNS_ADMIN_PERM
        }
 };
@@ -608,6 +606,7 @@ static struct genl_family genl_family __ro_after_init = {
        .version = WG_GENL_VERSION,
        .maxattr = WGDEVICE_A_MAX,
        .module = THIS_MODULE,
+       .policy = device_policy,
        .netnsok = true
 };
 
-- 
2.17.1

Reply via email to