diff options
| author |   Jeremy Kerr <jk@codeconstruct.com.au> | 2025-05-21 17:33:36 +0800 |
|---|---|---|
| committer |   Paolo Abeni <pabeni@redhat.com> | 2025-05-26 17:38:27 +0200 |
| commit | 0a9b2c9fd1688c7ecbff0702855577a3f8eef1df (patch) | |
| tree | 5b1752fbf1546169d266098d652dd98f31c5e598 | |
| parent | Merge branch 'add-the-capability-to-consume-sram-for-hwfd-descriptor-queue-in-airoha_eth-driver' (diff) | |
| download | wireguard-linux-0a9b2c9fd1688c7ecbff0702855577a3f8eef1df.tar.xz wireguard-linux-0a9b2c9fd1688c7ecbff0702855577a3f8eef1df.zip | |
net: mctp: use nlmsg_payload() for netlink message data extraction
Jakub suggests:
> I have a different request :) Matt, once this ends up in net-next
> (end of this week) could you refactor it to use nlmsg_payload() ?
> It doesn't exist in net but this is exactly why it was added.
This refactors the additions to both mctp_dump_addrinfo(), and
mctp_rtm_getneigh() - two cases where we're calling nlh_data() on an
an incoming netlink message, without a prior nlmsg_parse().
For the neigh.c case, we cannot hit the failure where the nlh does not
contain a full ndmsg at present, as the core handler
(net/core/neighbour.c, neigh_get()) has already validated the size
through neigh_valid_req_get(), and would have failed the get operation
before the MCTP hander is called.
However, relying on that is a bit fragile, so apply the nlmsg_payload
refector here too.
Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: Jeremy Kerr <jk@codeconstruct.com.au>
Link: https://patch.msgid.link/20250521-mctp-nlmsg-payload-v2-1-e85df160c405@codeconstruct.com.au
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
| -rw-r--r-- | net/mctp/device.c | 4 | ||||
| -rw-r--r-- | net/mctp/neigh.c | 5 |
2 files changed, 6 insertions, 3 deletions
diff --git a/net/mctp/device.c b/net/mctp/device.c index 7c0dcf3df319..4d404edd7446 100644 --- a/net/mctp/device.c +++ b/net/mctp/device.c @@ -120,8 +120,8 @@ static int mctp_dump_addrinfo(struct sk_buff *skb, struct netlink_callback *cb) int ifindex = 0, rc; /* Filter by ifindex if a header is provided */ - if (cb->nlh->nlmsg_len >= nlmsg_msg_size(sizeof(*hdr))) { - hdr = nlmsg_data(cb->nlh); + hdr = nlmsg_payload(cb->nlh, sizeof(*hdr)); + if (hdr) { ifindex = hdr->ifa_index; } else { if (cb->strict_check) { diff --git a/net/mctp/neigh.c b/net/mctp/neigh.c index 590f642413e4..05b899f22d90 100644 --- a/net/mctp/neigh.c +++ b/net/mctp/neigh.c @@ -250,7 +250,10 @@ static int mctp_rtm_getneigh(struct sk_buff *skb, struct netlink_callback *cb) int idx; } *cbctx = (void *)cb->ctx; - ndmsg = nlmsg_data(cb->nlh); + ndmsg = nlmsg_payload(cb->nlh, sizeof(*ndmsg)); + if (!ndmsg) + return -EINVAL; + req_ifindex = ndmsg->ndm_ifindex; idx = 0; |