* [PATCH 4.11] genetlink: fix counting regression on ctrl_dumpfamily()
@ 2017-03-22 15:08 Stanislaw Gruszka
2017-03-22 22:05 ` Johannes Berg
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Stanislaw Gruszka @ 2017-03-22 15:08 UTC (permalink / raw)
To: netdev
Cc: linux-wireless, Stanislaw Gruszka, Xose Vazquez Perez,
Larry Finger, Johannes Berg
Commit 2ae0f17df1cd ("genetlink: use idr to track families") replaced
if (++n < fams_to_skip)
continue;
into:
if (n++ < fams_to_skip)
continue;
This subtle change cause that on retry ctrl_dumpfamily() call we omit
one family that failed to do ctrl_fill_info() on previous call, because
cb->args[0] = n number counts also family that failed to do
ctrl_fill_info().
Patch fixes the problem and avoid confusion in the future just decrease
n counter when ctrl_fill_info() fail.
User visible problem caused by this bug is failure to get access to
some genetlink family i.e. nl80211. However problem is reproducible
only if number of registered genetlink families is big enough to
cause second call of ctrl_dumpfamily().
Cc: Xose Vazquez Perez <xose.vazquez@gmail.com>
Cc: Larry Finger <Larry.Finger@lwfinger.net>
Cc: Johannes Berg <johannes@sipsolutions.net>
Fixes: 2ae0f17df1cd ("genetlink: use idr to track families")
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
---
Dave, please also target this for 4.10+ -stable.
net/netlink/genetlink.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
index fb6e10f..92e0981 100644
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -783,8 +783,10 @@ static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).portid,
cb->nlh->nlmsg_seq, NLM_F_MULTI,
- skb, CTRL_CMD_NEWFAMILY) < 0)
+ skb, CTRL_CMD_NEWFAMILY) < 0) {
+ n--;
break;
+ }
}
cb->args[0] = n;
--
1.7.1
^ permalink raw reply related [flat|nested] 4+ messages in thread* Re: [PATCH 4.11] genetlink: fix counting regression on ctrl_dumpfamily()
2017-03-22 15:08 [PATCH 4.11] genetlink: fix counting regression on ctrl_dumpfamily() Stanislaw Gruszka
@ 2017-03-22 22:05 ` Johannes Berg
[not found] ` <1490195313-13272-1-git-send-email-sgruszka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-03-23 10:45 ` poma
2 siblings, 0 replies; 4+ messages in thread
From: Johannes Berg @ 2017-03-22 22:05 UTC (permalink / raw)
To: Stanislaw Gruszka, netdev
Cc: linux-wireless, Xose Vazquez Perez, Larry Finger
On Wed, 2017-03-22 at 16:08 +0100, Stanislaw Gruszka wrote:
> Commit 2ae0f17df1cd ("genetlink: use idr to track families") replaced
>
> if (++n < fams_to_skip)
> continue;
> into:
>
> if (n++ < fams_to_skip)
> continue;
D'oh. I don't know how that ended up in there, tbh.
Acked-by: Johannes Berg <johannes@sipsolutions.net>
johannes
^ permalink raw reply [flat|nested] 4+ messages in thread[parent not found: <1490195313-13272-1-git-send-email-sgruszka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>]
* Re: [PATCH 4.11] genetlink: fix counting regression on ctrl_dumpfamily()
[not found] ` <1490195313-13272-1-git-send-email-sgruszka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
@ 2017-03-22 22:39 ` David Miller
0 siblings, 0 replies; 4+ messages in thread
From: David Miller @ 2017-03-22 22:39 UTC (permalink / raw)
To: sgruszka-H+wXaHxf7aLQT0dZR+AlfA
Cc: netdev-u79uwXL29TY76Z2rM5mHXA,
linux-wireless-u79uwXL29TY76Z2rM5mHXA,
xose.vazquez-Re5JQEeQqe8AvxtiuMwx3w,
Larry.Finger-tQ5ms3gMjBLk1uMJSBkQmQ,
johannes-cdvu00un1VgdHxzADdlk8Q
From: Stanislaw Gruszka <sgruszka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Date: Wed, 22 Mar 2017 16:08:33 +0100
> Commit 2ae0f17df1cd ("genetlink: use idr to track families") replaced
>
> if (++n < fams_to_skip)
> continue;
> into:
>
> if (n++ < fams_to_skip)
> continue;
>
> This subtle change cause that on retry ctrl_dumpfamily() call we omit
> one family that failed to do ctrl_fill_info() on previous call, because
> cb->args[0] = n number counts also family that failed to do
> ctrl_fill_info().
>
> Patch fixes the problem and avoid confusion in the future just decrease
> n counter when ctrl_fill_info() fail.
>
> User visible problem caused by this bug is failure to get access to
> some genetlink family i.e. nl80211. However problem is reproducible
> only if number of registered genetlink families is big enough to
> cause second call of ctrl_dumpfamily().
>
> Cc: Xose Vazquez Perez <xose.vazquez-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> Cc: Larry Finger <Larry.Finger-tQ5ms3gMjBLk1uMJSBkQmQ@public.gmane.org>
> Cc: Johannes Berg <johannes-cdvu00un1VgdHxzADdlk8Q@public.gmane.org>
> Fixes: 2ae0f17df1cd ("genetlink: use idr to track families")
> Signed-off-by: Stanislaw Gruszka <sgruszka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Applied and queued up for -stable, thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 4.11] genetlink: fix counting regression on ctrl_dumpfamily()
2017-03-22 15:08 [PATCH 4.11] genetlink: fix counting regression on ctrl_dumpfamily() Stanislaw Gruszka
2017-03-22 22:05 ` Johannes Berg
[not found] ` <1490195313-13272-1-git-send-email-sgruszka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
@ 2017-03-23 10:45 ` poma
2 siblings, 0 replies; 4+ messages in thread
From: poma @ 2017-03-23 10:45 UTC (permalink / raw)
To: Stanislaw Gruszka, netdev
Cc: linux-wireless, Xose Vazquez Perez, Larry Finger, Johannes Berg
On 22.03.2017 16:08, Stanislaw Gruszka wrote:
> Commit 2ae0f17df1cd ("genetlink: use idr to track families") replaced
>
> if (++n < fams_to_skip)
> continue;
> into:
>
> if (n++ < fams_to_skip)
> continue;
>
> This subtle change cause that on retry ctrl_dumpfamily() call we omit
> one family that failed to do ctrl_fill_info() on previous call, because
> cb->args[0] = n number counts also family that failed to do
> ctrl_fill_info().
>
> Patch fixes the problem and avoid confusion in the future just decrease
> n counter when ctrl_fill_info() fail.
>
> User visible problem caused by this bug is failure to get access to
> some genetlink family i.e. nl80211. However problem is reproducible
> only if number of registered genetlink families is big enough to
> cause second call of ctrl_dumpfamily().
>
> Cc: Xose Vazquez Perez <xose.vazquez@gmail.com>
> Cc: Larry Finger <Larry.Finger@lwfinger.net>
> Cc: Johannes Berg <johannes@sipsolutions.net>
> Fixes: 2ae0f17df1cd ("genetlink: use idr to track families")
> Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
> ---
> Dave, please also target this for 4.10+ -stable.
>
> net/netlink/genetlink.c | 4 +++-
> 1 files changed, 3 insertions(+), 1 deletions(-)
>
> diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
> index fb6e10f..92e0981 100644
> --- a/net/netlink/genetlink.c
> +++ b/net/netlink/genetlink.c
> @@ -783,8 +783,10 @@ static int ctrl_dumpfamily(struct sk_buff *skb, struct netlink_callback *cb)
>
> if (ctrl_fill_info(rt, NETLINK_CB(cb->skb).portid,
> cb->nlh->nlmsg_seq, NLM_F_MULTI,
> - skb, CTRL_CMD_NEWFAMILY) < 0)
> + skb, CTRL_CMD_NEWFAMILY) < 0) {
> + n--;
> break;
> + }
> }
>
> cb->args[0] = n;
>
Thanks Stanislaw, Larry!
Tested-by: poma <poma@gmail.com>
Ref.
https://bugzilla.redhat.com/show_bug.cgi?id=1422247
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-03-23 10:45 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-03-22 15:08 [PATCH 4.11] genetlink: fix counting regression on ctrl_dumpfamily() Stanislaw Gruszka
2017-03-22 22:05 ` Johannes Berg
[not found] ` <1490195313-13272-1-git-send-email-sgruszka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-03-22 22:39 ` David Miller
2017-03-23 10:45 ` poma
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).