* [PATCH net-next] net: mctp: use nlmsg_payload() for netlink message data extraction
@ 2025-05-20 7:02 Jeremy Kerr
2025-05-20 15:23 ` Simon Horman
0 siblings, 1 reply; 5+ messages in thread
From: Jeremy Kerr @ 2025-05-20 7:02 UTC (permalink / raw)
To: Matt Johnston, David S. Miller, Eric Dumazet, Jakub Kicinski,
Paolo Abeni, Simon Horman
Cc: netdev
Jakub suggests:
> I have a different request :) Matt, once this ends up in net-next
> (end of this week) could you refactor it to use nlmsg_payload() ?
> It doesn't exist in net but this is exactly why it was added.
This refactors the additions to both mctp_dump_addrinfo(), and
mctp_rtm_getneigh() - two cases where we're calling nlh_data() on an
an incoming netlink message, without a prior nlmsg_parse().
Signed-off-by: Jeremy Kerr <jk@codeconstruct.com.au>
---
net/mctp/device.c | 4 ++--
net/mctp/neigh.c | 5 ++++-
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/net/mctp/device.c b/net/mctp/device.c
index 7c0dcf3df3196207af6e1a1c002f388265c49fa1..4d404edd7446e187dd3aa18ee2086c4e2e3da3ee 100644
--- a/net/mctp/device.c
+++ b/net/mctp/device.c
@@ -120,8 +120,8 @@ static int mctp_dump_addrinfo(struct sk_buff *skb, struct netlink_callback *cb)
int ifindex = 0, rc;
/* Filter by ifindex if a header is provided */
- if (cb->nlh->nlmsg_len >= nlmsg_msg_size(sizeof(*hdr))) {
- hdr = nlmsg_data(cb->nlh);
+ hdr = nlmsg_payload(cb->nlh, sizeof(*hdr));
+ if (hdr) {
ifindex = hdr->ifa_index;
} else {
if (cb->strict_check) {
diff --git a/net/mctp/neigh.c b/net/mctp/neigh.c
index 590f642413e4ef113a1a9fa96cb548b98cb55621..05b899f22d902b275ca1e300542a8d546d59ea15 100644
--- a/net/mctp/neigh.c
+++ b/net/mctp/neigh.c
@@ -250,7 +250,10 @@ static int mctp_rtm_getneigh(struct sk_buff *skb, struct netlink_callback *cb)
int idx;
} *cbctx = (void *)cb->ctx;
- ndmsg = nlmsg_data(cb->nlh);
+ ndmsg = nlmsg_payload(cb->nlh, sizeof(*ndmsg));
+ if (!ndmsg)
+ return -EINVAL;
+
req_ifindex = ndmsg->ndm_ifindex;
idx = 0;
---
base-commit: f685204c57e87d2a88b159c7525426d70ee745c9
change-id: 20250520-mctp-nlmsg-payload-0711973470bf
Best regards,
--
Jeremy Kerr <jk@codeconstruct.com.au>
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH net-next] net: mctp: use nlmsg_payload() for netlink message data extraction
2025-05-20 7:02 [PATCH net-next] net: mctp: use nlmsg_payload() for netlink message data extraction Jeremy Kerr
@ 2025-05-20 15:23 ` Simon Horman
2025-05-21 2:05 ` Jeremy Kerr
0 siblings, 1 reply; 5+ messages in thread
From: Simon Horman @ 2025-05-20 15:23 UTC (permalink / raw)
To: Jeremy Kerr
Cc: Matt Johnston, David S. Miller, Eric Dumazet, Jakub Kicinski,
Paolo Abeni, netdev
On Tue, May 20, 2025 at 03:02:10PM +0800, Jeremy Kerr wrote:
> Jakub suggests:
>
> > I have a different request :) Matt, once this ends up in net-next
> > (end of this week) could you refactor it to use nlmsg_payload() ?
> > It doesn't exist in net but this is exactly why it was added.
>
> This refactors the additions to both mctp_dump_addrinfo(), and
> mctp_rtm_getneigh() - two cases where we're calling nlh_data() on an
> an incoming netlink message, without a prior nlmsg_parse().
>
> Signed-off-by: Jeremy Kerr <jk@codeconstruct.com.au>
> ---
> net/mctp/device.c | 4 ++--
> net/mctp/neigh.c | 5 ++++-
> 2 files changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/net/mctp/device.c b/net/mctp/device.c
> index 7c0dcf3df3196207af6e1a1c002f388265c49fa1..4d404edd7446e187dd3aa18ee2086c4e2e3da3ee 100644
> --- a/net/mctp/device.c
> +++ b/net/mctp/device.c
> @@ -120,8 +120,8 @@ static int mctp_dump_addrinfo(struct sk_buff *skb, struct netlink_callback *cb)
> int ifindex = 0, rc;
>
> /* Filter by ifindex if a header is provided */
> - if (cb->nlh->nlmsg_len >= nlmsg_msg_size(sizeof(*hdr))) {
> - hdr = nlmsg_data(cb->nlh);
> + hdr = nlmsg_payload(cb->nlh, sizeof(*hdr));
> + if (hdr) {
> ifindex = hdr->ifa_index;
> } else {
> if (cb->strict_check) {
Hi Jeremy,
This looks like a refactor, as per the commit message.
All good.
> diff --git a/net/mctp/neigh.c b/net/mctp/neigh.c
> index 590f642413e4ef113a1a9fa96cb548b98cb55621..05b899f22d902b275ca1e300542a8d546d59ea15 100644
> --- a/net/mctp/neigh.c
> +++ b/net/mctp/neigh.c
> @@ -250,7 +250,10 @@ static int mctp_rtm_getneigh(struct sk_buff *skb, struct netlink_callback *cb)
> int idx;
> } *cbctx = (void *)cb->ctx;
>
> - ndmsg = nlmsg_data(cb->nlh);
> + ndmsg = nlmsg_payload(cb->nlh, sizeof(*ndmsg));
> + if (!ndmsg)
> + return -EINVAL;
> +
But is this one a bug fix?
> req_ifindex = ndmsg->ndm_ifindex;
>
> idx = 0;
>
> ---
> base-commit: f685204c57e87d2a88b159c7525426d70ee745c9
> change-id: 20250520-mctp-nlmsg-payload-0711973470bf
>
> Best regards,
> --
> Jeremy Kerr <jk@codeconstruct.com.au>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net-next] net: mctp: use nlmsg_payload() for netlink message data extraction
2025-05-20 15:23 ` Simon Horman
@ 2025-05-21 2:05 ` Jeremy Kerr
2025-05-21 9:01 ` Simon Horman
0 siblings, 1 reply; 5+ messages in thread
From: Jeremy Kerr @ 2025-05-21 2:05 UTC (permalink / raw)
To: Simon Horman
Cc: Matt Johnston, David S. Miller, Eric Dumazet, Jakub Kicinski,
Paolo Abeni, netdev
Hi Horms,
Thanks for the review!
> > --- a/net/mctp/neigh.c
> > +++ b/net/mctp/neigh.c
> > @@ -250,7 +250,10 @@ static int mctp_rtm_getneigh(struct sk_buff *skb, struct netlink_callback *cb)
> > int idx;
> > } *cbctx = (void *)cb->ctx;
> >
> > - ndmsg = nlmsg_data(cb->nlh);
> > + ndmsg = nlmsg_payload(cb->nlh, sizeof(*ndmsg));
> > + if (!ndmsg)
> > + return -EINVAL;
> > +
>
> But is this one a bug fix?
At the moment, we cannot hit the case where the nlh does not contain a
full ndmsg, as the core handler (net/core/neighbour.c, neigh_get()) has
already validated the size (through neigh_valid_req_get()), and would
have failed the get before the MCTP hander is called.
However, relying on that is a bit fragile, hence applying the
nlmsg_payload replacement here.
I'm happy to split it out if that makes more sense though; in which case
this change would be initially implemented as check on ->nlmsg_len (in
order to be backportable to stable), and then a subsequent rework to use
nlmsg_payload. Let me know what would work best.
Cheers,
Jeremy
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net-next] net: mctp: use nlmsg_payload() for netlink message data extraction
2025-05-21 2:05 ` Jeremy Kerr
@ 2025-05-21 9:01 ` Simon Horman
2025-05-21 9:36 ` Jeremy Kerr
0 siblings, 1 reply; 5+ messages in thread
From: Simon Horman @ 2025-05-21 9:01 UTC (permalink / raw)
To: Jeremy Kerr
Cc: Matt Johnston, David S. Miller, Eric Dumazet, Jakub Kicinski,
Paolo Abeni, netdev
On Wed, May 21, 2025 at 10:05:36AM +0800, Jeremy Kerr wrote:
> Hi Horms,
>
> Thanks for the review!
>
> > > --- a/net/mctp/neigh.c
> > > +++ b/net/mctp/neigh.c
> > > @@ -250,7 +250,10 @@ static int mctp_rtm_getneigh(struct sk_buff *skb, struct netlink_callback *cb)
> > > int idx;
> > > } *cbctx = (void *)cb->ctx;
> > >
> > > - ndmsg = nlmsg_data(cb->nlh);
> > > + ndmsg = nlmsg_payload(cb->nlh, sizeof(*ndmsg));
> > > + if (!ndmsg)
> > > + return -EINVAL;
> > > +
> >
> > But is this one a bug fix?
>
> At the moment, we cannot hit the case where the nlh does not contain a
> full ndmsg, as the core handler (net/core/neighbour.c, neigh_get()) has
> already validated the size (through neigh_valid_req_get()), and would
> have failed the get before the MCTP hander is called.
>
> However, relying on that is a bit fragile, hence applying the
> nlmsg_payload replacement here.
>
> I'm happy to split it out if that makes more sense though; in which case
> this change would be initially implemented as check on ->nlmsg_len (in
> order to be backportable to stable), and then a subsequent rework to use
> nlmsg_payload. Let me know what would work best.
Hi Jeremy,
Thanks for the explanation. I think it might be best to add some commentary
to the commit message, as this was not obvious to me. But I don't feel
strongly about this.
So either way, this patch now looks good to me.
Reviewed-by: Simon Horman <horms@kernel.org>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net-next] net: mctp: use nlmsg_payload() for netlink message data extraction
2025-05-21 9:01 ` Simon Horman
@ 2025-05-21 9:36 ` Jeremy Kerr
0 siblings, 0 replies; 5+ messages in thread
From: Jeremy Kerr @ 2025-05-21 9:36 UTC (permalink / raw)
To: Simon Horman
Cc: Matt Johnston, David S. Miller, Eric Dumazet, Jakub Kicinski,
Paolo Abeni, netdev
Hi Horms,
> Thanks for the explanation. I think it might be best to add some commentary
> to the commit message, as this was not obvious to me. But I don't feel
> strongly about this.
Yep, makes sense to record this in the commit message, so I have sent a
v2 to suit.
Cheers,
Jeremy
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2025-05-21 9:36 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-05-20 7:02 [PATCH net-next] net: mctp: use nlmsg_payload() for netlink message data extraction Jeremy Kerr
2025-05-20 15:23 ` Simon Horman
2025-05-21 2:05 ` Jeremy Kerr
2025-05-21 9:01 ` Simon Horman
2025-05-21 9:36 ` Jeremy Kerr
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).