Re: [PATCH v4] af_netlink: ensure that NLMSG_DONE never fails in dumps

From: David Miller
Date: Sat Nov 11 2017 - 09:10:18 EST

Next message: Kalle Valo: "Re: pull-request: wireless-drivers-next 2017-11-11"
Previous message: Vladimir Zapolskiy: "Re: [PATCH v4 3/5] staging: Introduce NVIDIA Tegra video decoder driver"
In reply to: Jason A. Donenfeld: "Re: [PATCH v4] af_netlink: ensure that NLMSG_DONE never fails in dumps"
Next in thread: Johannes Berg: "Re: [PATCH v4] af_netlink: ensure that NLMSG_DONE never fails in dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: "Jason A. Donenfeld" <Jason@xxxxxxxxx>
Date: Thu, 9 Nov 2017 13:04:44 +0900

> @@ -2195,13 +2197,15 @@ static int netlink_dump(struct sock *sk)
> return 0;
> }
>
> - nlh = nlmsg_put_answer(skb, cb, NLMSG_DONE, sizeof(len), NLM_F_MULTI);
> - if (!nlh)
> + nlh = nlmsg_put_answer(skb, cb, NLMSG_DONE,
> + sizeof(nlk->dump_done_errno), NLM_F_MULTI);
> + if (WARN_ON(!nlh))
> goto errout_skb;

If you're handling this by forcing another read() to procude the
NLMSG_DONE, then you have no reason to WARN_ON() here.

In fact you are adding a WARN_ON() which is trivially triggerable by
any user.

Next message: Kalle Valo: "Re: pull-request: wireless-drivers-next 2017-11-11"
Previous message: Vladimir Zapolskiy: "Re: [PATCH v4 3/5] staging: Introduce NVIDIA Tegra video decoder driver"
In reply to: Jason A. Donenfeld: "Re: [PATCH v4] af_netlink: ensure that NLMSG_DONE never fails in dumps"
Next in thread: Johannes Berg: "Re: [PATCH v4] af_netlink: ensure that NLMSG_DONE never fails in dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]