diff mbox series

[net] rtnetlink: fix if_nlmsg_stats_size() under estimation

Message ID 20211005210417.2624297-1-eric.dumazet@gmail.com (mailing list archive)
State Accepted
Commit d34367991933d28bd7331f67a759be9a8c474014
Delegated to: Netdev Maintainers
Headers show
Series [net] rtnetlink: fix if_nlmsg_stats_size() under estimation | expand

Checks

Context Check Description
netdev/cover_letter success Single patches do not need cover letters
netdev/fixes_present success Fixes tag present in non-next series
netdev/patch_count success Link
netdev/tree_selection success Clearly marked for net
netdev/subject_prefix success Link
netdev/cc_maintainers fail 1 blamed authors not CCed: roopa@cumulusnetworks.com; 18 maintainers not CCed: roopa@cumulusnetworks.com johannes.berg@intel.com daniel@iogearbox.net ryazanov.s.a@gmail.com vladimir.oltean@nxp.com kafai@fb.com yhs@fb.com andrii@kernel.org avagin@gmail.com john.fastabend@gmail.com zhudi21@huawei.com yajun.deng@linux.dev lschlesinger@drivenets.com songliubraving@fb.com cong.wang@bytedance.com kpsingh@kernel.org ast@kernel.org bpf@vger.kernel.org
netdev/source_inline success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/module_param success Was 0 now: 0
netdev/build_32bit success Errors and warnings before: 1 this patch: 1
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/verify_fixes success Fixes tag looks correct
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 8 lines checked
netdev/build_allmodconfig_warn success Errors and warnings before: 1 this patch: 1
netdev/header_inline success No static functions without inline keyword in header files

Commit Message

Eric Dumazet Oct. 5, 2021, 9:04 p.m. UTC 
From: Eric Dumazet <edumazet@google.com>

rtnl_fill_statsinfo() is filling skb with one mandatory if_stats_msg structure.

nlmsg_put(skb, pid, seq, type, sizeof(struct if_stats_msg), flags);

But if_nlmsg_stats_size() never considered the needed storage.

This bug did not show up because alloc_skb(X) allocates skb with
extra tailroom, because of added alignments. This could very well
be changed in the future to have deterministic behavior.

Fixes: 10c9ead9f3c6 ("rtnetlink: add new RTM_GETSTATS message to dump link stats")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Roopa Prabhu <roopa@nvidia.com>
---
 net/core/rtnetlink.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Roopa Prabhu Oct. 5, 2021, 10:08 p.m. UTC | #1 
On 10/5/21 2:04 PM, Eric Dumazet wrote:
> From: Eric Dumazet <edumazet@google.com>
>
> rtnl_fill_statsinfo() is filling skb with one mandatory if_stats_msg structure.
>
> nlmsg_put(skb, pid, seq, type, sizeof(struct if_stats_msg), flags);
>
> But if_nlmsg_stats_size() never considered the needed storage.
>
> This bug did not show up because alloc_skb(X) allocates skb with
> extra tailroom, because of added alignments. This could very well
> be changed in the future to have deterministic behavior.
>
> Fixes: 10c9ead9f3c6 ("rtnetlink: add new RTM_GETSTATS message to dump link stats")
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Cc: Roopa Prabhu <roopa@nvidia.com>
> ---

Acked-by: Roopa Prabhu <roopa@nvidia.com>

don't know how i missed this. Thanks for the patch Eric.
patchwork-bot+netdevbpf@kernel.org Oct. 6, 2021, 2:20 p.m. UTC | #2 
Hello:

This patch was applied to netdev/net.git (refs/heads/master):

On Tue,  5 Oct 2021 14:04:17 -0700 you wrote:
> From: Eric Dumazet <edumazet@google.com>
> 
> rtnl_fill_statsinfo() is filling skb with one mandatory if_stats_msg structure.
> 
> nlmsg_put(skb, pid, seq, type, sizeof(struct if_stats_msg), flags);
> 
> But if_nlmsg_stats_size() never considered the needed storage.
> 
> [...]

Here is the summary with links:
  - [net] rtnetlink: fix if_nlmsg_stats_size() under estimation
    https://git.kernel.org/netdev/net/c/d34367991933

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
diff mbox series

Patch

diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 972c8cb303a514758278307cd9fcb974e37f2b96..8ccce85562a1da2a5285aebd19a6a4cb7d6a163e 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -5262,7 +5262,7 @@  static int rtnl_fill_statsinfo(struct sk_buff *skb, struct net_device *dev,
 static size_t if_nlmsg_stats_size(const struct net_device *dev,
 				  u32 filter_mask)
 {
-	size_t size = 0;
+	size_t size = NLMSG_ALIGN(sizeof(struct if_stats_msg));
 
 	if (stats_attr_valid(filter_mask, IFLA_STATS_LINK_64, 0))
 		size += nla_total_size_64bit(sizeof(struct rtnl_link_stats64));