Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 436014e

Browse files
kuba-mookuba-moo
committed
Merge branch 'mctp-sockaddr-padding-check-initialisation-fixup'
Eugene Syromiatnikov says: ==================== MCTP sockaddr padding check/initialisation fixup This pair of patches introduces checks for padding fields of struct sockaddr_mctp/sockaddr_mctp_ext to ease their re-use for possible extensions in the future; as well as zeroing of these fields in the respective sockaddr filling routines. While the first commit is definitely an ABI breakage, it is proposed in hopes that the change is made soon enough (the interface appeared only in Linux 5.15) to avoid affecting any existing user space. ==================== Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Jakub Kicinski <[email protected]>
2 parents a5bda90 + e9ea574 commit 436014e

File tree

1 file changed

+23
-1
lines changed

1 file changed

+23
-1
lines changed

net/mctp/af_mctp.c

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,19 @@ static int mctp_release(struct socket *sock)
3333
return 0;
3434
}
3535

36+
/* Generic sockaddr checks, padding checks only so far */
37+
static bool mctp_sockaddr_is_ok(const struct sockaddr_mctp *addr)
38+
{
39+
return !addr->__smctp_pad0 && !addr->__smctp_pad1;
40+
}
41+
42+
static bool mctp_sockaddr_ext_is_ok(const struct sockaddr_mctp_ext *addr)
43+
{
44+
return !addr->__smctp_pad0[0] &&
45+
!addr->__smctp_pad0[1] &&
46+
!addr->__smctp_pad0[2];
47+
}
48+
3649
static int mctp_bind(struct socket *sock, struct sockaddr *addr, int addrlen)
3750
{
3851
struct sock *sk = sock->sk;
@@ -52,6 +65,9 @@ static int mctp_bind(struct socket *sock, struct sockaddr *addr, int addrlen)
5265
/* it's a valid sockaddr for MCTP, cast and do protocol checks */
5366
smctp = (struct sockaddr_mctp *)addr;
5467

68+
if (!mctp_sockaddr_is_ok(smctp))
69+
return -EINVAL;
70+
5571
lock_sock(sk);
5672

5773
/* TODO: allow rebind */
@@ -87,6 +103,8 @@ static int mctp_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
87103
return -EINVAL;
88104
if (addr->smctp_family != AF_MCTP)
89105
return -EINVAL;
106+
if (!mctp_sockaddr_is_ok(addr))
107+
return -EINVAL;
90108
if (addr->smctp_tag & ~(MCTP_TAG_MASK | MCTP_TAG_OWNER))
91109
return -EINVAL;
92110

@@ -124,7 +142,8 @@ static int mctp_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
124142
DECLARE_SOCKADDR(struct sockaddr_mctp_ext *,
125143
extaddr, msg->msg_name);
126144

127-
if (extaddr->smctp_halen > sizeof(cb->haddr)) {
145+
if (!mctp_sockaddr_ext_is_ok(extaddr) ||
146+
extaddr->smctp_halen > sizeof(cb->haddr)) {
128147
rc = -EINVAL;
129148
goto err_free;
130149
}
@@ -198,11 +217,13 @@ static int mctp_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
198217

199218
addr = msg->msg_name;
200219
addr->smctp_family = AF_MCTP;
220+
addr->__smctp_pad0 = 0;
201221
addr->smctp_network = cb->net;
202222
addr->smctp_addr.s_addr = hdr->src;
203223
addr->smctp_type = type;
204224
addr->smctp_tag = hdr->flags_seq_tag &
205225
(MCTP_HDR_TAG_MASK | MCTP_HDR_FLAG_TO);
226+
addr->__smctp_pad1 = 0;
206227
msg->msg_namelen = sizeof(*addr);
207228

208229
if (msk->addr_ext) {
@@ -211,6 +232,7 @@ static int mctp_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
211232
msg->msg_namelen = sizeof(*ae);
212233
ae->smctp_ifindex = cb->ifindex;
213234
ae->smctp_halen = cb->halen;
235+
memset(ae->__smctp_pad0, 0x0, sizeof(ae->__smctp_pad0));
214236
memset(ae->smctp_haddr, 0x0, sizeof(ae->smctp_haddr));
215237
memcpy(ae->smctp_haddr, cb->haddr, cb->halen);
216238
}

0 commit comments

Comments
 (0)