Re: Possible bug in netlink_recvmsg()

[David Howells]

David Miller <[EMAIL PROTECTED]> wrote:

> See this fix in my net-2.6.22 tree:
> 
> commit ad495d7b6cfcd1bc2eaf06c42699be0bb5d84234
> Author: David S. Miller <[EMAIL PROTECTED]>
> Date:   Tue Mar 6 17:02:35 2007 -0800

Ummm... That seems to conflict with something in your net-2.6 tree.  Which one
should I use?

David
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Possible bug in netlink_recvmsg()

[David Miller]

From: David Howells <[EMAIL PROTECTED]>
Date: Fri, 13 Apr 2007 19:08:31 +0100

> AF_NETLINK sockets, however, do not do (3).  See this bit in 
> netlink_recvmsg():
> 
>   copied = skb->len;
>   if (len < copied) {
>   msg->msg_flags |= MSG_TRUNC;
>   copied = len;
>   }
> 
> Or is this only true if the caller of recvmsg() passes MSG_TRUNC in?

See this fix in my net-2.6.22 tree:

commit ad495d7b6cfcd1bc2eaf06c42699be0bb5d84234
Author: David S. Miller <[EMAIL PROTECTED]>
Date:   Tue Mar 6 17:02:35 2007 -0800

[NETLINK]: Mirror UDP MSG_TRUNC semantics.

If the user passes MSG_TRUNC in via msg_flags, return
the full packet size not the truncated size.

Idea from Herbert Xu and Thomas Graf.

Signed-off-by: David S. Miller <[EMAIL PROTECTED]>

diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index e73d8f5..b31a732 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -1242,6 +1242,9 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct 
socket *sock,
 
scm_recv(sock, msg, siocb->scm, flags);
 
+   if (flags & MSG_TRUNC)
+   copied = skb->len;
+
 out:
netlink_rcv_wake(sk);
return err ? : copied;
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Possible bug in netlink_recvmsg()

[David Howells]

As I understand it, according to the recvmsg() manual page, if the packet
being returned is larger than the buffer provided, and the protocol does not
support piecemeal reception of data, then:

 (1) the buffer should be filled,

 (2) MSG_TRUNC should be set in msg_flags, and

 (3) the length of the full packet, including the discarded bit should be
 returned.

AF_NETLINK sockets, however, do not do (3).  See this bit in netlink_recvmsg():

copied = skb->len;
if (len < copied) {
msg->msg_flags |= MSG_TRUNC;
copied = len;
}

Or is this only true if the caller of recvmsg() passes MSG_TRUNC in?

David
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html