Re: [PATCH] af_netlink: give correct bounds to dump skb for NLMSG_DONE

2017-11-07 Thread Jason A. Donenfeld
Erf, your patch doesn't handle what happens if len comes back negative, but I'll fix it up and send a v2 using this approach. I think I really prefer v1 though. Jason

Re: [PATCH] af_netlink: give correct bounds to dump skb for NLMSG_DONE

2017-11-07 Thread Jason A. Donenfeld
Hi Johannes, Yes indeed. It sacrifices 24 bytes for making things much less complex. However, if you prefer increasing the complexity of the state machine a bit instead, I suppose we could roll with this approach instead... Jason

Re: [PATCH] af_netlink: give correct bounds to dump skb for NLMSG_DONE

2017-11-07 Thread Johannes Berg
On Tue, 2017-11-07 at 20:29 +0900, Jason A. Donenfeld wrote: > > This patch thus reserves and restores the required length for > NLMSG_DONE during the call to the dump function. > That basically removes that space though, even when the dump isn't complete... wouldn't it be better to do something

Re: [PATCH] af_netlink: give correct bounds to dump skb for NLMSG_DONE

2017-11-07 Thread Jason A. Donenfeld
By the way, in case you're curious, here's the {up,down,cross}stream WireGuard commit that works around it via its compat layer (a rat's nest of hideous backports for all the weird kernels people want WireGuard to run on, which I cannot wait to remove): https://git.zx2c4.com/WireGuard/commit/?id=f

[PATCH] af_netlink: give correct bounds to dump skb for NLMSG_DONE

2017-11-07 Thread Jason A. Donenfeld
The way people generally use netlink_dump is that they fill in the skb as much as possible, breaking when nla_put returns an error. Then, they get called again and start filling out the next skb, and again, and so forth. The mechanism at work here is the ability for the iterative dumping function t