On 10/1/18 7:46 PM, Mauricio Faria de Oliveira wrote:
> Currently, rtnl_fdb_dump() assumes the family header is 'struct ifinfomsg',
> which is not always true -- 'struct ndmsg' is used by iproute2 ('ip neigh').
>
> The problem is, the function bails out early if nlmsg_parse() fails, which
> does occur for iproute2 usage of 'struct ndmsg' because the payload length
> is shorter than the family header alone (as 'struct ifinfomsg' is assumed).
>
> This breaks backward compatibility with userspace -- nothing is sent back.
>
...
>
> Fixes: 0ff50e83b512 ("net: rtnetlink: bail out from rtnl_fdb_dump() on parse
> error")
> Fixes: 5e6d24358799 ("bridge: netlink dump interface at par with brctl")
> Reported-by: Aidan Obley <[email protected]>
> Signed-off-by: Mauricio Faria de Oliveira <[email protected]>
>
> ---
> v2: Change logic to check msg size for ndmsg with optional attribute.
> Thanks: David Ahern <[email protected]>
>
> net/core/rtnetlink.c | 29 ++++++++++++++++++++---------
> 1 file changed, 20 insertions(+), 9 deletions(-)
>
Seems reasonable for 4.19 and back
Reviewed-by: David Ahern <[email protected]>
