net: mctp: use nlmsg_payload() for netlink message data extraction

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Jakub suggests:

> I have a different request :) Matt, once this ends up in net-next
> (end of this week) could you refactor it to use nlmsg_payload() ?
> It doesn't exist in net but this is exactly why it was added.

This refactors the additions to both mctp_dump_addrinfo(), and
mctp_rtm_getneigh() - two cases where we're calling nlh_data() on an
an incoming netlink message, without a prior nlmsg_parse().

For the neigh.c case, we cannot hit the failure where the nlh does not
contain a full ndmsg at present, as the core handler
(net/core/neighbour.c, neigh_get()) has already validated the size
through neigh_valid_req_get(), and would have failed the get operation
before the MCTP hander is called.

However, relying on that is a bit fragile, so apply the nlmsg_payload
refector here too.

Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: Jeremy Kerr <jk@codeconstruct.com.au>
Link: https://patch.msgid.link/20250521-mctp-nlmsg-payload-v2-1-e85df160c405@codeconstruct.com.au
Signed-off-by: Paolo Abeni <pabeni@redhat.com>

authored by

Jeremy Kerr and committed by

Paolo Abeni 10 months ago 0a9b2c9f 31eaaa5c

+6 -3

2 changed files

expand all

net

mctp

device.c

neigh.c

+2 -2

net/mctp/device.c

··· 120 120 int ifindex = 0, rc; 121 121 122 122 /* Filter by ifindex if a header is provided */ 123 - if (cb->nlh->nlmsg_len >= nlmsg_msg_size(sizeof(*hdr))) { 124 - hdr = nlmsg_data(cb->nlh); 123 + hdr = nlmsg_payload(cb->nlh, sizeof(*hdr)); 124 + if (hdr) { 125 125 ifindex = hdr->ifa_index; 126 126 } else { 127 127 if (cb->strict_check) {

+4 -1

net/mctp/neigh.c

··· 250 250 int idx; 251 251 } *cbctx = (void *)cb->ctx; 252 252 253 - ndmsg = nlmsg_data(cb->nlh); 253 + ndmsg = nlmsg_payload(cb->nlh, sizeof(*ndmsg)); 254 + if (!ndmsg) 255 + return -EINVAL; 256 + 254 257 req_ifindex = ndmsg->ndm_ifindex; 255 258 256 259 idx = 0;