Re: [PATCH 2/3] ksmbd: set both ipv4 and ipv6 in FSCTL_QUERY_NETWORK_INTERFACE_INFO

Hyunchul Lee <hyc.lee@xxxxxxxxx> · Thu, 16 Dec 2021 07:28:11 +0900

2021년 12월 16일 (목) 오전 4:46, Namjae Jeon <linkinjeon@xxxxxxxxxx>님이 작성:
>
> Set ipv4 and ipv6 address in FSCTL_QUERY_NETWORK_INTERFACE_INFO.
>
> Signed-off-by: Namjae Jeon <linkinjeon@xxxxxxxxxx>
> ---
>  fs/ksmbd/smb2pdu.c | 14 ++++++++------
>  1 file changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
> index 7aee3b58b16f..4f938f038a65 100644
> --- a/fs/ksmbd/smb2pdu.c
> +++ b/fs/ksmbd/smb2pdu.c
> @@ -7223,10 +7223,11 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
>         struct sockaddr_storage_rsp *sockaddr_storage;
>         unsigned int flags;
>         unsigned long long speed;
> -       struct sockaddr_in6 *csin6 = (struct sockaddr_in6 *)&conn->peer_addr;
>
>         rtnl_lock();
>         for_each_netdev(&init_net, netdev) {
> +               bool ipv4_set = false;
> +
>                 if (out_buf_len <
>                     nbytes + sizeof(struct network_interface_info_ioctl_rsp)) {
>                         rtnl_unlock();
> @@ -7239,7 +7240,7 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
>                 flags = dev_get_flags(netdev);
>                 if (!(flags & IFF_RUNNING))
>                         continue;
> -
> +ipv6_retry:

Don't we need to check out_buf_len to prevent buffer overflow?

>                 nii_rsp = (struct network_interface_info_ioctl_rsp *)
>                                 &rsp->Buffer[nbytes];
>                 nii_rsp->IfIndex = cpu_to_le32(netdev->ifindex);
> @@ -7271,8 +7272,7 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
>                                         nii_rsp->SockAddr_Storage;
>                 memset(sockaddr_storage, 0, 128);
>
> -               if (conn->peer_addr.ss_family == PF_INET ||
> -                   ipv6_addr_v4mapped(&csin6->sin6_addr)) {
> +               if (!ipv4_set) {
>                         struct in_device *idev;
>
>                         sockaddr_storage->Family = cpu_to_le16(INTERNETWORK);
> @@ -7283,6 +7283,9 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
>                                 continue;
>                         sockaddr_storage->addr4.IPv4address =
>                                                 idev_ipv4_address(idev);
> +                       nbytes += sizeof(struct network_interface_info_ioctl_rsp);
> +                       ipv4_set = true;
> +                       goto ipv6_retry;

if __in_dev_get_rtnl is failed , Don't we need to goto ipv6_retry?

>                 } else {
>                         struct inet6_dev *idev6;
>                         struct inet6_ifaddr *ifa;
> @@ -7304,9 +7307,8 @@ static int fsctl_query_iface_info_ioctl(struct ksmbd_conn *conn,
>                                 break;
>                         }
>                         sockaddr_storage->addr6.ScopeId = 0;
> +                       nbytes += sizeof(struct network_interface_info_ioctl_rsp);
>                 }
> -
> -               nbytes += sizeof(struct network_interface_info_ioctl_rsp);
>         }
>         rtnl_unlock();
>
> --
> 2.25.1
>

-- 
Thanks,
Hyunchul