x->props.family = p->family;
memcpy(&x->props.saddr, &p->saddr, sizeof(x->props.saddr));
x->props.flags = p->flags;
+
+ /*
+ * Set inner address family if the KM left it as zero.
+ * See comment in validate_tmpl.
+ */
+ if (!x->sel.family)
+ x->sel.family = p->family;
}
/*
struct sk_buff *skb = sp->out_skb;
struct xfrm_usersa_info *p;
struct nlmsghdr *nlh;
- unsigned char *b = skb_tail_pointer(skb);
if (sp->this_idx < sp->start_idx)
goto out;
- nlh = NLMSG_PUT(skb, NETLINK_CB(in_skb).pid,
- sp->nlmsg_seq,
- XFRM_MSG_NEWSA, sizeof(*p));
- nlh->nlmsg_flags = sp->nlmsg_flags;
+ nlh = nlmsg_put(skb, NETLINK_CB(in_skb).pid, sp->nlmsg_seq,
+ XFRM_MSG_NEWSA, sizeof(*p), sp->nlmsg_flags);
+ if (nlh == NULL)
+ return -EMSGSIZE;
p = NLMSG_DATA(nlh);
copy_to_user_state(x, p);
if (x->lastused)
RTA_PUT(skb, XFRMA_LASTUSED, sizeof(x->lastused), &x->lastused);
- nlh->nlmsg_len = skb_tail_pointer(skb) - b;
+ nlmsg_end(skb, nlh);
out:
sp->this_idx++;
return 0;
-nlmsg_failure:
rtattr_failure:
- nlmsg_trim(skb, b);
- return -1;
+ nlmsg_cancel(skb, nlh);
+ return -EMSGSIZE;
}
static int xfrm_dump_sa(struct sk_buff *skb, struct netlink_callback *cb)
struct sk_buff *in_skb = sp->in_skb;
struct sk_buff *skb = sp->out_skb;
struct nlmsghdr *nlh;
- unsigned char *b = skb_tail_pointer(skb);
if (sp->this_idx < sp->start_idx)
goto out;
- nlh = NLMSG_PUT(skb, NETLINK_CB(in_skb).pid,
- sp->nlmsg_seq,
- XFRM_MSG_NEWPOLICY, sizeof(*p));
+ nlh = nlmsg_put(skb, NETLINK_CB(in_skb).pid, sp->nlmsg_seq,
+ XFRM_MSG_NEWPOLICY, sizeof(*p), sp->nlmsg_flags);
+ if (nlh == NULL)
+ return -EMSGSIZE;
p = NLMSG_DATA(nlh);
- nlh->nlmsg_flags = sp->nlmsg_flags;
copy_to_user_policy(xp, p, dir);
if (copy_to_user_tmpl(xp, skb) < 0)
if (copy_to_user_policy_type(xp->type, skb) < 0)
goto nlmsg_failure;
- nlh->nlmsg_len = skb_tail_pointer(skb) - b;
+ nlmsg_end(skb, nlh);
out:
sp->this_idx++;
return 0;
nlmsg_failure:
- nlmsg_trim(skb, b);
- return -1;
+ nlmsg_cancel(skb, nlh);
+ return -EMSGSIZE;
}
static int xfrm_dump_policy(struct sk_buff *skb, struct netlink_callback *cb)
struct xfrm_aevent_id *id;
struct nlmsghdr *nlh;
struct xfrm_lifetime_cur ltime;
- unsigned char *b = skb_tail_pointer(skb);
- nlh = NLMSG_PUT(skb, c->pid, c->seq, XFRM_MSG_NEWAE, sizeof(*id));
+ nlh = nlmsg_put(skb, c->pid, c->seq, XFRM_MSG_NEWAE, sizeof(*id), 0);
+ if (nlh == NULL)
+ return -EMSGSIZE;
id = NLMSG_DATA(nlh);
- nlh->nlmsg_flags = 0;
memcpy(&id->sa_id.daddr, &x->id.daddr,sizeof(x->id.daddr));
id->sa_id.spi = x->id.spi;
RTA_PUT(skb,XFRMA_ETIMER_THRESH,sizeof(u32),&etimer);
}
- nlh->nlmsg_len = skb_tail_pointer(skb) - b;
- return skb->len;
+ return nlmsg_end(skb, nlh);
rtattr_failure:
-nlmsg_failure:
- nlmsg_trim(skb, b);
- return -1;
+ nlmsg_cancel(skb, nlh);
+ return -EMSGSIZE;
}
static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
struct xfrm_migrate *mp;
struct xfrm_userpolicy_id *pol_id;
struct nlmsghdr *nlh;
- unsigned char *b = skb_tail_pointer(skb);
int i;
- nlh = NLMSG_PUT(skb, 0, 0, XFRM_MSG_MIGRATE, sizeof(*pol_id));
+ nlh = nlmsg_put(skb, 0, 0, XFRM_MSG_MIGRATE, sizeof(*pol_id), 0);
+ if (nlh == NULL)
+ return -EMSGSIZE;
pol_id = NLMSG_DATA(nlh);
- nlh->nlmsg_flags = 0;
/* copy data from selector, dir, and type to the pol_id */
memset(pol_id, 0, sizeof(*pol_id));
goto nlmsg_failure;
}
- nlh->nlmsg_len = skb_tail_pointer(skb) - b;
- return skb->len;
+ return nlmsg_end(skb, nlh);
nlmsg_failure:
- nlmsg_trim(skb, b);
- return -1;
+ nlmsg_cancel(skb, nlh);
+ return -EMSGSIZE;
}
static int xfrm_send_migrate(struct xfrm_selector *sel, u8 dir, u8 type,
{
struct xfrm_user_expire *ue;
struct nlmsghdr *nlh;
- unsigned char *b = skb_tail_pointer(skb);
- nlh = NLMSG_PUT(skb, c->pid, 0, XFRM_MSG_EXPIRE,
- sizeof(*ue));
+ nlh = nlmsg_put(skb, c->pid, 0, XFRM_MSG_EXPIRE, sizeof(*ue), 0);
+ if (nlh == NULL)
+ return -EMSGSIZE;
ue = NLMSG_DATA(nlh);
- nlh->nlmsg_flags = 0;
copy_to_user_state(x, &ue->state);
ue->hard = (c->data.hard != 0) ? 1 : 0;
- nlh->nlmsg_len = skb_tail_pointer(skb) - b;
- return skb->len;
-
-nlmsg_failure:
- nlmsg_trim(skb, b);
- return -1;
+ return nlmsg_end(skb, nlh);
}
static int xfrm_exp_state_notify(struct xfrm_state *x, struct km_event *c)
struct xfrm_usersa_flush *p;
struct nlmsghdr *nlh;
struct sk_buff *skb;
- sk_buff_data_t b;
int len = NLMSG_LENGTH(sizeof(struct xfrm_usersa_flush));
skb = alloc_skb(len, GFP_ATOMIC);
if (skb == NULL)
return -ENOMEM;
- b = skb->tail;
- nlh = NLMSG_PUT(skb, c->pid, c->seq,
- XFRM_MSG_FLUSHSA, sizeof(*p));
- nlh->nlmsg_flags = 0;
+ nlh = nlmsg_put(skb, c->pid, c->seq, XFRM_MSG_FLUSHSA, sizeof(*p), 0);
+ if (nlh == NULL) {
+ kfree_skb(skb);
+ return -EMSGSIZE;
+ }
p = NLMSG_DATA(nlh);
p->proto = c->data.proto;
- nlh->nlmsg_len = skb->tail - b;
+ nlmsg_end(skb, nlh);
NETLINK_CB(skb).dst_group = XFRMNLGRP_SA;
return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC);
-
-nlmsg_failure:
- kfree_skb(skb);
- return -1;
}
static inline int xfrm_sa_len(struct xfrm_state *x)
struct xfrm_usersa_id *id;
struct nlmsghdr *nlh;
struct sk_buff *skb;
- sk_buff_data_t b;
int len = xfrm_sa_len(x);
int headlen;
skb = alloc_skb(len, GFP_ATOMIC);
if (skb == NULL)
return -ENOMEM;
- b = skb->tail;
- nlh = NLMSG_PUT(skb, c->pid, c->seq, c->event, headlen);
- nlh->nlmsg_flags = 0;
+ nlh = nlmsg_put(skb, c->pid, c->seq, c->event, headlen, 0);
+ if (nlh == NULL)
+ goto nlmsg_failure;
p = NLMSG_DATA(nlh);
if (c->event == XFRM_MSG_DELSA) {
if (x->encap)
RTA_PUT(skb, XFRMA_ENCAP, sizeof(*x->encap), x->encap);
- nlh->nlmsg_len = skb->tail - b;
+ nlmsg_end(skb, nlh);
NETLINK_CB(skb).dst_group = XFRMNLGRP_SA;
return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_SA, GFP_ATOMIC);
{
struct xfrm_user_acquire *ua;
struct nlmsghdr *nlh;
- unsigned char *b = skb_tail_pointer(skb);
__u32 seq = xfrm_get_acqseq();
- nlh = NLMSG_PUT(skb, 0, 0, XFRM_MSG_ACQUIRE,
- sizeof(*ua));
+ nlh = nlmsg_put(skb, 0, 0, XFRM_MSG_ACQUIRE, sizeof(*ua), 0);
+ if (nlh == NULL)
+ return -EMSGSIZE;
ua = NLMSG_DATA(nlh);
- nlh->nlmsg_flags = 0;
memcpy(&ua->id, &x->id, sizeof(ua->id));
memcpy(&ua->saddr, &x->props.saddr, sizeof(ua->saddr));
if (copy_to_user_policy_type(xp->type, skb) < 0)
goto nlmsg_failure;
- nlh->nlmsg_len = skb_tail_pointer(skb) - b;
- return skb->len;
+ return nlmsg_end(skb, nlh);
nlmsg_failure:
- nlmsg_trim(skb, b);
- return -1;
+ nlmsg_cancel(skb, nlh);
+ return -EMSGSIZE;
}
static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt,
struct xfrm_user_polexpire *upe;
struct nlmsghdr *nlh;
int hard = c->data.hard;
- unsigned char *b = skb_tail_pointer(skb);
- nlh = NLMSG_PUT(skb, c->pid, 0, XFRM_MSG_POLEXPIRE, sizeof(*upe));
+ nlh = nlmsg_put(skb, c->pid, 0, XFRM_MSG_POLEXPIRE, sizeof(*upe), 0);
+ if (nlh == NULL)
+ return -EMSGSIZE;
upe = NLMSG_DATA(nlh);
- nlh->nlmsg_flags = 0;
copy_to_user_policy(xp, &upe->pol, dir);
if (copy_to_user_tmpl(xp, skb) < 0)
goto nlmsg_failure;
upe->hard = !!hard;
- nlh->nlmsg_len = skb_tail_pointer(skb) - b;
- return skb->len;
+ return nlmsg_end(skb, nlh);
nlmsg_failure:
- nlmsg_trim(skb, b);
- return -1;
+ nlmsg_cancel(skb, nlh);
+ return -EMSGSIZE;
}
static int xfrm_exp_policy_notify(struct xfrm_policy *xp, int dir, struct km_event *c)
struct xfrm_userpolicy_id *id;
struct nlmsghdr *nlh;
struct sk_buff *skb;
- sk_buff_data_t b;
int len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr);
int headlen;
skb = alloc_skb(len, GFP_ATOMIC);
if (skb == NULL)
return -ENOMEM;
- b = skb->tail;
- nlh = NLMSG_PUT(skb, c->pid, c->seq, c->event, headlen);
+ nlh = nlmsg_put(skb, c->pid, c->seq, c->event, headlen, 0);
+ if (nlh == NULL)
+ goto nlmsg_failure;
p = NLMSG_DATA(nlh);
if (c->event == XFRM_MSG_DELPOLICY) {
p = RTA_DATA(__RTA_PUT(skb, XFRMA_POLICY, sizeof(*p)));
}
- nlh->nlmsg_flags = 0;
-
copy_to_user_policy(xp, p, dir);
if (copy_to_user_tmpl(xp, skb) < 0)
goto nlmsg_failure;
if (copy_to_user_policy_type(xp->type, skb) < 0)
goto nlmsg_failure;
- nlh->nlmsg_len = skb->tail - b;
+ nlmsg_end(skb, nlh);
NETLINK_CB(skb).dst_group = XFRMNLGRP_POLICY;
return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC);
{
struct nlmsghdr *nlh;
struct sk_buff *skb;
- sk_buff_data_t b;
int len = 0;
#ifdef CONFIG_XFRM_SUB_POLICY
len += RTA_SPACE(sizeof(struct xfrm_userpolicy_type));
skb = alloc_skb(len, GFP_ATOMIC);
if (skb == NULL)
return -ENOMEM;
- b = skb->tail;
-
- nlh = NLMSG_PUT(skb, c->pid, c->seq, XFRM_MSG_FLUSHPOLICY, 0);
- nlh->nlmsg_flags = 0;
+ nlh = nlmsg_put(skb, c->pid, c->seq, XFRM_MSG_FLUSHPOLICY, 0, 0);
+ if (nlh == NULL)
+ goto nlmsg_failure;
if (copy_to_user_policy_type(c->data.type, skb) < 0)
goto nlmsg_failure;
- nlh->nlmsg_len = skb->tail - b;
+ nlmsg_end(skb, nlh);
NETLINK_CB(skb).dst_group = XFRMNLGRP_POLICY;
return netlink_broadcast(xfrm_nl, skb, 0, XFRMNLGRP_POLICY, GFP_ATOMIC);
{
struct xfrm_user_report *ur;
struct nlmsghdr *nlh;
- unsigned char *b = skb_tail_pointer(skb);
- nlh = NLMSG_PUT(skb, 0, 0, XFRM_MSG_REPORT, sizeof(*ur));
+ nlh = nlmsg_put(skb, 0, 0, XFRM_MSG_REPORT, sizeof(*ur), 0);
+ if (nlh == NULL)
+ return -EMSGSIZE;
ur = NLMSG_DATA(nlh);
- nlh->nlmsg_flags = 0;
ur->proto = proto;
memcpy(&ur->sel, sel, sizeof(ur->sel));
if (addr)
RTA_PUT(skb, XFRMA_COADDR, sizeof(*addr), addr);
- nlh->nlmsg_len = skb_tail_pointer(skb) - b;
- return skb->len;
+ return nlmsg_end(skb, nlh);
-nlmsg_failure:
rtattr_failure:
- nlmsg_trim(skb, b);
- return -1;
+ nlmsg_cancel(skb, nlh);
+ return -EMSGSIZE;
}
static int xfrm_send_report(u8 proto, struct xfrm_selector *sel,