git: 09fa78d438a7 - main - netlink: fix regression with group writers

From: Gleb Smirnoff <glebius_at_FreeBSD.org>
Date: Tue, 09 Jan 2024 21:05:49 UTC
The branch main has been updated by glebius:

URL: https://cgit.FreeBSD.org/src/commit/?id=09fa78d438a7729f3fbe055d65f0fca4d05c0971

commit 09fa78d438a7729f3fbe055d65f0fca4d05c0971
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2024-01-09 21:01:28 +0000
Commit:     Gleb Smirnoff <glebius@FreeBSD.org>
CommitDate: 2024-01-09 21:01:28 +0000

    netlink: fix regression with group writers
    
    Refactoring of argument list to nl_send_one() led to derefercing
    wrong union member.  Rename nl_send_one() to a more generic name,
    isolate anew nl_send_one() as the callback only for the normal
    writer and provide correct argument to nl_send() from nl_send_group().
    
    Fixes:  ff5ad900d2a0793659241eee96be53e6053b5081
---
 sys/netlink/netlink_domain.c         | 4 ++--
 sys/netlink/netlink_io.c             | 3 +--
 sys/netlink/netlink_message_writer.c | 7 +++++++
 sys/netlink/netlink_var.h            | 4 +---
 4 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/sys/netlink/netlink_domain.c b/sys/netlink/netlink_domain.c
index 7660dcada103..4790845d1d31 100644
--- a/sys/netlink/netlink_domain.c
+++ b/sys/netlink/netlink_domain.c
@@ -233,7 +233,7 @@ nl_send_group(struct nl_writer *nw)
 				copy = nl_buf_copy(nb);
 				if (copy != NULL) {
 					nw->buf = copy;
-					(void)nl_send_one(nw);
+					(void)nl_send(nw, nlp_last);
 				} else {
 					NLP_LOCK(nlp_last);
 					if (nlp_last->nl_socket != NULL)
@@ -246,7 +246,7 @@ nl_send_group(struct nl_writer *nw)
 	}
 	if (nlp_last != NULL) {
 		nw->buf = nb;
-		(void)nl_send_one(nw);
+		(void)nl_send(nw, nlp_last);
 	} else
 		nl_buf_free(nb);
 
diff --git a/sys/netlink/netlink_io.c b/sys/netlink/netlink_io.c
index fb8e0a46e8dd..5f50c40f71d8 100644
--- a/sys/netlink/netlink_io.c
+++ b/sys/netlink/netlink_io.c
@@ -194,9 +194,8 @@ nl_taskqueue_handler(void *_arg, int pending)
  * If no queue overrunes happened, wakes up socket owner.
  */
 bool
-nl_send_one(struct nl_writer *nw)
+nl_send(struct nl_writer *nw, struct nlpcb *nlp)
 {
-	struct nlpcb *nlp = nw->nlp;
 	struct socket *so = nlp->nl_socket;
 	struct sockbuf *sb = &so->so_rcv;
 	struct nl_buf *nb;
diff --git a/sys/netlink/netlink_message_writer.c b/sys/netlink/netlink_message_writer.c
index 0b85378b41b6..50305e3d9d80 100644
--- a/sys/netlink/netlink_message_writer.c
+++ b/sys/netlink/netlink_message_writer.c
@@ -65,6 +65,13 @@ nlmsg_get_buf(struct nl_writer *nw, u_int len, bool waitok)
 	return (true);
 }
 
+static bool
+nl_send_one(struct nl_writer *nw)
+{
+
+	return (nl_send(nw, nw->nlp));
+}
+
 bool
 _nlmsg_get_unicast_writer(struct nl_writer *nw, int size, struct nlpcb *nlp)
 {
diff --git a/sys/netlink/netlink_var.h b/sys/netlink/netlink_var.h
index c8f0d02a0dab..ddf30b373446 100644
--- a/sys/netlink/netlink_var.h
+++ b/sys/netlink/netlink_var.h
@@ -130,9 +130,7 @@ void nl_osd_unregister(void);
 void nl_set_thread_nlp(struct thread *td, struct nlpcb *nlp);
 
 /* netlink_io.c */
-#define	NL_IOF_UNTRANSLATED	0x01
-#define	NL_IOF_IGNORE_LIMIT	0x02
-bool nl_send_one(struct nl_writer *);
+bool nl_send(struct nl_writer *, struct nlpcb *);
 void nlmsg_ack(struct nlpcb *nlp, int error, struct nlmsghdr *nlmsg,
     struct nl_pstate *npt);
 void nl_on_transmit(struct nlpcb *nlp);