A padding to align a message should not only be added between
different attributes of a netlink message, but also at the end of the
message to pad it to the correct size.
Without this patch the following command does not work and returns an
error code:
ip link add type nlmon
Without this ip from busybox sends this:
sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
msg_namelen=12, msg_iov=[{iov_base={{len=45, ...},
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon"}, iov_len=45}],
msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 45
return value: 2
The normal ip utile from iproute2 sends this:
sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
msg_namelen=12, msg_iov=[{iov_base={{len=48, ...},
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}],
msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48
return value: 0
With this patch ip from busybox sends this:
sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
msg_namelen=12, msg_iov=[{iov_base={{len=48, ...},
"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}],
msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48
return value: 0
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Use designated initializers for struct msghdr.
The struct layout is non-portable and musl libc does not match what busybox expects.
Signed-off-by: Szabolcs Nagy <nsz@port70.net>
Tested-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
libbb: make get_sock_lsa use only one getsockaddr syscall, not two
function old new delta
get_sock_lsa 72 101 +29
do_iplink 1151 1137 -14
arping_main 1585 1569 -16
dolisten 789 755 -34
xrtnl_open 161 94 -67
Hello,
Last November a bug was found in iproute. CAN-2003-0856 has more information.
Basically, netlink packets can come from any user. If a program performs action
based on netlink packets, they must be examined to make sure they came from the
place they are expected (the kernel).
Attached is a patch against pre8. Please apply this before releasing 1.00 final.
All users of busy box may be vulnerable to local attacks without it.
Best Regards,
Steve Grubb
I'm building BusyBox using a development kit for MontaVista Hardhat Linux
(PPC) -- which, at least in this instance, is based around kernel 2.2.14.
I've had to massage a few files in networking/libiproute/ to make it
compile. Specifically:
(1) Added a #include <sys/uio.h> for the iovec structure in
libnetlink.c,
(2) Put ifdefs in ll_types.c and ll_proto.c around various
constants (ETH_P_xxx and ARPHRD_xxx) that weren't defined,
(3) Make do_changename() in iplink.c require a kernel >=
2.4.0 -- the ifr structure in my environment doesn't
have the ifr_name attribute. I've assumed this is
a kernel dependency -- let me know if I ought to be
checking something else.
In the absence of the correct kernel, do_changename()
always returns 0.
Attached is a patch against the current CVS that will make these changes.
-- Lars