Audit: clean up audit_receive_skb

audit_receive_skb is hard to clearly parse what it is doing to the netlink message. Clean the function up so it is easy and clear to see what is going on. Signed-off-by: Eric Paris <eparis@redhat.com>

Audit: clean up audit_receive_skb
audit_receive_skb is hard to clearly parse what it is doing to the netlink message. Clean the function up so it is easy and clear to see what is going on. Signed-off-by: Eric Paris <eparis@redhat.com>
Eric Paris · Al Viro
1 parent ee080e6ce9
Showing 1 changed file with 18 additions and 17 deletions Side-by-side Diff
kernel/audit.c
@@ -937,28 +937,29 @@
 }
  
 /*
- * Get message from skb (based on rtnetlink_rcv_skb).  Each message is
- * processed by audit_receive_msg.  Malformed skbs with wrong length are
- * discarded silently.
+ * Get message from skb.  Each message is processed by audit_receive_msg.
+ * Malformed skbs with wrong length are discarded silently.
  */
 static void audit_receive_skb(struct sk_buff *skb)
 {
-	int		err;
-	struct nlmsghdr	*nlh;
-	u32		rlen;
+	struct nlmsghdr *nlh;
+	/*
+	 * len MUST be signed for NLMSG_NEXT to be able to dec it below 0
+	 * if the nlmsg_len was not aligned
+	 */
+	int len;
+	int err;
  
-	while (skb->len >= NLMSG_SPACE(0)) {
-		nlh = nlmsg_hdr(skb);
-		if (nlh->nlmsg_len < sizeof(*nlh) || skb->len < nlh->nlmsg_len)
-			return;
-		rlen = NLMSG_ALIGN(nlh->nlmsg_len);
-		if (rlen > skb->len)
-			rlen = skb->len;
-		if ((err = audit_receive_msg(skb, nlh))) {
+	nlh = nlmsg_hdr(skb);
+	len = skb->len;
+
+	while (NLMSG_OK(nlh, len)) {
+		err = audit_receive_msg(skb, nlh);
+		/* if err or if this message says it wants a response */
+		if (err || (nlh->nlmsg_flags & NLM_F_ACK))
 			netlink_ack(skb, nlh, err);
-		} else if (nlh->nlmsg_flags & NLM_F_ACK)
-			netlink_ack(skb, nlh, 0);
-		skb_pull(skb, rlen);
+
+		nlh = NLMSG_NEXT(nlh, len);
 	}
 }
...	...	@@ -937,28 +937,29 @@
937	937	}
938	938
939	939	/*
940		- * Get message from skb (based on rtnetlink_rcv_skb). Each message is
941		- * processed by audit_receive_msg. Malformed skbs with wrong length are
942		- * discarded silently.
	940	+ * Get message from skb. Each message is processed by audit_receive_msg.
	941	+ * Malformed skbs with wrong length are discarded silently.
943	942	*/
944	943	static void audit_receive_skb(struct sk_buff *skb)
945	944	{
946		- int err;
947		- struct nlmsghdr *nlh;
948		- u32 rlen;
	945	+ struct nlmsghdr *nlh;
	946	+ /*
	947	+ * len MUST be signed for NLMSG_NEXT to be able to dec it below 0
	948	+ * if the nlmsg_len was not aligned
	949	+ */
	950	+ int len;
	951	+ int err;
949	952
950		- while (skb->len >= NLMSG_SPACE(0)) {
951		- nlh = nlmsg_hdr(skb);
952		- if (nlh->nlmsg_len < sizeof(*nlh) \|\| skb->len < nlh->nlmsg_len)
953		- return;
954		- rlen = NLMSG_ALIGN(nlh->nlmsg_len);
955		- if (rlen > skb->len)
956		- rlen = skb->len;
957		- if ((err = audit_receive_msg(skb, nlh))) {
	953	+ nlh = nlmsg_hdr(skb);
	954	+ len = skb->len;
	955	+
	956	+ while (NLMSG_OK(nlh, len)) {
	957	+ err = audit_receive_msg(skb, nlh);
	958	+ /* if err or if this message says it wants a response */
	959	+ if (err \|\| (nlh->nlmsg_flags & NLM_F_ACK))
958	960	netlink_ack(skb, nlh, err);
959		- } else if (nlh->nlmsg_flags & NLM_F_ACK)
960		- netlink_ack(skb, nlh, 0);
961		- skb_pull(skb, rlen);
	961	+
	962	+ nlh = NLMSG_NEXT(nlh, len);
962	963	}
963	964	}
964	965