Open realszx opened 1 year ago
static int ipc_msg_send(struct ksmbd_ipc_msg msg) { struct genlmsghdr nlh; struct sk_buff *skb; int ret = -EINVAL;
if (!ksmbd_tools_pid)
return ret;
skb = genlmsg_new(msg->sz, GFP_KERNEL);
if (!skb)
return -ENOMEM;
nlh = genlmsg_put(skb, 0, 0, &ksmbd_genl_family, 0, msg->type);
if (!nlh)
goto out;
ret = nla_put(skb, msg->type, msg->sz, msg->payload);
if (ret) {
genlmsg_cancel(skb, nlh);
goto out;
}
genlmsg_end(skb, nlh);
ret = genlmsg_unicast(&init_net, skb, ksmbd_tools_pid);
if (!ret)
ipc_update_last_active();
return ret;
out: nlmsg_free(skb); return ret; }
@realszx Can you send a pull request to fix this ?
@namjaejeon thanks to reply, I'm not sure the tmp fix is reasonable or not. tmp fix is skb = genlmsg_new(msg->sz + 4, GFP_KERNEL). I guess it is a pad length calculte error. final root cause is not clear, I still need trace.
@realszx Can you help me reproduce this issue ? can you share your smb.conf ?
config file
the root cause is host name length is 8 or 9, while do srvsvc will happen nla_put fail in message request to userspace.