netlink: Use netlink header as base to calculate bad attribute offset

Userspace might send a batch that is composed of several netlink
messages. The netlink_ack() function must use the pointer to the netlink
header as base to calculate the bad attribute offset.

Fixes: 2d4bc93368f5 ("netlink: extended ACK reporting")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index edf3e28..5313f1c 100644 (file)
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -2434,7 +2434,7 @@ void netlink_ack(struct sk_buff *in_skb, struct nlmsghdr *nlh, int err,
                                                               in_skb->len))
                                WARN_ON(nla_put_u32(skb, NLMSGERR_ATTR_OFFS,
                                                    (u8 *)extack->bad_attr -
-                                                   in_skb->data));
+                                                   (u8 *)nlh));
                } else {
                        if (extack->cookie_len)
                                WARN_ON(nla_put(skb, NLMSGERR_ATTR_COOKIE,