The patch 327868212381 (make skb_copy_datagram_msg() et.al. preserve
->msg_iter on error) will revert the iov buffer if copy to iter
failed, but it didn't copy any datagram if the skb_checksum_complete
error, so no need to revert any data at this place.
v2: Sabrina notice that return -EFAULT when checksum error is not correct
here, it would confuse the caller about the return value, so fix it.
Fixes: 327868212381 ("make skb_copy_datagram_msg() et.al. preserve->msg_iter on error")
Signed-off-by: Ding Tianhong <[email protected]>
Signed-off-by: Wei Yongjun <[email protected]>
---
net/core/datagram.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/net/core/datagram.c b/net/core/datagram.c
index f4947e7..0e6a9a9 100644
--- a/net/core/datagram.c
+++ b/net/core/datagram.c
@@ -768,14 +768,17 @@ int skb_copy_and_csum_datagram_msg(struct sk_buff *skb,
if (skb_copy_and_csum_datagram(skb, hlen, &msg->msg_iter,
chunk, &csum))
goto fault;
- if (csum_fold(csum))
+
+ if (csum_fold(csum)) {
+ iov_iter_revert(&msg->msg_iter, chunk);
goto csum_error;
+ }
+
if (unlikely(skb->ip_summed == CHECKSUM_COMPLETE))
netdev_rx_csum_fault(skb->dev);
}
return 0;
csum_error:
- iov_iter_revert(&msg->msg_iter, chunk);
return -EINVAL;
fault:
return -EFAULT;
--
1.8.3.1
On Sat, Apr 29, 2017 at 10:38:48AM +0800, Ding Tianhong wrote:
> The patch 327868212381 (make skb_copy_datagram_msg() et.al. preserve
> ->msg_iter on error) will revert the iov buffer if copy to iter
> failed, but it didn't copy any datagram if the skb_checksum_complete
> error, so no need to revert any data at this place.
The bug is real, but I would suggest a simpler fix:
if (__skb_checksum_complete(skb))
return -EINVAL;
leaving the rest as-is.
On 2017/4/29 10:46, Al Viro wrote:
> On Sat, Apr 29, 2017 at 10:38:48AM +0800, Ding Tianhong wrote:
>> The patch 327868212381 (make skb_copy_datagram_msg() et.al. preserve
>> ->msg_iter on error) will revert the iov buffer if copy to iter
>> failed, but it didn't copy any datagram if the skb_checksum_complete
>> error, so no need to revert any data at this place.
>
> The bug is real, but I would suggest a simpler fix:
> if (__skb_checksum_complete(skb))
> return -EINVAL;
> leaving the rest as-is.
>
Looks good, if so, we don't need the csum_error any more,
- if (csum_fold(csum))
+
+ if (csum_fold(csum)) {
+ iov_iter_revert(&msg->msg_iter, chunk);
+ return -EINVAL;
+ }
+
if (unlikely(skb->ip_summed == CHECKSUM_COMPLETE))
netdev_rx_csum_fault(skb->dev);
}
return 0;
- csum_error:
- iov_iter_revert(&msg->msg_iter, chunk);
- return -EINVAL;
fault:
return -EFAULT;
DO you agree this way? :)
Thanks
Ding
> .
>
On Sat, Apr 29, 2017 at 05:37:38PM +0800, Ding Tianhong wrote:
> Looks good, if so, we don't need the csum_error any more,
Acked-by: Al Viro <[email protected]>
Dave, I could put that through my tree, but I think it would be better off
in net.git; either way, it needs to go into mainline before -final...
From: Al Viro <[email protected]>
Date: Sat, 29 Apr 2017 21:48:23 +0100
> On Sat, Apr 29, 2017 at 05:37:38PM +0800, Ding Tianhong wrote:
>
>> Looks good, if so, we don't need the csum_error any more,
>
> Acked-by: Al Viro <[email protected]>
>
> Dave, I could put that through my tree, but I think it would be better off
> in net.git; either way, it needs to go into mainline before -final...
Please just send it directly to Linus, thanks.