Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753239AbbGNSNB (ORCPT ); Tue, 14 Jul 2015 14:13:01 -0400 Received: from mail-wg0-f42.google.com ([74.125.82.42]:33677 "EHLO mail-wg0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751811AbbGNSNA (ORCPT ); Tue, 14 Jul 2015 14:13:00 -0400 From: David Herrmann To: linux-kernel@vger.kernel.org Cc: Jan Alexander Steffens , gregkh@linuxfoundation.org, daniel@zonque.org, tixxdz@opendz.org, David Herrmann Subject: [PATCH] kdbus: properly reset metadata iovecs on multicasts Date: Tue, 14 Jul 2015 20:12:28 +0200 Message-Id: <1436897548-11155-1-git-send-email-dh.herrmann@gmail.com> X-Mailer: git-send-email 2.4.5 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1665 Lines: 53 If a message is sent to multiple destinations, each destination might request a different set of metadata. Hence, we cannot rely on each one requesting at least a single bit. Fix the message exporter to properly reset the metadata iovec on each emit-iteration. Otherwise, we might end up scanning random heap memory if a following destination does not request metadata. Reported-by: Jan Alexander Steffens Signed-off-by: David Herrmann --- Hi Greg One fall-out from the rewrite of the message importer. Reported by Jan. This fixes some issues with metadata on messages targeted at more than one destination. Reproducible by running a debug-monitor (which thus gets any messages, additionally to the normal receiver). Thanks David ipc/kdbus/message.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/ipc/kdbus/message.c b/ipc/kdbus/message.c index 64763ea..3520f45 100644 --- a/ipc/kdbus/message.c +++ b/ipc/kdbus/message.c @@ -946,6 +946,16 @@ struct kdbus_pool_slice *kdbus_staging_emit(struct kdbus_staging *staging, ++v; msg_size = KDBUS_ALIGN8(msg_size) + meta_size; + } else { + /* metadata items */ + v->iov_len = 0; + v->iov_base = (void __user *)zeros; + ++v; + + /* padding after metadata */ + v->iov_len = 0; + v->iov_base = (void __user *)zeros; + ++v; } /* ... payload iovecs are already filled in ... */ -- 2.4.5 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/