Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp2304007rwl; Thu, 13 Apr 2023 04:50:05 -0700 (PDT) X-Google-Smtp-Source: AKy350Zu/iSrZxefPF064HW5kI/Ex2sRoA64X+vg7u+Nylg+5VeacGMz/jrFZaESG3rO2mjvyEiH X-Received: by 2002:a17:902:7c04:b0:1a6:7fae:3a28 with SMTP id x4-20020a1709027c0400b001a67fae3a28mr1867585pll.42.1681386605587; Thu, 13 Apr 2023 04:50:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681386605; cv=none; d=google.com; s=arc-20160816; b=Dn42/Y6M5ejsi8fMvOhYEpKGUun+PzIzOdGD7SK6l5CH+ZgfAen/oL4NiPPTlxlCQB uSgmoBKjtLeXkx7xbxs5lJnl/DyJiQLeTAMsvQwvzyJVx2MBmwb9yBgPeN93M1qbESBn N0uOe5q0jA8S4H7Fux7A+h9nuexDQGN37T22JyVdcbJxveuANBHuep3QH9BGy7bBj2iQ p/3sl/eHJGLfm15Kt0KzlOb34g/gwaRG2Cojux5tUjHfnig0XXTUg/Z5UI5SEBpsM4fb M63l7aa5/62S+IHrpf2UIYEtaOpIZ34bJOKRXxWfQ7eJFcmMkhyu6bGsp6ynBIT40Ow7 WLjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=pCwWEmhODFV1GCAYiZOHwoCnCnyp14wfEjTZBpmh2lA=; b=mLqzeAlN8Jax4LuovkC6xKIC9XCI3uN4aWQiU9ZxKN29EHvRxRFcLIDa5xwatufBM+ sV0JIfC8FNGpUcWqvxg10FnXVV+pKpw2LRk3UU1w2CtRt+Mw1mS4NdE0R7UFtKQCOOse IQZDtirB6OkXoyuOM7insL1ZIMobm4JlF462wRFYW8xzvFbZeIg/1EXDlhtRcX149XvC LV4Vb1TP+Y2ri4LhjqbEmv0+IhgN2xyZJTaGpy+XYbV/Moe1vfkZy7FobDoWSKK4tWPM YymgkaStgRoQwMLjGK3jQiU2PyKUgQ1wJyWQrgXmVY586ZrIgmxT1dQrvisz1/nJ2qb9 GMqA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y3-20020a17090322c300b001963a56658fsi2053685plg.105.2023.04.13.04.49.46; Thu, 13 Apr 2023 04:50:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230378AbjDMLsO (ORCPT + 99 others); Thu, 13 Apr 2023 07:48:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47542 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230469AbjDMLsC (ORCPT ); Thu, 13 Apr 2023 07:48:02 -0400 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 68B75A5D0; Thu, 13 Apr 2023 04:47:37 -0700 (PDT) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B0E9B13D5; Thu, 13 Apr 2023 04:48:04 -0700 (PDT) Received: from e123572-lin.arm.com (e123572-lin.cambridge.arm.com [10.1.194.65]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 3FFCC3F73F; Thu, 13 Apr 2023 04:47:19 -0700 (PDT) From: Kevin Brodsky To: netdev@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Kevin Brodsky , Christoph Hellwig , Eric Dumazet , "David S. Miller" , Jakub Kicinski Subject: [PATCH v2 2/3] net/compat: Update msg_control_is_user when setting a kernel pointer Date: Thu, 13 Apr 2023 12:47:04 +0100 Message-Id: <20230413114705.157046-3-kevin.brodsky@arm.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20230413114705.157046-1-kevin.brodsky@arm.com> References: <20230413114705.157046-1-kevin.brodsky@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org cmsghdr_from_user_compat_to_kern() is an unusual case w.r.t. how the kmsg->msg_control* fields are used. The input struct msghdr holds a pointer to a user buffer, i.e. ksmg->msg_control_user is active. However, upon success, a kernel pointer is stored in kmsg->msg_control. kmsg->msg_control_is_user should therefore be updated accordingly. Cc: Christoph Hellwig Cc: Eric Dumazet Cc: "David S. Miller" Cc: Jakub Kicinski Signed-off-by: Kevin Brodsky --- net/compat.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/compat.c b/net/compat.c index 000a2e054d4c..6564720f32b7 100644 --- a/net/compat.c +++ b/net/compat.c @@ -211,6 +211,7 @@ int cmsghdr_from_user_compat_to_kern(struct msghdr *kmsg, struct sock *sk, goto Einval; /* Ok, looks like we made it. Hook it up and return success. */ + kmsg->msg_control_is_user = false; kmsg->msg_control = kcmsg_base; kmsg->msg_controllen = kcmlen; return 0; -- 2.38.1