From: Eric Dumazet <eduma...@google.com>
We need to store cmlen instead of len in cm->cmsg_len.
Fixes: 38ebcf5096a8 ("scm: optimize put_cmsg()")
Signed-off-by: Eric Dumazet <eduma...@google.com>
Reported-by: Jakub Kicinski <k...@kernel.org>
---
net/core/scm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/core/scm.c b/net/core/scm.c
index
bd96c922041d22a2f3b7ee73e4b3183316f9b616..ae3085d9aae8adb81d3bb42c8a915a205476a0ee
100644
--- a/net/core/scm.c
+++ b/net/core/scm.c
@@ -232,7 +232,7 @@ int put_cmsg(struct msghdr * msg, int level, int type, int
len, void *data)
if (!user_write_access_begin(cm, cmlen))
goto efault;
- unsafe_put_user(len, &cm->cmsg_len, efault_end);
+ unsafe_put_user(cmlen, &cm->cmsg_len, efault_end);
unsafe_put_user(level, &cm->cmsg_level, efault_end);
unsafe_put_user(type, &cm->cmsg_type, efault_end);
unsafe_copy_to_user(CMSG_USER_DATA(cm), data,
--
2.31.1.368.gbe11c130af-goog
