CVS commit: src/sys/compat/linux/common

Sat, 24 Aug 2019 05:33:54 -0700 

Module Name:    src
Committed By:   maxv
Date:           Sat Aug 24 12:33:25 UTC 2019

Modified Files:
        src/sys/compat/linux/common: linux_socket.c linux_socket.h

Log Message:
Don't read data from userland directly. This simply does not work on any
recent x86 CPU (thanks to SMAP) and all architectures that forbid direct
access to userland from the kernel. But I guess no one noticed because no
one ever uses compat_linux, right?


To generate a diff of this commit:
cvs rdiff -u -r1.145 -r1.146 src/sys/compat/linux/common/linux_socket.c
cvs rdiff -u -r1.23 -r1.24 src/sys/compat/linux/common/linux_socket.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/compat/linux/common/linux_socket.c
diff -u src/sys/compat/linux/common/linux_socket.c:1.145 src/sys/compat/linux/common/linux_socket.c:1.146
--- src/sys/compat/linux/common/linux_socket.c:1.145	Thu Apr 18 17:45:12 2019
+++ src/sys/compat/linux/common/linux_socket.c	Sat Aug 24 12:33:25 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: linux_socket.c,v 1.145 2019/04/18 17:45:12 christos Exp $	*/
+/*	$NetBSD: linux_socket.c,v 1.146 2019/08/24 12:33:25 maxv Exp $	*/
 
 /*-
  * Copyright (c) 1995, 1998, 2008 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.145 2019/04/18 17:45:12 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.146 2019/08/24 12:33:25 maxv Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -605,7 +605,7 @@ linux_sys_sendmsg(struct lwp *l, const s
 
 			resid -= LINUX_CMSG_ALIGN(l_cmsg.cmsg_len);
 			cidx += cspace;
-		} while ((l_cc = LINUX_CMSG_NXTHDR(&msg, l_cc)) && resid > 0);
+		} while ((l_cc = LINUX_CMSG_NXTHDR(&msg, l_cc, &l_cmsg)) && resid > 0);
 
 		/* If we allocated a buffer, attach to mbuf */
 		if (cidx > MLEN) {

Index: src/sys/compat/linux/common/linux_socket.h
diff -u src/sys/compat/linux/common/linux_socket.h:1.23 src/sys/compat/linux/common/linux_socket.h:1.24
--- src/sys/compat/linux/common/linux_socket.h:1.23	Fri Feb  3 16:57:39 2017
+++ src/sys/compat/linux/common/linux_socket.h	Sat Aug 24 12:33:25 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: linux_socket.h,v 1.23 2017/02/03 16:57:39 christos Exp $	*/
+/*	$NetBSD: linux_socket.h,v 1.24 2019/08/24 12:33:25 maxv Exp $	*/
 
 /*-
  * Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@@ -186,13 +186,13 @@ struct linux_cmsghdr {
 /* Linux either uses this, or  &((cmsg)->__cmsg_data) */
 #define LINUX_CMSG_DATA(cmsg)	\
 	((u_char *)((struct linux_cmsghdr *)(cmsg) + 1))
-#define	LINUX_CMSG_NXTHDR(mhdr, cmsg)	\
-	((((char *)(cmsg) + LINUX_CMSG_ALIGN((cmsg)->cmsg_len) + \
-			    sizeof(*(cmsg))) > \
+#define LINUX_CMSG_NXTHDR(mhdr, ucmsg, kcmsg)	\
+	((((char *)(ucmsg) + LINUX_CMSG_ALIGN((kcmsg)->cmsg_len) + \
+			    sizeof(*(ucmsg))) > \
 	    (((char *)(mhdr)->msg_control) + (mhdr)->msg_controllen)) ? \
 	    (struct linux_cmsghdr *)NULL : \
-	    (struct linux_cmsghdr *)((char *)(cmsg) + \
-	        LINUX_CMSG_ALIGN((cmsg)->cmsg_len)))
+	    (struct linux_cmsghdr *)((char *)(ucmsg) + \
+	        LINUX_CMSG_ALIGN((kcmsg)->cmsg_len)))
 /* This the number of bytes removed from each item (excl. final padding) */
 #define LINUX_CMSG_ALIGN_DELTA	\
 	(CMSG_ALIGN(sizeof(struct cmsghdr)) - sizeof(struct linux_cmsghdr))

Reply via email to