Skip to content

L
linux
Commit 602bd0e9 authored by Al Viro's avatar Al Viro
Browse files
Options

net: switch sendto() and recvfrom() to import_single_range() 

Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent fe3cce2e
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 16 deletions
net/socket.c
View file @ 602bd0e9
...@@ -1650,18 +1650,14 @@ SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len, ...@@ -1650,18 +1650,14 @@ SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len,
struct iovec iov; struct iovec iov;
int fput_needed; int fput_needed;
if (len > INT_MAX) err = import_single_range(WRITE, buff, len, &iov, &msg.msg_iter);
len = INT_MAX; if (unlikely(err))
if (unlikely(!access_ok(VERIFY_READ, buff, len))) return err;
return -EFAULT;
sock = sockfd_lookup_light(fd, &err, &fput_needed); sock = sockfd_lookup_light(fd, &err, &fput_needed);
if (!sock) if (!sock)
goto out; goto out;
iov.iov_base = buff;
iov.iov_len = len;
msg.msg_name = NULL; msg.msg_name = NULL;
iov_iter_init(&msg.msg_iter, WRITE, &iov, 1, len);
msg.msg_control = NULL; msg.msg_control = NULL;
msg.msg_controllen = 0; msg.msg_controllen = 0;
msg.msg_namelen = 0; msg.msg_namelen = 0;
...@@ -1675,7 +1671,7 @@ SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len, ...@@ -1675,7 +1671,7 @@ SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len,
if (sock->file->f_flags & O_NONBLOCK) if (sock->file->f_flags & O_NONBLOCK)
flags |= MSG_DONTWAIT; flags |= MSG_DONTWAIT;
msg.msg_flags = flags; msg.msg_flags = flags;
err = sock_sendmsg(sock, &msg, len); err = sock_sendmsg(sock, &msg, iov_iter_count(&msg.msg_iter));
out_put: out_put:
fput_light(sock->file, fput_needed); fput_light(sock->file, fput_needed);
...@@ -1710,26 +1706,22 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size, ...@@ -1710,26 +1706,22 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
int err, err2; int err, err2;
int fput_needed; int fput_needed;
if (size > INT_MAX) err = import_single_range(READ, ubuf, size, &iov, &msg.msg_iter);
size = INT_MAX; if (unlikely(err))
if (unlikely(!access_ok(VERIFY_WRITE, ubuf, size))) return err;
return -EFAULT;
sock = sockfd_lookup_light(fd, &err, &fput_needed); sock = sockfd_lookup_light(fd, &err, &fput_needed);
if (!sock) if (!sock)
goto out; goto out;
msg.msg_control = NULL; msg.msg_control = NULL;
msg.msg_controllen = 0; msg.msg_controllen = 0;
iov.iov_len = size;
iov.iov_base = ubuf;
iov_iter_init(&msg.msg_iter, READ, &iov, 1, size);
/* Save some cycles and don't copy the address if not needed */ /* Save some cycles and don't copy the address if not needed */
msg.msg_name = addr ? (struct sockaddr *)&address : NULL; msg.msg_name = addr ? (struct sockaddr *)&address : NULL;
/* We assume all kernel code knows the size of sockaddr_storage */ /* We assume all kernel code knows the size of sockaddr_storage */
msg.msg_namelen = 0; msg.msg_namelen = 0;
if (sock->file->f_flags & O_NONBLOCK) if (sock->file->f_flags & O_NONBLOCK)
flags |= MSG_DONTWAIT; flags |= MSG_DONTWAIT;
err = sock_recvmsg(sock, &msg, size, flags); err = sock_recvmsg(sock, &msg, iov_iter_count(&msg.msg_iter), flags);
if (err >= 0 && addr != NULL) { if (err >= 0 && addr != NULL) {
err2 = move_addr_to_user(&address, err2 = move_addr_to_user(&address,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7