• Eric Dumazet's avatar
    udp: properly support MSG_PEEK with truncated buffers · dfe2042d
    Eric Dumazet authored
    [ Upstream commit 197c949e ]
    
    Backport of this upstream commit into stable kernels :
    89c22d8c ("net: Fix skb csum races when peeking")
    exposed a bug in udp stack vs MSG_PEEK support, when user provides
    a buffer smaller than skb payload.
    
    In this case,
    skb_copy_and_csum_datagram_iovec(skb, sizeof(struct udphdr),
                                     msg->msg_iov);
    returns -EFAULT.
    
    This bug does not happen in upstream kernels since Al Viro did a great
    job to replace this into :
    skb_copy_and_csum_datagram_msg(skb, sizeof(struct udphdr), msg);
    This variant is safe vs short buffers.
    
    For the time being, instead reverting Herbert Xu patch and add back
    skb->ip_summed invalid changes, simply store the result of
    udp_lib_checksum_complete() so that we avoid computing the checksum a
    second time, and avoid the problematic
    skb_copy_and_csum_datagram_iovec() call.
    
    This patch can be applied on recent kernels as it avoids a double
    checksumming, then backported to stable kernels as a bug fix.
    Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
    Acked-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    Signed-off-by: default avatarSasha Levin <alexander.levin@verizon.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    dfe2042d
udp.c 39.3 KB