forked from Minki/linux
af_iucv: cleanup and refactor recvmsg() EFAULT handling
If the skb cannot be copied to user iovec, always return -EFAULT. The skb is enqueued again, except MSG_PEEK flag is set, to allow user space applications to correct its iovec pointer. Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com> Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
aa8e71f58a
commit
802788bf90
@ -965,7 +965,6 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
|
||||
int noblock = flags & MSG_DONTWAIT;
|
||||
struct sock *sk = sock->sk;
|
||||
struct iucv_sock *iucv = iucv_sk(sk);
|
||||
int target;
|
||||
unsigned int copied, rlen;
|
||||
struct sk_buff *skb, *rskb, *cskb;
|
||||
int err = 0;
|
||||
@ -979,8 +978,6 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
|
||||
if (flags & (MSG_OOB))
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
target = sock_rcvlowat(sk, flags & MSG_WAITALL, len);
|
||||
|
||||
skb = skb_recv_datagram(sk, flags, noblock, &err);
|
||||
if (!skb) {
|
||||
if (sk->sk_shutdown & RCV_SHUTDOWN)
|
||||
@ -993,10 +990,9 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
|
||||
|
||||
cskb = skb;
|
||||
if (memcpy_toiovec(msg->msg_iov, cskb->data, copied)) {
|
||||
skb_queue_head(&sk->sk_receive_queue, skb);
|
||||
if (copied == 0)
|
||||
return -EFAULT;
|
||||
goto done;
|
||||
if (!(flags & MSG_PEEK))
|
||||
skb_queue_head(&sk->sk_receive_queue, skb);
|
||||
return -EFAULT;
|
||||
}
|
||||
|
||||
/* SOCK_SEQPACKET: set MSG_TRUNC if recv buf size is too small */
|
||||
|
Loading…
Reference in New Issue
Block a user