[Bridge] [PATCH 25/26] net: pass a sockptr_t into ->setsockopt
Christoph Hellwig
hch at lst.de
Fri Aug 7 07:21:20 UTC 2020
On Thu, Aug 06, 2020 at 03:21:25PM -0700, Eric Dumazet wrote:
> converting get_user(...) to copy_from_sockptr(...) really assumed the optlen
> has been validated to be >= sizeof(int) earlier.
>
> Which is not always the case, for example here.
Yes. And besides the bpfilter mess the main reason I even had to add
the sockptr vs just copying optlen in the high-level socket code.
Please take a look at the patch in the other thread to just revert to
the "dumb" version everywhere.
More information about the Bridge
mailing list