diff options
Diffstat (limited to 'net/socket.c')
| -rw-r--r-- | net/socket.c | 44 |
1 files changed, 28 insertions, 16 deletions
diff --git a/net/socket.c b/net/socket.c index 2270b941bcc7..ee3cd280c76e 100644 --- a/net/socket.c +++ b/net/socket.c | |||
| @@ -209,8 +209,8 @@ int move_addr_to_kernel(void __user *uaddr, int ulen, struct sockaddr *kaddr) | |||
| 209 | * specified. Zero is returned for a success. | 209 | * specified. Zero is returned for a success. |
| 210 | */ | 210 | */ |
| 211 | 211 | ||
| 212 | int move_addr_to_user(struct sockaddr *kaddr, int klen, void __user *uaddr, | 212 | static int move_addr_to_user(struct sockaddr *kaddr, int klen, |
| 213 | int __user *ulen) | 213 | void __user *uaddr, int __user *ulen) |
| 214 | { | 214 | { |
| 215 | int err; | 215 | int err; |
| 216 | int len; | 216 | int len; |
| @@ -377,7 +377,7 @@ static int sock_alloc_file(struct socket *sock, struct file **f, int flags) | |||
| 377 | &socket_file_ops); | 377 | &socket_file_ops); |
| 378 | if (unlikely(!file)) { | 378 | if (unlikely(!file)) { |
| 379 | /* drop dentry, keep inode */ | 379 | /* drop dentry, keep inode */ |
| 380 | atomic_inc(&path.dentry->d_inode->i_count); | 380 | ihold(path.dentry->d_inode); |
| 381 | path_put(&path); | 381 | path_put(&path); |
| 382 | put_unused_fd(fd); | 382 | put_unused_fd(fd); |
| 383 | return -ENFILE; | 383 | return -ENFILE; |
| @@ -480,6 +480,7 @@ static struct socket *sock_alloc(void) | |||
| 480 | sock = SOCKET_I(inode); | 480 | sock = SOCKET_I(inode); |
| 481 | 481 | ||
| 482 | kmemcheck_annotate_bitfield(sock, type); | 482 | kmemcheck_annotate_bitfield(sock, type); |
| 483 | inode->i_ino = get_next_ino(); | ||
| 483 | inode->i_mode = S_IFSOCK | S_IRWXUGO; | 484 | inode->i_mode = S_IFSOCK | S_IRWXUGO; |
| 484 | inode->i_uid = current_fsuid(); | 485 | inode->i_uid = current_fsuid(); |
| 485 | inode->i_gid = current_fsgid(); | 486 | inode->i_gid = current_fsgid(); |
| @@ -502,6 +503,7 @@ static int sock_no_open(struct inode *irrelevant, struct file *dontcare) | |||
| 502 | const struct file_operations bad_sock_fops = { | 503 | const struct file_operations bad_sock_fops = { |
| 503 | .owner = THIS_MODULE, | 504 | .owner = THIS_MODULE, |
| 504 | .open = sock_no_open, | 505 | .open = sock_no_open, |
| 506 | .llseek = noop_llseek, | ||
| 505 | }; | 507 | }; |
| 506 | 508 | ||
| 507 | /** | 509 | /** |
| @@ -535,14 +537,13 @@ void sock_release(struct socket *sock) | |||
| 535 | } | 537 | } |
| 536 | EXPORT_SYMBOL(sock_release); | 538 | EXPORT_SYMBOL(sock_release); |
| 537 | 539 | ||
| 538 | int sock_tx_timestamp(struct msghdr *msg, struct sock *sk, | 540 | int sock_tx_timestamp(struct sock *sk, __u8 *tx_flags) |
| 539 | union skb_shared_tx *shtx) | ||
| 540 | { | 541 | { |
| 541 | shtx->flags = 0; | 542 | *tx_flags = 0; |
| 542 | if (sock_flag(sk, SOCK_TIMESTAMPING_TX_HARDWARE)) | 543 | if (sock_flag(sk, SOCK_TIMESTAMPING_TX_HARDWARE)) |
| 543 | shtx->hardware = 1; | 544 | *tx_flags |= SKBTX_HW_TSTAMP; |
| 544 | if (sock_flag(sk, SOCK_TIMESTAMPING_TX_SOFTWARE)) | 545 | if (sock_flag(sk, SOCK_TIMESTAMPING_TX_SOFTWARE)) |
| 545 | shtx->software = 1; | 546 | *tx_flags |= SKBTX_SW_TSTAMP; |
| 546 | return 0; | 547 | return 0; |
| 547 | } | 548 | } |
| 548 | EXPORT_SYMBOL(sock_tx_timestamp); | 549 | EXPORT_SYMBOL(sock_tx_timestamp); |
| @@ -662,7 +663,8 @@ void __sock_recv_timestamp(struct msghdr *msg, struct sock *sk, | |||
| 662 | } | 663 | } |
| 663 | EXPORT_SYMBOL_GPL(__sock_recv_timestamp); | 664 | EXPORT_SYMBOL_GPL(__sock_recv_timestamp); |
| 664 | 665 | ||
| 665 | inline void sock_recv_drops(struct msghdr *msg, struct sock *sk, struct sk_buff *skb) | 666 | static inline void sock_recv_drops(struct msghdr *msg, struct sock *sk, |
| 667 | struct sk_buff *skb) | ||
| 666 | { | 668 | { |
| 667 | if (sock_flag(sk, SOCK_RXQ_OVFL) && skb && skb->dropcount) | 669 | if (sock_flag(sk, SOCK_RXQ_OVFL) && skb && skb->dropcount) |
| 668 | put_cmsg(msg, SOL_SOCKET, SO_RXQ_OVFL, | 670 | put_cmsg(msg, SOL_SOCKET, SO_RXQ_OVFL, |
| @@ -1144,7 +1146,7 @@ call_kill: | |||
| 1144 | } | 1146 | } |
| 1145 | EXPORT_SYMBOL(sock_wake_async); | 1147 | EXPORT_SYMBOL(sock_wake_async); |
| 1146 | 1148 | ||
| 1147 | static int __sock_create(struct net *net, int family, int type, int protocol, | 1149 | int __sock_create(struct net *net, int family, int type, int protocol, |
| 1148 | struct socket **res, int kern) | 1150 | struct socket **res, int kern) |
| 1149 | { | 1151 | { |
| 1150 | int err; | 1152 | int err; |
| @@ -1256,6 +1258,7 @@ out_release: | |||
| 1256 | rcu_read_unlock(); | 1258 | rcu_read_unlock(); |
| 1257 | goto out_sock_release; | 1259 | goto out_sock_release; |
| 1258 | } | 1260 | } |
| 1261 | EXPORT_SYMBOL(__sock_create); | ||
| 1259 | 1262 | ||
| 1260 | int sock_create(int family, int type, int protocol, struct socket **res) | 1263 | int sock_create(int family, int type, int protocol, struct socket **res) |
| 1261 | { | 1264 | { |
| @@ -1919,7 +1922,8 @@ SYSCALL_DEFINE3(sendmsg, int, fd, struct msghdr __user *, msg, unsigned, flags) | |||
| 1919 | * Afterwards, it will be a kernel pointer. Thus the compiler-assisted | 1922 | * Afterwards, it will be a kernel pointer. Thus the compiler-assisted |
| 1920 | * checking falls down on this. | 1923 | * checking falls down on this. |
| 1921 | */ | 1924 | */ |
| 1922 | if (copy_from_user(ctl_buf, (void __user *)msg_sys.msg_control, | 1925 | if (copy_from_user(ctl_buf, |
| 1926 | (void __user __force *)msg_sys.msg_control, | ||
| 1923 | ctl_len)) | 1927 | ctl_len)) |
| 1924 | goto out_freectl; | 1928 | goto out_freectl; |
| 1925 | msg_sys.msg_control = ctl_buf; | 1929 | msg_sys.msg_control = ctl_buf; |
| @@ -3054,14 +3058,19 @@ int kernel_getsockopt(struct socket *sock, int level, int optname, | |||
| 3054 | char *optval, int *optlen) | 3058 | char *optval, int *optlen) |
| 3055 | { | 3059 | { |
| 3056 | mm_segment_t oldfs = get_fs(); | 3060 | mm_segment_t oldfs = get_fs(); |
| 3061 | char __user *uoptval; | ||
| 3062 | int __user *uoptlen; | ||
| 3057 | int err; | 3063 | int err; |
| 3058 | 3064 | ||
| 3065 | uoptval = (char __user __force *) optval; | ||
| 3066 | uoptlen = (int __user __force *) optlen; | ||
| 3067 | |||
| 3059 | set_fs(KERNEL_DS); | 3068 | set_fs(KERNEL_DS); |
| 3060 | if (level == SOL_SOCKET) | 3069 | if (level == SOL_SOCKET) |
| 3061 | err = sock_getsockopt(sock, level, optname, optval, optlen); | 3070 | err = sock_getsockopt(sock, level, optname, uoptval, uoptlen); |
| 3062 | else | 3071 | else |
| 3063 | err = sock->ops->getsockopt(sock, level, optname, optval, | 3072 | err = sock->ops->getsockopt(sock, level, optname, uoptval, |
| 3064 | optlen); | 3073 | uoptlen); |
| 3065 | set_fs(oldfs); | 3074 | set_fs(oldfs); |
| 3066 | return err; | 3075 | return err; |
| 3067 | } | 3076 | } |
| @@ -3071,13 +3080,16 @@ int kernel_setsockopt(struct socket *sock, int level, int optname, | |||
| 3071 | char *optval, unsigned int optlen) | 3080 | char *optval, unsigned int optlen) |
| 3072 | { | 3081 | { |
| 3073 | mm_segment_t oldfs = get_fs(); | 3082 | mm_segment_t oldfs = get_fs(); |
| 3083 | char __user *uoptval; | ||
| 3074 | int err; | 3084 | int err; |
| 3075 | 3085 | ||
| 3086 | uoptval = (char __user __force *) optval; | ||
| 3087 | |||
| 3076 | set_fs(KERNEL_DS); | 3088 | set_fs(KERNEL_DS); |
| 3077 | if (level == SOL_SOCKET) | 3089 | if (level == SOL_SOCKET) |
| 3078 | err = sock_setsockopt(sock, level, optname, optval, optlen); | 3090 | err = sock_setsockopt(sock, level, optname, uoptval, optlen); |
| 3079 | else | 3091 | else |
| 3080 | err = sock->ops->setsockopt(sock, level, optname, optval, | 3092 | err = sock->ops->setsockopt(sock, level, optname, uoptval, |
| 3081 | optlen); | 3093 | optlen); |
| 3082 | set_fs(oldfs); | 3094 | set_fs(oldfs); |
| 3083 | return err; | 3095 | return err; |