Re: [PATCH 25/26] net: pass a sockptr_t into ->setsockopt
From: Christoph Hellwig
Date: Fri Aug 07 2020 - 03:21:32 EST
On Thu, Aug 06, 2020 at 03:21:25PM -0700, Eric Dumazet wrote:
> converting get_user(...) to copy_from_sockptr(...) really assumed the optlen
> has been validated to be >= sizeof(int) earlier.
>
> Which is not always the case, for example here.
Yes. And besides the bpfilter mess the main reason I even had to add
the sockptr vs just copying optlen in the high-level socket code.
Please take a look at the patch in the other thread to just revert to
the "dumb" version everywhere.