Re: [PATCH net-next v2 2/6] net: Block MSG_SENDPAGE_* from being passed to sendmsg() by userspace

[Simon Horman]

On Wed, May 31, 2023 at 01:45:24PM +0100, David Howells wrote:
> It is necessary to allow MSG_SENDPAGE_* to be passed into ->sendmsg() to
> allow sendmsg(MSG_SPLICE_PAGES) to replace ->sendpage().  Unblocking them
> in the network protocol, however, allows these flags to be passed in by
> userspace too[1].
> 
> Fix this by marking MSG_SENDPAGE_NOPOLICY, MSG_SENDPAGE_NOTLAST and
> MSG_SENDPAGE_DECRYPTED as internal flags, which causes sendmsg() to object
> if they are passed to sendmsg() by userspace.  Network protocol ->sendmsg()
> implementations can then allow them through.
> 
> Note that it should be possible to remove MSG_SENDPAGE_NOTLAST once
> sendpage is removed as a whole slew of pages will be passed in in one go by

Hi David,

on the off-chance that you need to respin for some other reason:

	s/in in/in/

> splice through sendmsg, with MSG_MORE being set if it has more data waiting
> in the pipe.

...