From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-wr1-f45.google.com (mail-wr1-f45.google.com [209.85.221.45])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1801D38A70A
	for <linux-kernel@vger.kernel.org>; Tue, 16 Jun 2026 20:16:55 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.45
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1781641017; cv=none; b=NXFaYMoP85S/oZYIgSHwiKkMiOcYX1CjIYBlBPSXrXVWaHDirIamn8L8SlViKBdCoCb17TtjQAxXW3HlQln9gKqQB716N19ePrZjJlWfeyY4czB0G3sVCrPgPy2Ib9yyECYiMsXmBs+ibrKao/c+3IbC3sOS4BaDuxCe0Dt4mXw=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1781641017; c=relaxed/simple;
	bh=NDPe7BjRqQO81lM7S/gk96lWQXHDy2NfdCGZ9cKvSfg=;
	h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type; b=M9K+nK8TdMh5Jxjmxw7kc3ZH6xw60caPBE877o8T1JgbOVBvSz+bojw5od/p1IdcsgEkXVNbEe6TditbthWRAfJJgcROiGtSczhDsG51pX8WnLr6uk1Ma/Ar//fuXNHp8NG1avhWkmN7JiKACOTDftGE0aTMEMG8FYOeOI9z9fE=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=kq38Z4FV; arc=none smtp.client-ip=209.85.221.45
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="kq38Z4FV"
Received: by mail-wr1-f45.google.com with SMTP id ffacd0b85a97d-45eeba68948so3689684f8f.1
        for <linux-kernel@vger.kernel.org>; Tue, 16 Jun 2026 13:16:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1781641014; x=1782245814; darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:subject:cc:to:from:date:from:to:cc:subject:date
         :message-id:reply-to;
        bh=5ZHhd9DZXAW4wgKJX/mXTrxz0x9KgaM+DPaZGQCTuSg=;
        b=kq38Z4FVvBxl8kKxz6uizR6o7FvFkKKgk6E+SpK5yIJGXpEhyhMgA5/L622GJAtdRl
         S25Newj6Z4vcGrtkW2GV1ynCyLuRLlBbAvjmmcHc4NgONuwhf6PVlccDDFhKnAmWaf6Y
         K8HpQq1sLAfLLKzILxEhOc4gzlN8aFDNO3iWnaT/abjZfE6HcuDpz2Ji3i/rRalZ/gei
         79c5+69HeaLgxVxgZbMTW1qIyFUKGqZwd97Hbo8pLzFPrSDwAreBX87C0IuyzN87CjGy
         b2skhi6zApUyQroxJVuPGHXhQZLw+A2pkYD6djGjdDVxEErDVVm898wSpwsiJIp8bw7h
         x0tA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1781641014; x=1782245814;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=5ZHhd9DZXAW4wgKJX/mXTrxz0x9KgaM+DPaZGQCTuSg=;
        b=lHI4TgM6X9+dYzVehCszTUnrLFyvWbRK5ZtVl0tzRppUJHlSXgkv4hwkrXvQU8HVey
         JoVKHQN9bMhMtc82z9q0BhZ5v0RuMSl1MPZg5VauEjj5VwwDeHTx60sHz6WcxOhjO2AK
         JVnlhI5NNLwMSeA3frV6+ut+ErjU/YO0yTtLwxpgO/g5/cur4rWsoISCK2Nax/sGBCm0
         EoYGEuoOmoL9G6jYYuel0JLs+d/PlO29KAJL3RfBjISOoQzwz4vxK1neDGegu9Rwlm/Q
         n5jvPpL3wnWwG/XYD+FXc+g5qcfzn4H67SaX2TrrlAUzYxUb1ZIFoRxbR0Ws9/3qhRoU
         I3PQ==
X-Forwarded-Encrypted: i=1; AFNElJ/zfntZ1A2PVhYvbBg+eE1XtGQm1nhmb2bHIcWeG+/WM/nSTqiXBj6d7QHlLtWmNDRCz/UsrQHMmifk4Ek=@vger.kernel.org
X-Gm-Message-State: AOJu0YxH7h6wOpwjrKGYV6S8rWkzgjr9/l90s6ljT1WJujBLFyWKh2Px
	MJ8lxpN5p1d64so7lew8X+EAWtj24AX+swQ//X0JcA9NNOTNHopXusU4UV5u5U11
X-Gm-Gg: Acq92OFDAsijLXTtqN/1NiLrZjffyOk48zY7+YduO6syLXVN1q6r7f9KKN5aBeBzZIE
	xvXXhSvNF2MyOvVluKs9jDbPc+ItNGNmQ+KUU9joS/ExopxYcZ4iFOdP86Jr1JitlZc2AZ4RWk7
	27RKC2rftIGu6GlWPjUwu6cy0zii+ErDLy83hBrEEaly9HZmVeYPA3ipCncin//juz8uX+T5QSE
	vSHZP2Ia7t30s9X4ZohxDTGFudY9HqOYwbGFBIzTnexfyi4PvdPnBlG7wgWbWe+5dds2DdOe//3
	9s3D7XMB0AWLjfzW4R2SqpeiqJiX02325cfDNBqapuWByZNTJnS4/Q12p6Q5v8M/4G/YjKhcpva
	7Z/Jt7j4GHWS+95fGfyoE4kMcM5pm0chgTVC2AsLHzfjsGmVVOkzBq7Wd2y/FZpLA7K0YY3ZK5j
	Mw6zeOwfeS3UoDeeGttSK7TpfvMDWEZ048/EIO0fp/oXoWpXS+PgwyVGgf2ep7vt41R3c8ydE=
X-Received: by 2002:a5d:4650:0:b0:461:a16c:a5f4 with SMTP id ffacd0b85a97d-462391826aemr1168139f8f.33.1781641014427;
        Tue, 16 Jun 2026 13:16:54 -0700 (PDT)
Received: from pumpkin (82-69-66-36.dsl.in-addr.zen.co.uk. [82.69.66.36])
        by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-4619fb12edbsm10160310f8f.17.2026.06.16.13.16.53
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 16 Jun 2026 13:16:53 -0700 (PDT)
Date: Tue, 16 Jun 2026 21:16:52 +0100
From: David Laight <david.laight.linux@gmail.com>
To: Breno Leitao <leitao@debian.org>
Cc: Stanislav Fomichev <sdf.kernel@gmail.com>, "David S. Miller"
 <davem@davemloft.net>, Eric Dumazet <edumazet@google.com>, Jakub Kicinski
 <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>, Simon Horman
 <horms@kernel.org>, Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
 Shuah Khan <shuah@kernel.org>, netdev@vger.kernel.org,
 linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
 kernel-team@meta.com
Subject: Re: [PATCH net-next 2/2] udp: convert udp_lib_getsockopt to
 sockopt_t
Message-ID: <20260616211652.448d6b0e@pumpkin>
In-Reply-To: <ajF4Odi_L28LdIXC@gmail.com>
References: <20260612-getsockopt_phase2-v1-0-7b01f1f5d106@debian.org>
	<20260612-getsockopt_phase2-v1-2-7b01f1f5d106@debian.org>
	<aiy7ZR7Yz2Z4Ioyd@devvm7509.cco0.facebook.com>
	<ajF4Odi_L28LdIXC@gmail.com>
X-Mailer: Claws Mail 4.1.1 (GTK 3.24.38; arm-unknown-linux-gnueabihf)
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

On Tue, 16 Jun 2026 09:22:52 -0700
Breno Leitao <leitao@debian.org> wrote:

> On Fri, Jun 12, 2026 at 07:10:15PM -0700, Stanislav Fomichev wrote:
> > On 06/12, Breno Leitao wrote:  
> 
> > >  int udp_lib_getsockopt(struct sock *sk, int level, int optname,
> > > -		       char __user *optval, int __user *optlen)
> > > +		       sockopt_t *opt)
> > >  {
> > >  	struct udp_sock *up = udp_sk(sk);
> > >  	int val, len;
> > >  
> > > -	if (get_user(len, optlen))
> > > -		return -EFAULT;  
> > 
> > [..]
> >   
> > > -	if (len < 0)
> > > -		return -EINVAL;  
> > 
> > I see this part now in sockopt_init_user, but you mention that it's a
> > transitional helper. When we drop it, will we loose this <0 check?
> > Maybe keep `if ((int)opt->optlen < 0))` here for backwards
> > compatibility?  
> 
> Good idea. I will do it and respin (once net-next reopens).

The best place for the negative length check is in the syscall wrapper code.
Pass an unsigned length through to all the protocol code.
No need to require every function to do the test.

Note that the length check was actually broken in many protocols
going way back well before git.
There has pretty much always been an unsigned min() check that converted
negative values to small(ish) positive ones before the check for it being
negative.
(That predates min() being a #define.)

The recent change to actually error optlen < 0 might actually have broken
some applications that passed uninitialised stack that was always negative!

-- David

> 
> Thanks for the review,
> --breno
>