[PATCH net-next] tcp: Return error instead of partial read for saved syn headers

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH net-next] tcp: Return error instead of partial read for saved syn headers
@ 2015-05-18 18:35 Eric B Munson
  2015-05-18 18:41 ` Rick Jones
  2015-05-19 20:33 ` David Miller
  0 siblings, 2 replies; 4+ messages in thread
From: Eric B Munson @ 2015-05-18 18:35 UTC (permalink / raw)
  To: David Miller
  Cc: Eric B Munson, Eric Dumazet, Alexey Kuznetsov, James Morris,
	Hideaki YOSHIFUJI, Patrick McHardy, netdev, linux-kernel

Currently the getsockopt() requesting the cached contents of the syn
packet headers will fail silently if the caller uses a buffer that is
too small to contain the requested data.  Rather than fail silently and
discard the headers, getsockopt() should return an error and report the
required size to hold the data.

Signed-off-by: Eric B Munson <emunson@akamai.com>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Cc: James Morris <jmorris@namei.org>
Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
Cc: Patrick McHardy <kaber@trash.net>
Cc: netdev@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
---
 net/ipv4/tcp.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index c724195..bb9bb84 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -2845,7 +2845,15 @@ static int do_tcp_getsockopt(struct sock *sk, int level,
 
 		lock_sock(sk);
 		if (tp->saved_syn) {
-			len = min_t(unsigned int, tp->saved_syn[0], len);
+			if (len < tp->saved_syn[0]) {
+				if (put_user(tp->saved_syn[0], optlen)) {
+					release_sock(sk);
+					return -EFAULT;
+				}
+				release_sock(sk);
+				return -EINVAL;
+			}
+			len = tp->saved_syn[0];
 			if (put_user(len, optlen)) {
 				release_sock(sk);
 				return -EFAULT;
-- 
1.9.1

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH net-next] tcp: Return error instead of partial read for saved syn headers
  2015-05-18 18:35 [PATCH net-next] tcp: Return error instead of partial read for saved syn headers Eric B Munson
@ 2015-05-18 18:41 ` Rick Jones
  2015-05-18 19:01   ` Eric Dumazet
  2015-05-19 20:33 ` David Miller
  1 sibling, 1 reply; 4+ messages in thread
From: Rick Jones @ 2015-05-18 18:41 UTC (permalink / raw)
  To: Eric B Munson, David Miller
  Cc: Eric Dumazet, Alexey Kuznetsov, James Morris, Hideaki YOSHIFUJI,
	Patrick McHardy, netdev, linux-kernel

On 05/18/2015 11:35 AM, Eric B Munson wrote:
> Currently the getsockopt() requesting the cached contents of the syn
> packet headers will fail silently if the caller uses a buffer that is
> too small to contain the requested data.  Rather than fail silently and
> discard the headers, getsockopt() should return an error and report the
> required size to hold the data.

Is there any chapter and verse on whether a "failed" getsockopt() may 
alter the items passed to it?

rick jones

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH net-next] tcp: Return error instead of partial read for saved syn headers
  2015-05-18 18:41 ` Rick Jones
@ 2015-05-18 19:01   ` Eric Dumazet
  0 siblings, 0 replies; 4+ messages in thread
From: Eric Dumazet @ 2015-05-18 19:01 UTC (permalink / raw)
  To: Rick Jones
  Cc: Eric B Munson, David Miller, Eric Dumazet, Alexey Kuznetsov,
	James Morris, Hideaki YOSHIFUJI, Patrick McHardy, netdev,
	linux-kernel

On Mon, 2015-05-18 at 11:41 -0700, Rick Jones wrote:
> On 05/18/2015 11:35 AM, Eric B Munson wrote:
> > Currently the getsockopt() requesting the cached contents of the syn
> > packet headers will fail silently if the caller uses a buffer that is
> > too small to contain the requested data.  Rather than fail silently and
> > discard the headers, getsockopt() should return an error and report the
> > required size to hold the data.
> 
> Is there any chapter and verse on whether a "failed" getsockopt() may 
> alter the items passed to it?

This should be fine.

getsockopt() has two copyout to perform, the second one can fail.

We can not 'undo' the first one in a safe way.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH net-next] tcp: Return error instead of partial read for saved syn headers
  2015-05-18 18:35 [PATCH net-next] tcp: Return error instead of partial read for saved syn headers Eric B Munson
  2015-05-18 18:41 ` Rick Jones
@ 2015-05-19 20:33 ` David Miller
  1 sibling, 0 replies; 4+ messages in thread
From: David Miller @ 2015-05-19 20:33 UTC (permalink / raw)
  To: emunson; +Cc: edumazet, kuznet, jmorris, yoshfuji, kaber, netdev, linux-kernel

From: Eric B Munson <emunson@akamai.com>
Date: Mon, 18 May 2015 14:35:58 -0400

> Currently the getsockopt() requesting the cached contents of the syn
> packet headers will fail silently if the caller uses a buffer that is
> too small to contain the requested data.  Rather than fail silently and
> discard the headers, getsockopt() should return an error and report the
> required size to hold the data.
> 
> Signed-off-by: Eric B Munson <emunson@akamai.com>

Applied, thanks Eric.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2015-05-19 20:33 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-05-18 18:35 [PATCH net-next] tcp: Return error instead of partial read for saved syn headers Eric B Munson
2015-05-18 18:41 ` Rick Jones
2015-05-18 19:01   ` Eric Dumazet
2015-05-19 20:33 ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).