LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Andy Lutomirski <luto@amacapital.net>,
	"David S. Miller" <davem@davemloft.net>,
	Catalin Marinas <catalin.marinas@arm.com>
Subject: [PATCH 3.10 11/62] net: compat: Ignore MSG_CMSG_COMPAT in compat_sys_{send, recv}msg
Date: Mon, 16 Mar 2015 15:09:28 +0100	[thread overview]
Message-ID: <20150316140933.678751969@linuxfoundation.org> (raw)
In-Reply-To: <20150316140933.139548981@linuxfoundation.org>

3.10-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Catalin Marinas <catalin.marinas@arm.com>

[ Upstream commit d720d8cec563ce4e4fa44a613d4f2dcb1caf2998 ]

With commit a7526eb5d06b (net: Unbreak compat_sys_{send,recv}msg), the
MSG_CMSG_COMPAT flag is blocked at the compat syscall entry points,
changing the kernel compat behaviour from the one before the commit it
was trying to fix (1be374a0518a, net: Block MSG_CMSG_COMPAT in
send(m)msg and recv(m)msg).

On 32-bit kernels (!CONFIG_COMPAT), MSG_CMSG_COMPAT is 0 and the native
32-bit sys_sendmsg() allows flag 0x80000000 to be set (it is ignored by
the kernel). However, on a 64-bit kernel, the compat ABI is different
with commit a7526eb5d06b.

This patch changes the compat_sys_{send,recv}msg behaviour to the one
prior to commit 1be374a0518a.

The problem was found running 32-bit LTP (sendmsg01) binary on an arm64
kernel. Arguably, LTP should not pass 0xffffffff as flags to sendmsg()
but the general rule is not to break user ABI (even when the user
behaviour is not entirely sane).

Fixes: a7526eb5d06b (net: Unbreak compat_sys_{send,recv}msg)
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: David S. Miller <davem@davemloft.net>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/compat.c |    9 ---------
 1 file changed, 9 deletions(-)

--- a/net/compat.c
+++ b/net/compat.c
@@ -738,24 +738,18 @@ static unsigned char nas[21] = {
 
 asmlinkage long compat_sys_sendmsg(int fd, struct compat_msghdr __user *msg, unsigned int flags)
 {
-	if (flags & MSG_CMSG_COMPAT)
-		return -EINVAL;
 	return __sys_sendmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT);
 }
 
 asmlinkage long compat_sys_sendmmsg(int fd, struct compat_mmsghdr __user *mmsg,
 				    unsigned int vlen, unsigned int flags)
 {
-	if (flags & MSG_CMSG_COMPAT)
-		return -EINVAL;
 	return __sys_sendmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
 			      flags | MSG_CMSG_COMPAT);
 }
 
 asmlinkage long compat_sys_recvmsg(int fd, struct compat_msghdr __user *msg, unsigned int flags)
 {
-	if (flags & MSG_CMSG_COMPAT)
-		return -EINVAL;
 	return __sys_recvmsg(fd, (struct msghdr __user *)msg, flags | MSG_CMSG_COMPAT);
 }
 
@@ -778,9 +772,6 @@ asmlinkage long compat_sys_recvmmsg(int
 	int datagrams;
 	struct timespec ktspec;
 
-	if (flags & MSG_CMSG_COMPAT)
-		return -EINVAL;
-
 	if (timeout == NULL)
 		return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
 				      flags | MSG_CMSG_COMPAT, NULL);



  parent reply	other threads:[~2015-03-16 14:25 UTC|newest]

Thread overview: 63+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-03-16 14:09 [PATCH 3.10 00/62] 3.10.72-stable review Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 01/62] rtnetlink: ifla_vf_policy: fix misuses of NLA_BINARY Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 02/62] ipv6: fix ipv6_cow_metrics for non DST_HOST case Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 03/62] rtnetlink: call ->dellink on failure when ->newlink exists Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 05/62] ipv4: ip_check_defrag should correctly check return value of skb_copy_bits Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 06/62] ipv4: ip_check_defrag should not assume that skb_network_offset is zero Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 07/62] net: phy: Fix verification of EEE support in phy_init_eee Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 09/62] net: reject creation of netdev names with colons Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 10/62] team: fix possible null pointer dereference in team_handle_frame Greg Kroah-Hartman
2015-03-16 14:09 ` Greg Kroah-Hartman [this message]
2015-03-16 14:09 ` [PATCH 3.10 12/62] macvtap: make sure neighbour code can push ethernet header Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 13/62] usb: plusb: Add support for National Instruments host-to-host cable Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 14/62] udp: only allow UFO for packets from SOCK_DGRAM sockets Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 15/62] team: dont traverse port list using rcu in team_set_mac_address Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 16/62] mm/hugetlb: add migration entry check in __unmap_hugepage_range Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 17/62] mm/mmap.c: fix arithmetic overflow in __vm_enough_memory() Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 18/62] mm/nommu.c: " Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 19/62] mm/compaction: fix wrong order check in compact_finished() Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 20/62] mm/memory.c: actually remap enough memory Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 21/62] target: Check for LBA + sectors wrap-around in sbc_parse_cdb Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 22/62] PM / QoS: remove duplicate call to pm_qos_update_target Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 23/62] x86/asm/entry/64: Remove a bogus ret_from_fork optimization Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 24/62] iio: imu: adis16400: Fix sign extension Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 25/62] btrfs: fix lost return value due to variable shadowing Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 26/62] Btrfs: fix data loss in the fast fsync path Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 27/62] Btrfs:__add_inode_ref: out of bounds memory read when looking for extended ref Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 28/62] KVM: emulate: fix CMPXCHG8B on 32-bit hosts Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 29/62] KVM: MIPS: Fix trace event to save PC directly Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 30/62] USB: serial: cp210x: Adding Seletek device ids Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 31/62] USB: usbfs: dont leak kernel data in siginfo Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 32/62] usb: ftdi_sio: Add jtag quirk support for Cyber Cortex AV boards Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 33/62] xhci: Allocate correct amount of scratchpad buffers Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 34/62] xhci: fix reporting of 0-sized URBs in control endpoint Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 35/62] net: irda: fix wait_until_sent poll timeout Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 36/62] USB: serial: fix infinite wait_until_sent timeout Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 37/62] TTY: fix tty_wait_until_sent on 64-bit machines Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 38/62] USB: serial: fix potential use-after-free after failed probe Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 39/62] autofs4 copy_dev_ioctl(): keep the value of ->size wed used for allocation Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 40/62] debugfs: leave freeing a symlink body until inode eviction Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 41/62] procfs: fix race between symlink removals and traversals Greg Kroah-Hartman
2015-03-16 14:09 ` [PATCH 3.10 42/62] sunrpc: fix braino in ->poll() Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 43/62] tty: fix up atime/mtime mess, take four Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 44/62] ALSA: pcm: Dont leave PREPARED state after draining Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 45/62] ALSA: hda - Add pin configs for ASUS mobo with IDT 92HD73XX codec Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 46/62] sg: fix read() error reporting Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 47/62] IB/qib: Do not write EEPROM Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 48/62] nilfs2: fix potential memory overrun on inode Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 49/62] fixed invalid assignment of 64bit mask to host dma_boundary for scatter gather segment boundary limit Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 50/62] clk: sunxi: Support factor clocks with N factor starting not from 0 Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 51/62] staging: comedi: comedi_compat32.c: fix COMEDI_CMD copy back Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 52/62] dm mirror: do not degrade the mirror on discard error Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 53/62] dm io: reject unsupported DISCARD requests with EOPNOTSUPP Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 54/62] dm: fix a race condition in dm_get_md Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 55/62] dm snapshot: fix a possible invalid memory access on unload Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 56/62] staging: comedi: cb_pcidas64: fix incorrect AI range code handling Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 57/62] HID: input: fix confusion on conflicting mappings Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 58/62] HID: fixup the conflicting keyboard mappings quirk Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 60/62] drm/radeon: fix 1 RB harvest config setup for TN/RL Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 61/62] ACPI / video: Load the module even if ACPI is disabled Greg Kroah-Hartman
2015-03-16 14:10 ` [PATCH 3.10 62/62] ath5k: fix spontaneus AR5312 freezes Greg Kroah-Hartman
2015-03-16 19:57 ` [PATCH 3.10 00/62] 3.10.72-stable review Guenter Roeck
2015-03-17 17:01 ` Masanari Iida
2015-03-17 20:44   ` Greg Kroah-Hartman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150316140933.678751969@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=catalin.marinas@arm.com \
    --cc=davem@davemloft.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=stable@vger.kernel.org \
    --subject='Re: [PATCH 3.10 11/62] net: compat: Ignore MSG_CMSG_COMPAT in compat_sys_{send, recv}msg' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).