[src/trunk]: src/sys/compat/linux/common Don't read data from userland direct...

[maxv <maxv%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/f5c1a4b90c4b
branches:  trunk
changeset: 459120:f5c1a4b90c4b
user:      maxv <maxv%NetBSD.org@localhost>
date:      Sat Aug 24 12:33:25 2019 +0000

description:
Don't read data from userland directly. This simply does not work on any
recent x86 CPU (thanks to SMAP) and all architectures that forbid direct
access to userland from the kernel. But I guess no one noticed because no
one ever uses compat_linux, right?

diffstat:

 sys/compat/linux/common/linux_socket.c |   6 +++---
 sys/compat/linux/common/linux_socket.h |  12 ++++++------
 2 files changed, 9 insertions(+), 9 deletions(-)

diffs (55 lines):

diff -r d14b840ca502 -r f5c1a4b90c4b sys/compat/linux/common/linux_socket.c
--- a/sys/compat/linux/common/linux_socket.c    Sat Aug 24 11:51:26 2019 +0000
+++ b/sys/compat/linux/common/linux_socket.c    Sat Aug 24 12:33:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_socket.c,v 1.145 2019/04/18 17:45:12 christos Exp $      */
+/*     $NetBSD: linux_socket.c,v 1.146 2019/08/24 12:33:25 maxv Exp $  */
 
 /*-
  * Copyright (c) 1995, 1998, 2008 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.145 2019/04/18 17:45:12 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.146 2019/08/24 12:33:25 maxv Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -605,7 +605,7 @@
 
                        resid -= LINUX_CMSG_ALIGN(l_cmsg.cmsg_len);
                        cidx += cspace;
-               } while ((l_cc = LINUX_CMSG_NXTHDR(&msg, l_cc)) && resid > 0);
+               } while ((l_cc = LINUX_CMSG_NXTHDR(&msg, l_cc, &l_cmsg)) && resid > 0);
 
                /* If we allocated a buffer, attach to mbuf */
                if (cidx > MLEN) {
diff -r d14b840ca502 -r f5c1a4b90c4b sys/compat/linux/common/linux_socket.h
--- a/sys/compat/linux/common/linux_socket.h    Sat Aug 24 11:51:26 2019 +0000
+++ b/sys/compat/linux/common/linux_socket.h    Sat Aug 24 12:33:25 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_socket.h,v 1.23 2017/02/03 16:57:39 christos Exp $       */
+/*     $NetBSD: linux_socket.h,v 1.24 2019/08/24 12:33:25 maxv Exp $   */
 
 /*-
  * Copyright (c) 1995, 1998 The NetBSD Foundation, Inc.
@@ -186,13 +186,13 @@
 /* Linux either uses this, or  &((cmsg)->__cmsg_data) */
 #define LINUX_CMSG_DATA(cmsg)  \
        ((u_char *)((struct linux_cmsghdr *)(cmsg) + 1))
-#define        LINUX_CMSG_NXTHDR(mhdr, cmsg)   \
-       ((((char *)(cmsg) + LINUX_CMSG_ALIGN((cmsg)->cmsg_len) + \
-                           sizeof(*(cmsg))) > \
+#define LINUX_CMSG_NXTHDR(mhdr, ucmsg, kcmsg)  \
+       ((((char *)(ucmsg) + LINUX_CMSG_ALIGN((kcmsg)->cmsg_len) + \
+                           sizeof(*(ucmsg))) > \
            (((char *)(mhdr)->msg_control) + (mhdr)->msg_controllen)) ? \
            (struct linux_cmsghdr *)NULL : \
-           (struct linux_cmsghdr *)((char *)(cmsg) + \
-               LINUX_CMSG_ALIGN((cmsg)->cmsg_len)))
+           (struct linux_cmsghdr *)((char *)(ucmsg) + \
+               LINUX_CMSG_ALIGN((kcmsg)->cmsg_len)))
 /* This the number of bytes removed from each item (excl. final padding) */
 #define LINUX_CMSG_ALIGN_DELTA \
        (CMSG_ALIGN(sizeof(struct cmsghdr)) - sizeof(struct linux_cmsghdr))