From 0b7f41f68710ccbf7d029c749616e5d26ae8f74d Mon Sep 17 00:00:00 2001 From: Arjun Roy Date: Tue, 25 Feb 2020 12:38:54 -0800 Subject: [PATCH] tcp-zerocopy: Update returned getsockopt() optlen. TCP receive zerocopy currently does not update the returned optlen for getsockopt() if the user passed in a larger than expected value. Thus, userspace cannot properly determine if all the fields are set in the passed-in struct. This patch sets the optlen for this case before returning, in keeping with the expected operation of getsockopt(). Fixes: c8856c051454 ("tcp-zerocopy: Return inq along with tcp receive zerocopy.") Signed-off-by: Arjun Roy Signed-off-by: Eric Dumazet Signed-off-by: Soheil Hassas Yeganeh Signed-off-by: Willem de Bruijn Signed-off-by: David S. Miller --- net/ipv4/tcp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 1b685485a5b5..48aa457a9516 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -3669,8 +3669,11 @@ static int do_tcp_getsockopt(struct sock *sk, int level, return -EFAULT; if (len < offsetofend(struct tcp_zerocopy_receive, length)) return -EINVAL; - if (len > sizeof(zc)) + if (len > sizeof(zc)) { len = sizeof(zc); + if (put_user(len, optlen)) + return -EFAULT; + } if (copy_from_user(&zc, optval, len)) return -EFAULT; lock_sock(sk);