commit d7256d0eb4c82b789125f610fea11c6e82b1bcff
author Jean-Mickael Guerin <jean-mickael.guerin@6wind.com> Tue Dec 01 08:47:26 2009 +0000
committer David S. Miller <davem@davemloft.net> Wed Dec 02 01:23:23 2009 -0800
tree 60cf4d3350f16dfaba359933aa5ed9a8e97b0533
parent 810c07194f6ef541625e65b53392e9f605611a1a

net: compat_mmsghdr must be used in sys_recvmmsg

Both to traverse the entries and to set the msg_len field.

Commiter note: folded two patches and avoided one branch repeating the
compat test.

Signed-off-by: Jean-Mickael Guerin <jean-mickael.guerin@6wind.com>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/socket.c

diff --git a/net/socket.c b/net/socket.c
index 402abb3..b94c3dd 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -2144,6 +2144,7 @@
 	int fput_needed, err, datagrams;
 	struct socket *sock;
 	struct mmsghdr __user *entry;
+	struct compat_mmsghdr __user *compat_entry;
 	struct msghdr msg_sys;
 	struct timespec end_time;
 
@@ -2163,19 +2164,30 @@
 		goto out_put;
 
 	entry = mmsg;
+	compat_entry = (struct compat_mmsghdr __user *)mmsg;
 
 	while (datagrams < vlen) {
 		/*
 		 * No need to ask LSM for more than the first datagram.
 		 */
-		err = __sys_recvmsg(sock, (struct msghdr __user *)entry,
-				    &msg_sys, flags, datagrams);
-		if (err < 0)
-			break;
-		err = put_user(err, &entry->msg_len);
+		if (MSG_CMSG_COMPAT & flags) {
+			err = __sys_recvmsg(sock, (struct msghdr __user *)compat_entry,
+					    &msg_sys, flags, datagrams);
+			if (err < 0)
+				break;
+			err = __put_user(err, &compat_entry->msg_len);
+			++compat_entry;
+		} else {
+			err = __sys_recvmsg(sock, (struct msghdr __user *)entry,
+					    &msg_sys, flags, datagrams);
+			if (err < 0)
+				break;
+			err = put_user(err, &entry->msg_len);
+			++entry;
+		}
+
 		if (err)
 			break;
-		++entry;
 		++datagrams;
 
 		if (timeout) {