diff options
| author | Eric Dumazet <[email protected]> | 2023-02-17 18:24:54 +0000 |
|---|---|---|
| committer | David S. Miller <[email protected]> | 2023-02-20 11:39:59 +0000 |
| commit | 5f1eb1ff58ea122e24adf0bc940f268ed2227462 (patch) | |
| tree | 9e570cd6d4c78167faf5aa6a2b5f618ff093046b /lib/netdev-notifier-error-inject.c | |
| parent | fce10282a03db59bdb1cba6333d0564461d47bd6 (diff) | |
scm: add user copy checks to put_cmsg()
This is a followup of commit 2558b8039d05 ("net: use a bounce
buffer for copying skb->mark")
x86 and powerpc define user_access_begin, meaning
that they are not able to perform user copy checks
when using user_write_access_begin() / unsafe_copy_to_user()
and friends [1]
Instead of waiting bugs to trigger on other arches,
add a check_object_size() in put_cmsg() to make sure
that new code tested on x86 with CONFIG_HARDENED_USERCOPY=y
will perform more security checks.
[1] We can not generically call check_object_size() from
unsafe_copy_to_user() because UACCESS is enabled at this point.
Signed-off-by: Eric Dumazet <[email protected]>
Cc: Kees Cook <[email protected]>
Acked-by: Kees Cook <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Diffstat (limited to 'lib/netdev-notifier-error-inject.c')
0 files changed, 0 insertions, 0 deletions