From: Christoph Hellwig <hch@lst.de>
Date: Thu, 23 Jul 2020 08:08:47 +0200
Subject: net: switch copy_bpf_fprog_from_user to sockptr_t
Patch-mainline: v5.9-rc1
Git-commit: b1ea9ff6aff2deae84eccaf0a07cd14912669680
References: bsc#1177028
Pass a sockptr_t to prepare for set_fs-less handling of the kernel
pointer from bpf-cgroup.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Acked-by: Gary Lin <glin@suse.com>
NOTE from Gary:
Slightly modified the diff of include/linux/filter.h
---
include/linux/filter.h | 3 ++-
net/core/filter.c | 6 +++---
net/core/sock.c | 6 ++++--
net/packet/af_packet.c | 4 ++--
4 files changed, 11 insertions(+), 8 deletions(-)
--- a/include/linux/filter.h
+++ b/include/linux/filter.h
@@ -21,6 +21,7 @@
#include <linux/kallsyms.h>
#include <linux/if_vlan.h>
#include <linux/vmalloc.h>
+#include <linux/sockptr.h>
#include <net/sch_generic.h>
@@ -1274,7 +1275,7 @@ struct bpf_sockopt_kern {
s32 retval;
};
-int copy_bpf_fprog_from_user(struct sock_fprog *dst, void __user *src, int len);
+int copy_bpf_fprog_from_user(struct sock_fprog *dst, sockptr_t src, int len);
struct bpf_sk_lookup_kern {
u16 family;
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -77,14 +77,14 @@
#include <net/transp_v6.h>
#include <linux/btf_ids.h>
-int copy_bpf_fprog_from_user(struct sock_fprog *dst, void __user *src, int len)
+int copy_bpf_fprog_from_user(struct sock_fprog *dst, sockptr_t src, int len)
{
if (in_compat_syscall()) {
struct compat_sock_fprog f32;
if (len != sizeof(f32))
return -EINVAL;
- if (copy_from_user(&f32, src, sizeof(f32)))
+ if (copy_from_sockptr(&f32, src, sizeof(f32)))
return -EFAULT;
memset(dst, 0, sizeof(*dst));
dst->len = f32.len;
@@ -92,7 +92,7 @@ int copy_bpf_fprog_from_user(struct sock
} else {
if (len != sizeof(*dst))
return -EINVAL;
- if (copy_from_user(dst, src, sizeof(*dst)))
+ if (copy_from_sockptr(dst, src, sizeof(*dst)))
return -EFAULT;
}
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1027,7 +1027,8 @@ set_rcvbuf:
case SO_ATTACH_FILTER: {
struct sock_fprog fprog;
- ret = copy_bpf_fprog_from_user(&fprog, optval, optlen);
+ ret = copy_bpf_fprog_from_user(&fprog, USER_SOCKPTR(optval),
+ optlen);
if (!ret)
ret = sk_attach_filter(&fprog, sk);
break;
@@ -1048,7 +1049,8 @@ set_rcvbuf:
case SO_ATTACH_REUSEPORT_CBPF: {
struct sock_fprog fprog;
- ret = copy_bpf_fprog_from_user(&fprog, optval, optlen);
+ ret = copy_bpf_fprog_from_user(&fprog, USER_SOCKPTR(optval),
+ optlen);
if (!ret)
ret = sk_reuseport_attach_filter(&fprog, sk);
break;
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -1535,7 +1535,7 @@ static void __fanout_set_data_bpf(struct
}
}
-static int fanout_set_data_cbpf(struct packet_sock *po, char __user *data,
+static int fanout_set_data_cbpf(struct packet_sock *po, sockptr_t data,
unsigned int len)
{
struct bpf_prog *new;
@@ -1583,7 +1583,7 @@ static int fanout_set_data(struct packet
{
switch (po->fanout->type) {
case PACKET_FANOUT_CBPF:
- return fanout_set_data_cbpf(po, data, len);
+ return fanout_set_data_cbpf(po, USER_SOCKPTR(data), len);
case PACKET_FANOUT_EBPF:
return fanout_set_data_ebpf(po, data, len);
default: