[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Stable-8.2.4 05/16] linux-user: do_setsockopt: fix SOL_ALG.ALG_SET_KEY
|
From: |
Michael Tokarev |
|
Subject: |
[Stable-8.2.4 05/16] linux-user: do_setsockopt: fix SOL_ALG.ALG_SET_KEY |
|
Date: |
Tue, 7 May 2024 11:42:04 +0300 |
This setsockopt accepts zero-lengh optlen (current qemu implementation
does not allow this). Also, there's no need to make a copy of the key,
it is enough to use lock_user() (which accepts zero length already).
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2197
Fixes: f31dddd2fc "linux-user: Add support for setsockopt() option SOL_ALG"
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Message-Id: <20240331100737.2724186-2-mjt@tls.msk.ru>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit 04f6fb897a5aeb3e356a7b889869c9962f9c16c7)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 11c75e3b4e..2b1a3ee094 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -2277,18 +2277,13 @@ static abi_long do_setsockopt(int sockfd, int level,
int optname,
switch (optname) {
case ALG_SET_KEY:
{
- char *alg_key = g_malloc(optlen);
-
+ char *alg_key = lock_user(VERIFY_READ, optval_addr, optlen, 1);
if (!alg_key) {
- return -TARGET_ENOMEM;
- }
- if (copy_from_user(alg_key, optval_addr, optlen)) {
- g_free(alg_key);
return -TARGET_EFAULT;
}
ret = get_errno(setsockopt(sockfd, level, optname,
alg_key, optlen));
- g_free(alg_key);
+ unlock_user(alg_key, optval_addr, optlen);
break;
}
case ALG_SET_AEAD_AUTHSIZE:
--
2.39.2
- [Stable-8.2.4 00/16] Patch Round-up for stable 8.2.4 (planned for 2024-05-12), Michael Tokarev, 2024/05/07
- [Stable-8.2.4 01/16] target/riscv/kvm: change KVM_REG_RISCV_FP_F to u32, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 02/16] target/riscv/kvm: change KVM_REG_RISCV_FP_D to u64, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 03/16] target/riscv/kvm: change timer regs size to u64, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 04/16] migration/colo: Fix bdrv_graph_rdlock_main_loop: Assertion `!qemu_in_coroutine()' failed., Michael Tokarev, 2024/05/07
- [Stable-8.2.4 06/16] nbd/server: do not poll within a coroutine context, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 05/16] linux-user: do_setsockopt: fix SOL_ALG.ALG_SET_KEY,
Michael Tokarev <=
- [Stable-8.2.4 07/16] nbd/server: Mark negotiation functions as coroutine_fn, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 08/16] backends/cryptodev-builtin: Fix local_error leaks, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 09/16] target/loongarch/cpu.c: typo fix: expection, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 10/16] tests/avocado: update sunxi kernel from armbian to 6.6.16, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 11/16] .gitlab-ci.d/cirrus.yml: Shorten the runtime of the macOS and FreeBSD jobs, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 13/16] hw/dmax/xlnx_dpdma: fix handling of address_extension descriptor fields, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 15/16] target/sh4: Fix ADDV opcode, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 14/16] hw/arm/npcm7xx: Store derivative OTP fuse key in little endian, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 16/16] target/sh4: Fix SUBV opcode, Michael Tokarev, 2024/05/07
- [Stable-8.2.4 12/16] hw/ufs: Fix buffer overflow bug, Michael Tokarev, 2024/05/07