When skb_copy_datagram_iovec called to fetch queued data it may fail with EFAULT and if MSG_PEEK set by a caller the position get advanced even if data hasn't been read. So we might loose data bits here on subsequent recvmsg calls. Instead lets exit early with error.
In sake of https://jira.sw.ru/browse/PSBM-57921 CC: Andrey Vagin <ava...@openvz.org> Signed-off-by: Cyrill Gorcunov <gorcu...@openvz.org> --- net/netlink/af_netlink.c | 4 ++++ 1 file changed, 4 insertions(+) Index: linux-pcs7.git/net/netlink/af_netlink.c =================================================================== --- linux-pcs7.git.orig/net/netlink/af_netlink.c +++ linux-pcs7.git/net/netlink/af_netlink.c @@ -2473,6 +2473,10 @@ static int netlink_recvmsg(struct kiocb skb_reset_transport_header(data_skb); err = skb_copy_datagram_iovec(data_skb, skip, msg->msg_iov, copied); + if (err) { + skb_free_datagram(sk, skb); + goto out; + } if (flags & MSG_PEEK) sk_peek_offset_fwd(sk, copied); _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
