From: Guenter Roeck > Sent: 17 March 2021 01:38 ... > MSG_CMSG_COMPAT (0x80000000) is set in flags, meaning its value is negative. > This is then evaluated in > > if (flags & > ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT|MSG_ERRQUEUE)) > goto out; > > If any of those flags is declared as BIT() and thus long, flags is > sign-extended to long. Since it is negative, its upper 32 bits will be set, > the if statement evaluates as true, and the function bails out. > > This is relatively easy to fix here with, for example, > > if ((unsigned int)flags & > ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT|MSG_ERRQUEUE)) > goto out; > > but that is just a hack, and it doesn't solve the real problem: > Each function in struct proto_ops which passes flags passes it as int > (see include/linux/net.h:struct proto_ops). Each such function, if > called with MSG_CMSG_COMPAT set, will fail a match against > ~(MSG_anything) if MSG_anything is declared as BIT() or long.
Isn't MSG_CMSG_COMPAT an internal value? Could it be changed to 1u << 30 instead of 1u << 31 ? Then it wouldn't matter if the high bit of flags got replicated. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)