Merge 4.4.177 into android-4.4-p

[sagit-ice-cold/kernel_xiaomi_msm8998.git] / net / socket.c

diff --git a/net/socket.c b/net/socket.c
index 18aff3d..c3544d7 100644 (file)
--- a/net/socket.c
+++ b/net/socket.c
@@ -89,6 +89,7 @@
 #include <linux/magic.h>
 #include <linux/slab.h>
 #include <linux/xattr.h>
+#include <linux/nospec.h>
 
 #include <asm/uaccess.h>
 #include <asm/unistd.h>
@@ -469,27 +470,15 @@ static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed)
 static ssize_t sockfs_getxattr(struct dentry *dentry,
                               const char *name, void *value, size_t size)
 {
-       const char *proto_name;
-       size_t proto_size;
-       int error;
-
-       error = -ENODATA;
-       if (!strncmp(name, XATTR_NAME_SOCKPROTONAME, XATTR_NAME_SOCKPROTONAME_LEN)) {
-               proto_name = dentry->d_name.name;
-               proto_size = strlen(proto_name);
-
+       if (!strcmp(name, XATTR_NAME_SOCKPROTONAME)) {
                if (value) {
-                       error = -ERANGE;
-                       if (proto_size + 1 > size)
-                               goto out;
-
-                       strncpy(value, proto_name, proto_size + 1);
+                       if (dentry->d_name.len + 1 > size)
+                               return -ERANGE;
+                       memcpy(value, dentry->d_name.name, dentry->d_name.len + 1);
                }
-               error = proto_size + 1;
+               return dentry->d_name.len + 1;
        }
-
-out:
-       return error;
+       return -EOPNOTSUPP;
 }
 
 static ssize_t sockfs_listxattr(struct dentry *dentry, char *buffer,
@@ -1711,6 +1700,7 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
        /* We assume all kernel code knows the size of sockaddr_storage */
        msg.msg_namelen = 0;
        msg.msg_iocb = NULL;
+       msg.msg_flags = 0;
        if (sock->file->f_flags & O_NONBLOCK)
                flags |= MSG_DONTWAIT;
        err = sock_recvmsg(sock, &msg, iov_iter_count(&msg.msg_iter), flags);
@@ -2337,6 +2327,7 @@ SYSCALL_DEFINE2(socketcall, int, call, unsigned long __user *, args)
 
        if (call < 1 || call > SYS_SENDMMSG)
                return -EINVAL;
+       call = array_index_nospec(call, SYS_SENDMMSG + 1);
 
        len = nargs[call];
        if (len > sizeof(a))
@@ -2547,6 +2538,15 @@ out_fs:
 
 core_initcall(sock_init);      /* early initcall */
 
+static int __init jit_init(void)
+{
+#ifdef CONFIG_BPF_JIT_ALWAYS_ON
+       bpf_jit_enable = 1;
+#endif
+       return 0;
+}
+pure_initcall(jit_init);
+
 #ifdef CONFIG_PROC_FS
 void socket_seq_show(struct seq_file *seq)
 {
@@ -2762,9 +2762,14 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32)
                    copy_in_user(&rxnfc->fs.ring_cookie,
                                 &compat_rxnfc->fs.ring_cookie,
                                 (void __user *)(&rxnfc->fs.location + 1) -
-                                (void __user *)&rxnfc->fs.ring_cookie) ||
-                   copy_in_user(&rxnfc->rule_cnt, &compat_rxnfc->rule_cnt,
-                                sizeof(rxnfc->rule_cnt)))
+                                (void __user *)&rxnfc->fs.ring_cookie))
+                       return -EFAULT;
+               if (ethcmd == ETHTOOL_GRXCLSRLALL) {
+                       if (put_user(rule_cnt, &rxnfc->rule_cnt))
+                               return -EFAULT;
+               } else if (copy_in_user(&rxnfc->rule_cnt,
+                                       &compat_rxnfc->rule_cnt,
+                                       sizeof(rxnfc->rule_cnt)))
                        return -EFAULT;
        }