On Mon, 8 Feb 2021 19:24:05 -0700 David Ahern wrote: > On 2/8/21 11:41 AM, Jakub Kicinski wrote: > > On Sun, 7 Feb 2021 10:26:54 +0200 Leon Romanovsky wrote: > >> There is a check that len is not larger than zs and users can't give > >> large buffer. > >> > >> I would say that is pretty safe to write "if (zc.reserved)". > > > > Which check? There's a check which truncates (writes back to user space > > len = min(len, sizeof(zc)). Application can still pass garbage beyond > > sizeof(zc) and syscall may start failing in the future if sizeof(zc) > > changes. > > That would be the case for new userspace on old kernel. Extending the > check to the end of the struct would guarantee new userspace can not ask > for something that the running kernel does not understand.
Indeed, so we're agreeing that check_zeroed_user() is needed before original optlen from user space gets truncated?
