Merge branch 'do-a-single-memdup_user-in-sctp_setsockopt-v2'

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Christoph Hellwig says:

====================
do a single memdup_user in sctp_setsockopt v2

here is a resend of my series to lift the copy_from_user out of the
individual sctp sockopt handlers into the main sctp_setsockopt
routine.

Changes since v1:
- fixes a few sizeof calls.
- use memzero_explicit in sctp_setsockopt_auth_key instead of special
casing it for a kzfree in the caller
- remove some minor cleanups from sctp_setsockopt_autoclose to keep
it closer to the existing version
- add another little only vaguely related cleanup patch
====================

Signed-off-by: David S. Miller <davem@davemloft.net>

David S. Miller 5 years ago bed1ce78 9aa0dfe1

+477 -722

1 changed file

expand all

net

sctp

socket.c

+477 -722

net/sctp/socket.c

··· 979 979 * 980 980 * Returns 0 if ok, <0 errno code on error. 981 981 */ 982 - static int sctp_setsockopt_bindx_kernel(struct sock *sk, 983 - struct sockaddr *addrs, int addrs_size, 984 - int op) 982 + static int sctp_setsockopt_bindx(struct sock *sk, struct sockaddr *addrs, 983 + int addrs_size, int op) 985 984 { 986 985 int err; 987 986 int addrcnt = 0; ··· 990 991 struct sctp_af *af; 991 992 992 993 pr_debug("%s: sk:%p addrs:%p addrs_size:%d opt:%d\n", 993 - __func__, sk, addrs, addrs_size, op); 994 + __func__, sk, addr_buf, addrs_size, op); 994 995 995 996 if (unlikely(addrs_size <= 0)) 996 997 return -EINVAL; ··· 1036 1037 } 1037 1038 } 1038 1039 1039 - static int sctp_setsockopt_bindx(struct sock *sk, 1040 - struct sockaddr __user *addrs, 1041 - int addrs_size, int op) 1042 - { 1043 - struct sockaddr *kaddrs; 1044 - int err; 1045 - 1046 - kaddrs = memdup_user(addrs, addrs_size); 1047 - if (IS_ERR(kaddrs)) 1048 - return PTR_ERR(kaddrs); 1049 - err = sctp_setsockopt_bindx_kernel(sk, kaddrs, addrs_size, op); 1050 - kfree(kaddrs); 1051 - return err; 1052 - } 1053 - 1054 1040 static int sctp_bind_add(struct sock *sk, struct sockaddr *addrs, 1055 1041 int addrlen) 1056 1042 { 1057 1043 int err; 1058 1044 1059 1045 lock_sock(sk); 1060 - err = sctp_setsockopt_bindx_kernel(sk, addrs, addrlen, 1061 - SCTP_BINDX_ADD_ADDR); 1046 + err = sctp_setsockopt_bindx(sk, addrs, addrlen, SCTP_BINDX_ADD_ADDR); 1062 1047 release_sock(sk); 1063 1048 return err; 1064 1049 } ··· 1286 1303 * it. 1287 1304 * 1288 1305 * sk The sk of the socket 1289 - * addrs The pointer to the addresses in user land 1306 + * addrs The pointer to the addresses 1290 1307 * addrssize Size of the addrs buffer 1291 1308 * 1292 1309 * Returns >=0 if ok, <0 errno code on error. 1293 1310 */ 1294 - static int __sctp_setsockopt_connectx(struct sock *sk, 1295 - struct sockaddr __user *addrs, 1296 - int addrs_size, 1297 - sctp_assoc_t *assoc_id) 1311 + static int __sctp_setsockopt_connectx(struct sock *sk, struct sockaddr *kaddrs, 1312 + int addrs_size, sctp_assoc_t *assoc_id) 1298 1313 { 1299 - struct sockaddr *kaddrs; 1300 1314 int err = 0, flags = 0; 1301 1315 1302 1316 pr_debug("%s: sk:%p addrs:%p addrs_size:%d\n", 1303 - __func__, sk, addrs, addrs_size); 1317 + __func__, sk, kaddrs, addrs_size); 1304 1318 1305 1319 /* make sure the 1st addr's sa_family is accessible later */ 1306 1320 if (unlikely(addrs_size < sizeof(sa_family_t))) 1307 1321 return -EINVAL; 1308 - 1309 - kaddrs = memdup_user(addrs, addrs_size); 1310 - if (IS_ERR(kaddrs)) 1311 - return PTR_ERR(kaddrs); 1312 1322 1313 1323 /* Allow security module to validate connectx addresses. */ 1314 1324 err = security_sctp_bind_connect(sk, SCTP_SOCKOPT_CONNECTX, 1315 1325 (struct sockaddr *)kaddrs, 1316 1326 addrs_size); 1317 1327 if (err) 1318 - goto out_free; 1328 + return err; 1319 1329 1320 1330 /* in-kernel sockets don't generally have a file allocated to them 1321 1331 * if all they do is call sock_create_kern(). ··· 1316 1340 if (sk->sk_socket->file) 1317 1341 flags = sk->sk_socket->file->f_flags; 1318 1342 1319 - err = __sctp_connect(sk, kaddrs, addrs_size, flags, assoc_id); 1320 - 1321 - out_free: 1322 - kfree(kaddrs); 1323 - 1324 - return err; 1343 + return __sctp_connect(sk, kaddrs, addrs_size, flags, assoc_id); 1325 1344 } 1326 1345 1327 1346 /* ··· 1324 1353 * to the option that doesn't provide association id. 1325 1354 */ 1326 1355 static int sctp_setsockopt_connectx_old(struct sock *sk, 1327 - struct sockaddr __user *addrs, 1356 + struct sockaddr *kaddrs, 1328 1357 int addrs_size) 1329 1358 { 1330 - return __sctp_setsockopt_connectx(sk, addrs, addrs_size, NULL); 1359 + return __sctp_setsockopt_connectx(sk, kaddrs, addrs_size, NULL); 1331 1360 } 1332 1361 1333 1362 /* ··· 1337 1366 * always positive. 1338 1367 */ 1339 1368 static int sctp_setsockopt_connectx(struct sock *sk, 1340 - struct sockaddr __user *addrs, 1369 + struct sockaddr *kaddrs, 1341 1370 int addrs_size) 1342 1371 { 1343 1372 sctp_assoc_t assoc_id = 0; 1344 1373 int err = 0; 1345 1374 1346 - err = __sctp_setsockopt_connectx(sk, addrs, addrs_size, &assoc_id); 1375 + err = __sctp_setsockopt_connectx(sk, kaddrs, addrs_size, &assoc_id); 1347 1376 1348 1377 if (err) 1349 1378 return err; ··· 1373 1402 { 1374 1403 struct sctp_getaddrs_old param; 1375 1404 sctp_assoc_t assoc_id = 0; 1405 + struct sockaddr *kaddrs; 1376 1406 int err = 0; 1377 1407 1378 1408 #ifdef CONFIG_COMPAT ··· 1397 1425 return -EFAULT; 1398 1426 } 1399 1427 1400 - err = __sctp_setsockopt_connectx(sk, (struct sockaddr __user *) 1401 - param.addrs, param.addr_num, 1402 - &assoc_id); 1428 + kaddrs = memdup_user(param.addrs, param.addr_num); 1429 + if (IS_ERR(kaddrs)) 1430 + return PTR_ERR(kaddrs); 1431 + 1432 + err = __sctp_setsockopt_connectx(sk, kaddrs, param.addr_num, &assoc_id); 1433 + kfree(kaddrs); 1403 1434 if (err == 0 || err == -EINPROGRESS) { 1404 1435 if (copy_to_user(optval, &assoc_id, sizeof(assoc_id))) 1405 1436 return -EFAULT; ··· 2184 2209 * exceeds the current PMTU size, the message will NOT be sent and 2185 2210 * instead a error will be indicated to the user. 2186 2211 */ 2187 - static int sctp_setsockopt_disable_fragments(struct sock *sk, 2188 - char __user *optval, 2212 + static int sctp_setsockopt_disable_fragments(struct sock *sk, int *val, 2189 2213 unsigned int optlen) 2190 2214 { 2191 - int val; 2192 - 2193 2215 if (optlen < sizeof(int)) 2194 2216 return -EINVAL; 2195 - 2196 - if (get_user(val, (int __user *)optval)) 2197 - return -EFAULT; 2198 - 2199 - sctp_sk(sk)->disable_fragments = (val == 0) ? 0 : 1; 2200 - 2217 + sctp_sk(sk)->disable_fragments = (*val == 0) ? 0 : 1; 2201 2218 return 0; 2202 2219 } 2203 2220 2204 - static int sctp_setsockopt_events(struct sock *sk, char __user *optval, 2221 + static int sctp_setsockopt_events(struct sock *sk, __u8 *sn_type, 2205 2222 unsigned int optlen) 2206 2223 { 2207 - struct sctp_event_subscribe subscribe; 2208 - __u8 *sn_type = (__u8 *)&subscribe; 2209 2224 struct sctp_sock *sp = sctp_sk(sk); 2210 2225 struct sctp_association *asoc; 2211 2226 int i; 2212 2227 2213 2228 if (optlen > sizeof(struct sctp_event_subscribe)) 2214 2229 return -EINVAL; 2215 - 2216 - if (copy_from_user(&subscribe, optval, optlen)) 2217 - return -EFAULT; 2218 2230 2219 2231 for (i = 0; i < optlen; i++) 2220 2232 sctp_ulpevent_type_set(&sp->subscribe, SCTP_SN_TYPE_BASE + i, ··· 2242 2280 * integer defining the number of seconds of idle time before an 2243 2281 * association is closed. 2244 2282 */ 2245 - static int sctp_setsockopt_autoclose(struct sock *sk, char __user *optval, 2283 + static int sctp_setsockopt_autoclose(struct sock *sk, u32 *optval, 2246 2284 unsigned int optlen) 2247 2285 { 2248 2286 struct sctp_sock *sp = sctp_sk(sk); ··· 2253 2291 return -EOPNOTSUPP; 2254 2292 if (optlen != sizeof(int)) 2255 2293 return -EINVAL; 2256 - if (copy_from_user(&sp->autoclose, optval, optlen)) 2257 - return -EFAULT; 2258 2294 2295 + sp->autoclose = *optval; 2259 2296 if (sp->autoclose > net->sctp.max_autoclose) 2260 2297 sp->autoclose = net->sctp.max_autoclose; 2261 2298 ··· 2589 2628 } 2590 2629 2591 2630 static int sctp_setsockopt_peer_addr_params(struct sock *sk, 2592 - char __user *optval, 2631 + struct sctp_paddrparams *params, 2593 2632 unsigned int optlen) 2594 2633 { 2595 - struct sctp_paddrparams params; 2596 2634 struct sctp_transport *trans = NULL; 2597 2635 struct sctp_association *asoc = NULL; 2598 2636 struct sctp_sock *sp = sctp_sk(sk); 2599 2637 int error; 2600 2638 int hb_change, pmtud_change, sackdelay_change; 2601 2639 2602 - if (optlen == sizeof(params)) { 2603 - if (copy_from_user(&params, optval, optlen)) 2604 - return -EFAULT; 2605 - } else if (optlen == ALIGN(offsetof(struct sctp_paddrparams, 2640 + if (optlen == ALIGN(offsetof(struct sctp_paddrparams, 2606 2641 spp_ipv6_flowlabel), 4)) { 2607 - if (copy_from_user(&params, optval, optlen)) 2608 - return -EFAULT; 2609 - if (params.spp_flags & (SPP_DSCP | SPP_IPV6_FLOWLABEL)) 2642 + if (params->spp_flags & (SPP_DSCP | SPP_IPV6_FLOWLABEL)) 2610 2643 return -EINVAL; 2611 - } else { 2644 + } else if (optlen != sizeof(*params)) { 2612 2645 return -EINVAL; 2613 2646 } 2614 2647 2615 2648 /* Validate flags and value parameters. */ 2616 - hb_change = params.spp_flags & SPP_HB; 2617 - pmtud_change = params.spp_flags & SPP_PMTUD; 2618 - sackdelay_change = params.spp_flags & SPP_SACKDELAY; 2649 + hb_change = params->spp_flags & SPP_HB; 2650 + pmtud_change = params->spp_flags & SPP_PMTUD; 2651 + sackdelay_change = params->spp_flags & SPP_SACKDELAY; 2619 2652 2620 2653 if (hb_change == SPP_HB || 2621 2654 pmtud_change == SPP_PMTUD || 2622 2655 sackdelay_change == SPP_SACKDELAY || 2623 - params.spp_sackdelay > 500 || 2624 - (params.spp_pathmtu && 2625 - params.spp_pathmtu < SCTP_DEFAULT_MINSEGMENT)) 2656 + params->spp_sackdelay > 500 || 2657 + (params->spp_pathmtu && 2658 + params->spp_pathmtu < SCTP_DEFAULT_MINSEGMENT)) 2626 2659 return -EINVAL; 2627 2660 2628 2661 /* If an address other than INADDR_ANY is specified, and 2629 2662 * no transport is found, then the request is invalid. 2630 2663 */ 2631 - if (!sctp_is_any(sk, (union sctp_addr *)&params.spp_address)) { 2632 - trans = sctp_addr_id2transport(sk, &params.spp_address, 2633 - params.spp_assoc_id); 2664 + if (!sctp_is_any(sk, (union sctp_addr *)&params->spp_address)) { 2665 + trans = sctp_addr_id2transport(sk, &params->spp_address, 2666 + params->spp_assoc_id); 2634 2667 if (!trans) 2635 2668 return -EINVAL; 2636 2669 } ··· 2633 2678 * socket is a one to many style socket, and an association 2634 2679 * was not found, then the id was invalid. 2635 2680 */ 2636 - asoc = sctp_id2assoc(sk, params.spp_assoc_id); 2637 - if (!asoc && params.spp_assoc_id != SCTP_FUTURE_ASSOC && 2681 + asoc = sctp_id2assoc(sk, params->spp_assoc_id); 2682 + if (!asoc && params->spp_assoc_id != SCTP_FUTURE_ASSOC && 2638 2683 sctp_style(sk, UDP)) 2639 2684 return -EINVAL; 2640 2685 2641 2686 /* Heartbeat demand can only be sent on a transport or 2642 2687 * association, but not a socket. 2643 2688 */ 2644 - if (params.spp_flags & SPP_HB_DEMAND && !trans && !asoc) 2689 + if (params->spp_flags & SPP_HB_DEMAND && !trans && !asoc) 2645 2690 return -EINVAL; 2646 2691 2647 2692 /* Process parameters. */ 2648 - error = sctp_apply_peer_addr_params(&params, trans, asoc, sp, 2693 + error = sctp_apply_peer_addr_params(params, trans, asoc, sp, 2649 2694 hb_change, pmtud_change, 2650 2695 sackdelay_change); 2651 2696 ··· 2658 2703 if (!trans && asoc) { 2659 2704 list_for_each_entry(trans, &asoc->peer.transport_addr_list, 2660 2705 transports) { 2661 - sctp_apply_peer_addr_params(&params, trans, asoc, sp, 2706 + sctp_apply_peer_addr_params(params, trans, asoc, sp, 2662 2707 hb_change, pmtud_change, 2663 2708 sackdelay_change); 2664 2709 } ··· 2751 2796 */ 2752 2797 2753 2798 static int sctp_setsockopt_delayed_ack(struct sock *sk, 2754 - char __user *optval, unsigned int optlen) 2799 + struct sctp_sack_info *params, 2800 + unsigned int optlen) 2755 2801 { 2756 2802 struct sctp_sock *sp = sctp_sk(sk); 2757 2803 struct sctp_association *asoc; 2758 - struct sctp_sack_info params; 2759 2804 2760 2805 if (optlen == sizeof(struct sctp_sack_info)) { 2761 - if (copy_from_user(&params, optval, optlen)) 2762 - return -EFAULT; 2763 - 2764 - if (params.sack_delay == 0 && params.sack_freq == 0) 2806 + if (params->sack_delay == 0 && params->sack_freq == 0) 2765 2807 return 0; 2766 2808 } else if (optlen == sizeof(struct sctp_assoc_value)) { 2767 2809 pr_warn_ratelimited(DEPRECATED ··· 2766 2814 "Use of struct sctp_assoc_value in delayed_ack socket option.\n" 2767 2815 "Use struct sctp_sack_info instead\n", 2768 2816 current->comm, task_pid_nr(current)); 2769 - if (copy_from_user(&params, optval, optlen)) 2770 - return -EFAULT; 2771 2817 2772 - if (params.sack_delay == 0) 2773 - params.sack_freq = 1; 2818 + if (params->sack_delay == 0) 2819 + params->sack_freq = 1; 2774 2820 else 2775 - params.sack_freq = 0; 2821 + params->sack_freq = 0; 2776 2822 } else 2777 2823 return -EINVAL; 2778 2824 2779 2825 /* Validate value parameter. */ 2780 - if (params.sack_delay > 500) 2826 + if (params->sack_delay > 500) 2781 2827 return -EINVAL; 2782 2828 2783 2829 /* Get association, if sack_assoc_id != SCTP_FUTURE_ASSOC and the 2784 2830 * socket is a one to many style socket, and an association 2785 2831 * was not found, then the id was invalid. 2786 2832 */ 2787 - asoc = sctp_id2assoc(sk, params.sack_assoc_id); 2788 - if (!asoc && params.sack_assoc_id > SCTP_ALL_ASSOC && 2833 + asoc = sctp_id2assoc(sk, params->sack_assoc_id); 2834 + if (!asoc && params->sack_assoc_id > SCTP_ALL_ASSOC && 2789 2835 sctp_style(sk, UDP)) 2790 2836 return -EINVAL; 2791 2837 2792 2838 if (asoc) { 2793 - sctp_apply_asoc_delayed_ack(&params, asoc); 2839 + sctp_apply_asoc_delayed_ack(params, asoc); 2794 2840 2795 2841 return 0; 2796 2842 } 2797 2843 2798 2844 if (sctp_style(sk, TCP)) 2799 - params.sack_assoc_id = SCTP_FUTURE_ASSOC; 2845 + params->sack_assoc_id = SCTP_FUTURE_ASSOC; 2800 2846 2801 - if (params.sack_assoc_id == SCTP_FUTURE_ASSOC || 2802 - params.sack_assoc_id == SCTP_ALL_ASSOC) { 2803 - if (params.sack_delay) { 2804 - sp->sackdelay = params.sack_delay; 2847 + if (params->sack_assoc_id == SCTP_FUTURE_ASSOC || 2848 + params->sack_assoc_id == SCTP_ALL_ASSOC) { 2849 + if (params->sack_delay) { 2850 + sp->sackdelay = params->sack_delay; 2805 2851 sp->param_flags = 2806 2852 sctp_spp_sackdelay_enable(sp->param_flags); 2807 2853 } 2808 - if (params.sack_freq == 1) { 2854 + if (params->sack_freq == 1) { 2809 2855 sp->param_flags = 2810 2856 sctp_spp_sackdelay_disable(sp->param_flags); 2811 - } else if (params.sack_freq > 1) { 2812 - sp->sackfreq = params.sack_freq; 2857 + } else if (params->sack_freq > 1) { 2858 + sp->sackfreq = params->sack_freq; 2813 2859 sp->param_flags = 2814 2860 sctp_spp_sackdelay_enable(sp->param_flags); 2815 2861 } 2816 2862 } 2817 2863 2818 - if (params.sack_assoc_id == SCTP_CURRENT_ASSOC || 2819 - params.sack_assoc_id == SCTP_ALL_ASSOC) 2864 + if (params->sack_assoc_id == SCTP_CURRENT_ASSOC || 2865 + params->sack_assoc_id == SCTP_ALL_ASSOC) 2820 2866 list_for_each_entry(asoc, &sp->ep->asocs, asocs) 2821 - sctp_apply_asoc_delayed_ack(&params, asoc); 2867 + sctp_apply_asoc_delayed_ack(params, asoc); 2822 2868 2823 2869 return 0; 2824 2870 } ··· 2832 2882 * by the change). With TCP-style sockets, this option is inherited by 2833 2883 * sockets derived from a listener socket. 2834 2884 */ 2835 - static int sctp_setsockopt_initmsg(struct sock *sk, char __user *optval, unsigned int optlen) 2885 + static int sctp_setsockopt_initmsg(struct sock *sk, struct sctp_initmsg *sinit, 2886 + unsigned int optlen) 2836 2887 { 2837 - struct sctp_initmsg sinit; 2838 2888 struct sctp_sock *sp = sctp_sk(sk); 2839 2889 2840 2890 if (optlen != sizeof(struct sctp_initmsg)) 2841 2891 return -EINVAL; 2842 - if (copy_from_user(&sinit, optval, optlen)) 2843 - return -EFAULT; 2844 2892 2845 - if (sinit.sinit_num_ostreams) 2846 - sp->initmsg.sinit_num_ostreams = sinit.sinit_num_ostreams; 2847 - if (sinit.sinit_max_instreams) 2848 - sp->initmsg.sinit_max_instreams = sinit.sinit_max_instreams; 2849 - if (sinit.sinit_max_attempts) 2850 - sp->initmsg.sinit_max_attempts = sinit.sinit_max_attempts; 2851 - if (sinit.sinit_max_init_timeo) 2852 - sp->initmsg.sinit_max_init_timeo = sinit.sinit_max_init_timeo; 2893 + if (sinit->sinit_num_ostreams) 2894 + sp->initmsg.sinit_num_ostreams = sinit->sinit_num_ostreams; 2895 + if (sinit->sinit_max_instreams) 2896 + sp->initmsg.sinit_max_instreams = sinit->sinit_max_instreams; 2897 + if (sinit->sinit_max_attempts) 2898 + sp->initmsg.sinit_max_attempts = sinit->sinit_max_attempts; 2899 + if (sinit->sinit_max_init_timeo) 2900 + sp->initmsg.sinit_max_init_timeo = sinit->sinit_max_init_timeo; 2853 2901 2854 2902 return 0; 2855 2903 } ··· 2867 2919 * to this call if the caller is using the UDP model. 2868 2920 */ 2869 2921 static int sctp_setsockopt_default_send_param(struct sock *sk, 2870 - char __user *optval, 2922 + struct sctp_sndrcvinfo *info, 2871 2923 unsigned int optlen) 2872 2924 { 2873 2925 struct sctp_sock *sp = sctp_sk(sk); 2874 2926 struct sctp_association *asoc; 2875 - struct sctp_sndrcvinfo info; 2876 2927 2877 - if (optlen != sizeof(info)) 2928 + if (optlen != sizeof(*info)) 2878 2929 return -EINVAL; 2879 - if (copy_from_user(&info, optval, optlen)) 2880 - return -EFAULT; 2881 - if (info.sinfo_flags & 2930 + if (info->sinfo_flags & 2882 2931 ~(SCTP_UNORDERED | SCTP_ADDR_OVER | 2883 2932 SCTP_ABORT | SCTP_EOF)) 2884 2933 return -EINVAL; 2885 2934 2886 - asoc = sctp_id2assoc(sk, info.sinfo_assoc_id); 2887 - if (!asoc && info.sinfo_assoc_id > SCTP_ALL_ASSOC && 2935 + asoc = sctp_id2assoc(sk, info->sinfo_assoc_id); 2936 + if (!asoc && info->sinfo_assoc_id > SCTP_ALL_ASSOC && 2888 2937 sctp_style(sk, UDP)) 2889 2938 return -EINVAL; 2890 2939 2891 2940 if (asoc) { 2892 - asoc->default_stream = info.sinfo_stream; 2893 - asoc->default_flags = info.sinfo_flags; 2894 - asoc->default_ppid = info.sinfo_ppid; 2895 - asoc->default_context = info.sinfo_context; 2896 - asoc->default_timetolive = info.sinfo_timetolive; 2941 + asoc->default_stream = info->sinfo_stream; 2942 + asoc->default_flags = info->sinfo_flags; 2943 + asoc->default_ppid = info->sinfo_ppid; 2944 + asoc->default_context = info->sinfo_context; 2945 + asoc->default_timetolive = info->sinfo_timetolive; 2897 2946 2898 2947 return 0; 2899 2948 } 2900 2949 2901 2950 if (sctp_style(sk, TCP)) 2902 - info.sinfo_assoc_id = SCTP_FUTURE_ASSOC; 2951 + info->sinfo_assoc_id = SCTP_FUTURE_ASSOC; 2903 2952 2904 - if (info.sinfo_assoc_id == SCTP_FUTURE_ASSOC || 2905 - info.sinfo_assoc_id == SCTP_ALL_ASSOC) { 2906 - sp->default_stream = info.sinfo_stream; 2907 - sp->default_flags = info.sinfo_flags; 2908 - sp->default_ppid = info.sinfo_ppid; 2909 - sp->default_context = info.sinfo_context; 2910 - sp->default_timetolive = info.sinfo_timetolive; 2953 + if (info->sinfo_assoc_id == SCTP_FUTURE_ASSOC || 2954 + info->sinfo_assoc_id == SCTP_ALL_ASSOC) { 2955 + sp->default_stream = info->sinfo_stream; 2956 + sp->default_flags = info->sinfo_flags; 2957 + sp->default_ppid = info->sinfo_ppid; 2958 + sp->default_context = info->sinfo_context; 2959 + sp->default_timetolive = info->sinfo_timetolive; 2911 2960 } 2912 2961 2913 - if (info.sinfo_assoc_id == SCTP_CURRENT_ASSOC || 2914 - info.sinfo_assoc_id == SCTP_ALL_ASSOC) { 2962 + if (info->sinfo_assoc_id == SCTP_CURRENT_ASSOC || 2963 + info->sinfo_assoc_id == SCTP_ALL_ASSOC) { 2915 2964 list_for_each_entry(asoc, &sp->ep->asocs, asocs) { 2916 - asoc->default_stream = info.sinfo_stream; 2917 - asoc->default_flags = info.sinfo_flags; 2918 - asoc->default_ppid = info.sinfo_ppid; 2919 - asoc->default_context = info.sinfo_context; 2920 - asoc->default_timetolive = info.sinfo_timetolive; 2965 + asoc->default_stream = info->sinfo_stream; 2966 + asoc->default_flags = info->sinfo_flags; 2967 + asoc->default_ppid = info->sinfo_ppid; 2968 + asoc->default_context = info->sinfo_context; 2969 + asoc->default_timetolive = info->sinfo_timetolive; 2921 2970 } 2922 2971 } 2923 2972 ··· 2925 2980 * (SCTP_DEFAULT_SNDINFO) 2926 2981 */ 2927 2982 static int sctp_setsockopt_default_sndinfo(struct sock *sk, 2928 - char __user *optval, 2983 + struct sctp_sndinfo *info, 2929 2984 unsigned int optlen) 2930 2985 { 2931 2986 struct sctp_sock *sp = sctp_sk(sk); 2932 2987 struct sctp_association *asoc; 2933 - struct sctp_sndinfo info; 2934 2988 2935 - if (optlen != sizeof(info)) 2989 + if (optlen != sizeof(*info)) 2936 2990 return -EINVAL; 2937 - if (copy_from_user(&info, optval, optlen)) 2938 - return -EFAULT; 2939 - if (info.snd_flags & 2991 + if (info->snd_flags & 2940 2992 ~(SCTP_UNORDERED | SCTP_ADDR_OVER | 2941 2993 SCTP_ABORT | SCTP_EOF)) 2942 2994 return -EINVAL; 2943 2995 2944 - asoc = sctp_id2assoc(sk, info.snd_assoc_id); 2945 - if (!asoc && info.snd_assoc_id > SCTP_ALL_ASSOC && 2996 + asoc = sctp_id2assoc(sk, info->snd_assoc_id); 2997 + if (!asoc && info->snd_assoc_id > SCTP_ALL_ASSOC && 2946 2998 sctp_style(sk, UDP)) 2947 2999 return -EINVAL; 2948 3000 2949 3001 if (asoc) { 2950 - asoc->default_stream = info.snd_sid; 2951 - asoc->default_flags = info.snd_flags; 2952 - asoc->default_ppid = info.snd_ppid; 2953 - asoc->default_context = info.snd_context; 3002 + asoc->default_stream = info->snd_sid; 3003 + asoc->default_flags = info->snd_flags; 3004 + asoc->default_ppid = info->snd_ppid; 3005 + asoc->default_context = info->snd_context; 2954 3006 2955 3007 return 0; 2956 3008 } 2957 3009 2958 3010 if (sctp_style(sk, TCP)) 2959 - info.snd_assoc_id = SCTP_FUTURE_ASSOC; 3011 + info->snd_assoc_id = SCTP_FUTURE_ASSOC; 2960 3012 2961 - if (info.snd_assoc_id == SCTP_FUTURE_ASSOC || 2962 - info.snd_assoc_id == SCTP_ALL_ASSOC) { 2963 - sp->default_stream = info.snd_sid; 2964 - sp->default_flags = info.snd_flags; 2965 - sp->default_ppid = info.snd_ppid; 2966 - sp->default_context = info.snd_context; 3013 + if (info->snd_assoc_id == SCTP_FUTURE_ASSOC || 3014 + info->snd_assoc_id == SCTP_ALL_ASSOC) { 3015 + sp->default_stream = info->snd_sid; 3016 + sp->default_flags = info->snd_flags; 3017 + sp->default_ppid = info->snd_ppid; 3018 + sp->default_context = info->snd_context; 2967 3019 } 2968 3020 2969 - if (info.snd_assoc_id == SCTP_CURRENT_ASSOC || 2970 - info.snd_assoc_id == SCTP_ALL_ASSOC) { 3021 + if (info->snd_assoc_id == SCTP_CURRENT_ASSOC || 3022 + info->snd_assoc_id == SCTP_ALL_ASSOC) { 2971 3023 list_for_each_entry(asoc, &sp->ep->asocs, asocs) { 2972 - asoc->default_stream = info.snd_sid; 2973 - asoc->default_flags = info.snd_flags; 2974 - asoc->default_ppid = info.snd_ppid; 2975 - asoc->default_context = info.snd_context; 3024 + asoc->default_stream = info->snd_sid; 3025 + asoc->default_flags = info->snd_flags; 3026 + asoc->default_ppid = info->snd_ppid; 3027 + asoc->default_context = info->snd_context; 2976 3028 } 2977 3029 } 2978 3030 ··· 2982 3040 * the association primary. The enclosed address must be one of the 2983 3041 * association peer's addresses. 2984 3042 */ 2985 - static int sctp_setsockopt_primary_addr(struct sock *sk, char __user *optval, 3043 + static int sctp_setsockopt_primary_addr(struct sock *sk, struct sctp_prim *prim, 2986 3044 unsigned int optlen) 2987 3045 { 2988 - struct sctp_prim prim; 2989 3046 struct sctp_transport *trans; 2990 3047 struct sctp_af *af; 2991 3048 int err; ··· 2992 3051 if (optlen != sizeof(struct sctp_prim)) 2993 3052 return -EINVAL; 2994 3053 2995 - if (copy_from_user(&prim, optval, sizeof(struct sctp_prim))) 2996 - return -EFAULT; 2997 - 2998 3054 /* Allow security module to validate address but need address len. */ 2999 - af = sctp_get_af_specific(prim.ssp_addr.ss_family); 3055 + af = sctp_get_af_specific(prim->ssp_addr.ss_family); 3000 3056 if (!af) 3001 3057 return -EINVAL; 3002 3058 3003 3059 err = security_sctp_bind_connect(sk, SCTP_PRIMARY_ADDR, 3004 - (struct sockaddr *)&prim.ssp_addr, 3060 + (struct sockaddr *)&prim->ssp_addr, 3005 3061 af->sockaddr_len); 3006 3062 if (err) 3007 3063 return err; 3008 3064 3009 - trans = sctp_addr_id2transport(sk, &prim.ssp_addr, prim.ssp_assoc_id); 3065 + trans = sctp_addr_id2transport(sk, &prim->ssp_addr, prim->ssp_assoc_id); 3010 3066 if (!trans) 3011 3067 return -EINVAL; 3012 3068 ··· 3020 3082 * introduced, at the cost of more packets in the network. Expects an 3021 3083 * integer boolean flag. 3022 3084 */ 3023 - static int sctp_setsockopt_nodelay(struct sock *sk, char __user *optval, 3085 + static int sctp_setsockopt_nodelay(struct sock *sk, int *val, 3024 3086 unsigned int optlen) 3025 3087 { 3026 - int val; 3027 - 3028 3088 if (optlen < sizeof(int)) 3029 3089 return -EINVAL; 3030 - if (get_user(val, (int __user *)optval)) 3031 - return -EFAULT; 3032 - 3033 - sctp_sk(sk)->nodelay = (val == 0) ? 0 : 1; 3090 + sctp_sk(sk)->nodelay = (*val == 0) ? 0 : 1; 3034 3091 return 0; 3035 3092 } 3036 3093 ··· 3041 3108 * be changed. 3042 3109 * 3043 3110 */ 3044 - static int sctp_setsockopt_rtoinfo(struct sock *sk, char __user *optval, unsigned int optlen) 3111 + static int sctp_setsockopt_rtoinfo(struct sock *sk, 3112 + struct sctp_rtoinfo *rtoinfo, 3113 + unsigned int optlen) 3045 3114 { 3046 - struct sctp_rtoinfo rtoinfo; 3047 3115 struct sctp_association *asoc; 3048 3116 unsigned long rto_min, rto_max; 3049 3117 struct sctp_sock *sp = sctp_sk(sk); ··· 3052 3118 if (optlen != sizeof (struct sctp_rtoinfo)) 3053 3119 return -EINVAL; 3054 3120 3055 - if (copy_from_user(&rtoinfo, optval, optlen)) 3056 - return -EFAULT; 3057 - 3058 - asoc = sctp_id2assoc(sk, rtoinfo.srto_assoc_id); 3121 + asoc = sctp_id2assoc(sk, rtoinfo->srto_assoc_id); 3059 3122 3060 3123 /* Set the values to the specific association */ 3061 - if (!asoc && rtoinfo.srto_assoc_id != SCTP_FUTURE_ASSOC && 3124 + if (!asoc && rtoinfo->srto_assoc_id != SCTP_FUTURE_ASSOC && 3062 3125 sctp_style(sk, UDP)) 3063 3126 return -EINVAL; 3064 3127 3065 - rto_max = rtoinfo.srto_max; 3066 - rto_min = rtoinfo.srto_min; 3128 + rto_max = rtoinfo->srto_max; 3129 + rto_min = rtoinfo->srto_min; 3067 3130 3068 3131 if (rto_max) 3069 3132 rto_max = asoc ? msecs_to_jiffies(rto_max) : rto_max; ··· 3076 3145 return -EINVAL; 3077 3146 3078 3147 if (asoc) { 3079 - if (rtoinfo.srto_initial != 0) 3148 + if (rtoinfo->srto_initial != 0) 3080 3149 asoc->rto_initial = 3081 - msecs_to_jiffies(rtoinfo.srto_initial); 3150 + msecs_to_jiffies(rtoinfo->srto_initial); 3082 3151 asoc->rto_max = rto_max; 3083 3152 asoc->rto_min = rto_min; 3084 3153 } else { 3085 3154 /* If there is no association or the association-id = 0 3086 3155 * set the values to the endpoint. 3087 3156 */ 3088 - if (rtoinfo.srto_initial != 0) 3089 - sp->rtoinfo.srto_initial = rtoinfo.srto_initial; 3157 + if (rtoinfo->srto_initial != 0) 3158 + sp->rtoinfo.srto_initial = rtoinfo->srto_initial; 3090 3159 sp->rtoinfo.srto_max = rto_max; 3091 3160 sp->rtoinfo.srto_min = rto_min; 3092 3161 } ··· 3105 3174 * See [SCTP] for more information. 3106 3175 * 3107 3176 */ 3108 - static int sctp_setsockopt_associnfo(struct sock *sk, char __user *optval, unsigned int optlen) 3177 + static int sctp_setsockopt_associnfo(struct sock *sk, 3178 + struct sctp_assocparams *assocparams, 3179 + unsigned int optlen) 3109 3180 { 3110 3181 3111 - struct sctp_assocparams assocparams; 3112 3182 struct sctp_association *asoc; 3113 3183 3114 3184 if (optlen != sizeof(struct sctp_assocparams)) 3115 3185 return -EINVAL; 3116 - if (copy_from_user(&assocparams, optval, optlen)) 3117 - return -EFAULT; 3118 3186 3119 - asoc = sctp_id2assoc(sk, assocparams.sasoc_assoc_id); 3187 + asoc = sctp_id2assoc(sk, assocparams->sasoc_assoc_id); 3120 3188 3121 - if (!asoc && assocparams.sasoc_assoc_id != SCTP_FUTURE_ASSOC && 3189 + if (!asoc && assocparams->sasoc_assoc_id != SCTP_FUTURE_ASSOC && 3122 3190 sctp_style(sk, UDP)) 3123 3191 return -EINVAL; 3124 3192 3125 3193 /* Set the values to the specific association */ 3126 3194 if (asoc) { 3127 - if (assocparams.sasoc_asocmaxrxt != 0) { 3195 + if (assocparams->sasoc_asocmaxrxt != 0) { 3128 3196 __u32 path_sum = 0; 3129 3197 int paths = 0; 3130 3198 struct sctp_transport *peer_addr; ··· 3140 3210 * then one path. 3141 3211 */ 3142 3212 if (paths > 1 && 3143 - assocparams.sasoc_asocmaxrxt > path_sum) 3213 + assocparams->sasoc_asocmaxrxt > path_sum) 3144 3214 return -EINVAL; 3145 3215 3146 - asoc->max_retrans = assocparams.sasoc_asocmaxrxt; 3216 + asoc->max_retrans = assocparams->sasoc_asocmaxrxt; 3147 3217 } 3148 3218 3149 - if (assocparams.sasoc_cookie_life != 0) 3150 - asoc->cookie_life = ms_to_ktime(assocparams.sasoc_cookie_life); 3219 + if (assocparams->sasoc_cookie_life != 0) 3220 + asoc->cookie_life = 3221 + ms_to_ktime(assocparams->sasoc_cookie_life); 3151 3222 } else { 3152 3223 /* Set the values to the endpoint */ 3153 3224 struct sctp_sock *sp = sctp_sk(sk); 3154 3225 3155 - if (assocparams.sasoc_asocmaxrxt != 0) 3226 + if (assocparams->sasoc_asocmaxrxt != 0) 3156 3227 sp->assocparams.sasoc_asocmaxrxt = 3157 - assocparams.sasoc_asocmaxrxt; 3158 - if (assocparams.sasoc_cookie_life != 0) 3228 + assocparams->sasoc_asocmaxrxt; 3229 + if (assocparams->sasoc_cookie_life != 0) 3159 3230 sp->assocparams.sasoc_cookie_life = 3160 - assocparams.sasoc_cookie_life; 3231 + assocparams->sasoc_cookie_life; 3161 3232 } 3162 3233 return 0; 3163 3234 } ··· 3173 3242 * addresses and a user will receive both PF_INET6 and PF_INET type 3174 3243 * addresses on the socket. 3175 3244 */ 3176 - static int sctp_setsockopt_mappedv4(struct sock *sk, char __user *optval, unsigned int optlen) 3245 + static int sctp_setsockopt_mappedv4(struct sock *sk, int *val, 3246 + unsigned int optlen) 3177 3247 { 3178 - int val; 3179 3248 struct sctp_sock *sp = sctp_sk(sk); 3180 3249 3181 3250 if (optlen < sizeof(int)) 3182 3251 return -EINVAL; 3183 - if (get_user(val, (int __user *)optval)) 3184 - return -EFAULT; 3185 - if (val) 3252 + if (*val) 3186 3253 sp->v4mapped = 1; 3187 3254 else 3188 3255 sp->v4mapped = 0; ··· 3215 3286 * changed (effecting future associations only). 3216 3287 * assoc_value: This parameter specifies the maximum size in bytes. 3217 3288 */ 3218 - static int sctp_setsockopt_maxseg(struct sock *sk, char __user *optval, unsigned int optlen) 3289 + static int sctp_setsockopt_maxseg(struct sock *sk, 3290 + struct sctp_assoc_value *params, 3291 + unsigned int optlen) 3219 3292 { 3220 3293 struct sctp_sock *sp = sctp_sk(sk); 3221 - struct sctp_assoc_value params; 3222 3294 struct sctp_association *asoc; 3295 + sctp_assoc_t assoc_id; 3223 3296 int val; 3224 3297 3225 3298 if (optlen == sizeof(int)) { ··· 3230 3299 "Use of int in maxseg socket option.\n" 3231 3300 "Use struct sctp_assoc_value instead\n", 3232 3301 current->comm, task_pid_nr(current)); 3233 - if (copy_from_user(&val, optval, optlen)) 3234 - return -EFAULT; 3235 - params.assoc_id = SCTP_FUTURE_ASSOC; 3302 + assoc_id = SCTP_FUTURE_ASSOC; 3303 + val = *(int *)params; 3236 3304 } else if (optlen == sizeof(struct sctp_assoc_value)) { 3237 - if (copy_from_user(&params, optval, optlen)) 3238 - return -EFAULT; 3239 - val = params.assoc_value; 3305 + assoc_id = params->assoc_id; 3306 + val = params->assoc_value; 3240 3307 } else { 3241 3308 return -EINVAL; 3242 3309 } 3243 3310 3244 - asoc = sctp_id2assoc(sk, params.assoc_id); 3245 - if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC && 3311 + asoc = sctp_id2assoc(sk, assoc_id); 3312 + if (!asoc && assoc_id != SCTP_FUTURE_ASSOC && 3246 3313 sctp_style(sk, UDP)) 3247 3314 return -EINVAL; 3248 3315 ··· 3275 3346 * locally bound addresses. The following structure is used to make a 3276 3347 * set primary request: 3277 3348 */ 3278 - static int sctp_setsockopt_peer_primary_addr(struct sock *sk, char __user *optval, 3349 + static int sctp_setsockopt_peer_primary_addr(struct sock *sk, 3350 + struct sctp_setpeerprim *prim, 3279 3351 unsigned int optlen) 3280 3352 { 3281 3353 struct sctp_sock *sp; 3282 3354 struct sctp_association *asoc = NULL; 3283 - struct sctp_setpeerprim prim; 3284 3355 struct sctp_chunk *chunk; 3285 3356 struct sctp_af *af; 3286 3357 int err; ··· 3293 3364 if (optlen != sizeof(struct sctp_setpeerprim)) 3294 3365 return -EINVAL; 3295 3366 3296 - if (copy_from_user(&prim, optval, optlen)) 3297 - return -EFAULT; 3298 - 3299 - asoc = sctp_id2assoc(sk, prim.sspp_assoc_id); 3367 + asoc = sctp_id2assoc(sk, prim->sspp_assoc_id); 3300 3368 if (!asoc) 3301 3369 return -EINVAL; 3302 3370 ··· 3306 3380 if (!sctp_state(asoc, ESTABLISHED)) 3307 3381 return -ENOTCONN; 3308 3382 3309 - af = sctp_get_af_specific(prim.sspp_addr.ss_family); 3383 + af = sctp_get_af_specific(prim->sspp_addr.ss_family); 3310 3384 if (!af) 3311 3385 return -EINVAL; 3312 3386 3313 - if (!af->addr_valid((union sctp_addr *)&prim.sspp_addr, sp, NULL)) 3387 + if (!af->addr_valid((union sctp_addr *)&prim->sspp_addr, sp, NULL)) 3314 3388 return -EADDRNOTAVAIL; 3315 3389 3316 - if (!sctp_assoc_lookup_laddr(asoc, (union sctp_addr *)&prim.sspp_addr)) 3390 + if (!sctp_assoc_lookup_laddr(asoc, (union sctp_addr *)&prim->sspp_addr)) 3317 3391 return -EADDRNOTAVAIL; 3318 3392 3319 3393 /* Allow security module to validate address. */ 3320 3394 err = security_sctp_bind_connect(sk, SCTP_SET_PEER_PRIMARY_ADDR, 3321 - (struct sockaddr *)&prim.sspp_addr, 3395 + (struct sockaddr *)&prim->sspp_addr, 3322 3396 af->sockaddr_len); 3323 3397 if (err) 3324 3398 return err; 3325 3399 3326 3400 /* Create an ASCONF chunk with SET_PRIMARY parameter */ 3327 3401 chunk = sctp_make_asconf_set_prim(asoc, 3328 - (union sctp_addr *)&prim.sspp_addr); 3402 + (union sctp_addr *)&prim->sspp_addr); 3329 3403 if (!chunk) 3330 3404 return -ENOMEM; 3331 3405 ··· 3336 3410 return err; 3337 3411 } 3338 3412 3339 - static int sctp_setsockopt_adaptation_layer(struct sock *sk, char __user *optval, 3413 + static int sctp_setsockopt_adaptation_layer(struct sock *sk, 3414 + struct sctp_setadaptation *adapt, 3340 3415 unsigned int optlen) 3341 3416 { 3342 - struct sctp_setadaptation adaptation; 3343 - 3344 3417 if (optlen != sizeof(struct sctp_setadaptation)) 3345 3418 return -EINVAL; 3346 - if (copy_from_user(&adaptation, optval, optlen)) 3347 - return -EFAULT; 3348 3419 3349 - sctp_sk(sk)->adaptation_ind = adaptation.ssb_adaptation_ind; 3420 + sctp_sk(sk)->adaptation_ind = adapt->ssb_adaptation_ind; 3350 3421 3351 3422 return 0; 3352 3423 } ··· 3362 3439 * received messages from the peer and does not effect the value that is 3363 3440 * saved with outbound messages. 3364 3441 */ 3365 - static int sctp_setsockopt_context(struct sock *sk, char __user *optval, 3442 + static int sctp_setsockopt_context(struct sock *sk, 3443 + struct sctp_assoc_value *params, 3366 3444 unsigned int optlen) 3367 3445 { 3368 3446 struct sctp_sock *sp = sctp_sk(sk); 3369 - struct sctp_assoc_value params; 3370 3447 struct sctp_association *asoc; 3371 3448 3372 3449 if (optlen != sizeof(struct sctp_assoc_value)) 3373 3450 return -EINVAL; 3374 - if (copy_from_user(&params, optval, optlen)) 3375 - return -EFAULT; 3376 3451 3377 - asoc = sctp_id2assoc(sk, params.assoc_id); 3378 - if (!asoc && params.assoc_id > SCTP_ALL_ASSOC && 3452 + asoc = sctp_id2assoc(sk, params->assoc_id); 3453 + if (!asoc && params->assoc_id > SCTP_ALL_ASSOC && 3379 3454 sctp_style(sk, UDP)) 3380 3455 return -EINVAL; 3381 3456 3382 3457 if (asoc) { 3383 - asoc->default_rcv_context = params.assoc_value; 3458 + asoc->default_rcv_context = params->assoc_value; 3384 3459 3385 3460 return 0; 3386 3461 } 3387 3462 3388 3463 if (sctp_style(sk, TCP)) 3389 - params.assoc_id = SCTP_FUTURE_ASSOC; 3464 + params->assoc_id = SCTP_FUTURE_ASSOC; 3390 3465 3391 - if (params.assoc_id == SCTP_FUTURE_ASSOC || 3392 - params.assoc_id == SCTP_ALL_ASSOC) 3393 - sp->default_rcv_context = params.assoc_value; 3466 + if (params->assoc_id == SCTP_FUTURE_ASSOC || 3467 + params->assoc_id == SCTP_ALL_ASSOC) 3468 + sp->default_rcv_context = params->assoc_value; 3394 3469 3395 - if (params.assoc_id == SCTP_CURRENT_ASSOC || 3396 - params.assoc_id == SCTP_ALL_ASSOC) 3470 + if (params->assoc_id == SCTP_CURRENT_ASSOC || 3471 + params->assoc_id == SCTP_ALL_ASSOC) 3397 3472 list_for_each_entry(asoc, &sp->ep->asocs, asocs) 3398 - asoc->default_rcv_context = params.assoc_value; 3473 + asoc->default_rcv_context = params->assoc_value; 3399 3474 3400 3475 return 0; 3401 3476 } ··· 3422 3501 * application using the one to many model may become confused and act 3423 3502 * incorrectly. 3424 3503 */ 3425 - static int sctp_setsockopt_fragment_interleave(struct sock *sk, 3426 - char __user *optval, 3504 + static int sctp_setsockopt_fragment_interleave(struct sock *sk, int *val, 3427 3505 unsigned int optlen) 3428 3506 { 3429 - int val; 3430 - 3431 3507 if (optlen != sizeof(int)) 3432 3508 return -EINVAL; 3433 - if (get_user(val, (int __user *)optval)) 3434 - return -EFAULT; 3435 3509 3436 - sctp_sk(sk)->frag_interleave = !!val; 3510 + sctp_sk(sk)->frag_interleave = !!*val; 3437 3511 3438 3512 if (!sctp_sk(sk)->frag_interleave) 3439 3513 sctp_sk(sk)->ep->intl_enable = 0; ··· 3453 3537 * call as long as the user provided buffer is large enough to hold the 3454 3538 * message. 3455 3539 */ 3456 - static int sctp_setsockopt_partial_delivery_point(struct sock *sk, 3457 - char __user *optval, 3540 + static int sctp_setsockopt_partial_delivery_point(struct sock *sk, u32 *val, 3458 3541 unsigned int optlen) 3459 3542 { 3460 - u32 val; 3461 - 3462 3543 if (optlen != sizeof(u32)) 3463 3544 return -EINVAL; 3464 - if (get_user(val, (int __user *)optval)) 3465 - return -EFAULT; 3466 3545 3467 3546 /* Note: We double the receive buffer from what the user sets 3468 3547 * it to be, also initial rwnd is based on rcvbuf/2. 3469 3548 */ 3470 - if (val > (sk->sk_rcvbuf >> 1)) 3549 + if (*val > (sk->sk_rcvbuf >> 1)) 3471 3550 return -EINVAL; 3472 3551 3473 - sctp_sk(sk)->pd_point = val; 3552 + sctp_sk(sk)->pd_point = *val; 3474 3553 3475 3554 return 0; /* is this the right error code? */ 3476 3555 } ··· 3482 3571 * future associations inheriting the socket value. 3483 3572 */ 3484 3573 static int sctp_setsockopt_maxburst(struct sock *sk, 3485 - char __user *optval, 3574 + struct sctp_assoc_value *params, 3486 3575 unsigned int optlen) 3487 3576 { 3488 3577 struct sctp_sock *sp = sctp_sk(sk); 3489 - struct sctp_assoc_value params; 3490 3578 struct sctp_association *asoc; 3579 + sctp_assoc_t assoc_id; 3580 + u32 assoc_value; 3491 3581 3492 3582 if (optlen == sizeof(int)) { 3493 3583 pr_warn_ratelimited(DEPRECATED ··· 3496 3584 "Use of int in max_burst socket option deprecated.\n" 3497 3585 "Use struct sctp_assoc_value instead\n", 3498 3586 current->comm, task_pid_nr(current)); 3499 - if (copy_from_user(&params.assoc_value, optval, optlen)) 3500 - return -EFAULT; 3501 - params.assoc_id = SCTP_FUTURE_ASSOC; 3587 + assoc_id = SCTP_FUTURE_ASSOC; 3588 + assoc_value = *((int *)params); 3502 3589 } else if (optlen == sizeof(struct sctp_assoc_value)) { 3503 - if (copy_from_user(&params, optval, optlen)) 3504 - return -EFAULT; 3590 + assoc_id = params->assoc_id; 3591 + assoc_value = params->assoc_value; 3505 3592 } else 3506 3593 return -EINVAL; 3507 3594 3508 - asoc = sctp_id2assoc(sk, params.assoc_id); 3509 - if (!asoc && params.assoc_id > SCTP_ALL_ASSOC && 3510 - sctp_style(sk, UDP)) 3595 + asoc = sctp_id2assoc(sk, assoc_id); 3596 + if (!asoc && assoc_id > SCTP_ALL_ASSOC && sctp_style(sk, UDP)) 3511 3597 return -EINVAL; 3512 3598 3513 3599 if (asoc) { 3514 - asoc->max_burst = params.assoc_value; 3600 + asoc->max_burst = assoc_value; 3515 3601 3516 3602 return 0; 3517 3603 } 3518 3604 3519 3605 if (sctp_style(sk, TCP)) 3520 - params.assoc_id = SCTP_FUTURE_ASSOC; 3606 + assoc_id = SCTP_FUTURE_ASSOC; 3521 3607 3522 - if (params.assoc_id == SCTP_FUTURE_ASSOC || 3523 - params.assoc_id == SCTP_ALL_ASSOC) 3524 - sp->max_burst = params.assoc_value; 3608 + if (assoc_id == SCTP_FUTURE_ASSOC || assoc_id == SCTP_ALL_ASSOC) 3609 + sp->max_burst = assoc_value; 3525 3610 3526 - if (params.assoc_id == SCTP_CURRENT_ASSOC || 3527 - params.assoc_id == SCTP_ALL_ASSOC) 3611 + if (assoc_id == SCTP_CURRENT_ASSOC || assoc_id == SCTP_ALL_ASSOC) 3528 3612 list_for_each_entry(asoc, &sp->ep->asocs, asocs) 3529 - asoc->max_burst = params.assoc_value; 3613 + asoc->max_burst = assoc_value; 3530 3614 3531 3615 return 0; 3532 3616 } ··· 3535 3627 * will only effect future associations on the socket. 3536 3628 */ 3537 3629 static int sctp_setsockopt_auth_chunk(struct sock *sk, 3538 - char __user *optval, 3630 + struct sctp_authchunk *val, 3539 3631 unsigned int optlen) 3540 3632 { 3541 3633 struct sctp_endpoint *ep = sctp_sk(sk)->ep; 3542 - struct sctp_authchunk val; 3543 3634 3544 3635 if (!ep->auth_enable) 3545 3636 return -EACCES; 3546 3637 3547 3638 if (optlen != sizeof(struct sctp_authchunk)) 3548 3639 return -EINVAL; 3549 - if (copy_from_user(&val, optval, optlen)) 3550 - return -EFAULT; 3551 3640 3552 - switch (val.sauth_chunk) { 3641 + switch (val->sauth_chunk) { 3553 3642 case SCTP_CID_INIT: 3554 3643 case SCTP_CID_INIT_ACK: 3555 3644 case SCTP_CID_SHUTDOWN_COMPLETE: ··· 3555 3650 } 3556 3651 3557 3652 /* add this chunk id to the endpoint */ 3558 - return sctp_auth_ep_add_chunkid(ep, val.sauth_chunk); 3653 + return sctp_auth_ep_add_chunkid(ep, val->sauth_chunk); 3559 3654 } 3560 3655 3561 3656 /* ··· 3565 3660 * endpoint requires the peer to use. 3566 3661 */ 3567 3662 static int sctp_setsockopt_hmac_ident(struct sock *sk, 3568 - char __user *optval, 3663 + struct sctp_hmacalgo *hmacs, 3569 3664 unsigned int optlen) 3570 3665 { 3571 3666 struct sctp_endpoint *ep = sctp_sk(sk)->ep; 3572 - struct sctp_hmacalgo *hmacs; 3573 3667 u32 idents; 3574 - int err; 3575 3668 3576 3669 if (!ep->auth_enable) 3577 3670 return -EACCES; ··· 3579 3676 optlen = min_t(unsigned int, optlen, sizeof(struct sctp_hmacalgo) + 3580 3677 SCTP_AUTH_NUM_HMACS * sizeof(u16)); 3581 3678 3582 - hmacs = memdup_user(optval, optlen); 3583 - if (IS_ERR(hmacs)) 3584 - return PTR_ERR(hmacs); 3585 - 3586 3679 idents = hmacs->shmac_num_idents; 3587 3680 if (idents == 0 || idents > SCTP_AUTH_NUM_HMACS || 3588 - (idents * sizeof(u16)) > (optlen - sizeof(struct sctp_hmacalgo))) { 3589 - err = -EINVAL; 3590 - goto out; 3591 - } 3681 + (idents * sizeof(u16)) > (optlen - sizeof(struct sctp_hmacalgo))) 3682 + return -EINVAL; 3592 3683 3593 - err = sctp_auth_ep_set_hmacs(ep, hmacs); 3594 - out: 3595 - kfree(hmacs); 3596 - return err; 3684 + return sctp_auth_ep_set_hmacs(ep, hmacs); 3597 3685 } 3598 3686 3599 3687 /* ··· 3594 3700 * association shared key. 3595 3701 */ 3596 3702 static int sctp_setsockopt_auth_key(struct sock *sk, 3597 - char __user *optval, 3703 + struct sctp_authkey *authkey, 3598 3704 unsigned int optlen) 3599 3705 { 3600 3706 struct sctp_endpoint *ep = sctp_sk(sk)->ep; 3601 - struct sctp_authkey *authkey; 3602 3707 struct sctp_association *asoc; 3603 3708 int ret = -EINVAL; 3604 3709 ··· 3607 3714 * this. 3608 3715 */ 3609 3716 optlen = min_t(unsigned int, optlen, USHRT_MAX + sizeof(*authkey)); 3610 - 3611 - authkey = memdup_user(optval, optlen); 3612 - if (IS_ERR(authkey)) 3613 - return PTR_ERR(authkey); 3614 3717 3615 3718 if (authkey->sca_keylength > optlen - sizeof(*authkey)) 3616 3719 goto out; ··· 3644 3755 } 3645 3756 3646 3757 out: 3647 - kzfree(authkey); 3758 + memzero_explicit(authkey, optlen); 3648 3759 return ret; 3649 3760 } 3650 3761 ··· 3655 3766 * the association shared key. 3656 3767 */ 3657 3768 static int sctp_setsockopt_active_key(struct sock *sk, 3658 - char __user *optval, 3769 + struct sctp_authkeyid *val, 3659 3770 unsigned int optlen) 3660 3771 { 3661 3772 struct sctp_endpoint *ep = sctp_sk(sk)->ep; 3662 3773 struct sctp_association *asoc; 3663 - struct sctp_authkeyid val; 3664 3774 int ret = 0; 3665 3775 3666 3776 if (optlen != sizeof(struct sctp_authkeyid)) 3667 3777 return -EINVAL; 3668 - if (copy_from_user(&val, optval, optlen)) 3669 - return -EFAULT; 3670 3778 3671 - asoc = sctp_id2assoc(sk, val.scact_assoc_id); 3672 - if (!asoc && val.scact_assoc_id > SCTP_ALL_ASSOC && 3779 + asoc = sctp_id2assoc(sk, val->scact_assoc_id); 3780 + if (!asoc && val->scact_assoc_id > SCTP_ALL_ASSOC && 3673 3781 sctp_style(sk, UDP)) 3674 3782 return -EINVAL; 3675 3783 3676 3784 if (asoc) 3677 - return sctp_auth_set_active_key(ep, asoc, val.scact_keynumber); 3785 + return sctp_auth_set_active_key(ep, asoc, val->scact_keynumber); 3678 3786 3679 3787 if (sctp_style(sk, TCP)) 3680 - val.scact_assoc_id = SCTP_FUTURE_ASSOC; 3788 + val->scact_assoc_id = SCTP_FUTURE_ASSOC; 3681 3789 3682 - if (val.scact_assoc_id == SCTP_FUTURE_ASSOC || 3683 - val.scact_assoc_id == SCTP_ALL_ASSOC) { 3684 - ret = sctp_auth_set_active_key(ep, asoc, val.scact_keynumber); 3790 + if (val->scact_assoc_id == SCTP_FUTURE_ASSOC || 3791 + val->scact_assoc_id == SCTP_ALL_ASSOC) { 3792 + ret = sctp_auth_set_active_key(ep, asoc, val->scact_keynumber); 3685 3793 if (ret) 3686 3794 return ret; 3687 3795 } 3688 3796 3689 - if (val.scact_assoc_id == SCTP_CURRENT_ASSOC || 3690 - val.scact_assoc_id == SCTP_ALL_ASSOC) { 3797 + if (val->scact_assoc_id == SCTP_CURRENT_ASSOC || 3798 + val->scact_assoc_id == SCTP_ALL_ASSOC) { 3691 3799 list_for_each_entry(asoc, &ep->asocs, asocs) { 3692 3800 int res = sctp_auth_set_active_key(ep, asoc, 3693 - val.scact_keynumber); 3801 + val->scact_keynumber); 3694 3802 3695 3803 if (res && !ret) 3696 3804 ret = res; ··· 3703 3817 * This set option will delete a shared secret key from use. 3704 3818 */ 3705 3819 static int sctp_setsockopt_del_key(struct sock *sk, 3706 - char __user *optval, 3820 + struct sctp_authkeyid *val, 3707 3821 unsigned int optlen) 3708 3822 { 3709 3823 struct sctp_endpoint *ep = sctp_sk(sk)->ep; 3710 3824 struct sctp_association *asoc; 3711 - struct sctp_authkeyid val; 3712 3825 int ret = 0; 3713 3826 3714 3827 if (optlen != sizeof(struct sctp_authkeyid)) 3715 3828 return -EINVAL; 3716 - if (copy_from_user(&val, optval, optlen)) 3717 - return -EFAULT; 3718 3829 3719 - asoc = sctp_id2assoc(sk, val.scact_assoc_id); 3720 - if (!asoc && val.scact_assoc_id > SCTP_ALL_ASSOC && 3830 + asoc = sctp_id2assoc(sk, val->scact_assoc_id); 3831 + if (!asoc && val->scact_assoc_id > SCTP_ALL_ASSOC && 3721 3832 sctp_style(sk, UDP)) 3722 3833 return -EINVAL; 3723 3834 3724 3835 if (asoc) 3725 - return sctp_auth_del_key_id(ep, asoc, val.scact_keynumber); 3836 + return sctp_auth_del_key_id(ep, asoc, val->scact_keynumber); 3726 3837 3727 3838 if (sctp_style(sk, TCP)) 3728 - val.scact_assoc_id = SCTP_FUTURE_ASSOC; 3839 + val->scact_assoc_id = SCTP_FUTURE_ASSOC; 3729 3840 3730 - if (val.scact_assoc_id == SCTP_FUTURE_ASSOC || 3731 - val.scact_assoc_id == SCTP_ALL_ASSOC) { 3732 - ret = sctp_auth_del_key_id(ep, asoc, val.scact_keynumber); 3841 + if (val->scact_assoc_id == SCTP_FUTURE_ASSOC || 3842 + val->scact_assoc_id == SCTP_ALL_ASSOC) { 3843 + ret = sctp_auth_del_key_id(ep, asoc, val->scact_keynumber); 3733 3844 if (ret) 3734 3845 return ret; 3735 3846 } 3736 3847 3737 - if (val.scact_assoc_id == SCTP_CURRENT_ASSOC || 3738 - val.scact_assoc_id == SCTP_ALL_ASSOC) { 3848 + if (val->scact_assoc_id == SCTP_CURRENT_ASSOC || 3849 + val->scact_assoc_id == SCTP_ALL_ASSOC) { 3739 3850 list_for_each_entry(asoc, &ep->asocs, asocs) { 3740 3851 int res = sctp_auth_del_key_id(ep, asoc, 3741 - val.scact_keynumber); 3852 + val->scact_keynumber); 3742 3853 3743 3854 if (res && !ret) 3744 3855 ret = res; ··· 3750 3867 * 3751 3868 * This set option will deactivate a shared secret key. 3752 3869 */ 3753 - static int sctp_setsockopt_deactivate_key(struct sock *sk, char __user *optval, 3870 + static int sctp_setsockopt_deactivate_key(struct sock *sk, 3871 + struct sctp_authkeyid *val, 3754 3872 unsigned int optlen) 3755 3873 { 3756 3874 struct sctp_endpoint *ep = sctp_sk(sk)->ep; 3757 3875 struct sctp_association *asoc; 3758 - struct sctp_authkeyid val; 3759 3876 int ret = 0; 3760 3877 3761 3878 if (optlen != sizeof(struct sctp_authkeyid)) 3762 3879 return -EINVAL; 3763 - if (copy_from_user(&val, optval, optlen)) 3764 - return -EFAULT; 3765 3880 3766 - asoc = sctp_id2assoc(sk, val.scact_assoc_id); 3767 - if (!asoc && val.scact_assoc_id > SCTP_ALL_ASSOC && 3881 + asoc = sctp_id2assoc(sk, val->scact_assoc_id); 3882 + if (!asoc && val->scact_assoc_id > SCTP_ALL_ASSOC && 3768 3883 sctp_style(sk, UDP)) 3769 3884 return -EINVAL; 3770 3885 3771 3886 if (asoc) 3772 - return sctp_auth_deact_key_id(ep, asoc, val.scact_keynumber); 3887 + return sctp_auth_deact_key_id(ep, asoc, val->scact_keynumber); 3773 3888 3774 3889 if (sctp_style(sk, TCP)) 3775 - val.scact_assoc_id = SCTP_FUTURE_ASSOC; 3890 + val->scact_assoc_id = SCTP_FUTURE_ASSOC; 3776 3891 3777 - if (val.scact_assoc_id == SCTP_FUTURE_ASSOC || 3778 - val.scact_assoc_id == SCTP_ALL_ASSOC) { 3779 - ret = sctp_auth_deact_key_id(ep, asoc, val.scact_keynumber); 3892 + if (val->scact_assoc_id == SCTP_FUTURE_ASSOC || 3893 + val->scact_assoc_id == SCTP_ALL_ASSOC) { 3894 + ret = sctp_auth_deact_key_id(ep, asoc, val->scact_keynumber); 3780 3895 if (ret) 3781 3896 return ret; 3782 3897 } 3783 3898 3784 - if (val.scact_assoc_id == SCTP_CURRENT_ASSOC || 3785 - val.scact_assoc_id == SCTP_ALL_ASSOC) { 3899 + if (val->scact_assoc_id == SCTP_CURRENT_ASSOC || 3900 + val->scact_assoc_id == SCTP_ALL_ASSOC) { 3786 3901 list_for_each_entry(asoc, &ep->asocs, asocs) { 3787 3902 int res = sctp_auth_deact_key_id(ep, asoc, 3788 - val.scact_keynumber); 3903 + val->scact_keynumber); 3789 3904 3790 3905 if (res && !ret) 3791 3906 ret = res; ··· 3807 3926 * Note. In this implementation, socket operation overrides default parameter 3808 3927 * being set by sysctl as well as FreeBSD implementation 3809 3928 */ 3810 - static int sctp_setsockopt_auto_asconf(struct sock *sk, char __user *optval, 3929 + static int sctp_setsockopt_auto_asconf(struct sock *sk, int *val, 3811 3930 unsigned int optlen) 3812 3931 { 3813 - int val; 3814 3932 struct sctp_sock *sp = sctp_sk(sk); 3815 3933 3816 3934 if (optlen < sizeof(int)) 3817 3935 return -EINVAL; 3818 - if (get_user(val, (int __user *)optval)) 3819 - return -EFAULT; 3820 - if (!sctp_is_ep_boundall(sk) && val) 3936 + if (!sctp_is_ep_boundall(sk) && *val) 3821 3937 return -EINVAL; 3822 - if ((val && sp->do_auto_asconf) || (!val && !sp->do_auto_asconf)) 3938 + if ((*val && sp->do_auto_asconf) || (!*val && !sp->do_auto_asconf)) 3823 3939 return 0; 3824 3940 3825 3941 spin_lock_bh(&sock_net(sk)->sctp.addr_wq_lock); 3826 - if (val == 0 && sp->do_auto_asconf) { 3942 + if (*val == 0 && sp->do_auto_asconf) { 3827 3943 list_del(&sp->auto_asconf_list); 3828 3944 sp->do_auto_asconf = 0; 3829 - } else if (val && !sp->do_auto_asconf) { 3945 + } else if (*val && !sp->do_auto_asconf) { 3830 3946 list_add_tail(&sp->auto_asconf_list, 3831 3947 &sock_net(sk)->sctp.auto_asconf_splist); 3832 3948 sp->do_auto_asconf = 1; ··· 3840 3962 * http://www.ietf.org/id/draft-nishida-tsvwg-sctp-failover-05.txt 3841 3963 */ 3842 3964 static int sctp_setsockopt_paddr_thresholds(struct sock *sk, 3843 - char __user *optval, 3965 + struct sctp_paddrthlds_v2 *val, 3844 3966 unsigned int optlen, bool v2) 3845 3967 { 3846 - struct sctp_paddrthlds_v2 val; 3847 3968 struct sctp_transport *trans; 3848 3969 struct sctp_association *asoc; 3849 3970 int len; 3850 3971 3851 - len = v2 ? sizeof(val) : sizeof(struct sctp_paddrthlds); 3972 + len = v2 ? sizeof(*val) : sizeof(struct sctp_paddrthlds); 3852 3973 if (optlen < len) 3853 3974 return -EINVAL; 3854 - if (copy_from_user(&val, optval, len)) 3855 - return -EFAULT; 3856 3975 3857 - if (v2 && val.spt_pathpfthld > val.spt_pathcpthld) 3976 + if (v2 && val->spt_pathpfthld > val->spt_pathcpthld) 3858 3977 return -EINVAL; 3859 3978 3860 - if (!sctp_is_any(sk, (const union sctp_addr *)&val.spt_address)) { 3861 - trans = sctp_addr_id2transport(sk, &val.spt_address, 3862 - val.spt_assoc_id); 3979 + if (!sctp_is_any(sk, (const union sctp_addr *)&val->spt_address)) { 3980 + trans = sctp_addr_id2transport(sk, &val->spt_address, 3981 + val->spt_assoc_id); 3863 3982 if (!trans) 3864 3983 return -ENOENT; 3865 3984 3866 - if (val.spt_pathmaxrxt) 3867 - trans->pathmaxrxt = val.spt_pathmaxrxt; 3985 + if (val->spt_pathmaxrxt) 3986 + trans->pathmaxrxt = val->spt_pathmaxrxt; 3868 3987 if (v2) 3869 - trans->ps_retrans = val.spt_pathcpthld; 3870 - trans->pf_retrans = val.spt_pathpfthld; 3988 + trans->ps_retrans = val->spt_pathcpthld; 3989 + trans->pf_retrans = val->spt_pathpfthld; 3871 3990 3872 3991 return 0; 3873 3992 } 3874 3993 3875 - asoc = sctp_id2assoc(sk, val.spt_assoc_id); 3876 - if (!asoc && val.spt_assoc_id != SCTP_FUTURE_ASSOC && 3994 + asoc = sctp_id2assoc(sk, val->spt_assoc_id); 3995 + if (!asoc && val->spt_assoc_id != SCTP_FUTURE_ASSOC && 3877 3996 sctp_style(sk, UDP)) 3878 3997 return -EINVAL; 3879 3998 3880 3999 if (asoc) { 3881 4000 list_for_each_entry(trans, &asoc->peer.transport_addr_list, 3882 4001 transports) { 3883 - if (val.spt_pathmaxrxt) 3884 - trans->pathmaxrxt = val.spt_pathmaxrxt; 4002 + if (val->spt_pathmaxrxt) 4003 + trans->pathmaxrxt = val->spt_pathmaxrxt; 3885 4004 if (v2) 3886 - trans->ps_retrans = val.spt_pathcpthld; 3887 - trans->pf_retrans = val.spt_pathpfthld; 4005 + trans->ps_retrans = val->spt_pathcpthld; 4006 + trans->pf_retrans = val->spt_pathpfthld; 3888 4007 } 3889 4008 3890 - if (val.spt_pathmaxrxt) 3891 - asoc->pathmaxrxt = val.spt_pathmaxrxt; 4009 + if (val->spt_pathmaxrxt) 4010 + asoc->pathmaxrxt = val->spt_pathmaxrxt; 3892 4011 if (v2) 3893 - asoc->ps_retrans = val.spt_pathcpthld; 3894 - asoc->pf_retrans = val.spt_pathpfthld; 4012 + asoc->ps_retrans = val->spt_pathcpthld; 4013 + asoc->pf_retrans = val->spt_pathpfthld; 3895 4014 } else { 3896 4015 struct sctp_sock *sp = sctp_sk(sk); 3897 4016 3898 - if (val.spt_pathmaxrxt) 3899 - sp->pathmaxrxt = val.spt_pathmaxrxt; 4017 + if (val->spt_pathmaxrxt) 4018 + sp->pathmaxrxt = val->spt_pathmaxrxt; 3900 4019 if (v2) 3901 - sp->ps_retrans = val.spt_pathcpthld; 3902 - sp->pf_retrans = val.spt_pathpfthld; 4020 + sp->ps_retrans = val->spt_pathcpthld; 4021 + sp->pf_retrans = val->spt_pathpfthld; 3903 4022 } 3904 4023 3905 4024 return 0; 3906 4025 } 3907 4026 3908 - static int sctp_setsockopt_recvrcvinfo(struct sock *sk, 3909 - char __user *optval, 4027 + static int sctp_setsockopt_recvrcvinfo(struct sock *sk, int *val, 3910 4028 unsigned int optlen) 3911 4029 { 3912 - int val; 3913 - 3914 4030 if (optlen < sizeof(int)) 3915 4031 return -EINVAL; 3916 - if (get_user(val, (int __user *) optval)) 3917 - return -EFAULT; 3918 4032 3919 - sctp_sk(sk)->recvrcvinfo = (val == 0) ? 0 : 1; 4033 + sctp_sk(sk)->recvrcvinfo = (*val == 0) ? 0 : 1; 3920 4034 3921 4035 return 0; 3922 4036 } 3923 4037 3924 - static int sctp_setsockopt_recvnxtinfo(struct sock *sk, 3925 - char __user *optval, 4038 + static int sctp_setsockopt_recvnxtinfo(struct sock *sk, int *val, 3926 4039 unsigned int optlen) 3927 4040 { 3928 - int val; 3929 - 3930 4041 if (optlen < sizeof(int)) 3931 4042 return -EINVAL; 3932 - if (get_user(val, (int __user *) optval)) 3933 - return -EFAULT; 3934 4043 3935 - sctp_sk(sk)->recvnxtinfo = (val == 0) ? 0 : 1; 4044 + sctp_sk(sk)->recvnxtinfo = (*val == 0) ? 0 : 1; 3936 4045 3937 4046 return 0; 3938 4047 } 3939 4048 3940 4049 static int sctp_setsockopt_pr_supported(struct sock *sk, 3941 - char __user *optval, 4050 + struct sctp_assoc_value *params, 3942 4051 unsigned int optlen) 3943 4052 { 3944 - struct sctp_assoc_value params; 3945 4053 struct sctp_association *asoc; 3946 4054 3947 - if (optlen != sizeof(params)) 4055 + if (optlen != sizeof(*params)) 3948 4056 return -EINVAL; 3949 4057 3950 - if (copy_from_user(&params, optval, optlen)) 3951 - return -EFAULT; 3952 - 3953 - asoc = sctp_id2assoc(sk, params.assoc_id); 3954 - if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC && 4058 + asoc = sctp_id2assoc(sk, params->assoc_id); 4059 + if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC && 3955 4060 sctp_style(sk, UDP)) 3956 4061 return -EINVAL; 3957 4062 3958 - sctp_sk(sk)->ep->prsctp_enable = !!params.assoc_value; 4063 + sctp_sk(sk)->ep->prsctp_enable = !!params->assoc_value; 3959 4064 3960 4065 return 0; 3961 4066 } 3962 4067 3963 4068 static int sctp_setsockopt_default_prinfo(struct sock *sk, 3964 - char __user *optval, 4069 + struct sctp_default_prinfo *info, 3965 4070 unsigned int optlen) 3966 4071 { 3967 4072 struct sctp_sock *sp = sctp_sk(sk); 3968 - struct sctp_default_prinfo info; 3969 4073 struct sctp_association *asoc; 3970 4074 int retval = -EINVAL; 3971 4075 3972 - if (optlen != sizeof(info)) 4076 + if (optlen != sizeof(*info)) 3973 4077 goto out; 3974 4078 3975 - if (copy_from_user(&info, optval, sizeof(info))) { 3976 - retval = -EFAULT; 3977 - goto out; 3978 - } 3979 - 3980 - if (info.pr_policy & ~SCTP_PR_SCTP_MASK) 4079 + if (info->pr_policy & ~SCTP_PR_SCTP_MASK) 3981 4080 goto out; 3982 4081 3983 - if (info.pr_policy == SCTP_PR_SCTP_NONE) 3984 - info.pr_value = 0; 4082 + if (info->pr_policy == SCTP_PR_SCTP_NONE) 4083 + info->pr_value = 0; 3985 4084 3986 - asoc = sctp_id2assoc(sk, info.pr_assoc_id); 3987 - if (!asoc && info.pr_assoc_id > SCTP_ALL_ASSOC && 4085 + asoc = sctp_id2assoc(sk, info->pr_assoc_id); 4086 + if (!asoc && info->pr_assoc_id > SCTP_ALL_ASSOC && 3988 4087 sctp_style(sk, UDP)) 3989 4088 goto out; 3990 4089 3991 4090 retval = 0; 3992 4091 3993 4092 if (asoc) { 3994 - SCTP_PR_SET_POLICY(asoc->default_flags, info.pr_policy); 3995 - asoc->default_timetolive = info.pr_value; 4093 + SCTP_PR_SET_POLICY(asoc->default_flags, info->pr_policy); 4094 + asoc->default_timetolive = info->pr_value; 3996 4095 goto out; 3997 4096 } 3998 4097 3999 4098 if (sctp_style(sk, TCP)) 4000 - info.pr_assoc_id = SCTP_FUTURE_ASSOC; 4099 + info->pr_assoc_id = SCTP_FUTURE_ASSOC; 4001 4100 4002 - if (info.pr_assoc_id == SCTP_FUTURE_ASSOC || 4003 - info.pr_assoc_id == SCTP_ALL_ASSOC) { 4004 - SCTP_PR_SET_POLICY(sp->default_flags, info.pr_policy); 4005 - sp->default_timetolive = info.pr_value; 4101 + if (info->pr_assoc_id == SCTP_FUTURE_ASSOC || 4102 + info->pr_assoc_id == SCTP_ALL_ASSOC) { 4103 + SCTP_PR_SET_POLICY(sp->default_flags, info->pr_policy); 4104 + sp->default_timetolive = info->pr_value; 4006 4105 } 4007 4106 4008 - if (info.pr_assoc_id == SCTP_CURRENT_ASSOC || 4009 - info.pr_assoc_id == SCTP_ALL_ASSOC) { 4107 + if (info->pr_assoc_id == SCTP_CURRENT_ASSOC || 4108 + info->pr_assoc_id == SCTP_ALL_ASSOC) { 4010 4109 list_for_each_entry(asoc, &sp->ep->asocs, asocs) { 4011 - SCTP_PR_SET_POLICY(asoc->default_flags, info.pr_policy); 4012 - asoc->default_timetolive = info.pr_value; 4110 + SCTP_PR_SET_POLICY(asoc->default_flags, 4111 + info->pr_policy); 4112 + asoc->default_timetolive = info->pr_value; 4013 4113 } 4014 4114 } 4015 4115 ··· 3996 4140 } 3997 4141 3998 4142 static int sctp_setsockopt_reconfig_supported(struct sock *sk, 3999 - char __user *optval, 4143 + struct sctp_assoc_value *params, 4000 4144 unsigned int optlen) 4001 4145 { 4002 - struct sctp_assoc_value params; 4003 4146 struct sctp_association *asoc; 4004 4147 int retval = -EINVAL; 4005 4148 4006 - if (optlen != sizeof(params)) 4149 + if (optlen != sizeof(*params)) 4007 4150 goto out; 4008 4151 4009 - if (copy_from_user(&params, optval, optlen)) { 4010 - retval = -EFAULT; 4011 - goto out; 4012 - } 4013 - 4014 - asoc = sctp_id2assoc(sk, params.assoc_id); 4015 - if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC && 4152 + asoc = sctp_id2assoc(sk, params->assoc_id); 4153 + if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC && 4016 4154 sctp_style(sk, UDP)) 4017 4155 goto out; 4018 4156 4019 - sctp_sk(sk)->ep->reconf_enable = !!params.assoc_value; 4157 + sctp_sk(sk)->ep->reconf_enable = !!params->assoc_value; 4020 4158 4021 4159 retval = 0; 4022 4160 ··· 4019 4169 } 4020 4170 4021 4171 static int sctp_setsockopt_enable_strreset(struct sock *sk, 4022 - char __user *optval, 4172 + struct sctp_assoc_value *params, 4023 4173 unsigned int optlen) 4024 4174 { 4025 4175 struct sctp_endpoint *ep = sctp_sk(sk)->ep; 4026 - struct sctp_assoc_value params; 4027 4176 struct sctp_association *asoc; 4028 4177 int retval = -EINVAL; 4029 4178 4030 - if (optlen != sizeof(params)) 4179 + if (optlen != sizeof(*params)) 4031 4180 goto out; 4032 4181 4033 - if (copy_from_user(&params, optval, optlen)) { 4034 - retval = -EFAULT; 4035 - goto out; 4036 - } 4037 - 4038 - if (params.assoc_value & (~SCTP_ENABLE_STRRESET_MASK)) 4182 + if (params->assoc_value & (~SCTP_ENABLE_STRRESET_MASK)) 4039 4183 goto out; 4040 4184 4041 - asoc = sctp_id2assoc(sk, params.assoc_id); 4042 - if (!asoc && params.assoc_id > SCTP_ALL_ASSOC && 4185 + asoc = sctp_id2assoc(sk, params->assoc_id); 4186 + if (!asoc && params->assoc_id > SCTP_ALL_ASSOC && 4043 4187 sctp_style(sk, UDP)) 4044 4188 goto out; 4045 4189 4046 4190 retval = 0; 4047 4191 4048 4192 if (asoc) { 4049 - asoc->strreset_enable = params.assoc_value; 4193 + asoc->strreset_enable = params->assoc_value; 4050 4194 goto out; 4051 4195 } 4052 4196 4053 4197 if (sctp_style(sk, TCP)) 4054 - params.assoc_id = SCTP_FUTURE_ASSOC; 4198 + params->assoc_id = SCTP_FUTURE_ASSOC; 4055 4199 4056 - if (params.assoc_id == SCTP_FUTURE_ASSOC || 4057 - params.assoc_id == SCTP_ALL_ASSOC) 4058 - ep->strreset_enable = params.assoc_value; 4200 + if (params->assoc_id == SCTP_FUTURE_ASSOC || 4201 + params->assoc_id == SCTP_ALL_ASSOC) 4202 + ep->strreset_enable = params->assoc_value; 4059 4203 4060 - if (params.assoc_id == SCTP_CURRENT_ASSOC || 4061 - params.assoc_id == SCTP_ALL_ASSOC) 4204 + if (params->assoc_id == SCTP_CURRENT_ASSOC || 4205 + params->assoc_id == SCTP_ALL_ASSOC) 4062 4206 list_for_each_entry(asoc, &ep->asocs, asocs) 4063 - asoc->strreset_enable = params.assoc_value; 4207 + asoc->strreset_enable = params->assoc_value; 4064 4208 4065 4209 out: 4066 4210 return retval; 4067 4211 } 4068 4212 4069 4213 static int sctp_setsockopt_reset_streams(struct sock *sk, 4070 - char __user *optval, 4214 + struct sctp_reset_streams *params, 4071 4215 unsigned int optlen) 4072 4216 { 4073 - struct sctp_reset_streams *params; 4074 4217 struct sctp_association *asoc; 4075 - int retval = -EINVAL; 4076 4218 4077 4219 if (optlen < sizeof(*params)) 4078 4220 return -EINVAL; ··· 4072 4230 optlen = min_t(unsigned int, optlen, USHRT_MAX + 4073 4231 sizeof(__u16) * sizeof(*params)); 4074 4232 4075 - params = memdup_user(optval, optlen); 4076 - if (IS_ERR(params)) 4077 - return PTR_ERR(params); 4078 - 4079 4233 if (params->srs_number_streams * sizeof(__u16) > 4080 4234 optlen - sizeof(*params)) 4081 - goto out; 4235 + return -EINVAL; 4082 4236 4083 4237 asoc = sctp_id2assoc(sk, params->srs_assoc_id); 4084 4238 if (!asoc) 4085 - goto out; 4239 + return -EINVAL; 4086 4240 4087 - retval = sctp_send_reset_streams(asoc, params); 4088 - 4089 - out: 4090 - kfree(params); 4091 - return retval; 4241 + return sctp_send_reset_streams(asoc, params); 4092 4242 } 4093 4243 4094 - static int sctp_setsockopt_reset_assoc(struct sock *sk, 4095 - char __user *optval, 4244 + static int sctp_setsockopt_reset_assoc(struct sock *sk, sctp_assoc_t *associd, 4096 4245 unsigned int optlen) 4097 4246 { 4098 4247 struct sctp_association *asoc; 4099 - sctp_assoc_t associd; 4100 - int retval = -EINVAL; 4101 4248 4102 - if (optlen != sizeof(associd)) 4103 - goto out; 4249 + if (optlen != sizeof(*associd)) 4250 + return -EINVAL; 4104 4251 4105 - if (copy_from_user(&associd, optval, optlen)) { 4106 - retval = -EFAULT; 4107 - goto out; 4108 - } 4109 - 4110 - asoc = sctp_id2assoc(sk, associd); 4252 + asoc = sctp_id2assoc(sk, *associd); 4111 4253 if (!asoc) 4112 - goto out; 4254 + return -EINVAL; 4113 4255 4114 - retval = sctp_send_reset_assoc(asoc); 4115 - 4116 - out: 4117 - return retval; 4256 + return sctp_send_reset_assoc(asoc); 4118 4257 } 4119 4258 4120 4259 static int sctp_setsockopt_add_streams(struct sock *sk, 4121 - char __user *optval, 4260 + struct sctp_add_streams *params, 4122 4261 unsigned int optlen) 4123 4262 { 4124 4263 struct sctp_association *asoc; 4125 - struct sctp_add_streams params; 4126 - int retval = -EINVAL; 4127 4264 4128 - if (optlen != sizeof(params)) 4129 - goto out; 4265 + if (optlen != sizeof(*params)) 4266 + return -EINVAL; 4130 4267 4131 - if (copy_from_user(&params, optval, optlen)) { 4132 - retval = -EFAULT; 4133 - goto out; 4134 - } 4135 - 4136 - asoc = sctp_id2assoc(sk, params.sas_assoc_id); 4268 + asoc = sctp_id2assoc(sk, params->sas_assoc_id); 4137 4269 if (!asoc) 4138 - goto out; 4270 + return -EINVAL; 4139 4271 4140 - retval = sctp_send_add_streams(asoc, &params); 4141 - 4142 - out: 4143 - return retval; 4272 + return sctp_send_add_streams(asoc, params); 4144 4273 } 4145 4274 4146 4275 static int sctp_setsockopt_scheduler(struct sock *sk, 4147 - char __user *optval, 4276 + struct sctp_assoc_value *params, 4148 4277 unsigned int optlen) 4149 4278 { 4150 4279 struct sctp_sock *sp = sctp_sk(sk); 4151 4280 struct sctp_association *asoc; 4152 - struct sctp_assoc_value params; 4153 4281 int retval = 0; 4154 4282 4155 - if (optlen < sizeof(params)) 4283 + if (optlen < sizeof(*params)) 4156 4284 return -EINVAL; 4157 4285 4158 - optlen = sizeof(params); 4159 - if (copy_from_user(&params, optval, optlen)) 4160 - return -EFAULT; 4161 - 4162 - if (params.assoc_value > SCTP_SS_MAX) 4286 + if (params->assoc_value > SCTP_SS_MAX) 4163 4287 return -EINVAL; 4164 4288 4165 - asoc = sctp_id2assoc(sk, params.assoc_id); 4166 - if (!asoc && params.assoc_id > SCTP_ALL_ASSOC && 4289 + asoc = sctp_id2assoc(sk, params->assoc_id); 4290 + if (!asoc && params->assoc_id > SCTP_ALL_ASSOC && 4167 4291 sctp_style(sk, UDP)) 4168 4292 return -EINVAL; 4169 4293 4170 4294 if (asoc) 4171 - return sctp_sched_set_sched(asoc, params.assoc_value); 4295 + return sctp_sched_set_sched(asoc, params->assoc_value); 4172 4296 4173 4297 if (sctp_style(sk, TCP)) 4174 - params.assoc_id = SCTP_FUTURE_ASSOC; 4298 + params->assoc_id = SCTP_FUTURE_ASSOC; 4175 4299 4176 - if (params.assoc_id == SCTP_FUTURE_ASSOC || 4177 - params.assoc_id == SCTP_ALL_ASSOC) 4178 - sp->default_ss = params.assoc_value; 4300 + if (params->assoc_id == SCTP_FUTURE_ASSOC || 4301 + params->assoc_id == SCTP_ALL_ASSOC) 4302 + sp->default_ss = params->assoc_value; 4179 4303 4180 - if (params.assoc_id == SCTP_CURRENT_ASSOC || 4181 - params.assoc_id == SCTP_ALL_ASSOC) { 4304 + if (params->assoc_id == SCTP_CURRENT_ASSOC || 4305 + params->assoc_id == SCTP_ALL_ASSOC) { 4182 4306 list_for_each_entry(asoc, &sp->ep->asocs, asocs) { 4183 4307 int ret = sctp_sched_set_sched(asoc, 4184 - params.assoc_value); 4308 + params->assoc_value); 4185 4309 4186 4310 if (ret && !retval) 4187 4311 retval = ret; ··· 4158 4350 } 4159 4351 4160 4352 static int sctp_setsockopt_scheduler_value(struct sock *sk, 4161 - char __user *optval, 4353 + struct sctp_stream_value *params, 4162 4354 unsigned int optlen) 4163 4355 { 4164 - struct sctp_stream_value params; 4165 4356 struct sctp_association *asoc; 4166 4357 int retval = -EINVAL; 4167 4358 4168 - if (optlen < sizeof(params)) 4359 + if (optlen < sizeof(*params)) 4169 4360 goto out; 4170 4361 4171 - optlen = sizeof(params); 4172 - if (copy_from_user(&params, optval, optlen)) { 4173 - retval = -EFAULT; 4174 - goto out; 4175 - } 4176 - 4177 - asoc = sctp_id2assoc(sk, params.assoc_id); 4178 - if (!asoc && params.assoc_id != SCTP_CURRENT_ASSOC && 4362 + asoc = sctp_id2assoc(sk, params->assoc_id); 4363 + if (!asoc && params->assoc_id != SCTP_CURRENT_ASSOC && 4179 4364 sctp_style(sk, UDP)) 4180 4365 goto out; 4181 4366 4182 4367 if (asoc) { 4183 - retval = sctp_sched_set_value(asoc, params.stream_id, 4184 - params.stream_value, GFP_KERNEL); 4368 + retval = sctp_sched_set_value(asoc, params->stream_id, 4369 + params->stream_value, GFP_KERNEL); 4185 4370 goto out; 4186 4371 } 4187 4372 4188 4373 retval = 0; 4189 4374 4190 4375 list_for_each_entry(asoc, &sctp_sk(sk)->ep->asocs, asocs) { 4191 - int ret = sctp_sched_set_value(asoc, params.stream_id, 4192 - params.stream_value, GFP_KERNEL); 4376 + int ret = sctp_sched_set_value(asoc, params->stream_id, 4377 + params->stream_value, 4378 + GFP_KERNEL); 4193 4379 if (ret && !retval) /* try to return the 1st error. */ 4194 4380 retval = ret; 4195 4381 } ··· 4193 4391 } 4194 4392 4195 4393 static int sctp_setsockopt_interleaving_supported(struct sock *sk, 4196 - char __user *optval, 4394 + struct sctp_assoc_value *p, 4197 4395 unsigned int optlen) 4198 4396 { 4199 4397 struct sctp_sock *sp = sctp_sk(sk); 4200 - struct sctp_assoc_value params; 4201 4398 struct sctp_association *asoc; 4202 - int retval = -EINVAL; 4203 4399 4204 - if (optlen < sizeof(params)) 4205 - goto out; 4400 + if (optlen < sizeof(*p)) 4401 + return -EINVAL; 4206 4402 4207 - optlen = sizeof(params); 4208 - if (copy_from_user(&params, optval, optlen)) { 4209 - retval = -EFAULT; 4210 - goto out; 4211 - } 4212 - 4213 - asoc = sctp_id2assoc(sk, params.assoc_id); 4214 - if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC && 4215 - sctp_style(sk, UDP)) 4216 - goto out; 4403 + asoc = sctp_id2assoc(sk, p->assoc_id); 4404 + if (!asoc && p->assoc_id != SCTP_FUTURE_ASSOC && sctp_style(sk, UDP)) 4405 + return -EINVAL; 4217 4406 4218 4407 if (!sock_net(sk)->sctp.intl_enable || !sp->frag_interleave) { 4219 - retval = -EPERM; 4220 - goto out; 4408 + return -EPERM; 4221 4409 } 4222 4410 4223 - sp->ep->intl_enable = !!params.assoc_value; 4224 - 4225 - retval = 0; 4226 - 4227 - out: 4228 - return retval; 4411 + sp->ep->intl_enable = !!p->assoc_value; 4412 + return 0; 4229 4413 } 4230 4414 4231 - static int sctp_setsockopt_reuse_port(struct sock *sk, char __user *optval, 4415 + static int sctp_setsockopt_reuse_port(struct sock *sk, int *val, 4232 4416 unsigned int optlen) 4233 4417 { 4234 - int val; 4235 - 4236 4418 if (!sctp_style(sk, TCP)) 4237 4419 return -EOPNOTSUPP; 4238 4420 ··· 4226 4440 if (optlen < sizeof(int)) 4227 4441 return -EINVAL; 4228 4442 4229 - if (get_user(val, (int __user *)optval)) 4230 - return -EFAULT; 4231 - 4232 - sctp_sk(sk)->reuse = !!val; 4443 + sctp_sk(sk)->reuse = !!*val; 4233 4444 4234 4445 return 0; 4235 4446 } ··· 4252 4469 return 0; 4253 4470 } 4254 4471 4255 - static int sctp_setsockopt_event(struct sock *sk, char __user *optval, 4472 + static int sctp_setsockopt_event(struct sock *sk, struct sctp_event *param, 4256 4473 unsigned int optlen) 4257 4474 { 4258 4475 struct sctp_sock *sp = sctp_sk(sk); 4259 4476 struct sctp_association *asoc; 4260 - struct sctp_event param; 4261 4477 int retval = 0; 4262 4478 4263 - if (optlen < sizeof(param)) 4479 + if (optlen < sizeof(*param)) 4264 4480 return -EINVAL; 4265 4481 4266 - optlen = sizeof(param); 4267 - if (copy_from_user(&param, optval, optlen)) 4268 - return -EFAULT; 4269 - 4270 - if (param.se_type < SCTP_SN_TYPE_BASE || 4271 - param.se_type > SCTP_SN_TYPE_MAX) 4482 + if (param->se_type < SCTP_SN_TYPE_BASE || 4483 + param->se_type > SCTP_SN_TYPE_MAX) 4272 4484 return -EINVAL; 4273 4485 4274 - asoc = sctp_id2assoc(sk, param.se_assoc_id); 4275 - if (!asoc && param.se_assoc_id > SCTP_ALL_ASSOC && 4486 + asoc = sctp_id2assoc(sk, param->se_assoc_id); 4487 + if (!asoc && param->se_assoc_id > SCTP_ALL_ASSOC && 4276 4488 sctp_style(sk, UDP)) 4277 4489 return -EINVAL; 4278 4490 4279 4491 if (asoc) 4280 - return sctp_assoc_ulpevent_type_set(&param, asoc); 4492 + return sctp_assoc_ulpevent_type_set(param, asoc); 4281 4493 4282 4494 if (sctp_style(sk, TCP)) 4283 - param.se_assoc_id = SCTP_FUTURE_ASSOC; 4495 + param->se_assoc_id = SCTP_FUTURE_ASSOC; 4284 4496 4285 - if (param.se_assoc_id == SCTP_FUTURE_ASSOC || 4286 - param.se_assoc_id == SCTP_ALL_ASSOC) 4497 + if (param->se_assoc_id == SCTP_FUTURE_ASSOC || 4498 + param->se_assoc_id == SCTP_ALL_ASSOC) 4287 4499 sctp_ulpevent_type_set(&sp->subscribe, 4288 - param.se_type, param.se_on); 4500 + param->se_type, param->se_on); 4289 4501 4290 - if (param.se_assoc_id == SCTP_CURRENT_ASSOC || 4291 - param.se_assoc_id == SCTP_ALL_ASSOC) { 4502 + if (param->se_assoc_id == SCTP_CURRENT_ASSOC || 4503 + param->se_assoc_id == SCTP_ALL_ASSOC) { 4292 4504 list_for_each_entry(asoc, &sp->ep->asocs, asocs) { 4293 - int ret = sctp_assoc_ulpevent_type_set(&param, asoc); 4505 + int ret = sctp_assoc_ulpevent_type_set(param, asoc); 4294 4506 4295 4507 if (ret && !retval) 4296 4508 retval = ret; ··· 4296 4518 } 4297 4519 4298 4520 static int sctp_setsockopt_asconf_supported(struct sock *sk, 4299 - char __user *optval, 4521 + struct sctp_assoc_value *params, 4300 4522 unsigned int optlen) 4301 4523 { 4302 - struct sctp_assoc_value params; 4303 4524 struct sctp_association *asoc; 4304 4525 struct sctp_endpoint *ep; 4305 4526 int retval = -EINVAL; 4306 4527 4307 - if (optlen != sizeof(params)) 4528 + if (optlen != sizeof(*params)) 4308 4529 goto out; 4309 4530 4310 - if (copy_from_user(&params, optval, optlen)) { 4311 - retval = -EFAULT; 4312 - goto out; 4313 - } 4314 - 4315 - asoc = sctp_id2assoc(sk, params.assoc_id); 4316 - if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC && 4531 + asoc = sctp_id2assoc(sk, params->assoc_id); 4532 + if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC && 4317 4533 sctp_style(sk, UDP)) 4318 4534 goto out; 4319 4535 4320 4536 ep = sctp_sk(sk)->ep; 4321 - ep->asconf_enable = !!params.assoc_value; 4537 + ep->asconf_enable = !!params->assoc_value; 4322 4538 4323 4539 if (ep->asconf_enable && ep->auth_enable) { 4324 4540 sctp_auth_ep_add_chunkid(ep, SCTP_CID_ASCONF); ··· 4326 4554 } 4327 4555 4328 4556 static int sctp_setsockopt_auth_supported(struct sock *sk, 4329 - char __user *optval, 4557 + struct sctp_assoc_value *params, 4330 4558 unsigned int optlen) 4331 4559 { 4332 - struct sctp_assoc_value params; 4333 4560 struct sctp_association *asoc; 4334 4561 struct sctp_endpoint *ep; 4335 4562 int retval = -EINVAL; 4336 4563 4337 - if (optlen != sizeof(params)) 4564 + if (optlen != sizeof(*params)) 4338 4565 goto out; 4339 4566 4340 - if (copy_from_user(&params, optval, optlen)) { 4341 - retval = -EFAULT; 4342 - goto out; 4343 - } 4344 - 4345 - asoc = sctp_id2assoc(sk, params.assoc_id); 4346 - if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC && 4567 + asoc = sctp_id2assoc(sk, params->assoc_id); 4568 + if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC && 4347 4569 sctp_style(sk, UDP)) 4348 4570 goto out; 4349 4571 4350 4572 ep = sctp_sk(sk)->ep; 4351 - if (params.assoc_value) { 4573 + if (params->assoc_value) { 4352 4574 retval = sctp_auth_init(ep, GFP_KERNEL); 4353 4575 if (retval) 4354 4576 goto out; ··· 4352 4586 } 4353 4587 } 4354 4588 4355 - ep->auth_enable = !!params.assoc_value; 4589 + ep->auth_enable = !!params->assoc_value; 4356 4590 retval = 0; 4357 4591 4358 4592 out: ··· 4360 4594 } 4361 4595 4362 4596 static int sctp_setsockopt_ecn_supported(struct sock *sk, 4363 - char __user *optval, 4597 + struct sctp_assoc_value *params, 4364 4598 unsigned int optlen) 4365 4599 { 4366 - struct sctp_assoc_value params; 4367 4600 struct sctp_association *asoc; 4368 4601 int retval = -EINVAL; 4369 4602 4370 - if (optlen != sizeof(params)) 4603 + if (optlen != sizeof(*params)) 4371 4604 goto out; 4372 4605 4373 - if (copy_from_user(&params, optval, optlen)) { 4374 - retval = -EFAULT; 4375 - goto out; 4376 - } 4377 - 4378 - asoc = sctp_id2assoc(sk, params.assoc_id); 4379 - if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC && 4606 + asoc = sctp_id2assoc(sk, params->assoc_id); 4607 + if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC && 4380 4608 sctp_style(sk, UDP)) 4381 4609 goto out; 4382 4610 4383 - sctp_sk(sk)->ep->ecn_enable = !!params.assoc_value; 4611 + sctp_sk(sk)->ep->ecn_enable = !!params->assoc_value; 4384 4612 retval = 0; 4385 4613 4386 4614 out: ··· 4382 4622 } 4383 4623 4384 4624 static int sctp_setsockopt_pf_expose(struct sock *sk, 4385 - char __user *optval, 4625 + struct sctp_assoc_value *params, 4386 4626 unsigned int optlen) 4387 4627 { 4388 - struct sctp_assoc_value params; 4389 4628 struct sctp_association *asoc; 4390 4629 int retval = -EINVAL; 4391 4630 4392 - if (optlen != sizeof(params)) 4631 + if (optlen != sizeof(*params)) 4393 4632 goto out; 4394 4633 4395 - if (copy_from_user(&params, optval, optlen)) { 4396 - retval = -EFAULT; 4397 - goto out; 4398 - } 4399 - 4400 - if (params.assoc_value > SCTP_PF_EXPOSE_MAX) 4634 + if (params->assoc_value > SCTP_PF_EXPOSE_MAX) 4401 4635 goto out; 4402 4636 4403 - asoc = sctp_id2assoc(sk, params.assoc_id); 4404 - if (!asoc && params.assoc_id != SCTP_FUTURE_ASSOC && 4637 + asoc = sctp_id2assoc(sk, params->assoc_id); 4638 + if (!asoc && params->assoc_id != SCTP_FUTURE_ASSOC && 4405 4639 sctp_style(sk, UDP)) 4406 4640 goto out; 4407 4641 4408 4642 if (asoc) 4409 - asoc->pf_expose = params.assoc_value; 4643 + asoc->pf_expose = params->assoc_value; 4410 4644 else 4411 - sctp_sk(sk)->pf_expose = params.assoc_value; 4645 + sctp_sk(sk)->pf_expose = params->assoc_value; 4412 4646 retval = 0; 4413 4647 4414 4648 out: ··· 4431 4677 static int sctp_setsockopt(struct sock *sk, int level, int optname, 4432 4678 char __user *optval, unsigned int optlen) 4433 4679 { 4680 + void *kopt = NULL; 4434 4681 int retval = 0; 4435 4682 4436 4683 pr_debug("%s: sk:%p, optname:%d\n", __func__, sk, optname); ··· 4444 4689 */ 4445 4690 if (level != SOL_SCTP) { 4446 4691 struct sctp_af *af = sctp_sk(sk)->pf->af; 4447 - retval = af->setsockopt(sk, level, optname, optval, optlen); 4448 - goto out_nounlock; 4692 + 4693 + return af->setsockopt(sk, level, optname, optval, optlen); 4694 + } 4695 + 4696 + if (optlen > 0) { 4697 + kopt = memdup_user(optval, optlen); 4698 + if (IS_ERR(kopt)) 4699 + return PTR_ERR(kopt); 4449 4700 } 4450 4701 4451 4702 lock_sock(sk); ··· 4459 4698 switch (optname) { 4460 4699 case SCTP_SOCKOPT_BINDX_ADD: 4461 4700 /* 'optlen' is the size of the addresses buffer. */ 4462 - retval = sctp_setsockopt_bindx(sk, (struct sockaddr __user *)optval, 4463 - optlen, SCTP_BINDX_ADD_ADDR); 4701 + retval = sctp_setsockopt_bindx(sk, kopt, optlen, 4702 + SCTP_BINDX_ADD_ADDR); 4464 4703 break; 4465 4704 4466 4705 case SCTP_SOCKOPT_BINDX_REM: 4467 4706 /* 'optlen' is the size of the addresses buffer. */ 4468 - retval = sctp_setsockopt_bindx(sk, (struct sockaddr __user *)optval, 4469 - optlen, SCTP_BINDX_REM_ADDR); 4707 + retval = sctp_setsockopt_bindx(sk, kopt, optlen, 4708 + SCTP_BINDX_REM_ADDR); 4470 4709 break; 4471 4710 4472 4711 case SCTP_SOCKOPT_CONNECTX_OLD: 4473 4712 /* 'optlen' is the size of the addresses buffer. */ 4474 - retval = sctp_setsockopt_connectx_old(sk, 4475 - (struct sockaddr __user *)optval, 4476 - optlen); 4713 + retval = sctp_setsockopt_connectx_old(sk, kopt, optlen); 4477 4714 break; 4478 4715 4479 4716 case SCTP_SOCKOPT_CONNECTX: 4480 4717 /* 'optlen' is the size of the addresses buffer. */ 4481 - retval = sctp_setsockopt_connectx(sk, 4482 - (struct sockaddr __user *)optval, 4483 - optlen); 4718 + retval = sctp_setsockopt_connectx(sk, kopt, optlen); 4484 4719 break; 4485 4720 4486 4721 case SCTP_DISABLE_FRAGMENTS: 4487 - retval = sctp_setsockopt_disable_fragments(sk, optval, optlen); 4722 + retval = sctp_setsockopt_disable_fragments(sk, kopt, optlen); 4488 4723 break; 4489 4724 4490 4725 case SCTP_EVENTS: 4491 - retval = sctp_setsockopt_events(sk, optval, optlen); 4726 + retval = sctp_setsockopt_events(sk, kopt, optlen); 4492 4727 break; 4493 4728 4494 4729 case SCTP_AUTOCLOSE: 4495 - retval = sctp_setsockopt_autoclose(sk, optval, optlen); 4730 + retval = sctp_setsockopt_autoclose(sk, kopt, optlen); 4496 4731 break; 4497 4732 4498 4733 case SCTP_PEER_ADDR_PARAMS: 4499 - retval = sctp_setsockopt_peer_addr_params(sk, optval, optlen); 4734 + retval = sctp_setsockopt_peer_addr_params(sk, kopt, optlen); 4500 4735 break; 4501 4736 4502 4737 case SCTP_DELAYED_SACK: 4503 - retval = sctp_setsockopt_delayed_ack(sk, optval, optlen); 4738 + retval = sctp_setsockopt_delayed_ack(sk, kopt, optlen); 4504 4739 break; 4505 4740 case SCTP_PARTIAL_DELIVERY_POINT: 4506 - retval = sctp_setsockopt_partial_delivery_point(sk, optval, optlen); 4741 + retval = sctp_setsockopt_partial_delivery_point(sk, kopt, optlen); 4507 4742 break; 4508 4743 4509 4744 case SCTP_INITMSG: 4510 - retval = sctp_setsockopt_initmsg(sk, optval, optlen); 4745 + retval = sctp_setsockopt_initmsg(sk, kopt, optlen); 4511 4746 break; 4512 4747 case SCTP_DEFAULT_SEND_PARAM: 4513 - retval = sctp_setsockopt_default_send_param(sk, optval, 4514 - optlen); 4748 + retval = sctp_setsockopt_default_send_param(sk, kopt, optlen); 4515 4749 break; 4516 4750 case SCTP_DEFAULT_SNDINFO: 4517 - retval = sctp_setsockopt_default_sndinfo(sk, optval, optlen); 4751 + retval = sctp_setsockopt_default_sndinfo(sk, kopt, optlen); 4518 4752 break; 4519 4753 case SCTP_PRIMARY_ADDR: 4520 - retval = sctp_setsockopt_primary_addr(sk, optval, optlen); 4754 + retval = sctp_setsockopt_primary_addr(sk, kopt, optlen); 4521 4755 break; 4522 4756 case SCTP_SET_PEER_PRIMARY_ADDR: 4523 - retval = sctp_setsockopt_peer_primary_addr(sk, optval, optlen); 4757 + retval = sctp_setsockopt_peer_primary_addr(sk, kopt, optlen); 4524 4758 break; 4525 4759 case SCTP_NODELAY: 4526 - retval = sctp_setsockopt_nodelay(sk, optval, optlen); 4760 + retval = sctp_setsockopt_nodelay(sk, kopt, optlen); 4527 4761 break; 4528 4762 case SCTP_RTOINFO: 4529 - retval = sctp_setsockopt_rtoinfo(sk, optval, optlen); 4763 + retval = sctp_setsockopt_rtoinfo(sk, kopt, optlen); 4530 4764 break; 4531 4765 case SCTP_ASSOCINFO: 4532 - retval = sctp_setsockopt_associnfo(sk, optval, optlen); 4766 + retval = sctp_setsockopt_associnfo(sk, kopt, optlen); 4533 4767 break; 4534 4768 case SCTP_I_WANT_MAPPED_V4_ADDR: 4535 - retval = sctp_setsockopt_mappedv4(sk, optval, optlen); 4769 + retval = sctp_setsockopt_mappedv4(sk, kopt, optlen); 4536 4770 break; 4537 4771 case SCTP_MAXSEG: 4538 - retval = sctp_setsockopt_maxseg(sk, optval, optlen); 4772 + retval = sctp_setsockopt_maxseg(sk, kopt, optlen); 4539 4773 break; 4540 4774 case SCTP_ADAPTATION_LAYER: 4541 - retval = sctp_setsockopt_adaptation_layer(sk, optval, optlen); 4775 + retval = sctp_setsockopt_adaptation_layer(sk, kopt, optlen); 4542 4776 break; 4543 4777 case SCTP_CONTEXT: 4544 - retval = sctp_setsockopt_context(sk, optval, optlen); 4778 + retval = sctp_setsockopt_context(sk, kopt, optlen); 4545 4779 break; 4546 4780 case SCTP_FRAGMENT_INTERLEAVE: 4547 - retval = sctp_setsockopt_fragment_interleave(sk, optval, optlen); 4781 + retval = sctp_setsockopt_fragment_interleave(sk, kopt, optlen); 4548 4782 break; 4549 4783 case SCTP_MAX_BURST: 4550 - retval = sctp_setsockopt_maxburst(sk, optval, optlen); 4784 + retval = sctp_setsockopt_maxburst(sk, kopt, optlen); 4551 4785 break; 4552 4786 case SCTP_AUTH_CHUNK: 4553 - retval = sctp_setsockopt_auth_chunk(sk, optval, optlen); 4787 + retval = sctp_setsockopt_auth_chunk(sk, kopt, optlen); 4554 4788 break; 4555 4789 case SCTP_HMAC_IDENT: 4556 - retval = sctp_setsockopt_hmac_ident(sk, optval, optlen); 4790 + retval = sctp_setsockopt_hmac_ident(sk, kopt, optlen); 4557 4791 break; 4558 4792 case SCTP_AUTH_KEY: 4559 - retval = sctp_setsockopt_auth_key(sk, optval, optlen); 4793 + retval = sctp_setsockopt_auth_key(sk, kopt, optlen); 4560 4794 break; 4561 4795 case SCTP_AUTH_ACTIVE_KEY: 4562 - retval = sctp_setsockopt_active_key(sk, optval, optlen); 4796 + retval = sctp_setsockopt_active_key(sk, kopt, optlen); 4563 4797 break; 4564 4798 case SCTP_AUTH_DELETE_KEY: 4565 - retval = sctp_setsockopt_del_key(sk, optval, optlen); 4799 + retval = sctp_setsockopt_del_key(sk, kopt, optlen); 4566 4800 break; 4567 4801 case SCTP_AUTH_DEACTIVATE_KEY: 4568 - retval = sctp_setsockopt_deactivate_key(sk, optval, optlen); 4802 + retval = sctp_setsockopt_deactivate_key(sk, kopt, optlen); 4569 4803 break; 4570 4804 case SCTP_AUTO_ASCONF: 4571 - retval = sctp_setsockopt_auto_asconf(sk, optval, optlen); 4805 + retval = sctp_setsockopt_auto_asconf(sk, kopt, optlen); 4572 4806 break; 4573 4807 case SCTP_PEER_ADDR_THLDS: 4574 - retval = sctp_setsockopt_paddr_thresholds(sk, optval, optlen, 4808 + retval = sctp_setsockopt_paddr_thresholds(sk, kopt, optlen, 4575 4809 false); 4576 4810 break; 4577 4811 case SCTP_PEER_ADDR_THLDS_V2: 4578 - retval = sctp_setsockopt_paddr_thresholds(sk, optval, optlen, 4812 + retval = sctp_setsockopt_paddr_thresholds(sk, kopt, optlen, 4579 4813 true); 4580 4814 break; 4581 4815 case SCTP_RECVRCVINFO: 4582 - retval = sctp_setsockopt_recvrcvinfo(sk, optval, optlen); 4816 + retval = sctp_setsockopt_recvrcvinfo(sk, kopt, optlen); 4583 4817 break; 4584 4818 case SCTP_RECVNXTINFO: 4585 - retval = sctp_setsockopt_recvnxtinfo(sk, optval, optlen); 4819 + retval = sctp_setsockopt_recvnxtinfo(sk, kopt, optlen); 4586 4820 break; 4587 4821 case SCTP_PR_SUPPORTED: 4588 - retval = sctp_setsockopt_pr_supported(sk, optval, optlen); 4822 + retval = sctp_setsockopt_pr_supported(sk, kopt, optlen); 4589 4823 break; 4590 4824 case SCTP_DEFAULT_PRINFO: 4591 - retval = sctp_setsockopt_default_prinfo(sk, optval, optlen); 4825 + retval = sctp_setsockopt_default_prinfo(sk, kopt, optlen); 4592 4826 break; 4593 4827 case SCTP_RECONFIG_SUPPORTED: 4594 - retval = sctp_setsockopt_reconfig_supported(sk, optval, optlen); 4828 + retval = sctp_setsockopt_reconfig_supported(sk, kopt, optlen); 4595 4829 break; 4596 4830 case SCTP_ENABLE_STREAM_RESET: 4597 - retval = sctp_setsockopt_enable_strreset(sk, optval, optlen); 4831 + retval = sctp_setsockopt_enable_strreset(sk, kopt, optlen); 4598 4832 break; 4599 4833 case SCTP_RESET_STREAMS: 4600 - retval = sctp_setsockopt_reset_streams(sk, optval, optlen); 4834 + retval = sctp_setsockopt_reset_streams(sk, kopt, optlen); 4601 4835 break; 4602 4836 case SCTP_RESET_ASSOC: 4603 - retval = sctp_setsockopt_reset_assoc(sk, optval, optlen); 4837 + retval = sctp_setsockopt_reset_assoc(sk, kopt, optlen); 4604 4838 break; 4605 4839 case SCTP_ADD_STREAMS: 4606 - retval = sctp_setsockopt_add_streams(sk, optval, optlen); 4840 + retval = sctp_setsockopt_add_streams(sk, kopt, optlen); 4607 4841 break; 4608 4842 case SCTP_STREAM_SCHEDULER: 4609 - retval = sctp_setsockopt_scheduler(sk, optval, optlen); 4843 + retval = sctp_setsockopt_scheduler(sk, kopt, optlen); 4610 4844 break; 4611 4845 case SCTP_STREAM_SCHEDULER_VALUE: 4612 - retval = sctp_setsockopt_scheduler_value(sk, optval, optlen); 4846 + retval = sctp_setsockopt_scheduler_value(sk, kopt, optlen); 4613 4847 break; 4614 4848 case SCTP_INTERLEAVING_SUPPORTED: 4615 - retval = sctp_setsockopt_interleaving_supported(sk, optval, 4849 + retval = sctp_setsockopt_interleaving_supported(sk, kopt, 4616 4850 optlen); 4617 4851 break; 4618 4852 case SCTP_REUSE_PORT: 4619 - retval = sctp_setsockopt_reuse_port(sk, optval, optlen); 4853 + retval = sctp_setsockopt_reuse_port(sk, kopt, optlen); 4620 4854 break; 4621 4855 case SCTP_EVENT: 4622 - retval = sctp_setsockopt_event(sk, optval, optlen); 4856 + retval = sctp_setsockopt_event(sk, kopt, optlen); 4623 4857 break; 4624 4858 case SCTP_ASCONF_SUPPORTED: 4625 - retval = sctp_setsockopt_asconf_supported(sk, optval, optlen); 4859 + retval = sctp_setsockopt_asconf_supported(sk, kopt, optlen); 4626 4860 break; 4627 4861 case SCTP_AUTH_SUPPORTED: 4628 - retval = sctp_setsockopt_auth_supported(sk, optval, optlen); 4862 + retval = sctp_setsockopt_auth_supported(sk, kopt, optlen); 4629 4863 break; 4630 4864 case SCTP_ECN_SUPPORTED: 4631 - retval = sctp_setsockopt_ecn_supported(sk, optval, optlen); 4865 + retval = sctp_setsockopt_ecn_supported(sk, kopt, optlen); 4632 4866 break; 4633 4867 case SCTP_EXPOSE_POTENTIALLY_FAILED_STATE: 4634 - retval = sctp_setsockopt_pf_expose(sk, optval, optlen); 4868 + retval = sctp_setsockopt_pf_expose(sk, kopt, optlen); 4635 4869 break; 4636 4870 default: 4637 4871 retval = -ENOPROTOOPT; ··· 4634 4878 } 4635 4879 4636 4880 release_sock(sk); 4637 - 4638 - out_nounlock: 4881 + kfree(kopt); 4639 4882 return retval; 4640 4883 } 4641 4884