tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge branch 'fix-vsock-error-handling-regression-introduced-in-v6-17-rc1'

Will Deacon says:

====================
Fix vsock error-handling regression introduced in v6.17-rc1

Here are a couple of patches fixing the vsock error-handling regression
found by syzbot that I introduced during the recent merge window.
====================

Link: https://patch.msgid.link/20250818180355.29275-1-will@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Jakub Kicinski e959fe78 6439a0e6

+21 -3
+2
include/linux/skbuff.h
··· 4172 4172 struct iov_iter *to, int len, u32 *crcp); 4173 4173 int skb_copy_datagram_from_iter(struct sk_buff *skb, int offset, 4174 4174 struct iov_iter *from, int len); 4175 + int skb_copy_datagram_from_iter_full(struct sk_buff *skb, int offset, 4176 + struct iov_iter *from, int len); 4175 4177 int zerocopy_sg_from_iter(struct sk_buff *skb, struct iov_iter *frm); 4176 4178 void skb_free_datagram(struct sock *sk, struct sk_buff *skb); 4177 4179 int skb_kill_datagram(struct sock *sk, struct sk_buff *skb, unsigned int flags);
+14
net/core/datagram.c
··· 618 618 } 619 619 EXPORT_SYMBOL(skb_copy_datagram_from_iter); 620 620 621 + int skb_copy_datagram_from_iter_full(struct sk_buff *skb, int offset, 622 + struct iov_iter *from, int len) 623 + { 624 + struct iov_iter_state state; 625 + int ret; 626 + 627 + iov_iter_save_state(from, &state); 628 + ret = skb_copy_datagram_from_iter(skb, offset, from, len); 629 + if (ret) 630 + iov_iter_restore(from, &state); 631 + return ret; 632 + } 633 + EXPORT_SYMBOL(skb_copy_datagram_from_iter_full); 634 + 621 635 int zerocopy_fill_skb_from_iter(struct sk_buff *skb, 622 636 struct iov_iter *from, size_t length) 623 637 {
+5 -3
net/vmw_vsock/virtio_transport_common.c
··· 105 105 size_t len, 106 106 bool zcopy) 107 107 { 108 + struct msghdr *msg = info->msg; 109 + 108 110 if (zcopy) 109 - return __zerocopy_sg_from_iter(info->msg, NULL, skb, 110 - &info->msg->msg_iter, len, NULL); 111 + return __zerocopy_sg_from_iter(msg, NULL, skb, 112 + &msg->msg_iter, len, NULL); 111 113 112 114 virtio_vsock_skb_put(skb, len); 113 - return skb_copy_datagram_from_iter(skb, 0, &info->msg->msg_iter, len); 115 + return skb_copy_datagram_from_iter_full(skb, 0, &msg->msg_iter, len); 114 116 } 115 117 116 118 static void virtio_transport_init_hdr(struct sk_buff *skb,