netlink: Always copy on mmap TX.
authorDavid Miller <davem@davemloft.net>
Tue, 16 Dec 2014 22:58:17 +0000 (17:58 -0500)
committerDavid S. Miller <davem@davemloft.net>
Thu, 18 Dec 2014 17:35:23 +0000 (12:35 -0500)
commit4682a0358639b29cf69437ed909c6221f8c89847
tree85469362ce075e5d59ebd3559f5e590749432e24
parent65891feac27e26115dc4cce881743a1ac33372df
netlink: Always copy on mmap TX.

Checking the file f_count and the nlk->mapped count is not completely
sufficient to prevent the mmap'd area contents from changing from
under us during netlink mmap sendmsg() operations.

Be careful to sample the header's length field only once, because this
could change from under us as well.

Fixes: 5fd96123ee19 ("netlink: implement memory mapped sendmsg()")
Signed-off-by: David S. Miller <davem@davemloft.net>
Acked-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
net/netlink/af_netlink.c