net: Make copy_safe_from_sockptr() match documentation

commit eb94b7bb10109a14a5431a67e5d8e31cfa06b395 upstream.

copy_safe_from_sockptr()
  return copy_from_sockptr()
    return copy_from_sockptr_offset()
      return copy_from_user()

copy_from_user() does not return an error on fault. Instead, it returns a
number of bytes that were not copied. Have it handled.

Patch has a side effect: it un-breaks garbage input handling of
nfc_llcp_setsockopt() and mISDN's data_sock_setsockopt().

Fixes: 6309863b31dd ("net: add copy_safe_from_sockptr() helper")
Signed-off-by: Michal Luczaj <mhal@rbox.co>
Link: https://patch.msgid.link/20241111-sockptr-copy-ret-fix-v1-1-a520083a93fb@rbox.co
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/include/linux/sockptr.h b/include/linux/sockptr.h
index 1c1a5d926b1713a981d9bd482925524744d7932b..0eb3a2b1f81ff0f49cb24ffa011cc7c1f999b4b3 100644 (file)
--- a/include/linux/sockptr.h
+++ b/include/linux/sockptr.h
@@ -77,7 +77,9 @@ static inline int copy_safe_from_sockptr(void *dst, size_t ksize,
 {
        if (optlen < ksize)
                return -EINVAL;
-       return copy_from_sockptr(dst, optval, ksize);
+       if (copy_from_sockptr(dst, optval, ksize))
+               return -EFAULT;
+       return 0;
 }
 
 static inline int copy_to_sockptr_offset(sockptr_t dst, size_t offset,