tcp: correctly handle increased zerocopy args struct size

[ Upstream commit e0fecb289ad3fd2245cdc50bf450b97fcca39884 ]

A prior patch increased the size of struct tcp_zerocopy_receive
but did not update do_tcp_getsockopt() handling to properly account
for this.

This patch simply reintroduces content erroneously cut from the
referenced prior patch that handles the new struct size.

Fixes: 18fb76ed5386 ("net-zerocopy: Copy straggler unaligned data for TCP Rx. zerocopy.")
Signed-off-by: Arjun Roy <arjunroy@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Soheil Hassas Yeganeh <soheil@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index bb16c88f58a3c2e480a2544c27fa572bec5ce244..63c81af41b43e85e0a02e8e20e179d3b87abc805 100644 (file)
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -3931,7 +3931,7 @@ static int do_tcp_getsockopt(struct sock *sk, int level,
        }
 #ifdef CONFIG_MMU
        case TCP_ZEROCOPY_RECEIVE: {
-               struct tcp_zerocopy_receive zc;
+               struct tcp_zerocopy_receive zc = {};
                int err;
 
                if (get_user(len, optlen))
@@ -3949,7 +3949,7 @@ static int do_tcp_getsockopt(struct sock *sk, int level,
                lock_sock(sk);
                err = tcp_zerocopy_receive(sk, &zc);
                release_sock(sk);
-               if (len == sizeof(zc))
+               if (len >= offsetofend(struct tcp_zerocopy_receive, err))
                        goto zerocopy_rcv_sk_err;
                switch (len) {
                case offsetofend(struct tcp_zerocopy_receive, err):