Use the kernel pointer that sctp_setsockopt has available instead of
directly handling the user pointer.
Signed-off-by: Christoph Hellwig <hch@xxxxxx>
---
net/sctp/socket.c | 20 +++++---------------
1 file changed, 5 insertions(+), 15 deletions(-)
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 9899d208f40f8d..1365351fd2c86a 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -4061,12 +4061,10 @@ static int sctp_setsockopt_enable_strreset(struct sock *sk,
}
static int sctp_setsockopt_reset_streams(struct sock *sk,
- char __user *optval,
+ struct sctp_reset_streams *params,
unsigned int optlen)
{
- struct sctp_reset_streams *params;
struct sctp_association *asoc;
- int retval = -EINVAL;
if (optlen < sizeof(*params))
return -EINVAL;
@@ -4074,23 +4072,15 @@ static int sctp_setsockopt_reset_streams(struct sock *sk,
optlen = min_t(unsigned int, optlen, USHRT_MAX +
sizeof(__u16) * sizeof(*params));
- params = memdup_user(optval, optlen);
- if (IS_ERR(params))
- return PTR_ERR(params);
-
if (params->srs_number_streams * sizeof(__u16) >
optlen - sizeof(*params))
- goto out;
+ return -EINVAL;
asoc = sctp_id2assoc(sk, params->srs_assoc_id);
if (!asoc)
- goto out;
-
- retval = sctp_send_reset_streams(asoc, params);
+ return -EINVAL;
-out:
- kfree(params);
- return retval;
+ return sctp_send_reset_streams(asoc, params);
}
static int sctp_setsockopt_reset_assoc(struct sock *sk,
@@ -4682,7 +4672,7 @@ static int sctp_setsockopt(struct sock *sk, int level, int optname,
retval = sctp_setsockopt_enable_strreset(sk, kopt, optlen);
break;
case SCTP_RESET_STREAMS:
- retval = sctp_setsockopt_reset_streams(sk, optval, optlen);
+ retval = sctp_setsockopt_reset_streams(sk, kopt, optlen);
break;
case SCTP_RESET_ASSOC:
retval = sctp_setsockopt_reset_assoc(sk, optval, optlen);
--
2.27.0
