git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Stefano Garzarella <sgarzare@redhat.com>
	Fri, 8 May 2026 16:44:11 +0000 (18:44 +0200)
committer	Paolo Abeni <pabeni@redhat.com>
	Tue, 12 May 2026 10:52:15 +0000 (12:52 +0200)
commit	3a3e3d90cbc79600544536723911657730759af3
tree	0b4ab751d0486fac74635d8a7013690076b1c0a4	tree \| snapshot
parent	5f344d809e015fba3709e5219428c00b8ac5d7df	commit \| diff

vsock/virtio: fix empty payload in tap skb for non-linear buffers

For non-linear skbs, virtio_transport_build_skb() goes through
virtio_transport_copy_nonlinear_skb() to copy the original payload
in the new skb to be delivered to the vsockmon tap device.
This manually initializes an iov_iter but does not set iov_iter.count.
Since the iov_iter is zero-initialized, the copy length is zero and no
payload is actually copied to the monitor interface, leaving data
un-initialized.

Fix this by removing the linear vs non-linear split and using
skb_copy_datagram_iter() with iov_iter_kvec() for all cases, as
vhost-vsock already does. This handles both linear and non-linear skbs,
properly initializes the iov_iter, and removes the now unused
virtio_transport_copy_nonlinear_skb().

While touching this code, let's also check the return value of
skb_copy_datagram_iter(), even though it's unlikely to fail.

Fixes: 4b0bf10eb077 ("vsock/virtio: non-linear skb handling for tap")
Reported-by: Yiqi Sun <sunyiqixm@gmail.com>
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Bobby Eshleman <bobbyeshleman@meta.com>
Reviewed-by: Arseniy Krasnov <avkrasnov@rulkc.org>
Link: https://patch.msgid.link/20260508164411.261440-3-sgarzare@redhat.com
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>