From eb2a5f2f73e4cfaf20246fb3d3fb1b8bd5716606 Mon Sep 17 00:00:00 2001
From: jianchunfu <jianchunfu_yewu@cmss.chinamobile.com>
Date: Tue, 22 Nov 2022 17:10:35 +0800
Subject: [PATCH 03/29] linux-user: always translate cmsg when recvmsg

It's possible that a message contains both normal payload and ancillary
data in the same message, and even if no ancillary data is available
this information should be passed to the target, otherwise the target
cmsghdr will be left uninitialized and the target is going to access
uninitialized memory if it expects cmsg.
Always call the function that translate cmsg when recvmsg, because that
function should be empty-cmsg-safe(it creates an empty cmsg in the target).

Signed-off-by: Icenowy Zheng <uwu@icenowy.me>
Signed-off-by: jianchunfu <jianchunfu_yewu@cmss.chinamobile.com>
---
 linux-user/syscall.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index f1cfcc8104..fce2c03259 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -3296,7 +3296,8 @@ static abi_long do_sendrecvmsg_locked(int fd, struct target_msghdr *msgp,
             if (fd_trans_host_to_target_data(fd)) {
                 ret = fd_trans_host_to_target_data(fd)(msg.msg_iov->iov_base,
                                                MIN(msg.msg_iov->iov_len, len));
-            } else {
+            }
+            if (!is_error(ret)) {
                 ret = host_to_target_cmsg(msgp, &msg);
             }
             if (!is_error(ret)) {
-- 
2.27.0