From: Jakub Sitnicki <jakub@cloudflare.com>
To: Michal Luczaj <mhal@rbox.co>
Cc: netdev@vger.kernel.org, bpf@vger.kernel.org,
davem@davemloft.net, edumazet@google.com, kuba@kernel.org,
pabeni@redhat.com, john.fastabend@gmail.com, kuniyu@amazon.com,
Rao.Shoaib@oracle.com, Cong Wang <cong.wang@bytedance.com>
Subject: Re: [PATCH bpf v2] af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash
Date: Thu, 27 Jun 2024 09:40:48 +0200 [thread overview]
Message-ID: <87tthej0jj.fsf@cloudflare.com> (raw)
In-Reply-To: <2301f9fb-dab5-4db7-8e69-309e7c7186b7@rbox.co> (Michal Luczaj's message of "Wed, 26 Jun 2024 12:19:01 +0200")
On Wed, Jun 26, 2024 at 12:19 PM +02, Michal Luczaj wrote:
> On 6/24/24 16:15, Jakub Sitnicki wrote:
>> On Sun, Jun 23, 2024 at 12:25 AM +02, Michal Luczaj wrote:
>>> AF_UNIX socket tracks the most recent OOB packet (in its receive queue)
>>> with an `oob_skb` pointer. BPF redirecting does not account for that: when
>>> an OOB packet is moved between sockets, `oob_skb` is left outdated. This
>>> results in a single skb that may be accessed from two different sockets.
>>>
>>> Take the easy way out: silently drop MSG_OOB data targeting any socket that
>>> is in a sockmap or a sockhash. Note that such silent drop is akin to the
>>> fate of redirected skb's scm_fp_list (SCM_RIGHTS, SCM_CREDENTIALS).
>>>
>>> For symmetry, forbid MSG_OOB in unix_bpf_recvmsg().
>>>
>>> Suggested-by: Kuniyuki Iwashima <kuniyu@amazon.com>
>>> Fixes: 314001f0bf92 ("af_unix: Add OOB support")
>>> Signed-off-by: Michal Luczaj <mhal@rbox.co>
>>> ---
>>
>> [+CC Cong who authored ->read_skb]
>>
>> I'm guessing you have a test program that you're developing the fix
>> against. Would you like to extend the test case for sockmap redirect
>> from unix stream [1] to incorporate it?
>>
>> Sadly unix_inet_redir_to_connected needs a fix first because it
>> hardcodes sotype to SOCK_DGRAM.
>
> Ugh, my last two replies got silently dropped by vger. Is there any way to
> tell what went wrong?
Not sure if it was vger or lore archive. Your reply hit my inbox but is
nowhere to be found in the archive:
https://lore.kernel.org/r/4bac0a8a-eeaa-48ef-aeba-2a6e73c0b982@rbox.co
I think we can reach out to Konstantin Ryabitsev at
konstantin@linuxfoundation.org. AFAIK he maintains the lore.kernel.org
archive.
> So, again, sure, I'll extend the sockmap redirect test.
Appreciate the help with adding a regression test, if time allows.
Fixes are of course very welcome even without them.
> And regarding Rao's comment, I took a look and I think sockmap'ed TCP OOB
> does indeed act the same way. I'll try to add that into selftest as well.n
Right, it does sound like we're not clearing the offset kept in
tcp_sock::urg_data when skb is redirected.
next prev parent reply other threads:[~2024-06-27 7:40 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-22 22:25 [PATCH bpf v2] af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash Michal Luczaj
2024-06-24 14:15 ` Jakub Sitnicki
2024-06-24 20:02 ` Rao Shoaib
2024-06-26 10:19 ` Michal Luczaj
2024-06-27 7:40 ` Jakub Sitnicki [this message]
2024-07-06 9:42 ` Rao Shoaib
2024-07-07 23:10 ` Michal Luczaj
2024-07-09 10:21 ` Jakub Sitnicki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87tthej0jj.fsf@cloudflare.com \
--to=jakub@cloudflare.com \
--cc=Rao.Shoaib@oracle.com \
--cc=bpf@vger.kernel.org \
--cc=cong.wang@bytedance.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=john.fastabend@gmail.com \
--cc=kuba@kernel.org \
--cc=kuniyu@amazon.com \
--cc=mhal@rbox.co \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.