From: Jens Axboe <axboe@kernel.dk>
To: Eric Dumazet <edumazet@google.com>
Cc: "Richard W.M. Jones" <rjones@redhat.com>,
Josef Bacik <josef@toxicpanda.com>,
linux-kernel <linux-kernel@vger.kernel.org>,
netdev@vger.kernel.org, Eric Dumazet <eric.dumazet@gmail.com>,
syzbot+e1cd6bd8493060bd701d@syzkaller.appspotmail.com,
Mike Christie <mchristi@redhat.com>,
Yu Kuai <yukuai1@huaweicloud.com>,
linux-block@vger.kernel.org, nbd@other.debian.org
Subject: Re: [PATCH] nbd: restrict sockets to TCP and UDP
Date: Tue, 9 Sep 2025 09:09:31 -0600 [thread overview]
Message-ID: <e1161184-e2fa-49eb-8093-0b754dc362c1@kernel.dk> (raw)
In-Reply-To: <CANn89iJiBuJ=sHbfKjR-bJe6p12UrJ_DkOgysmAQuwCbNEy8BA@mail.gmail.com>
On 9/9/25 8:47 AM, Eric Dumazet wrote:
> On Tue, Sep 9, 2025 at 7:37?AM Jens Axboe <axboe@kernel.dk> wrote:
>>
>> On 9/9/25 8:35 AM, Eric Dumazet wrote:
>>> On Tue, Sep 9, 2025 at 7:04?AM Eric Dumazet <edumazet@google.com> wrote:
>>>>
>>>> On Tue, Sep 9, 2025 at 6:32?AM Richard W.M. Jones <rjones@redhat.com> wrote:
>>>>>
>>>>> On Tue, Sep 09, 2025 at 01:22:43PM +0000, Eric Dumazet wrote:
>>>>>> Recently, syzbot started to abuse NBD with all kinds of sockets.
>>>>>>
>>>>>> Commit cf1b2326b734 ("nbd: verify socket is supported during setup")
>>>>>> made sure the socket supported a shutdown() method.
>>>>>>
>>>>>> Explicitely accept TCP and UNIX stream sockets.
>>>>>
>>>>> I'm not clear what the actual problem is, but I will say that libnbd &
>>>>> nbdkit (which are another NBD client & server, interoperable with the
>>>>> kernel) we support and use NBD over vsock[1]. And we could support
>>>>> NBD over pretty much any stream socket (Infiniband?) [2].
>>>>>
>>>>> [1] https://libguestfs.org/nbd_aio_connect_vsock.3.html
>>>>> https://libguestfs.org/nbdkit-service.1.html#AF_VSOCK
>>>>> [2] https://libguestfs.org/nbd_connect_socket.3.html
>>>>>
>>>>> TCP and Unix domain sockets are by far the most widely used, but I
>>>>> don't think it's fair to exclude other socket types.
>>>>
>>>> If we have known and supported socket types, please send a patch to add them.
>>>>
>>>> I asked the question last week and got nothing about vsock or other types.
>>>>
>>>> https://lore.kernel.org/netdev/CANn89iLNFHBMTF2Pb6hHERYpuih9eQZb6A12+ndzBcQs_kZoBA@mail.gmail.com/
>>>>
>>>> For sure, we do not want datagram sockets, RAW, netlink, and many others.
>>>
>>> BTW vsock will probably fire lockdep warnings, I see GFP_KERNEL being used
>>> in net/vmw_vsock/virtio_transport.c
>>>
>>> So you will have to fix this.
>>
>> Rather than play whack-a-mole with this, would it make sense to mark as
>> socket as "writeback/reclaim" safe and base the nbd decision on that rather
>> than attempt to maintain some allow/deny list of sockets?
>
> Even if a socket type was writeback/reclaim safe, probably NBD would
> not support arbitrary socket type, like netlink, af_packet, or
> af_netrom.
>
> An allow list seems safer to me, with commits with a clear owner.
>
> If future syzbot reports are triggered, the bisection will point to
> these commits.
That's fine too, either approach will result in fixups, at the end of
the day. And followup related fixes to solve issues with socket types
that we do deem useful, like the vsock one you already found.
--
Jens Axboe
next prev parent reply other threads:[~2025-09-09 15:09 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-09 13:22 [PATCH] nbd: restrict sockets to TCP and UDP Eric Dumazet
2025-09-09 13:29 ` Jens Axboe
2025-09-09 13:32 ` Richard W.M. Jones
2025-09-09 14:04 ` Eric Dumazet
2025-09-09 14:35 ` Eric Dumazet
2025-09-09 14:37 ` Jens Axboe
2025-09-09 14:47 ` Eric Dumazet
2025-09-09 15:09 ` Jens Axboe [this message]
2025-09-09 15:18 ` Richard W.M. Jones
2025-09-09 15:33 ` Eric Dumazet
2025-09-10 15:55 ` Stefano Garzarella
2025-09-12 9:23 ` Simon Horman
2025-09-09 17:16 ` Richard W.M. Jones
2025-11-18 17:56 ` Pavel Machek
2025-11-18 18:16 ` Richard W.M. Jones
2025-11-19 9:10 ` Userland used in writeback path was " Pavel Machek
2025-11-24 11:04 ` Richard W.M. Jones
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e1161184-e2fa-49eb-8093-0b754dc362c1@kernel.dk \
--to=axboe@kernel.dk \
--cc=edumazet@google.com \
--cc=eric.dumazet@gmail.com \
--cc=josef@toxicpanda.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mchristi@redhat.com \
--cc=nbd@other.debian.org \
--cc=netdev@vger.kernel.org \
--cc=rjones@redhat.com \
--cc=syzbot+e1cd6bd8493060bd701d@syzkaller.appspotmail.com \
--cc=yukuai1@huaweicloud.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).