| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Jun 2023 10:49:00 +0800
From: Feng zhou <zhoufeng.zf@...edance.com>
To: martin.lau@...ux.dev, ast@...nel.org, daniel@...earbox.net,
andrii@...nel.org, song@...nel.org, yhs@...com,
john.fastabend@...il.com, kpsingh@...nel.org, sdf@...gle.com,
haoluo@...gle.com, jolsa@...nel.org
Cc: bpf@...r.kernel.org, linux-kernel@...r.kernel.org,
yangzhenze@...edance.com, wangdongdong.6@...edance.com,
zhoufeng.zf@...edance.com
Subject: [PATCH bpf-next] bpf: getsockopt hook to get optval without checking kernel retval
From: Feng Zhou <zhoufeng.zf@...edance.com>
Remove the judgment on retval and pass bpf ctx by default. The
advantage of this is that it is more flexible. Bpf getsockopt can
support the new optname without using the module to call the
nf_register_sockopt to register.
Signed-off-by: Feng Zhou <zhoufeng.zf@...edance.com>
---
kernel/bpf/cgroup.c | 35 +++++++++++++----------------------
1 file changed, 13 insertions(+), 22 deletions(-)
diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c
index 5b2741aa0d9b..ebad5442d8bb 100644
--- a/kernel/bpf/cgroup.c
+++ b/kernel/bpf/cgroup.c
@@ -1896,30 +1896,21 @@ int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level,
if (max_optlen < 0)
return max_optlen;
- if (!retval) {
- /* If kernel getsockopt finished successfully,
- * copy whatever was returned to the user back
- * into our temporary buffer. Set optlen to the
- * one that kernel returned as well to let
- * BPF programs inspect the value.
- */
-
- if (get_user(ctx.optlen, optlen)) {
- ret = -EFAULT;
- goto out;
- }
+ if (get_user(ctx.optlen, optlen)) {
+ ret = -EFAULT;
+ goto out;
+ }
- if (ctx.optlen < 0) {
- ret = -EFAULT;
- goto out;
- }
- orig_optlen = ctx.optlen;
+ if (ctx.optlen < 0) {
+ ret = -EFAULT;
+ goto out;
+ }
+ orig_optlen = ctx.optlen;
- if (copy_from_user(ctx.optval, optval,
- min(ctx.optlen, max_optlen)) != 0) {
- ret = -EFAULT;
- goto out;
- }
+ if (copy_from_user(ctx.optval, optval,
+ min(ctx.optlen, max_optlen)) != 0) {
+ ret = -EFAULT;
+ goto out;
}
lock_sock(sk);
--
2.20.1
Powered by blists - more mailing lists