lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 14 Aug 2023 22:46:05 +0300
From:   Arseniy Krasnov <avkrasnov@...rdevices.ru>
To:     Stefano Garzarella <sgarzare@...hat.com>,
        Arseniy Krasnov <oxffffaa@...il.com>
CC:     Stefan Hajnoczi <stefanha@...hat.com>,
        "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        "Michael S. Tsirkin" <mst@...hat.com>,
        Jason Wang <jasowang@...hat.com>,
        Bobby Eshleman <bobby.eshleman@...edance.com>,
        <kvm@...r.kernel.org>, <virtualization@...ts.linux-foundation.org>,
        <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        <kernel@...rdevices.ru>
Subject: Re: [RFC PATCH v1 1/2] vsock: send SIGPIPE on write to shutdowned
 socket



On 04.08.2023 17:28, Stefano Garzarella wrote:
> On Fri, Aug 04, 2023 at 03:46:47PM +0300, Arseniy Krasnov wrote:
>> Hi Stefano,
>>
>> On 02.08.2023 10:46, Stefano Garzarella wrote:
>>> On Tue, Aug 01, 2023 at 05:17:26PM +0300, Arseniy Krasnov wrote:
>>>> POSIX requires to send SIGPIPE on write to SOCK_STREAM socket which was
>>>> shutdowned with SHUT_WR flag or its peer was shutdowned with SHUT_RD
>>>> flag. Also we must not send SIGPIPE if MSG_NOSIGNAL flag is set.
>>>>
>>>> Signed-off-by: Arseniy Krasnov <AVKrasnov@...rdevices.ru>
>>>> ---
>>>> net/vmw_vsock/af_vsock.c | 3 +++
>>>> 1 file changed, 3 insertions(+)
>>>>
>>>> diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c
>>>> index 020cf17ab7e4..013b65241b65 100644
>>>> --- a/net/vmw_vsock/af_vsock.c
>>>> +++ b/net/vmw_vsock/af_vsock.c
>>>> @@ -1921,6 +1921,9 @@ static int vsock_connectible_sendmsg(struct socket *sock, struct msghdr *msg,
>>>>             err = total_written;
>>>>     }
>>>> out:
>>>> +    if (sk->sk_type == SOCK_STREAM)
>>>> +        err = sk_stream_error(sk, msg->msg_flags, err);
>>>
>>> Do you know why we don't need this for SOCK_SEQPACKET and SOCK_DGRAM?
>>
>> Yes, here is my explanation:
>>
>> This function checks that input error is SIGPIPE, and if so it sends SIGPIPE to the 'current' thread
>> (except case when MSG_NOSIGNAL flag is set). This behaviour is described in POSIX:
>>
>> Page 367 (description of defines from sys/socket.h):
>> MSG_NOSIGNAL: No SIGPIPE generated when an attempt to send is made on a stream-
>> oriented socket that is no longer connected.
>>
>> Page 497 (description of SOCK_STREAM):
>> A SIGPIPE signal is raised if a thread sends on a broken stream (one that is
>> no longer connected).
> 
> Okay, but I think we should do also for SEQPACKET:
> 
> https://pubs.opengroup.org/onlinepubs/009696699/functions/xsh_chap02_10.html
> 
> In 2.10.6 Socket Types:
> 
> "The SOCK_SEQPACKET socket type is similar to the SOCK_STREAM type, and
> is also connection-oriented. The only difference between these types is
> that record boundaries ..."
> 
> Then in  2.10.14 Signals:
> 
> "The SIGPIPE signal shall be sent to a thread that attempts to send data
> on a socket that is no longer able to send. In addition, the send
> operation fails with the error [EPIPE]."
> 
> It's honestly not super clear, but I assume the problem is similar with
> seqpacket since it's connection-oriented, or did I miss something?
> 
> For example in sctp_sendmsg() IIUC we raise a SIGPIPE regardless of
> whether the socket is STREAM or SEQPACKET.

Update about sending SIGPIPE for SOCK_SEQPACKET, I checked POSIX doc and kernel sources more deeply:


1)

I checked four types of sockets, which sends SIGPIPE for SOCK_SEQPACKET or not ('YES' if
this socket sends SIGPIPE in SOCK_SEQPACKET case):

net/kcm/: YES
net/unix/: NO
net/sctp/: YES
net/caif/: NO

Looking for this, I think it is impossible to get the right answer, as there is some
mess - everyone implements it as wish.

2)

I opened POSIX spec again, and here are details about returning EPIPE from pages
for 'send()', 'sendto()', 'sendmsg()':

[EPIPE] The socket is shut down for writing, or the socket is connection-mode and is
no longer connected. In the latter case, and if the socket is of type
SOCK_STREAM, the SIGPIPE signal is generated to the calling thread

So my opinion is that we need to send SIGPIPE only for SOCK_STREAM. Another question
is how to interpret this from above (but again - SIGPIPE is related for SOCK_STREAM
only):

**" and is no longer connected"**

IIUC, if we follow POSIX strictly, this check must be like:

/* socket is shut down for writing or no longer connected. */
if (sk->sk_shutdown & SEND_SHUTDOWN ||
    vsk->peer_shutdown & RCV_SHUTDOWN ||
    sock_flag(SOCK_DONE)) {
	err = -EPIPE;
	goto out;
}

...

out:
	/* Handle -EPIPE for stream socket which is no longer connected. */
	if (sk->sk_type == SOCK_STREAM &&
		sock_flag(SOCK_DONE))
		err = sk_stream_error();



>From the other side, we can just follow TCP/AF_UNIX implementations as both are
popular types of socket. In this case I suggest to implement this check like
(e.g. without sock_flag(SOCK_DONE)):


if (sk->sk_shutdown & SEND_SHUTDOWN ||
    vsk->peer_shutdown & RCV_SHUTDOWN) {
	err = -EPIPE;
	goto out;
}

...

out:
	if (sk->sk_type == SOCK_STREAM)
		err = sk_stream_error();

What do you think?

Thanks, Arseniy

> 
>>
>> Page 1802 (description of 'send()' call):
>> MSG_NOSIGNAL
>>
>> Requests not to send the SIGPIPE signal if an attempt to
>> send is made on a stream-oriented socket that is no
>> longer connected. The [EPIPE] error shall still be
>> returned
>>
>> And the same for 'sendto()' and 'sendmsg()'
>>
>> Link to the POSIX document:
>> https://www.open-std.org/jtc1/sc22/open/n4217.pdf
>>
>> TCP (I think we must rely on it), KCM, SMC sockets (all of them are stream) work in the same
>> way by calling this function. AF_UNIX also works in the same way, but it implements SIGPIPE handling
>> without this function.
> 
> I'm okay calling this function.
> 
>>
>> The only thing that confused me a little bit, that sockets above returns EPIPE when
>> we have only SEND_SHUTDOWN set, but for AF_VSOCK EPIPE is returned for RCV_SHUTDOWN
>> also, but I think it is related to this patchset.
> 
> Do you mean that it is NOT related to this patchset?
> 
> Thanks,
> Stefano
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ