lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 21 Nov 2023 09:18:10 +0100 From: Eric Dumazet <edumazet@...gle.com> To: Dmitry Safonov <dima@...sta.com> Cc: David Ahern <dsahern@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Jakub Kicinski <kuba@...nel.org>, "David S. Miller" <davem@...emloft.net>, linux-kernel@...r.kernel.org, Dmitry Safonov <0x7f454c46@...il.com>, Francesco Ruggeri <fruggeri05@...il.com>, Salam Noureddine <noureddine@...sta.com>, Simon Horman <horms@...nel.org>, netdev@...r.kernel.org Subject: Re: [PATCH 4/7] net/tcp: Reset TCP-AO cached keys on listen() syscall On Tue, Nov 21, 2023 at 3:01 AM Dmitry Safonov <dima@...sta.com> wrote: > > TCP_LISTEN sockets are not connected to any peer, so having > current_key/rnext_key doesn't make sense. > > The userspace may falter over this issue by setting current or rnext > TCP-AO key before listen() syscall. setsockopt(TCP_AO_DEL_KEY) doesn't > allow removing a key that is in use (in accordance to RFC 5925), so > it might be inconvenient to have keys that can be destroyed only with > listener socket. I think this is the wrong way to solve this issue. listen() should not mess with anything else than socket state. > > Fixes: 4954f17ddefc ("net/tcp: Introduce TCP_AO setsockopt()s") > Signed-off-by: Dmitry Safonov <dima@...sta.com> > --- > include/net/tcp_ao.h | 5 +++++ > net/ipv4/af_inet.c | 1 + > net/ipv4/tcp_ao.c | 14 ++++++++++++++ > 3 files changed, 20 insertions(+) > > diff --git a/include/net/tcp_ao.h b/include/net/tcp_ao.h > index 647781080613..e36057ca5ed8 100644 > --- a/include/net/tcp_ao.h > +++ b/include/net/tcp_ao.h > @@ -270,6 +270,7 @@ int tcp_v6_ao_synack_hash(char *ao_hash, struct tcp_ao_key *ao_key, > void tcp_ao_established(struct sock *sk); > void tcp_ao_finish_connect(struct sock *sk, struct sk_buff *skb); > void tcp_ao_connect_init(struct sock *sk); > +void tcp_ao_listen(struct sock *sk); > void tcp_ao_syncookie(struct sock *sk, const struct sk_buff *skb, > struct tcp_request_sock *treq, > unsigned short int family, int l3index); > @@ -330,6 +331,10 @@ static inline void tcp_ao_connect_init(struct sock *sk) > { > } > > +static inline void tcp_ao_listen(struct sock *sk) > +{ > +} > + > static inline int tcp_ao_get_mkts(struct sock *sk, sockptr_t optval, sockptr_t optlen) > { > return -ENOPROTOOPT; > diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c > index fb81de10d332..a08d1266344f 100644 > --- a/net/ipv4/af_inet.c > +++ b/net/ipv4/af_inet.c > @@ -200,6 +200,7 @@ int __inet_listen_sk(struct sock *sk, int backlog) > * we can only allow the backlog to be adjusted. > */ > if (old_state != TCP_LISTEN) { > + tcp_ao_listen(sk); Ouch... Please add your hook in tcp_disconnect() instead of this layering violation. I think you missed the fact that applications can call listen(fd, backlog) multiple times, if they need to dynamically adjust backlog.
Powered by blists - more mailing lists