| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z1sNEgQLMzZua3mS@hog>
Date: Thu, 12 Dec 2024 17:19:30 +0100
From: Sabrina Dubroca <sd@...asysnail.net>
To: Antonio Quartulli <antonio@...nvpn.net>
Cc: netdev@...r.kernel.org, Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
Donald Hunter <donald.hunter@...il.com>,
Shuah Khan <shuah@...nel.org>, ryazanov.s.a@...il.com,
Andrew Lunn <andrew+netdev@...n.ch>,
Simon Horman <horms@...nel.org>, linux-kernel@...r.kernel.org,
linux-kselftest@...r.kernel.org, Xiao Liang <shaw.leon@...il.com>,
willemdebruijn.kernel@...il.com
Subject: Re: [PATCH net-next v15 06/22] ovpn: introduce the ovpn_socket object
2024-12-11, 22:15:10 +0100, Antonio Quartulli wrote:
> +static struct ovpn_socket *ovpn_socket_get(struct socket *sock)
> +{
> + struct ovpn_socket *ovpn_sock;
> +
> + rcu_read_lock();
> + ovpn_sock = rcu_dereference_sk_user_data(sock->sk);
> + if (WARN_ON(!ovpn_socket_hold(ovpn_sock)))
Could we hit this situation when we're removing the last peer (so
detaching its socket) just as we're adding a new one? ovpn_socket_new
finds the socket already attached and goes through the EALREADY path,
but the refcount has already dropped to 0?
Then we'd also return NULL from ovpn_socket_new [1], which I don't
think is handled well by the caller (at least the netdev_dbg call at
the end of ovpn_nl_peer_modify, maybe other spots too).
(I guess it's not an issue you would see with the existing userspace
if it's single-threaded)
[...]
> +struct ovpn_socket *ovpn_socket_new(struct socket *sock, struct ovpn_peer *peer)
> +{
> + struct ovpn_socket *ovpn_sock;
> + int ret;
> +
> + ret = ovpn_socket_attach(sock, peer);
> + if (ret < 0 && ret != -EALREADY)
> + return ERR_PTR(ret);
> +
> + /* if this socket is already owned by this interface, just increase the
> + * refcounter and use it as expected.
> + *
> + * Since UDP sockets can be used to talk to multiple remote endpoints,
> + * openvpn normally instantiates only one socket and shares it among all
> + * its peers. For this reason, when we find out that a socket is already
> + * used for some other peer in *this* instance, we can happily increase
> + * its refcounter and use it normally.
> + */
> + if (ret == -EALREADY) {
> + /* caller is expected to increase the sock refcounter before
> + * passing it to this function. For this reason we drop it if
> + * not needed, like when this socket is already owned.
> + */
> + ovpn_sock = ovpn_socket_get(sock);
> + sockfd_put(sock);
[1] so we would need to add
if (!ovpn_sock)
return -EAGAIN;
> + return ovpn_sock;
> + }
> +
[...]
> +int ovpn_udp_socket_attach(struct socket *sock, struct ovpn_priv *ovpn)
> +{
> + struct ovpn_socket *old_data;
> + int ret = 0;
> +
> + /* make sure no pre-existing encapsulation handler exists */
> + rcu_read_lock();
> + old_data = rcu_dereference_sk_user_data(sock->sk);
> + if (!old_data) {
> + /* socket is currently unused - we can take it */
> + rcu_read_unlock();
> + return 0;
> + }
> +
> + /* socket is in use. We need to understand if it's owned by this ovpn
> + * instance or by something else.
> + * In the former case, we can increase the refcounter and happily
> + * use it, because the same UDP socket is expected to be shared among
> + * different peers.
> + *
> + * Unlikely TCP, a single UDP socket can be used to talk to many remote
(since I'm commenting on this patch:)
s/Unlikely/Unlike/
[I have some more nits/typos here and there but I worry the
maintainers will get "slightly" annoyed if I make you repost 22
patches once again :) -- if that's all I find in the next few days,
everyone might be happier if I stash them and we get them fixed after
merging?]
--
Sabrina
Powered by blists - more mailing lists