| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250110083511.30419-1-sgarzare@redhat.com> Date: Fri, 10 Jan 2025 09:35:06 +0100 From: Stefano Garzarella <sgarzare@...hat.com> To: netdev@...r.kernel.org Cc: Xuan Zhuo <xuanzhuo@...ux.alibaba.com>, bpf@...r.kernel.org, linux-kernel@...r.kernel.org, Luigi Leonardi <leonardi@...hat.com>, "David S. Miller" <davem@...emloft.net>, Wongi Lee <qwerty@...ori.io>, Stefano Garzarella <sgarzare@...hat.com>, Eugenio PĂ©rez <eperezma@...hat.com>, "Michael S. Tsirkin" <mst@...hat.com>, Eric Dumazet <edumazet@...gle.com>, kvm@...r.kernel.org, Paolo Abeni <pabeni@...hat.com>, Stefan Hajnoczi <stefanha@...hat.com>, Jason Wang <jasowang@...hat.com>, Simon Horman <horms@...nel.org>, Hyunwoo Kim <v4bel@...ori.io>, Jakub Kicinski <kuba@...nel.org>, Michal Luczaj <mhal@...x.co>, virtualization@...ts.linux.dev, Bobby Eshleman <bobby.eshleman@...edance.com> Subject: [PATCH net v2 0/5] vsock: some fixes due to transport de-assignment v1: https://lore.kernel.org/netdev/20250108180617.154053-1-sgarzare@redhat.com/ v2: - Added patch 3 to cancel the virtio close delayed work when de-assigning the transport - Added patch 4 to clean the socket state after de-assigning the transport - Added patch 5 as suggested by Michael and Hyunwoo Kim. It's based on Hyunwoo Kim and Wongi Lee patch [1] but using WARN_ON and covering more functions - Added R-b/T-b tags This series includes two patches discussed in the thread started by Hyunwoo Kim a few weeks ago [1], plus 3 more patches added after some discussions on v1 (see changelog). All related to the case where a vsock socket is de-assigned from a transport (e.g., because the connect fails or is interrupted by a signal) and then assigned to another transport or to no-one (NULL). I tested with usual vsock test suite, plus Michal repro [2]. (Note: the repo works only if a G2H transport is not loaded, e.g. virtio-vsock driver). The first patch is a fix more appropriate to the problem reported in that thread, the second patch on the other hand is a related fix but of a different problem highlighted by Michal Luczaj. It's present only in vsock_bpf and already handled in af_vsock.c The third patch is to cancel the virtio close delayed work when de-assigning the transport, the fourth patch is to clean the socket state after de-assigning the transport, the last patch adds warnings and prevents null-ptr-deref in vsock_*[has_data|has_space]. Hyunwoo Kim, Michal, if you can test and report your Tested-by that would be great! [1] https://lore.kernel.org/netdev/Z2K%2FI4nlHdfMRTZC@v4bel-B760M-AORUS-ELITE-AX/ [2] https://lore.kernel.org/netdev/2b3062e3-bdaa-4c94-a3c0-2930595b9670@rbox.co/ Stefano Garzarella (5): vsock/virtio: discard packets if the transport changes vsock/bpf: return early if transport is not assigned vsock/virtio: cancel close work in the destructor vsock: reset socket state when de-assigning the transport vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] net/vmw_vsock/af_vsock.c | 18 +++++++++++++ net/vmw_vsock/virtio_transport_common.c | 36 ++++++++++++++++++------- net/vmw_vsock/vsock_bpf.c | 9 +++++++ 3 files changed, 53 insertions(+), 10 deletions(-) base-commit: fbfd64d25c7af3b8695201ebc85efe90be28c5a3 -- 2.47.1
Powered by blists - more mailing lists