lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250516220920.1142578-1-ematsumiya@suse.de>
Date: Fri, 16 May 2025 19:09:18 -0300
From: Enzo Matsumiya <ematsumiya@...e.de>
To: netdev@...r.kernel.org
Cc: Enzo Matsumiya <ematsumiya@...e.de>,
	"David S. Miller" <davem@...emloft.net>,
	Eric Dumazet <edumazet@...gle.com>,
	Jakub Kicinski <kuba@...nel.org>,
	Paolo Abeni <pabeni@...hat.com>,
	Simon Horman <horms@...nel.org>,
	Kuniyuki Iwashima <kuniyu@...zon.com>,
	Willem de Bruijn <willemb@...gle.com>,
	linux-kernel@...r.kernel.org
Subject: [RFC PATCH 0/1] net: socket: centralize netns refcounting

Hi,

I came up with this patch to centralize netns refcounting on kernel sockets,
because `sk_net_refcnt = !kern' is not enough anymore.

The idea is simply to remove the responsibility of a module outside of net/
to have to deal with sockets internals (cf. sk_net_refcnt_upgrade()).

It adds an anonymous enum (just for named values) SOCK_NETNS_REFCNT_* that
can be passed to __sock_create() and sk_alloc() through the @kern arg.
(this was much easier and shorter than e.g. adding another arg)

A sock_create_netns() wrapper is added, for callers who need such refcounting
(e.g. current callers of sk_net_refcnt_upgrade()).

And then, the core change is quite simple in sk_alloc() -- sk_net_refcnt is
set only if it's a user socket, or
(@kern == SOCK_NETNS_REFCNT_KERN_ANY && @net != inet_net).

I have the patches that modifies current users of sk_net_refcnt_upgrade() to
create their sockets with sock_create_netns(), if anyone wants to test or
this gets merged.

I could confirm this works only on cifs, though, by using Kuniyuki's reproducer
in [0], which is quite reliable.  Unfortunately, I don't know enough about the
other modules and/or how to trigger this same bug on those, but I'll be happy
to test it if I can get instructions.


Cheers,

Enzo


[0] - https://lore.kernel.org/linux-cifs/20241031175709.20111-1-kuniyu@amazon.com/

Enzo Matsumiya (1):
  net: socket: hint netns refcounting through @kern arg

 include/linux/net.h | 15 +++++++++++++++
 net/core/sock.c     | 10 ++++++----
 net/socket.c        | 27 +++++++++++++++++++++++++--
 3 files changed, 46 insertions(+), 6 deletions(-)

-- 
2.48.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ