lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Jul 2016 12:03:32 -0700 From: Tom Herbert <tom@...bertland.com> To: <davem@...emloft.net>, <netdev@...r.kernel.org> CC: <kernel-team@...com> Subject: [RFC PATCH 0/2] strp: Stream parser for messages This patch set introduces a utility for parsing application layer protocol messages in a TCP stream. This is a generalization of the mechanism implemented of Kernel Connection Multiplexor. This patch set adapts KCM to use the strparser. We expect that kTLS can use this mechanism also. RDS would probably be another candidate to use a commone stream parsing mechanism. The API includes a context structure, a set of callbacks, utility functions, and a data ready function. The callbacks include a parse_msg function that is called to perform parsing (e.g. BPF parsing in case of KCM), and a rcv_msg funciton that is called when a full message has been completed. For strparser we specify the return codes from the parser to allow the backend to indicate that control of the socket should be transferred back to userspace to handle some exceptions in the stream: The return values are: >0 : indicates length of successfully parsed message 0 : indicates more data must be received to parse the message -ESTRPIPE : current message should not be processed by the kernel, return control of the socket to userspace which can proceed to read the messages itself other < 0 : Error is parsing, give control back to userspace assuming that synchronzation is lost and the stream is unrecoverable (application expected to close TCP socket) There is one issue I haven't been able to fully resolve. If the parse_msg return ESTRPIPE (wants control back to userspace) the parser may have already ready some bytes of the message. There is no way to put bytes back into the TCP receive queue and tcp_read_sock does not allow an easy way to peek messages. In lieu of a better solution, we return ENODATA on the socket to indicate that the data stream is unrecoverable (application needs to close socket). This condition should only happen if an application layer message header is split across two skbuffs and parsing just the first skbuff wasn't sufficient to determine the that transfer to userspace is needed. TBD: Need to document API. Tom Herbert (2): strparser: Stream parser for messages kcm: Use stream parser include/net/kcm.h | 36 +--- include/net/strparser.h | 146 ++++++++++++++ net/Kconfig | 1 + net/Makefile | 1 + net/kcm/Kconfig | 1 + net/kcm/kcmproc.c | 41 ++-- net/kcm/kcmsock.c | 435 ++++++------------------------------------ net/strparser/Kconfig | 4 + net/strparser/Makefile | 1 + net/strparser/strparser.c | 472 ++++++++++++++++++++++++++++++++++++++++++++++ 10 files changed, 711 insertions(+), 427 deletions(-) create mode 100644 include/net/strparser.h create mode 100644 net/strparser/Kconfig create mode 100644 net/strparser/Makefile create mode 100644 net/strparser/strparser.c -- 2.8.0.rc2
Powered by blists - more mailing lists