| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170412163736.GB22692@redhat.com>
Date: Wed, 12 Apr 2017 19:37:36 +0300
From: "Michael S. Tsirkin" <mst@...hat.com>
To: Stefan Hajnoczi <stefanha@...hat.com>
Cc: netdev@...r.kernel.org, Zhu Yanjun <zyjzyj2000@...il.com>,
Gerard Garcia <ggarcia@...a.uab.cat>,
Jorgen Hansen <jhansen@...are.com>
Subject: Re: [PATCH v3 1/3] VSOCK: Add vsockmon tap functions
On Wed, Apr 12, 2017 at 05:08:23PM +0100, Stefan Hajnoczi wrote:
> From: Gerard Garcia <ggarcia@...c.uab.cat>
>
> Add tap functions that can be used by the vsock transports to
> deliver packets to vsockmon virtual network devices.
>
> Signed-off-by: Gerard Garcia <ggarcia@...c.uab.cat>
> Signed-off-by: Stefan Hajnoczi <stefanha@...hat.com>
> ---
> v3:
> * Include missing <linux/module.h> header in af_vsock_tap.c
> ---
> net/vmw_vsock/Makefile | 2 +-
> include/net/af_vsock.h | 13 +++++
> include/uapi/linux/if_arp.h | 1 +
> net/vmw_vsock/af_vsock_tap.c | 114 +++++++++++++++++++++++++++++++++++++++++++
> 4 files changed, 129 insertions(+), 1 deletion(-)
> create mode 100644 net/vmw_vsock/af_vsock_tap.c
>
> diff --git a/net/vmw_vsock/Makefile b/net/vmw_vsock/Makefile
> index bc27c70..09fc2eb 100644
> --- a/net/vmw_vsock/Makefile
> +++ b/net/vmw_vsock/Makefile
> @@ -3,7 +3,7 @@ obj-$(CONFIG_VMWARE_VMCI_VSOCKETS) += vmw_vsock_vmci_transport.o
> obj-$(CONFIG_VIRTIO_VSOCKETS) += vmw_vsock_virtio_transport.o
> obj-$(CONFIG_VIRTIO_VSOCKETS_COMMON) += vmw_vsock_virtio_transport_common.o
>
> -vsock-y += af_vsock.o vsock_addr.o
> +vsock-y += af_vsock.o af_vsock_tap.o vsock_addr.o
>
> vmw_vsock_vmci_transport-y += vmci_transport.o vmci_transport_notify.o \
> vmci_transport_notify_qstate.o
> diff --git a/include/net/af_vsock.h b/include/net/af_vsock.h
> index f32ed9a..c526d4f 100644
> --- a/include/net/af_vsock.h
> +++ b/include/net/af_vsock.h
> @@ -188,4 +188,17 @@ struct sock *vsock_find_connected_socket(struct sockaddr_vm *src,
> void vsock_remove_sock(struct vsock_sock *vsk);
> void vsock_for_each_connected_socket(void (*fn)(struct sock *sk));
>
> +/**** TAP ****/
> +
> +struct vsock_tap {
> + struct net_device *dev;
> + struct module *module;
> + struct list_head list;
> +};
> +
> +int vsock_init_tap(void);
> +int vsock_add_tap(struct vsock_tap *vt);
> +int vsock_remove_tap(struct vsock_tap *vt);
> +void vsock_deliver_tap(struct sk_buff *skb);
> +
> #endif /* __AF_VSOCK_H__ */
> diff --git a/include/uapi/linux/if_arp.h b/include/uapi/linux/if_arp.h
> index 4d024d7..cf73510 100644
> --- a/include/uapi/linux/if_arp.h
> +++ b/include/uapi/linux/if_arp.h
> @@ -95,6 +95,7 @@
> #define ARPHRD_IP6GRE 823 /* GRE over IPv6 */
> #define ARPHRD_NETLINK 824 /* Netlink header */
> #define ARPHRD_6LOWPAN 825 /* IPv6 over LoWPAN */
> +#define ARPHRD_VSOCKMON 826 /* Vsock monitor header */
>
> #define ARPHRD_VOID 0xFFFF /* Void type, nothing is known */
> #define ARPHRD_NONE 0xFFFE /* zero header length */
> diff --git a/net/vmw_vsock/af_vsock_tap.c b/net/vmw_vsock/af_vsock_tap.c
> new file mode 100644
> index 0000000..db3188e
> --- /dev/null
> +++ b/net/vmw_vsock/af_vsock_tap.c
> @@ -0,0 +1,114 @@
> +/*
> + * Tap functions for AF_VSOCK sockets.
> + *
> + * Code based on net/netlink/af_netlink.c tap functions.
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * as published by the Free Software Foundation; either version
> + * 2 of the License, or (at your option) any later version.
> + */
> +
> +#include <linux/module.h>
> +#include <net/sock.h>
> +#include <net/af_vsock.h>
> +#include <linux/if_arp.h>
> +
> +static DEFINE_SPINLOCK(vsock_tap_lock);
> +static struct list_head vsock_tap_all __read_mostly =
> + LIST_HEAD_INIT(vsock_tap_all);
> +
> +int vsock_add_tap(struct vsock_tap *vt) {
> + if (unlikely(vt->dev->type != ARPHRD_VSOCKMON))
> + return -EINVAL;
> +
> + __module_get(vt->module);
> +
> + spin_lock(&vsock_tap_lock);
> + list_add_rcu(&vt->list, &vsock_tap_all);
> + spin_unlock(&vsock_tap_lock);
> +
> +
> + return 0;
> +}
> +EXPORT_SYMBOL_GPL(vsock_add_tap);
> +
> +int __vsock_remove_tap(struct vsock_tap *vt) {
> + bool found = false;
> + struct vsock_tap *tmp;
> +
> + spin_lock(&vsock_tap_lock);
> +
> + list_for_each_entry(tmp, &vsock_tap_all, list) {
> + if (vt == tmp) {
> + list_del_rcu(&vt->list);
> + found = true;
> + goto out;
> + }
> + }
> +
> + pr_warn("__vsock_remove_tap: %p not found\n", vt);
> +out:
> + spin_unlock(&vsock_tap_lock);
> +
> + if (found)
> + module_put(vt->module);
This is called before synchronize_net so there might
still be users for this tap.
> +
> + return found ? 0 : -ENODEV;
> +}
> +
> +int vsock_remove_tap(struct vsock_tap *vt)
> +{
> + int ret;
> +
> + ret = __vsock_remove_tap(vt);
> + synchronize_net();
> +
> + return ret;
> +}
> +EXPORT_SYMBOL_GPL(vsock_remove_tap);
> +
> +static int __vsock_deliver_tap_skb(struct sk_buff *skb,
> + struct net_device *dev)
> +{
> + int ret = 0;
> + struct sk_buff *nskb = skb_clone(skb, GFP_ATOMIC);
> +
> + if (nskb) {
> + dev_hold(dev);
> +
> + nskb->dev = dev;
> + ret = dev_queue_xmit(nskb);
> + if (unlikely(ret > 0))
> + ret = net_xmit_errno(ret);
> +
> + dev_put(dev);
> + }
> +
> + return ret;
> +}
> +
> +static void __vsock_deliver_tap(struct sk_buff *skb)
> +{
> + int ret;
> + struct vsock_tap *tmp;
> +
> + list_for_each_entry_rcu(tmp, &vsock_tap_all, list) {
> + ret = __vsock_deliver_tap_skb(skb, tmp->dev);
> + if (unlikely(ret))
> + break;
> + }
> +
> + consume_skb(skb);
> +}
> +
> +void vsock_deliver_tap(struct sk_buff *skb)
> +{
> + rcu_read_lock();
> +
> + if (unlikely(!list_empty(&vsock_tap_all)))
> + __vsock_deliver_tap(skb);
> +
> + rcu_read_unlock();
> +}
> +EXPORT_SYMBOL_GPL(vsock_deliver_tap);
> --
> 2.9.3
Powered by blists - more mailing lists