| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Feb 2021 12:49:30 +0100
From: Eric Dumazet <eric.dumazet@...il.com>
To: Lorenz Bauer <lmb@...udflare.com>, daniel@...earbox.net,
ast@...nel.org, andrii@...nel.org
Cc: bpf@...r.kernel.org, netdev@...r.kernel.org,
kernel-team@...udflare.com
Subject: Re: [PATCH bpf-next v2 1/4] net: add SO_NETNS_COOKIE socket option
On 2/19/21 10:51 AM, Lorenz Bauer wrote:
> We need to distinguish which network namespace a socket belongs to.
> BPF has the useful bpf_get_netns_cookie helper for this, but accessing
> it from user space isn't possible. Add a read-only socket option that
> returns the netns cookie, similar to SO_COOKIE. If network namespaces
> are disabled, SO_NETNS_COOKIE returns the cookie of init_net.
>
> Signed-off-by: Lorenz Bauer <lmb@...udflare.com>
> ---
> diff --git a/net/core/sock.c b/net/core/sock.c
> index 0ed98f20448a..de4644aeb58d 100644
> --- a/net/core/sock.c
> +++ b/net/core/sock.c
> @@ -1614,6 +1614,17 @@ int sock_getsockopt(struct socket *sock, int level, int optname,
> v.val = sk->sk_bound_dev_if;
> break;
>
> + case SO_NETNS_COOKIE:
> + lv = sizeof(u64);
> + if (len < lv)
> + return -EINVAL;
if (len != lv)
return -EINVAL;
(There is no reason to support bigger value before at least hundred years)
> +#ifdef CONFIG_NET_NS
> + v.val64 = sock_net(sk)->net_cookie;
> +#else
> + v.val64 = init_net.net_cookie;
> +#endif
> + break;
> +
Why using this ugly #ifdef ?
The following should work just fine, even if CONFIG_NET_NS is not set.
v.val64 = sock_net(sk)->net_cookie;
> default:
> /* We implement the SO_SNDLOWAT etc to not be settable
> * (1003.1g 7).
>
Powered by blists - more mailing lists