| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <878s2rso6i.fsf@cloudflare.com>
Date: Wed, 30 Jun 2021 11:21:25 +0200
From: Jakub Sitnicki <jakub@...udflare.com>
To: Cong Wang <xiyou.wangcong@...il.com>
Cc: netdev@...r.kernel.org, bpf@...r.kernel.org,
Cong Wang <cong.wang@...edance.com>,
Jiang Wang <jiang.wang@...edance.com>,
Daniel Borkmann <daniel@...earbox.net>,
John Fastabend <john.fastabend@...il.com>,
Lorenz Bauer <lmb@...udflare.com>
Subject: Re: [Patch bpf] skmsg: check sk_rcvbuf limit before queuing to
ingress_skb
On Tue, Jun 29, 2021 at 08:20 AM CEST, Cong Wang wrote:
[...]
> @@ -854,7 +854,8 @@ static int sk_psock_skb_redirect(struct sk_psock *from, struct sk_buff *skb)
> return -EIO;
> }
> spin_lock_bh(&psock_other->ingress_lock);
> - if (!sk_psock_test_state(psock_other, SK_PSOCK_TX_ENABLED)) {
> + if (!sk_psock_test_state(psock_other, SK_PSOCK_TX_ENABLED) ||
> + atomic_read(&sk_other->sk_rmem_alloc) > sk_other->sk_rcvbuf) {
> spin_unlock_bh(&psock_other->ingress_lock);
> skb_bpf_redirect_clear(skb);
> sock_drop(from->sk, skb);
> @@ -930,7 +931,8 @@ static int sk_psock_verdict_apply(struct sk_psock *psock, struct sk_buff *skb,
> }
> if (err < 0) {
> spin_lock_bh(&psock->ingress_lock);
> - if (sk_psock_test_state(psock, SK_PSOCK_TX_ENABLED)) {
> + if (sk_psock_test_state(psock, SK_PSOCK_TX_ENABLED) &&
> + atomic_read(&sk_other->sk_rmem_alloc) <= sk_other->sk_rcvbuf) {
> skb_queue_tail(&psock->ingress_skb, skb);
> schedule_work(&psock->work);
> err = 0;
I belive access to sk_rcvbuf should be annotated with READ_ONCE (for
KCSAN's sake) as we don't lock the egress socket. See 8265792bf887 [1]
("net: silence KCSAN warnings around sk_add_backlog() calls") for
guidance.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8265792bf8871acc2d00fd03883d830e2249d395
Powered by blists - more mailing lists