lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Mar 2022 15:08:35 +0800 From: wangyufen <wangyufen@...wei.com> To: Cong Wang <xiyou.wangcong@...il.com> CC: <john.fastabend@...il.com>, <daniel@...earbox.net>, <jakub@...udflare.com>, <lmb@...udflare.com>, <davem@...emloft.net>, <edumazet@...gle.com>, <yoshfuji@...ux-ipv6.org>, <dsahern@...nel.org>, <kuba@...nel.org>, <ast@...nel.org>, <andrii@...nel.org>, <kafai@...com>, <songliubraving@...com>, <yhs@...com>, <kpsingh@...nel.org>, <netdev@...r.kernel.org>, <bpf@...r.kernel.org> Subject: Re: [PATCH bpf-next v2 3/4] bpf, sockmap: Fix more uncharged while msg has more_data 在 2022/3/3 14:14, Cong Wang 写道: > On Wed, Mar 02, 2022 at 10:27:54AM +0800, Wang Yufen wrote: >> In tcp_bpf_send_verdict(), if msg has more data after >> tcp_bpf_sendmsg_redir(): >> >> tcp_bpf_send_verdict() >> tosend = msg->sg.size //msg->sg.size = 22220 >> case __SK_REDIRECT: >> sk_msg_return() //uncharged msg->sg.size(22220) sk->sk_forward_alloc >> tcp_bpf_sendmsg_redir() //after tcp_bpf_sendmsg_redir, msg->sg.size=11000 >> goto more_data; >> tosend = msg->sg.size //msg->sg.size = 11000 >> case __SK_REDIRECT: >> sk_msg_return() //uncharged msg->sg.size(11000) to sk->sk_forward_alloc >> >> The msg->sg.size(11000) has been uncharged twice, to fix we can charge the >> remaining msg->sg.size before goto more data. > It looks like bpf_exec_tx_verdict() has the same issue. > > . In bpf_exec_tx_verdict(), case __SK_REDIRECT, msg_redir is used and msg->sg.size is deducted in advance. Therefore, this issue (more uncharged) does not exist. However, I think that if msg_redir processing cannot be completed , that is msg_redir has more data, and there is no subsequent processing, maybe that is another problem. Thanks.
Powered by blists - more mailing lists