lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 22 Aug 2023 11:39:16 +0200
From: Stefano Garzarella <sgarzare@...hat.com>
To: Arseniy Krasnov <avkrasnov@...rdevices.ru>
Cc: Arseniy Krasnov <oxffffaa@...il.com>, 
	Stefan Hajnoczi <stefanha@...hat.com>, "David S. Miller" <davem@...emloft.net>, 
	Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, 
	Paolo Abeni <pabeni@...hat.com>, "Michael S. Tsirkin" <mst@...hat.com>, 
	Jason Wang <jasowang@...hat.com>, Bobby Eshleman <bobby.eshleman@...edance.com>, 
	kvm@...r.kernel.org, virtualization@...ts.linux-foundation.org, 
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org, kernel@...rdevices.ru
Subject: Re: [RFC PATCH v1 1/2] vsock: send SIGPIPE on write to shutdowned
 socket

On Mon, Aug 14, 2023 at 10:46:05PM +0300, Arseniy Krasnov wrote:
>
>
>On 04.08.2023 17:28, Stefano Garzarella wrote:
>> On Fri, Aug 04, 2023 at 03:46:47PM +0300, Arseniy Krasnov wrote:
>>> Hi Stefano,
>>>
>>> On 02.08.2023 10:46, Stefano Garzarella wrote:
>>>> On Tue, Aug 01, 2023 at 05:17:26PM +0300, Arseniy Krasnov wrote:
>>>>> POSIX requires to send SIGPIPE on write to SOCK_STREAM socket which was
>>>>> shutdowned with SHUT_WR flag or its peer was shutdowned with SHUT_RD
>>>>> flag. Also we must not send SIGPIPE if MSG_NOSIGNAL flag is set.
>>>>>
>>>>> Signed-off-by: Arseniy Krasnov <AVKrasnov@...rdevices.ru>
>>>>> ---
>>>>> net/vmw_vsock/af_vsock.c | 3 +++
>>>>> 1 file changed, 3 insertions(+)
>>>>>
>>>>> diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c
>>>>> index 020cf17ab7e4..013b65241b65 100644
>>>>> --- a/net/vmw_vsock/af_vsock.c
>>>>> +++ b/net/vmw_vsock/af_vsock.c
>>>>> @@ -1921,6 +1921,9 @@ static int vsock_connectible_sendmsg(struct socket *sock, struct msghdr *msg,
>>>>>             err = total_written;
>>>>>     }
>>>>> out:
>>>>> +    if (sk->sk_type == SOCK_STREAM)
>>>>> +        err = sk_stream_error(sk, msg->msg_flags, err);
>>>>
>>>> Do you know why we don't need this for SOCK_SEQPACKET and SOCK_DGRAM?
>>>
>>> Yes, here is my explanation:
>>>
>>> This function checks that input error is SIGPIPE, and if so it sends SIGPIPE to the 'current' thread
>>> (except case when MSG_NOSIGNAL flag is set). This behaviour is described in POSIX:
>>>
>>> Page 367 (description of defines from sys/socket.h):
>>> MSG_NOSIGNAL: No SIGPIPE generated when an attempt to send is made on a stream-
>>> oriented socket that is no longer connected.
>>>
>>> Page 497 (description of SOCK_STREAM):
>>> A SIGPIPE signal is raised if a thread sends on a broken stream (one that is
>>> no longer connected).
>>
>> Okay, but I think we should do also for SEQPACKET:
>>
>> https://pubs.opengroup.org/onlinepubs/009696699/functions/xsh_chap02_10.html
>>
>> In 2.10.6 Socket Types:
>>
>> "The SOCK_SEQPACKET socket type is similar to the SOCK_STREAM type, and
>> is also connection-oriented. The only difference between these types is
>> that record boundaries ..."
>>
>> Then in  2.10.14 Signals:
>>
>> "The SIGPIPE signal shall be sent to a thread that attempts to send data
>> on a socket that is no longer able to send. In addition, the send
>> operation fails with the error [EPIPE]."
>>
>> It's honestly not super clear, but I assume the problem is similar with
>> seqpacket since it's connection-oriented, or did I miss something?
>>
>> For example in sctp_sendmsg() IIUC we raise a SIGPIPE regardless of
>> whether the socket is STREAM or SEQPACKET.
>
>Update about sending SIGPIPE for SOCK_SEQPACKET, I checked POSIX doc and kernel sources more deeply:
>
>
>1)
>
>I checked four types of sockets, which sends SIGPIPE for SOCK_SEQPACKET or not ('YES' if
>this socket sends SIGPIPE in SOCK_SEQPACKET case):
>
>net/kcm/: YES
>net/unix/: NO
>net/sctp/: YES
>net/caif/: NO
>
>Looking for this, I think it is impossible to get the right answer, as there is some
>mess - everyone implements it as wish.

Eheh, I had the same impression!

>
>2)
>
>I opened POSIX spec again, and here are details about returning EPIPE from pages
>for 'send()', 'sendto()', 'sendmsg()':
>
>[EPIPE] The socket is shut down for writing, or the socket is connection-mode and is
>no longer connected. In the latter case, and if the socket is of type
>SOCK_STREAM, the SIGPIPE signal is generated to the calling thread
>
>So my opinion is that we need to send SIGPIPE only for SOCK_STREAM. Another question
>is how to interpret this from above (but again - SIGPIPE is related for SOCK_STREAM
>only):
>
>**" and is no longer connected"**
>
>IIUC, if we follow POSIX strictly, this check must be like:
>
>/* socket is shut down for writing or no longer connected. */
>if (sk->sk_shutdown & SEND_SHUTDOWN ||
>    vsk->peer_shutdown & RCV_SHUTDOWN ||
>    sock_flag(SOCK_DONE)) {
>	err = -EPIPE;
>	goto out;
>}
>
>...
>
>out:
>	/* Handle -EPIPE for stream socket which is no longer connected. */
>	if (sk->sk_type == SOCK_STREAM &&
>		sock_flag(SOCK_DONE))
>		err = sk_stream_error();
>
>
>
>>From the other side, we can just follow TCP/AF_UNIX implementations as both are
>popular types of socket. In this case I suggest to implement this check like
>(e.g. without sock_flag(SOCK_DONE)):
>
>
>if (sk->sk_shutdown & SEND_SHUTDOWN ||
>    vsk->peer_shutdown & RCV_SHUTDOWN) {
>	err = -EPIPE;
>	goto out;
>}
>
>...
>
>out:
>	if (sk->sk_type == SOCK_STREAM)
>		err = sk_stream_error();
>
>What do you think?

I'd follow TCP/AF_UNIX implementations, but it is up to you ;-)

Thanks,
Stefano

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ