lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <76316157-7221-e1d6-4e3c-2f1efb6e6230@linux.dev>
Date: Tue, 5 Sep 2023 14:37:27 -0700
From: Martin KaFai Lau <martin.lau@...ux.dev>
To: Daan De Meyer <daan.j.demeyer@...il.com>
Cc: kernel-team@...a.com, netdev@...r.kernel.org, bpf@...r.kernel.org
Subject: Re: [PATCH bpf-next v3 3/9] bpf: Add bpf_sock_addr_set_unix_addr() to
 allow writing unix sockaddr from bpf

On 8/31/23 8:34 AM, Daan De Meyer wrote:
> As prep for adding unix socket support to the cgroup sockaddr hooks,
> let's add a kfunc bpf_sock_addr_set_unix_addr() that allows modifying a sockaddr
> from bpf. While this is already possible for AF_INET and AF_INET6, we'll
> need this kfunc when we add unix socket support since modifying the
> address for those requires modifying both the address and the sockaddr
> length.
> 
> Signed-off-by: Daan De Meyer <daan.j.demeyer@...il.com>
> ---
>   kernel/bpf/btf.c  |  1 +
>   net/core/filter.c | 32 +++++++++++++++++++++++++++++++-
>   2 files changed, 32 insertions(+), 1 deletion(-)
> 
> diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
> index 249657c466dd..15c972f27574 100644
> --- a/kernel/bpf/btf.c
> +++ b/kernel/bpf/btf.c
> @@ -7819,6 +7819,7 @@ static int bpf_prog_type_to_kfunc_hook(enum bpf_prog_type prog_type)
>   {
>   	switch (prog_type) {
>   	case BPF_PROG_TYPE_UNSPEC:
> +	case BPF_PROG_TYPE_CGROUP_SOCK_ADDR:
>   		return BTF_KFUNC_HOOK_COMMON;
>   	case BPF_PROG_TYPE_XDP:
>   		return BTF_KFUNC_HOOK_XDP;
> diff --git a/net/core/filter.c b/net/core/filter.c
> index a094694899c9..3ed6cd33b268 100644
> --- a/net/core/filter.c
> +++ b/net/core/filter.c
> @@ -11752,6 +11752,25 @@ __bpf_kfunc int bpf_dynptr_from_xdp(struct xdp_buff *xdp, u64 flags,
>   
>   	return 0;
>   }
> +
> +__bpf_kfunc int bpf_sock_addr_set_unix_addr(struct bpf_sock_addr_kern *sa_kern,
> +					    const u8 *addr, u32 addrlen__sz)
> +{
> +	struct sockaddr *sa = sa_kern->uaddr;
> +	struct sockaddr_un *un;
> +
> +	if (sa_kern->sk->sk_family != AF_UNIX)
> +		return -EINVAL;
> +
> +	if (addrlen__sz > UNIX_PATH_MAX)

Is it valid to have addrlen__sz == 0 for AF_UNIX?

> +		return -EINVAL;
> +
> +	un = (struct sockaddr_un *)sa;
> +	memcpy(un->sun_path, addr, addrlen__sz);
> +	sa_kern->uaddrlen = offsetof(struct sockaddr_un, sun_path) + addrlen__sz;
> +
> +	return 0;
> +}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ