lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1e49c65d-5fa0-4559-9251-b75537d43ef8@bytedance.com>
Date: Wed, 16 Oct 2024 16:29:08 +0800
From: Feng Zhou <zhoufeng.zf@...edance.com>
To: Martin KaFai Lau <martin.lau@...ux.dev>
Cc: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org,
 eddyz87@...il.com, song@...nel.org, yonghong.song@...ux.dev,
 john.fastabend@...il.com, kpsingh@...nel.org, sdf@...ichev.me,
 haoluo@...gle.com, jolsa@...nel.org, davem@...emloft.net,
 edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, mykolal@...com,
 shuah@...nel.org, alan.maguire@...cle.com, netdev@...r.kernel.org,
 linux-kernel@...r.kernel.org, bpf@...r.kernel.org,
 linux-kselftest@...r.kernel.org, yangzhenze@...edance.com,
 wangdongdong.6@...edance.com
Subject: Re: [External] Re: [PATCH bpf-next v3 1/2] bpf: Fix
 bpf_get/setsockopt to tos not take effect when TCP over IPv4 via INET6 API

在 2024/10/1 10:27, Martin KaFai Lau 写道:
> On 9/14/24 3:32 AM, Feng zhou wrote:
>> From: Feng Zhou <zhoufeng.zf@...edance.com>
>>
>> when TCP over IPv4 via INET6 API, bpf_get/setsockopt with ipv4 will
> 
> I think you meant bpf_get/setsockopt with SOL_IP will fail. so 
> s/ipv4/SOL_IP/?
> 
>> fail, because sk->sk_family is AF_INET6. With ipv6 will success, not
>> take effect, because inet_csk(sk)->icsk_af_ops is ipv6_mapped and
>> use ip_queue_xmit, inet_sk(sk)->tos.
> 
> Change lgtm.
> 
> Patch 2 has a conflict, so can you please reword this commit message to 
> reflect the latest change. e.g. afaik, this is no longer specific to 
> mapped address or not.
> 

Sorry for taking so long to reply.

Will do, thanks.

>>
>> Bpf_get/setsockopt use sk_is_inet() helper to fix this case.
>>
>> Signed-off-by: Feng Zhou <zhoufeng.zf@...edance.com>
>> ---
>>   net/core/filter.c | 7 ++++++-
>>   1 file changed, 6 insertions(+), 1 deletion(-)
>>
>> diff --git a/net/core/filter.c b/net/core/filter.c
>> index e4a4454df5f9..90f4dbb8d2b5 100644
>> --- a/net/core/filter.c
>> +++ b/net/core/filter.c
>> @@ -5399,7 +5399,12 @@ static int sol_ip_sockopt(struct sock *sk, int 
>> optname,
>>                 char *optval, int *optlen,
>>                 bool getopt)
>>   {
>> -    if (sk->sk_family != AF_INET)
>> +
>> +    /*
>> +     * SOL_IP socket options are available on AF_INET and AF_INET6, for
>> +     * example, TCP over IPv4 via INET6 API.
>> +     */
>> +    if (!sk_is_inet(sk))
>>           return -EINVAL;
>>       switch (optname) {
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ