lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANP3RGf1mWxnkZjtxd-_wD2g+m+zV-6UeB3YPhvo2=UUWwbpYA@mail.gmail.com>
Date: Thu, 24 Oct 2024 17:44:59 +0200
From: Maciej Żenczykowski <zenczykowski@...il.com>
To: Maciej Żenczykowski <zenczykowski@...il.com>
Cc: Linux Network Development Mailing List <netdev@...r.kernel.org>, "David S . Miller" <davem@...emloft.net>, 
	Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, 
	Lorenzo Colitti <lorenzo@...gle.com>
Subject: Re: [PATCH net-next] net: define and implement new SOL_SOCKET
 SO_RX_IFINDEX option

On Thu, Oct 24, 2024 at 5:41 PM Maciej Żenczykowski <maze@...gle.com> wrote:
>
> This is currently only implemented for TCP and is not
> guaranteed to return correct information for a multitude
> of reasons (including multipath reception), but there are
> scenarios where it is useful: in particular a strong host
> model where connections are only viable via a single interface,
> for example a VPN interface.  One could for example choose
> to use this to SO_BINDTODEVICE.
>
> Test:
>   // Python 2.7.18 (default, Jul 13 2022, 18:14:36)
>   import socket
>   SO_RX_IFINDEX=82
>   s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM, 0)
>   c = socket.socket(socket.AF_INET6, socket.SOCK_STREAM, 0)
>   s.bind(('::', 8888))
>   s.listen(128)
>   c.connect(('::', 8888))
>   a = s.accept()
>   print a  # (<socket._socketobject object>, ('::1', 58144, 0, 0))
>   p=a[0]
>   p.getsockname()  # ('::1', 8888, 0, 0)
>   p.getpeername()  # ('::1', 58144, 0, 0)
>   c.getsockname()  # ('::1', 58144, 0, 0)
>   c.getpeername()  # ('::1', 8888, 0, 0)
>   p.getsockopt(socket.SOL_SOCKET, SO_RX_IFINDEX)  # 1 (lo)
>   c.getsockopt(socket.SOL_SOCKET, SO_RX_IFINDEX)  # 0 (unknown)
>   c.send(b'X')  # 1
>   p.recv(2)  # 'X'
>   p.getsockopt(socket.SOL_SOCKET, SO_RX_IFINDEX)  # 1 (lo)
>   c.getsockopt(socket.SOL_SOCKET, SO_RX_IFINDEX)  # 0 (unknown)
>   p.send(b'Z')  # 1
>   c.recv(2)  # 'Z'
>   p.getsockopt(socket.SOL_SOCKET, SO_RX_IFINDEX)  # 1 (lo)
>   c.getsockopt(socket.SOL_SOCKET, SO_RX_IFINDEX)  # 1 (lo)
>
> Which shows we should possibly fix the 3-way handshake SYN-ACK
> to set sk->sk_rx_dst_ifindex.
>
> Cc: Lorenzo Colitti <lorenzo@...gle.com>
> Cc: Eric Dumazet <edumazet@...gle.com>
> Signed-off-by: Maciej Żenczykowski <maze@...gle.com>
> ---
>  arch/alpha/include/uapi/asm/socket.h  | 2 ++
>  arch/mips/include/uapi/asm/socket.h   | 2 ++
>  arch/parisc/include/uapi/asm/socket.h | 2 ++
>  arch/sparc/include/uapi/asm/socket.h  | 2 ++
>  include/uapi/asm-generic/socket.h     | 2 ++
>  net/core/sock.c                       | 4 ++++
>  6 files changed, 14 insertions(+)
>
> diff --git a/arch/alpha/include/uapi/asm/socket.h b/arch/alpha/include/uapi/asm/socket.h
> index 302507bf9b5d..5f139b095a49 100644
> --- a/arch/alpha/include/uapi/asm/socket.h
> +++ b/arch/alpha/include/uapi/asm/socket.h
> @@ -148,6 +148,8 @@
>
>  #define SCM_TS_OPT_ID          81
>
> +#define SO_RX_IFINDEX          82
> +
>  #if !defined(__KERNEL__)
>
>  #if __BITS_PER_LONG == 64
> diff --git a/arch/mips/include/uapi/asm/socket.h b/arch/mips/include/uapi/asm/socket.h
> index d118d4731580..ff25d24b4dea 100644
> --- a/arch/mips/include/uapi/asm/socket.h
> +++ b/arch/mips/include/uapi/asm/socket.h
> @@ -159,6 +159,8 @@
>
>  #define SCM_TS_OPT_ID          81
>
> +#define SO_RX_IFINDEX          82
> +
>  #if !defined(__KERNEL__)
>
>  #if __BITS_PER_LONG == 64
> diff --git a/arch/parisc/include/uapi/asm/socket.h b/arch/parisc/include/uapi/asm/socket.h
> index d268d69bfcd2..3f89c388e356 100644
> --- a/arch/parisc/include/uapi/asm/socket.h
> +++ b/arch/parisc/include/uapi/asm/socket.h
> @@ -140,6 +140,8 @@
>
>  #define SCM_TS_OPT_ID          0x404C
>
> +#define SO_RX_IFINDEX          82
> +
>  #if !defined(__KERNEL__)
>
>  #if __BITS_PER_LONG == 64
> diff --git a/arch/sparc/include/uapi/asm/socket.h b/arch/sparc/include/uapi/asm/socket.h
> index 113cd9f353e3..f1af74f5f1ad 100644
> --- a/arch/sparc/include/uapi/asm/socket.h
> +++ b/arch/sparc/include/uapi/asm/socket.h
> @@ -141,6 +141,8 @@
>
>  #define SCM_TS_OPT_ID            0x005a
>
> +#define SO_RX_IFINDEX            0x005b
> +
>  #if !defined(__KERNEL__)
>
>
> diff --git a/include/uapi/asm-generic/socket.h b/include/uapi/asm-generic/socket.h
> index deacfd6dd197..b16c69e22606 100644
> --- a/include/uapi/asm-generic/socket.h
> +++ b/include/uapi/asm-generic/socket.h
> @@ -143,6 +143,8 @@
>
>  #define SCM_TS_OPT_ID          81
>
> +#define SO_RX_IFINDEX          82
> +
>  #if !defined(__KERNEL__)
>
>  #if __BITS_PER_LONG == 64 || (defined(__x86_64__) && defined(__ILP32__))
> diff --git a/net/core/sock.c b/net/core/sock.c
> index 7f398bd07fb7..6c985413c21f 100644
> --- a/net/core/sock.c
> +++ b/net/core/sock.c
> @@ -1932,6 +1932,10 @@ int sk_getsockopt(struct sock *sk, int level, int optname,
>                 v.val = READ_ONCE(sk->sk_mark);
>                 break;
>
> +       case SO_RX_IFINDEX:
> +               v.val = READ_ONCE(sk->sk_rx_dst_ifindex);
> +               break;
> +
>         case SO_RCVMARK:
>                 v.val = sock_flag(sk, SOCK_RCVMARK);
>                 break;
> --
> 2.47.0.105.g07ac214952-goog
>

Note: I'm not sure if I did the right thing with parisc...
It has:
#define SO_DEVMEM_LINEAR 78
#define SCM_DEVMEM_LINEAR SO_DEVMEM_LINEAR
#define SO_DEVMEM_DMABUF 79
#define SCM_DEVMEM_DMABUF SO_DEVMEM_DMABUF
#define SO_DEVMEM_DONTNEED 80
which is weird...

--
Maciej Żenczykowski, Kernel Networking Developer @ Google

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ