| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250512221414.56633-1-kuniyu@amazon.com> Date: Mon, 12 May 2025 15:14:01 -0700 From: Kuniyuki Iwashima <kuniyu@...zon.com> To: <willemdebruijn.kernel@...il.com> CC: <brauner@...nel.org>, <davem@...emloft.net>, <edumazet@...gle.com>, <horms@...nel.org>, <kuba@...nel.org>, <kuni1840@...il.com>, <kuniyu@...zon.com>, <netdev@...r.kernel.org>, <pabeni@...hat.com>, <willemb@...gle.com> Subject: Re: [PATCH v2 net-next 4/9] tcp: Restrict SO_TXREHASH to TCP socket. From: Willem de Bruijn <willemdebruijn.kernel@...il.com> Date: Mon, 12 May 2025 15:18:12 -0400 > Kuniyuki Iwashima wrote: > > sk->sk_txrehash is only used for TCP. > > > > Let's restrict SO_TXREHASH to TCP to reflect this. > > > > Later, we will make sk_txrehash a part of the union for other > > protocol families, so we set 0 explicitly in getsockopt(). > > > > Signed-off-by: Kuniyuki Iwashima <kuniyu@...zon.com> > > --- > > net/core/sock.c | 9 +++++++-- > > 1 file changed, 7 insertions(+), 2 deletions(-) > > > > diff --git a/net/core/sock.c b/net/core/sock.c > > index b64df2463300..5c84a608ddd7 100644 > > --- a/net/core/sock.c > > +++ b/net/core/sock.c > > @@ -1276,6 +1276,8 @@ int sk_setsockopt(struct sock *sk, int level, int optname, > > return 0; > > } > > case SO_TXREHASH: > > + if (!sk_is_tcp(sk)) > > + return -EOPNOTSUPP; > > if (val < -1 || val > 1) > > return -EINVAL; > > if ((u8)val == SOCK_TXREHASH_DEFAULT) > > @@ -2102,8 +2104,11 @@ int sk_getsockopt(struct sock *sk, int level, int optname, > > break; > > > > case SO_TXREHASH: > > - /* Paired with WRITE_ONCE() in sk_setsockopt() */ > > - v.val = READ_ONCE(sk->sk_txrehash); > > + if (sk_is_tcp(sk)) > > + /* Paired with WRITE_ONCE() in sk_setsockopt() */ > > + v.val = READ_ONCE(sk->sk_txrehash); > > + else > > + v.val = 0; > > Here and in the following getsockopt calls: should the call fail with > EOPNOTSUPP rather than return a value that is legal where the option > is supported (in TCP). I was wondering which is better but didn't have preference, so will return -EOPNOTSUPP in v3. Thanks!
Powered by blists - more mailing lists