lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250709-mctp-bind-v3-0-eac98bbf5e95@codeconstruct.com.au>
Date: Wed, 09 Jul 2025 16:31:01 +0800
From: Matt Johnston <matt@...econstruct.com.au>
To: Jeremy Kerr <jk@...econstruct.com.au>, 
 "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, 
 Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, 
 Simon Horman <horms@...nel.org>
Cc: netdev@...r.kernel.org, Matt Johnston <matt@...econstruct.com.au>
Subject: [PATCH net-next v3 0/8] net: mctp: Improved bind handling

This series improves a couple of aspects of MCTP bind() handling.

MCTP wasn't checking whether the same MCTP type was bound by multiple
sockets. That would result in messages being received by an arbitrary
socket, which isn't useful behaviour. Instead it makes more sense to
have the duplicate binds fail, the same as other network protocols.
An exception is made for more-specific binds to particular MCTP
addresses.

It is also useful to be able to limit a bind to only receive incoming
request messages (MCTP TO bit set) from a specific peer+type, so that
individual processes can communicate with separate MCTP peers. One
example is a PLDM firmware update requester, which will initiate
communication with a device, and then the device will connect back to the
requester process. 

These limited binds are implemented by a connect() call on the socket
prior to bind. connect() isn't used in the general case for MCTP, since
a plain send() wouldn't provide the required MCTP tag argument for
addressing.

Signed-off-by: Matt Johnston <matt@...econstruct.com.au>
---
Changes in v3:
- Rebased to net-next
- kunit tests have been updated for MCTP gateway routing changes
- Bind conflict tests are now in the new mctp/tests/sock-test.c
- Added patch for mctp_test_route_extaddr_input kunit socket cleanup
  (fixes MCTP gateway routing change in net-next, required by tests in
  this series)
- Link to v2: https://lore.kernel.org/r/20250707-mctp-bind-v2-0-fbaed8c1fb4d@codeconstruct.com.au

Changes in v2:
- Use DECLARE_HASHTABLE
- Remove unused kunit test case
- Avoid kunit test snprintf truncation warning
- Fix lines >80 characters
- Link to v1: https://lore.kernel.org/r/20250703-mctp-bind-v1-0-bb7e97c24613@codeconstruct.com.au

---
Matt Johnston (8):
      net: mctp: mctp_test_route_extaddr_input cleanup
      net: mctp: Prevent duplicate binds
      net: mctp: Treat MCTP_NET_ANY specially in bind()
      net: mctp: Add test for conflicting bind()s
      net: mctp: Use hashtable for binds
      net: mctp: Allow limiting binds to a peer address
      net: mctp: Test conflicts of connect() with bind()
      net: mctp: Add bind lookup test

 include/net/mctp.h         |   5 +-
 include/net/netns/mctp.h   |  20 ++++-
 net/mctp/af_mctp.c         | 146 +++++++++++++++++++++++++++++++---
 net/mctp/route.c           |  85 ++++++++++++++++----
 net/mctp/test/route-test.c | 194 ++++++++++++++++++++++++++++++++++++++++++++-
 net/mctp/test/sock-test.c  | 167 ++++++++++++++++++++++++++++++++++++++
 net/mctp/test/utils.c      |  36 +++++++++
 net/mctp/test/utils.h      |  17 ++++
 8 files changed, 635 insertions(+), 35 deletions(-)
---
base-commit: ea988b450690448d5b12ce743a598ade7a8c34b1
change-id: 20250321-mctp-bind-e77968f180fd

Best regards,
-- 
Matt Johnston <matt@...econstruct.com.au>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ