| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87y0nuhsbc.fsf@mailhost.krisman.be>
Date: Tue, 25 Nov 2025 13:37:27 -0500
From: Gabriel Krisman Bertazi <krisman@...e.de>
To: Stefan Metzmacher <metze@...ba.org>
Cc: Jens Axboe <axboe@...nel.dk>, netdev@...r.kernel.org,
io-uring@...r.kernel.org, Jakub Kicinski <kuba@...nel.org>, "David S.
Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
Kuniyuki Iwashima <kuniyu@...gle.com>, Paolo Abeni <pabeni@...hat.com>,
Willem de Bruijn <willemb@...gle.com>, Simon Horman <horms@...nel.org>
Subject: Re: [PATCH v3 3/3] io_uring: Introduce getsockname io_uring cmd
Stefan Metzmacher <metze@...ba.org> writes:
> Hi Gabriel,
>
>> +static int io_uring_cmd_getsockname(struct socket *sock,
>> + struct io_uring_cmd *cmd,
>> + unsigned int issue_flags)
>> +{
>> + const struct io_uring_sqe *sqe = cmd->sqe;
>> + struct sockaddr __user *uaddr;
>> + unsigned int peer;
>> + int __user *ulen;
>> +
>> + if (sqe->ioprio || sqe->__pad1 || sqe->len || sqe->rw_flags)
>> + return -EINVAL;
>> +
>> + uaddr = u64_to_user_ptr(READ_ONCE(sqe->addr));
>> + ulen = u64_to_user_ptr(sqe->addr3);
>> + peer = READ_ONCE(sqe->optlen);
>> + if (peer > 1)
>> + return -EINVAL;
>> + return do_getsockname(sock, 0, uaddr, ulen);
>
> I guess this should actually pass down 'peer' instead of '0'?
Thanks for the catch. I guess two wrongs *do* make a right somethings.
The getpeername test was peeking at the wrong socket, effectively
testing the local port against itself, and it thus succeeded. Updated
the test and will send a v4.
--
Gabriel Krisman Bertazi
Powered by blists - more mailing lists