LVS
lvs-devel
Google
 
Web LinuxVirtualServer.org

RE: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t

To: 'Christoph Hellwig' <hch@xxxxxx>, "Jason A. Donenfeld" <Jason@xxxxxxxxx>
Subject: RE: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t
Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>, Jakub Kicinski <kuba@xxxxxxxxxx>, Alexei Starovoitov <ast@xxxxxxxxxx>, Daniel Borkmann <daniel@xxxxxxxxxxxxx>, Alexey Kuznetsov <kuznet@xxxxxxxxxxxxx>, Hideaki YOSHIFUJI <yoshfuji@xxxxxxxxxxxxxx>, Eric Dumazet <edumazet@xxxxxxxxxx>, "Linux Crypto Mailing List" <linux-crypto@xxxxxxxxxxxxxxx>, LKML <linux-kernel@xxxxxxxxxxxxxxx>, Netdev <netdev@xxxxxxxxxxxxxxx>, "bpf@xxxxxxxxxxxxxxx" <bpf@xxxxxxxxxxxxxxx>, "netfilter-devel@xxxxxxxxxxxxxxx" <netfilter-devel@xxxxxxxxxxxxxxx>, "coreteam@xxxxxxxxxxxxx" <coreteam@xxxxxxxxxxxxx>, "linux-sctp@xxxxxxxxxxxxxxx" <linux-sctp@xxxxxxxxxxxxxxx>, "linux-hams@xxxxxxxxxxxxxxx" <linux-hams@xxxxxxxxxxxxxxx>, "linux-bluetooth@xxxxxxxxxxxxxxx" <linux-bluetooth@xxxxxxxxxxxxxxx>, "bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx" <bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx>, "linux-can@xxxxxxxxxxxxxxx" <linux-can@xxxxxxxxxxxxxxx>, "dccp@xxxxxxxxxxxxxxx" <dccp@xxxxxxxxxxxxxxx>, "linux-decnet-user@xxxxxxxxxxxxxxxxxxxxx" <linux-decnet-user@xxxxxxxxxxxxxxxxxxxxx>, "linux-wpan@xxxxxxxxxxxxxxx" <linux-wpan@xxxxxxxxxxxxxxx>, "linux-s390@xxxxxxxxxxxxxxx" <linux-s390@xxxxxxxxxxxxxxx>, "mptcp@xxxxxxxxxxxx" <mptcp@xxxxxxxxxxxx>, "lvs-devel@xxxxxxxxxxxxxxx" <lvs-devel@xxxxxxxxxxxxxxx>, "rds-devel@xxxxxxxxxxxxxx" <rds-devel@xxxxxxxxxxxxxx>, "linux-afs@xxxxxxxxxxxxxxxxxxx" <linux-afs@xxxxxxxxxxxxxxxxxxx>, "tipc-discussion@xxxxxxxxxxxxxxxxxxxxx" <tipc-discussion@xxxxxxxxxxxxxxxxxxxxx>, "linux-x25@xxxxxxxxxxxxxxx" <linux-x25@xxxxxxxxxxxxxxx>, Kernel Hardening <kernel-hardening@xxxxxxxxxxxxxxxxxx>
From: David Laight <David.Laight@xxxxxxxxxx>
Date: Tue, 28 Jul 2020 08:07:11 +0000
From: Christoph Hellwig
> Sent: 27 July 2020 17:24
> 
> On Mon, Jul 27, 2020 at 06:16:32PM +0200, Jason A. Donenfeld wrote:
> > Maybe sockptr_advance should have some safety checks and sometimes
> > return -EFAULT? Or you should always use the implementation where
> > being a kernel address is an explicit bit of sockptr_t, rather than
> > being implicit?
> 
> I already have a patch to use access_ok to check the whole range in
> init_user_sockptr.

That doesn't make (much) difference to the code paths that ignore
the user-supplied length.
OTOH doing the user/kernel check on the base address (not an
incremented one) means that the correct copy function is always
selected.

Perhaps the functions should all be passed a 'const sockptr_t'.
The typedef could be made 'const' - requiring non-const items
explicitly use the union/struct itself.

        David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, 
UK
Registration No: 1397386 (Wales)


<Prev in Thread] Current Thread [Next in Thread>