diff mbox series

[bpf-next] unix_bpf: check socket type in unix_bpf_update_proto()

Message ID 20210731195038.8084-1-xiyou.wangcong@gmail.com
State New
Headers show
Series [bpf-next] unix_bpf: check socket type in unix_bpf_update_proto() | expand

Commit Message

Cong Wang July 31, 2021, 7:50 p.m. UTC 
From: Cong Wang <cong.wang@bytedance.com>

As of now, only AF_UNIX datagram socket supports sockmap.
But unix_proto is shared for all kinds of AF_UNIX sockets,
so we have to check the socket type in
unix_bpf_update_proto() to explicitly reject other types,
otherwise they could be added into sockmap too.

Fixes: c63829182c37 ("af_unix: Implement ->psock_update_sk_prot()")
Reported-by: Jakub Sitnicki <jakub@cloudflare.com>
Cc: John Fastabend <john.fastabend@gmail.com>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Lorenz Bauer <lmb@cloudflare.com>
Signed-off-by: Cong Wang <cong.wang@bytedance.com>
---
 net/unix/unix_bpf.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Jakub Sitnicki Aug. 2, 2021, 9 a.m. UTC | #1 
On Sat, Jul 31, 2021 at 09:50 PM CEST, Cong Wang wrote:
> From: Cong Wang <cong.wang@bytedance.com>

>

> As of now, only AF_UNIX datagram socket supports sockmap.

> But unix_proto is shared for all kinds of AF_UNIX sockets,

> so we have to check the socket type in

> unix_bpf_update_proto() to explicitly reject other types,

> otherwise they could be added into sockmap too.

>

> Fixes: c63829182c37 ("af_unix: Implement ->psock_update_sk_prot()")

> Reported-by: Jakub Sitnicki <jakub@cloudflare.com>

> Cc: John Fastabend <john.fastabend@gmail.com>

> Cc: Daniel Borkmann <daniel@iogearbox.net>

> Cc: Lorenz Bauer <lmb@cloudflare.com>

> Signed-off-by: Cong Wang <cong.wang@bytedance.com>

> ---

>  net/unix/unix_bpf.c | 3 +++

>  1 file changed, 3 insertions(+)

>

> diff --git a/net/unix/unix_bpf.c b/net/unix/unix_bpf.c

> index 177e883f451e..20f53575b5c9 100644

> --- a/net/unix/unix_bpf.c

> +++ b/net/unix/unix_bpf.c

> @@ -105,6 +105,9 @@ static void unix_bpf_check_needs_rebuild(struct proto *ops)

>  

>  int unix_bpf_update_proto(struct sock *sk, struct sk_psock *psock, bool restore)

>  {

> +	if (sk->sk_type != SOCK_DGRAM)

> +		return -EOPNOTSUPP;

> +

>  	if (restore) {

>  		sk->sk_write_space = psock->saved_write_space;

>  		WRITE_ONCE(sk->sk_prot, psock->sk_proto);


Acked-by: Jakub Sitnicki <jakub@cloudflare.com>
patchwork-bot+netdevbpf@kernel.org Aug. 3, 2021, 11 a.m. UTC | #2 
Hello:

This patch was applied to bpf/bpf-next.git (refs/heads/master):

On Sat, 31 Jul 2021 12:50:38 -0700 you wrote:
> From: Cong Wang <cong.wang@bytedance.com>

> 

> As of now, only AF_UNIX datagram socket supports sockmap.

> But unix_proto is shared for all kinds of AF_UNIX sockets,

> so we have to check the socket type in

> unix_bpf_update_proto() to explicitly reject other types,

> otherwise they could be added into sockmap too.

> 

> [...]


Here is the summary with links:
  - [bpf-next] unix_bpf: check socket type in unix_bpf_update_proto()
    https://git.kernel.org/bpf/bpf-next/c/83f31535565c

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
diff mbox series

Patch

diff --git a/net/unix/unix_bpf.c b/net/unix/unix_bpf.c
index 177e883f451e..20f53575b5c9 100644
--- a/net/unix/unix_bpf.c
+++ b/net/unix/unix_bpf.c
@@ -105,6 +105,9 @@  static void unix_bpf_check_needs_rebuild(struct proto *ops)
 
 int unix_bpf_update_proto(struct sock *sk, struct sk_psock *psock, bool restore)
 {
+	if (sk->sk_type != SOCK_DGRAM)
+		return -EOPNOTSUPP;
+
 	if (restore) {
 		sk->sk_write_space = psock->saved_write_space;
 		WRITE_ONCE(sk->sk_prot, psock->sk_proto);