* [Patch bpf] udp: validate checksum in udp_read_sock()
@ 2021-10-08 20:46 Cong Wang
2021-10-12 5:06 ` John Fastabend
0 siblings, 1 reply; 4+ messages in thread
From: Cong Wang @ 2021-10-08 20:46 UTC (permalink / raw)
To: netdev
Cc: bpf, Cong Wang, Daniel Borkmann, John Fastabend, Lorenz Bauer,
Jakub Sitnicki
From: Cong Wang <cong.wang@bytedance.com>
It turns out the skb's in sock receive queue could have
bad checksums, as both ->poll() and ->recvmsg() validate
checksums. We have to do the same for ->read_sock() path
too before they are redirected in sockmap.
Fixes: d7f571188ecf ("udp: Implement ->read_sock() for sockmap")
Reported-by: Daniel Borkmann <daniel@iogearbox.net>
Reported-by: John Fastabend <john.fastabend@gmail.com>
Cc: Lorenz Bauer <lmb@cloudflare.com>
Cc: Jakub Sitnicki <jakub@cloudflare.com>
Signed-off-by: Cong Wang <cong.wang@bytedance.com>
---
net/ipv4/udp.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index 8536b2a7210b..0ae8ab5e05b4 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -1808,6 +1808,17 @@ int udp_read_sock(struct sock *sk, read_descriptor_t *desc,
skb = skb_recv_udp(sk, 0, 1, &err);
if (!skb)
return err;
+
+ if (udp_lib_checksum_complete(skb)) {
+ __UDP_INC_STATS(sock_net(sk), UDP_MIB_CSUMERRORS,
+ IS_UDPLITE(sk));
+ __UDP_INC_STATS(sock_net(sk), UDP_MIB_INERRORS,
+ IS_UDPLITE(sk));
+ atomic_inc(&sk->sk_drops);
+ kfree_skb(skb);
+ continue;
+ }
+
used = recv_actor(desc, skb, 0, skb->len);
if (used <= 0) {
if (!copied)
--
2.30.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* RE: [Patch bpf] udp: validate checksum in udp_read_sock()
2021-10-08 20:46 [Patch bpf] udp: validate checksum in udp_read_sock() Cong Wang
@ 2021-10-12 5:06 ` John Fastabend
2021-10-13 16:38 ` Cong Wang
0 siblings, 1 reply; 4+ messages in thread
From: John Fastabend @ 2021-10-12 5:06 UTC (permalink / raw)
To: Cong Wang, netdev
Cc: bpf, Cong Wang, Daniel Borkmann, John Fastabend, Lorenz Bauer,
Jakub Sitnicki
Cong Wang wrote:
> From: Cong Wang <cong.wang@bytedance.com>
>
> It turns out the skb's in sock receive queue could have
> bad checksums, as both ->poll() and ->recvmsg() validate
> checksums. We have to do the same for ->read_sock() path
> too before they are redirected in sockmap.
>
> Fixes: d7f571188ecf ("udp: Implement ->read_sock() for sockmap")
> Reported-by: Daniel Borkmann <daniel@iogearbox.net>
> Reported-by: John Fastabend <john.fastabend@gmail.com>
> Cc: Lorenz Bauer <lmb@cloudflare.com>
> Cc: Jakub Sitnicki <jakub@cloudflare.com>
> Signed-off-by: Cong Wang <cong.wang@bytedance.com>
> ---
> net/ipv4/udp.c | 11 +++++++++++
> 1 file changed, 11 insertions(+)
>
> diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
> index 8536b2a7210b..0ae8ab5e05b4 100644
> --- a/net/ipv4/udp.c
> +++ b/net/ipv4/udp.c
> @@ -1808,6 +1808,17 @@ int udp_read_sock(struct sock *sk, read_descriptor_t *desc,
> skb = skb_recv_udp(sk, 0, 1, &err);
> if (!skb)
> return err;
> +
> + if (udp_lib_checksum_complete(skb)) {
> + __UDP_INC_STATS(sock_net(sk), UDP_MIB_CSUMERRORS,
> + IS_UDPLITE(sk));
> + __UDP_INC_STATS(sock_net(sk), UDP_MIB_INERRORS,
> + IS_UDPLITE(sk));
> + atomic_inc(&sk->sk_drops);
> + kfree_skb(skb);
We could use sock_drop() here? Otherwise looks good thanks.
> + continue;
> + }
> +
> used = recv_actor(desc, skb, 0, skb->len);
> if (used <= 0) {
> if (!copied)
> --
> 2.30.2
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Patch bpf] udp: validate checksum in udp_read_sock()
2021-10-12 5:06 ` John Fastabend
@ 2021-10-13 16:38 ` Cong Wang
2021-10-13 16:51 ` John Fastabend
0 siblings, 1 reply; 4+ messages in thread
From: Cong Wang @ 2021-10-13 16:38 UTC (permalink / raw)
To: John Fastabend
Cc: Linux Kernel Network Developers, bpf, Cong Wang, Daniel Borkmann,
Lorenz Bauer, Jakub Sitnicki
On Mon, Oct 11, 2021 at 10:06 PM John Fastabend
<john.fastabend@gmail.com> wrote:
>
> Cong Wang wrote:
> > From: Cong Wang <cong.wang@bytedance.com>
> >
> > It turns out the skb's in sock receive queue could have
> > bad checksums, as both ->poll() and ->recvmsg() validate
> > checksums. We have to do the same for ->read_sock() path
> > too before they are redirected in sockmap.
> >
> > Fixes: d7f571188ecf ("udp: Implement ->read_sock() for sockmap")
> > Reported-by: Daniel Borkmann <daniel@iogearbox.net>
> > Reported-by: John Fastabend <john.fastabend@gmail.com>
> > Cc: Lorenz Bauer <lmb@cloudflare.com>
> > Cc: Jakub Sitnicki <jakub@cloudflare.com>
> > Signed-off-by: Cong Wang <cong.wang@bytedance.com>
> > ---
> > net/ipv4/udp.c | 11 +++++++++++
> > 1 file changed, 11 insertions(+)
> >
> > diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
> > index 8536b2a7210b..0ae8ab5e05b4 100644
> > --- a/net/ipv4/udp.c
> > +++ b/net/ipv4/udp.c
> > @@ -1808,6 +1808,17 @@ int udp_read_sock(struct sock *sk, read_descriptor_t *desc,
> > skb = skb_recv_udp(sk, 0, 1, &err);
> > if (!skb)
> > return err;
> > +
> > + if (udp_lib_checksum_complete(skb)) {
> > + __UDP_INC_STATS(sock_net(sk), UDP_MIB_CSUMERRORS,
> > + IS_UDPLITE(sk));
> > + __UDP_INC_STATS(sock_net(sk), UDP_MIB_INERRORS,
> > + IS_UDPLITE(sk));
> > + atomic_inc(&sk->sk_drops);
> > + kfree_skb(skb);
>
> We could use sock_drop() here? Otherwise looks good thanks.
sock_drop() is in include/linux/skmsg.h, I think we need to move it
to sock.h before using it here in net/ipv4/udp.c, right?
And there are other similar patterns which can be replaced with
sock_drop(), so we can do the replacement for all in a separate
patch.
Thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Patch bpf] udp: validate checksum in udp_read_sock()
2021-10-13 16:38 ` Cong Wang
@ 2021-10-13 16:51 ` John Fastabend
0 siblings, 0 replies; 4+ messages in thread
From: John Fastabend @ 2021-10-13 16:51 UTC (permalink / raw)
To: Cong Wang, John Fastabend
Cc: Linux Kernel Network Developers, bpf, Cong Wang, Daniel Borkmann,
Lorenz Bauer, Jakub Sitnicki
Cong Wang wrote:
> On Mon, Oct 11, 2021 at 10:06 PM John Fastabend
> <john.fastabend@gmail.com> wrote:
> >
> > Cong Wang wrote:
> > > From: Cong Wang <cong.wang@bytedance.com>
> > >
> > > It turns out the skb's in sock receive queue could have
> > > bad checksums, as both ->poll() and ->recvmsg() validate
> > > checksums. We have to do the same for ->read_sock() path
> > > too before they are redirected in sockmap.
> > >
> > > Fixes: d7f571188ecf ("udp: Implement ->read_sock() for sockmap")
> > > Reported-by: Daniel Borkmann <daniel@iogearbox.net>
> > > Reported-by: John Fastabend <john.fastabend@gmail.com>
> > > Cc: Lorenz Bauer <lmb@cloudflare.com>
> > > Cc: Jakub Sitnicki <jakub@cloudflare.com>
> > > Signed-off-by: Cong Wang <cong.wang@bytedance.com>
> > > ---
> > > net/ipv4/udp.c | 11 +++++++++++
> > > 1 file changed, 11 insertions(+)
> > >
> > > diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
> > > index 8536b2a7210b..0ae8ab5e05b4 100644
> > > --- a/net/ipv4/udp.c
> > > +++ b/net/ipv4/udp.c
> > > @@ -1808,6 +1808,17 @@ int udp_read_sock(struct sock *sk, read_descriptor_t *desc,
> > > skb = skb_recv_udp(sk, 0, 1, &err);
> > > if (!skb)
> > > return err;
> > > +
> > > + if (udp_lib_checksum_complete(skb)) {
> > > + __UDP_INC_STATS(sock_net(sk), UDP_MIB_CSUMERRORS,
> > > + IS_UDPLITE(sk));
> > > + __UDP_INC_STATS(sock_net(sk), UDP_MIB_INERRORS,
> > > + IS_UDPLITE(sk));
> > > + atomic_inc(&sk->sk_drops);
> > > + kfree_skb(skb);
> >
> > We could use sock_drop() here? Otherwise looks good thanks.
>
> sock_drop() is in include/linux/skmsg.h, I think we need to move it
> to sock.h before using it here in net/ipv4/udp.c, right?
Yes it would be necessary. Lets not do it here otherwise backports
will be ugly.
Acked-by: John Fastabend <john.fastabend@gmail.com>
>
> And there are other similar patterns which can be replaced with
> sock_drop(), so we can do the replacement for all in a separate
> patch.
>
> Thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-10-13 16:51 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-08 20:46 [Patch bpf] udp: validate checksum in udp_read_sock() Cong Wang
2021-10-12 5:06 ` John Fastabend
2021-10-13 16:38 ` Cong Wang
2021-10-13 16:51 ` John Fastabend
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.