All of lore.kernel.org
 help / color / mirror / Atom feed
From: Paolo Abeni <pabeni@redhat.com>
To: Kuniyuki Iwashima <kuniyu@amazon.com>, harperchen1110@gmail.com
Cc: davem@davemloft.net, edumazet@google.com, kuba@kernel.org,
	kuni1840@gmail.com, netdev@vger.kernel.org,
	syzkaller@googlegroups.com
Subject: Re: [PATCH v1 net] af_unix: Call sk_diag_fill() under the bucket lock.
Date: Wed, 23 Nov 2022 16:38:37 +0100	[thread overview]
Message-ID: <73f71d4e6f867a90538b48894249be3902eb38e4.camel@redhat.com> (raw)
In-Reply-To: <20221123152205.79232-1-kuniyu@amazon.com>

On Wed, 2022-11-23 at 07:22 -0800, Kuniyuki Iwashima wrote:
> From:   Wei Chen <harperchen1110@gmail.com>
> Date:   Wed, 23 Nov 2022 23:09:53 +0800
> > Dear Paolo,
> > 
> > Could you explain the meaning of modified "ss" version to reproduce
> > the bug? I'd like to learn how to reproduce the bug in the user space
> > to facilitate the bug fix.
> 
> I think it means to drop NLM_F_DUMP and modify args as needed because
> ss dumps all sockets, not exactly a single socket.

Exactly! Additionally 'ss' must fill udiag_ino and udiag_cookie with
values matching a live unix socket. And before that you have to add
more code to allow 'ss' dumping such values (or fetch them with some
bpf/perf probe).

> 
> Ah, I misunderstood that the found sk is passed to sk_user_ns(), but it's
> skb->sk.

I did not double check the race you outlined in this patch. That could
still possibly be a valid/existing one.

> P.S.  I'm leaving for Japan today and will be bit slow this and next week
> for vacation.

Have a nice trip ;)

/P


  reply	other threads:[~2022-11-23 15:40 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-22 20:58 [PATCH v1 net] af_unix: Call sk_diag_fill() under the bucket lock Kuniyuki Iwashima
2022-11-23 10:26 ` Paolo Abeni
2022-11-23 15:09   ` Wei Chen
2022-11-23 15:22     ` Kuniyuki Iwashima
2022-11-23 15:38       ` Paolo Abeni [this message]
2022-11-24  9:37         ` Wei Chen
2022-11-25  1:49           ` Kuniyuki Iwashima

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=73f71d4e6f867a90538b48894249be3902eb38e4.camel@redhat.com \
    --to=pabeni@redhat.com \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=harperchen1110@gmail.com \
    --cc=kuba@kernel.org \
    --cc=kuni1840@gmail.com \
    --cc=kuniyu@amazon.com \
    --cc=netdev@vger.kernel.org \
    --cc=syzkaller@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.