From: Christoph Hellwig <hch@lst.de>
To: "David S. Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
Eric Dumazet <edumazet@google.com>
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, bpf@vger.kernel.org,
netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
linux-sctp@vger.kernel.org, linux-hams@vger.kernel.org,
linux-bluetooth@vger.kernel.org,
bridge@lists.linux-foundation.org, linux-can@vger.kernel.org,
dccp@vger.kernel.org, linux-decnet-user@lists.sourceforge.net,
linux-wpan@vger.kernel.org, linux-s390@vger.kernel.org,
mptcp@lists.01.org, lvs-devel@vger.kernel.org,
rds-devel@oss.oracle.com, linux-afs@lists.infradead.org,
tipc-discussion@lists.sourceforge.net, linux-x25@vger.kernel.org
Subject: get rid of the address_space override in setsockopt v2
Date: Thu, 23 Jul 2020 08:08:42 +0200
Message-ID: <20200723060908.50081-1-hch@lst.de> (raw)
Hi Dave,
setsockopt is the last place in architecture-independ code that still
uses set_fs to force the uaccess routines to operate on kernel pointers.
This series adds a new sockptr_t type that can contained either a kernel
or user pointer, and which has accessors that do the right thing, and
then uses it for setsockopt, starting by refactoring some low-level
helpers and moving them over to it before finally doing the main
setsockopt method.
Note that apparently the eBPF selftests do not even cover this path, so
the series has been tested with a testing patch that always copies the
data first and passes a kernel pointer. This is something that works for
most common sockopts (and is something that the ePBF support relies on),
but unfortunately in various corner cases we either don't use the passed
in length, or in one case actually copy data back from setsockopt, or in
case of bpfilter straight out do not work with kernel pointers at all.
Against net-next/master.
Changes since v1:
- check that users don't pass in kernel addresses
- more bpfilter cleanups
- cosmetic mptcp tweak
Diffstat:
crypto/af_alg.c | 7
drivers/crypto/chelsio/chtls/chtls_main.c | 18 -
drivers/isdn/mISDN/socket.c | 4
include/linux/bpfilter.h | 6
include/linux/filter.h | 3
include/linux/mroute.h | 5
include/linux/mroute6.h | 8
include/linux/net.h | 4
include/linux/netfilter.h | 6
include/linux/netfilter/x_tables.h | 4
include/linux/sockptr.h | 132 ++++++++++++
include/net/inet_connection_sock.h | 3
include/net/ip.h | 7
include/net/ipv6.h | 6
include/net/sctp/structs.h | 2
include/net/sock.h | 7
include/net/tcp.h | 6
include/net/udp.h | 2
include/net/xfrm.h | 8
net/atm/common.c | 6
net/atm/common.h | 2
net/atm/pvc.c | 2
net/atm/svc.c | 6
net/ax25/af_ax25.c | 6
net/bluetooth/hci_sock.c | 8
net/bluetooth/l2cap_sock.c | 22 +-
net/bluetooth/rfcomm/sock.c | 12 -
net/bluetooth/sco.c | 6
net/bpfilter/bpfilter_kern.c | 55 ++---
net/bridge/netfilter/ebtables.c | 46 +---
net/caif/caif_socket.c | 8
net/can/j1939/socket.c | 12 -
net/can/raw.c | 16 -
net/core/filter.c | 6
net/core/sock.c | 36 +--
net/dccp/dccp.h | 2
net/dccp/proto.c | 20 -
net/decnet/af_decnet.c | 13 -
net/ieee802154/socket.c | 6
net/ipv4/bpfilter/sockopt.c | 16 -
net/ipv4/ip_options.c | 43 +---
net/ipv4/ip_sockglue.c | 66 +++---
net/ipv4/ipmr.c | 14 -
net/ipv4/netfilter/arp_tables.c | 33 +--
net/ipv4/netfilter/ip_tables.c | 29 +-
net/ipv4/raw.c | 8
net/ipv4/tcp.c | 30 +-
net/ipv4/tcp_ipv4.c | 4
net/ipv4/udp.c | 11 -
net/ipv4/udp_impl.h | 4
net/ipv6/ip6_flowlabel.c | 317 ++++++++++++++++--------------
net/ipv6/ip6mr.c | 17 -
net/ipv6/ipv6_sockglue.c | 203 +++++++++----------
net/ipv6/netfilter/ip6_tables.c | 28 +-
net/ipv6/raw.c | 10
net/ipv6/tcp_ipv6.c | 4
net/ipv6/udp.c | 7
net/ipv6/udp_impl.h | 4
net/iucv/af_iucv.c | 4
net/kcm/kcmsock.c | 6
net/l2tp/l2tp_ppp.c | 4
net/llc/af_llc.c | 4
net/mptcp/protocol.c | 6
net/netfilter/ipvs/ip_vs_ctl.c | 4
net/netfilter/nf_sockopt.c | 2
net/netfilter/x_tables.c | 20 -
net/netlink/af_netlink.c | 4
net/netrom/af_netrom.c | 4
net/nfc/llcp_sock.c | 6
net/packet/af_packet.c | 39 +--
net/phonet/pep.c | 4
net/rds/af_rds.c | 30 +-
net/rds/rdma.c | 14 -
net/rds/rds.h | 6
net/rose/af_rose.c | 4
net/rxrpc/af_rxrpc.c | 8
net/rxrpc/ar-internal.h | 4
net/rxrpc/key.c | 9
net/sctp/socket.c | 4
net/smc/af_smc.c | 4
net/socket.c | 24 --
net/tipc/socket.c | 8
net/tls/tls_main.c | 17 -
net/vmw_vsock/af_vsock.c | 4
net/x25/af_x25.c | 4
net/xdp/xsk.c | 8
net/xfrm/xfrm_state.c | 6
87 files changed, 894 insertions(+), 743 deletions(-)
next reply index
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-23 6:08 Christoph Hellwig [this message]
2020-07-23 6:08 ` [PATCH 01/26] bpfilter: fix up a sparse annotation Christoph Hellwig
2020-07-23 11:14 ` Luc Van Oostenryck
2020-07-23 6:08 ` [PATCH 02/26] net/bpfilter: split __bpfilter_process_sockopt Christoph Hellwig
2020-07-23 6:08 ` [PATCH 03/26] bpfilter: reject kernel addresses Christoph Hellwig
2020-07-23 14:42 ` David Laight
2020-07-23 14:44 ` 'Christoph Hellwig'
2020-07-23 14:56 ` David Laight
2020-07-23 6:08 ` [PATCH 04/26] net: add a new sockptr_t type Christoph Hellwig
2020-07-23 15:40 ` Jan Engelhardt
2020-07-23 16:40 ` Eric Dumazet
2020-07-23 16:44 ` Christoph Hellwig
2020-07-23 6:08 ` [PATCH 05/26] net: switch copy_bpf_fprog_from_user to sockptr_t Christoph Hellwig
2020-07-23 6:08 ` [PATCH 06/26] net: switch sock_setbindtodevice " Christoph Hellwig
2020-07-23 6:08 ` [PATCH 07/26] net: switch sock_set_timeout " Christoph Hellwig
2020-07-23 6:08 ` [PATCH 08/26] " Christoph Hellwig
2020-07-23 8:39 ` [MPTCP] " Matthieu Baerts
2020-07-23 6:08 ` [PATCH 09/26] net/xfrm: switch xfrm_user_policy " Christoph Hellwig
2020-07-23 6:08 ` [PATCH 10/26] netfilter: remove the unused user argument to do_update_counters Christoph Hellwig
2020-07-23 6:08 ` [PATCH 11/26] netfilter: switch xt_copy_counters to sockptr_t Christoph Hellwig
2020-07-23 6:08 ` [PATCH 12/26] netfilter: switch nf_setsockopt " Christoph Hellwig
2020-07-27 15:03 ` Jason A. Donenfeld
2020-07-27 15:06 ` Christoph Hellwig
2020-07-27 16:16 ` Jason A. Donenfeld
2020-07-27 16:23 ` Christoph Hellwig
2020-07-28 8:07 ` David Laight
2020-07-28 8:17 ` Jason A. Donenfeld
2020-07-27 16:16 ` Christoph Hellwig
2020-07-27 16:21 ` Jason A. Donenfeld
2020-07-23 6:08 ` [PATCH 13/26] bpfilter: switch bpfilter_ip_set_sockopt " Christoph Hellwig
2020-07-23 11:16 ` David Laight
2020-07-23 11:44 ` 'Christoph Hellwig'
2020-07-23 6:08 ` [PATCH 14/26] net/ipv4: switch ip_mroute_setsockopt " Christoph Hellwig
2020-07-23 6:08 ` [PATCH 15/26] net/ipv4: merge ip_options_get and ip_options_get_from_user Christoph Hellwig
2020-07-23 6:08 ` [PATCH 16/26] net/ipv4: switch do_ip_setsockopt to sockptr_t Christoph Hellwig
2020-07-23 6:08 ` [PATCH 17/26] net/ipv6: switch ip6_mroute_setsockopt " Christoph Hellwig
2020-07-23 6:09 ` [PATCH 18/26] net/ipv6: split up ipv6_flowlabel_opt Christoph Hellwig
2020-07-23 6:09 ` [PATCH 19/26] net/ipv6: switch ipv6_flowlabel_opt to sockptr_t Christoph Hellwig
2020-07-27 12:15 ` Ido Schimmel
2020-07-27 13:00 ` Christoph Hellwig
2020-07-27 13:33 ` Ido Schimmel
2020-07-27 16:15 ` Christoph Hellwig
2020-07-27 18:22 ` Ido Schimmel
2020-07-27 13:24 ` David Laight
2020-07-23 6:09 ` [PATCH 20/26] net/ipv6: factor out a ipv6_set_opt_hdr helper Christoph Hellwig
2020-07-23 6:09 ` [PATCH 21/26] net/ipv6: switch do_ipv6_setsockopt to sockptr_t Christoph Hellwig
2020-07-23 6:09 ` [PATCH 22/26] net/udp: switch udp_lib_setsockopt " Christoph Hellwig
2020-07-23 6:09 ` [PATCH 23/26] net/tcp: switch ->md5_parse " Christoph Hellwig
2020-07-23 6:09 ` [PATCH 24/26] net/tcp: switch do_tcp_setsockopt " Christoph Hellwig
2020-07-23 6:09 ` [PATCH 25/26] net: pass a sockptr_t into ->setsockopt Christoph Hellwig
2020-07-23 8:39 ` [MPTCP] " Matthieu Baerts
2020-08-06 22:21 ` Eric Dumazet
2020-08-07 7:21 ` Christoph Hellwig
2020-08-07 9:18 ` David Laight
2020-08-07 18:29 ` Eric Dumazet
2020-08-08 13:54 ` David Laight
2020-07-23 6:09 ` [PATCH 26/26] net: optimize the sockptr_t for unified kernel/user address spaces Christoph Hellwig
2020-07-24 22:43 ` get rid of the address_space override in setsockopt v2 David Miller
2020-07-26 7:03 ` Christoph Hellwig
2020-07-26 7:08 ` Andreas Schwab
2020-07-26 7:46 ` David Miller
2020-07-27 9:51 ` David Laight
2020-07-27 13:48 ` Al Viro
2020-07-27 14:09 ` David Laight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200723060908.50081-1-hch@lst.de \
--to=hch@lst.de \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=bridge@lists.linux-foundation.org \
--cc=coreteam@netfilter.org \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=dccp@vger.kernel.org \
--cc=edumazet@google.com \
--cc=kuba@kernel.org \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-afs@lists.infradead.org \
--cc=linux-bluetooth@vger.kernel.org \
--cc=linux-can@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-decnet-user@lists.sourceforge.net \
--cc=linux-hams@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-sctp@vger.kernel.org \
--cc=linux-wpan@vger.kernel.org \
--cc=linux-x25@vger.kernel.org \
--cc=lvs-devel@vger.kernel.org \
--cc=mptcp@lists.01.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=rds-devel@oss.oracle.com \
--cc=tipc-discussion@lists.sourceforge.net \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Linux-WPAN Archive on lore.kernel.org
Archives are clonable:
git clone --mirror https://lore.kernel.org/linux-wpan/0 linux-wpan/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 linux-wpan linux-wpan/ https://lore.kernel.org/linux-wpan \
linux-wpan@vger.kernel.org
public-inbox-index linux-wpan
Example config snippet for mirrors
Newsgroup available over NNTP:
nntp://nntp.lore.kernel.org/org.kernel.vger.linux-wpan
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git