From mboxrd@z Thu Jan  1 00:00:00 1970
From: Eric Dumazet <eric.dumazet@gmail.com>
Subject: Re: [bpf PATCH v2] bpf: sockmap, fix crash when ipv6 sock is added
Date: Fri, 1 Jun 2018 15:58:52 -0400
Message-ID: <13d3be75-4ed2-aeca-caba-797766e9b676@gmail.com>
References: <20180601194641.5717.11725.stgit@john-Precision-Tower-5810>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Cc: netdev@vger.kernel.org
To: John Fastabend <john.fastabend@gmail.com>, edumazet@google.com,
        ast@kernel.org, daniel@iogearbox.net
Return-path: <netdev-owner@vger.kernel.org>
Received: from mail-qt0-f193.google.com ([209.85.216.193]:44146 "EHLO
        mail-qt0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753245AbeFAT6z (ORCPT
        <rfc822;netdev@vger.kernel.org>); Fri, 1 Jun 2018 15:58:55 -0400
Received: by mail-qt0-f193.google.com with SMTP id d3-v6so33616127qtp.11
        for <netdev@vger.kernel.org>; Fri, 01 Jun 2018 12:58:55 -0700 (PDT)
In-Reply-To: <20180601194641.5717.11725.stgit@john-Precision-Tower-5810>
Content-Language: en-US
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>



On 06/01/2018 03:46 PM, John Fastabend wrote:
> This fixes a crash where we assign tcp_prot to IPv6 sockets instead
> of tcpv6_prot.

...

> +	/* ULPs are currently supported only for TCP sockets in ESTABLISHED
> +	 * state. Supporting sockets in LISTEN state will require us to
> +	 * modify the accept implementation to clone rather then share the
> +	 * ulp context.
> +	 */
> +	if (sock->sk_state != TCP_ESTABLISHED)
> +		return -ENOTSUPP;
> +
>  	/* 1. If sock map has BPF programs those will be inherited by the
>  	 * sock being added. If the sock is already attached to BPF programs
>  	 * this results in an error.
> 

Next question will be then : What happens if syzbot uses tcp_disconnect() and then listen() ?

Thanks !