net: Introduce struct sockaddr_unspec #10053
Open
+326
−290
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![kernel-patches-daemon-bpf[bot]](https://avatars.githubusercontent.com/u/70728002?s=80&v=4){kind=small}
|
Upstream branch: 04a8995 |
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
7b565ed to
6efc16b
Compare
|
Upstream branch: 04a8995 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1013767=>bpf-next
branch
from
4220041 to
7c6f9b3
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
6efc16b to
55beced
Compare
|
Upstream branch: 96d31df |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1013767=>bpf-next
branch
from
7c6f9b3 to
99249f2
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
55beced to
b92bbe4
Compare
|
Upstream branch: e758657 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1013767=>bpf-next
branch
from
99249f2 to
12a2115
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
b92bbe4 to
ed703de
Compare
|
Upstream branch: e758657 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1013767=>bpf-next
branch
from
12a2115 to
ffcb8e8
Compare
kernel-patches-daemon-bpf
bot
force-pushed
the
bpf-next_base
branch
from
ed703de to
d4664e4
Compare
Add flexible sockaddr structure to support addresses longer than the
traditional 14-byte struct sockaddr::sa_data limitation without
requiring the full 128-byte sa_data of struct sockaddr_storage. This
allows the network APIs to pass around a pointer to an object that
isn't lying to the compiler about how big it is, but must be accompanied
by its actual size as an additional parameter.
It's possible we may way to migrate to including the size with the
struct in the future, e.g.:
struct sockaddr_unspec {
u16 sa_data_len;
u16 sa_family;
u8 sa_data[] __counted_by(sa_data_len);
};
Signed-off-by: Kees Cook <[email protected]>
While reviewing the struct proto_ops connect() and bind() callback implementations, I noticed that there doesn't appear to be any validation that AF_PPPOX sockaddr structures actually have sa_family set to AF_PPPOX. The pppol2tp_sockaddr_get_info() checks only look at the sizes. I don't see any way that this might actually cause problems as specific info fields are being populated, for which the existing size checks are correct, but it stood out as a missing address family check. Add the check and return -EAFNOSUPPORT on mismatch. Signed-off-by: Kees Cook <[email protected]>
Update all struct proto_ops bind() callback function prototypes from "struct sockaddr *" to "struct sockaddr_unspec *" to avoid lying to the compiler about object sizes. Calls into struct proto handlers gain casts that will be removed in the struct proto conversion patch. No binary changes expected. Signed-off-by: Kees Cook <[email protected]>
Update all struct proto_ops connect() callback function prototypes from "struct sockaddr *" to "struct sockaddr_unspec *" to avoid lying to the compiler about object sizes. Calls into struct proto handlers gain casts that will be removed in the struct proto conversion patch. No binary changes expected. Signed-off-by: Kees Cook <[email protected]>
Now that struct sockaddr is no longer used by net.h, remove it. Signed-off-by: Kees Cook <[email protected]>
Convert struct proto pre_connect(), connect(), bind(), and bind_add() callback function prototypes from struct sockaddr to struct sockaddr_unspec. This does not change per-implementation use of sockaddr for passing around an arbitrarily sized sockaddr struct. Those will be addressed in future patches. Additionally removes the no longer referenced struct sockaddr from include/net/inet_common.h. No binary changes expected. Signed-off-by: Kees Cook <[email protected]>
Update BPF cgroup sockaddr filtering infrastructure to use sockaddr_unspec consistently throughout the call chain, removing redundant explicit casts from callers. Signed-off-by: Kees Cook <[email protected]>
Change struct bpf_sock_addr_kern to use sockaddr_unspec for the "uaddr" field instead of sockaddr. This improves type safety in the BPF cgroup socket address filtering code. The casting in __cgroup_bpf_run_filter_sock_addr() is updated to match the new type, removing an unnecessary cast in the initialization and updating the conditional assignment to use the appropriate sockaddr_unspec cast. Signed-off-by: Kees Cook <[email protected]>
Revert struct sockaddr from flexible array to fixed 14-byte "sa_data", solves over 36,000 -Wflex-array-member-not-at-end warnings, since struct sockaddr is embedded within many network structs. With socket/proto sockaddr-based internal APIs switched to use struct sockaddr_unspec, there should be no more uses of struct sockaddr that depend on reading beyond the end of struct sockaddr::sa_data that might trigger bounds checking. Comparing an x86_64 "allyesconfig" vmlinux build before and after this patch showed no new "ud1" instructions from CONFIG_UBSAN_BOUNDS nor any explicit "field-spanning" memcpy CONFIG_FORTIFY_SOURCE instrumentations. Cc: "Gustavo A. R. Silva" <[email protected]> Signed-off-by: Kees Cook <[email protected]>
|
Upstream branch: e758657 |
kernel-patches-daemon-bpf
bot
force-pushed
the
series/1013767=>bpf-next
branch
from
ffcb8e8 to
52f5c37
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull request for series with
subject: net: Introduce struct sockaddr_unspec
version: 3
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1013767