diff options
author | John Fastabend <john.fastabend@gmail.com> | 2018-08-30 21:25:02 -0700 |
---|---|---|
committer | Daniel Borkmann <daniel@iogearbox.net> | 2018-09-02 22:31:10 +0200 |
commit | 597222f72a94118f593e4f32bf58ae7e049a0df1 (patch) | |
tree | 846e0e8c6a168acc8c4e6e7fe570b95e7e702699 /lib/uuid.c | |
parent | 97911e0ccb54c7478b9dac77e6c54c01b449e3a7 (diff) | |
download | linux-597222f72a94118f593e4f32bf58ae7e049a0df1.tar.bz2 |
bpf: avoid misuse of psock when TCP_ULP_BPF collides with another ULP
Currently we check sk_user_data is non NULL to determine if the sk
exists in a map. However, this is not sufficient to ensure the psock
or the ULP ops are not in use by another user, such as kcm or TLS. To
avoid this when adding a sock to a map also verify it is of the
correct ULP type. Additionally, when releasing a psock verify that
it is the TCP_ULP_BPF type before releasing the ULP. The error case
where we abort an update due to ULP collision can cause this error
path.
For example,
__sock_map_ctx_update_elem()
[...]
err = tcp_set_ulp_id(sock, TCP_ULP_BPF) <- collides with TLS
if (err) <- so err out here
goto out_free
[...]
out_free:
smap_release_sock() <- calling tcp_cleanup_ulp releases the
TLS ULP incorrectly.
Fixes: 2f857d04601a ("bpf: sockmap, remove STRPARSER map_flags and add multi-map support")
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Diffstat (limited to 'lib/uuid.c')
0 files changed, 0 insertions, 0 deletions