Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp7400132rwr; Wed, 10 May 2023 07:49:33 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6PcnCWpmQlNSmTTEiKo6owFm/2QXPuz8dKk0E7LtrELiZt2WyfqJiL79R63oHGKJdIwtq4 X-Received: by 2002:a05:6a20:7f8a:b0:ff:8911:c695 with SMTP id d10-20020a056a207f8a00b000ff8911c695mr18609511pzj.43.1683730173196; Wed, 10 May 2023 07:49:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683730173; cv=none; d=google.com; s=arc-20160816; b=VKEezHcyRVKZw2Gzg36nbT0WwWWgGQPF1KqdP9eHyvj+bBiaJIyyIO7EBsaI9b8ecq Qc4NoQ2aDUncssbhVH0Omvt8b2f/RgSFPlmv62gJi+lYDQojNxsar20mYDxidO1ZSTpc xjMpXO3SF7FnZ4wGAXc2hd9ksZvEiemjj4BCijY/S3ouIh7h54P3LYd4WqaCPs5humgw HxxzSC2Emj+NMrltYnb5auI4nlH20Ysz6XSWhOczMmrGQTbdFz7waBoWIsQu7PUFXBc7 4ayFsPmYH+b4QjDEWYC65JLcW2ZWRRK6y4NMV+xZ5MWQmIi2lI1gOFilPGcGqznh9WGs b6CA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=fk9eUG3U91hgmCg1FDe/Uo4ursc9HcJP8f9e+bw6f08=; b=NBa+v7aPnGqlXhSahUxrs/9IykVpQ++5ZMKA4kbma+bKNw5HudDqxwOVX0obgbhfxu Y87D2C+f6XhxJn8pKs1RL0y929XSMflh9gykSCBDh5xP6x97H4B0pwI4F+y4V/3MGEJZ rgxBsVyFSxe+NJF7OKN82wc6Fiqc6IVa0HxqYjE8xunbGJKJmDyjtZhY4rPw0BfYQbsC X6pblk1NlT+K+E+s4beDwcL8+Cvb/hkSCV794WUnMI/uS6x5aUQHgy0YMg4r2FWs3R0G z28iuFdpSfwKHi31PjxZ+DhE9c8bczCRNqIxwOFZihGkJMkFoVCT342rsmj5yI/CTO9Q XaSw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=hWmtYYey; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b188-20020a6334c5000000b00524fcd54553si3981322pga.485.2023.05.10.07.49.17; Wed, 10 May 2023 07:49:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=hWmtYYey; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237442AbjEJOkA (ORCPT + 99 others); Wed, 10 May 2023 10:40:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43434 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237117AbjEJOj6 (ORCPT ); Wed, 10 May 2023 10:39:58 -0400 Received: from mail-oa1-x2e.google.com (mail-oa1-x2e.google.com [IPv6:2001:4860:4864:20::2e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D6CEB268E; Wed, 10 May 2023 07:39:57 -0700 (PDT) Received: by mail-oa1-x2e.google.com with SMTP id 586e51a60fabf-19288cce249so5529121fac.0; Wed, 10 May 2023 07:39:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1683729597; x=1686321597; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=fk9eUG3U91hgmCg1FDe/Uo4ursc9HcJP8f9e+bw6f08=; b=hWmtYYeyl6nRGXKgze90Q4gRzbsa+Kdn9hDEGFvIihz4xDElSdRP7BAhs7xib2OaPg bUj062RwMs0INiSlMhO5qb7hhff4fL5vdqAuVDlMjRQeqqk74xJUWficiKqJVIjENfQf 79+EJYEJVVUGspDM2S2iqbpnVeHu3vNHn2eOLKgAw3kfMupRi2hLSUVXwo0fR4i2uwdT 0QVpxw3ikPUBxmcPzYtWOOipzQJ84cb0gOAyZTT7XI8wq6jk+JxJgUtk+0CHQyY75TpF DfTG/9+fi7M4FCc7OdNi/xuLW9yPVwxBf2+dST2A2uu6RrY5Q7lgS74ju9Dl9d8RLIWa w+Pg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683729597; x=1686321597; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=fk9eUG3U91hgmCg1FDe/Uo4ursc9HcJP8f9e+bw6f08=; b=eCXIEuaVT1ojSxJazh7l46lGLUTL7OR8Lk0R3HEn6oioLDiHry45dodiouN/wzzi6b y6TqskXZrv0OL1/WU1vuadohZ160ZOTJG8aNJLwDa7Suvlsmo5uLHYBoJnPVFebFJy/c aGBBozkXUCAgwTzQc1+5kICRyqtfGRaVURI/iPjL4+1qOfirnztwVkZZP5xvY85gvtLO MIoDPr7qtLVpuVfmNrYa81BLIMApEYcvx+aTgNgZgpuofny+DPN0DqfYatW/1N/5I5nD VXq81VCQivuZxnjoyW/hiQXYj5JE35Ji9hnGETUZ8oCVOI6US5ydEad5Llly4DvoYgfb w5xw== X-Gm-Message-State: AC+VfDxHb6iyj1+LozXCA2WToi3zlu7/zCAiEhAWn/4i2qt+NQlCQWee 3e+JwZF0rUlWB9yqCmnNkYs= X-Received: by 2002:a05:6870:9544:b0:192:85fb:3a33 with SMTP id v4-20020a056870954400b0019285fb3a33mr6652658oal.2.1683729597002; Wed, 10 May 2023 07:39:57 -0700 (PDT) Received: from t14s.localdomain ([177.92.48.137]) by smtp.gmail.com with ESMTPSA id n3-20020a056870034300b00176d49bb898sm6973892oaf.44.2023.05.10.07.39.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 May 2023 07:39:56 -0700 (PDT) Received: by t14s.localdomain (Postfix, from userid 1000) id 70AEA616D93; Wed, 10 May 2023 11:39:54 -0300 (-03) Date: Wed, 10 May 2023 11:39:54 -0300 From: Marcelo Ricardo Leitner To: Alexander Mikhalitsyn Cc: nhorman@tuxdriver.com, davem@davemloft.net, Daniel Borkmann , Christian Brauner , Stanislav Fomichev , Xin Long , linux-sctp@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org Subject: Re: [PATCH net-next] sctp: add bpf_bypass_getsockopt proto callback Message-ID: References: <20230510131527.1244929-1-aleksandr.mikhalitsyn@canonical.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230510131527.1244929-1-aleksandr.mikhalitsyn@canonical.com> X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 10, 2023 at 03:15:27PM +0200, Alexander Mikhalitsyn wrote: > Add bpf_bypass_getsockopt proto callback and filter out > SCTP_SOCKOPT_PEELOFF and SCTP_SOCKOPT_PEELOFF_FLAGS socket options > from running eBPF hook on them. > > These options do fd_install(), and if BPF_CGROUP_RUN_PROG_GETSOCKOPT > hook returns an error after success of the original handler > sctp_getsockopt(...), userspace will receive an error from getsockopt > syscall and will be not aware that fd was successfully installed into fdtable. > > This patch was born as a result of discussion around a new SCM_PIDFD interface: > https://lore.kernel.org/all/20230413133355.350571-3-aleksandr.mikhalitsyn@canonical.com/ I read some of the emails in there but I don't get why the fd leak is special here. I mean, I get that it leaks, but masking the error return like this can lead to several other problems in the application as well. For example, SCTP_SOCKOPT_CONNECTX3 will trigger a connect(). If it failed, and the hook returns success, the user app will at least log a wrong "connection successful". If the hook can't be responsible for cleaning up before returning a different value, then maybe we want to extend the list of sockopts in here. AFAICT these would be the 3 most critical sockopts.