android/android_kernel_asus_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
897,393 Commits 2 Branches 0 Tags 2 GiB
C 98.1%
Assembly 1.1%
Makefile 0.3%
Shell 0.2%
Python 0.1%
ab0085bd79
Go to file
Ilya Maximets ab0085bd79 xsk: Honor SO_BINDTODEVICE on bind 
[ Upstream commit f7306acec9aae9893d15e745c8791124d42ab10a ]

Initial creation of an AF_XDP socket requires CAP_NET_RAW capability. A
privileged process might create the socket and pass it to a non-privileged
process for later use. However, that process will be able to bind the socket
to any network interface. Even though it will not be able to receive any
traffic without modification of the BPF map, the situation is not ideal.

Sockets already have a mechanism that can be used to restrict what interface
they can be attached to. That is SO_BINDTODEVICE.

To change the SO_BINDTODEVICE binding the process will need CAP_NET_RAW.

Make xsk_bind() honor the SO_BINDTODEVICE in order to allow safer workflow
when non-privileged process is using AF_XDP.

The intended workflow is following:

  1. First process creates a bare socket with socket(AF_XDP, ...).
  2. First process loads the XSK program to the interface.
  3. First process adds the socket fd to a BPF map.
  4. First process ties socket fd to a particular interface using
     SO_BINDTODEVICE.
  5. First process sends socket fd to a second process.
  6. Second process allocates UMEM.
  7. Second process binds socket to the interface with bind(...).
  8. Second process sends/receives the traffic.

All the steps above are possible today if the first process is privileged
and the second one has sufficient RLIMIT_MEMLOCK and no capabilities.
However, the second process will be able to bind the socket to any interface
it wants on step 7 and send traffic from it. With the proposed change, the
second process will be able to bind the socket only to a specific interface
chosen by the first process at step 4.

Fixes: 965a990984 ("xsk: add support for bind for Rx")
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Magnus Karlsson <magnus.karlsson@intel.com>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Link: https://lore.kernel.org/bpf/20230703175329.3259672-1-i.maximets@ovn.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-07-27 08:37:23 +02:00
arch powerpc: allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y 2023-07-27 08:37:23 +02:00
block block: fix signed int overflow in Amiga partition support 2023-07-27 08:37:19 +02:00
certs certs/blacklist_hashes.c: fix const confusion in certs blacklist 2022-06-22 14:11:22 +02:00
crypto KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() 2023-06-21 15:44:08 +02:00
Documentation xsk: Honor SO_BINDTODEVICE on bind 2023-07-27 08:37:23 +02:00
drivers mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 2023-07-27 08:37:23 +02:00
fs f2fs: fix error path handling in truncate_dnode() 2023-07-27 08:37:23 +02:00
include media: videodev2.h: Fix struct v4l2_input tuner index comment 2023-07-27 08:37:20 +02:00
init init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash 2022-12-08 11:22:59 +01:00
ipc ipc/sem: Fix dangling sem_array access in semtimedop race 2022-12-08 11:23:06 +01:00
kernel kexec: fix a memory leak in crash_shrink_memory() 2023-07-27 08:37:10 +02:00
lib lib/ts_bm: reset initial match offset for every block of text 2023-07-27 08:37:12 +02:00
LICENSES LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
mm mm: make wait_on_page_writeback() wait for multiple pending writebacks 2023-06-28 10:18:42 +02:00
net xsk: Honor SO_BINDTODEVICE on bind 2023-07-27 08:37:23 +02:00
samples samples/bpf: Fix buffer overflow in tcp_basertt 2023-07-27 08:37:07 +02:00
scripts modpost: fix off by one in is_executable_section() 2023-07-27 08:37:18 +02:00
security ima: Fix build warnings 2023-07-27 08:37:06 +02:00
sound ASoC: imx-audmix: check return value of devm_kasprintf() 2023-07-27 08:37:15 +02:00
tools perf dwarf-aux: Fix off-by-one in die_get_varname() 2023-07-27 08:37:17 +02:00
usr initramfs: restore default compression behavior 2020-04-08 09:08:38 +02:00
virt KVM: Destroy target device if coalesced MMIO unregistration fails 2023-03-11 16:44:01 +01:00
.clang-format clang-format: Update with the latest for_each macro list 2019-08-31 10:00:51 +02:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes
.gitignore Modules updates for v5.4 2019-09-22 10:34:46 -07:00
.mailmap ARM: SoC fixes 2019-11-10 13:41:59 -08:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS MAINTAINERS: Remove Simon as Renesas SoC Co-Maintainer 2019-10-10 08:12:51 -07:00
Kbuild kbuild: do not descend to ./Kbuild when cleaning 2019-08-21 21:03:58 +09:00
Kconfig docs: kbuild: convert docs to ReST and rename to *.rst 2019-06-14 14:21:21 -06:00
MAINTAINERS Remove DECnet support from kernel 2023-06-21 15:44:10 +02:00
Makefile Linux 5.4.250 2023-07-24 19:10:53 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.