From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id ADD93424B3; Sun, 29 Jan 2023 10:26:20 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 9B72440EDD; Sun, 29 Jan 2023 10:26:20 +0100 (CET) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mails.dpdk.org (Postfix) with ESMTP id 339E240EDE for ; Sun, 29 Jan 2023 10:26:19 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1674984378; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=t0ZVy1OkaPEy284TvxSOBzuSffY1gzFp/PULg5V2/H8=; b=B6VkO2S68lh10uwn8FD5abpLm/m4UGPdWutmgrSUIAhLNvwO9FutTXf2WImyFf2Y/9anJp ELFseoGyKQt/i2nIfKFeoGbu92NBbzEbTXxeuOh7GK/TtkMXsJEQp7Y+2eD5E6miR3vpn/ 4L9cKVqc2KRlCKADJte6e67fUdn8hI8= Received: from mail-pg1-f198.google.com (mail-pg1-f198.google.com [209.85.215.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id us-mta-16-UcU061l5Opmsc_KJHxU14A-1; Sun, 29 Jan 2023 04:26:14 -0500 X-MC-Unique: UcU061l5Opmsc_KJHxU14A-1 Received: by mail-pg1-f198.google.com with SMTP id 84-20020a630257000000b00477f88d334eso3793643pgc.11 for ; Sun, 29 Jan 2023 01:26:14 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=t0ZVy1OkaPEy284TvxSOBzuSffY1gzFp/PULg5V2/H8=; b=SyQ9Wd/W9V6uWc/I/vXAb3tD6ywNXdNMk1wLvdFMVANYUARd6A+0PVMsFP1MD1sb9k Qly/DFgPvGwm9MXyotYxikoc2MFBecmiC1MGpx/tl+o2e7qRP8Yw/Eq+piJW8PnW2D9a 3NDjJDiC1/LyhlFpsN1gYQwuvpGJHntIzozzQrtASqA/d3/mONfZIzwrW829kMg9F7mI XEWjqFB1sfW7V5NmPJhPHX95hMBE5RWGHyfnZEvf43SdkikqXoKK0d9lCacGWemtlq3v jjDV/uYnwRWVqsYEdGh8S0I9fdF+bGI4OD0VGfCpYx/VXmIDsk3A7ZMLBJ+R4kLoxNH6 zLMg== X-Gm-Message-State: AO0yUKWgURewBI+6ZBcok/5G/Fy9FNWEQ+1XzTU1GNovFcqMH6iAEbsl P4I+Hr1163+HCdCTTt9EX4fH1TCr64ObERSHcY2om9QA2+WIkGwgr6rJO6sn6Mk9YqGSNwK+0xh GMeqLMAkwCYoEHMaacMc= X-Received: by 2002:aa7:868f:0:b0:593:914f:2205 with SMTP id d15-20020aa7868f000000b00593914f2205mr621954pfo.34.1674984373594; Sun, 29 Jan 2023 01:26:13 -0800 (PST) X-Google-Smtp-Source: AK7set/xHSsbm0LfkZIoMncojRuZ2jkSPJ0S77b4ZwVALLbJwBVEpc9qRdbSTFRuhptK1VnvzHXSOdMWcQybkRICUIU= X-Received: by 2002:aa7:868f:0:b0:593:914f:2205 with SMTP id d15-20020aa7868f000000b00593914f2205mr621949pfo.34.1674984373330; Sun, 29 Jan 2023 01:26:13 -0800 (PST) MIME-Version: 1.0 References: <20230127165540.37863-1-maxime.coquelin@redhat.com> <20230127165540.37863-3-maxime.coquelin@redhat.com> In-Reply-To: <20230127165540.37863-3-maxime.coquelin@redhat.com> From: David Marchand Date: Sun, 29 Jan 2023 10:26:02 +0100 Message-ID: Subject: Re: [PATCH v2 2/2] vhost: fix possible FD leaks on MSG_TRUNC and MSG_CTRUNC To: Maxime Coquelin Cc: dev@dpdk.org, chenbo.xia@intel.com, stable@dpdk.org X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On Fri, Jan 27, 2023 at 5:55 PM Maxime Coquelin wrote: > > This patch fixes possible FDs leaks when truncation happens > on either the message buffer or its control data. Indeed, > by returning early, it did not let a chance to retrieve the > FDs passed as ancillary data, and so caused a potential FDs > leak. > > This patch fixes this by extracting the FDs from the > ancillary data as long as recvmsg() call succeeded. It also > improves the logs to differentiate between MSG_TRUNC and > MSG_CTRUNC. As I mentionned offlist, I am not convinced the MSG_TRUNC flag can be set on receipt of a message, since the socket is in stream mode. I am okay to keep the check as is, but it is confusing. > > Fixes: bf472259dde6 ("vhost: fix possible denial of service by leaking FDs") > Cc: stable@dpdk.org > > Signed-off-by: Maxime Coquelin Reviewed-by: David Marchand -- David Marchand