From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 4BC1441D52 for ; Thu, 23 Feb 2023 16:07:53 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 482A343271; Thu, 23 Feb 2023 16:07:53 +0100 (CET) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mails.dpdk.org (Postfix) with ESMTP id 041A443273 for ; Thu, 23 Feb 2023 16:07:51 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1677164871; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=RI70+Tmwv4QBJE7uJYRv2Sn3q4WhyWNkGWGsq5W8RnU=; b=MbW3JJq4v06uMZ1SrwKIjE8lE1IOTjTLIP6mNEkPkp+aQOElvJ4/EnoAWWJlN2kGfcoSjG bzDXIkprn5gJbnHzivYi8WDu359r1AYah4Wl1tqgNMW+tdJCMxSisa3O9cOGY1gAfjoK66 kuEdk9/HU62iTIt90MRflZQYXcbGNus= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-311-lUm2OT7UPcOeNJWZDZWvNQ-1; Thu, 23 Feb 2023 10:07:49 -0500 X-MC-Unique: lUm2OT7UPcOeNJWZDZWvNQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 492203C0D1A1; Thu, 23 Feb 2023 15:07:45 +0000 (UTC) Received: from rh.redhat.com (unknown [10.39.192.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7700E2166B29; Thu, 23 Feb 2023 15:07:44 +0000 (UTC) From: Kevin Traynor To: Maxime Coquelin Cc: David Marchand , Chenbo Xia , dpdk stable Subject: patch 'vhost: fix possible FD leaks on truncation' has been queued to stable release 21.11.4 Date: Thu, 23 Feb 2023 15:05:38 +0000 Message-Id: <20230223150631.723699-47-ktraynor@redhat.com> In-Reply-To: <20230223150631.723699-1-ktraynor@redhat.com> References: <20230223150631.723699-1-ktraynor@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII"; x-default=true X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 21.11.4 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 02/28/23. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/kevintraynor/dpdk-stable This queued commit can be viewed at: https://github.com/kevintraynor/dpdk-stable/commit/6e302e5ede8eac8084867b14766d20ee7b5bf711 Thanks. Kevin --- >From 6e302e5ede8eac8084867b14766d20ee7b5bf711 Mon Sep 17 00:00:00 2001 From: Maxime Coquelin Date: Tue, 7 Feb 2023 17:22:40 +0100 Subject: [PATCH] vhost: fix possible FD leaks on truncation [ upstream commit 218daf1664561eca787369c13e1a9ea5cdaad2a8 ] This patch fixes possible FDs leaks when truncation happens on either the message buffer or its control data. Indeed, by returning early, it did not let a chance to retrieve the FDs passed as ancillary data, and so caused a potential FDs leak. This patch fixes this by extracting the FDs from the ancillary data as long as recvmsg() call succeeded. It also improves the logs to differentiate between MSG_TRUNC and MSG_CTRUNC. Fixes: bf472259dde6 ("vhost: fix possible denial of service by leaking FDs") Signed-off-by: Maxime Coquelin Reviewed-by: David Marchand Reviewed-by: Chenbo Xia --- lib/vhost/socket.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/lib/vhost/socket.c b/lib/vhost/socket.c index 33f54a779b..a34aebd50c 100644 --- a/lib/vhost/socket.c +++ b/lib/vhost/socket.c @@ -129,8 +129,10 @@ read_fd_message(int sockfd, char *buf, int buflen, int *fds, int max_fds, } - if (msgh.msg_flags & (MSG_TRUNC | MSG_CTRUNC)) { + if (msgh.msg_flags & MSG_TRUNC) VHOST_LOG_CONFIG(ERR, "truncated msg\n"); - return -1; - } + + /* MSG_CTRUNC may be caused by LSM misconfiguration */ + if (msgh.msg_flags & MSG_CTRUNC) + VHOST_LOG_CONFIG(ERR, "truncated control data (fd %d)\n", sockfd); for (cmsg = CMSG_FIRSTHDR(&msgh); cmsg != NULL; -- 2.39.1 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2023-02-23 14:46:24.952350893 +0000 +++ 0047-vhost-fix-possible-FD-leaks-on-truncation.patch 2023-02-23 14:46:23.770235966 +0000 @@ -1 +1 @@ -From 218daf1664561eca787369c13e1a9ea5cdaad2a8 Mon Sep 17 00:00:00 2001 +From 6e302e5ede8eac8084867b14766d20ee7b5bf711 Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit 218daf1664561eca787369c13e1a9ea5cdaad2a8 ] + @@ -18 +19,0 @@ -Cc: stable@dpdk.org @@ -28 +29 @@ -index 863a6f6d52..669c322e12 100644 +index 33f54a779b..a34aebd50c 100644 @@ -31 +32 @@ -@@ -130,8 +130,10 @@ read_fd_message(char *ifname, int sockfd, char *buf, int buflen, int *fds, int m +@@ -129,8 +129,10 @@ read_fd_message(int sockfd, char *buf, int buflen, int *fds, int max_fds, @@ -36 +37 @@ - VHOST_LOG_CONFIG(ifname, ERR, "truncated msg (fd %d)\n", sockfd); + VHOST_LOG_CONFIG(ERR, "truncated msg\n"); @@ -42 +43 @@ -+ VHOST_LOG_CONFIG(ifname, ERR, "truncated control data (fd %d)\n", sockfd); ++ VHOST_LOG_CONFIG(ERR, "truncated control data (fd %d)\n", sockfd);