From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 7DAD1424B3 for ; Sun, 29 Jan 2023 10:26:19 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 7735940EE4; Sun, 29 Jan 2023 10:26:19 +0100 (CET) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mails.dpdk.org (Postfix) with ESMTP id 022A840ED9 for ; Sun, 29 Jan 2023 10:26:18 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1674984378; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=t0ZVy1OkaPEy284TvxSOBzuSffY1gzFp/PULg5V2/H8=; b=B6VkO2S68lh10uwn8FD5abpLm/m4UGPdWutmgrSUIAhLNvwO9FutTXf2WImyFf2Y/9anJp ELFseoGyKQt/i2nIfKFeoGbu92NBbzEbTXxeuOh7GK/TtkMXsJEQp7Y+2eD5E6miR3vpn/ 4L9cKVqc2KRlCKADJte6e67fUdn8hI8= Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com [209.85.215.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id us-mta-371-N_iBDLwpO9OfalOeVR-6Jg-1; Sun, 29 Jan 2023 04:26:14 -0500 X-MC-Unique: N_iBDLwpO9OfalOeVR-6Jg-1 Received: by mail-pg1-f200.google.com with SMTP id a33-20020a630b61000000b00429d91cc649so3762949pgl.8 for ; Sun, 29 Jan 2023 01:26:14 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=t0ZVy1OkaPEy284TvxSOBzuSffY1gzFp/PULg5V2/H8=; b=qTz6Lp8GZnQGpI+x+j4loEg6DBXHthYCDBJ2L3Xg15gmPQm1aqjilvsOwme0lLObId blXUQRQ/np7Ti9C/utjGf582Ey+wHcuqHSNhvHIpDvMah+06MdGSXx1VvQTaKczhrGMg PaC3NBT7SyceJOwwEButd1sVwGViwdmrlg5ASPPbBEjTCHU0PH7fPu5tmaDSp97nGI9M E89dn31CQNkLH4LjrUGdk4LHDY576Gv9wJgQMgKsKdDHXDwoNQA8i+KCZ4LPAObE5yqE 8hiyxrMa2totcrQcvlkAJoFrG0VK/J6lAVCJii6NYeu3O/HZ8semgiUIN1yVI1BPbdUt W67g== X-Gm-Message-State: AO0yUKWKuSr4B7sUgIkmGtJhm3oW91CzhyFzohTqmhkiQFdu5CjR7qiy 1nyrTCTkIDSjjIW+nMNbr2VJoytAUmgO+ofsEuRNLGwaZ79DITIfJ8lCpYiNOPANo8BLzBn6zz1 fekuv2gEKiLaEVoU8zJ1A6eQ= X-Received: by 2002:aa7:868f:0:b0:593:914f:2205 with SMTP id d15-20020aa7868f000000b00593914f2205mr621951pfo.34.1674984373592; Sun, 29 Jan 2023 01:26:13 -0800 (PST) X-Google-Smtp-Source: AK7set/xHSsbm0LfkZIoMncojRuZ2jkSPJ0S77b4ZwVALLbJwBVEpc9qRdbSTFRuhptK1VnvzHXSOdMWcQybkRICUIU= X-Received: by 2002:aa7:868f:0:b0:593:914f:2205 with SMTP id d15-20020aa7868f000000b00593914f2205mr621949pfo.34.1674984373330; Sun, 29 Jan 2023 01:26:13 -0800 (PST) MIME-Version: 1.0 References: <20230127165540.37863-1-maxime.coquelin@redhat.com> <20230127165540.37863-3-maxime.coquelin@redhat.com> In-Reply-To: <20230127165540.37863-3-maxime.coquelin@redhat.com> From: David Marchand Date: Sun, 29 Jan 2023 10:26:02 +0100 Message-ID: Subject: Re: [PATCH v2 2/2] vhost: fix possible FD leaks on MSG_TRUNC and MSG_CTRUNC To: Maxime Coquelin Cc: dev@dpdk.org, chenbo.xia@intel.com, stable@dpdk.org X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org On Fri, Jan 27, 2023 at 5:55 PM Maxime Coquelin wrote: > > This patch fixes possible FDs leaks when truncation happens > on either the message buffer or its control data. Indeed, > by returning early, it did not let a chance to retrieve the > FDs passed as ancillary data, and so caused a potential FDs > leak. > > This patch fixes this by extracting the FDs from the > ancillary data as long as recvmsg() call succeeded. It also > improves the logs to differentiate between MSG_TRUNC and > MSG_CTRUNC. As I mentionned offlist, I am not convinced the MSG_TRUNC flag can be set on receipt of a message, since the socket is in stream mode. I am okay to keep the check as is, but it is confusing. > > Fixes: bf472259dde6 ("vhost: fix possible denial of service by leaking FDs") > Cc: stable@dpdk.org > > Signed-off-by: Maxime Coquelin Reviewed-by: David Marchand -- David Marchand