From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 27E2141D4F
	for <public@inbox.dpdk.org>; Thu, 23 Feb 2023 10:39:02 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 23DCC43158;
	Thu, 23 Feb 2023 10:39:02 +0100 (CET)
Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com
 [209.85.221.41]) by mails.dpdk.org (Postfix) with ESMTP id 6D6CD43150
 for <stable@dpdk.org>; Thu, 23 Feb 2023 10:39:00 +0100 (CET)
Received: by mail-wr1-f41.google.com with SMTP id p8so10265144wrt.12
 for <stable@dpdk.org>; Thu, 23 Feb 2023 01:39:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=m0drHGn9SIRsHoCR7hLHv8kghP/TysbziK1Mupnu7HU=;
 b=dANy99ZY91Qc49RTa8UTCSsDtHWFammZ//91n8YEXSyVpK8MFNHjQakfD5iF9fqRNV
 dTeFzzO6p547Ru4CzhNicGkr7EuKLVOZh2evsv5BFsCb+EXC1hWz8gorK6BOcug7KfEs
 CuaBCkJFSYGGtXOnj6/KP5XBDR2cH9PzQEhR1auzV+maydTE3kWXln7B5T5m7LNAwa+p
 elttr+DZxwm8mirY2ZkQ+Rfae4fS4cURvKtb91EV3ersZkUfzvG1HpbDfANqfsgP1x2S
 vCKGDYExtsVnVr3uGNCrwnktQARDg55Gw72z47GEm22j4KfMzITtTZ3c1IXu8/r+cnIF
 jSXQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=m0drHGn9SIRsHoCR7hLHv8kghP/TysbziK1Mupnu7HU=;
 b=z40x6WzVowlSV/ZJFlLb/2QyQpieQasECjjE3BA9D4aZd8t19D0PjjqEiKth+CMKT+
 B5H+8LxmHX6RrFvhJ5oZWfQAs/RSjQxnJ7QRKacGx66pwn9A3nHPZYrWw578keRE6PMA
 5IEH8NHYZUhTdWtgySe/ViElfAVgSS16t4MxsFU/iF4avHvq/MipOLrNUwQTdPD95XWf
 hGWg6Q0QEcWjc7nC71YfisMaZlCJu6H4EtT6OYIqc831op9o0LwS56BKBPSF2I3o+J7z
 FI29jlbyu3Qb4hy9yBgaRskkO93yh1qJS8NoYZlzoG0rsDyOSo+XkT42xjbf6ITz4S2x
 3gOw==
X-Gm-Message-State: AO0yUKUGs8rUzku+Gl9InyDWrtsrrRN27RI7FAccFndHcN2GdlUGV6K7
 fKtZ/Drfd2NIlmOnrl+dwX0=
X-Google-Smtp-Source: AK7set/NQPEyTKFaG+BtzwBbmwJogCNKoRax1aecunBoL8UA/rJJ9w2RvYriF3rGCW+sokbmLIHiEQ==
X-Received: by 2002:adf:d0c1:0:b0:2c1:28e7:5081 with SMTP id
 z1-20020adfd0c1000000b002c128e75081mr9842385wrh.68.1677145140069; 
 Thu, 23 Feb 2023 01:39:00 -0800 (PST)
Received: from localhost ([2a01:4b00:d307:1000:f1d3:eb5e:11f4:a7d9])
 by smtp.gmail.com with ESMTPSA id
 w2-20020a5d6802000000b002c55efa9cbesm9772751wru.39.2023.02.23.01.38.59
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 23 Feb 2023 01:38:59 -0800 (PST)
From: luca.boccassi@gmail.com
To: Maxime Coquelin <maxime.coquelin@redhat.com>
Cc: David Marchand <david.marchand@redhat.com>,
 Chenbo Xia <chenbo.xia@intel.com>, dpdk stable <stable@dpdk.org>
Subject: patch 'vhost: fix possible FD leaks on truncation' has been queued to
 stable release 20.11.8
Date: Thu, 23 Feb 2023 09:36:37 +0000
Message-Id: <20230223093715.3926893-33-luca.boccassi@gmail.com>
X-Mailer: git-send-email 2.39.1
In-Reply-To: <20230223093715.3926893-1-luca.boccassi@gmail.com>
References: <20230223093715.3926893-1-luca.boccassi@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org

Hi,

FYI, your patch has been queued to stable release 20.11.8

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/25/23. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/bluca/dpdk-stable

This queued commit can be viewed at:
https://github.com/bluca/dpdk-stable/commit/d1e390eb131be74d8a25d9f63f6b6c128c806383

Thanks.

Luca Boccassi

---
>From d1e390eb131be74d8a25d9f63f6b6c128c806383 Mon Sep 17 00:00:00 2001
From: Maxime Coquelin <maxime.coquelin@redhat.com>
Date: Tue, 7 Feb 2023 17:22:40 +0100
Subject: [PATCH] vhost: fix possible FD leaks on truncation

[ upstream commit 218daf1664561eca787369c13e1a9ea5cdaad2a8 ]

This patch fixes possible FDs leaks when truncation happens
on either the message buffer or its control data. Indeed,
by returning early, it did not let a chance to retrieve the
FDs passed as ancillary data, and so caused a potential FDs
leak.

This patch fixes this by extracting the FDs from the
ancillary data as long as recvmsg() call succeeded. It also
improves the logs to differentiate between MSG_TRUNC and
MSG_CTRUNC.

Fixes: bf472259dde6 ("vhost: fix possible denial of service by leaking FDs")

Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
Reviewed-by: Chenbo Xia <chenbo.xia@intel.com>
---
 lib/librte_vhost/socket.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/lib/librte_vhost/socket.c b/lib/librte_vhost/socket.c
index a3e5a0160b..63c95587b0 100644
--- a/lib/librte_vhost/socket.c
+++ b/lib/librte_vhost/socket.c
@@ -128,10 +128,12 @@ read_fd_message(int sockfd, char *buf, int buflen, int *fds, int max_fds,
 		return ret;
 	}
 
-	if (msgh.msg_flags & (MSG_TRUNC | MSG_CTRUNC)) {
+	if (msgh.msg_flags & MSG_TRUNC)
 		VHOST_LOG_CONFIG(ERR, "truncated msg\n");
-		return -1;
-	}
+
+	/* MSG_CTRUNC may be caused by LSM misconfiguration */
+	if (msgh.msg_flags & MSG_CTRUNC)
+		VHOST_LOG_CONFIG(ERR, "truncated control data (fd %d)\n", sockfd);
 
 	for (cmsg = CMSG_FIRSTHDR(&msgh); cmsg != NULL;
 		cmsg = CMSG_NXTHDR(&msgh, cmsg)) {
-- 
2.39.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2023-02-23 09:36:29.571147026 +0000
+++ 0033-vhost-fix-possible-FD-leaks-on-truncation.patch	2023-02-23 09:36:28.234170087 +0000
@@ -1 +1 @@
-From 218daf1664561eca787369c13e1a9ea5cdaad2a8 Mon Sep 17 00:00:00 2001
+From d1e390eb131be74d8a25d9f63f6b6c128c806383 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 218daf1664561eca787369c13e1a9ea5cdaad2a8 ]
+
@@ -18 +19,0 @@
-Cc: stable@dpdk.org
@@ -24 +25 @@
- lib/vhost/socket.c | 8 +++++---
+ lib/librte_vhost/socket.c | 8 +++++---
@@ -27,5 +28,5 @@
-diff --git a/lib/vhost/socket.c b/lib/vhost/socket.c
-index 863a6f6d52..669c322e12 100644
---- a/lib/vhost/socket.c
-+++ b/lib/vhost/socket.c
-@@ -129,10 +129,12 @@ read_fd_message(char *ifname, int sockfd, char *buf, int buflen, int *fds, int m
+diff --git a/lib/librte_vhost/socket.c b/lib/librte_vhost/socket.c
+index a3e5a0160b..63c95587b0 100644
+--- a/lib/librte_vhost/socket.c
++++ b/lib/librte_vhost/socket.c
+@@ -128,10 +128,12 @@ read_fd_message(int sockfd, char *buf, int buflen, int *fds, int max_fds,
@@ -37 +38 @@
- 		VHOST_LOG_CONFIG(ifname, ERR, "truncated msg (fd %d)\n", sockfd);
+ 		VHOST_LOG_CONFIG(ERR, "truncated msg\n");
@@ -43 +44 @@
-+		VHOST_LOG_CONFIG(ifname, ERR, "truncated control data (fd %d)\n", sockfd);
++		VHOST_LOG_CONFIG(ERR, "truncated control data (fd %d)\n", sockfd);