From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2F631C61DA4 for ; Thu, 2 Feb 2023 20:10:39 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 958B26B0072; Thu, 2 Feb 2023 15:10:38 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 908FD6B0073; Thu, 2 Feb 2023 15:10:38 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7D1646B0074; Thu, 2 Feb 2023 15:10:38 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 70F9D6B0072 for ; Thu, 2 Feb 2023 15:10:38 -0500 (EST) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 4740E160FFD for ; Thu, 2 Feb 2023 20:10:38 +0000 (UTC) X-FDA: 80423444556.23.F82B237 Received: from mail-yw1-f178.google.com (mail-yw1-f178.google.com [209.85.128.178]) by imf07.hostedemail.com (Postfix) with ESMTP id 6E4B240006 for ; Thu, 2 Feb 2023 20:10:36 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b="kyF+/plr"; spf=pass (imf07.hostedemail.com: domain of edumazet@google.com designates 209.85.128.178 as permitted sender) smtp.mailfrom=edumazet@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1675368636; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=aMAjimDlKMwUcRFDQ6b+VBfedyOvbLyBE+vOI+tSfHA=; b=w4Qi+16hmCdjyltLoiGfsIv0zag5r1Ewl73tukJb1wpOkxOUlaJ/zNkm+23pSHTIzaxjcu A105lC/0Ot/bOstuOG846jMm559q7P2Wj7/6SYBMUQRFTkVkJztC0/ebzKvyIobQ2As3YQ 8pKKpkqJnrtzDYX10LlJGaBS4i/oAog= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b="kyF+/plr"; spf=pass (imf07.hostedemail.com: domain of edumazet@google.com designates 209.85.128.178 as permitted sender) smtp.mailfrom=edumazet@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1675368636; a=rsa-sha256; cv=none; b=Ku98YgwltO3MEm5VXfg3wQzr51RnAxYvciGIU/e2VsHL3yGG4kynAbkNug1nbeAuD52Hzz STJxWQb72D+6v6AZRBxSo7045Dimj0s0TNsAv3eK5cO3lPnGE8mJSLUxBw2eFGk26hDXv4 u458IniqAEqn6ycoUm3GlKbz86DqaOo= Received: by mail-yw1-f178.google.com with SMTP id 00721157ae682-4b718cab0e4so41353197b3.9 for ; Thu, 02 Feb 2023 12:10:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=aMAjimDlKMwUcRFDQ6b+VBfedyOvbLyBE+vOI+tSfHA=; b=kyF+/plr5E/Ea/CcC8kG3DZtLYwmW3pbaj7ub7BWG0oOmUWEs0ikGKms709xZ3r46a fS7/eLvB6OiRfJsQp73/xjkOdf4G6I4FnffK8HFGbsX3nuet1hVVnM8RCxxsPhZqXauh yTbOzle222FWt7Wu3vu0dxPxYG5oHgB02m+paWO1aDZtPtA4vBqOc4bS2gapXOCToqGM UUzG8sVKIM+PeBZts0WxdKwxlr0k3szWFpNBVDkGgXGsfaK/35+ADzW+Tjti47JUCMCE zSkdeSfuPAXbUqU43dOSHwnYFZn5HT1g36N0MkXCDgfHIHxC3hbU6ACLIr2UwUTMAM5u ibWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=aMAjimDlKMwUcRFDQ6b+VBfedyOvbLyBE+vOI+tSfHA=; b=39OFWgQyh/tvSENcOeEm/hh9+yTPwFUKh3wq23B2DrL3HA6DqwBAvmYtl47hIaNX7U jWZLI4dKbyNnXt9TJl6WEfhgVWB+k4NXxf6sHwJR7WbsZNY3/tM+2pec3kmGuM39E/iv CbwrxH/mjvSk9ZBRHZ7OcpOxLFmGHPrszFKUuTBUbyjKUkI3yFwjHrksKYDhJoCUgdZ4 BvO6pJwTj7G8YeWE0cXqiOZLw6FYUxmbbXe3GNs4JIQnjBTnJaLWTPIdpnw2T5LaqYYS YG4G8j+qM0jQm3UfHkkm3VTmVbITH/r2cuvD7G/Ei9UiLrc1ubAQps0dg4ZPtz06/0kX JonA== X-Gm-Message-State: AO0yUKXkdHhol6JqE57WTtoihqiKJTxBn2SErNO13ws4UZil9bzBKuIF gSqch8dBQ0lyqIZw/YZnpL7imFdrDZrUvHVaTCWuTQ== X-Google-Smtp-Source: AK7set9AqY68emvr60gryS7o515sri+M7IT/v1XYZ0VEeOpgfCcezGt7jhwHyJF5LmQMbsFZMGLvgpHWm+XynGoijC0= X-Received: by 2002:a05:690c:39f:b0:50f:9101:875f with SMTP id bh31-20020a05690c039f00b0050f9101875fmr855576ywb.392.1675368635261; Thu, 02 Feb 2023 12:10:35 -0800 (PST) MIME-Version: 1.0 References: <20230202014810.744-1-hdanton@sina.com> In-Reply-To: From: Eric Dumazet Date: Thu, 2 Feb 2023 21:10:23 +0100 Message-ID: Subject: Re: [RFC] net: add new socket option SO_SETNETNS To: Alok Tiagi Cc: Hillf Danton , ebiederm@xmission.com, netdev@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 6E4B240006 X-Stat-Signature: xci4p1mxb5pr8j7xtchonsneeapqd7e8 X-Rspam-User: X-HE-Tag: 1675368636-564139 X-HE-Meta: U2FsdGVkX1975qbDtmtbCZpbFvi/PrLcux7lu8knZSzWy4lK2Udx0vGoVG9k2x6eyzEJ/Z9FOkwEaXKEo/PKc83jY8OiazXOS0/ndVA8H7TLon3H38/5xe2GpGQRe8PlzrTN8hqecbTPRGZVveD/0zr4EVm2v4rWbkta1kwiaExafDdxbGdZv7rThh89lgAt3kq94NdzWhwYR3Evg5ewhj1tog1NV1+Iapp58Y4WWHP4xcn3YIRU3mZ9he7kNJxy3lGcb0YcU/YJ5W6UcccMvWEMzn8KiKhZ1TfZpm9uVDBCInzd0v1Mz4VpLWc7uF2oL+4BwNyly6Q/ui2ikuRTYKpgrq8IF6JqsucEHCQCq0nce4hrM9Z/a+re15215XnLvo/gqKIRFoQYuHHKgKnSZUaxffS6NFIH737XOAVhywvSbKbmqo6li9WE7tjiYVVwhRHTVJVTxRNpWDUhe8jzImDLVIXRiWnTaBQz+mFeNFAkS3A/p/Vs2dDO8NeWCC1WgFy+KgTS3wKFXoCedGPZ5X2T72yp8miDqalbUkBJ2ZaUHelGBpzS8dZVhO+uv5IClREDOS7N3labUd1tmHGfUNoxeJe2350YsVRTz3KPCINQ6/NwuD4tar8q8v1eZ8MyB6h+ZRwWURcjQKmT2bocqw5ENrCjRltKToFbSMn5wcPCXGZTCLlXl/S3WOm00kHEIquUdA46Ws8EJk/EzhWdFZTMbwB11dP/IqaLK8a9uEM3yky25YbQQbeo0oZomFw5Q2U7VT/MmfpTU9fMVa5rtH65+8cfHgomMZO+tcdX4IE8sA6ID0lnwVN86saXXyxCdX1JHn6KqVXFSxrvDZ1kX+SYaV5PVRyhwz/x6JP6+6+nYDsqhNQ0CemeZ0Rg3r9Jp23p7FXF17qyeVO4GwuRqFhRMt2E5oD7dy9n7DiRYMbYhIZBnPu1EqtnV9MT2WCVdtR+bDbdHWM1YZTqfPP SPMlMfEx y8AfAWffl3yVGR/ZRZoMI4MxwL2pBc5dNWXPEqI/4PSRZDlRJFA29i3IttZgLrp3knofvZ7/3nf8m24m9bBQpzqKN1ZRPcCkFuhjHWSph1lrOnzKU7AEuDRofjz7u4KoCR0KwBPgcCdPvDx7YrlnZnV1esvawkQ/CrdTmBnRq2o/rM58gFKUtMK2/5WNkectsKJV2wYbe1CJMQKgaYmaBCJj10ULn/T7lCvW0m/LEvR3PmTiILBsDrNJS4cnefjWroh0PuHMurHJKWzzS8CCZzdofZaKNWG/9FyXDn8SJYewaclKJo6d/x2IZoQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Feb 2, 2023 at 8:55 PM Alok Tiagi wrote: > > On Thu, Feb 02, 2023 at 09:48:10AM +0800, Hillf Danton wrote: > > On Wed, 1 Feb 2023 19:22:57 +0000 aloktiagi > > > @@ -1535,6 +1535,52 @@ int sk_setsockopt(struct sock *sk, int level, int optname, > > > WRITE_ONCE(sk->sk_txrehash, (u8)val); > > > break; > > > > > > + case SO_SETNETNS: > > > + { > > > + struct net *other_ns, *my_ns; > > > + > > > + if (sk->sk_family != AF_INET && sk->sk_family != AF_INET6) { > > > + ret = -EOPNOTSUPP; > > > + break; > > > + } > > > + > > > + if (sk->sk_type != SOCK_STREAM && sk->sk_type != SOCK_DGRAM) { > > > + ret = -EOPNOTSUPP; > > > + break; > > > + } > > > + > > > + other_ns = get_net_ns_by_fd(val); > > > + if (IS_ERR(other_ns)) { > > > + ret = PTR_ERR(other_ns); > > > + break; > > > + } > > > + > > > + if (!ns_capable(other_ns->user_ns, CAP_NET_ADMIN)) { > > > + ret = -EPERM; > > > + goto out_err; > > > + } > > > + > > > + /* check that the socket has never been connected or recently disconnected */ > > > + if (sk->sk_state != TCP_CLOSE || sk->sk_shutdown & SHUTDOWN_MASK) { > > > + ret = -EOPNOTSUPP; > > > + goto out_err; > > > + } > > > + > > > + /* check that the socket is not bound to an interface*/ > > > + if (sk->sk_bound_dev_if != 0) { > > > + ret = -EOPNOTSUPP; > > > + goto out_err; > > > + } > > > + > > > + my_ns = sock_net(sk); > > > + sock_net_set(sk, other_ns); > > > + put_net(my_ns); > > > + break; > > > > cpu 0 cpu 2 > > --- --- > > ns = sock_net(sk); > > my_ns = sock_net(sk); > > sock_net_set(sk, other_ns); > > put_net(my_ns); > > ns is invalid ? > > That is the reason we want the socket to be in an un-connected state. That > should help us avoid this situation. This is not enough.... Another thread might look at sock_net(sk), for example from inet_diag or tcp timers (which can be fired even in un-connected state) Even UDP sockets can receive packets while being un-connected, and they need to deref the net pointer. Currently there is no protection about sock_net(sk) being changed on the fly, and the struct net could disappear and be freed. There are ~1500 uses of sock_net(sk) in the kernel, I do not think you/we want to audit all of them to check what could go wrong...