diff options
| author | Jakub Sitnicki <[email protected]> | 2020-02-18 17:10:15 +0000 |
|---|---|---|
| committer | Daniel Borkmann <[email protected]> | 2020-02-21 21:29:45 +0000 |
| commit | e80251555f0befd1271e74b080bccf0ff0348bfc (patch) | |
| tree | 3387dd45af325c1929a160a8fab7b84dd0142e08 /net/ipv4/tcp_bpf.c | |
| parent | net, sk_msg: Clear sk_user_data pointer on clone if tagged (diff) | |
| download | kernel-e80251555f0befd1271e74b080bccf0ff0348bfc.tar.gz kernel-e80251555f0befd1271e74b080bccf0ff0348bfc.zip | |
tcp_bpf: Don't let child socket inherit parent protocol ops on copy
Prepare for cloning listening sockets that have their protocol callbacks
overridden by sk_msg. Child sockets must not inherit parent callbacks that
access state stored in sk_user_data owned by the parent.
Restore the child socket protocol callbacks before it gets hashed and any
of the callbacks can get invoked.
Signed-off-by: Jakub Sitnicki <[email protected]>
Signed-off-by: Daniel Borkmann <[email protected]>
Acked-by: John Fastabend <[email protected]>
Link: https://lore.kernel.org/bpf/[email protected]
Diffstat (limited to 'net/ipv4/tcp_bpf.c')
| -rw-r--r-- | net/ipv4/tcp_bpf.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/net/ipv4/tcp_bpf.c b/net/ipv4/tcp_bpf.c index dd183b050642..7d6e1b75d4d4 100644 --- a/net/ipv4/tcp_bpf.c +++ b/net/ipv4/tcp_bpf.c @@ -693,3 +693,17 @@ int tcp_bpf_init(struct sock *sk) rcu_read_unlock(); return 0; } + +/* If a child got cloned from a listening socket that had tcp_bpf + * protocol callbacks installed, we need to restore the callbacks to + * the default ones because the child does not inherit the psock state + * that tcp_bpf callbacks expect. + */ +void tcp_bpf_clone(const struct sock *sk, struct sock *newsk) +{ + int family = sk->sk_family == AF_INET6 ? TCP_BPF_IPV6 : TCP_BPF_IPV4; + struct proto *prot = newsk->sk_prot; + + if (prot == &tcp_bpf_prots[family][TCP_BPF_BASE]) + newsk->sk_prot = sk->sk_prot_creator; +} |