Re: [PATCH 03/26] bpfilter: reject kernel addresses

get rid of the address_space override in setsockopt v2 · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 02/26] net/bpfilter: split __bpfilter_process_sockopt · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 06/26] net: switch sock_setbindtodevice to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 10/26] netfilter: remove the unused user argument to do_update_counters · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 14/26] net/ipv4: switch ip_mroute_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 15/26] net/ipv4: merge ip_options_get and ip_options_get_from_user · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 19/26] net/ipv6: switch ipv6_flowlabel_opt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
Re: [PATCH 19/26] net/ipv6: switch ipv6_flowlabel_opt to sockptr_t · Ido Schimmel <hidden> · 2020-07-27
Re: [PATCH 19/26] net/ipv6: switch ipv6_flowlabel_opt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-27
Re: [PATCH 19/26] net/ipv6: switch ipv6_flowlabel_opt to sockptr_t · Ido Schimmel <hidden> · 2020-07-27
Re: [PATCH 19/26] net/ipv6: switch ipv6_flowlabel_opt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-27
Re: [PATCH 19/26] net/ipv6: switch ipv6_flowlabel_opt to sockptr_t · Ido Schimmel <hidden> · 2020-07-27
RE: [PATCH 19/26] net/ipv6: switch ipv6_flowlabel_opt to sockptr_t · David Laight <hidden> · 2020-07-27
[PATCH 26/26] net: optimize the sockptr_t for unified kernel/user address spaces · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 25/26] net: pass a sockptr_t into ->setsockopt · Christoph Hellwig <hch@lst.de> · 2020-07-23
Re: [MPTCP] [PATCH 25/26] net: pass a sockptr_t into ->setsockopt · Matthieu Baerts <hidden> · 2020-07-23
Re: [PATCH 25/26] net: pass a sockptr_t into ->setsockopt · Eric Dumazet <hidden> · 2020-08-06
Re: [PATCH 25/26] net: pass a sockptr_t into ->setsockopt · Christoph Hellwig <hch@lst.de> · 2020-08-07
RE: [PATCH 25/26] net: pass a sockptr_t into ->setsockopt · David Laight <hidden> · 2020-08-07
Re: [PATCH 25/26] net: pass a sockptr_t into ->setsockopt · Eric Dumazet <hidden> · 2020-08-07
RE: [PATCH 25/26] net: pass a sockptr_t into ->setsockopt · David Laight <hidden> · 2020-08-08
[PATCH 18/26] net/ipv6: split up ipv6_flowlabel_opt · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 17/26] net/ipv6: switch ip6_mroute_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 24/26] net/tcp: switch do_tcp_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 16/26] net/ipv4: switch do_ip_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 22/26] net/udp: switch udp_lib_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 23/26] net/tcp: switch ->md5_parse to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 21/26] net/ipv6: switch do_ipv6_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 20/26] net/ipv6: factor out a ipv6_set_opt_hdr helper · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 13/26] bpfilter: switch bpfilter_ip_set_sockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
RE: [PATCH 13/26] bpfilter: switch bpfilter_ip_set_sockopt to sockptr_t · David Laight <hidden> · 2020-07-23
Re: [PATCH 13/26] bpfilter: switch bpfilter_ip_set_sockopt to sockptr_t · 'Christoph Hellwig' <hch@lst.de> · 2020-07-23
[PATCH 11/26] netfilter: switch xt_copy_counters to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
Re: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t · "Jason A. Donenfeld" <Jason@zx2c4.com> · 2020-07-27
Re: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-27
Re: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t · "Jason A. Donenfeld" <Jason@zx2c4.com> · 2020-07-27
Re: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-27
RE: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t · David Laight <hidden> · 2020-07-28
Re: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t · "Jason A. Donenfeld" <Jason@zx2c4.com> · 2020-07-28
Re: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-27
Re: [PATCH 12/26] netfilter: switch nf_setsockopt to sockptr_t · "Jason A. Donenfeld" <Jason@zx2c4.com> · 2020-07-27
[PATCH 09/26] net/xfrm: switch xfrm_user_policy to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 01/26] bpfilter: fix up a sparse annotation · Christoph Hellwig <hch@lst.de> · 2020-07-23
Re: [PATCH 01/26] bpfilter: fix up a sparse annotation · Luc Van Oostenryck <hidden> · 2020-07-23
[PATCH 08/26] net: switch sock_set_timeout to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
Re: [MPTCP] [PATCH 08/26] net: switch sock_set_timeout to sockptr_t · Matthieu Baerts <hidden> · 2020-07-23
[PATCH 07/26] net: switch sock_set_timeout to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 05/26] net: switch copy_bpf_fprog_from_user to sockptr_t · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 04/26] net: add a new sockptr_t type · Christoph Hellwig <hch@lst.de> · 2020-07-23
Re: [PATCH 04/26] net: add a new sockptr_t type · Jan Engelhardt <hidden> · 2020-07-23
Re: [PATCH 04/26] net: add a new sockptr_t type · Eric Dumazet <edumazet@google.com> · 2020-07-23
Re: [PATCH 04/26] net: add a new sockptr_t type · Christoph Hellwig <hch@lst.de> · 2020-07-23
[PATCH 03/26] bpfilter: reject kernel addresses · Christoph Hellwig <hch@lst.de> · 2020-07-23
RE: [PATCH 03/26] bpfilter: reject kernel addresses · David Laight <hidden> · 2020-07-23
Re: [PATCH 03/26] bpfilter: reject kernel addresses · 'Christoph Hellwig' <hch@lst.de> · 2020-07-23
RE: [PATCH 03/26] bpfilter: reject kernel addresses · David Laight <hidden> · 2020-07-23
Re: get rid of the address_space override in setsockopt v2 · David Miller <davem@davemloft.net> · 2020-07-24
Re: get rid of the address_space override in setsockopt v2 · Christoph Hellwig <hch@lst.de> · 2020-07-26
Re: get rid of the address_space override in setsockopt v2 · David Miller <davem@davemloft.net> · 2020-07-26
RE: get rid of the address_space override in setsockopt v2 · David Laight <hidden> · 2020-07-27
Re: get rid of the address_space override in setsockopt v2 · Al Viro <viro@zeniv.linux.org.uk> · 2020-07-27
RE: get rid of the address_space override in setsockopt v2 · David Laight <hidden> · 2020-07-27

From: 'Christoph Hellwig' <hch@lst.de>
Date: 2020-07-23 14:45:05
Also in: bpf, bridge, linux-can, linux-crypto, linux-hams, linux-s390, linux-sctp, lkml, lvs-devel, mptcp, netdev, netfilter-devel

On Thu, Jul 23, 2020 at 02:42:11PM +0000, David Laight wrote:

From: Christoph Hellwig

quoted

Sent: 23 July 2020 07:09

The bpfilter user mode helper processes the optval address using
process_vm_readv.  Don't send it kernel addresses fed under
set_fs(KERNEL_DS) as that won't work.

What sort of operations is the bpf filter doing on the sockopt buffers?

Any attempts to reject some requests can be thwarted by a second
application thread modifying the buffer after the bpf filter has
checked that it allowed.

You can't do security by reading a user buffer twice.

I'm not saying that I approve of the design, but the current bpfilter
design uses process_vm_readv to access the buffer, which obviously does
not work with kernel buffers.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help