[{"id":3190818,"web_url":"http://patchwork.ozlabs.org/comment/3190818/","msgid":"<169618562530.20334.3438760815048190740.git-patchwork-notify@kernel.org>","list_archive_url":null,"date":"2023-10-01T18:40:25","subject":"Re: [PATCH net v6 0/3] Insulate Kernel Space From SOCK_ADDR Hooks","submitter":{"id":80291,"url":"http://patchwork.ozlabs.org/api/people/80291/","name":null,"email":"patchwork-bot+netdevbpf@kernel.org"},"content":"Hello:\n\nThis series was applied to netdev/net.git (main)\nby David S. Miller <davem@davemloft.net>:\n\nOn Tue, 26 Sep 2023 15:05:02 -0500 you wrote:\n> ==OVERVIEW==\n> \n> The sock_sendmsg(), kernel_connect(), and kernel_bind() functions\n> provide kernel space equivalents to the sendmsg(), connect(), and bind()\n> system calls.\n> \n> When used in conjunction with BPF SOCK_ADDR hooks that rewrite the send,\n> connect, or bind address, callers may observe that the address passed to\n> the call is modified. This is a problem not just in theory, but in\n> practice, with uninsulated calls to kernel_connect() causing issues with\n> broken NFS and CIFS mounts.\n> \n> [...]\n\nHere is the summary with links:\n  - [net,v6,1/3] net: replace calls to sock->ops->connect() with kernel_connect()\n    https://git.kernel.org/netdev/net/c/26297b4ce1ce\n  - [net,v6,2/3] net: prevent rewrite of msg_name and msg_namelen in sock_sendmsg()\n    (no matching commit)\n  - [net,v6,3/3] net: prevent address rewrite in kernel_bind()\n    https://git.kernel.org/netdev/net/c/c889a99a21bf\n\nYou are awesome, thank you!","headers":{"Return-Path":"<netfilter-devel-owner@vger.kernel.org>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=kernel.org header.i=@kernel.org header.a=rsa-sha256\n header.s=k20201202 header.b=BEstLtKJ;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2620:137:e000::1:20; helo=out1.vger.email;\n envelope-from=netfilter-devel-owner@vger.kernel.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20])\n\tby legolas.ozlabs.org (Postfix) with ESMTP id 4RzCZW0Rlcz1yng\n\tfor <incoming@patchwork.ozlabs.org>; Mon,  2 Oct 2023 05:40:35 +1100 (AEDT)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n        id S235280AbjJASka (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);\n        Sun, 1 Oct 2023 14:40:30 -0400","from lindbergh.monkeyblade.net ([23.128.96.19]:58998 \"EHLO\n        lindbergh.monkeyblade.net\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n        with ESMTP id S229505AbjJASk3 (ORCPT\n        <rfc822;netfilter-devel@vger.kernel.org>);\n        Sun, 1 Oct 2023 14:40:29 -0400","from smtp.kernel.org (relay.kernel.org [52.25.139.140])\n        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DA498D9;\n        Sun,  1 Oct 2023 11:40:25 -0700 (PDT)","by smtp.kernel.org (Postfix) with ESMTPS id 73002C433CA;\n        Sun,  1 Oct 2023 18:40:25 +0000 (UTC)","from aws-us-west-2-korg-oddjob-1.ci.codeaurora.org\n (localhost.localdomain [127.0.0.1])\n        by aws-us-west-2-korg-oddjob-1.ci.codeaurora.org (Postfix) with ESMTP\n id 4CF22C73FE1;\n        Sun,  1 Oct 2023 18:40:25 +0000 (UTC)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;\n        s=k20201202; t=1696185625;\n        bh=vHpYQw4Xo9ncTL+cTD5bhjtdjFWeRqIriCu/Ce16oc4=;\n        h=Subject:From:Date:References:In-Reply-To:To:Cc:From;\n        b=BEstLtKJIXt0IJ4gCEvv4DRQRrPAiKpdLtX0LWl0eWl3Nty1flLkeAMAk6VoQ3hFH\n         zfw2pT3j66ZWc4mAFtr0hI1r+/FdoaNS5LzyTt6pfQTwiVmIB3ytjv0Jx8v8IPwEBb\n         Lswz85b/WEMSd+P5Aqfm8HJK4pxY7Vc3lDKxHO2ou4ct8H8qk6GPllQmsiRm14NXTE\n         PExldMIYnTMvAOv5UWs9RqqO5bctrk+swoNCnH8Je1QlBthCz46pHYh+NRrdY+sVYa\n         8FInmRSG0tvh+6NaOnjbWMJZ8lSCfrKmpZj7YuRXGfRFBRx+qMZRFTMMqhW2JbMr+k\n         JgyencAyzITyw==","Content-Type":"text/plain; charset=\"utf-8\"","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit","Subject":"Re: [PATCH net v6 0/3] Insulate Kernel Space From SOCK_ADDR Hooks","From":"patchwork-bot+netdevbpf@kernel.org","Message-Id":"\n <169618562530.20334.3438760815048190740.git-patchwork-notify@kernel.org>","Date":"Sun, 01 Oct 2023 18:40:25 +0000","References":"<20230926200505.2804266-1-jrife@google.com>","In-Reply-To":"<20230926200505.2804266-1-jrife@google.com>","To":"Jordan Rife <jrife@google.com>","Cc":"davem@davemloft.net, edumazet@google.com, kuba@kernel.org,\n        pabeni@redhat.com, willemdebruijn.kernel@gmail.com,\n        netdev@vger.kernel.org, dborkman@kernel.org, horms@verge.net.au,\n        pablo@netfilter.org, kadlec@netfilter.org, fw@strlen.de,\n        santosh.shilimkar@oracle.com, ast@kernel.org, rdna@fb.com,\n        linux-rdma@vger.kernel.org, rds-devel@oss.oracle.com,\n        coreteam@netfilter.org, netfilter-devel@vger.kernel.org, ja@ssi.bg,\n        lvs-devel@vger.kernel.org, kafai@fb.com, daniel@iogearbox.net,\n        daan.j.demeyer@gmail.com","X-Spam-Status":"No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,\n        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,\n        RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham\n        autolearn_force=no version=3.4.6","X-Spam-Checker-Version":"SpamAssassin 3.4.6 (2021-04-09) on\n        lindbergh.monkeyblade.net","Precedence":"bulk","List-ID":"<netfilter-devel.vger.kernel.org>","X-Mailing-List":"netfilter-devel@vger.kernel.org"}}]