mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-27 21:03:32 +00:00
Code Issues Releases Wiki Activity
linux-stable/Documentation
History
Ilya Maximets edd944b70a xsk: Honor SO_BINDTODEVICE on bind 
[ Upstream commit f7306acec9 ]

Initial creation of an AF_XDP socket requires CAP_NET_RAW capability. A
privileged process might create the socket and pass it to a non-privileged
process for later use. However, that process will be able to bind the socket
to any network interface. Even though it will not be able to receive any
traffic without modification of the BPF map, the situation is not ideal.

Sockets already have a mechanism that can be used to restrict what interface
they can be attached to. That is SO_BINDTODEVICE.

To change the SO_BINDTODEVICE binding the process will need CAP_NET_RAW.

Make xsk_bind() honor the SO_BINDTODEVICE in order to allow safer workflow
when non-privileged process is using AF_XDP.

The intended workflow is following:

  1. First process creates a bare socket with socket(AF_XDP, ...).
  2. First process loads the XSK program to the interface.
  3. First process adds the socket fd to a BPF map.
  4. First process ties socket fd to a particular interface using
     SO_BINDTODEVICE.
  5. First process sends socket fd to a second process.
  6. Second process allocates UMEM.
  7. Second process binds socket to the interface with bind(...).
  8. Second process sends/receives the traffic.

All the steps above are possible today if the first process is privileged
and the second one has sufficient RLIMIT_MEMLOCK and no capabilities.
However, the second process will be able to bind the socket to any interface
it wants on step 7 and send traffic from it. With the proposed change, the
second process will be able to bind the socket only to a specific interface
chosen by the first process at step 4.

Fixes: 965a990984 ("xsk: add support for bind for Rx")
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Magnus Karlsson <magnus.karlsson@intel.com>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Link: https://lore.kernel.org/bpf/20230703175329.3259672-1-i.maximets@ovn.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-07-23 13:47:29 +02:00
..
ABI usb: gadget: uvc: Make bSourceID read/write 2023-03-11 13:57:37 +01:00
accounting sched/psi: report zeroes for CPU full at the system level 2022-06-09 10:22:48 +02:00
admin-guide Remove DECnet support from kernel 2023-06-21 15:59:15 +02:00
arm Documentation: arm: marvell: Add 88F6825 model into list 2021-08-24 13:26:32 -06:00
arm64 arm64: errata: Remove AES hwcap for COMPAT tasks 2022-10-29 10:12:53 +02:00
block Documentation: block: blk-mq: Fix small typo in multi-queue docs 2021-08-24 13:30:00 -06:00
bpf libbpf: Rename libbpf documentation index file 2021-08-18 08:45:25 -07:00
cdrom
core-api Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE"" 2022-04-08 14:24:13 +02:00
cpu-freq cpufreq: Remove ready() callback 2021-09-02 18:04:17 +02:00
crypto
dev-tools docs/scripts/gdb: add necessary make scripts_gdb step 2023-03-10 09:39:53 +01:00
devicetree of: overlay: rework overlay apply and remove kfree()s 2023-06-21 15:59:12 +02:00
doc-guide docs: doc-guide: avoid using ReST :doc:foo markup 2021-06-17 13:24:37 -06:00
driver-api counter: fix docum. build problems after filename change 2023-04-20 12:13:57 +02:00
fault-injection debugfs: fix error when writing negative value to atomic_t debugfs file 2022-12-31 13:14:03 +01:00
fb
features RISC-V Patches for the 5.15 Merge Window, Part 2 2021-09-11 14:29:42 -07:00
filesystems docs: Correct missing "d_" prefix for dentry_operations member d_weak_revalidate 2023-03-22 13:31:22 +01:00
firmware-guide Documentation: ACPI: EINJ: Fix obsolete example 2022-08-25 11:40:01 +02:00
firmware_class
fpga fpga: fix spelling mistakes 2021-07-21 19:54:21 -07:00
gpu drm/i915/display: Move DRRS code its own file 2022-03-08 19:12:40 +01:00
hid
hwmon hwmon: (ftsteutates) Fix scaling of measurements 2023-03-10 09:39:21 +01:00
i2c Documentation: i2c: add i2c-sysfs into index 2021-08-10 22:58:32 +02:00
ia64
ide
iio
infiniband
input Input: iforce - add support for Boeder Force Feedback Wheel 2022-09-20 12:39:45 +02:00
isdn
kbuild Merge branch 'akpm' (patches from Andrew) 2021-09-08 12:55:35 -07:00
kernel-hacking docs: futex: Fix kernel-doc references after code split-up preparation 2023-04-26 13:51:53 +02:00
leds Documentation: leds: standartizing LED names 2021-08-20 10:26:24 +02:00
litmus-tests
livepatch
locking Documentation/locking/locktypes: Update migrate_disable() bits. 2021-12-14 10:57:18 +01:00
m68k
maintainer
mhi
mips
misc-devices
netlabel
networking xsk: Honor SO_BINDTODEVICE on bind 2023-07-23 13:47:29 +02:00
nios2
nvdimm
openrisc
parisc
PCI pci-v5.15-changes 2021-09-07 19:13:42 -07:00
pcmcia
power Documentation: power: include kernel-doc in Energy Model doc 2021-09-07 21:17:28 +02:00
powerpc powerpc/doc: Fix htmldocs errors 2021-08-27 00:56:34 +10:00
process overflow: Implement size_t saturating arithmetic helpers 2022-12-31 13:14:33 +01:00
RCU doc: Update stallwarn.rst with recent changes 2021-07-20 13:36:33 -07:00
riscv riscv: Move early dtb mapping into the fixmap region 2023-05-01 08:23:24 +09:00
s390 vfio/mdev: Remove CONFIG_VFIO_MDEV_DEVICE 2021-06-21 15:29:25 -06:00
scheduler This was a reasonably active cycle for documentation; this pull includes: 2021-06-28 16:53:05 -07:00
scsi
security This was a reasonably active cycle for documentation; this pull includes: 2021-06-28 16:53:05 -07:00
sh
sound ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard 2023-04-20 12:13:51 +02:00
sparc
sphinx docs: Fix the docs build with Sphinx 6.0 2023-01-18 11:48:48 +01:00
sphinx-static
spi
staging
target
timers
trace attr: use consistent sgid stripping checks 2023-03-17 08:49:01 +01:00
translations docs: futex: Fix kernel-doc references after code split-up preparation 2023-04-26 13:51:53 +02:00
tty/device_drivers serial: 8250: Add proper clock handling for OxSemi PCIe devices 2022-08-17 14:24:23 +02:00
usb docs: usb: fix malformed table 2021-08-05 12:31:51 +02:00
userspace-api Remove DECnet support from kernel 2023-06-21 15:59:15 +02:00
virt KVM: s390: disable migration mode when dirty tracking is disabled 2023-03-10 09:40:01 +01:00
vm Merge branch 'akpm' (patches from Andrew) 2021-09-08 12:55:35 -07:00
w1
watchdog
x86 Another collection of documentation patches, mostly fixes but also includes 2021-09-08 16:28:14 -07:00
xtensa
.gitignore
arch.rst
asm-annotations.rst
atomic_bitops.txt locking/atomic: Make test_and_*_bit() ordered on failure 2022-08-25 11:39:54 +02:00
atomic_t.txt Documentation/atomic_t: Document forward progress expectations 2021-08-04 15:16:47 +02:00
Changes
CodingStyle
conf.py docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 2022-06-09 10:23:30 +02:00
COPYING-logo
docutils.conf
dontdiff
index.rst
Kconfig
logo.gif
Makefile docs: Makefile: Use CONFIG_SHELL not SHELL 2021-06-18 11:26:08 -06:00
memory-barriers.txt
SubmittingPatches
watch_queue.rst