From patchwork Thu Jun 2 21:52:43 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 9151209 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 063D460467 for ; Thu, 2 Jun 2016 21:52:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D1B612832B for ; Thu, 2 Jun 2016 21:52:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C675728330; Thu, 2 Jun 2016 21:52:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 65C352832B for ; Thu, 2 Jun 2016 21:52:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932914AbcFBVwq (ORCPT ); Thu, 2 Jun 2016 17:52:46 -0400 Received: from mail-pa0-f68.google.com ([209.85.220.68]:36434 "EHLO mail-pa0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932240AbcFBVwq (ORCPT ); Thu, 2 Jun 2016 17:52:46 -0400 Received: by mail-pa0-f68.google.com with SMTP id fg1so4193217pad.3; Thu, 02 Jun 2016 14:52:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:subject:from:to:cc:date:in-reply-to:references :mime-version:content-transfer-encoding; bh=8Do/Mi2euxSQdFgviGyfqYog3ClQCZAU4DsyTUb78xM=; b=MuXEx5h1esNrMsiObLYEjCVMM1SkIxkvWVcSxgkdsdRRF1FMND8ls/QAm4VkZ19z2Y CN5Emj5ITshOEmruDkOItvX8cGLvQry5ub/sGflCjGVQPTCO0LuRdD7DVuSy8TnhyKqS bkIIQ4qpVQLKq0oNvdrdmaTAz8m4NhepVsazpvjvFhsv0TLASpK6Z0Q93MNJKpnsFYSw ditG5ls5Q1e2zQFrR9hniYhaqMWuMjSt9JvYs3/HsSTFT0n0iqe/vpej23cskQ23hXCS onOmOQQTX44t4HoFZCrt24okM8O/WLdihzJQtG5IuQGrkPsLx3rWX2Z8l5ov1X5IaUFt 7Ziw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:mime-version:content-transfer-encoding; bh=8Do/Mi2euxSQdFgviGyfqYog3ClQCZAU4DsyTUb78xM=; b=ECtPf+PwLRu3qe0SGAyFqjTZmXheVC/egQXV995CVTq6XsOIIEkVqdBpJIL1iCToZL 9OEvMxbw4E89qeQj9jLZxyKrxOCpDd4e979gEYA4exMuCe7YwRgEhp4teflPv8EBZQSh 2qHWRjbAJTlc7LC80HcvWAGHls3KOfjo4ArDtTVT42JF0YLGUBqutfMQ3m0hbMP+bKFa bcYl14HtjbVBpT5xCusUwqWW24Ycd6mfbjeVfXRjtYEOAKTrgBipDN57D9PxYuXtUYBN p9k1K1lU0i8PQ4sh0kvldCSkdxh6+yriMbqDr7KupvVJiIcUN1Ddh/YSf40Lyx8oe+X4 vsYA== X-Gm-Message-State: ALyK8tLfMM7x3xHiE/glWKubJp1CL6UtEre0fdBEbvtHbH7OR2ZVqo5IwXl41ye2SGocuQ== X-Received: by 10.66.182.45 with SMTP id eb13mr412727pac.40.1464904365108; Thu, 02 Jun 2016 14:52:45 -0700 (PDT) Received: from ?IPv6:2620:0:1000:1704:14f8:1220:7954:f1f1? ([2620:0:1000:1704:14f8:1220:7954:f1f1]) by smtp.googlemail.com with ESMTPSA id p65sm3107274pfd.6.2016.06.02.14.52.44 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 02 Jun 2016 14:52:44 -0700 (PDT) Message-ID: <1464904363.5939.185.camel@edumazet-glaptop3.roam.corp.google.com> Subject: Re: Possible problem with e6afc8ac ("udp: remove headers from UDP packets before queueing") From: Eric Dumazet To: Paul Moore , David Miller Cc: samanthakumar@google.com, linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov, netdev@vger.kernel.org, Stephen Smalley , samanthakumar Date: Thu, 02 Jun 2016 14:52:43 -0700 In-Reply-To: References: <1464808695.5939.167.camel@edumazet-glaptop3.roam.corp.google.com> <0b1fde4f-57ef-8c5e-147f-10c4a51fb2b0@tycho.nsa.gov> X-Mailer: Evolution 3.10.4-0ubuntu2 Mime-Version: 1.0 Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Eric Dumazet Paul Moore tracked a regression caused by a recent commit, which mistakenly assumed that sk_filter() could be avoided if socket had no current BPF filter. The intent was to avoid udp_lib_checksum_complete() overhead. But sk_filter() also checks skb_pfmemalloc() and security_sock_rcv_skb(), so better call it. Fixes: e6afc8ace6dd ("udp: remove headers from UDP packets before queueing") Signed-off-by: Eric Dumazet Reported-by: Paul Moore Tested-by: Paul Moore Tested-by: Stephen Smalley Cc: samanthakumar --- net/ipv4/udp.c | 10 +++++----- net/ipv6/udp.c | 12 ++++++------ 2 files changed, 11 insertions(+), 11 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index d56c0559b477..0ff31d97d485 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -1618,12 +1618,12 @@ int udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) } } - if (rcu_access_pointer(sk->sk_filter)) { - if (udp_lib_checksum_complete(skb)) + if (rcu_access_pointer(sk->sk_filter) && + udp_lib_checksum_complete(skb)) goto csum_error; - if (sk_filter(sk, skb)) - goto drop; - } + + if (sk_filter(sk, skb)) + goto drop; udp_csum_pull_header(skb); if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) { diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c index 2da1896af934..f421c9f23c5b 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c @@ -653,12 +653,12 @@ int udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) } } - if (rcu_access_pointer(sk->sk_filter)) { - if (udp_lib_checksum_complete(skb)) - goto csum_error; - if (sk_filter(sk, skb)) - goto drop; - } + if (rcu_access_pointer(sk->sk_filter) && + udp_lib_checksum_complete(skb)) + goto csum_error; + + if (sk_filter(sk, skb)) + goto drop; udp_csum_pull_header(skb); if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) {