| Message ID | CY5PR11MB6186C896926FDA33E99BD82081A52@CY5PR11MB6186.namprd11.prod.outlook.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net] net: core: sock: add AF_PACKET unsupported binding error | expand |
From: "Szpetkowski, Grzegorz" <grzegorz.szpetkowski@intel.com> Date: Thu, 11 Jul 2024 13:48:07 +0000 > Hi All, > > Currently, when setsockopt() API with SO_BINDTODEVICE option is > called over a raw packet socket, then although the function doesn't > return an error, the socket is not bound to a specific interface. > > The limitation itself is explicitly stated in man 7 socket, particularly > that SO_BINDTODEVICE is "not supported for packet sockets". > > The patch below is to align the API, so that it does return failure in > case of a packet socket. SO_XXX is generic options and can be set to any socket (except for SO_ZEROCOPY due to MSG_ZEROCOPY, see 76851d1212c11), and whether it's really used or not depends on each socket implementation. Otherwise, we need this kind of change for all socket options and families. > > Signed-off-by: Grzegorz Szpetkowski grzegorz.szpetkowski@intel.com > --- > net/core/sock.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/net/core/sock.c b/net/core/sock.c > index 100e975073ca..1b77241ac1f7 100644 > --- a/net/core/sock.c > +++ b/net/core/sock.c > @@ -639,6 +639,11 @@ static int sock_bindtoindex_locked(struct sock *sk, int ifindex) > if (ifindex < 0) > goto out; > > + /* Not supported for packet sockets, use bind() instead */ > + ret = -EOPNOTSUPP; > + if (sk->sk_family == PF_PACKET) > + goto out; > + > /* Paired with all READ_ONCE() done locklessly. */ > WRITE_ONCE(sk->sk_bound_dev_if, ifindex); > > -- > 2.39.2
Kuniyuki Iwashima wrote: > From: "Szpetkowski, Grzegorz" <grzegorz.szpetkowski@intel.com> > Date: Thu, 11 Jul 2024 13:48:07 +0000 > > Hi All, > > > > Currently, when setsockopt() API with SO_BINDTODEVICE option is > > called over a raw packet socket, then although the function doesn't > > return an error, the socket is not bound to a specific interface. > > > > The limitation itself is explicitly stated in man 7 socket, particularly > > that SO_BINDTODEVICE is "not supported for packet sockets". > > > > The patch below is to align the API, so that it does return failure in > > case of a packet socket. > > SO_XXX is generic options and can be set to any socket (except for > SO_ZEROCOPY due to MSG_ZEROCOPY, see 76851d1212c11), and whether it's > really used or not depends on each socket implementation. > > Otherwise, we need this kind of change for all socket options and > families. Making this change now might also break applications that set it even though it is a noop for them.
diff --git a/net/core/sock.c b/net/core/sock.c index 100e975073ca..1b77241ac1f7 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -639,6 +639,11 @@ static int sock_bindtoindex_locked(struct sock *sk, int ifindex) if (ifindex < 0) goto out; + /* Not supported for packet sockets, use bind() instead */ + ret = -EOPNOTSUPP; + if (sk->sk_family == PF_PACKET) + goto out; + /* Paired with all READ_ONCE() done locklessly. */ WRITE_ONCE(sk->sk_bound_dev_if, ifindex);
Hi All, Currently, when setsockopt() API with SO_BINDTODEVICE option is called over a raw packet socket, then although the function doesn't return an error, the socket is not bound to a specific interface. The limitation itself is explicitly stated in man 7 socket, particularly that SO_BINDTODEVICE is "not supported for packet sockets". The patch below is to align the API, so that it does return failure in case of a packet socket. Signed-off-by: Grzegorz Szpetkowski grzegorz.szpetkowski@intel.com --- net/core/sock.c | 5 +++++ 1 file changed, 5 insertions(+)