From patchwork Tue Jan 28 13:15:27 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michal Luczaj X-Patchwork-Id: 13952552 X-Patchwork-Delegate: kuba@kernel.org Received: from mailtransmit04.runbox.com (mailtransmit04.runbox.com [185.226.149.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E00961A9B34 for ; Tue, 28 Jan 2025 13:16:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.226.149.37 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070175; cv=none; b=H7cRleS+2ishINmU28mCNd6fwUkX2yCZcNZjZZYQaLn6cMtfGDQM1gENzvjkBh7rxdpcqEQn8k/ZTa0GBqCULx3/zs1u/lDFHOL1hF38QLXjpq0uYecvL5CEK6cOVleqoStRQuBwx8uh/98UbJEwGd2EtL0BFIpihHf6b7wSMx0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070175; c=relaxed/simple; bh=4vTZfG/WsAZmmSR9oQqJbrBcR86EKVVns6b9NBPyWKU=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=W2W7yj/AM62WCkq9gxZMwUNhwehS62QR6eW3+8XE2b1VQ7PHC3eiE2Yn0tm4sC6e/CBpavHKcVsGxltZkHzOhOgBBYxQ2p6eV8CzdpM9paVmECwaDW2UoA/Tkw1lLVW71vbKXVqXq4NfCrgD48+7Diwkknm52sbPs53Fld8yuac= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co; spf=pass smtp.mailfrom=rbox.co; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b=bpOPLB9p; arc=none smtp.client-ip=185.226.149.37 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rbox.co Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b="bpOPLB9p" Received: from mailtransmit03.runbox ([10.9.9.163] helo=aibo.runbox.com) by mailtransmit04.runbox.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1tclRp-002ey1-Ug; Tue, 28 Jan 2025 14:16:09 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=rbox.co; s=selector2; h=Cc:To:In-Reply-To:References:Message-Id: Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date:From; bh=0UPR/9uTU8H+wFdMtksGm6zkK6gKWlGALLlc0rnzklo=; b=bpOPLB9p+ll5q+YR2jLviUYgwY K/mANLK1Skwc3ICHv80bO65hGX5I17aKd2kJVntB/0FKL3G/EoK3BndWiC1TB+n20kA7zAk/lNuJq 8srwTF09o4E4sACVAfwg33KTSyLG/wTUTp505WIK9ND164bryJyHrltQe1saLf6Yht+vIaxgSv9bf /bcV3rEcWoF7FOh15Sjs7lDB269MS/NkqN46kocC3VmDK5klcG2GBrMK2fzYMwG1cYUHqXb1IQxEN 4k/yeQbwIsM0G5HRRT/qjgWM8/0dkjp1g6bZ25ox1rP/dZqiocTd3+M7TWP1SYYHHhivqj2B8op+o lQKYPd3Q==; Received: from [10.9.9.73] (helo=submission02.runbox) by mailtransmit03.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1tclRp-0007Kg-HZ; Tue, 28 Jan 2025 14:16:09 +0100 Received: by submission02.runbox with esmtpsa [Authenticated ID (604044)] (TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) id 1tclRJ-000mZg-AI; Tue, 28 Jan 2025 14:15:37 +0100 From: Michal Luczaj Date: Tue, 28 Jan 2025 14:15:27 +0100 Subject: [PATCH net v3 1/6] vsock: Keep the binding until socket destruction Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250128-vsock-transport-vs-autobind-v3-1-1cf57065b770@rbox.co> References: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> In-Reply-To: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> To: Stefano Garzarella , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman Cc: netdev@vger.kernel.org, virtualization@lists.linux.dev, Michal Luczaj X-Mailer: b4 0.14.2 X-Patchwork-Delegate: kuba@kernel.org Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket unbinding during a transport reassignment, which fixes a use-after-free: 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2) 2. transport->release() calls vsock_remove_bound() without checking if sk was bound and moved to bound list (refcnt=1) 3. vsock_bind() assumes sk is in unbound list and before __vsock_insert_bound(vsock_bound_sockets()) calls __vsock_remove_bound() which does: list_del_init(&vsk->bound_table); // nop sock_put(&vsk->sk); // refcnt=0 BUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730 Read of size 4 at addr ffff88816b46a74c by task a.out/2057 dump_stack_lvl+0x68/0x90 print_report+0x174/0x4f6 kasan_report+0xb9/0x190 __vsock_bind+0x62e/0x730 vsock_bind+0x97/0xe0 __sys_bind+0x154/0x1f0 __x64_sys_bind+0x6e/0xb0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e Allocated by task 2057: kasan_save_stack+0x1e/0x40 kasan_save_track+0x10/0x30 __kasan_slab_alloc+0x85/0x90 kmem_cache_alloc_noprof+0x131/0x450 sk_prot_alloc+0x5b/0x220 sk_alloc+0x2c/0x870 __vsock_create.constprop.0+0x2e/0xb60 vsock_create+0xe4/0x420 __sock_create+0x241/0x650 __sys_socket+0xf2/0x1a0 __x64_sys_socket+0x6e/0xb0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e Freed by task 2057: kasan_save_stack+0x1e/0x40 kasan_save_track+0x10/0x30 kasan_save_free_info+0x37/0x60 __kasan_slab_free+0x4b/0x70 kmem_cache_free+0x1a1/0x590 __sk_destruct+0x388/0x5a0 __vsock_bind+0x5e1/0x730 vsock_bind+0x97/0xe0 __sys_bind+0x154/0x1f0 __x64_sys_bind+0x6e/0xb0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e refcount_t: addition on 0; use-after-free. WARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150 RIP: 0010:refcount_warn_saturate+0xce/0x150 __vsock_bind+0x66d/0x730 vsock_bind+0x97/0xe0 __sys_bind+0x154/0x1f0 __x64_sys_bind+0x6e/0xb0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e refcount_t: underflow; use-after-free. WARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150 RIP: 0010:refcount_warn_saturate+0xee/0x150 vsock_remove_bound+0x187/0x1e0 __vsock_release+0x383/0x4a0 vsock_release+0x90/0x120 __sock_release+0xa3/0x250 sock_close+0x14/0x20 __fput+0x359/0xa80 task_work_run+0x107/0x1d0 do_exit+0x847/0x2560 do_group_exit+0xb8/0x250 __x64_sys_exit_group+0x3a/0x50 x64_sys_call+0xfec/0x14f0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fixes: c0cfa2d8a788 ("vsock: add multi-transports support") Reviewed-by: Stefano Garzarella Signed-off-by: Michal Luczaj --- net/vmw_vsock/af_vsock.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c index fa9d1b49599bf219bdf9486741582cc8c547a354..cfe18bc8fdbe7ced073c6b3644d635fdbfa02610 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -337,7 +337,10 @@ EXPORT_SYMBOL_GPL(vsock_find_connected_socket); void vsock_remove_sock(struct vsock_sock *vsk) { - vsock_remove_bound(vsk); + /* Transport reassignment must not remove the binding. */ + if (sock_flag(sk_vsock(vsk), SOCK_DEAD)) + vsock_remove_bound(vsk); + vsock_remove_connected(vsk); } EXPORT_SYMBOL_GPL(vsock_remove_sock); @@ -821,12 +824,13 @@ static void __vsock_release(struct sock *sk, int level) */ lock_sock_nested(sk, level); + sock_orphan(sk); + if (vsk->transport) vsk->transport->release(vsk); else if (sock_type_connectible(sk->sk_type)) vsock_remove_sock(vsk); - sock_orphan(sk); sk->sk_shutdown = SHUTDOWN_MASK; skb_queue_purge(&sk->sk_receive_queue); From patchwork Tue Jan 28 13:15:28 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michal Luczaj X-Patchwork-Id: 13952551 X-Patchwork-Delegate: kuba@kernel.org Received: from mailtransmit04.runbox.com (mailtransmit04.runbox.com [185.226.149.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ABEA91A9B40 for ; Tue, 28 Jan 2025 13:16:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.226.149.37 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070174; cv=none; b=uOPAqWYt7fYMDH28iFQY8BO8sXl6fMVYoHBmbsXmZoPArLOrUgtdMDR/+7wGjfNU21F/BEce2lfdUXCuP9wDRFAShphXgrbW4Xz3ecrwmRpxwadWQY4QWzrdw60pc3Y3yYgWm9Kfg9CBfkSadJbayTD9uNVo61HXv8rm00dn/Js= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070174; c=relaxed/simple; bh=qEghCYw90LvLl/UsHV0yG5FBhJG01TkgMBGl7th78es=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=ZoxYJBj1A1cZTFH5wIvxQibqlE95dEb9BGxr/ndo+KO88tntFNP94uTgpH9tx1HwEHTBJf0OW67+4F7ZOvJaFBlc0j8nkg2dspvvlTx5DWHKkUER5/ogRpJFT6cM2ACxZs5tz2a8HaqyHatbbtG1XIxSzTCez1ahmcUtMdaNi4A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co; spf=pass smtp.mailfrom=rbox.co; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b=Bb4urRsS; arc=none smtp.client-ip=185.226.149.37 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rbox.co Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b="Bb4urRsS" Received: from mailtransmit02.runbox ([10.9.9.162] helo=aibo.runbox.com) by mailtransmit04.runbox.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1tclRo-002exw-Rb; Tue, 28 Jan 2025 14:16:08 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=rbox.co; s=selector2; h=Cc:To:In-Reply-To:References:Message-Id: Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date:From; bh=50sw8+RLYxtrONIEeNuYTgWEQ2DmBdco7580O/YdZEI=; b=Bb4urRsSXepjlV/UbEYOiBfbza Er9217poUVswq9HMXXkliZT3lvhKIPVnFq4lGMMgvl1ptLIEpVlBjl90JjyEKifaQe10Ozf45a+Zo muvLjrhBTHFTnG4d1WnqNxDJgjaU+zyiQ2CQQLn2BqzvG/EzibdJx2knc3hvBXyHDJ1lti0bHIcNS 7LQ5ETDZws+CvCzcmosaDt0ELAAA9PbFJGUEaaIXJASC+UpVb3BxCuEHKO+/SruEUHMOo4HgTqf8B N7kc3IyWy4yWl1LN3HXY+qgpIe22pxUIReM2ZsdK9kHE6/j+p7Vj3cspSNy0g6LxyUpEnUqxoaLGw hsXiolSg==; Received: from [10.9.9.73] (helo=submission02.runbox) by mailtransmit02.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1tclRo-0006wY-DV; Tue, 28 Jan 2025 14:16:08 +0100 Received: by submission02.runbox with esmtpsa [Authenticated ID (604044)] (TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) id 1tclRJ-000mZg-Py; Tue, 28 Jan 2025 14:15:37 +0100 From: Michal Luczaj Date: Tue, 28 Jan 2025 14:15:28 +0100 Subject: [PATCH net v3 2/6] vsock: Allow retrying on connect() failure Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250128-vsock-transport-vs-autobind-v3-2-1cf57065b770@rbox.co> References: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> In-Reply-To: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> To: Stefano Garzarella , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman Cc: netdev@vger.kernel.org, virtualization@lists.linux.dev, Michal Luczaj , Luigi Leonardi X-Mailer: b4 0.14.2 X-Patchwork-Delegate: kuba@kernel.org sk_err is set when a (connectible) connect() fails. Effectively, this makes an otherwise still healthy SS_UNCONNECTED socket impossible to use for any subsequent connection attempts. Clear sk_err upon trying to establish a connection. Fixes: d021c344051a ("VSOCK: Introduce VM Sockets") Reviewed-by: Stefano Garzarella Reviewed-by: Luigi Leonardi Signed-off-by: Michal Luczaj --- net/vmw_vsock/af_vsock.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c index cfe18bc8fdbe7ced073c6b3644d635fdbfa02610..075695173648d3a4ecbd04e908130efdbb393b41 100644 --- a/net/vmw_vsock/af_vsock.c +++ b/net/vmw_vsock/af_vsock.c @@ -1523,6 +1523,11 @@ static int vsock_connect(struct socket *sock, struct sockaddr *addr, if (err < 0) goto out; + /* sk_err might have been set as a result of an earlier + * (failed) connect attempt. + */ + sk->sk_err = 0; + /* Mark sock as connecting and set the error code to in * progress in case this is a non-blocking connect. */ From patchwork Tue Jan 28 13:15:29 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michal Luczaj X-Patchwork-Id: 13952548 X-Patchwork-Delegate: kuba@kernel.org Received: from mailtransmit05.runbox.com (mailtransmit05.runbox.com [185.226.149.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A376519CCEC; Tue, 28 Jan 2025 13:16:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.226.149.38 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070170; cv=none; b=ZsfITWWcMAW7e3tpJ7zkHQ51PD3LTW1B/ycjuWUyGteUDUlZHaR+uifRpFDPUGAlg6h1ypB++PJuYz7l5vcsDkEpiEyglXbyGd7vEjqvNKjexvCzpS4u1f4Q8syC8Cj63xb/ZJ4QXWT1IJGAUhy8/VRUiUSJuPzH4uNr/0lpFK4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070170; c=relaxed/simple; bh=cQm26A2r2B4pkQB1WSlu2i0TqGAguDpmJPl2biUcK9A=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=l5gii342+70wyNVsbXGJ+LkhtrC5xmrwC9RxZkWgNdq6rFkwC0fp2ATuVTFfOF0lc0oL6kL7utbBZTd+Uot3QXZfzv+047FyE2HkyGKdCIswUjdaBWaYQ1Rdu9TdgcMJHYygX8RnE3M854BXJOoyAzu0/6M92B1wPakGiV8W9SQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co; spf=pass smtp.mailfrom=rbox.co; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b=PVrtubZ4; arc=none smtp.client-ip=185.226.149.38 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rbox.co Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b="PVrtubZ4" Received: from mailtransmit02.runbox ([10.9.9.162] helo=aibo.runbox.com) by mailtransmit05.runbox.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1tclRl-002o4T-OD; Tue, 28 Jan 2025 14:16:05 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=rbox.co; s=selector2; h=Cc:To:In-Reply-To:References:Message-Id: Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date:From; bh=9R5OvuG4Ddv4DLQydiPu1JDwrmDM37Ahgjrn2vEoGdY=; b=PVrtubZ4VswtH+R19mJDVy3F8q rsj25XuYWWw8ljxvSQacddwZpfBN9e6YX9EtcCaM6tPu7D6atr6RDukF5qRr6Eridsxbb83rNJ4Ti T5eEtKiccKwDY0sdtdWVvohDlBbBJKS8z/42WHDjV58Db0lbt6uho8C5RWFkxpwMaEZ60Z6Wqsli5 YNoJBMFkorKA5IDg/UFedBbN47YfV75W2/n90Z9Gmqb/6ZsMn7nbInWOuPhSw8fNRkx/aYhIelfms RRyoJLX2MucxNApkllCtL1E/wiJe9ODfaoe2kVkQcICslbSrMB7RDdnOZYU/J0IhxKhvm0gul/NC2 vacFfaFg==; Received: from [10.9.9.73] (helo=submission02.runbox) by mailtransmit02.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1tclRl-0006wF-9u; Tue, 28 Jan 2025 14:16:05 +0100 Received: by submission02.runbox with esmtpsa [Authenticated ID (604044)] (TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) id 1tclRK-000mZg-9O; Tue, 28 Jan 2025 14:15:38 +0100 From: Michal Luczaj Date: Tue, 28 Jan 2025 14:15:29 +0100 Subject: [PATCH net v3 3/6] vsock/test: Introduce vsock_bind() Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250128-vsock-transport-vs-autobind-v3-3-1cf57065b770@rbox.co> References: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> In-Reply-To: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> To: Stefano Garzarella , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman Cc: netdev@vger.kernel.org, virtualization@lists.linux.dev, Michal Luczaj , Luigi Leonardi X-Mailer: b4 0.14.2 X-Patchwork-Delegate: kuba@kernel.org Add a helper for socket()+bind(). Adapt callers. Reviewed-by: Stefano Garzarella Reviewed-by: Luigi Leonardi Signed-off-by: Michal Luczaj --- tools/testing/vsock/util.c | 57 +++++++++++++++++----------------------- tools/testing/vsock/util.h | 1 + tools/testing/vsock/vsock_test.c | 17 +----------- 3 files changed, 26 insertions(+), 49 deletions(-) diff --git a/tools/testing/vsock/util.c b/tools/testing/vsock/util.c index 7058dc614c25f546fc3219d6b9ade2dcef21a9bd..6e36f9371532cfc75dd14131b84bf8393ca0952b 100644 --- a/tools/testing/vsock/util.c +++ b/tools/testing/vsock/util.c @@ -96,33 +96,43 @@ void vsock_wait_remote_close(int fd) close(epollfd); } -/* Bind to , connect to and return the file descriptor. */ -int vsock_bind_connect(unsigned int cid, unsigned int port, unsigned int bind_port, int type) +/* Create socket , bind to and return the file descriptor. */ +int vsock_bind(unsigned int cid, unsigned int port, int type) { - struct sockaddr_vm sa_client = { - .svm_family = AF_VSOCK, - .svm_cid = VMADDR_CID_ANY, - .svm_port = bind_port, - }; - struct sockaddr_vm sa_server = { + struct sockaddr_vm sa = { .svm_family = AF_VSOCK, .svm_cid = cid, .svm_port = port, }; + int fd; - int client_fd, ret; - - client_fd = socket(AF_VSOCK, type, 0); - if (client_fd < 0) { + fd = socket(AF_VSOCK, type, 0); + if (fd < 0) { perror("socket"); exit(EXIT_FAILURE); } - if (bind(client_fd, (struct sockaddr *)&sa_client, sizeof(sa_client))) { + if (bind(fd, (struct sockaddr *)&sa, sizeof(sa))) { perror("bind"); exit(EXIT_FAILURE); } + return fd; +} + +/* Bind to , connect to and return the file descriptor. */ +int vsock_bind_connect(unsigned int cid, unsigned int port, unsigned int bind_port, int type) +{ + struct sockaddr_vm sa_server = { + .svm_family = AF_VSOCK, + .svm_cid = cid, + .svm_port = port, + }; + + int client_fd, ret; + + client_fd = vsock_bind(VMADDR_CID_ANY, bind_port, type); + timeout_begin(TIMEOUT); do { ret = connect(client_fd, (struct sockaddr *)&sa_server, sizeof(sa_server)); @@ -192,28 +202,9 @@ int vsock_seqpacket_connect(unsigned int cid, unsigned int port) /* Listen on and return the file descriptor. */ static int vsock_listen(unsigned int cid, unsigned int port, int type) { - union { - struct sockaddr sa; - struct sockaddr_vm svm; - } addr = { - .svm = { - .svm_family = AF_VSOCK, - .svm_port = port, - .svm_cid = cid, - }, - }; int fd; - fd = socket(AF_VSOCK, type, 0); - if (fd < 0) { - perror("socket"); - exit(EXIT_FAILURE); - } - - if (bind(fd, &addr.sa, sizeof(addr.svm)) < 0) { - perror("bind"); - exit(EXIT_FAILURE); - } + fd = vsock_bind(cid, port, type); if (listen(fd, 1) < 0) { perror("listen"); diff --git a/tools/testing/vsock/util.h b/tools/testing/vsock/util.h index e62f46b2b92a7916e83e1e623b43c811b077db3e..077842905bc3e7a4bbd22caba4b7bde976de2718 100644 --- a/tools/testing/vsock/util.h +++ b/tools/testing/vsock/util.h @@ -43,6 +43,7 @@ int vsock_connect(unsigned int cid, unsigned int port, int type); int vsock_accept(unsigned int cid, unsigned int port, struct sockaddr_vm *clientaddrp, int type); int vsock_stream_connect(unsigned int cid, unsigned int port); +int vsock_bind(unsigned int cid, unsigned int port, int type); int vsock_bind_connect(unsigned int cid, unsigned int port, unsigned int bind_port, int type); int vsock_seqpacket_connect(unsigned int cid, unsigned int port); diff --git a/tools/testing/vsock/vsock_test.c b/tools/testing/vsock/vsock_test.c index 1eebbc0d5f616bb1afab3ec3f9e59cb609f9f6e8..daa4f3ca9b6e7267d1bb14a7d43499da3bafb108 100644 --- a/tools/testing/vsock/vsock_test.c +++ b/tools/testing/vsock/vsock_test.c @@ -113,24 +113,9 @@ static void test_stream_bind_only_client(const struct test_opts *opts) static void test_stream_bind_only_server(const struct test_opts *opts) { - union { - struct sockaddr sa; - struct sockaddr_vm svm; - } addr = { - .svm = { - .svm_family = AF_VSOCK, - .svm_port = opts->peer_port, - .svm_cid = VMADDR_CID_ANY, - }, - }; int fd; - fd = socket(AF_VSOCK, SOCK_STREAM, 0); - - if (bind(fd, &addr.sa, sizeof(addr.svm)) < 0) { - perror("bind"); - exit(EXIT_FAILURE); - } + fd = vsock_bind(VMADDR_CID_ANY, opts->peer_port, SOCK_STREAM); /* Notify the client that the server is ready */ control_writeln("BIND"); From patchwork Tue Jan 28 13:15:30 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michal Luczaj X-Patchwork-Id: 13952553 X-Patchwork-Delegate: kuba@kernel.org Received: from mailtransmit05.runbox.com (mailtransmit05.runbox.com [185.226.149.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A2B981AA1FE; Tue, 28 Jan 2025 13:16:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.226.149.38 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070177; cv=none; b=GVZTA39v1M4HEzI/tokKGGJIKvZUmuxeHahS9mJusO1rj5qNM3Bxu36GM5mfSiQk9fEPOPXLaszb/tVymxwTGDW/gsgLSxWKu5rFwtDsyjH3PygkRtP7eEW6S2+UhuUsrRXFs3krayy0/3PvadHZ7LTEcmXpaCozLozJfVihJ5s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070177; c=relaxed/simple; bh=mCe91mZUInVshcV/ZonPnpAUaJIUZtPe5QieIg1rQPM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Gi+skbTZjv6jjxS1CQvi4SRmjfR/VuoaeQHGjhGV9R0Ta/gK2GGmNExO6WJgQDawckPafOxHJYoTIJ3V+Eu4vkkTgmPdAsDHzkVqDDCcWAVCYTtEXMZT8POPa7JYi2kh5rku8wCIiyUT/ZNdj/N9KRrZCTZr2Kh43Mw4Y9FqT0I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co; spf=pass smtp.mailfrom=rbox.co; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b=D6fzxsCH; arc=none smtp.client-ip=185.226.149.38 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rbox.co Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b="D6fzxsCH" Received: from mailtransmit02.runbox ([10.9.9.162] helo=aibo.runbox.com) by mailtransmit05.runbox.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1tclRr-002o5M-Qq; Tue, 28 Jan 2025 14:16:11 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=rbox.co; s=selector2; h=Cc:To:In-Reply-To:References:Message-Id: Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date:From; bh=tekpfh1yrJU9RM9KvGgjy3RLhabpAVkbGFxAnwcQfbw=; b=D6fzxsCHyqZYPSqsGtVgikR3gj ir4NPzmMyBUZKj4yQF1ic4tLI3wc6Uw7hbYMPpoIXyegYHF1d7Hc8Z4WwVxE/r9/Q2JYoinF11Wv+ 1loGu39IfkL9BLt0f1WweAyhs/DEe1LlH+hGqslBwJIje83jyA3eDsnb6WQKc/2KFY7zR+FZHEdK7 FngFelhusQwWbVMtZlW0YhNrZ0bpmPa9YEwEJzIba3DFFx8WUqQ4JIpawn+x9j2tRBkXfipUSAtm+ SOBYZrS8RWUGxtkfHEHihhULO3zb9zBPZD4aPKKKoo2UgPUBC/ZSOPTZkbn4LQ47r7MCofh2cHymE Xx19k40w==; Received: from [10.9.9.73] (helo=submission02.runbox) by mailtransmit02.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1tclRm-0006wL-EA; Tue, 28 Jan 2025 14:16:06 +0100 Received: by submission02.runbox with esmtpsa [Authenticated ID (604044)] (TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) id 1tclRK-000mZg-O7; Tue, 28 Jan 2025 14:15:38 +0100 From: Michal Luczaj Date: Tue, 28 Jan 2025 14:15:30 +0100 Subject: [PATCH net v3 4/6] vsock/test: Introduce vsock_connect_fd() Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250128-vsock-transport-vs-autobind-v3-4-1cf57065b770@rbox.co> References: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> In-Reply-To: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> To: Stefano Garzarella , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman Cc: netdev@vger.kernel.org, virtualization@lists.linux.dev, Michal Luczaj X-Mailer: b4 0.14.2 X-Patchwork-Delegate: kuba@kernel.org Distill timeout-guarded vsock_connect_fd(). Adapt callers. Suggested-by: Stefano Garzarella Reviewed-by: Stefano Garzarella Signed-off-by: Michal Luczaj --- tools/testing/vsock/util.c | 45 +++++++++++++++++---------------------------- tools/testing/vsock/util.h | 1 + 2 files changed, 18 insertions(+), 28 deletions(-) diff --git a/tools/testing/vsock/util.c b/tools/testing/vsock/util.c index 6e36f9371532cfc75dd14131b84bf8393ca0952b..de25892f865f07672da0886be8bd1a429ade8b05 100644 --- a/tools/testing/vsock/util.c +++ b/tools/testing/vsock/util.c @@ -120,27 +120,33 @@ int vsock_bind(unsigned int cid, unsigned int port, int type) return fd; } -/* Bind to , connect to and return the file descriptor. */ -int vsock_bind_connect(unsigned int cid, unsigned int port, unsigned int bind_port, int type) +int vsock_connect_fd(int fd, unsigned int cid, unsigned int port) { - struct sockaddr_vm sa_server = { + struct sockaddr_vm sa = { .svm_family = AF_VSOCK, .svm_cid = cid, .svm_port = port, }; - - int client_fd, ret; - - client_fd = vsock_bind(VMADDR_CID_ANY, bind_port, type); + int ret; timeout_begin(TIMEOUT); do { - ret = connect(client_fd, (struct sockaddr *)&sa_server, sizeof(sa_server)); + ret = connect(fd, (struct sockaddr *)&sa, sizeof(sa)); timeout_check("connect"); } while (ret < 0 && errno == EINTR); timeout_end(); - if (ret < 0) { + return ret; +} + +/* Bind to , connect to and return the file descriptor. */ +int vsock_bind_connect(unsigned int cid, unsigned int port, unsigned int bind_port, int type) +{ + int client_fd; + + client_fd = vsock_bind(VMADDR_CID_ANY, bind_port, type); + + if (vsock_connect_fd(client_fd, cid, port)) { perror("connect"); exit(EXIT_FAILURE); } @@ -151,17 +157,6 @@ int vsock_bind_connect(unsigned int cid, unsigned int port, unsigned int bind_po /* Connect to and return the file descriptor. */ int vsock_connect(unsigned int cid, unsigned int port, int type) { - union { - struct sockaddr sa; - struct sockaddr_vm svm; - } addr = { - .svm = { - .svm_family = AF_VSOCK, - .svm_port = port, - .svm_cid = cid, - }, - }; - int ret; int fd; control_expectln("LISTENING"); @@ -172,20 +167,14 @@ int vsock_connect(unsigned int cid, unsigned int port, int type) exit(EXIT_FAILURE); } - timeout_begin(TIMEOUT); - do { - ret = connect(fd, &addr.sa, sizeof(addr.svm)); - timeout_check("connect"); - } while (ret < 0 && errno == EINTR); - timeout_end(); - - if (ret < 0) { + if (vsock_connect_fd(fd, cid, port)) { int old_errno = errno; close(fd); fd = -1; errno = old_errno; } + return fd; } diff --git a/tools/testing/vsock/util.h b/tools/testing/vsock/util.h index 077842905bc3e7a4bbd22caba4b7bde976de2718..d1f765ce3eeeed8f738630846bb47c4f3f6f946f 100644 --- a/tools/testing/vsock/util.h +++ b/tools/testing/vsock/util.h @@ -39,6 +39,7 @@ struct test_case { void init_signals(void); unsigned int parse_cid(const char *str); unsigned int parse_port(const char *str); +int vsock_connect_fd(int fd, unsigned int cid, unsigned int port); int vsock_connect(unsigned int cid, unsigned int port, int type); int vsock_accept(unsigned int cid, unsigned int port, struct sockaddr_vm *clientaddrp, int type); From patchwork Tue Jan 28 13:15:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michal Luczaj X-Patchwork-Id: 13952549 X-Patchwork-Delegate: kuba@kernel.org Received: from mailtransmit05.runbox.com (mailtransmit05.runbox.com [185.226.149.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 39483136352 for ; Tue, 28 Jan 2025 13:16:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.226.149.38 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070170; cv=none; b=jqSap/ZArFLIb26IZKf5MYNHcOVH8BMkOlXiks45Nhzjseoe2Lob4fiSz46XqX8lhv7tb9pVHiaEsDYe7TXvmHq49x0SttlI/zPcesAWHRDKBSLZMDE32lJvO9wkQnquuN5caTMf2NuTirVeBiDM7FioDLDl22fUnry1DyvV8Sk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070170; c=relaxed/simple; bh=40q0NRy0TSkoa4sgKuyoaDHtfeyMbdAmXoEjr56j+ak=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=XEpD4IUftvhDuSHqQSg0syzioprwPiqbtDYo4sEYJEdGP3YzmWCB2Dx+9Cc686iTk5++6HP/ve0QFtnbHzBGdN8YhgQbV5nYycgjluV/kDjNxF6L+M5CDMySgHEtVj9DeLdAcDPAD+HI4Cm1aBWoeSLioH7YNi+egMMtz6/P+DA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co; spf=pass smtp.mailfrom=rbox.co; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b=kSyWDf7e; arc=none smtp.client-ip=185.226.149.38 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rbox.co Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b="kSyWDf7e" Received: from mailtransmit02.runbox ([10.9.9.162] helo=aibo.runbox.com) by mailtransmit05.runbox.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1tclRd-002o4B-Ar; Tue, 28 Jan 2025 14:15:57 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=rbox.co; s=selector2; h=Cc:To:In-Reply-To:References:Message-Id: Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date:From; bh=1v4A9l47KW8qox3llJv7nIWR8IMemEpyMLrxWZePBDM=; b=kSyWDf7eCiLw5g9BIrqeFcX6rr r8YDZwegruSmXsOIsUo+OLjD2wyrMAHGYfeWX2C5cbBKu6JMaN2hHkLc4D6jcMj8V8UJRQGk6gEiI WxERYRamUdOrN5Cy1xIIDWylbd6y9uc6XI1pZlM5xPkz8iOfQSydNNZGhCe1jjv0SMYeC+vym7DjS 2LFLOFYv8VU1uQl2nPhZ1wI3/dnSzz0pMmRYfTY+U52h/9e9DjzBnmn7L+1xjbGhI7cG2UW22n823 hGamel/mBZs3YJWCfhiXHXqzHF/bh4eq2v8vJ9X3f8mn3PP9x54zoWB84ieNA9km8H8M/w7CQHfo7 SNpt+SpQ==; Received: from [10.9.9.73] (helo=submission02.runbox) by mailtransmit02.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1tclRc-0006vx-Sq; Tue, 28 Jan 2025 14:15:57 +0100 Received: by submission02.runbox with esmtpsa [Authenticated ID (604044)] (TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) id 1tclRL-000mZg-6H; Tue, 28 Jan 2025 14:15:39 +0100 From: Michal Luczaj Date: Tue, 28 Jan 2025 14:15:31 +0100 Subject: [PATCH net v3 5/6] vsock/test: Add test for UAF due to socket unbinding Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250128-vsock-transport-vs-autobind-v3-5-1cf57065b770@rbox.co> References: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> In-Reply-To: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> To: Stefano Garzarella , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman Cc: netdev@vger.kernel.org, virtualization@lists.linux.dev, Michal Luczaj X-Mailer: b4 0.14.2 X-Patchwork-Delegate: kuba@kernel.org Fail the autobind, then trigger a transport reassign. Socket might get unbound from unbound_sockets, which then leads to a reference count underflow. Reviewed-by: Stefano Garzarella Signed-off-by: Michal Luczaj --- tools/testing/vsock/vsock_test.c | 58 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/tools/testing/vsock/vsock_test.c b/tools/testing/vsock/vsock_test.c index daa4f3ca9b6e7267d1bb14a7d43499da3bafb108..92cfd92bbfdc2cca75dc1149bee7f354262ad2b1 100644 --- a/tools/testing/vsock/vsock_test.c +++ b/tools/testing/vsock/vsock_test.c @@ -1693,6 +1693,59 @@ static void test_stream_msgzcopy_leak_zcskb_server(const struct test_opts *opts) close(fd); } +#define MAX_PORT_RETRIES 24 /* net/vmw_vsock/af_vsock.c */ + +/* Test attempts to trigger a transport release for an unbound socket. This can + * lead to a reference count mishandling. + */ +static void test_stream_transport_uaf_client(const struct test_opts *opts) +{ + int sockets[MAX_PORT_RETRIES]; + struct sockaddr_vm addr; + int fd, i, alen; + + fd = vsock_bind(VMADDR_CID_ANY, VMADDR_PORT_ANY, SOCK_STREAM); + + alen = sizeof(addr); + if (getsockname(fd, (struct sockaddr *)&addr, &alen)) { + perror("getsockname"); + exit(EXIT_FAILURE); + } + + for (i = 0; i < MAX_PORT_RETRIES; ++i) + sockets[i] = vsock_bind(VMADDR_CID_ANY, ++addr.svm_port, + SOCK_STREAM); + + close(fd); + fd = socket(AF_VSOCK, SOCK_STREAM, 0); + if (fd < 0) { + perror("socket"); + exit(EXIT_FAILURE); + } + + if (!vsock_connect_fd(fd, addr.svm_cid, addr.svm_port)) { + perror("Unexpected connect() #1 success"); + exit(EXIT_FAILURE); + } + + /* Vulnerable system may crash now. */ + if (!vsock_connect_fd(fd, VMADDR_CID_HOST, VMADDR_PORT_ANY)) { + perror("Unexpected connect() #2 success"); + exit(EXIT_FAILURE); + } + + close(fd); + while (i--) + close(sockets[i]); + + control_writeln("DONE"); +} + +static void test_stream_transport_uaf_server(const struct test_opts *opts) +{ + control_expectln("DONE"); +} + static struct test_case test_cases[] = { { .name = "SOCK_STREAM connection reset", @@ -1838,6 +1891,11 @@ static struct test_case test_cases[] = { .run_client = test_stream_msgzcopy_leak_zcskb_client, .run_server = test_stream_msgzcopy_leak_zcskb_server, }, + { + .name = "SOCK_STREAM transport release use-after-free", + .run_client = test_stream_transport_uaf_client, + .run_server = test_stream_transport_uaf_server, + }, {}, }; From patchwork Tue Jan 28 13:15:32 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michal Luczaj X-Patchwork-Id: 13952550 X-Patchwork-Delegate: kuba@kernel.org Received: from mailtransmit05.runbox.com (mailtransmit05.runbox.com [185.226.149.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 394CF19AD48; Tue, 28 Jan 2025 13:16:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.226.149.38 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070171; cv=none; b=OAEScBaPgIt5TFrFdqnJkEjFU17oBwPb0NSexDuRH7eOhlvOfYC7oY4iHIxxRuWY6a5I+kAkDiWnqfg31ibOUcRMKD5SEF8MsIgVFSOhN99ZU61wyAHJ/o0sLsCC5arod5zM+f7O+5P+59Wd3eWLdOoNR+ewKTrRXwyTEQemyqU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738070171; c=relaxed/simple; bh=3z2PnVno2WMWCgJRiXopFRiwcTXT2eT8/Ec6OK1EgZQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=KUfzWnElDyGXrKNU/8JQNbckRgFROeWD8YoyDjNSkQ//Hhb4be4Ex2hzyVuQzs6eevnuevN25AT18rTv/ae+nWBjee4QNPH+gAg9hTSVt0xtEwrdQBgOuKlnaofTtemO0DJnu2bjE5k36LlSgq45hKYQt1mVTvsSVdMa/2+yGlk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co; spf=pass smtp.mailfrom=rbox.co; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b=Eg8Tud4x; arc=none smtp.client-ip=185.226.149.38 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=rbox.co Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=rbox.co Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=rbox.co header.i=@rbox.co header.b="Eg8Tud4x" Received: from mailtransmit03.runbox ([10.9.9.163] helo=aibo.runbox.com) by mailtransmit05.runbox.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1tclRc-002o44-P5; Tue, 28 Jan 2025 14:15:56 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=rbox.co; s=selector2; h=Cc:To:In-Reply-To:References:Message-Id: Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date:From; bh=ulOBA5zraqg9Cx36pRszEPMHhmD1X6DYSEnF8qJ9Bd0=; b=Eg8Tud4xNCCFCWx+BhJ4hMPdwt OUYrCcapQp5WCG+Cne1tLsZXZ1QSzRqsZmnsEtZ3u1vD3PJNN3CXvBewkvw9jw/HzSIzScmC6zWFX X0aMrtu+PdYCG/fNB2kfYTW7Bi9PNwMyvQ9XqiF2f/IdCxpbo+wfhTL51TbABBoAWqOQHHBB94YKi e4IujHrNx0BE8V0tlOzTOcRbiFbGybFHg+imGcc46muVZT8pYkU25dHWyWonitVgAs8CZpa1JZNPh Z/urF8kCDSx18wUWAaL3KxFOldOqRqp41LcMKMbf+AUIxE7VnF6j1wfFIIMbIhN8OBG8Sz0LYLQZS DQoMpCEw==; Received: from [10.9.9.73] (helo=submission02.runbox) by mailtransmit03.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1tclRb-0007KA-Kb; Tue, 28 Jan 2025 14:15:55 +0100 Received: by submission02.runbox with esmtpsa [Authenticated ID (604044)] (TLS1.2:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) id 1tclRL-000mZg-M2; Tue, 28 Jan 2025 14:15:39 +0100 From: Michal Luczaj Date: Tue, 28 Jan 2025 14:15:32 +0100 Subject: [PATCH net v3 6/6] vsock/test: Add test for connect() retries Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20250128-vsock-transport-vs-autobind-v3-6-1cf57065b770@rbox.co> References: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> In-Reply-To: <20250128-vsock-transport-vs-autobind-v3-0-1cf57065b770@rbox.co> To: Stefano Garzarella , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman Cc: netdev@vger.kernel.org, virtualization@lists.linux.dev, Michal Luczaj , Luigi Leonardi X-Mailer: b4 0.14.2 X-Patchwork-Delegate: kuba@kernel.org Deliberately fail a connect() attempt; expect error. Then verify that subsequent attempt (using the same socket) can still succeed, rather than fail outright. Reviewed-by: Stefano Garzarella Reviewed-by: Luigi Leonardi Signed-off-by: Michal Luczaj --- tools/testing/vsock/vsock_test.c | 47 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/tools/testing/vsock/vsock_test.c b/tools/testing/vsock/vsock_test.c index 92cfd92bbfdc2cca75dc1149bee7f354262ad2b1..dfff8b288265f96b602cb1bfa0e6dce02f114222 100644 --- a/tools/testing/vsock/vsock_test.c +++ b/tools/testing/vsock/vsock_test.c @@ -1746,6 +1746,48 @@ static void test_stream_transport_uaf_server(const struct test_opts *opts) control_expectln("DONE"); } +static void test_stream_connect_retry_client(const struct test_opts *opts) +{ + int fd; + + fd = socket(AF_VSOCK, SOCK_STREAM, 0); + if (fd < 0) { + perror("socket"); + exit(EXIT_FAILURE); + } + + if (!vsock_connect_fd(fd, opts->peer_cid, opts->peer_port)) { + fprintf(stderr, "Unexpected connect() #1 success\n"); + exit(EXIT_FAILURE); + } + + control_writeln("LISTEN"); + control_expectln("LISTENING"); + + if (vsock_connect_fd(fd, opts->peer_cid, opts->peer_port)) { + perror("connect() #2"); + exit(EXIT_FAILURE); + } + + close(fd); +} + +static void test_stream_connect_retry_server(const struct test_opts *opts) +{ + int fd; + + control_expectln("LISTEN"); + + fd = vsock_stream_accept(VMADDR_CID_ANY, opts->peer_port, NULL); + if (fd < 0) { + perror("accept"); + exit(EXIT_FAILURE); + } + + vsock_wait_remote_close(fd); + close(fd); +} + static struct test_case test_cases[] = { { .name = "SOCK_STREAM connection reset", @@ -1896,6 +1938,11 @@ static struct test_case test_cases[] = { .run_client = test_stream_transport_uaf_client, .run_server = test_stream_transport_uaf_server, }, + { + .name = "SOCK_STREAM retry failed connect()", + .run_client = test_stream_connect_retry_client, + .run_server = test_stream_connect_retry_server, + }, {}, };