git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Stanislav Fomichev <sdf@google.com>
	Thu, 11 May 2023 17:04:53 +0000 (10:04 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 11 Jul 2023 17:39:27 +0000 (19:39 +0200)
commit	1b4a82c292c7260baf515c45a25cb2f345ccb25d
tree	4e88f8643da52530c02bc01205c03bc7dfe80a86	tree
parent	6e0a58d591b6def284b53b5e3c3b2fed97473d1c	commit \| diff

bpf: Don't EFAULT for {g,s}setsockopt with wrong optlen

[ Upstream commit 29ebbba7d46136cba324264e513a1e964ca16c0a ]

With the way the hooks implemented right now, we have a special
condition: optval larger than PAGE_SIZE will expose only first 4k into
BPF; any modifications to the optval are ignored. If the BPF program
doesn't handle this condition by resetting optlen to 0,
the userspace will get EFAULT.

The intention of the EFAULT was to make it apparent to the
developers that the program is doing something wrong.
However, this inadvertently might affect production workloads
with the BPF programs that are not too careful (i.e., returning EFAULT
for perfectly valid setsockopt/getsockopt calls).

Let's try to minimize the chance of BPF program screwing up userspace
by ignoring the output of those BPF programs (instead of returning
EFAULT to the userspace). pr_info_once those cases to
the dmesg to help with figuring out what's going wrong.

Fixes: 0d01da6afc54 ("bpf: implement getsockopt and setsockopt hooks")
Suggested-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: Stanislav Fomichev <sdf@google.com>
Link: https://lore.kernel.org/r/20230511170456.1759459-2-sdf@google.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>