Abhishek Chauhan wrote: > Currently there are no strict checks while setting SO_TXTIME > from userspace. With the recent development in skb->tstamp_type > clockid with unsupported clocks results in warn_on_once, which causes > unnecessary aborts in some systems which enables panic on warns. > > Add validation in setsockopt to support only CLOCK_REALTIME, > CLOCK_MONOTONIC and CLOCK_TAI to be set from userspace. > > Link: https://lore.kernel.org/netdev/bc037db4-58bb-4861-ac31-a361a93841d3@xxxxxxxxx/ > Link: https://lore.kernel.org/lkml/6bdba7b6-fd22-4ea5-a356-12268674def1@xxxxxxxxxxx/ > Fixes: 1693c5db6ab8 ("net: Add additional bit to support clockid_t timestamp type") > Reported-by: syzbot+d7b227731ec589e7f4f0@xxxxxxxxxxxxxxxxxxxxxxxxx > Closes: https://syzkaller.appspot.com/bug?extid=d7b227731ec589e7f4f0 > Reported-by: syzbot+30a35a2e9c5067cc43fa@xxxxxxxxxxxxxxxxxxxxxxxxx > Closes: https://syzkaller.appspot.com/bug?extid=30a35a2e9c5067cc43fa > Signed-off-by: Abhishek Chauhan <quic_abchauha@xxxxxxxxxxx> > Acked-by: Martin KaFai Lau <martin.lau@xxxxxxxxxx> Reviewed-by: Willem de Bruijn <willemb@xxxxxxxxxx> > --- > Changes since v1 > - Moved from net to net-next since > Fixes tag is available only on net-next > as mentioned by Martin > - Added direct link to design discussion as > mentioned by Willem. > - Parameter in the sockopt_validate_clockid > is of type __kernel_clockid_t so changed it from > int to __kernel_clockid_t as mentioned by > Willem. > - Added Acked-by tag. > > net/core/sock.c | 16 ++++++++++++++++ > 1 file changed, 16 insertions(+) > > diff --git a/net/core/sock.c b/net/core/sock.c > index 8629f9aecf91..d497285f283a 100644 > --- a/net/core/sock.c > +++ b/net/core/sock.c > @@ -1083,6 +1083,17 @@ bool sockopt_capable(int cap) > } > EXPORT_SYMBOL(sockopt_capable); > > +static int sockopt_validate_clockid(__kernel_clockid_t value) The __kernel variants are UAPI. It looks odd to use this in kernel internal code, and I don't see many examples immediately. But I believe it is correct, as we're passing a sock_txtime.clockid field, which has this (UAPI) type. > +{ > + switch (value) { > + case CLOCK_REALTIME: > + case CLOCK_MONOTONIC: > + case CLOCK_TAI: > + return 0; > + } > + return -EINVAL; > +} > + > /* > * This is meant for all protocols to use and covers goings on > * at the socket level. Everything here is generic. > @@ -1497,6 +1508,11 @@ int sk_setsockopt(struct sock *sk, int level, int optname, > ret = -EPERM; > break; > } > + > + ret = sockopt_validate_clockid(sk_txtime.clockid); > + if (ret) > + break; > + > sock_valbool_flag(sk, SOCK_TXTIME, true); > sk->sk_clockid = sk_txtime.clockid; > sk->sk_txtime_deadline_mode = > -- > 2.25.1 >
