Hi Victor, wouldn't it be enough to port the PROTO_CMSG_DATA_ONLY check to the sendmsg path? UDP sockets should have PROTO_CMSG_DATA_ONLY set. I guess that would fix your current problem. Whitelisting more (or even all) would need more work, but can be done later. metze Am 23.11.20 um 16:29 schrieb Victor Stewart: > so currently all cmsg headers are disabled through sendmsg and recvmsg > operations through io_uring because of > https://www.exploit-db.com/exploits/47779 > > i think it's time we start whitelisting the good guys though? GSO and > GRO are hugely important for QUIC servers, and together offer a higher > throughput gain than io_uring alone (rate of data transit > considering), thus io_uring is the lesser performance choice for QUIC > servers at the moment. > > RE http://vger.kernel.org/lpc_net2018_talks/willemdebruijn-lpc2018-udpgso-paper-DRAFT-1.pdf, > GSO is about +~63% and GRO +~82%. > > this patch closes that loophole. > > Victor Stewart (1); > net/socket.c: add __sys_whitelisted_cmsghdrs() > > net/socket.c | 15 ++++++++++++--- > 1 file changed, 12 insertions(+), 3 deletions(-) >
Attachment:
signature.asc
Description: OpenPGP digital signature
