• Daniel Borkmann's avatar
    tcp, ulp: add alias for all ulp modules · 037b0b86
    Daniel Borkmann authored
    Lets not turn the TCP ULP lookup into an arbitrary module loader as
    we only intend to load ULP modules through this mechanism, not other
    unrelated kernel modules:
    
      [root@bar]# cat foo.c
      #include <sys/types.h>
      #include <sys/socket.h>
      #include <linux/tcp.h>
      #include <linux/in.h>
    
      int main(void)
      {
          int sock = socket(PF_INET, SOCK_STREAM, 0);
          setsockopt(sock, IPPROTO_TCP, TCP_ULP, "sctp", sizeof("sctp"));
          return 0;
      }
    
      [root@bar]# gcc foo.c -O2 -Wall
      [root@bar]# lsmod | grep sctp
      [root@bar]# ./a.out
      [root@bar]# lsmod | grep sctp
      sctp                 1077248  4
      libcrc32c              16384  3 nf_conntrack,nf_nat,sctp
      [root@bar]#
    
    Fix it by adding module alias to TCP ULP modules, so probing module
    via request_module() will be limited to tcp-ulp-[name]. The existing
    modules like kTLS will load fine given tcp-ulp-tls alias, but others
    will fail to load:
    
      [root@bar]# lsmod | grep sctp
      [root@bar]# ./a.out
      [root@bar]# lsmod | grep sctp
      [root@bar]#
    
    Sockmap is not affected from this since it's either built-in or not.
    
    Fixes: 734942cc ("tcp: ULP infrastructure")
    Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
    Acked-by: default avatarJohn Fastabend <john.fastabend@gmail.com>
    Acked-by: default avatarSong Liu <songliubraving@fb.com>
    Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    037b0b86
tls_main.c 16.6 KB