• Andrey Ignatov's avatar
    bpf: Fix [::] -> [::1] rewrite in sys_sendmsg · e8e36984
    Andrey Ignatov authored
    sys_sendmsg has supported unspecified destination IPv6 (wildcard) for
    unconnected UDP sockets since 876c7f41. When [::] is passed by user as
    destination, sys_sendmsg rewrites it with [::1] to be consistent with
    BSD (see "BSD'ism" comment in the code).
    
    This didn't work when cgroup-bpf was enabled though since the rewrite
    [::] -> [::1] happened before passing control to cgroup-bpf block where
    fl6.daddr was updated with passed by user sockaddr_in6.sin6_addr (that
    might or might not be changed by BPF program). That way if user passed
    [::] as dst IPv6 it was first rewritten with [::1] by original code from
    876c7f41, but then rewritten back with [::] by cgroup-bpf block.
    
    It happened even when BPF_CGROUP_UDP6_SENDMSG program was not present
    (CONFIG_CGROUP_BPF=y was enough).
    
    The fix is to apply BSD'ism after cgroup-bpf block so that [::] is
    replaced with [::1] no matter where it came from: passed by user to
    sys_sendmsg or set by BPF_CGROUP_UDP6_SENDMSG program.
    
    Fixes: 1cedee13 ("bpf: Hooks for sys_sendmsg")
    Reported-by: default avatarNitin Rawat <nitin.rawat@intel.com>
    Signed-off-by: default avatarAndrey Ignatov <rdna@fb.com>
    Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    e8e36984
udp.c 43.6 KB