Skip to content

Commit 7563cf1

Browse files
jrifeidryomov
authored andcommitted
libceph: use kernel_connect()
Direct calls to ops->connect() can overwrite the address parameter when used in conjunction with BPF SOCK_ADDR hooks. Recent changes to kernel_connect() ensure that callers are insulated from such side effects. This patch wraps the direct call to ops->connect() with kernel_connect() to prevent unexpected changes to the address passed to ceph_tcp_connect(). This change was originally part of a larger patch targeting the net tree addressing all instances of unprotected calls to ops->connect() throughout the kernel, but this change was split up into several patches targeting various trees. Cc: stable@vger.kernel.org Link: https://lore.kernel.org/netdev/20230821100007.559638-1-jrife@google.com/ Link: https://lore.kernel.org/netdev/9944248dba1bce861375fcce9de663934d933ba9.camel@redhat.com/ Fixes: d74bad4 ("bpf: Hooks for sys_connect") Signed-off-by: Jordan Rife <jrife@google.com> Reviewed-by: Ilya Dryomov <idryomov@gmail.com> Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
1 parent 42b7182 commit 7563cf1

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

net/ceph/messenger.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -459,8 +459,8 @@ int ceph_tcp_connect(struct ceph_connection *con)
459459
set_sock_callbacks(sock, con);
460460

461461
con_sock_state_connecting(con);
462-
ret = sock->ops->connect(sock, (struct sockaddr *)&ss, sizeof(ss),
463-
O_NONBLOCK);
462+
ret = kernel_connect(sock, (struct sockaddr *)&ss, sizeof(ss),
463+
O_NONBLOCK);
464464
if (ret == -EINPROGRESS) {
465465
dout("connect %s EINPROGRESS sk_state = %u\n",
466466
ceph_pr_addr(&con->peer_addr),

0 commit comments

Comments
 (0)