2024-10-29, 11:47:31 +0100, Antonio Quartulli wrote:
> +static int ovpn_nl_peer_modify(struct ovpn_peer *peer, struct genl_info 
> *info,
> +                            struct nlattr **attrs)
> +{
> +     struct sockaddr_storage ss = {};
> +     u32 sockfd, interv, timeout;
> +     struct socket *sock = NULL;
> +     u8 *local_ip = NULL;
> +     bool rehash = false;
> +     int ret;
> +
> +     if (attrs[OVPN_A_PEER_SOCKET]) {
> +             /* lookup the fd in the kernel table and extract the socket
> +              * object
> +              */
> +             sockfd = nla_get_u32(attrs[OVPN_A_PEER_SOCKET]);
> +             /* sockfd_lookup() increases sock's refcounter */
> +             sock = sockfd_lookup(sockfd, &ret);
> +             if (!sock) {
> +                     NL_SET_ERR_MSG_FMT_MOD(info->extack,
> +                                            "cannot lookup peer socket 
> (fd=%u): %d",
> +                                            sockfd, ret);
> +                     return -ENOTSOCK;
> +             }
> +
> +             /* Only when using UDP as transport protocol the remote endpoint
> +              * can be configured so that ovpn knows where to send packets
> +              * to.
> +              *
> +              * In case of TCP, the socket is connected to the peer and ovpn
> +              * will just send bytes over it, without the need to specify a
> +              * destination.
> +              */
> +             if (sock->sk->sk_protocol != IPPROTO_UDP &&
> +                 (attrs[OVPN_A_PEER_REMOTE_IPV4] ||
> +                  attrs[OVPN_A_PEER_REMOTE_IPV6])) {
> +                     NL_SET_ERR_MSG_FMT_MOD(info->extack,
> +                                            "unexpected remote IP address 
> for non UDP socket");
> +                     sockfd_put(sock);
> +                     return -EINVAL;
> +             }
> +
> +             if (peer->sock)
> +                     ovpn_socket_put(peer->sock);
> +
> +             peer->sock = ovpn_socket_new(sock, peer);

I don't see anything preventing concurrent updates of peer->sock. I
think peer->lock should be taken from the start of
ovpn_nl_peer_modify. Concurrent changes to peer->vpn_addrs and
peer->keepalive_* are also not prevented with the current code.


> +             if (IS_ERR(peer->sock)) {
> +                     NL_SET_ERR_MSG_FMT_MOD(info->extack,
> +                                            "cannot encapsulate socket: %ld",
> +                                            PTR_ERR(peer->sock));
> +                     sockfd_put(sock);
> +                     peer->sock = NULL;
> +                     return -ENOTSOCK;
> +             }
> +     }
> +
> +     if (ovpn_nl_attr_sockaddr_remote(attrs, &ss) != AF_UNSPEC) {
> +             /* we carry the local IP in a generic container.
> +              * ovpn_peer_reset_sockaddr() will properly interpret it
> +              * based on ss.ss_family
> +              */
> +             local_ip = ovpn_nl_attr_local_ip(attrs);
> +
> +             spin_lock_bh(&peer->lock);
> +             /* set peer sockaddr */
> +             ret = ovpn_peer_reset_sockaddr(peer, &ss, local_ip);
> +             if (ret < 0) {
> +                     NL_SET_ERR_MSG_FMT_MOD(info->extack,
> +                                            "cannot set peer sockaddr: %d",
> +                                            ret);
> +                     spin_unlock_bh(&peer->lock);
> +                     return ret;
> +             }
> +             spin_unlock_bh(&peer->lock);
> +     }
> +
> +     if (attrs[OVPN_A_PEER_VPN_IPV4]) {
> +             rehash = true;
> +             peer->vpn_addrs.ipv4.s_addr =
> +                     nla_get_in_addr(attrs[OVPN_A_PEER_VPN_IPV4]);
> +     }
> +
> +     if (attrs[OVPN_A_PEER_VPN_IPV6]) {
> +             rehash = true;
> +             peer->vpn_addrs.ipv6 =
> +                     nla_get_in6_addr(attrs[OVPN_A_PEER_VPN_IPV6]);
> +     }
> +
> +     /* when setting the keepalive, both parameters have to be configured */
> +     if (attrs[OVPN_A_PEER_KEEPALIVE_INTERVAL] &&
> +         attrs[OVPN_A_PEER_KEEPALIVE_TIMEOUT]) {
> +             interv = nla_get_u32(attrs[OVPN_A_PEER_KEEPALIVE_INTERVAL]);
> +             timeout = nla_get_u32(attrs[OVPN_A_PEER_KEEPALIVE_TIMEOUT]);
> +             ovpn_peer_keepalive_set(peer, interv, timeout);
> +     }
> +
> +     netdev_dbg(peer->ovpn->dev,
> +                "%s: peer id=%u endpoint=%pIScp/%s VPN-IPv4=%pI4 
> VPN-IPv6=%pI6c\n",
> +                __func__, peer->id, &ss,
> +                peer->sock->sock->sk->sk_prot_creator->name,
> +                &peer->vpn_addrs.ipv4.s_addr, &peer->vpn_addrs.ipv6);
> +
> +     return rehash ? 1 : 0;
> +}
> +

[...]
> +void ovpn_peer_hash_vpn_ip(struct ovpn_peer *peer)
> +     __must_hold(&peer->ovpn->peers->lock)

Changes to peer->vpn_addrs are not protected by peers->lock, so those
could be getting updated while we're rehashing (and taking peer->lock
in ovpn_nl_peer_modify as I'm suggesting above also wouldn't prevent
that).

> +{
> +     struct hlist_nulls_head *nhead;
> +
> +     if (peer->vpn_addrs.ipv4.s_addr != htonl(INADDR_ANY)) {
> +             /* remove potential old hashing */
> +             hlist_nulls_del_init_rcu(&peer->hash_entry_transp_addr);
> +
> +             nhead = ovpn_get_hash_head(peer->ovpn->peers->by_vpn_addr,
> +                                        &peer->vpn_addrs.ipv4,
> +                                        sizeof(peer->vpn_addrs.ipv4));
> +             hlist_nulls_add_head_rcu(&peer->hash_entry_addr4, nhead);
> +     }
> +
> +     if (!ipv6_addr_any(&peer->vpn_addrs.ipv6)) {
> +             /* remove potential old hashing */
> +             hlist_nulls_del_init_rcu(&peer->hash_entry_transp_addr);
> +
> +             nhead = ovpn_get_hash_head(peer->ovpn->peers->by_vpn_addr,
> +                                        &peer->vpn_addrs.ipv6,
> +                                        sizeof(peer->vpn_addrs.ipv6));
> +             hlist_nulls_add_head_rcu(&peer->hash_entry_addr6, nhead);
> +     }
> +}

-- 
Sabrina

Reply via email to