patch 'vhost: fix possible FD leaks on truncation' has been queued to stable release 21.11.4

[Kevin Traynor]

Hi,

FYI, your patch has been queued to stable release 21.11.4

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/28/23. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable/commit/6e302e5ede8eac8084867b14766d20ee7b5bf711

Thanks.

Kevin

---
>From 6e302e5ede8eac8084867b14766d20ee7b5bf711 Mon Sep 17 00:00:00 2001
From: Maxime Coquelin <maxime.coquelin at redhat.com>
Date: Tue, 7 Feb 2023 17:22:40 +0100
Subject: [PATCH] vhost: fix possible FD leaks on truncation

[ upstream commit 218daf1664561eca787369c13e1a9ea5cdaad2a8 ]

This patch fixes possible FDs leaks when truncation happens
on either the message buffer or its control data. Indeed,
by returning early, it did not let a chance to retrieve the
FDs passed as ancillary data, and so caused a potential FDs
leak.

This patch fixes this by extracting the FDs from the
ancillary data as long as recvmsg() call succeeded. It also
improves the logs to differentiate between MSG_TRUNC and
MSG_CTRUNC.

Fixes: bf472259dde6 ("vhost: fix possible denial of service by leaking FDs")

Signed-off-by: Maxime Coquelin <maxime.coquelin at redhat.com>
Reviewed-by: David Marchand <david.marchand at redhat.com>
Reviewed-by: Chenbo Xia <chenbo.xia at intel.com>
---
 lib/vhost/socket.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/lib/vhost/socket.c b/lib/vhost/socket.c
index 33f54a779b..a34aebd50c 100644
--- a/lib/vhost/socket.c
+++ b/lib/vhost/socket.c
@@ -129,8 +129,10 @@ read_fd_message(int sockfd, char *buf, int buflen, int *fds, int max_fds,
 	}
 
-	if (msgh.msg_flags & (MSG_TRUNC | MSG_CTRUNC)) {
+	if (msgh.msg_flags & MSG_TRUNC)
 		VHOST_LOG_CONFIG(ERR, "truncated msg\n");
-		return -1;
-	}
+
+	/* MSG_CTRUNC may be caused by LSM misconfiguration */
+	if (msgh.msg_flags & MSG_CTRUNC)
+		VHOST_LOG_CONFIG(ERR, "truncated control data (fd %d)\n", sockfd);
 
 	for (cmsg = CMSG_FIRSTHDR(&msgh); cmsg != NULL;
-- 
2.39.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2023-02-23 14:46:24.952350893 +0000
+++ 0047-vhost-fix-possible-FD-leaks-on-truncation.patch	2023-02-23 14:46:23.770235966 +0000
@@ -1 +1 @@
-From 218daf1664561eca787369c13e1a9ea5cdaad2a8 Mon Sep 17 00:00:00 2001
+From 6e302e5ede8eac8084867b14766d20ee7b5bf711 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 218daf1664561eca787369c13e1a9ea5cdaad2a8 ]
+
@@ -18 +19,0 @@
-Cc: stable at dpdk.org
@@ -28 +29 @@
-index 863a6f6d52..669c322e12 100644
+index 33f54a779b..a34aebd50c 100644
@@ -31 +32 @@
-@@ -130,8 +130,10 @@ read_fd_message(char *ifname, int sockfd, char *buf, int buflen, int *fds, int m
+@@ -129,8 +129,10 @@ read_fd_message(int sockfd, char *buf, int buflen, int *fds, int max_fds,
@@ -36 +37 @@
- 		VHOST_LOG_CONFIG(ifname, ERR, "truncated msg (fd %d)\n", sockfd);
+ 		VHOST_LOG_CONFIG(ERR, "truncated msg\n");
@@ -42 +43 @@
-+		VHOST_LOG_CONFIG(ifname, ERR, "truncated control data (fd %d)\n", sockfd);
++		VHOST_LOG_CONFIG(ERR, "truncated control data (fd %d)\n", sockfd);