patch 'vhost: fix possible FD leaks on truncation' has been queued to stable release 22.11.2

[Xueming Li]

Hi,

FYI, your patch has been queued to stable release 22.11.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 03/01/23. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://git.dpdk.org/dpdk-stable/log/?h=22.11-staging

This queued commit can be viewed at:
https://git.dpdk.org/dpdk-stable/commit/?h=22.11-staging&id=78d828c2475d7cb1e6492688d62a5949ad67288e

Thanks.

Xueming Li <xuemingl at nvidia.com>

---
>From 78d828c2475d7cb1e6492688d62a5949ad67288e Mon Sep 17 00:00:00 2001
From: Maxime Coquelin <maxime.coquelin at redhat.com>
Date: Tue, 7 Feb 2023 17:22:40 +0100
Subject: [PATCH] vhost: fix possible FD leaks on truncation
Cc: Xueming Li <xuemingl at nvidia.com>

[ upstream commit 218daf1664561eca787369c13e1a9ea5cdaad2a8 ]

This patch fixes possible FDs leaks when truncation happens
on either the message buffer or its control data. Indeed,
by returning early, it did not let a chance to retrieve the
FDs passed as ancillary data, and so caused a potential FDs
leak.

This patch fixes this by extracting the FDs from the
ancillary data as long as recvmsg() call succeeded. It also
improves the logs to differentiate between MSG_TRUNC and
MSG_CTRUNC.

Fixes: bf472259dde6 ("vhost: fix possible denial of service by leaking FDs")

Signed-off-by: Maxime Coquelin <maxime.coquelin at redhat.com>
Reviewed-by: David Marchand <david.marchand at redhat.com>
Reviewed-by: Chenbo Xia <chenbo.xia at intel.com>
---
 lib/vhost/socket.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/lib/vhost/socket.c b/lib/vhost/socket.c
index 863a6f6d52..669c322e12 100644
--- a/lib/vhost/socket.c
+++ b/lib/vhost/socket.c
@@ -129,10 +129,12 @@ read_fd_message(char *ifname, int sockfd, char *buf, int buflen, int *fds, int m
 		return ret;
 	}

-	if (msgh.msg_flags & (MSG_TRUNC | MSG_CTRUNC)) {
+	if (msgh.msg_flags & MSG_TRUNC)
 		VHOST_LOG_CONFIG(ifname, ERR, "truncated msg (fd %d)\n", sockfd);
-		return -1;
-	}
+
+	/* MSG_CTRUNC may be caused by LSM misconfiguration */
+	if (msgh.msg_flags & MSG_CTRUNC)
+		VHOST_LOG_CONFIG(ifname, ERR, "truncated control data (fd %d)\n", sockfd);

 	for (cmsg = CMSG_FIRSTHDR(&msgh); cmsg != NULL;
 		cmsg = CMSG_NXTHDR(&msgh, cmsg)) {
--
2.25.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2023-02-27 14:08:43.685852700 +0800
+++ 0087-vhost-fix-possible-FD-leaks-on-truncation.patch	2023-02-27 14:08:40.809237000 +0800
@@ -1 +1 @@
-From 218daf1664561eca787369c13e1a9ea5cdaad2a8 Mon Sep 17 00:00:00 2001
+From 78d828c2475d7cb1e6492688d62a5949ad67288e Mon Sep 17 00:00:00 2001
@@ -4,0 +5,3 @@
+Cc: Xueming Li <xuemingl at nvidia.com>
+
+[ upstream commit 218daf1664561eca787369c13e1a9ea5cdaad2a8 ]
@@ -18 +20,0 @@
-Cc: stable at dpdk.org