[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PATCH] nbd: restrict sockets to TCP and UDP

On Tue, Sep 09, 2025 at 08:33:27AM -0700, Eric Dumazet wrote:
> On Tue, Sep 9, 2025 at 8:19 AM Richard W.M. Jones <rjones@redhat.com> wrote:
> > On Tue, Sep 09, 2025 at 07:47:09AM -0700, Eric Dumazet wrote:
> > > On Tue, Sep 9, 2025 at 7:37 AM Jens Axboe <axboe@kernel.dk> wrote:
> > > > On 9/9/25 8:35 AM, Eric Dumazet wrote:
> > > > > On Tue, Sep 9, 2025 at 7:04 AM Eric Dumazet <edumazet@google.com> wrote:
> > > > >> On Tue, Sep 9, 2025 at 6:32 AM Richard W.M. Jones <rjones@redhat.com> wrote:
> > > > >>> On Tue, Sep 09, 2025 at 01:22:43PM +0000, Eric Dumazet wrote:

...

> > From the outside it seems really odd to hard code a list of "good"
> > socket types into each kernel client that can open a socket.  Normally
> > if you wanted to restrict socket types wouldn't you do that through
> > something more flexible like nftables?
> 
> nftables is user policy.
> 
> We need a kernel that will not crash, even if nftables is not
> compiled/loaded/used .

Hi Rich, Eric, all,

FWIIW, I think that the kernel maintaining a list of acceptable and
known to work socket types is a reasonable measure. It reduces the
surface where problems can arise - a surface that has real bugs.
And can be expanded as necessary.

For sure it is not perfect. There is a risk of entering wack-a-mole
territory. And a more flexible mechanism may be nice.

But, OTOH, we may be speculating about a problem that doesn't exist.
If, very occasionally, a new socket type comes along and has to be used.
Or perhaps more likely, there is a follow-up to this change for some
cases it missed (i.e. the topic of this thread). And if that is very
occasional. Is there really a problem?

The answer is of course subjective. But I lean towards no.

...
Reply to: