Date: Tue, 4 Feb 2025 15:06:01 GMT From: Zhenlei Huang <zlei@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 1ed9b381d470 - main - ifnet: Detach BPF descriptors on interface vmove event Message-ID: <202502041506.514F616k041432@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by zlei: URL: https://cgit.FreeBSD.org/src/commit/?id=1ed9b381d4701fc9f66741256e93b96e22273217 commit 1ed9b381d4701fc9f66741256e93b96e22273217 Author: Zhenlei Huang <zlei@FreeBSD.org> AuthorDate: 2025-02-04 15:04:59 +0000 Commit: Zhenlei Huang <zlei@FreeBSD.org> CommitDate: 2025-02-04 15:04:59 +0000 ifnet: Detach BPF descriptors on interface vmove event When an interface is moving to/from a vnet jail, it may still have BPF descriptors attached. The userland (e.g. tcpdump) does not get noticed that the interface is departing and still opens BPF descriptors thus may result in leaking sensitive traffic (e.g. an interface is moved back to parent jail but a user is still sniffing traffic over it in the child jail). Detach BPF descriptors so that the userland will be signaled. Reviewed by: ae MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D45727 --- sys/net/bpf.c | 27 +++++++++++++++++++++++++++ sys/net/bpf.h | 1 + sys/net/if.c | 5 +++++ 3 files changed, 33 insertions(+) diff --git a/sys/net/bpf.c b/sys/net/bpf.c index a7d17109ed1a..a7e5bda97e23 100644 --- a/sys/net/bpf.c +++ b/sys/net/bpf.c @@ -2847,6 +2847,33 @@ bpf_get_bp_params(struct bpf_if *bp, u_int *bif_dlt, u_int *bif_hdrlen) return (0); } + +/* + * Detach descriptors on interface's vmove event. + */ +void +bpf_ifdetach(struct ifnet *ifp) +{ + struct bpf_if *bp; + struct bpf_d *d; + + BPF_LOCK(); + CK_LIST_FOREACH(bp, &bpf_iflist, bif_next) { + if (bp->bif_ifp != ifp) + continue; + + /* Detach common descriptors */ + while ((d = CK_LIST_FIRST(&bp->bif_dlist)) != NULL) { + bpf_detachd_locked(d, true); + } + + /* Detach writer-only descriptors */ + while ((d = CK_LIST_FIRST(&bp->bif_wlist)) != NULL) { + bpf_detachd_locked(d, true); + } + } + BPF_UNLOCK(); +} #endif /* diff --git a/sys/net/bpf.h b/sys/net/bpf.h index 38c5da0dcb58..654d6c00199e 100644 --- a/sys/net/bpf.h +++ b/sys/net/bpf.h @@ -428,6 +428,7 @@ void bpfdetach(struct ifnet *); bool bpf_peers_present_if(struct ifnet *); #ifdef VIMAGE int bpf_get_bp_params(struct bpf_if *, u_int *, u_int *); +void bpf_ifdetach(struct ifnet *); #endif void bpfilterattach(int); diff --git a/sys/net/if.c b/sys/net/if.c index 504550414bb7..283da94e7601 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1262,6 +1262,11 @@ finish_vnet_shutdown: static void if_vmove(struct ifnet *ifp, struct vnet *new_vnet) { + /* + * Detach BPF file descriptors from its interface. + */ + bpf_ifdetach(ifp); + /* * Detach from current vnet, but preserve LLADDR info, do not * mark as dead etc. so that the ifnet can be reattached later.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202502041506.514F616k041432>