From nobody Tue Feb 4 15:06:01 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YnRWt0t0Lz5mxCd; Tue, 04 Feb 2025 15:06:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YnRWs6J9bz4Gtj; Tue, 04 Feb 2025 15:06:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1738681561; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=sGOHgQk2B5+73WplgR8lwBda922wkE1ajh+i8LIq4PQ=; b=rnUkjtzEpYnMAN5n96Z/SOYwEBS2OBYhRQYaE4qYmC/QdCnMHDeeIxrcWHQwDJN7mB40Rx W9ibD/y+a2YD3kuoDEvzKBZMtDUzSYhF8xhiT10xPOFrUqGpNIZuJe95YvevyAv53OBVbt NhSNie/ByFurED/eUNUSBcie6houBxe/CbSLxHm3vUfZ5/uJsANg6xMtP7tlE26rpuiaWY Htd+IbH6XsOCwAnelIsv/JZ+tHGhKyymfGhGDcpcMCO+UJEmtOvSYxZTN5cNq2pMXn3DbL ZfmVpbStRoRGOQI/GFdNvp/+iiUtaGzPei8WvRAaOBAGyYY2a9lFTltNqJpUUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1738681561; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=sGOHgQk2B5+73WplgR8lwBda922wkE1ajh+i8LIq4PQ=; b=E9mqjrb+IGedroqgICMPYJeqrebBobgTyqqupNLDBEs65eOvYUYd2AxhEIka7ain07uLRm L00KxT3TKRv6rIiRZbQbD6eASkIvtQ33gM1yrrjzhV8YvZwV4fhp9CuyUMBAOwi80ymON0 36ZxzYPFN8Pw8aDmnKgf7/0b1IoUNUoFgxuNnw5EGYFXriaQUXYqptYrkn6Fq97sg3WMP+ FH3FXf1VIiBA/dPdnNlxDieCQPkkwv1n/V6fjLOMx/VzEYZMC70DR57FkEg4+o1JcwHOom h+Qg4j4IJws5iHWT+s4tVApQqjhmWElqYbdU9NtT/522aeSjGDsmTvE1ufRPSA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1738681561; a=rsa-sha256; cv=none; b=DMK8tqGng/HOTSm4KiIOoiHJZ1v427qb9akpC7vaXBZuDsvAvpLV/0bbwfumVBig/TxBCd 0/EtPADUrLPGH1f01l7ifcMbxptdqb2Aun0TA3Wjkm8Ny0DiBMhObbhCj0L80PsYlGsygf SiR4b86yZGbXngAg1CBX1HE/L4w3/anbzaF+nNAWy+MN68Kv8Z+ws1YjTAQi0UlOSIU0dd qSSCXTplIA3YiPu2NkTY3xwmNVxulPo+is5W4CAXVpahgThdhw4XR1c/OEMt9fm5XSrswj ZyMsq8ctvdg7ag+A/M7TX+GUs4IZP1RJtTVR9YFprf30enUHENnnx7eAMd38pQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YnRWs5KNHz1Q9Q; Tue, 04 Feb 2025 15:06:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 514F614k041435; Tue, 4 Feb 2025 15:06:01 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 514F616k041432; Tue, 4 Feb 2025 15:06:01 GMT (envelope-from git) Date: Tue, 4 Feb 2025 15:06:01 GMT Message-Id: <202502041506.514F616k041432@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Zhenlei Huang Subject: git: 1ed9b381d470 - main - ifnet: Detach BPF descriptors on interface vmove event List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: zlei X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1ed9b381d4701fc9f66741256e93b96e22273217 Auto-Submitted: auto-generated The branch main has been updated by zlei: URL: https://cgit.FreeBSD.org/src/commit/?id=1ed9b381d4701fc9f66741256e93b96e22273217 commit 1ed9b381d4701fc9f66741256e93b96e22273217 Author: Zhenlei Huang AuthorDate: 2025-02-04 15:04:59 +0000 Commit: Zhenlei Huang CommitDate: 2025-02-04 15:04:59 +0000 ifnet: Detach BPF descriptors on interface vmove event When an interface is moving to/from a vnet jail, it may still have BPF descriptors attached. The userland (e.g. tcpdump) does not get noticed that the interface is departing and still opens BPF descriptors thus may result in leaking sensitive traffic (e.g. an interface is moved back to parent jail but a user is still sniffing traffic over it in the child jail). Detach BPF descriptors so that the userland will be signaled. Reviewed by: ae MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D45727 --- sys/net/bpf.c | 27 +++++++++++++++++++++++++++ sys/net/bpf.h | 1 + sys/net/if.c | 5 +++++ 3 files changed, 33 insertions(+) diff --git a/sys/net/bpf.c b/sys/net/bpf.c index a7d17109ed1a..a7e5bda97e23 100644 --- a/sys/net/bpf.c +++ b/sys/net/bpf.c @@ -2847,6 +2847,33 @@ bpf_get_bp_params(struct bpf_if *bp, u_int *bif_dlt, u_int *bif_hdrlen) return (0); } + +/* + * Detach descriptors on interface's vmove event. + */ +void +bpf_ifdetach(struct ifnet *ifp) +{ + struct bpf_if *bp; + struct bpf_d *d; + + BPF_LOCK(); + CK_LIST_FOREACH(bp, &bpf_iflist, bif_next) { + if (bp->bif_ifp != ifp) + continue; + + /* Detach common descriptors */ + while ((d = CK_LIST_FIRST(&bp->bif_dlist)) != NULL) { + bpf_detachd_locked(d, true); + } + + /* Detach writer-only descriptors */ + while ((d = CK_LIST_FIRST(&bp->bif_wlist)) != NULL) { + bpf_detachd_locked(d, true); + } + } + BPF_UNLOCK(); +} #endif /* diff --git a/sys/net/bpf.h b/sys/net/bpf.h index 38c5da0dcb58..654d6c00199e 100644 --- a/sys/net/bpf.h +++ b/sys/net/bpf.h @@ -428,6 +428,7 @@ void bpfdetach(struct ifnet *); bool bpf_peers_present_if(struct ifnet *); #ifdef VIMAGE int bpf_get_bp_params(struct bpf_if *, u_int *, u_int *); +void bpf_ifdetach(struct ifnet *); #endif void bpfilterattach(int); diff --git a/sys/net/if.c b/sys/net/if.c index 504550414bb7..283da94e7601 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1262,6 +1262,11 @@ finish_vnet_shutdown: static void if_vmove(struct ifnet *ifp, struct vnet *new_vnet) { + /* + * Detach BPF file descriptors from its interface. + */ + bpf_ifdetach(ifp); + /* * Detach from current vnet, but preserve LLADDR info, do not * mark as dead etc. so that the ifnet can be reattached later.