tcp: add RETPOLINE mitigation to sk_backlog_rcv

author Eric Dumazet <edumazet@google.com>

Mon, 15 Nov 2021 19:02:41 +0000 (11:02 -0800)

committer David S. Miller <davem@davemloft.net>

Tue, 16 Nov 2021 13:10:34 +0000 (13:10 +0000)
author Eric Dumazet <edumazet@google.com>
Mon, 15 Nov 2021 19:02:41 +0000 (11:02 -0800)
committer David S. Miller <davem@davemloft.net>
Tue, 16 Nov 2021 13:10:34 +0000 (13:10 +0000)
diff --git a/include/net/sock.h b/include/net/sock.h

index cb97c44..2d40fe4 100644 (file)
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -1018,12 +1018,18 @@ static inline __must_check int sk_add_backlog(struct sock *sk, struct sk_buff *s
  
  int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb);
  
+INDIRECT_CALLABLE_DECLARE(int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb));
+INDIRECT_CALLABLE_DECLARE(int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb));
+
  static inline int sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
  {
         if (sk_memalloc_socks() && skb_pfmemalloc(skb))
                 return __sk_backlog_rcv(sk, skb);
  
-       return sk->sk_backlog_rcv(sk, skb);
+       return INDIRECT_CALL_INET(sk->sk_backlog_rcv,
+                                 tcp_v6_do_rcv,
+                                 tcp_v4_do_rcv,
+                                 sk, skb);
  }
  
  static inline void sk_incoming_cpu_update(struct sock *sk)
diff --git a/net/core/sock.c b/net/core/sock.c

index 99738e1..c57d988 100644 (file)
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -327,7 +327,10 @@ int __sk_backlog_rcv(struct sock *sk, struct sk_buff *skb)
         BUG_ON(!sock_flag(sk, SOCK_MEMALLOC));
  
         noreclaim_flag = memalloc_noreclaim_save();
-       ret = sk->sk_backlog_rcv(sk, skb);
+       ret = INDIRECT_CALL_INET(sk->sk_backlog_rcv,
+                                tcp_v6_do_rcv,
+                                tcp_v4_do_rcv,
+                                sk, skb);
         memalloc_noreclaim_restore(noreclaim_flag);
  
         return ret;
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c

index 1f1a89f..f41f14b 100644 (file)
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -72,7 +72,7 @@ static void   tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
  static void    tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
                                       struct request_sock *req);
  
-static int     tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
+INDIRECT_CALLABLE_SCOPE int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
  
  static const struct inet_connection_sock_af_ops ipv6_mapped;
  const struct inet_connection_sock_af_ops ipv6_specific;
@@ -1466,7 +1466,8 @@ INDIRECT_CALLABLE_DECLARE(struct dst_entry *ipv4_dst_check(struct dst_entry *,
   * This is because we cannot sleep with the original spinlock
   * held.
   */
-static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
+INDIRECT_CALLABLE_SCOPE
+int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
  {
         struct ipv6_pinfo *np = tcp_inet6_sk(sk);
         struct sk_buff *opt_skb = NULL;
author	Eric Dumazet <edumazet@google.com>
	Mon, 15 Nov 2021 19:02:41 +0000 (11:02 -0800)
committer	David S. Miller <davem@davemloft.net>
	Tue, 16 Nov 2021 13:10:34 +0000 (13:10 +0000)
include/net/sock.h		patch \| blob \| history
net/core/sock.c		patch \| blob \| history
net/ipv6/tcp_ipv6.c		patch \| blob \| history