On Thu, 29 Oct 2020 21:29:38 -0400 jma...@redhat.com wrote: > From: Jon Maloy <jma...@redhat.com> > > TIPC reserves 64 service types for current and future internal use. > Therefore, the bind() function is meant to block regular user sockets > from being bound to these values, while it should let through such > bindings from internal users. > > However, since we at the design moment saw no way to distinguish > between regular and internal users the filter function ended up > with allowing all bindings of the reserved types which were really > in use ([0,1]), and block all the rest ([2,63]). > > This is risky, since a regular user may bind to the service type > representing the topology server (TIPC_TOP_SRV == 1) or the one used > for indicating neighboring node status (TIPC_CFG_SRV == 0), and wreak > havoc for users of those services, i.e., most users. > > The reality is however that TIPC_CFG_SRV never is bound through the > bind() function, since it doesn't represent a regular socket, and > TIPC_TOP_SRV can also be made to bypass the checks in tipc_bind() > by introducing a different entry function, tipc_sk_bind(). > > It should be noted that although this is a change of the API semantics, > there is no risk we will break any currently working applications by > doing this. Any application trying to bind to the values in question > would be badly broken from the outset, so there is no chance we would > find any such applications in real-world production systems. > > Acked-by: Yung Xue <ying....@windriver.com> > > ---
Please be careful with the separator, git am cuts off the rest of the message including your sign-off. > v2: Added warning printout when a user is blocked from binding, > as suggested by Jakub Kicinski > > Signed-off-by: Jon Maloy <jma...@redhat.com> Fixed up the message, and applied. Thanks!
