196671 – TUN(GET/ATTACH/DETACH)FILTER ioctls fail in a x86-32 process on an x86-64 kernel

Bug 196671 - TUN(GET/ATTACH/DETACH)FILTER ioctls fail in a x86-32 process on an x86-64 kernel

Summary: TUN(GET/ATTACH/DETACH)FILTER ioctls fail in a x86-32 process on an x86-64 kernel

Status:	NEW

Alias:	None

Product:	Networking
Classification:	Unclassified
Component:	Other (show other bugs)
Hardware:	All Linux

Importance:	P1 normal
Assignee:	Stephen Hemminger

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-08-15 14:21 UTC by Robert O'Callahan
Modified:	2017-08-15 14:29 UTC (History)
CC List:	0 users

See Also:
Kernel Version:	4.12.0 (Linus)
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
testcase (624 bytes, text/plain) 2017-08-15 14:29 UTC, Robert O'Callahan	Details
Add an attachment (proposed patch, testcase, etc.)

Description Robert O'Callahan 2017-08-15 14:21:36 UTC

These ioctls take a 'struct sock_fprog' but there's no 32-bit compat code, which has two consequences:

1) The ioctl numbers are incorrect for 32-bit processes running on a 64-bit kernel. The userspace ioctl numbers use an 8-byte 'size' field but the kernel expects a 16-byte size field, so the ioctls fail with EINVAL. You can hack around this by handcoding the 64-bit ioctl number.

2) Userspace must supply a sock_fprog with the 64-bit layout.

Of course these workarounds assume you're running on a 64-bit kernel, so they're no good if you might be running on a 32-bit kernel.

Comment 1 Robert O'Callahan 2017-08-15 14:29:28 UTC

Created attachment 257925 [details]
testcase

The testcase passes when built 64-bit (and run as root); it fails when built 32-bit (and run as root).

Note You need to log in before you can comment on or make changes to this bug.