Re: [RFC PATCH v1 1/2] vsock: send SIGPIPE on write to shutdowned socket

From: Stefano Garzarella
Date: Tue Aug 22 2023 - 05:40:13 EST

Next message: Robin Murphy: "Re: [PATCH 2/3] iommu/arm-smmu-v3: Add an arm_smmu_tlb_inv_domain helper"
Previous message: syzbot: "[syzbot] [mm?] kernel BUG in free_unref_page_prepare"
In reply to: Stefano Garzarella: "Re: [RFC PATCH v1 1/2] vsock: send SIGPIPE on write to shutdowned socket"
Next in thread: Arseniy Krasnov: "Re: [RFC PATCH v1 1/2] vsock: send SIGPIPE on write to shutdowned socket"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Aug 14, 2023 at 10:46:05PM +0300, Arseniy Krasnov wrote:

On 04.08.2023 17:28, Stefano Garzarella wrote:

On Fri, Aug 04, 2023 at 03:46:47PM +0300, Arseniy Krasnov wrote:

Hi Stefano,

On 02.08.2023 10:46, Stefano Garzarella wrote:

On Tue, Aug 01, 2023 at 05:17:26PM +0300, Arseniy Krasnov wrote:

POSIX requires to send SIGPIPE on write to SOCK_STREAM socket which was
shutdowned with SHUT_WR flag or its peer was shutdowned with SHUT_RD
flag. Also we must not send SIGPIPE if MSG_NOSIGNAL flag is set.

Signed-off-by: Arseniy Krasnov <AVKrasnov@xxxxxxxxxxxxxx>
---
net/vmw_vsock/af_vsock.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c
index 020cf17ab7e4..013b65241b65 100644
--- a/net/vmw_vsock/af_vsock.c
+++ b/net/vmw_vsock/af_vsock.c
@@ -1921,6 +1921,9 @@ static int vsock_connectible_sendmsg(struct socket *sock, struct msghdr *msg,
            err = total_written;
    }
out:
+    if (sk->sk_type == SOCK_STREAM)
+        err = sk_stream_error(sk, msg->msg_flags, err);

Do you know why we don't need this for SOCK_SEQPACKET and SOCK_DGRAM?

Yes, here is my explanation:

This function checks that input error is SIGPIPE, and if so it sends SIGPIPE to the 'current' thread
(except case when MSG_NOSIGNAL flag is set). This behaviour is described in POSIX:

Page 367 (description of defines from sys/socket.h):
MSG_NOSIGNAL: No SIGPIPE generated when an attempt to send is made on a stream-
oriented socket that is no longer connected.

Page 497 (description of SOCK_STREAM):
A SIGPIPE signal is raised if a thread sends on a broken stream (one that is
no longer connected).

Okay, but I think we should do also for SEQPACKET:

https://pubs.opengroup.org/onlinepubs/009696699/functions/xsh_chap02_10.html

In 2.10.6 Socket Types:

"The SOCK_SEQPACKET socket type is similar to the SOCK_STREAM type, and
is also connection-oriented. The only difference between these types is
that record boundaries ..."

Then in 2.10.14 Signals:

"The SIGPIPE signal shall be sent to a thread that attempts to send data
on a socket that is no longer able to send. In addition, the send
operation fails with the error [EPIPE]."

It's honestly not super clear, but I assume the problem is similar with
seqpacket since it's connection-oriented, or did I miss something?

For example in sctp_sendmsg() IIUC we raise a SIGPIPE regardless of
whether the socket is STREAM or SEQPACKET.

Update about sending SIGPIPE for SOCK_SEQPACKET, I checked POSIX doc and kernel sources more deeply:

1)

I checked four types of sockets, which sends SIGPIPE for SOCK_SEQPACKET or not ('YES' if
this socket sends SIGPIPE in SOCK_SEQPACKET case):

net/kcm/: YES
net/unix/: NO
net/sctp/: YES
net/caif/: NO

Looking for this, I think it is impossible to get the right answer, as there is some
mess - everyone implements it as wish.

Eheh, I had the same impression!

2)

I opened POSIX spec again, and here are details about returning EPIPE from pages
for 'send()', 'sendto()', 'sendmsg()':

[EPIPE] The socket is shut down for writing, or the socket is connection-mode and is
no longer connected. In the latter case, and if the socket is of type
SOCK_STREAM, the SIGPIPE signal is generated to the calling thread

So my opinion is that we need to send SIGPIPE only for SOCK_STREAM. Another question
is how to interpret this from above (but again - SIGPIPE is related for SOCK_STREAM
only):

**" and is no longer connected"**

IIUC, if we follow POSIX strictly, this check must be like:

/* socket is shut down for writing or no longer connected. */
if (sk->sk_shutdown & SEND_SHUTDOWN ||
vsk->peer_shutdown & RCV_SHUTDOWN ||
sock_flag(SOCK_DONE)) {
err = -EPIPE;
goto out;
}

...

out:
/* Handle -EPIPE for stream socket which is no longer connected. */
if (sk->sk_type == SOCK_STREAM &&
sock_flag(SOCK_DONE))
err = sk_stream_error();

From the other side, we can just follow TCP/AF_UNIX implementations as both are
popular types of socket. In this case I suggest to implement this check like
(e.g. without sock_flag(SOCK_DONE)):

if (sk->sk_shutdown & SEND_SHUTDOWN ||
vsk->peer_shutdown & RCV_SHUTDOWN) {
err = -EPIPE;
goto out;
}

...

out:
if (sk->sk_type == SOCK_STREAM)
err = sk_stream_error();

What do you think?

I'd follow TCP/AF_UNIX implementations, but it is up to you ;-)

Thanks,
Stefano

Next message: Robin Murphy: "Re: [PATCH 2/3] iommu/arm-smmu-v3: Add an arm_smmu_tlb_inv_domain helper"
Previous message: syzbot: "[syzbot] [mm?] kernel BUG in free_unref_page_prepare"
In reply to: Stefano Garzarella: "Re: [RFC PATCH v1 1/2] vsock: send SIGPIPE on write to shutdowned socket"
Next in thread: Arseniy Krasnov: "Re: [RFC PATCH v1 1/2] vsock: send SIGPIPE on write to shutdowned socket"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]