Skip to content

Commit

Permalink
fqdn proxy: fix data race detection on TCP fqdn proxy
Browse files Browse the repository at this point in the history 
[ upstream commit f73e1c5 ]

[ backporter's notes: switched cilium/dns import to miekg/dns, as v1.14
  was relying on a replace directive instead of pointing to the fork. ]

PR #25309 introduced a data race by sharing the sessionUDPFactory between
the DNS server instances for the different IP families (IPv4 & IPv6).
This has been detected by #27979.

This commit fixes the issue for the TCP servers too. It not set explicitly,
these are initialized with the default udp session factory to prevent nil
pointer exceptions. Therefore, an explicit noop udp session factory is set.

Fixes: #28156

Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
  • Loading branch information
@mhofstetter @giorio94
mhofstetter authored and giorio94 committed Sep 26, 2023
1 parent bd3bda7 commit 7927a3d
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 0 deletions.
28 changes: 28 additions & 0 deletions pkg/fqdn/dnsproxy/noop_sessionudpfactory.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
// SPDX-License-Identifier: Apache-2.0
// Copyright Authors of Cilium

package dnsproxy

import (
"net"

"github.com/miekg/dns"
)

type noopSessionUDPFactory struct{}

var _ dns.SessionUDPFactory = &noopSessionUDPFactory{}

func (*noopSessionUDPFactory) InitPool(msgSize int) {}

func (*noopSessionUDPFactory) ReadRequest(conn *net.UDPConn) ([]byte, dns.SessionUDP, error) {
return nil, nil, nil
}

func (*noopSessionUDPFactory) ReadRequestConn(conn net.PacketConn) ([]byte, net.Addr, error) {
return nil, nil, nil
}

func (*noopSessionUDPFactory) SetSocketOptions(conn *net.UDPConn) error {
return nil
}
3 changes: 3 additions & 0 deletions pkg/fqdn/dnsproxy/proxy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1118,6 +1118,9 @@ func bindToAddr(address string, port uint16, handler dns.Handler, ipv4, ipv6 boo
}
dnsServers = append(dnsServers, &dns.Server{
Listener: tcpListener, Handler: handler,
// Explicitly set a noop factory to prevent data race detection when InitPool is called
// multiple times on the default factory even for TCP (IPv4 & IPv6).
SessionUDPFactory: &noopSessionUDPFactory{},
// Net & Addr are only set for logging purposes and aren't used if using ActivateAndServe.
Net: ipFamily.TCPAddress, Addr: tcpListener.Addr().String(),
})
Expand Down

0 comments on commit 7927a3d

Please sign in to comment.