From patchwork Fri Jan 13 05:50:47 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 135717 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 6EC35B6F9C for ; Fri, 13 Jan 2012 16:51:22 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751986Ab2AMFux (ORCPT ); Fri, 13 Jan 2012 00:50:53 -0500 Received: from mail-wi0-f174.google.com ([209.85.212.174]:46867 "EHLO mail-wi0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751559Ab2AMFuw (ORCPT ); Fri, 13 Jan 2012 00:50:52 -0500 Received: by wibhm14 with SMTP id hm14so99391wib.19 for ; Thu, 12 Jan 2012 21:50:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:subject:from:to:cc:date:in-reply-to:references :content-type:x-mailer:content-transfer-encoding:mime-version; bh=0E6gcQve0HEmt0XvJMYAUpyqJfwqQeDotkYm2JTi4Ms=; b=kNNrXN4pVxQy30yYF4Izc4cBNYo7kWE3Bw1arsqqC9pEse5YhJWc1TPBEwjk6VoPyD EPXTb6mNmbO2vBB27dTxKcYWmxp01rHsyQcuovr1jAwXRnc0KQJkpINlRfkhXm7yLDA+ KUa7+kIerIa07kSnN/w/NAvtUWDWtZeYJJOpU= Received: by 10.181.13.208 with SMTP id fa16mr1363959wid.12.1326433851431; Thu, 12 Jan 2012 21:50:51 -0800 (PST) Received: from [10.170.237.2] ([87.255.129.107]) by mx.google.com with ESMTPS id hv1sm2970857wib.1.2012.01.12.21.50.49 (version=SSLv3 cipher=OTHER); Thu, 12 Jan 2012 21:50:50 -0800 (PST) Message-ID: <1326433847.2617.6.camel@edumazet-laptop> Subject: Re: Consequences of commit 16e5726269611b71c930054ffe9b858c1cea88eb From: Eric Dumazet To: Bart Van Assche Cc: netdev@vger.kernel.org, "David S. Miller" , Mike Christie , Eric Paris Date: Fri, 13 Jan 2012 06:50:47 +0100 In-Reply-To: <1326401943.2617.0.camel@edumazet-laptop> References: <1326401943.2617.0.camel@edumazet-laptop> X-Mailer: Evolution 3.2.1- Mime-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Le jeudi 12 janvier 2012 à 21:59 +0100, Eric Dumazet a écrit : > Le jeudi 12 janvier 2012 à 19:14 +0000, Bart Van Assche a écrit : > > Hi, > > > > If my analysis is correct commit > > 16e5726269611b71c930054ffe9b858c1cea88eb ("af_unix: dont send > > SCM_CREDENTIALS by default") changes the value of > > NETLINK_CREDS(skb)->pid from the sender pid into zero. Does that mean > > that the code using that construct did work in kernel 3.1 but that it > > is broken in kernel 3.2 ? Should that commit be reverted or will > > someone fix the code that uses NETLINK_CREDS() ? Would changing > > NETLINK_CREDS(skb)->pid into NETLINK_CB(skb).pid be sufficient ? > > > > Thanks, > > > > Bart. > > > > $ git grep 'NETLINK_CREDS([a-zA-Z0-9_]*)->pid' > > drivers/scsi/scsi_netlink.c: pid = NETLINK_CREDS(skb)->pid; > > kernel/audit.c: pid = NETLINK_CREDS(skb)->pid; > > > What is your problem exactly ? > > So the underlying question is : should netlink_sendmsg() always include credentials of the sender, or should the sender use the right API for that. If we include a default credential, we still allow the sender to override it. Probably netlink is not performance sensitive so following patch could address the problem ? I am still not sure its really needed. Comments ? --- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/include/net/scm.h b/include/net/scm.h index d456f4c..4af5f90 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -71,9 +71,13 @@ static __inline__ void scm_destroy(struct scm_cookie *scm) } static __inline__ int scm_send(struct socket *sock, struct msghdr *msg, - struct scm_cookie *scm) + struct scm_cookie *scm, bool populate) { memset(scm, 0, sizeof(*scm)); + + if (populate) + scm_set_cred(scm, task_tgid(current), current_cred()); + unix_get_peersec_dgram(sock, scm); if (msg->msg_controllen <= 0) return 0; diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 629b061..c040277 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1323,7 +1323,7 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock, if (NULL == siocb->scm) siocb->scm = &scm; - err = scm_send(sock, msg, siocb->scm); + err = scm_send(sock, msg, siocb->scm, true); if (err < 0) return err; diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index aad8fb6..f788eb9 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1438,7 +1438,7 @@ static int unix_dgram_sendmsg(struct kiocb *kiocb, struct socket *sock, if (NULL == siocb->scm) siocb->scm = &tmp_scm; wait_for_unix_gc(); - err = scm_send(sock, msg, siocb->scm); + err = scm_send(sock, msg, siocb->scm, false); if (err < 0) return err; @@ -1599,7 +1599,7 @@ static int unix_stream_sendmsg(struct kiocb *kiocb, struct socket *sock, if (NULL == siocb->scm) siocb->scm = &tmp_scm; wait_for_unix_gc(); - err = scm_send(sock, msg, siocb->scm); + err = scm_send(sock, msg, siocb->scm, false); if (err < 0) return err;