All of lore.kernel.org
 help / color / mirror / Atom feed
From: ebiederm@xmission.com (Eric W. Biederman)
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: <netdev@vger.kernel.org>
Subject: netlink scm creds uid and gids are always 0.
Date: Thu, 23 Aug 2012 23:45:04 -0700	[thread overview]
Message-ID: <871uiwlrf3.fsf@xmission.com> (raw)


While working on the kuid_t and kgid_t conversion of the audit subsystem
I noticed that since the performance problem of scm creds and af_unix
sockets were fixed af_netlink sockets have not filled in the uid or gid
of the originator of the socket.

I think all we need is an appropriate cred_to_ucred call to fix this
regression, but I am going so many different directions right now I
can't get myself to focus on this long enough to work up an appripriate
patch to fix.

Eric do you think you might take a gander?

The commit where this regression was introduced appears to be.

commit 16e5726269611b71c930054ffe9b858c1cea88eb
Author: Eric Dumazet <eric.dumazet@gmail.com>
Date:   Mon Sep 19 05:52:27 2011 +0000

    af_unix: dont send SCM_CREDENTIALS by default
    
    Since commit 7361c36c5224 (af_unix: Allow credentials to work across
    user and pid namespaces) af_unix performance dropped a lot.
    
    This is because we now take a reference on pid and cred in each write(),
    and release them in read(), usually done from another process,
    eventually from another cpu. This triggers false sharing.
    

             reply	other threads:[~2012-08-24  6:45 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-08-24  6:45 Eric W. Biederman [this message]
2012-08-24  7:57 ` netlink scm creds uid and gids are always 0 Eric Dumazet
2012-08-24  8:19   ` Eric W. Biederman
2012-08-24  9:07     ` Eric W. Biederman
2012-08-24  9:45       ` David Laight

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=871uiwlrf3.fsf@xmission.com \
    --to=ebiederm@xmission.com \
    --cc=eric.dumazet@gmail.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.