public inbox for linux-man@vger.kernel.org
 help / color / mirror / Atom feed
From: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>
To: Willy Tarreau <w@1wt.eu>
Cc: mtk.manpages@gmail.com, linux-man <linux-man@vger.kernel.org>,
	lkml <linux-kernel@vger.kernel.org>,
	socketpair@gmail.com,
	Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
	linux-fsdevel@vger.kernel.org
Subject: Document accounting of FDs passed over UNIX domain sockets
Date: Fri, 16 Dec 2016 12:08:33 +0100	[thread overview]
Message-ID: <68dec064-17bb-0994-8dcf-e06d54d80ada@gmail.com> (raw)

Hello Willy,

Your commit 712f4aad406bb1 ("unix: properly account for FDs passed over 
unix sockets" added accounting to ensure that the RLIMIT_NOFILE limit
could not be bypassed when passing file descriptors across UNIX
domain sockets.

Such patches should be CCed to linux-api@vger.kernel.org ;-)

A documentation [atch would be great as well, but I had a shot 
at cobbling some text together. Does the text below (for the unix(7)
man page) look okay?

Cheers,

Michael

       ETOOMANYREFS
              This  error  can  occur  for sendmsg(2) when sending a file
              descriptor as ancilary data over a UNIX domain socket  (see
              the  description  of  SCM_RIGHTS, above).  It occurs if the
              number  of  "in-flight"  file   descriptors   exceeds   the
              RLIMIT_NOFILE  resource  limit and the caller does not have
              the  CAP_SYS_RESOURCE  capability.    An   in-flight   file
              descriptor  is  one that has been sent using sendmsg(2) but
              has not yet been accepted in the  recipient  process  using
              recvmsg(2).

              This error is diagnosed since Linux 4.5.  In earlier kernel
              versions, it was possible to place an unlimited  number  of
              file descriptors in flight, by sending each file descriptor
              with sendmsg(2) and then closing  the  file  descriptor  so
              that   it  was  not  accounted  against  the  RLIMIT_NOFILE
              resource limit.


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/

             reply	other threads:[~2016-12-16 11:08 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-12-16 11:08 Michael Kerrisk (man-pages) [this message]
2016-12-17  7:04 ` Document accounting of FDs passed over UNIX domain sockets Willy Tarreau
     [not found]   ` <20161217070431.GA13141-K+wRfnb2/UA@public.gmane.org>
2016-12-17  9:34     ` Michael Kerrisk (man-pages)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=68dec064-17bb-0994-8dcf-e06d54d80ada@gmail.com \
    --to=mtk.manpages@gmail.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-man@vger.kernel.org \
    --cc=penguin-kernel@i-love.sakura.ne.jp \
    --cc=socketpair@gmail.com \
    --cc=w@1wt.eu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox