From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9CA5FD52B for ; Mon, 15 May 2023 16:34:29 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id F3A8FC4339B; Mon, 15 May 2023 16:34:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1684168469; bh=iTTczptSFAkAnXxRHH00iexYWM7fDhH82EcWlFBAYcE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=zW5G59Kt4wXj+ogWY6MIQaEfqtzYs6xYu+XTMN9fdp2f4mN5/JfbBMc7Pl2l7qR8x qce7axVHr/Kaa/BqPgPmixCSskJT4S+4Q8oTxUL/9jbtlg56HZ+ChvhYRJKmh9xKHq mxvEAE1rfiomizs3o4CH+r7Zj2qd/PFs4mFGj6vI= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Leon Romanovsky , Alexander Mikhalitsyn , Paul Moore , Sasha Levin Subject: [PATCH 4.14 030/116] scm: fix MSG_CTRUNC setting condition for SO_PASSSEC Date: Mon, 15 May 2023 18:25:27 +0200 Message-Id: <20230515161659.266088173@linuxfoundation.org> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230515161658.228491273@linuxfoundation.org> References: <20230515161658.228491273@linuxfoundation.org> User-Agent: quilt/0.67 Precedence: bulk X-Mailing-List: patches@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Alexander Mikhalitsyn [ Upstream commit a02d83f9947d8f71904eda4de046630c3eb6802c ] Currently, kernel would set MSG_CTRUNC flag if msg_control buffer wasn't provided and SO_PASSCRED was set or if there was pending SCM_RIGHTS. For some reason we have no corresponding check for SO_PASSSEC. In the recvmsg(2) doc we have: MSG_CTRUNC indicates that some control data was discarded due to lack of space in the buffer for ancillary data. So, we need to set MSG_CTRUNC flag for all types of SCM. This change can break applications those don't check MSG_CTRUNC flag. Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Leon Romanovsky Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Alexander Mikhalitsyn v2: - commit message was rewritten according to Eric's suggestion Acked-by: Paul Moore Signed-off-by: David S. Miller Signed-off-by: Sasha Levin --- include/net/scm.h | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/include/net/scm.h b/include/net/scm.h index 903771c8d4e33..1268a051f1aa2 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -104,16 +104,27 @@ static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct sc } } } + +static inline bool scm_has_secdata(struct socket *sock) +{ + return test_bit(SOCK_PASSSEC, &sock->flags); +} #else static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm) { } + +static inline bool scm_has_secdata(struct socket *sock) +{ + return false; +} #endif /* CONFIG_SECURITY_NETWORK */ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm, int flags) { if (!msg->msg_control) { - if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp) + if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp || + scm_has_secdata(sock)) msg->msg_flags |= MSG_CTRUNC; scm_destroy(scm); return; -- 2.39.2