From: dingtianhong <dingtianhong@huawei.com>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>, <netdev@vger.kernel.org>,
Li Zefan <lizefan@huawei.com>, Xinwei Hu <huxinwei@huawei.com>
Subject: Re: [Eulerkernel] [PATCH] af_unix: dont send SCM_CREDENTIAL when dest socket is NULL
Date: Tue, 26 Mar 2013 11:08:56 +0800 [thread overview]
Message-ID: <51511148.4000804@huawei.com> (raw)
In-Reply-To: <1364220269.29473.13.camel@edumazet-glaptop>
On 2013/3/25 22:04, Eric Dumazet wrote:
> On Mon, 2013-03-25 at 18:28 +0800, dingtianhong wrote:
>> SCM_SCREDENTIALS should apply to write() syscalls only either source or destination
>> socket asserted SOCK_PASSCRED. The original implememtation in maybe_add_creds is wrong,
>> and breaks several LSB testcases ( i.e. /tset/LSB.os/netowkr/recvfrom/T.recvfrom).
>>
>> Origionally-authored-by: Karel Srot <ksrot@redhat.com>
>> Signed-off-by: Ding Tianhong <dingtianhong@huawei.com>
>> ---
>> net/unix/af_unix.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
>> index 51be64f..99189fd 100644
>> --- a/net/unix/af_unix.c
>> +++ b/net/unix/af_unix.c
>> @@ -1413,8 +1413,8 @@ static void maybe_add_creds(struct sk_buff *skb, const struct socket *sock,
>> if (UNIXCB(skb).cred)
>> return;
>> if (test_bit(SOCK_PASSCRED, &sock->flags) ||
>> - !other->sk_socket ||
>> - test_bit(SOCK_PASSCRED, &other->sk_socket->flags)) {
>> + (other->sk_socket &&
>> + test_bit(SOCK_PASSCRED, &other->sk_socket->flags))) {
>> UNIXCB(skb).pid = get_pid(task_tgid(current));
>> UNIXCB(skb).cred = get_current_cred();
>> }
>
> I am not sure why adding credentials if other->sk_socket is NULL could
> break an application ?
The bugzilla has report the bug:https://lsbbugs.linuxfoundation.org/show_bug.cgi?id=3523
>
> This was the case before commit introducing this code.
The commit 16e5726269(af_unix: dont send SCM_CREDENTIALS by default) may introducing the problem.
>
> Anyway patch looks fine
>
> Acked-by: Eric Dumazet <edumazet@google.com>
>
>
>
>
>
>
next prev parent reply other threads:[~2013-03-26 3:09 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-25 10:28 [Eulerkernel] [PATCH] af_unix: dont send SCM_CREDENTIAL when dest socket is NULL dingtianhong
2013-03-25 14:04 ` Eric Dumazet
2013-03-25 17:12 ` David Miller
2013-03-26 3:08 ` dingtianhong [this message]
2013-03-26 4:32 ` Eric Dumazet
2013-03-26 11:35 ` dingtianhong
2013-03-26 13:46 ` Eric Dumazet
2013-03-27 7:35 ` dingtianhong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51511148.4000804@huawei.com \
--to=dingtianhong@huawei.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=eric.dumazet@gmail.com \
--cc=huxinwei@huawei.com \
--cc=lizefan@huawei.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).