diff options
| author | Alexander Mikhalitsyn <[email protected]> | 2025-07-03 22:23:09 +0000 |
|---|---|---|
| committer | Christian Brauner <[email protected]> | 2025-07-04 07:32:35 +0000 |
| commit | 2775832f71e53a294c93fa4b343a71787a87e5d3 (patch) | |
| tree | 201396e95b9f424430ceddc3d435f60ea93ea6d6 /net/unix/af_unix.c | |
| parent | af_unix/scm: fix whitespace errors (diff) | |
| download | kernel-2775832f71e53a294c93fa4b343a71787a87e5d3.tar.gz kernel-2775832f71e53a294c93fa4b343a71787a87e5d3.zip | |
af_unix: stash pidfs dentry when needed
We need to ensure that pidfs dentry is allocated when we meet any
struct pid for the first time. This will allows us to open pidfd
even after the task it corresponds to is reaped.
Basically, we need to identify all places where we fill skb/scm_cookie
with struct pid reference for the first time and call pidfs_register_pid().
Tricky thing here is that we have a few places where this happends
depending on what userspace is doing:
- [__scm_replace_pid()] explicitly sending an SCM_CREDENTIALS message
and specified pid in a numeric format
- [unix_maybe_add_creds()] enabled SO_PASSCRED/SO_PASSPIDFD but
didn't send SCM_CREDENTIALS explicitly
- [scm_send()] force_creds is true. Netlink case, we don't need to touch it.
Cc: [email protected]
Cc: [email protected]
Cc: David S. Miller <[email protected]>
Cc: Eric Dumazet <[email protected]>
Cc: Jakub Kicinski <[email protected]>
Cc: Paolo Abeni <[email protected]>
Cc: Simon Horman <[email protected]>
Cc: Leon Romanovsky <[email protected]>
Cc: Arnd Bergmann <[email protected]>
Cc: Christian Brauner <[email protected]>
Cc: Kuniyuki Iwashima <[email protected]>
Cc: Lennart Poettering <[email protected]>
Cc: Luca Boccassi <[email protected]>
Cc: David Rheinsberg <[email protected]>
Signed-off-by: Alexander Mikhalitsyn <[email protected]>
Link: https://lore.kernel.org/[email protected]
Reviewed-by: Kuniyuki Iwashima <[email protected]>
Signed-off-by: Christian Brauner <[email protected]>
Diffstat (limited to 'net/unix/af_unix.c')
| -rw-r--r-- | net/unix/af_unix.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 323e4fc85d4b..d52811321fce 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1971,6 +1971,7 @@ static void unix_skb_to_scm(struct sk_buff *skb, struct scm_cookie *scm) * We include credentials if source or destination socket * asserted SOCK_PASSCRED. * + * Context: May sleep. * Return: On success zero, on error a negative error code is returned. */ static int unix_maybe_add_creds(struct sk_buff *skb, const struct sock *sk, @@ -1980,7 +1981,15 @@ static int unix_maybe_add_creds(struct sk_buff *skb, const struct sock *sk, return 0; if (unix_may_passcred(sk) || unix_may_passcred(other)) { - UNIXCB(skb).pid = get_pid(task_tgid(current)); + struct pid *pid; + int err; + + pid = task_tgid(current); + err = pidfs_register_pid(pid); + if (unlikely(err)) + return err; + + UNIXCB(skb).pid = get_pid(pid); current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid); } |