From nobody Wed Oct 8 10:02:26 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4265324166A for ; Sun, 29 Jun 2025 21:40:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233238; cv=none; b=tVffJNwEWU+i7u/ShM9KH4cF8llZsME655rMf11Pt96WuWH4tkv0tYQSMBs8jLUXYc5tzFv+/KTd9W99Kd2FVd+kcNN4aDlb5yTOP6+BDDmtR1c31EpDbCK3GNH6L6AhaU75W10OSRsWFBxPzvh2iVW+W2AxODpvJrZYakkQQxI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233238; c=relaxed/simple; bh=VACbYylNY0GZZiXUiqWxZtbjE7wFpLfHHpgC7WkkLEk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=erE8qPUYUVOCyaAmB4iEqmoSxWoI8Q6rAm0qDbuAUxYRP7SvbnhV0MNT51ZdLJULB+pylMp1HQ3fR85fXuNiCcpPUPv25UxhljIi07MfgzXRaWOb1wMp/iXCXv+qpFHAvyFoErCGSjRL7A7SwX5tmElABJP7mDFIGceeWNS317A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=ZBIbAzlQ; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="ZBIbAzlQ" Received: from mail-ej1-f69.google.com (mail-ej1-f69.google.com [209.85.218.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id BFDC93F278 for ; Sun, 29 Jun 2025 21:40:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751233225; bh=zaLf0PqnVSE0a0NYI1zahHI7S708kB309VTgxWqu+sY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ZBIbAzlQB3dFlk14jPJiniEf1RHF2eOvng+PBx++5ukiN25yEjHexTSpkK+LtCS9B ecDCCrD6Iph9/j9uz7H+aSKVsk7R0nxjT3Brv0GDG0u0tt5ZL8zvhBJYEZCLp9tN+U 3i3rr/EQ8AFVjs+NB5HIDavysxIRa+ktbOJpicjkkD+ngDt6Pp27LpcHk/dYbwSExr lW8PErRz/xs9MLJRX6IEnmD6y28koZfKAtL7V5h8nwJx24/IWEw+QF+dQLwKHVHBe+ Z17bXmvj79ofNUskl1TZSHgAWXfQCLKG8y04fOlKo6N/anSMJiEKIwzOe+/qdiJje0 panzc9y4+Ps7g== Received: by mail-ej1-f69.google.com with SMTP id a640c23a62f3a-ae37a8f000bso43316566b.0 for ; Sun, 29 Jun 2025 14:40:25 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751233225; x=1751838025; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=zaLf0PqnVSE0a0NYI1zahHI7S708kB309VTgxWqu+sY=; b=TYq0iddZovmbUoFlpFbefqJU9qo+i9DUaEzq6cKmcoTkf0M5ydqg37YNQ/5+ud55JF +9tyZr8wVJmprMJjeQzETC9ZIerTTAiWlWuzorV4yEmFMj5bDVHBUnH3LoNlCo5/N1L0 FtKFM1G87agXouBnkxnnR+gvNTNmobsvz4Lu7UeWmMruYkL7cVSre5TKyoGhj9tO4+uQ SsZnvELp5F/n1+8/iXhg1gN/zdGy1yFIJDWniE4FujmR61WgnQf8KjLSxgXVebq9L4rs P+KbQ3kLRSffdW557d070bm4AOQ1moc87Q1sgssu1cYIB5dtf8kTW4JqprcelX5bOFcj gbcQ== X-Forwarded-Encrypted: i=1; AJvYcCUHzQVEn4vySYmlZz4AnBScO+V76N7ihicmxfin/VhGRLl0CRI1epsSL1M3Sds+LIhT60FSCGRyfHFyIV0=@vger.kernel.org X-Gm-Message-State: AOJu0YxbeY31m8k6a0BpGqqgxvxAim17Msw4dnRUsCTBXyeara4Q6C93 4pesXJtU9Tr+iprIUx9lmLu403rpu5nJ4vlUMVG1RcJa0aqAPq7HeSETghdQJwL7qlgo6uctt3O 6nAw8S7apn1FlyeEjc0A62ZkLeS9F6bZLNDhKFEWJk0eh/NODnXbX0LS3+1y3ihZgrnDdIvY0fc bdjL/Igg== X-Gm-Gg: ASbGncvXc2Dj0SfDJIAJybalIcC4d/wknds8TcCGJVxeaW1txaSGY3LstyIcxEa3kpO gK2IszKa8FtlT7a3X0AovcIQ5LsylrHE/ePBqIshlKxtXVfjqdGoe5063Q6F1PM8helffNH+9ks BXKZuFw6fZYRHgk+LCd8caiwkyg1viSkm8KLzht6o4NLtYqstDU8s5biULM0AZaFtuO2iBmO2Ky IQsMkHymc3hdJUF0WGpHOLYfBdlK7urLhKr8gxdvF9i3iL8p7IIF0hZDVV/ILhDSkxWOylt43lh aew61MfGxvlbyKPmNZtgvDXGYvW10Vfwqnz3jklESPf2OHRweg== X-Received: by 2002:a17:907:7207:b0:ae3:6b52:f7dd with SMTP id a640c23a62f3a-ae36b52f88amr630214766b.46.1751233225081; Sun, 29 Jun 2025 14:40:25 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEly/HrFr9g6loLhVqffEY2Q9bHE9od0Y4WF5ZWRU6x7hLLHSYilN01ysSpRgmVoetvhvw9iA== X-Received: by 2002:a17:907:7207:b0:ae3:6b52:f7dd with SMTP id a640c23a62f3a-ae36b52f88amr630212866b.46.1751233224676; Sun, 29 Jun 2025 14:40:24 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ae35365a754sm557263366b.62.2025.06.29.14.40.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 29 Jun 2025 14:40:24 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@amazon.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next 1/6] af_unix: rework unix_maybe_add_creds() to allow sleep Date: Sun, 29 Jun 2025 23:39:53 +0200 Message-ID: <20250629214004.13100-2-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> References: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" As a preparation for the next patches we need to allow sleeping in unix_maybe_add_creds() and also return err. Currently, we can't do that as unix_maybe_add_creds() is being called under unix_state_lock(). There is no need for this, really. So let's move call sites of this helper a bit and do necessary function signature changes. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn --- net/unix/af_unix.c | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 129388c309b0..6072d89ce2e7 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1955,21 +1955,26 @@ static int unix_scm_to_skb(struct scm_cookie *scm, = struct sk_buff *skb, bool sen return err; } =20 -/* +/* unix_maybe_add_creds() adds current task uid/gid and struct pid to skb = if needed. + * * Some apps rely on write() giving SCM_CREDENTIALS * We include credentials if source or destination socket * asserted SOCK_PASSCRED. + * + * Context: May sleep. */ -static void unix_maybe_add_creds(struct sk_buff *skb, const struct sock *s= k, - const struct sock *other) +static int unix_maybe_add_creds(struct sk_buff *skb, const struct sock *sk, + const struct sock *other) { if (UNIXCB(skb).pid) - return; + return 0; =20 if (unix_may_passcred(sk) || unix_may_passcred(other)) { UNIXCB(skb).pid =3D get_pid(task_tgid(current)); current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid); } + + return 0; } =20 static bool unix_skb_scm_eq(struct sk_buff *skb, @@ -2104,6 +2109,10 @@ static int unix_dgram_sendmsg(struct socket *sock, s= truct msghdr *msg, goto out_sock_put; } =20 + err =3D unix_maybe_add_creds(skb, sk, other); + if (err) + goto out_sock_put; + restart: sk_locked =3D 0; unix_state_lock(other); @@ -2212,7 +2221,6 @@ static int unix_dgram_sendmsg(struct socket *sock, st= ruct msghdr *msg, if (sock_flag(other, SOCK_RCVTSTAMP)) __net_timestamp(skb); =20 - unix_maybe_add_creds(skb, sk, other); scm_stat_add(other, skb); skb_queue_tail(&other->sk_receive_queue, skb); unix_state_unlock(other); @@ -2256,6 +2264,10 @@ static int queue_oob(struct sock *sk, struct msghdr = *msg, struct sock *other, if (err < 0) goto out; =20 + err =3D unix_maybe_add_creds(skb, sk, other); + if (err) + goto out; + skb_put(skb, 1); err =3D skb_copy_datagram_from_iter(skb, 0, &msg->msg_iter, 1); =20 @@ -2275,7 +2287,6 @@ static int queue_oob(struct sock *sk, struct msghdr *= msg, struct sock *other, goto out_unlock; } =20 - unix_maybe_add_creds(skb, sk, other); scm_stat_add(other, skb); =20 spin_lock(&other->sk_receive_queue.lock); @@ -2369,6 +2380,10 @@ static int unix_stream_sendmsg(struct socket *sock, = struct msghdr *msg, =20 fds_sent =3D true; =20 + err =3D unix_maybe_add_creds(skb, sk, other); + if (err) + goto out_free; + if (unlikely(msg->msg_flags & MSG_SPLICE_PAGES)) { skb->ip_summed =3D CHECKSUM_UNNECESSARY; err =3D skb_splice_from_iter(skb, &msg->msg_iter, size, @@ -2399,7 +2414,6 @@ static int unix_stream_sendmsg(struct socket *sock, s= truct msghdr *msg, goto out_free; } =20 - unix_maybe_add_creds(skb, sk, other); scm_stat_add(other, skb); skb_queue_tail(&other->sk_receive_queue, skb); unix_state_unlock(other); --=20 2.43.0 From nobody Wed Oct 8 10:02:26 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA793242922 for ; Sun, 29 Jun 2025 21:40:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233241; cv=none; b=KA/4yvuY2LjAMMLol6vP85qJ2IB0KndMLFQhimBEbX5tvLW/CQnY5kBCCgizC3Q6pT37EeftTQRa/CmGTu9HVvITD+YwuBTqXO+Knk+2BYw5kDEdxPIBkO1tUp1LxIC5hpydtjMjqlggXH0CSSD5a33nQskyqSM3xP3HdjDxlSM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233241; c=relaxed/simple; bh=kvcbJF2gqpLsLCd/IovZeBo7QSbHZvsPm2YuBtmttAg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=d2erM2Y64J12Kt5aumMFR/Hb6Tyb+Gg9KgYWItXEp+x10KebfRZ6V5LaG9itdbXMmLWUol36+NJhVmhc57DIrq8weNXfdJJdvvssojR4zsDnZ+xxatEzAC3ciP+W1dyWr3oTpiv4mjWYn7iBL2vwvBXz91ahGHjGyACuccBvgNI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=s8WwqN9F; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="s8WwqN9F" Received: from mail-ej1-f70.google.com (mail-ej1-f70.google.com [209.85.218.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 335853F927 for ; Sun, 29 Jun 2025 21:40:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751233229; bh=QTemUsWeLJmmZyto6KQ3VZl2RnE1/5oF2xDkIiQpRdI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=s8WwqN9FsQ1FgQFFS7aNKC28NI7vtepesJ6uenQefnCq3Ep1GqDaoafhQML0hSgYu baUboDNOXaByfSQwAkQKs449wgoFvw6NWPM/q/8eJHlw4kk9obJW9A6Dd9TYkCqiAX ij9KptStYH2IzZC8euOzRFJSA4++FUYKTD2JIlwodyv6c8yoSCGsYddVWaeH0DdFJC KFUtPuV8VmmPkYLSvQuRFNiidI1NPN+DlKzi/6lob+0QNd0uDZVT8U9//izEpPuW2w fcCfOm+RQZ1GHr8yp/YiRLgMT94ZHIRtk2OruVZ/AlptyfjytInxSyZwHmt2LNjZvi ReaE+26H+3dxw== Received: by mail-ej1-f70.google.com with SMTP id a640c23a62f3a-adb33457610so147444966b.3 for ; Sun, 29 Jun 2025 14:40:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751233229; x=1751838029; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QTemUsWeLJmmZyto6KQ3VZl2RnE1/5oF2xDkIiQpRdI=; b=ZaEnJB4bmgucXMYI5/EmfK2CEba1LBDQgnHY9jzY+crXP+7s1UWUZ0vntdHh6DXd4O OUymyc9DgcAN3mIoLTcaQUjvfwFnLc/i4uj1dbMHe9tVVXnf+8agqE7+R/+XNEbHe6qf 3Hp1u4X+qqyU+B/Mq/sx/M6M8z5NURfU5idwpHqno5zj9W17s/fEL7Qtqv1kP6doIbhn nlIbXumI4UlI88/RDRkynYCK0IYotMyxTPIwKT8va3URhr+fY5ngCUIKsj9+4O3WLj2H BRPU/5p9aS+AA9aw4WSMvtmxe0sWFucpO7K/6T0sc7CzXHp6B3DDBEnmkdM71Nca3KC4 C6bw== X-Forwarded-Encrypted: i=1; AJvYcCWPKmInEdPBvyHZu+Qu+I6lJGSfeGAkslWWCNYcS2YyfIVcaghwOoMFdIJv5PJ9X4L58BwgwIU9FrKcPLg=@vger.kernel.org X-Gm-Message-State: AOJu0YwjFQkbgwMSETKCzG2LEHcFJCxYWYjEkwUrUGhbj/7GEyQCMhIu 1d4Jp5YPPNcIGS4S8H+ojWOAvEdG8ecxsz9pMhmFtXYHD7rSEiGYAfSCrQVdKflFILCGOgBZXB1 /RE52xZtMEkWn7P9HXfk7fn9gc3tjsOMbz9pGaHmObheHC8UV+JIhxnMOWBdiwfyC8NC94XWbjr 68FXzyPw== X-Gm-Gg: ASbGncuka01FhG3Q1D+zaswWwuIFPHIOceloG2cIUQE8g7scY4Xj/jRRMAy2zCb4jJ1 oqWM4Ts9s/DltTqNxga9S2NEsVnjp5EzM5R086xCiwXIvzLFa3/DY+zOtLPA70F6UnOMrid2rMj 2l0OHoSS132rE6GR8lWpS41muiuUuG6WAP8+BpLAqXPWrTIWuZOS9Mv2UWnBwkUT0HJIK3DD/mv IVKcXQb5VXlw6FqSEMR3ttEmgea/qwWPWCdj1Ejmhq73/J7TpZlhZ9N+wBjMDz5DjxN2Bk5JCgq WklF89BbGmuCUQzibPTegFf3KBWZpnzA2S6pV1BFcvHgI71scw== X-Received: by 2002:a17:907:1b29:b0:ade:3bec:ea40 with SMTP id a640c23a62f3a-ae34fd2bc54mr932856666b.10.1751233228551; Sun, 29 Jun 2025 14:40:28 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHTGWAqr2cYFXliuX8B24KQBUcbldsB6HuCJVhDhy2pn5wpEbt2R5iLuguahv9SroXd+9vqmA== X-Received: by 2002:a17:907:1b29:b0:ade:3bec:ea40 with SMTP id a640c23a62f3a-ae34fd2bc54mr932855766b.10.1751233228149; Sun, 29 Jun 2025 14:40:28 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ae35365a754sm557263366b.62.2025.06.29.14.40.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 29 Jun 2025 14:40:27 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@amazon.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next 2/6] af_unix: introduce unix_skb_to_scm helper Date: Sun, 29 Jun 2025 23:39:54 +0200 Message-ID: <20250629214004.13100-3-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> References: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Instead of open-coding let's consolidate this logic in a separate helper. This will simplify further changes. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn --- net/unix/af_unix.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 6072d89ce2e7..5efe6e44abdf 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1955,6 +1955,12 @@ static int unix_scm_to_skb(struct scm_cookie *scm, s= truct sk_buff *skb, bool sen return err; } =20 +static void unix_skb_to_scm(struct sk_buff *skb, struct scm_cookie *scm) +{ + scm_set_cred(scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid); + unix_set_secdata(scm, skb); +} + /* unix_maybe_add_creds() adds current task uid/gid and struct pid to skb = if needed. * * Some apps rely on write() giving SCM_CREDENTIALS @@ -2561,8 +2567,7 @@ int __unix_dgram_recvmsg(struct sock *sk, struct msgh= dr *msg, size_t size, =20 memset(&scm, 0, sizeof(scm)); =20 - scm_set_cred(&scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid); - unix_set_secdata(&scm, skb); + unix_skb_to_scm(skb, &scm); =20 if (!(flags & MSG_PEEK)) { if (UNIXCB(skb).fp) @@ -2947,8 +2952,7 @@ static int unix_stream_read_generic(struct unix_strea= m_read_state *state, break; } else if (unix_may_passcred(sk)) { /* Copy credentials */ - scm_set_cred(&scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid); - unix_set_secdata(&scm, skb); + unix_skb_to_scm(skb, &scm); check_creds =3D true; } =20 --=20 2.43.0 From nobody Wed Oct 8 10:02:26 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6FD6A241132 for ; Sun, 29 Jun 2025 21:40:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233238; cv=none; b=RU0ISxOfxlVSSZjwkDDz35qnTisfhyKQT+4qmtpTnvBCxA+r5NCsETQGIAn/sACRoP1PQz4ECkBZQJYGq8ZwSS9KeWqshFMU2XI5t3AG5O5OUdiyqL5DJ767mcUbRIZFcRgEsJ/Ag3B0nx6LK9k1Heg+KWi8eVhkhX0OpWh+uxI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233238; c=relaxed/simple; bh=IyxrDFbacMBAx6Onjmukxc0YN1nXFQ5UE0pW+oMO/pQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=sjhZsIAgkZ+XcTxM/l59BM06MecqTMZggXMbksBWv3cjIfy8WDWCUirJk5gQhxX7hynFYXPDqid8e37hLeL55aVSERz45Bw2lOP4wn28kAVe94buJhy0qTO5TcfaE/Q131au2JNOzdQbTy7uhTTjHX6ImpseY8DlbgXTOdcTgPY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=O7pB1Y/8; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="O7pB1Y/8" Received: from mail-ej1-f69.google.com (mail-ej1-f69.google.com [209.85.218.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 159003F657 for ; Sun, 29 Jun 2025 21:40:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751233232; bh=48BdSf3QfnCKs3/i9D2aI5kg4hr1YnePWMmrRnRqmkI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=O7pB1Y/8gNI8jM/C7mjSSGPGwD2gs4r6AvQVRlkcbU1DfntahdAJKMbN7c8eiS5/+ 4CcU2w7EX/cc0WcLbkYHoPOh+jwRjzvkxzQeTpxUWfmIP5Vl9THFtU/Na3XWRDKkVN NGjBB9HUA/CB+NfY0GmlzzZpm3mZjHTRqGduQgv0b2jaZ4kb0n/te9gHsj0RR6AWlV rE+mnm5g0PcoyGQ6ZyVVK0MPUjP/VqlxxFj40oRYPDGnKE+KxAM2TMuCOzQRB8I8qI j2xcwAPrjqde32j/S5gQ3ql80IOpWP+LQzevcAObbvvXj7b56ZJmK2VNbSbp8+Pc39 XH8KHnvNbTScg== Received: by mail-ej1-f69.google.com with SMTP id a640c23a62f3a-adb33457610so147445766b.3 for ; Sun, 29 Jun 2025 14:40:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751233231; x=1751838031; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=48BdSf3QfnCKs3/i9D2aI5kg4hr1YnePWMmrRnRqmkI=; b=saBncwZDQZIGwwMRSrmdjwcZgJ7elAM6HdBUDbd0rBKStIoJmmbsX4tcUr+KnMksHR s4T+eng0GswRuXH4AvC4Du19AfZREKXS5dDGwifBdMcb8EHNlAImfyNpr7zGuMrsulY5 gSNzspZvIHfG0ykfElselNkVtifgAsHzCBJkQ2BsRwh07ZKH2miZKNLIQ3/fU6JPwInc 9Xo1cS4GtAD4C6WduV7d46rPZjqhyplCDHCb3sZv/q7YFR0K8GmpBssNEgkJH/sTfaZT zJrYqCxCMThihNgXeIipPcccj6IU7IuJnJxxKnJzMZuijlkEEi7yi5eFnUTbI2mE7GPI 1B0g== X-Forwarded-Encrypted: i=1; AJvYcCX5loDLdGSmCoWehermEJs5X1vAmAdo+v83mOYdlF2nU5hQuFyxlc0ilmVHFy0xHP1htsoj2zUFueSXmtA=@vger.kernel.org X-Gm-Message-State: AOJu0YyOLp/7JFtYuCBSDPqPrqZPBDOtQ+U5FjEWZW2CBo+rkjonYsmY sxGG5WhynYCxyhtjezGEQzNCaIMJyGYgTYtUedsY/um2eAh0gDT84oYN97o9X8Jx6A97n+vQyuQ NCE4gVA9w3ALi063gWIPwWcLzcW1mq/DOKgzRMJzm+zKB3uUFjpKCvrxUMC1EIW/uyrxVp2UpXw czrzPFxg== X-Gm-Gg: ASbGncuqoF2fxy5S4ZuvXCzT5ZFoRGRA1TlbTXPLm2Guw02Cexgrc9ELcMpaSFlYY07 tr5nrO/sGUJAazkl9YeCYqIUA9jBEin6F/kWPfprcPZZMJ6mkUSRAW6nbzxuPgkofZTuqxCjDP0 uOhXhAm7FBRpNBZ1P03DNCIow8XEAwymIF1qV8jMSuhyVCCB6wBsgA5EkNNpQR92YSLGcim3Zcj 0GuG56ZI4d9LMqsr0sB88kF+S7qN58COOm6ms8Uez1t2qiPYlHyrWeMpGtIScUgNbyDxozAY34F YScAl5QYYf7JJt3B6gucNFux5zCA3EZ1ZvTSBcYI92rNgb2/Sw== X-Received: by 2002:a17:907:9490:b0:ae3:7084:7358 with SMTP id a640c23a62f3a-ae37084758amr558687666b.58.1751233231648; Sun, 29 Jun 2025 14:40:31 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFSIm7upfMuuJVnjznmjrVxm+tXaPhq4fTHwTaW1KebVCezBY91akX8QVAoBLuxIE1VBzR56A== X-Received: by 2002:a17:907:9490:b0:ae3:7084:7358 with SMTP id a640c23a62f3a-ae37084758amr558685966b.58.1751233231308; Sun, 29 Jun 2025 14:40:31 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ae35365a754sm557263366b.62.2025.06.29.14.40.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 29 Jun 2025 14:40:30 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@amazon.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Willem de Bruijn , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next 3/6] af_unix: introduce and use __scm_replace_pid() helper Date: Sun, 29 Jun 2025 23:39:55 +0200 Message-ID: <20250629214004.13100-4-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> References: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Existing logic in __scm_send() related to filling an struct scm_cookie with a proper struct pid reference is already pretty tricky. Let's simplify it a bit by introducing a new helper. This helper will be extended in one of the next patches. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Willem de Bruijn Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn --- include/net/scm.h | 10 ++++++++++ net/core/scm.c | 11 ++++++++--- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/include/net/scm.h b/include/net/scm.h index 84c4707e78a5..856eb3a380f6 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -88,6 +88,16 @@ static __inline__ void scm_destroy(struct scm_cookie *sc= m) __scm_destroy(scm); } =20 +static __inline__ int __scm_replace_pid(struct scm_cookie *scm, struct pid= *pid) +{ + /* drop all previous references */ + scm_destroy_cred(scm); + + scm->pid =3D get_pid(pid); + scm->creds.pid =3D pid_vnr(pid); + return 0; +} + static __inline__ int scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm, bool forcecreds) { diff --git a/net/core/scm.c b/net/core/scm.c index 0225bd94170f..0e71d5a249a1 100644 --- a/net/core/scm.c +++ b/net/core/scm.c @@ -189,15 +189,20 @@ int __scm_send(struct socket *sock, struct msghdr *ms= g, struct scm_cookie *p) if (err) goto error; =20 - p->creds.pid =3D creds.pid; if (!p->pid || pid_vnr(p->pid) !=3D creds.pid) { struct pid *pid; err =3D -ESRCH; pid =3D find_get_pid(creds.pid); if (!pid) goto error; - put_pid(p->pid); - p->pid =3D pid; + + err =3D __scm_replace_pid(p, pid); + /* Release what we get from find_get_pid() as + * __scm_replace_pid() takes all necessary refcounts. + */ + put_pid(pid); + if (err) + goto error; } =20 err =3D -EINVAL; --=20 2.43.0 From nobody Wed Oct 8 10:02:26 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 483D0243364 for ; Sun, 29 Jun 2025 21:40:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233243; cv=none; b=DfSKXafDdcB/W/HqSyy6DuiU2tclttOvUnv7ILp/0/d4AOLiijTp2RgLSL/Ftp+Gv/SKLI+TkJVaVufbxn2V9LBr06IBqPzlLwaNEeZOCyQF6CACS9KWxdeH4IJrpNMLfWnajSxSaSRDU9kBzAkd5GmbERCACAyd3j5XCS92w2I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233243; c=relaxed/simple; bh=DZgLuTKQ6FkE/AqtchhZEXS16TEbGGbw+cRTURV4+5U=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=gZgeTo1FciT0XIn6DhrdDaGxawY9Voeaq4up3OE0iTAyUmStybNlJ7Pu92/kTGURCzSkhoCCuCH8Ko7nnV3pfJRkXZtKPTVDD4okzqe/ToecvboARSG3kLOlJNZBm68kqPkxSevTp+bvPJrPoP6RbQ4it3HKLy6vJ0Fvh5Rt8N8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=QA7Ovt66; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="QA7Ovt66" Received: from mail-ej1-f70.google.com (mail-ej1-f70.google.com [209.85.218.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 621973F941 for ; Sun, 29 Jun 2025 21:40:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751233235; bh=Tl324YoMVF9U2iaqiQA87hf/uf124Y9qhcfNcjMgLzQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QA7Ovt66Hs0yLCXy6KFNiQ44BLy4blEjvhmx2VccWungh5rPtmn6bRLAR5kfUmtBW NEj2mEO4kzzcuNUjLBTvdRjV0CYfVkoMh4SteTbxBKII4xRzYROGZ8KBaL379/NUc3 wHYnle88uLXNPokzb/rbbmuF29HE5jJttaehcqP5qAUQKxMdviSpq4rDwHSc1m+1yz TMSX8BwvEkHNB86V9/Z7UQOdDaXr+cVl/mzM0Wtqep8icrSCKryDSNco2UsJy3JE7o ABDANbKMywPnfCccfi+xJVTJ5xVeYKg2qeodbFCeXwn8NqjjkRws19MrX7clGqaxSV 0YGeHwQe7CnQQ== Received: by mail-ej1-f70.google.com with SMTP id a640c23a62f3a-ae0de1a6a80so116792866b.1 for ; Sun, 29 Jun 2025 14:40:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751233235; x=1751838035; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Tl324YoMVF9U2iaqiQA87hf/uf124Y9qhcfNcjMgLzQ=; b=DwoWHk7zHfOMQwFrMVw7IMcQSj2rtGFfmlIazhfvgRaCF7pVI5HQI4lELVgkSt80am 3h76dZ3D5xHxhM/WwsGdzwIXaCYpktxvlYBvqqoGAlEeAhPwGPe2pYOJtc9jk/ZT30tc jdzbs51Jp7pDRIUYp6M0dVxEGdzWDgVQevjVVFktWs8A7nCQFwuelQUoht4mI/KQ+Y2D 71CUeDmFLUF5PN01wr8SVi38va48GIxKSHUJHw3otPNb4UiBpa0fhUFZJe2LUlmuAemf d1CX7xs95clifpmmTTxc4H7SfUDx3I+mO5BZkT/7hJ59qU8TY6H3vSZW4Xdj3Oh/qZzI ZVFQ== X-Forwarded-Encrypted: i=1; AJvYcCUpNpchdqC8hm9jIO+a7LSCMsL3fzsAVKlK+yeRZ6drLSCfbHIEgLfK2YNiJuDhUrRd+q0WK875SAhZsYw=@vger.kernel.org X-Gm-Message-State: AOJu0YxX/l4GCLoo2MIzh0sMMN7LzlmSzm02y00HYlINThNK3a3egyzl 5bHRRD1BP4FwqvllfSHAjQ+KFqY4gYAqZZ2JJe4Bm26K+FGeAq1ooL9YU+cOvuHAxzcbGPlG4es rnWkfp5QoDQtPgiCxWI7UG/r47hMk2enhyKBO9YQ+g4eyyaUVKJnOgvLSHTACUFEp1sYwxoSceZ dm0mQ5ZA== X-Gm-Gg: ASbGncu/uslKOunIcUnK3DC+PZ1H0PP97guCcqSBy6ReA2vxt1o+WkmFE+yqTPbNJiA MYqtk4wsIhZ3tLTqHDrQ/ib8eppOQFw4qpceGxunWjxUdIzb8taoA1YWs23OWkBOgOrJ8fzZuR7 A4Q+5tv7ZPOU3AA0FhuZ5SlAgqqUnaQ7LXytioosHBshoA74sELu4AjIDk6s+b3Ssx5k29gswKN jihdmgRCAdXlmsBAc4qYlMCWe8VAKMQARMkJIWd4KvOZYS0iDzFVqm0lrBACjlnfBHDlE5LQ7xH mmpPnM4mrfa173OOpHR6TpSl3nY3CLWGKBQiLJfhaQTYfuZVTg== X-Received: by 2002:a17:906:f599:b0:ae0:e065:de05 with SMTP id a640c23a62f3a-ae34fd2b394mr958333766b.3.1751233234621; Sun, 29 Jun 2025 14:40:34 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHjdWlHgK+zYjhF9mE4dngqx6K9Qj+r2/9463dOMnUDM/NfueYNa7ewLi4OC121uaz2TDdYAQ== X-Received: by 2002:a17:906:f599:b0:ae0:e065:de05 with SMTP id a640c23a62f3a-ae34fd2b394mr958332566b.3.1751233234217; Sun, 29 Jun 2025 14:40:34 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ae35365a754sm557263366b.62.2025.06.29.14.40.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 29 Jun 2025 14:40:33 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@amazon.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next 4/6] af_unix: stash pidfs dentry when needed Date: Sun, 29 Jun 2025 23:39:56 +0200 Message-ID: <20250629214004.13100-5-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> References: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We need to ensure that pidfs dentry is allocated when we meet any struct pid for the first time. This will allows us to open pidfd even after the task it corresponds to is reaped. Basically, we need to identify all places where we fill skb/scm_cookie with struct pid reference for the first time and call pidfs_register_pid(). Tricky thing here is that we have a few places where this happends depending on what userspace is doing: - [__scm_replace_pid()] explicitly sending an SCM_CREDENTIALS message and specified pid in a numeric format - [unix_maybe_add_creds()] enabled SO_PASSCRED/SO_PASSPIDFD but didn't send SCM_CREDENTIALS explicitly - [scm_send()] force_creds is true. Netlink case. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn --- include/net/scm.h | 35 ++++++++++++++++++++++++++++++----- net/unix/af_unix.c | 36 +++++++++++++++++++++++++++++++++--- 2 files changed, 63 insertions(+), 8 deletions(-) diff --git a/include/net/scm.h b/include/net/scm.h index 856eb3a380f6..d1ae0704f230 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include @@ -66,19 +67,37 @@ static __inline__ void unix_get_peersec_dgram(struct so= cket *sock, struct scm_co { } #endif /* CONFIG_SECURITY_NETWORK */ =20 -static __inline__ void scm_set_cred(struct scm_cookie *scm, - struct pid *pid, kuid_t uid, kgid_t gid) +static __inline__ int __scm_set_cred(struct scm_cookie *scm, + struct pid *pid, bool pidfs_register, + kuid_t uid, kgid_t gid) { - scm->pid =3D get_pid(pid); + if (pidfs_register) { + int err; + + err =3D pidfs_register_pid(pid); + if (err) + return err; + } + + scm->pid =3D get_pid(pid); + scm->creds.pid =3D pid_vnr(pid); scm->creds.uid =3D uid; scm->creds.gid =3D gid; + return 0; +} + +static __inline__ void scm_set_cred(struct scm_cookie *scm, + struct pid *pid, kuid_t uid, kgid_t gid) +{ + /* __scm_set_cred() can't fail when pidfs_register =3D=3D false */ + (void) __scm_set_cred(scm, pid, false, uid, gid); } =20 static __inline__ void scm_destroy_cred(struct scm_cookie *scm) { put_pid(scm->pid); - scm->pid =3D NULL; + scm->pid =3D NULL; } =20 static __inline__ void scm_destroy(struct scm_cookie *scm) @@ -90,9 +109,15 @@ static __inline__ void scm_destroy(struct scm_cookie *s= cm) =20 static __inline__ int __scm_replace_pid(struct scm_cookie *scm, struct pid= *pid) { + int err; + /* drop all previous references */ scm_destroy_cred(scm); =20 + err =3D pidfs_register_pid(pid); + if (err) + return err; + scm->pid =3D get_pid(pid); scm->creds.pid =3D pid_vnr(pid); return 0; @@ -105,7 +130,7 @@ static __inline__ int scm_send(struct socket *sock, str= uct msghdr *msg, scm->creds.uid =3D INVALID_UID; scm->creds.gid =3D INVALID_GID; if (forcecreds) - scm_set_cred(scm, task_tgid(current), current_uid(), current_gid()); + __scm_set_cred(scm, task_tgid(current), true, current_uid(), current_gid= ()); unix_get_peersec_dgram(sock, scm); if (msg->msg_controllen <=3D 0) return 0; diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 5efe6e44abdf..1f4a5fe8a1f7 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1924,12 +1924,34 @@ static void unix_peek_fds(struct scm_cookie *scm, s= truct sk_buff *skb) scm->fp =3D scm_fp_dup(UNIXCB(skb).fp); } =20 +static int __skb_set_pid(struct sk_buff *skb, struct pid *pid, bool pidfs_= register) +{ + if (pidfs_register) { + int err; + + err =3D pidfs_register_pid(pid); + if (err) + return err; + } + + UNIXCB(skb).pid =3D get_pid(pid); + return 0; +} + static void unix_destruct_scm(struct sk_buff *skb) { struct scm_cookie scm; =20 memset(&scm, 0, sizeof(scm)); - scm.pid =3D UNIXCB(skb).pid; + + /* Pass ownership of struct pid from skb to scm cookie. + * + * We rely on scm_destroy() -> scm_destroy_cred() to properly + * release everything. + */ + scm.pid =3D UNIXCB(skb).pid; + UNIXCB(skb).pid =3D NULL; + if (UNIXCB(skb).fp) unix_detach_fds(&scm, skb); =20 @@ -1943,7 +1965,10 @@ static int unix_scm_to_skb(struct scm_cookie *scm, s= truct sk_buff *skb, bool sen { int err =3D 0; =20 - UNIXCB(skb).pid =3D get_pid(scm->pid); + err =3D __skb_set_pid(skb, scm->pid, false); + if (unlikely(err)) + return err; + UNIXCB(skb).uid =3D scm->creds.uid; UNIXCB(skb).gid =3D scm->creds.gid; UNIXCB(skb).fp =3D NULL; @@ -1976,7 +2001,12 @@ static int unix_maybe_add_creds(struct sk_buff *skb,= const struct sock *sk, return 0; =20 if (unix_may_passcred(sk) || unix_may_passcred(other)) { - UNIXCB(skb).pid =3D get_pid(task_tgid(current)); + int err; + + err =3D __skb_set_pid(skb, task_tgid(current), true); + if (unlikely(err)) + return err; + current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid); } =20 --=20 2.43.0 From nobody Wed Oct 8 10:02:26 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F0243242D66 for ; Sun, 29 Jun 2025 21:40:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233241; cv=none; b=pto1CSvgJA5KF5JuEq4nEJCUWLz88voeAMikaE3W8Yo+kZguxmqDK8Cl9vEhBa7gkReGK9VAdBBUqXDPIjAoF2PlOHLZp2vbYrqijc7gpYP07n5qFfSyBx+8A9+V8Xxec8c8bawWVmZhFcjTT6p4lmnJLeo/iXHUsEjCpgzKEBk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233241; c=relaxed/simple; bh=HDrnBzNT9sqw61xhXF1ulsb7GjHFsKMwkldBN6Mty4A=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FSzSZ3R0jg+AU/xcH3J+OuiVzMfQxJ21ZjJgHc+bn/QHKkHjcLDpQR6nOyzu5BHBhl1pVqa4sy0VbMsxF5Nhpx2UmIcZLLBXD0lR8fhoZ7x/+pbfQciJYhA+mmlxGM5Y3trsTnaaTKiih7kh7p/daFOQsastqOCTKrK/AEZ70yA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=hMToEG7w; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="hMToEG7w" Received: from mail-ej1-f72.google.com (mail-ej1-f72.google.com [209.85.218.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 3B0B33F2AF for ; Sun, 29 Jun 2025 21:40:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751233238; bh=tvyEgsiRIsWy5+9Pkt7fEE3jkj7QgFDygIBIFRyaq88=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hMToEG7wZSyDtS2ZFA79GxiIxD5HFHHjH1c6i5dwIuMebZDBC6C3G+NmjO810AuGV ewVpcxJlzATenGexrJCA5r5mpb6jSca0bjhFnRsAlEhMsIq2GeCBMotMc2e3VRlNON soriHV3kZGT1SAc1NrQz52lho5TlVG4jY69SA9MTcDwWzd9CLI6VbY99O5p2wh/Phw KSXHZNbqeInuS3MYYxpaSYhPwaiyPiMsDcnvzCg5xpUMURRCCQpxIR3MLbmlJI3CC1 zUWAOClONvBhmVJkz6V1qc8Y8L6jcgInvpPaDH1xcTjKuO70y1RP2p2KOm1vcrfAAY SH+q80tgloCqg== Received: by mail-ej1-f72.google.com with SMTP id a640c23a62f3a-ae0de1a6a80so116794766b.1 for ; Sun, 29 Jun 2025 14:40:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751233238; x=1751838038; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tvyEgsiRIsWy5+9Pkt7fEE3jkj7QgFDygIBIFRyaq88=; b=OlmyPyROkr/7umUuowLjMZF1d8mhBrxYy4RobvMoGPLRRz0FPgS5+LVBdoA23fWa1A cjJ5KFHHOEcN7buZELSVMemW0E9F2ORQCMETD73tMAT52fFBeTXJsj2IKc9P1Pmbe9xm kDu3Zm7VB8tsMQd0tXA4V/3BuDxjg4Svq78sJAy53wp8qIa24EDHi1pb3hThMN1ZTe26 BH35KVLZBtzzy2VpIBVjUSkGT+6RlfgsHaheF8ypbMvxjUX+SSv700W7IVi6GayOk4Mv LUk1uXbkHyusE4csD1jtL8GkZCK0B/BHi0QoBb4CbqMJiTcMkA0ohYIsceWji+YpjIob 2GZg== X-Forwarded-Encrypted: i=1; AJvYcCWL18SufOgdoBjkbt4WH8yEc54Vm+a9ysI+yvkV3i2cRVoHX0LKjuAM3XzjctsQoa903vPUvYtbTkXttLY=@vger.kernel.org X-Gm-Message-State: AOJu0Yyb+FclO9cEo6T1/k5xmltKN8PXeSHvSxGd2qTiXpw17+W3JGoG rlhtbwm785WnpIdDK/tAJUquRZTeU6hLsCVDqji0LKmTwCUoBMeySxHFQRF243Ff87/746Xpnyb FONfHxpqxj/FQzVdQGPrvI9Klltdxi/3iXVGiJirke91tuCMmHDCbavLXVps99pmoVfAEhJmar7 opyiGeJQ== X-Gm-Gg: ASbGncsy6D25OYh4NbxC2eBiH8OD1xDULUAL/8j50xfkrqjYK+hUeBQenf3Jw6EDUPo 7rYUplfBtA6LS6MFtJWyLfmG8qEXwuLUSSHhXfPIfa+kZ33I0HFeM/zoBroWSrhFp3TAGaXA2BU HBK+q8gBRTgrvZlp9sIS+jmXubA+Eo6vIGajibcMxctacvxx8ArjWy684plXRvF/enGiIeCLqn0 I3hA6bh3qgOCx+RmC0X5wohImCaA5OU6VYQXChRkugluh54yXSwdMC59GTnRUEV9KelLhZ/fPRU qLFFBbb1d080jcjU+S2hXvDFMh3mVCLGUoYOieHpvvkcUyWxXA== X-Received: by 2002:a17:907:3d8c:b0:adf:f82f:fe0a with SMTP id a640c23a62f3a-ae34fd729f7mr1138531466b.16.1751233237567; Sun, 29 Jun 2025 14:40:37 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFKwXxCz9pE3Brid5b7t2MI0/k++PiuT/Gs+VG0QU8yP+Mj+j5hphzeOjffLrTX6bnFkf0tdA== X-Received: by 2002:a17:907:3d8c:b0:adf:f82f:fe0a with SMTP id a640c23a62f3a-ae34fd729f7mr1138529166b.16.1751233237127; Sun, 29 Jun 2025 14:40:37 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ae35365a754sm557263366b.62.2025.06.29.14.40.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 29 Jun 2025 14:40:36 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@amazon.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Willem de Bruijn , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next 5/6] af_unix: enable handing out pidfds for reaped tasks in SCM_PIDFD Date: Sun, 29 Jun 2025 23:39:57 +0200 Message-ID: <20250629214004.13100-6-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> References: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now everything is ready to pass PIDFD_STALE to pidfd_prepare(). This will allow opening pidfd for reaped tasks. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Willem de Bruijn Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn --- include/net/scm.h | 1 + net/core/scm.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/include/net/scm.h b/include/net/scm.h index d1ae0704f230..1960c2b4f0b1 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include diff --git a/net/core/scm.c b/net/core/scm.c index 0e71d5a249a1..022d5035d146 100644 --- a/net/core/scm.c +++ b/net/core/scm.c @@ -464,7 +464,7 @@ static void scm_pidfd_recv(struct msghdr *msg, struct s= cm_cookie *scm) if (!scm->pid) return; =20 - pidfd =3D pidfd_prepare(scm->pid, 0, &pidfd_file); + pidfd =3D pidfd_prepare(scm->pid, PIDFD_STALE, &pidfd_file); =20 if (put_cmsg(msg, SOL_SOCKET, SCM_PIDFD, sizeof(int), &pidfd)) { if (pidfd_file) { --=20 2.43.0 From nobody Wed Oct 8 10:02:26 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EF238245007 for ; Sun, 29 Jun 2025 21:40:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233246; cv=none; b=S/qHlIg/alKsqnwQm32jJZ0uXZTzc5ZA4oB9PgyI7xClyxNDV9ktdU0CP4V3o8n0WlAL1FO0IZywp+2+aBZBraaeSzmTsVEgZY739t03/n1omqCxDdE8Ti87En8w2M7dyvXUTquD7R4jbxvuJNfJIUQl+N9dJ66z7G3FJTARv3Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751233246; c=relaxed/simple; bh=I7t351s+kUb5SKDYgWQJ8NHDqYpbh8iSwRK42UG3IKE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UTjz61ybj/avWEdasdS6nG/RAFcc6dLrIw3/2JvcwCk7BIITpVsZJ75XMLImQHB9O2hV5P1C8oGIuDWXZVbXsJGwMvONGBwzw/ZrxdA7yRJyviV7w6yOs0e36KNt7sxfgES3fQyw++48MIDL54uiTBGrCtuf5hSrbLcO6bonr9U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=itbNwgcP; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="itbNwgcP" Received: from mail-ej1-f71.google.com (mail-ej1-f71.google.com [209.85.218.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id F014C3F528 for ; Sun, 29 Jun 2025 21:40:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751233240; bh=j2/MTcAm+iCIzDDUxW3OLNpgwibHH9urPgNAxzLNo0E=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=itbNwgcPqIIdQ/Z1hO9aqt5IzhBfL+rElFvM6oe00PqFVdhy20g42LLxKgORvV3pM qQlOGrATIxXSMx59+2OkTTXSpMG4oCbDtFe3nDQ7Wh+Wj0bO3oVqWnEMIV2Avm0OVL F3q0sbEGYcNcYGAkVs02xJaGev1xNco1hfVeacqbUoe0OW2f+ADt6G2KhEZ0T7x6xM Yn9mtZPYAv26yR4eWEdb7ydEJt9WZ+zPojUL65ND4dCJkGFe3fuNo2scxdXs2ZnEPu tZvJfKfGhQKJXVoBxvhkykiJbIymg2jnwANkyNlK5whe9baPhdZqiznh2MQh/8PgO0 gw7LiB+SuTPFw== Received: by mail-ej1-f71.google.com with SMTP id a640c23a62f3a-ae0dffaa8aeso284448266b.0 for ; Sun, 29 Jun 2025 14:40:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751233240; x=1751838040; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=j2/MTcAm+iCIzDDUxW3OLNpgwibHH9urPgNAxzLNo0E=; b=Vfk/04ffEupYsPgwyg+yi0zTUkTASnJmw0+i190quCNyA0CHbD4vaMc/Drw+XBxvZX yOczs+sJczWx4hf0Umsakr480uhJbqpVjRyzMT0S24mxcQbNkhWMZHLQqSm4++o9A0oE dOOUqSXJY7L+cFDiaYPRkaCPRbLuib8FXBy+W+2G6eWO095OSD7z3YXlkDXzKGUyFesP eDA5TlyiS/YZb4MhYBO6x/qLedphgOdDWGpW3HZeX23j/qvtK47E3azWu6mX7SXj1Plm uSXxolgwqo6PlZIo5oeVs+SED+dovmZ2mVyYN9XqPbhITntukjnihnQFgtDhD7ud/tge HJpg== X-Forwarded-Encrypted: i=1; AJvYcCXdVPwohiFHg8XFfAZBQkFACvWJurI4jRqmlV4p32xAIGrWzxPUjO/EDe5Lmn5nzIgfcPIGSOvW3+3ctHc=@vger.kernel.org X-Gm-Message-State: AOJu0YzU3m6ajQxnn/hy8mRMxx9pc0/EYMEAbK5NrAo2sg8E6fq+R4+2 /kJoxsY2hAUG3MNR7F5r+z3yc0CX5NkJlEyD8IW6QLrnfx7oFvzrYlGrdN8X9V9FkNKdcq/2kzU eWG0OKdnykAcVPRZfHBgvYu1OofHrA40pi5uNF8ielYiOhmiqPpk9nuXqT3/0IA5b7vTwZUfmU9 2yXlXUdA== X-Gm-Gg: ASbGncvs70sRrfDITAFhwdR3nFqc11hims4E1YwqqVI3Kug97K8FgN8EvQt0Wuhp8uc X/WZuwmPz7aURMH7VS0mEYMrb+JToYjZ8ItkHo/bC95lm6HzqEMicuQ7PGCdAyVlQmaRtvCrnFw MBy+tI3zbAVRjsZrK/qdJOLbwX2FP2yH6e0tdzxXL/PZtXnk0CjTO6PHegmOLdrrC92YvpNL9gl 9LWlHHdgaoF0bKnjHYfeVesQzoCAsZT+T9zbzDolTPR9Y0hDFfn0cuYER6027SjjUER6w6aBl7I nvibaefS6Qo2bQwE3+YBllcP4555io6bVtP4PQQ9FAClLQvQ6A== X-Received: by 2002:a17:907:9623:b0:ae0:d4ef:e35e with SMTP id a640c23a62f3a-ae350486cacmr995588166b.20.1751233240406; Sun, 29 Jun 2025 14:40:40 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFkTtVlij26vBAiiZO/u0kO89Wxwd6uDfzJ8K4cKBe9bdZeQtpkg4ArxaKG5xcqAMPgFZ3dVg== X-Received: by 2002:a17:907:9623:b0:ae0:d4ef:e35e with SMTP id a640c23a62f3a-ae350486cacmr995587366b.20.1751233239975; Sun, 29 Jun 2025 14:40:39 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-ae35365a754sm557263366b.62.2025.06.29.14.40.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 29 Jun 2025 14:40:39 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@amazon.com Cc: Alexander Mikhalitsyn , linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next 6/6] selftests: net: extend SCM_PIDFD test to cover stale pidfds Date: Sun, 29 Jun 2025 23:39:58 +0200 Message-ID: <20250629214004.13100-7-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> References: <20250629214004.13100-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Extend SCM_PIDFD test scenarios to also cover dead task's pidfd retrieval and reading its exit info. Cc: linux-kselftest@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: Shuah Khan Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn --- .../testing/selftests/net/af_unix/scm_pidfd.c | 217 ++++++++++++++---- 1 file changed, 173 insertions(+), 44 deletions(-) diff --git a/tools/testing/selftests/net/af_unix/scm_pidfd.c b/tools/testin= g/selftests/net/af_unix/scm_pidfd.c index 7e534594167e..37e034874034 100644 --- a/tools/testing/selftests/net/af_unix/scm_pidfd.c +++ b/tools/testing/selftests/net/af_unix/scm_pidfd.c @@ -15,6 +15,7 @@ #include #include =20 +#include "../../pidfd/pidfd.h" #include "../../kselftest_harness.h" =20 #define clean_errno() (errno =3D=3D 0 ? "None" : strerror(errno)) @@ -26,6 +27,8 @@ #define SCM_PIDFD 0x04 #endif =20 +#define CHILD_EXIT_CODE_OK 123 + static void child_die() { exit(1); @@ -126,16 +129,65 @@ static pid_t get_pid_from_fdinfo_file(int pidfd, cons= t char *key, size_t keylen) return result; } =20 +struct cmsg_data { + struct ucred *ucred; + int *pidfd; +}; + +static int parse_cmsg(struct msghdr *msg, struct cmsg_data *res) +{ + struct cmsghdr *cmsg; + int data =3D 0; + + if (msg->msg_flags & (MSG_TRUNC | MSG_CTRUNC)) { + log_err("recvmsg: truncated"); + return 1; + } + + for (cmsg =3D CMSG_FIRSTHDR(msg); cmsg !=3D NULL; + cmsg =3D CMSG_NXTHDR(msg, cmsg)) { + if (cmsg->cmsg_level =3D=3D SOL_SOCKET && + cmsg->cmsg_type =3D=3D SCM_PIDFD) { + if (cmsg->cmsg_len < sizeof(*res->pidfd)) { + log_err("CMSG parse: SCM_PIDFD wrong len"); + return 1; + } + + res->pidfd =3D (void *)CMSG_DATA(cmsg); + } + + if (cmsg->cmsg_level =3D=3D SOL_SOCKET && + cmsg->cmsg_type =3D=3D SCM_CREDENTIALS) { + if (cmsg->cmsg_len < sizeof(*res->ucred)) { + log_err("CMSG parse: SCM_CREDENTIALS wrong len"); + return 1; + } + + res->ucred =3D (void *)CMSG_DATA(cmsg); + } + } + + if (!res->pidfd) { + log_err("CMSG parse: SCM_PIDFD not found"); + return 1; + } + + if (!res->ucred) { + log_err("CMSG parse: SCM_CREDENTIALS not found"); + return 1; + } + + return 0; +} + static int cmsg_check(int fd) { struct msghdr msg =3D { 0 }; - struct cmsghdr *cmsg; + struct cmsg_data res; struct iovec iov; - struct ucred *ucred =3D NULL; int data =3D 0; char control[CMSG_SPACE(sizeof(struct ucred)) + CMSG_SPACE(sizeof(int))] =3D { 0 }; - int *pidfd =3D NULL; pid_t parent_pid; int err; =20 @@ -158,53 +210,99 @@ static int cmsg_check(int fd) return 1; } =20 - for (cmsg =3D CMSG_FIRSTHDR(&msg); cmsg !=3D NULL; - cmsg =3D CMSG_NXTHDR(&msg, cmsg)) { - if (cmsg->cmsg_level =3D=3D SOL_SOCKET && - cmsg->cmsg_type =3D=3D SCM_PIDFD) { - if (cmsg->cmsg_len < sizeof(*pidfd)) { - log_err("CMSG parse: SCM_PIDFD wrong len"); - return 1; - } + /* send(pfd, "x", sizeof(char), 0) */ + if (data !=3D 'x') { + log_err("recvmsg: data corruption"); + return 1; + } =20 - pidfd =3D (void *)CMSG_DATA(cmsg); - } + if (parse_cmsg(&msg, &res)) { + log_err("CMSG parse: parse_cmsg() failed"); + return 1; + } =20 - if (cmsg->cmsg_level =3D=3D SOL_SOCKET && - cmsg->cmsg_type =3D=3D SCM_CREDENTIALS) { - if (cmsg->cmsg_len < sizeof(*ucred)) { - log_err("CMSG parse: SCM_CREDENTIALS wrong len"); - return 1; - } + /* pidfd from SCM_PIDFD should point to the parent process PID */ + parent_pid =3D + get_pid_from_fdinfo_file(*res.pidfd, "Pid:", sizeof("Pid:") - 1); + if (parent_pid !=3D getppid()) { + log_err("wrong SCM_PIDFD %d !=3D %d", parent_pid, getppid()); + close(*res.pidfd); + return 1; + } =20 - ucred =3D (void *)CMSG_DATA(cmsg); - } + close(*res.pidfd); + return 0; +} + +static int cmsg_check_dead(int fd, int expected_pid) +{ + int err; + struct msghdr msg =3D { 0 }; + struct cmsg_data res; + struct iovec iov; + int data =3D 0; + char control[CMSG_SPACE(sizeof(struct ucred)) + + CMSG_SPACE(sizeof(int))] =3D { 0 }; + pid_t client_pid; + struct pidfd_info info =3D { + .mask =3D PIDFD_INFO_EXIT, + }; + + iov.iov_base =3D &data; + iov.iov_len =3D sizeof(data); + + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D control; + msg.msg_controllen =3D sizeof(control); + + err =3D recvmsg(fd, &msg, 0); + if (err < 0) { + log_err("recvmsg"); + return 1; } =20 - /* send(pfd, "x", sizeof(char), 0) */ - if (data !=3D 'x') { + if (msg.msg_flags & (MSG_TRUNC | MSG_CTRUNC)) { + log_err("recvmsg: truncated"); + return 1; + } + + /* send(cfd, "y", sizeof(char), 0) */ + if (data !=3D 'y') { log_err("recvmsg: data corruption"); return 1; } =20 - if (!pidfd) { - log_err("CMSG parse: SCM_PIDFD not found"); + if (parse_cmsg(&msg, &res)) { + log_err("CMSG parse: parse_cmsg() failed"); return 1; } =20 - if (!ucred) { - log_err("CMSG parse: SCM_CREDENTIALS not found"); + /* + * pidfd from SCM_PIDFD should point to the client_pid. + * Let's read exit information and check if it's what + * we expect to see. + */ + if (ioctl(*res.pidfd, PIDFD_GET_INFO, &info)) { + log_err("%s: ioctl(PIDFD_GET_INFO) failed", __func__); + close(*res.pidfd); return 1; } =20 - /* pidfd from SCM_PIDFD should point to the parent process PID */ - parent_pid =3D - get_pid_from_fdinfo_file(*pidfd, "Pid:", sizeof("Pid:") - 1); - if (parent_pid !=3D getppid()) { - log_err("wrong SCM_PIDFD %d !=3D %d", parent_pid, getppid()); + if (!(info.mask & PIDFD_INFO_EXIT)) { + log_err("%s: No exit information from ioctl(PIDFD_GET_INFO)", __func__); + close(*res.pidfd); return 1; } =20 + err =3D WIFEXITED(info.exit_code) ? WEXITSTATUS(info.exit_code) : 1; + if (err !=3D CHILD_EXIT_CODE_OK) { + log_err("%s: wrong exit_code %d !=3D %d", __func__, err, CHILD_EXIT_CODE= _OK); + close(*res.pidfd); + return 1; + } + + close(*res.pidfd); return 0; } =20 @@ -291,6 +389,24 @@ static void fill_sockaddr(struct sock_addr *addr, bool= abstract) memcpy(sun_path_buf, addr->sock_name, strlen(addr->sock_name)); } =20 +static int sk_enable_cred_pass(int sk) +{ + int on =3D 0; + + on =3D 1; + if (setsockopt(sk, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on))) { + log_err("Failed to set SO_PASSCRED"); + return 1; + } + + if (setsockopt(sk, SOL_SOCKET, SO_PASSPIDFD, &on, sizeof(on))) { + log_err("Failed to set SO_PASSPIDFD"); + return 1; + } + + return 0; +} + static void client(FIXTURE_DATA(scm_pidfd) *self, const FIXTURE_VARIANT(scm_pidfd) *variant) { @@ -299,7 +415,6 @@ static void client(FIXTURE_DATA(scm_pidfd) *self, struct ucred peer_cred; int peer_pidfd; pid_t peer_pid; - int on =3D 0; =20 cfd =3D socket(AF_UNIX, variant->type, 0); if (cfd < 0) { @@ -322,14 +437,8 @@ static void client(FIXTURE_DATA(scm_pidfd) *self, child_die(); } =20 - on =3D 1; - if (setsockopt(cfd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on))) { - log_err("Failed to set SO_PASSCRED"); - child_die(); - } - - if (setsockopt(cfd, SOL_SOCKET, SO_PASSPIDFD, &on, sizeof(on))) { - log_err("Failed to set SO_PASSPIDFD"); + if (sk_enable_cred_pass(cfd)) { + log_err("sk_enable_cred_pass() failed"); child_die(); } =20 @@ -340,6 +449,12 @@ static void client(FIXTURE_DATA(scm_pidfd) *self, child_die(); } =20 + /* send something to the parent so it can receive SCM_PIDFD too and valid= ate it */ + if (send(cfd, "y", sizeof(char), 0) =3D=3D -1) { + log_err("Failed to send(cfd, \"y\", sizeof(char), 0)"); + child_die(); + } + /* skip further for SOCK_DGRAM as it's not applicable */ if (variant->type =3D=3D SOCK_DGRAM) return; @@ -398,7 +513,13 @@ TEST_F(scm_pidfd, test) close(self->server); close(self->startup_pipe[0]); client(self, variant); - exit(0); + + /* + * It's a bit unusual, but in case of success we return non-zero + * exit code (CHILD_EXIT_CODE_OK) and then we expect to read it + * from ioctl(PIDFD_GET_INFO) in cmsg_check_dead(). + */ + exit(CHILD_EXIT_CODE_OK); } close(self->startup_pipe[1]); =20 @@ -421,9 +542,17 @@ TEST_F(scm_pidfd, test) ASSERT_NE(-1, err); } =20 - close(pfd); waitpid(self->client_pid, &child_status, 0); - ASSERT_EQ(0, WIFEXITED(child_status) ? WEXITSTATUS(child_status) : 1); + /* see comment before exit(CHILD_EXIT_CODE_OK) */ + ASSERT_EQ(CHILD_EXIT_CODE_OK, WIFEXITED(child_status) ? WEXITSTATUS(child= _status) : 1); + + err =3D sk_enable_cred_pass(pfd); + ASSERT_EQ(0, err); + + err =3D cmsg_check_dead(pfd, self->client_pid); + ASSERT_EQ(0, err); + + close(pfd); } =20 TEST_HARNESS_MAIN --=20 2.43.0