From nobody Wed Oct 8 00:25:47 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 320772BEC42 for ; Thu, 3 Jul 2025 22:23:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581417; cv=none; b=n6L8C17G54+spcMRI+USapYiYTJJ9HpKMzrzPk+XhxyZiSE4MKXqySpzKZhpLEcCR67xIQIvE5gcFlZbXUKuXvVlxrA66eUu2Gc45MrLCHCyHvq/M6kaM9fqLm9uyxaSuEj++DWaX30P5yghtsPOIE/Gv9nAPb4JFeG/SZ4+c4w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581417; c=relaxed/simple; bh=Lbn8rzjh7RE6O7oYUHPkiHveEVz+1OAXcJd7WAjkpP4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=oiSGtVDr4NpU6CPDwdpIQIwUNupriQG4h0O/1fMWfp8bEuCeNInX0I/sFuoDO8hAX7nnRJXp++0YK5HRIM7UTEdAhrPi7JS5uqE8WVwvRlyrGNwvBXJXaAzMJ3JjWoobJ3VJDcap8K6wy9PANBCub0e3jGf4an6dfooZjcSnsFM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=htirf0KN; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="htirf0KN" Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id C797D3F69A for ; Thu, 3 Jul 2025 22:23:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751581413; bh=d+q77i3nRFEpD8HnFtkd3zMitsksPFCi2UIIvgg4IUI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=htirf0KN0MCNmKPE9PPRWYrxYXWUdzA3b1NAnKVuJeWUpnHRajtqnx5MxMGXQQcCN IH6Um7CqU7dyevNw7X304HUN+fDC0GdzQYYcOeYG3aIwrRahc/vY9+WJKvZOFR4vY3 t1b1/V6XEpYPl3SCeGLJ/H53YYnCsZAhtFjuMYh6O2FxQ3xtMHP+dvKPXKEX4guXyF hOovgIUiycSG33CIGysMnHNMqWuhZZShHYIajHd0EPfar99GAeruRCectjpZePiPQr T4gtQoMcRcoc9BLCSNHe/kchA7sPj3Ca1XeVVKTNBcYLqmlsf+31I+XalR0ioVUmF2 BarI5sliH24CA== Received: by mail-ed1-f69.google.com with SMTP id 4fb4d7f45d1cf-60c4d1b0aa4so231857a12.3 for ; Thu, 03 Jul 2025 15:23:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751581412; x=1752186212; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=d+q77i3nRFEpD8HnFtkd3zMitsksPFCi2UIIvgg4IUI=; b=hVeFwCcZw2Yg1myv4kTt6T9Bo5uUgsy8dXIrv0yCP3d01bOpBrjo7jTeMqIJh+2QyW EnpEG06VPOMQtga082G7XgBRPuAEb/j7Y9QOPJkspOYe+gR4covAnCbogB6kgsDumX0p JHEJvWtCLbcaimVC6ODD/r1NWZuiHnn+MvMCboNRrY0itlimBTpO+vE21BvoMERpm8bQ lblbkF4vf+4tfAT26mcXP3Cgn51Vc4CVKXxZAv7UoidCNVMc0xBETXHHKIXTOc8o3xA8 l55FJdpJexzXHCebZo0YGC9lDgYpjRkSrTCj14DPAt8GHOHf9bK4QXlxIKyQlUIwivox 0a0g== X-Forwarded-Encrypted: i=1; AJvYcCVHhZaaicZm8dcUdtNqHTQCYOVoVQwqL+6HoVb3Ds7KwRXWFz4uZe2CkIwAySfNaakrKhOBO2drAiYOeRk=@vger.kernel.org X-Gm-Message-State: AOJu0YxeiKnOEmk+OB4Ep3bIJ0a3FaIB4qxlpe0WwQky7eq73Upw3bHH 49yTvKne1uSDecEy9DpOVgL4r2AhkDPngwFEhp3RtFnZqRnxIaubKNVYs9DtL81pF3y7U5Ow4CX ws55FxFE7rqZI8ZkcgwKJ2X4j8+wCcnqNx832uK4aMVj0sG2QWRxDX9vuxbHmnY0u9hDlE2nPVV nlQEjRmQ== X-Gm-Gg: ASbGnctzjfxZ2Jw1lPoO32AuP0/s03yVC/lG3TNq1GleZIKoSdqcWgigmhUdaOmwA/n apgkmQlCiNY57f0c6GshDa+RKeclI5JA5mMmknhWkGKqxn2f5b49Kg6Z6ZVBwIxHsUzCPj3spBF S+hAAMKbkSWVLT8DW4SoGzm7CwO6oZdHGiQ4jQms0WwnSybRsyxB/XCE6VqalYldKYkbyT9m7xa SBc66ymCl0Im8i0iYOpzBR6HS5V2SjyfIaQM18nswWKiM9l47cJKMLlrswO4TMvZvM/JSAKMkh7 9tAspWwE2JxpfSoai7TdxyJqf5oSC+Xq07tzN9dWhE7qohdP6g== X-Received: by 2002:aa7:d30a:0:b0:5fb:c126:12c9 with SMTP id 4fb4d7f45d1cf-60fd349286emr215849a12.25.1751581412239; Thu, 03 Jul 2025 15:23:32 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF2biFnz5cfZv+nKonKT6km6Pn1oWt1Ka0vI4ItopUUTWrSplmT7pd4QPU+o3096hXMOVXGkw== X-Received: by 2002:aa7:d30a:0:b0:5fb:c126:12c9 with SMTP id 4fb4d7f45d1cf-60fd349286emr215827a12.25.1751581411805; Thu, 03 Jul 2025 15:23:31 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-60fcb1fb083sm355164a12.62.2025.07.03.15.23.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Jul 2025 15:23:31 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@google.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next v3 1/7] af_unix: rework unix_maybe_add_creds() to allow sleep Date: Fri, 4 Jul 2025 00:23:05 +0200 Message-ID: <20250703222314.309967-2-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> References: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" As a preparation for the next patches we need to allow sleeping in unix_maybe_add_creds() and also return err. Currently, we can't do that as unix_maybe_add_creds() is being called under unix_state_lock(). There is no need for this, really. So let's move call sites of this helper a bit and do necessary function signature changes. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Reviewed-by: Kuniyuki Iwashima --- v2: - fixed kdoc for unix_maybe_add_creds() [ thanks to Kuniyuki's review ] --- net/unix/af_unix.c | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 129388c309b0..fba50ceab42b 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1955,21 +1955,30 @@ static int unix_scm_to_skb(struct scm_cookie *scm, = struct sk_buff *skb, bool sen return err; } =20 -/* +/** + * unix_maybe_add_creds() - Adds current task uid/gid and struct pid to sk= b if needed. + * @skb: skb to attach creds to. + * @sk: Sender sock. + * @other: Receiver sock. + * * Some apps rely on write() giving SCM_CREDENTIALS * We include credentials if source or destination socket * asserted SOCK_PASSCRED. + * + * Return: On success zero, on error a negative error code is returned. */ -static void unix_maybe_add_creds(struct sk_buff *skb, const struct sock *s= k, - const struct sock *other) +static int unix_maybe_add_creds(struct sk_buff *skb, const struct sock *sk, + const struct sock *other) { if (UNIXCB(skb).pid) - return; + return 0; =20 if (unix_may_passcred(sk) || unix_may_passcred(other)) { UNIXCB(skb).pid =3D get_pid(task_tgid(current)); current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid); } + + return 0; } =20 static bool unix_skb_scm_eq(struct sk_buff *skb, @@ -2104,6 +2113,10 @@ static int unix_dgram_sendmsg(struct socket *sock, s= truct msghdr *msg, goto out_sock_put; } =20 + err =3D unix_maybe_add_creds(skb, sk, other); + if (err) + goto out_sock_put; + restart: sk_locked =3D 0; unix_state_lock(other); @@ -2212,7 +2225,6 @@ static int unix_dgram_sendmsg(struct socket *sock, st= ruct msghdr *msg, if (sock_flag(other, SOCK_RCVTSTAMP)) __net_timestamp(skb); =20 - unix_maybe_add_creds(skb, sk, other); scm_stat_add(other, skb); skb_queue_tail(&other->sk_receive_queue, skb); unix_state_unlock(other); @@ -2256,6 +2268,10 @@ static int queue_oob(struct sock *sk, struct msghdr = *msg, struct sock *other, if (err < 0) goto out; =20 + err =3D unix_maybe_add_creds(skb, sk, other); + if (err) + goto out; + skb_put(skb, 1); err =3D skb_copy_datagram_from_iter(skb, 0, &msg->msg_iter, 1); =20 @@ -2275,7 +2291,6 @@ static int queue_oob(struct sock *sk, struct msghdr *= msg, struct sock *other, goto out_unlock; } =20 - unix_maybe_add_creds(skb, sk, other); scm_stat_add(other, skb); =20 spin_lock(&other->sk_receive_queue.lock); @@ -2369,6 +2384,10 @@ static int unix_stream_sendmsg(struct socket *sock, = struct msghdr *msg, =20 fds_sent =3D true; =20 + err =3D unix_maybe_add_creds(skb, sk, other); + if (err) + goto out_free; + if (unlikely(msg->msg_flags & MSG_SPLICE_PAGES)) { skb->ip_summed =3D CHECKSUM_UNNECESSARY; err =3D skb_splice_from_iter(skb, &msg->msg_iter, size, @@ -2399,7 +2418,6 @@ static int unix_stream_sendmsg(struct socket *sock, s= truct msghdr *msg, goto out_free; } =20 - unix_maybe_add_creds(skb, sk, other); scm_stat_add(other, skb); skb_queue_tail(&other->sk_receive_queue, skb); unix_state_unlock(other); --=20 2.43.0 From nobody Wed Oct 8 00:25:47 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C0D782BF3E2 for ; Thu, 3 Jul 2025 22:23:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581420; cv=none; b=eElIE/cW4pphtGyQGrcbb3vXEDj0t1Ut0oi8dXcDay/GvZkTx6ME8GVY4F3Fn6eMpysR08IEk0hLIDhxncPhYNWxt59hIBRP2Z4AP1AnQkf9YjbsMCjo62ik1MdmbGBvfZfFRdUbvnHWn/WYmR8vmUtApnAek9SK47v/6pasF5A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581420; c=relaxed/simple; bh=bHvpc94HXYih2FMFgeA+sRP/r2c8MhvpzQoiO5z8z9s=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=DsAY1J2brIUYT3wepZIzF6ILEb4tuRTalLNinnTAq11a5sLAuvtS+MIYrNeETxQ7jnxm09mXPNnURAkA7hDOpj9YBtbPPjKLjWPHJWYlt8kmdYThQ959eoRj8ZBqIeF2+QgPvYL6rbJVA+LtBi5L4lHO+iY+cz17qnZCEMASCbw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=wa3hAirJ; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="wa3hAirJ" Received: from mail-ej1-f72.google.com (mail-ej1-f72.google.com [209.85.218.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id A766F3F919 for ; Thu, 3 Jul 2025 22:23:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751581416; bh=isC54dUAY8UhtPmgzK1RBnnEBnnC6mxj6C9AzalU9ag=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=wa3hAirJ53gNQa8GMigVmLo7QYVtXHD0WVOOWggFAxccEPHiFL1DHwE+xyTe2rnMp mHp3qLWh8Y4JK6iXB69UsDKBRb7moXR/sE4NX/lUd2ohEu6nPrCf5u1xmi4O5uyIjh FipZbnurLhos6LTrV2XGNxAsKXNyntlGE/q5kp/oxb8GeideelVKwSPndRblwWG0Ea BzOiDTqwv/OqL5Ad5bC9KS2fNYHzVf5fo9p1B3qdOLgluwNU2ARAlUI8zWH/XPzndW O2kZa/Vxr65MB+GpLd4IWJ5PdV2F9BxClXwaTIZl3Ia+Sv8/N/vvRHfuY/9q7z6073 uwNMuFEXqN/JQ== Received: by mail-ej1-f72.google.com with SMTP id a640c23a62f3a-ae066127959so29201866b.2 for ; Thu, 03 Jul 2025 15:23:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751581416; x=1752186216; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=isC54dUAY8UhtPmgzK1RBnnEBnnC6mxj6C9AzalU9ag=; b=h7zuWj/J4qCFFfBkXV5mlRB+towbrEangVJOlH8jTy5hADq5M858hAJIbrldFJDys0 aqpmr7FQ6MCV3AlfUCGo3LlzmVGtE5ZybHF46cHRWdzie6kdYCdHaMMA6R46V9h+SYAr mSNeoqNRGfCoVtKj5HS7ivM67KgLhfeGUF2n9NXrPggmPQ3vCZ5szcrPmmED18tuy42+ t0eAENtTMw0Dz2k+npgt8NGDUAqLN+XIdQTNzvOFUTswuMCEprf9wQ3BOiC1aMiI64rP 8vgjq1ApeONUtVgbYRur+XM4u7OAsUZuXTQUfMD7rwFVqMb64PVJjZiTaNEWd8N4rWfa N4ew== X-Forwarded-Encrypted: i=1; AJvYcCW/yoXfufzHMCn29tRgLXyRgtZ+Vd206eGzS1Lyjn+KaZaFUJQXmaIck7OtRXfSagy0vzwjx+kAFDVqajw=@vger.kernel.org X-Gm-Message-State: AOJu0Yy6/XsY3HmFdxqiFmp8CuiaI/Ak12pdaETargrPt8hRkxQzpVPN pZdNjcFh+yjAGwmeRmx/4D0bR+//pb0ma7SRHaF6O/0R0Fr4cJsVS61RVNhVqMa4nKfi2Md4Qlh iFVp67cX+vU7X66i8dL58+7Y3n3/2SDmMVpGYnyH4cKr+ABeTxvBsEBUJ3vERoNr+DmfSu6yjkt sbJoPSbA== X-Gm-Gg: ASbGncuG+kubF7K+GzldKWFOuXnqqxATBOPZYsOCBWwgAutwJz6vOEgHOWbV+UCoZHp 6YEa8gPf4XZ5JwDaJWjMLxpAHlPde5sXLxnvzXHEhfX+4+MoEvBMRc0PZFR16HfXmLZtgWmhZB6 c8y2G5v8zDilTWME6h8M4ZHYecEqeYhc65CLBWlo9nQJwjFDjkRBh+lnm+jKuq/qdYW1zn0oyrN 00J9QcmIFBxrJa0GCINuIZvA7U8ExcGMhdOYkOlEw2Zu7HwcFooviFCXvUMmr0eIxS3sgZfp9PO 0HhCm/CG5F4at6XKjIFxuIP2CLo+6u/Pw69dfb5yyu5RZEgLXw== X-Received: by 2002:a50:d690:0:b0:602:ddbe:480f with SMTP id 4fb4d7f45d1cf-60fd2f9d71amr169526a12.9.1751581416182; Thu, 03 Jul 2025 15:23:36 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGikx8qQxNwagCh+XgkCJ/7+ysM2PBsMOnRMyCiFbXNruisPLa18BsRHMovC3NS4od+dFHc9w== X-Received: by 2002:a50:d690:0:b0:602:ddbe:480f with SMTP id 4fb4d7f45d1cf-60fd2f9d71amr169501a12.9.1751581415803; Thu, 03 Jul 2025 15:23:35 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-60fcb1fb083sm355164a12.62.2025.07.03.15.23.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Jul 2025 15:23:35 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@google.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next v3 2/7] af_unix: introduce unix_skb_to_scm helper Date: Fri, 4 Jul 2025 00:23:06 +0200 Message-ID: <20250703222314.309967-3-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> References: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Instead of open-coding let's consolidate this logic in a separate helper. This will simplify further changes. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Kuniyuki Iwashima Reviewed-by: Christian Brauner --- net/unix/af_unix.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index fba50ceab42b..df2174d9904d 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1955,6 +1955,12 @@ static int unix_scm_to_skb(struct scm_cookie *scm, s= truct sk_buff *skb, bool sen return err; } =20 +static void unix_skb_to_scm(struct sk_buff *skb, struct scm_cookie *scm) +{ + scm_set_cred(scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid); + unix_set_secdata(scm, skb); +} + /** * unix_maybe_add_creds() - Adds current task uid/gid and struct pid to sk= b if needed. * @skb: skb to attach creds to. @@ -2565,8 +2571,7 @@ int __unix_dgram_recvmsg(struct sock *sk, struct msgh= dr *msg, size_t size, =20 memset(&scm, 0, sizeof(scm)); =20 - scm_set_cred(&scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid); - unix_set_secdata(&scm, skb); + unix_skb_to_scm(skb, &scm); =20 if (!(flags & MSG_PEEK)) { if (UNIXCB(skb).fp) @@ -2951,8 +2956,7 @@ static int unix_stream_read_generic(struct unix_strea= m_read_state *state, break; } else if (unix_may_passcred(sk)) { /* Copy credentials */ - scm_set_cred(&scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid); - unix_set_secdata(&scm, skb); + unix_skb_to_scm(skb, &scm); check_creds =3D true; } =20 --=20 2.43.0 From nobody Wed Oct 8 00:25:47 2025 Received: from smtp-relay-internal-0.canonical.com (smtp-relay-internal-0.canonical.com [185.125.188.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7B7212BFC80 for ; Thu, 3 Jul 2025 22:23:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.122 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581424; cv=none; b=GGcXyVpRWQCiPTjv/bXWZP2D7X0FrRHrLCIrMbs0nua1KhehmNLw5p4qXk08dhS6vV7GOtEsHH9GKv3mMsmbrCgI/Gx1tncuOtBmm+B+qrdS2RXtp1fKUq+wB5TtJk7tHCrinI6SHj5qm6xRWB7hFZ153wW0A/OORiJGYS3f3u8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581424; c=relaxed/simple; bh=q9/jOSjyT1JUfp0m+BaSbGkJjs337jxDbjZaMjfYv1k=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ZKxDZTSxa1B+ZnSo4XOEiGyiBbF2lbmJxXVwF9GUxUDN2uO3NIqZlstlz1HSgp1VIQ68kKyeBbXauplV/uu+MzQ+US3viXJmZ4jjVi4FdJ+c0eUhov6+3LIx8inbY5gfcQxWnxGqrr2TPq1jhvfokWlqpR5iclvFycJVemSIUy8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=XMXjfvPj; arc=none smtp.client-ip=185.125.188.122 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="XMXjfvPj" Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id 7C2763F691 for ; Thu, 3 Jul 2025 22:23:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751581420; bh=UkV0lOybHc8xNe3mREp2vR+oZ1mEEwdktMK0oaj57as=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XMXjfvPjObmS9WqpMs/gKoccr1Xa8wQ2OiNkDLjBcot4JgKlpmocFuyNveaSfdZIX wSyiIIaxI28ELKiJ1JT2oFw49cSY5YvPm+deK/DbcC7pj97jGUQk8p762f1UMQ1+z3 cQ8z3svjdHivMdkP7OnbmVfRxWYW4hJ6z8vn6Ihj2lLJmEIE5S7w+FsEMDd2Z/xIJ7 6xyrQm69q2SAHMMTme9hWDl3WPnh473GZIzbf7un+JLyDgee5l94sltYnL59rYOJcR +C1MzMqVYiVTcmKQ4HEXKJY0c544zJiwhfpkfPmAvu2cpWliqvMnn6ycCqk278a3em Nt6IFgVgWWfAQ== Received: by mail-ed1-f72.google.com with SMTP id 4fb4d7f45d1cf-60c5ed14785so222637a12.0 for ; Thu, 03 Jul 2025 15:23:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751581420; x=1752186220; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UkV0lOybHc8xNe3mREp2vR+oZ1mEEwdktMK0oaj57as=; b=fRGkxFCMEpFI8cHZw+JjxGpUU7ZZ1ZEbDoh8qusdzZb2pnR+xrSbkRwJZQFbsMbR/B 9d3c8ueyBJtZB9hLtW6791StwX52SnD49W8U/x3f+Ep7mhnnb1mRdNZy9hsBOCqHBU9H sorgIw6V2OhfhruYxxx3PLAbklZE8SM9V1rukvhHOZCYB3IuzlU0abpITpCHhadCfetA 3TRg7e7MQ6YzVcHGIsJBXKgES9vr5AtyF88wZ4Qsklo4hs5+GVNdtXYzfDLGjY+oRsQg 6X8c373iUYRgchOV0xxbBrRBnpHOSHqB6TxAc9P7r5fvvKvI++tYEGafsZGLxqj0K4Hc qArg== X-Forwarded-Encrypted: i=1; AJvYcCVdfJpe1ZVavO/aQwhojXKJJorZYHEF1GglfKXx/ABW61P+aAZDSvsDocN1rN1YDHCvpO7dZee1V3HbSP4=@vger.kernel.org X-Gm-Message-State: AOJu0YwGEWeUwq7RGdivLtK/hNBtKnsK4pL2S8NjlezsxtKBvCNyrU+T Mvy9VgRV+3eC6d9RjcSBmZNejgg8WDP+2zLqj8/S4t3g2yC5bANCZlCT+H4kjg0hDFGbyCrP8fp LYG8zql4mt2jAALLeWyHf2CfAXbdz4HqMDJGHmwCjLybQYU9LjPPV0MPikhBS5rJjrUdeQW8USI l3CYCZTg== X-Gm-Gg: ASbGncvmy5kaCzzuI5O85da0YtbVnztlfTH5NSWaVOwz10vvci+bmUtW4LbBaVw/H4P pKKNLBqDJHPM310PjtI4FzEBQpKDhOeAlPI8rvJAyv1nzmm/4m6HZu9INpqDziNguKn2P3gNCXI 61CAWQV4/rdTrJ3X2NoE2xdEnYqh/ZoLvsgNqwcPB3FdBUWLIVWUSr0OK0T26kZP6Le3fz25k55 Ip4aFX56USO88Cgj7QijYU0JnGS8KWrzT+nMIOVTHW0naYRhbGk+oT3KtaNHhgrs7+I4aRDvAJf MSqa7weHIDwOYBruEsidKtnoQ2JwG74CU6ZEmG/QLzTyhqdVKg== X-Received: by 2002:a05:6402:270a:b0:60c:3a86:e117 with SMTP id 4fb4d7f45d1cf-60fd34c4066mr240798a12.34.1751581419860; Thu, 03 Jul 2025 15:23:39 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFsVWIT2hLZf7Rsbl4BgW3Ot5vlMbIfx1ED7FUqAWluoYqZrsysedET7VaeNcuYTKnjvoKrHg== X-Received: by 2002:a05:6402:270a:b0:60c:3a86:e117 with SMTP id 4fb4d7f45d1cf-60fd34c4066mr240774a12.34.1751581419477; Thu, 03 Jul 2025 15:23:39 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-60fcb1fb083sm355164a12.62.2025.07.03.15.23.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Jul 2025 15:23:39 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@google.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Willem de Bruijn , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next v3 3/7] af_unix: introduce and use scm_replace_pid() helper Date: Fri, 4 Jul 2025 00:23:07 +0200 Message-ID: <20250703222314.309967-4-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> References: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Existing logic in __scm_send() related to filling an struct scm_cookie with a proper struct pid reference is already pretty tricky. Let's simplify it a bit by introducing a new helper. This helper will be extended in one of the next patches. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Willem de Bruijn Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Kuniyuki Iwashima --- v2: - don't do get_pid() in __scm_replace_pid() [ as Kuniyuki suggested ] - move __scm_replace_pid() from scm.h to scm.c [ as Kuniyuki suggested ] v3: - rename __scm_replace_pid() to scm_replace_pid() [ as Kuniyuki suggested ] --- net/core/scm.c | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/net/core/scm.c b/net/core/scm.c index 0225bd94170f..045ab5bdac7d 100644 --- a/net/core/scm.c +++ b/net/core/scm.c @@ -145,6 +145,16 @@ void __scm_destroy(struct scm_cookie *scm) } EXPORT_SYMBOL(__scm_destroy); =20 +static inline int scm_replace_pid(struct scm_cookie *scm, struct pid *pid) +{ + /* drop all previous references */ + scm_destroy_cred(scm); + + scm->pid =3D pid; + scm->creds.pid =3D pid_vnr(pid); + return 0; +} + int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie = *p) { const struct proto_ops *ops =3D READ_ONCE(sock->ops); @@ -189,15 +199,21 @@ int __scm_send(struct socket *sock, struct msghdr *ms= g, struct scm_cookie *p) if (err) goto error; =20 - p->creds.pid =3D creds.pid; if (!p->pid || pid_vnr(p->pid) !=3D creds.pid) { struct pid *pid; err =3D -ESRCH; pid =3D find_get_pid(creds.pid); if (!pid) goto error; - put_pid(p->pid); - p->pid =3D pid; + + /* pass a struct pid reference from + * find_get_pid() to scm_replace_pid(). + */ + err =3D scm_replace_pid(p, pid); + if (err) { + put_pid(pid); + goto error; + } } =20 err =3D -EINVAL; --=20 2.43.0 From nobody Wed Oct 8 00:25:47 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4ECCE2882C5 for ; Thu, 3 Jul 2025 22:23:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581431; cv=none; b=skbsHKx9sijRcgTatgW7rKmPZ2CvDp8HgQGZT30JL25aXAFYuUZt/P1m1uNwf+v1yfyZuRgrQgeJUGf7NTYvHmrIRFiInODTT4Ict2QQAEdHQAn6AFFug7mfGmTY54gbrDFttl/84qqspSwo/wJd+DOB/DYVAzo+QXQ9NaBo41Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581431; c=relaxed/simple; bh=QD++eQ0mdA3X9osAOwOaccdl8io/UixGrQb/zmCK6Z8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XOUvQPS10itVmWSgBG8cH9YSS3pRpB1PYUR+YPGIlMssZksfr3d6vrn6rW9aMMAqXkEj02dVY9tTo9b/fSkzlPnmK9BvLtfkCmCXOJEYMeRudUQj+Bhqm+6nCPsI6vihEKqFo/PBYERCeF0d7ZuoGiJNZ2GKXunzUzx4h+2sfiI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=dKRP991i; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="dKRP991i" Received: from mail-ej1-f69.google.com (mail-ej1-f69.google.com [209.85.218.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 67DCA3F84A for ; Thu, 3 Jul 2025 22:23:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751581426; bh=5uSoGMqL3ZtB0VgpeBJZUFVBttzjqZO2/y9STyu6+9U=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=dKRP991iaozc0KwsKK/4QmfrZwgSqdBQJT3fVfIQLrzaFcgWQH43FnaWmuXkeTvt/ s6k8TbojTt+XzRl9Xi3llAQdKbwx3Rx/++jN9crWSkg58nwyaz9ioKPlu0uOgCt8Vm lwEl6qqyew0WWjUsMg0XWGT9jhEnTUG+QKFJhxm5gwUO4Y44DO9PK6nl4trdsBBIql vk3uE/jpXBfoUWW7fjYLKhqODA3NyDqwp4d1nO0wx54ZqPzdR4SCiL2ecE7Ofy1rrr 5Du1jtkbgh+jIaQajI1YsCbVyqYVi5tpgLFMQsk8BS8K81WZ3MG9k9Qz/gEWf73tZu VeS09JCNMYprw== Received: by mail-ej1-f69.google.com with SMTP id a640c23a62f3a-acb94dbd01fso31501666b.1 for ; Thu, 03 Jul 2025 15:23:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751581423; x=1752186223; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5uSoGMqL3ZtB0VgpeBJZUFVBttzjqZO2/y9STyu6+9U=; b=UOvmnZFgtOtRrzc7/t96VfC4I8UGOCjvNXYyRf5/kKyOot8bOtUX6J2oPnzBISRH4L fcDB123pZJy7qtKOtSCswoLkMK8MzppZ8+Tg5u0eIjvm9D/kLnBMLs9ESJW9Ujw6u17C VZKX3+xcdnTY6MMuDZrbdPJrA2NoRKMbfstG3t841yXWFriG/3UsOjfLqQ1v8G3d5YGK RdBfXXPNr5JE1nkxyzoN3/gwERIxa68luipqg3JHv5Gv+KNA0dbAPfbpp3YNJBeDQQ5s Rb71NCl9czFWJx4ryV4scQVKp3qfxHqd9AAV3sV8I4aWyH4Imu4OjwYssyiNx2r1AOa2 8wAg== X-Forwarded-Encrypted: i=1; AJvYcCUnPBK2Et6LHK0gvPjBeCVkJ4+BiundjFmsMaHkkZHulsQMr0zMhx0rCePBgu05Ax/gZM17UZNWtolBfoY=@vger.kernel.org X-Gm-Message-State: AOJu0YzjLbX1XmPCeAH0vKgDKj+LGVQM/XiGtaApy2wGuGmF16sQrcUV JX1eN7judjRV6fqUGJjChy979WH4dZhW1G8SmzIUn2QSF8ivtO5L2LzojaCKRs2g2zwg1fC3R0J Zw1tqctJEM66DroSujU6OkwIW2OQEJgaRTkbXNfBs1pPeAELhqrE7B56m3HOg6M4kP/0KTQ7JV3 x3tViVCA== X-Gm-Gg: ASbGncsAxOqMI35s/ECM9T3Fsbd7mw6FP+oyFkhKT0LjiLiZIwniqSnvZxxezOLOmVt MZHtyO/94F+juMKWb5GGvv8edSu3/2R4HTF0saKOvhRE5ZwgCxXjba+A63uVaf08g+ju891Cmus rTgXRIaOZwbug+rovVBqkW2l+UFzH8wed4gTWlrRLaGYWIwbPBU3D4gg2M8pm3tH6K/PWIPJFe9 yGaNZKpWeFxQs5P1utqU+BIWU5LKPbnl/HdLDHxV6FS1Z2Fk+kfZPTaon5NJI4sgGvT2gRmyEpK y8cLHbJN0tJWKJxj6uBSyfnNV/zPVgq2l7sYpKw/DNXh4Sy4fw== X-Received: by 2002:a17:907:d93:b0:ae3:61e8:c6a8 with SMTP id a640c23a62f3a-ae3fba363a1mr24997866b.0.1751581422798; Thu, 03 Jul 2025 15:23:42 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFBHhw9D3yJgbkNuNyxC4DptnT1/9dBd4TzRzY6hn1dbib2RfP84YGYMXyfTs/CHXFSD4vppg== X-Received: by 2002:a17:907:d93:b0:ae3:61e8:c6a8 with SMTP id a640c23a62f3a-ae3fba363a1mr24995366b.0.1751581422377; Thu, 03 Jul 2025 15:23:42 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-60fcb1fb083sm355164a12.62.2025.07.03.15.23.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Jul 2025 15:23:42 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@google.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next v3 4/7] af_unix/scm: fix whitespace errors Date: Fri, 4 Jul 2025 00:23:08 +0200 Message-ID: <20250703222314.309967-5-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> References: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Fix whitespace/formatting errors. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Kuniyuki Iwashima --- v3: - this commit introduced [ as Kuniyuki suggested ] --- include/net/scm.h | 4 ++-- net/unix/af_unix.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/net/scm.h b/include/net/scm.h index 84c4707e78a5..c52519669349 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -69,7 +69,7 @@ static __inline__ void unix_get_peersec_dgram(struct sock= et *sock, struct scm_co static __inline__ void scm_set_cred(struct scm_cookie *scm, struct pid *pid, kuid_t uid, kgid_t gid) { - scm->pid =3D get_pid(pid); + scm->pid =3D get_pid(pid); scm->creds.pid =3D pid_vnr(pid); scm->creds.uid =3D uid; scm->creds.gid =3D gid; @@ -78,7 +78,7 @@ static __inline__ void scm_set_cred(struct scm_cookie *sc= m, static __inline__ void scm_destroy_cred(struct scm_cookie *scm) { put_pid(scm->pid); - scm->pid =3D NULL; + scm->pid =3D NULL; } =20 static __inline__ void scm_destroy(struct scm_cookie *scm) diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index df2174d9904d..323e4fc85d4b 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1929,7 +1929,7 @@ static void unix_destruct_scm(struct sk_buff *skb) struct scm_cookie scm; =20 memset(&scm, 0, sizeof(scm)); - scm.pid =3D UNIXCB(skb).pid; + scm.pid =3D UNIXCB(skb).pid; if (UNIXCB(skb).fp) unix_detach_fds(&scm, skb); =20 --=20 2.43.0 From nobody Wed Oct 8 00:25:47 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F13D629344F for ; Thu, 3 Jul 2025 22:23:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581433; cv=none; b=gICRGm8mWVdyvGlZbMY+7TKpTuFWGzhcIMPrDUL9Z6QQMzwrEIHY6MUHT/NZN+xYPXXvblsrz76Tb+zVn9C8Lfo6xZ1AnhQ6KYXwYPLiYpVOXOhIJ//aEqbYW1v89kYDM4x+F2fS73iDyuCO2MO2QZRP0Raf5kf4pK2BDvYu7D4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581433; c=relaxed/simple; bh=Gn7W5P0APLN41EFikXwUV5T0T3M9B52pVgzplH3HA2w=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=P/i2u/7dJQWIkArPQgDp5W9JRPW4fmv2j5oo2jnl5M7ZaoxQUMYqQQ6va4mZiqlTPl2FlRbVADdhfl4vz0W9jgYsfS8XcHSKg/nI+CWnBSczbHzX2+2nseN9OY/2qlvsBbT5erKzTKgYZ75mLHG3cPoY3zWn0W3Vv97jMmpHYho= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=VRD4BYpQ; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="VRD4BYpQ" Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 9FCA23F944 for ; Thu, 3 Jul 2025 22:23:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751581429; bh=RPCya3yNT0z68V2C/y3Kyp31HeP4GdNlj4LTMqhXVPM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VRD4BYpQhOEO7E7rbB3JvqTekYmY1KAvyYMpYwOqH/TCU3Nw3PEjBZrwOUjGl21q4 iDieDaSLAMploLK6sVz+ono/ApL4rWq+kzwGDcQe5WFSJUVUGmm7O+55WVZPGpyBWR Ar5wBkBL4zHtmXFHrOTRrptaEIg7EsSnk9nmVyJMwFCq2bgwRf9aSBPPR+CR+njm/W TbZwAHAs0aID688XnkHqK5fZY4f9zR9PE16GTMrgDnC6hc1crAvz7uooF9Drb+GieT 35OEEGkbZiXjfWBvscYMHqP1CIQHqHdhNLX+eyGrgqhpPRWv3jjTx2ga7FmQ1cszt7 gg8G9HCl0nhuQ== Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-6085b0265c5so265553a12.2 for ; Thu, 03 Jul 2025 15:23:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751581427; x=1752186227; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RPCya3yNT0z68V2C/y3Kyp31HeP4GdNlj4LTMqhXVPM=; b=LQEdgpVArWIkkVqOArSdxKkAYk84pwLyumdjRWHLc4BMG1wqCpJhhrqkzylzucPhnA ECzhpfUR6BAtOUeDd8A3zDRWo4fhRiAdtA9jg4DJ1eY6WlYq675tCb6geyPBazw5f9sn 1hC9AQ42Lvm9w3JhI8qhNWtXydhsTNf9BxVGr9Mv9lAUAyyaZ+FYnm3Vk4quz+GFEtyR cMtGu2FEFnmcyxo3Gq+LR7EWQuzG4coovZfRt1PgOTPzvFf+PABRzjLTjEir7kYL0xfY CzEDY1TcZJ+Juoncp9PFDKk8980u/Y1D019svmbs8zc54zFl7q79Rcqaknx/myUi/C2h A60w== X-Forwarded-Encrypted: i=1; AJvYcCXK03IJVgejz7TvyUx9HeIG0f2mJbMHzAyhX3yB7I2+3ObaXSO3gEee+AANX8L5sukp2Bqpn6S0SOs88o0=@vger.kernel.org X-Gm-Message-State: AOJu0Yz8XHZx6FcjqkQuT4iUvqT872SHeaBan3BiIe/PoCpH6BpisIvw 9IIQR4QzDPHrjNtaxVb7/TGNwEyNNGJoLTTv9alfQZoxL2LSjwU0QTcrLwkhE7+x57urJcLzwtH OHkooBQchM9CLjh71cJ1MQiHY37nr/Iy3IJFmZtpV1U5A9XqAb1fFPdcBp79q8xVcKvDOpDrmHU 39DtTSzw== X-Gm-Gg: ASbGnctBjxdkCfcQ5MQ+PRo9Grp+EVf8lYmXblUqy5cND6tFvEsG/9DRP0JOk6BLvHM 2ToPQy+hEs9HWMQqCKqaIEourvFs7ijqAd7Cs5nTL+Tjk1Hp68aAxMTMa5f4fEW2TvxnEmYbl6e QsaY3/VU/xMzjO6FaAHJpDszMW/1DLRj5HrjXHKaG2ycGfc6l7V5lHvi5Z1C3Hk3VvkF50hNm1O qd/2voLdqm7RRYj62f6fzdzUN2rFB9WlignYvlXzDGDjSH++yqHqco7iDEtQOqs1Pd2YIxQPpy9 FWnWtRFTQL9QJnu5r7vsMG6tF+pVbCHKPqOImkYW+jTJ5iZlOw== X-Received: by 2002:a05:6402:4606:b0:60c:461e:7199 with SMTP id 4fb4d7f45d1cf-60fd2fb475bmr206995a12.9.1751581426541; Thu, 03 Jul 2025 15:23:46 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEhYrS4/6WMb2G+ZUHQLTdnePYa7hC/QbuhLVyf8RVZHrcRhQsytyx8CWJVQ2cOge1XHrBWFg== X-Received: by 2002:a05:6402:4606:b0:60c:461e:7199 with SMTP id 4fb4d7f45d1cf-60fd2fb475bmr206975a12.9.1751581426110; Thu, 03 Jul 2025 15:23:46 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-60fcb1fb083sm355164a12.62.2025.07.03.15.23.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Jul 2025 15:23:45 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@google.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg , Willem de Bruijn Subject: [PATCH net-next v3 5/7] af_unix: stash pidfs dentry when needed Date: Fri, 4 Jul 2025 00:23:09 +0200 Message-ID: <20250703222314.309967-6-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> References: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" We need to ensure that pidfs dentry is allocated when we meet any struct pid for the first time. This will allows us to open pidfd even after the task it corresponds to is reaped. Basically, we need to identify all places where we fill skb/scm_cookie with struct pid reference for the first time and call pidfs_register_pid(). Tricky thing here is that we have a few places where this happends depending on what userspace is doing: - [__scm_replace_pid()] explicitly sending an SCM_CREDENTIALS message and specified pid in a numeric format - [unix_maybe_add_creds()] enabled SO_PASSCRED/SO_PASSPIDFD but didn't send SCM_CREDENTIALS explicitly - [scm_send()] force_creds is true. Netlink case, we don't need to touch it. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Kuniyuki Iwashima --- v2: - renamed __skb_set_pid() -> unix_set_pid_to_skb() [ as Kuniyuki suggested= ] - get rid of extra helper (__scm_set_cred()) I've introduced before [ as K= uniyuki suggested ] - s/__inline__/inline/ for functions I touched [ as Kuniyuki suggested ] - get rid of chunk in unix_destruct_scm() with NULLifying UNIXCB(skb).pid = [ as Kuniyuki suggested ] - added proper error handling in scm_send() for scm_set_cred() return valu= e [ found by me during rework ] v3: - don't stash pidfs dentry for netlink case - splited whitespace changes - removed unix_set_pid_to_skb() to simplify changes --- net/core/scm.c | 7 +++++++ net/unix/af_unix.c | 11 ++++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/net/core/scm.c b/net/core/scm.c index 045ab5bdac7d..358a4e04d46c 100644 --- a/net/core/scm.c +++ b/net/core/scm.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include #include @@ -147,9 +148,15 @@ EXPORT_SYMBOL(__scm_destroy); =20 static inline int scm_replace_pid(struct scm_cookie *scm, struct pid *pid) { + int err; + /* drop all previous references */ scm_destroy_cred(scm); =20 + err =3D pidfs_register_pid(pid); + if (unlikely(err)) + return err; + scm->pid =3D pid; scm->creds.pid =3D pid_vnr(pid); return 0; diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 323e4fc85d4b..d52811321fce 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1971,6 +1971,7 @@ static void unix_skb_to_scm(struct sk_buff *skb, stru= ct scm_cookie *scm) * We include credentials if source or destination socket * asserted SOCK_PASSCRED. * + * Context: May sleep. * Return: On success zero, on error a negative error code is returned. */ static int unix_maybe_add_creds(struct sk_buff *skb, const struct sock *sk, @@ -1980,7 +1981,15 @@ static int unix_maybe_add_creds(struct sk_buff *skb,= const struct sock *sk, return 0; =20 if (unix_may_passcred(sk) || unix_may_passcred(other)) { - UNIXCB(skb).pid =3D get_pid(task_tgid(current)); + struct pid *pid; + int err; + + pid =3D task_tgid(current); + err =3D pidfs_register_pid(pid); + if (unlikely(err)) + return err; + + UNIXCB(skb).pid =3D get_pid(pid); current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid); } =20 --=20 2.43.0 From nobody Wed Oct 8 00:25:47 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 66A152BF3CA for ; Thu, 3 Jul 2025 22:24:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581445; cv=none; b=hife9Yfd35cZOLgOcNvLUurz40g1V05Gc5hr+Ns8oWmzrPbjO5fs+ItfLOhXKjbTO51Vrl0NoYgQMl4AKlF1KVFPOJZH5wtHF16uNOsiu2+jhDJ3in/NbbDb3xWr7H1nDTR5qftecp+a3YM8mPlntfVt+Agonlz8ilC+xx9ts1g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581445; c=relaxed/simple; bh=76jAgqwnRdt0PkgsmBh+2CH7T1W71cnmvzvOLXA8MWA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=bopAlHY4EqLJwC7n2IqQbYl7vwm6WYPaBEDT/Xa9ROT4V2IrHHt6RmXfJWr6ptrss2CjNRZS85a8Fn2Uo/E7XbDg/QweVGYgZW/aeDF5BNl6uEVclmvyJHXVaycZ9y8LEEy+ftkt8rucNKBJhRXhncd8y257/5I3Ws3/N+PjQ4A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=a0pjaQ1z; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="a0pjaQ1z" Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 2EE0C3F91A for ; Thu, 3 Jul 2025 22:23:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751581434; bh=VswAsDFL0zNUvK6Slvz23luzH3RQ+gAmm3nQvl/AzzM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=a0pjaQ1zO/IF1H9x2gMbPfmVLk3L/6SWDuNgDaxjwfOntOMKXNc7Yj0rOXNE+GFYY z0eo9KxHBK453Ve6BBZrS+sNV7Z9FvhKfpF460VSlyAMMsJ3g5u/NEVfPb1LLMSmqn 5vwehTQrem1Kxb83UZWXy4TpY5V+LSvLzYAwfPfZ+ARXafEyanUwWmDJ92C7FpQFy0 Q+ofCX6izNPeyozhLbC86oHyX2dzABUnnDqiCHsZDFZ7+g7UlVQyqTvWLNyE8woBll qys9dfpBRwtSJHeQLGdAvvG4NhqE6IeMqx20UH0ka3gTv23Y0aKaj3mIUBCJTo2J9M HLD2YlXbl/t8Q== Received: by mail-ed1-f69.google.com with SMTP id 4fb4d7f45d1cf-606ee65164fso259897a12.1 for ; Thu, 03 Jul 2025 15:23:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751581431; x=1752186231; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VswAsDFL0zNUvK6Slvz23luzH3RQ+gAmm3nQvl/AzzM=; b=ZLuZexKMYcC30tNqn1oUNhyU3feP/gb7+WY6B9Xn+GgMFWXns6htyqAk2tsqUqhpb9 JEJlc3G95gu1hY5t4DiEf8w9atNBvsSFyDeAIEY41C5gyzuHOlnS8yLedvpyQY2OAyTm LeL8VEX7zMp0joqPr6ZcBeWeMh04pDgdK8mGdth5U2Zek4S+0OBvVXhVwN2dayXGee2m nmeQO8cd3XrpWDphbFiMZHUTK4prQ8bTst8RwN3+wll32m4GBdUuZ7zukpDJsfXzQii5 5oA783WuJpFP3fiuSa9LZndslnhwhP8fCQ87m3/I1pQH3rk6buFwqDv0BLbgb6UhlNva jnIA== X-Forwarded-Encrypted: i=1; AJvYcCW3X9hVOPqKEiQXiTefagjd88he4j4Ngn+KuxPfVitc1cJsPQIvULN75B/PhiVnpYWyNLUMG2ogUBW0UTk=@vger.kernel.org X-Gm-Message-State: AOJu0YwvgH7OuEqdrAOuaAbtKbmdwiTEsyduUUmqinzn9EJZMGuG4NEl fD7XmVfnvsY+gGc7DEMAEKSaqfgoOobupJEN/KIpH9T54lRrQuZft7D48HIS4t1xeEdsN44O37X 4aFA8rBGWMwxd/+Z/O+QJSllJfvz9fMJQSTdxkE/KpO8QrJHlbZLMxp7wgmKwhmDuHEuL0u9Vcb 5UFKlBgA== X-Gm-Gg: ASbGnct36UEAoVy3bWbafs/SBwrL6I1nMwApqJ7QwLRk/Oh2z+RKoe1waL1ZidfGeXU 2ZuHo2s49D3slyCpmGNTnq8XuvdraDW41MhaFgh9MAQ4hRLW2KF+BBhVZr5l1ili9LIfi68pe0C 51SMo917hDr4r/OvgQmztuK4SSev8U2LDVKp4bf2kOhXd1KxDURd/P0NO4/Rf5YCuumlzS0jLGr LL9VppgNQQX8LHNWSj274ldhR7ZcSB/VBIi8JAD17fH/IY6+CQdWvArPhI1fQYoGAevk+0Amj5b rfghZibMRE9ECtzuFoTp34s7ntNSM5sPdw3cexqTSFHMFcdvyw== X-Received: by 2002:a05:6402:3588:b0:60c:6a48:8047 with SMTP id 4fb4d7f45d1cf-60fd322483dmr239241a12.11.1751581431514; Thu, 03 Jul 2025 15:23:51 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHFPhWZ0KYGjmFv+0GQApSZDavL8SiqBWwO+aZo2jCUxgX0FmWRVcBX+bYx4jduoymluOqpJA== X-Received: by 2002:a05:6402:3588:b0:60c:6a48:8047 with SMTP id 4fb4d7f45d1cf-60fd322483dmr239220a12.11.1751581431164; Thu, 03 Jul 2025 15:23:51 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-60fcb1fb083sm355164a12.62.2025.07.03.15.23.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Jul 2025 15:23:50 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@google.com Cc: Alexander Mikhalitsyn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Willem de Bruijn , Leon Romanovsky , Arnd Bergmann , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next v3 6/7] af_unix: enable handing out pidfds for reaped tasks in SCM_PIDFD Date: Fri, 4 Jul 2025 00:23:10 +0200 Message-ID: <20250703222314.309967-7-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> References: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now everything is ready to pass PIDFD_STALE to pidfd_prepare(). This will allow opening pidfd for reaped tasks. Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Willem de Bruijn Cc: Leon Romanovsky Cc: Arnd Bergmann Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Reviewed-by: Kuniyuki Iwashima --- net/core/scm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/core/scm.c b/net/core/scm.c index 358a4e04d46c..072d5742440a 100644 --- a/net/core/scm.c +++ b/net/core/scm.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include #include @@ -482,7 +483,7 @@ static void scm_pidfd_recv(struct msghdr *msg, struct s= cm_cookie *scm) if (!scm->pid) return; =20 - pidfd =3D pidfd_prepare(scm->pid, 0, &pidfd_file); + pidfd =3D pidfd_prepare(scm->pid, PIDFD_STALE, &pidfd_file); =20 if (put_cmsg(msg, SOL_SOCKET, SCM_PIDFD, sizeof(int), &pidfd)) { if (pidfd_file) { --=20 2.43.0 From nobody Wed Oct 8 00:25:47 2025 Received: from smtp-relay-internal-1.canonical.com (smtp-relay-internal-1.canonical.com [185.125.188.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A522A2BFC70 for ; Thu, 3 Jul 2025 22:24:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=185.125.188.123 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581443; cv=none; b=retPm5FAq5cd6zBZ+wZ31wIv0VkUsiMqGv7Vdiia0J1eB8CEdbdm0T/CbiKE1X3VA6wTKWCTJjQ9YStNrbqojmK+nDDDQyf2TQUyAk+UNoiEUeGezzGhZTQFfXdXWK5WbJIVJu4neH97WBlcGcRChZbpnIfo+TxuYoB2Yh7663w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1751581443; c=relaxed/simple; bh=sNMgYuRRHDM5tU1JOzxhsMgU93et6+sqxnzyafhvyOg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=abyLCr1eHvequ4v4+YNiisaMH49KrV2q+q7rNUKEtX9JnDqxBMKcqzjm6W+LqgG4ZXJhaCaPX+FpZYCEfvXyMQ6ZzqC9Y0VYxK3zUpgtmRtyqVAZdXvzUxhXz3Sg1M9D7wShn39InH6GUDRW4mRuSXQuTZlEPUTQyo1PrSKyyew= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com; spf=pass smtp.mailfrom=canonical.com; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b=asUeR8TR; arc=none smtp.client-ip=185.125.188.123 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=canonical.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=canonical.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=canonical.com header.i=@canonical.com header.b="asUeR8TR" Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id C9E123F830 for ; Thu, 3 Jul 2025 22:23:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1751581438; bh=3ACJj1pibTp1hDCcnssHwfTz2N2iBLhUH85nRukXflM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=asUeR8TR9GbL1qfkoTTltlOJ8GwlKyU/UcEhMXJduDWZLU9EUweP+fzG6usdxPjXX F+VIEzuw60olVt+ivoeKdzHvPfLbzh3CD+xZDKBkGsU6IG0usxbMWQ4w6xQ3dfhZuv AyQjCOzNkuwNdPLqBlZJG2GJZDXUTzEOghdHHkVI2ut5ncGktigu/N1A4nxr+qBv/G 2bZVAFR58GbvD4mXbijrZJzMYi3zMSyAyAyWXWwtA+Dk5SZW/KUKFLDVkwLCSCQcR8 Dq0yGKI6HO8c7f+xn4fU6/bxAgkYqKHO0s7qeyqVqDDryAK21PvzgcunzjAd81OHF7 py6Ieo5NEHHIg== Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-60c9d8a1701so190680a12.3 for ; Thu, 03 Jul 2025 15:23:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1751581437; x=1752186237; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3ACJj1pibTp1hDCcnssHwfTz2N2iBLhUH85nRukXflM=; b=J8h7NH88CNqbT429ufyiRrjMYY/a9REQHNfG7wNEC6TK1Nwg4sDESNl37RpgMrqw1P 0vZffWiCEH+JnUR+JCFtfxbNogOrUv/MEe0USNguhtOFiBPXotLDH1KPzEfDGwlnFybh 5IKVsYd0O9bkg2mGQmGY/RXZq6l6j/UH70Z81LuK2j0DJ/DhDcV/epzmD6sAabc1kdmh PaiBp58vJRfoIVo/YVwV10/S97D+0mFJmJuum65co+XVEQHBHeZCRyZi/NZssycV6oaD DZT6EQCp14R6dxD7FXGw0prQoi2pwk/6IScOUuC6/EPfdfPx5G77HCP3VEy1cnovA/ay ie+w== X-Forwarded-Encrypted: i=1; AJvYcCVG/mQCWYMdfiCLTEfzx+lYJRI8lmJZLElXGTJ2RagQvDyo7dajb+tayda6qvi4irS9tZfsYIfNUsb95w0=@vger.kernel.org X-Gm-Message-State: AOJu0YwcqiIA2NrqSYBcJlYERg+2TfAvSA0Vxax6emgbwea2tICQSDG0 7mJ+EWdgBcQ0RkYJRXzdzo/P35bYfkDlsddjsW8agVCN35tMnhApWNCaoqm8bF6iC45KbPlvV7q kWOmj9E8gDvUsj5nPscBEvJ5j/bT0f4YESHr2xuDTYBe3+57iF7G7j7/PCV1A1ZydnSzndlTlke pNJ3KNNg== X-Gm-Gg: ASbGncsn0cZiWpLrXnMuGYux2P9cfhtC1lwR24VXYHIT+aZuZ4cUmRsk4Yudp3CDa0F qhGPe5jNjo3n5XN0ilHEXETNHydKGTGe7P8RNJF4S/ksCF4EF/2e+2YUR0KWHU4bXvILoVmhzGh ltfYlXGiblslFVy1SLvOdVzSdWcamPO7P7SAMGKdz4nJWidzRm3o/GcUGG5oUjpiDmeCp8HB16J Ht3u38p1Y5fAAtM3Ns+SuxdAcf+f8kx3ZAIpBqeDuAPERqKowWfPUkaTXozYdf4AA9eKtziFCVk y4mRTOTHCp1xyxQxoLcD8GTqN0yZdPBqiiSdMvKFqKJSzNeV1g== X-Received: by 2002:a05:6402:1e8f:b0:609:b263:41d3 with SMTP id 4fb4d7f45d1cf-60fd35ccd36mr251530a12.32.1751581437566; Thu, 03 Jul 2025 15:23:57 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHGlaGtUtTk/shaqKHwURRpox5xAWe2POPldC6erKPQZ/gqhODJsBfGMjz4VC064N+v+5R1VQ== X-Received: by 2002:a05:6402:1e8f:b0:609:b263:41d3 with SMTP id 4fb4d7f45d1cf-60fd35ccd36mr251502a12.32.1751581437110; Thu, 03 Jul 2025 15:23:57 -0700 (PDT) Received: from amikhalitsyn.lan ([178.24.219.243]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-60fcb1fb083sm355164a12.62.2025.07.03.15.23.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Jul 2025 15:23:56 -0700 (PDT) From: Alexander Mikhalitsyn To: kuniyu@google.com Cc: Alexander Mikhalitsyn , linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, Shuah Khan , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Simon Horman , Christian Brauner , Lennart Poettering , Luca Boccassi , David Rheinsberg Subject: [PATCH net-next v3 7/7] selftests: net: extend SCM_PIDFD test to cover stale pidfds Date: Fri, 4 Jul 2025 00:23:11 +0200 Message-ID: <20250703222314.309967-8-aleksandr.mikhalitsyn@canonical.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> References: <20250703222314.309967-1-aleksandr.mikhalitsyn@canonical.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Extend SCM_PIDFD test scenarios to also cover dead task's pidfd retrieval and reading its exit info. Cc: linux-kselftest@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Cc: Shuah Khan Cc: "David S. Miller" Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: Simon Horman Cc: Christian Brauner Cc: Kuniyuki Iwashima Cc: Lennart Poettering Cc: Luca Boccassi Cc: David Rheinsberg Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner --- .../testing/selftests/net/af_unix/scm_pidfd.c | 217 ++++++++++++++---- 1 file changed, 173 insertions(+), 44 deletions(-) diff --git a/tools/testing/selftests/net/af_unix/scm_pidfd.c b/tools/testin= g/selftests/net/af_unix/scm_pidfd.c index 7e534594167e..37e034874034 100644 --- a/tools/testing/selftests/net/af_unix/scm_pidfd.c +++ b/tools/testing/selftests/net/af_unix/scm_pidfd.c @@ -15,6 +15,7 @@ #include #include =20 +#include "../../pidfd/pidfd.h" #include "../../kselftest_harness.h" =20 #define clean_errno() (errno =3D=3D 0 ? "None" : strerror(errno)) @@ -26,6 +27,8 @@ #define SCM_PIDFD 0x04 #endif =20 +#define CHILD_EXIT_CODE_OK 123 + static void child_die() { exit(1); @@ -126,16 +129,65 @@ static pid_t get_pid_from_fdinfo_file(int pidfd, cons= t char *key, size_t keylen) return result; } =20 +struct cmsg_data { + struct ucred *ucred; + int *pidfd; +}; + +static int parse_cmsg(struct msghdr *msg, struct cmsg_data *res) +{ + struct cmsghdr *cmsg; + int data =3D 0; + + if (msg->msg_flags & (MSG_TRUNC | MSG_CTRUNC)) { + log_err("recvmsg: truncated"); + return 1; + } + + for (cmsg =3D CMSG_FIRSTHDR(msg); cmsg !=3D NULL; + cmsg =3D CMSG_NXTHDR(msg, cmsg)) { + if (cmsg->cmsg_level =3D=3D SOL_SOCKET && + cmsg->cmsg_type =3D=3D SCM_PIDFD) { + if (cmsg->cmsg_len < sizeof(*res->pidfd)) { + log_err("CMSG parse: SCM_PIDFD wrong len"); + return 1; + } + + res->pidfd =3D (void *)CMSG_DATA(cmsg); + } + + if (cmsg->cmsg_level =3D=3D SOL_SOCKET && + cmsg->cmsg_type =3D=3D SCM_CREDENTIALS) { + if (cmsg->cmsg_len < sizeof(*res->ucred)) { + log_err("CMSG parse: SCM_CREDENTIALS wrong len"); + return 1; + } + + res->ucred =3D (void *)CMSG_DATA(cmsg); + } + } + + if (!res->pidfd) { + log_err("CMSG parse: SCM_PIDFD not found"); + return 1; + } + + if (!res->ucred) { + log_err("CMSG parse: SCM_CREDENTIALS not found"); + return 1; + } + + return 0; +} + static int cmsg_check(int fd) { struct msghdr msg =3D { 0 }; - struct cmsghdr *cmsg; + struct cmsg_data res; struct iovec iov; - struct ucred *ucred =3D NULL; int data =3D 0; char control[CMSG_SPACE(sizeof(struct ucred)) + CMSG_SPACE(sizeof(int))] =3D { 0 }; - int *pidfd =3D NULL; pid_t parent_pid; int err; =20 @@ -158,53 +210,99 @@ static int cmsg_check(int fd) return 1; } =20 - for (cmsg =3D CMSG_FIRSTHDR(&msg); cmsg !=3D NULL; - cmsg =3D CMSG_NXTHDR(&msg, cmsg)) { - if (cmsg->cmsg_level =3D=3D SOL_SOCKET && - cmsg->cmsg_type =3D=3D SCM_PIDFD) { - if (cmsg->cmsg_len < sizeof(*pidfd)) { - log_err("CMSG parse: SCM_PIDFD wrong len"); - return 1; - } + /* send(pfd, "x", sizeof(char), 0) */ + if (data !=3D 'x') { + log_err("recvmsg: data corruption"); + return 1; + } =20 - pidfd =3D (void *)CMSG_DATA(cmsg); - } + if (parse_cmsg(&msg, &res)) { + log_err("CMSG parse: parse_cmsg() failed"); + return 1; + } =20 - if (cmsg->cmsg_level =3D=3D SOL_SOCKET && - cmsg->cmsg_type =3D=3D SCM_CREDENTIALS) { - if (cmsg->cmsg_len < sizeof(*ucred)) { - log_err("CMSG parse: SCM_CREDENTIALS wrong len"); - return 1; - } + /* pidfd from SCM_PIDFD should point to the parent process PID */ + parent_pid =3D + get_pid_from_fdinfo_file(*res.pidfd, "Pid:", sizeof("Pid:") - 1); + if (parent_pid !=3D getppid()) { + log_err("wrong SCM_PIDFD %d !=3D %d", parent_pid, getppid()); + close(*res.pidfd); + return 1; + } =20 - ucred =3D (void *)CMSG_DATA(cmsg); - } + close(*res.pidfd); + return 0; +} + +static int cmsg_check_dead(int fd, int expected_pid) +{ + int err; + struct msghdr msg =3D { 0 }; + struct cmsg_data res; + struct iovec iov; + int data =3D 0; + char control[CMSG_SPACE(sizeof(struct ucred)) + + CMSG_SPACE(sizeof(int))] =3D { 0 }; + pid_t client_pid; + struct pidfd_info info =3D { + .mask =3D PIDFD_INFO_EXIT, + }; + + iov.iov_base =3D &data; + iov.iov_len =3D sizeof(data); + + msg.msg_iov =3D &iov; + msg.msg_iovlen =3D 1; + msg.msg_control =3D control; + msg.msg_controllen =3D sizeof(control); + + err =3D recvmsg(fd, &msg, 0); + if (err < 0) { + log_err("recvmsg"); + return 1; } =20 - /* send(pfd, "x", sizeof(char), 0) */ - if (data !=3D 'x') { + if (msg.msg_flags & (MSG_TRUNC | MSG_CTRUNC)) { + log_err("recvmsg: truncated"); + return 1; + } + + /* send(cfd, "y", sizeof(char), 0) */ + if (data !=3D 'y') { log_err("recvmsg: data corruption"); return 1; } =20 - if (!pidfd) { - log_err("CMSG parse: SCM_PIDFD not found"); + if (parse_cmsg(&msg, &res)) { + log_err("CMSG parse: parse_cmsg() failed"); return 1; } =20 - if (!ucred) { - log_err("CMSG parse: SCM_CREDENTIALS not found"); + /* + * pidfd from SCM_PIDFD should point to the client_pid. + * Let's read exit information and check if it's what + * we expect to see. + */ + if (ioctl(*res.pidfd, PIDFD_GET_INFO, &info)) { + log_err("%s: ioctl(PIDFD_GET_INFO) failed", __func__); + close(*res.pidfd); return 1; } =20 - /* pidfd from SCM_PIDFD should point to the parent process PID */ - parent_pid =3D - get_pid_from_fdinfo_file(*pidfd, "Pid:", sizeof("Pid:") - 1); - if (parent_pid !=3D getppid()) { - log_err("wrong SCM_PIDFD %d !=3D %d", parent_pid, getppid()); + if (!(info.mask & PIDFD_INFO_EXIT)) { + log_err("%s: No exit information from ioctl(PIDFD_GET_INFO)", __func__); + close(*res.pidfd); return 1; } =20 + err =3D WIFEXITED(info.exit_code) ? WEXITSTATUS(info.exit_code) : 1; + if (err !=3D CHILD_EXIT_CODE_OK) { + log_err("%s: wrong exit_code %d !=3D %d", __func__, err, CHILD_EXIT_CODE= _OK); + close(*res.pidfd); + return 1; + } + + close(*res.pidfd); return 0; } =20 @@ -291,6 +389,24 @@ static void fill_sockaddr(struct sock_addr *addr, bool= abstract) memcpy(sun_path_buf, addr->sock_name, strlen(addr->sock_name)); } =20 +static int sk_enable_cred_pass(int sk) +{ + int on =3D 0; + + on =3D 1; + if (setsockopt(sk, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on))) { + log_err("Failed to set SO_PASSCRED"); + return 1; + } + + if (setsockopt(sk, SOL_SOCKET, SO_PASSPIDFD, &on, sizeof(on))) { + log_err("Failed to set SO_PASSPIDFD"); + return 1; + } + + return 0; +} + static void client(FIXTURE_DATA(scm_pidfd) *self, const FIXTURE_VARIANT(scm_pidfd) *variant) { @@ -299,7 +415,6 @@ static void client(FIXTURE_DATA(scm_pidfd) *self, struct ucred peer_cred; int peer_pidfd; pid_t peer_pid; - int on =3D 0; =20 cfd =3D socket(AF_UNIX, variant->type, 0); if (cfd < 0) { @@ -322,14 +437,8 @@ static void client(FIXTURE_DATA(scm_pidfd) *self, child_die(); } =20 - on =3D 1; - if (setsockopt(cfd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on))) { - log_err("Failed to set SO_PASSCRED"); - child_die(); - } - - if (setsockopt(cfd, SOL_SOCKET, SO_PASSPIDFD, &on, sizeof(on))) { - log_err("Failed to set SO_PASSPIDFD"); + if (sk_enable_cred_pass(cfd)) { + log_err("sk_enable_cred_pass() failed"); child_die(); } =20 @@ -340,6 +449,12 @@ static void client(FIXTURE_DATA(scm_pidfd) *self, child_die(); } =20 + /* send something to the parent so it can receive SCM_PIDFD too and valid= ate it */ + if (send(cfd, "y", sizeof(char), 0) =3D=3D -1) { + log_err("Failed to send(cfd, \"y\", sizeof(char), 0)"); + child_die(); + } + /* skip further for SOCK_DGRAM as it's not applicable */ if (variant->type =3D=3D SOCK_DGRAM) return; @@ -398,7 +513,13 @@ TEST_F(scm_pidfd, test) close(self->server); close(self->startup_pipe[0]); client(self, variant); - exit(0); + + /* + * It's a bit unusual, but in case of success we return non-zero + * exit code (CHILD_EXIT_CODE_OK) and then we expect to read it + * from ioctl(PIDFD_GET_INFO) in cmsg_check_dead(). + */ + exit(CHILD_EXIT_CODE_OK); } close(self->startup_pipe[1]); =20 @@ -421,9 +542,17 @@ TEST_F(scm_pidfd, test) ASSERT_NE(-1, err); } =20 - close(pfd); waitpid(self->client_pid, &child_status, 0); - ASSERT_EQ(0, WIFEXITED(child_status) ? WEXITSTATUS(child_status) : 1); + /* see comment before exit(CHILD_EXIT_CODE_OK) */ + ASSERT_EQ(CHILD_EXIT_CODE_OK, WIFEXITED(child_status) ? WEXITSTATUS(child= _status) : 1); + + err =3D sk_enable_cred_pass(pfd); + ASSERT_EQ(0, err); + + err =3D cmsg_check_dead(pfd, self->client_pid); + ASSERT_EQ(0, err); + + close(pfd); } =20 TEST_HARNESS_MAIN --=20 2.43.0