Re: [PATCH] scm: fold __scm_send() into scm_send()

[Ingo Oeser]

Hi Chris,

Andrew Morton wrote:
> Ingo Oeser <ioe-lkml@xxxxxxxxxx> wrote:
> >
> >  -int scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
> >  -{
> >  -	struct task_struct *p = current;
> >  -	scm->creds = (struct ucred) {
> >  -		.uid = p->uid,
> >  -		.gid = p->gid,
> >  -		.pid = p->tgid
> >  -	};
> >  -	scm->fp = NULL;
> >  -	scm->sid = security_sk_sid(sock->sk, NULL, 0);
> >  -	scm->seq = 0;
> >  -	if (msg->msg_controllen <= 0)
> >  -		return 0;
> >  -	return __scm_send(sock, msg, scm);
> >  -}
> 
> It's worth noting that scm_send() will call security_sk_sid() even if
> (msg->msg_controllen <= 0).

Chris, do you know if this is needed in this case?

> If that test is likely to be true with any frequency then perhaps we can
> optimise things...

That test seems to be the original intention for the splitup. 

The security modules just put their hooks here. Maybe we can
fold these hooks into __scm_send() and have the old
splitup again to get the old code paths back.

It seems that the credential copy in af_unix.c 

memcpy(UNIXCREDS(skb), &siocb->scm->creds, sizeof(struct ucred));
if (siocb->scm->fp)
            unix_attach_fds(siocb->scm, skb);

doesn't depend on the "msg_controllen <= 0" test. If we can introduce this 
dependency there, we can put credential setup into __scm_send().

I would suggest we fold these two lines into a function and decide this later.

Chris, would this suffice?

Regards

Ingo Oeser

BTW: ioe-lkml@xxxxxxxxxx is simply netdev@xxxxxxxx at work :-)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/