[PATCH 37/40] iscsi: ensure the iscsi kernel fd is not usable in userspace

[Peter Zijlstra]

We expose the iSCSI connection fd to userspace for reference tracking, but we
do not want userspace to actually have access to the data; mark it with
SOCK_KERNEL.

Signed-off-by: Peter Zijlstra <a.p.zijlstra@xxxxxxxxx>
Cc: Mike Christie <mchristi@xxxxxxxxxx>
---
 drivers/scsi/iscsi_tcp.c |    7 +++++++
 1 file changed, 7 insertions(+)

Index: linux-2.6-git/drivers/scsi/iscsi_tcp.c
===================================================================
--- linux-2.6-git.orig/drivers/scsi/iscsi_tcp.c	2007-03-22 11:29:08.000000000 +0100
+++ linux-2.6-git/drivers/scsi/iscsi_tcp.c	2007-03-22 12:00:14.000000000 +0100
@@ -1759,6 +1759,13 @@ iscsi_tcp_ep_connect(struct sockaddr *ds
 		goto release_sock;
 	}
 
+	/*
+	 * Even though we're going to expose this socket to user-space
+	 * (as an identifier for the connection and for tracking life times)
+	 * we don't want it used by user-space at all.
+	 */
+	sock_set_flag(sock->sk, SOCK_KERNEL);
+
 	rc = sock->ops->connect(sock, (struct sockaddr *)dst_addr, size,
 				O_NONBLOCK);
 	if (rc == -EINPROGRESS)

--

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/