Re: [flame^Wreview] net: netprio_cgroup: rework update socket logic

[John Fastabend]

On 8/13/2012 10:01 AM, Al Viro wrote:
> On Mon, Aug 13, 2012 at 09:58:12AM -0700, John Fastabend wrote:
> > [...]
> >
> > > HOWEVER, it still doesn't address more fundamental problem - somebody
> > > creating a socket and passing it to you in SCM_RIGHTS datagram will
> > > leave you with a socket you can do IO on, still tagged according to who
> > > had created it.
> > >
> > > AFAICS, the whole point of that exercise was to allow third-party changing
> > > the priorities of traffic on sockets already created by a process we now
> > > move to a different cgroup.  Consider e.g. this:
> >
> > Correct that is the point of the exercise.
> >
> > To fix this specific case we could add a call to sock_update_netprioidx
> > in scm_recv to set the sk_cgrp_prioidx value.
>
> On every received descriptor, that is?  Eeek...

We are already iterating through the files in scm_detach_fds called from
scm_recv(). This would be an extra (file->f_op == &socket_file_ops)
check here and then the sock update.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/