Re: [PATCH] unix: properly account for FDs passed over unix sockets

From: Hannes Frederic Sowa
Date: Tue Dec 29 2015 - 09:49:31 EST

Next message: Ming Lei: "[PATCH v2 3/3] bpf: hash: use per-bucket spinlock"
Previous message: Herbert Xu: "Re: use-after-free in hash_sock_destruct"
In reply to: Hannes Frederic Sowa: "Re: [PATCH] unix: properly account for FDs passed over unix sockets"
Next in thread: Willy Tarreau: "Re: [PATCH] unix: properly account for FDs passed over unix sockets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 28.12.2015 15:14, Willy Tarreau wrote:

It is possible for a process to allocate and accumulate far more FDs than
the process' limit by sending them over a unix socket then closing them
to keep the process' fd count low.

This change addresses this problem by keeping track of the number of FDs
in flight per user and preventing non-privileged processes from having
more FDs in flight than their configured FD limit.

Reported-by: socketpair@xxxxxxxxx
Suggested-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Willy Tarreau <w@xxxxxx>

Thanks for the patch!

I think this does not close the DoS attack completely as we duplicate fds if the reader uses MSG_PEEK on the unix domain socket and thus clones the fd. Have I overlooked something?

Thanks,
Hannes

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ming Lei: "[PATCH v2 3/3] bpf: hash: use per-bucket spinlock"
Previous message: Herbert Xu: "Re: use-after-free in hash_sock_destruct"
In reply to: Hannes Frederic Sowa: "Re: [PATCH] unix: properly account for FDs passed over unix sockets"
Next in thread: Willy Tarreau: "Re: [PATCH] unix: properly account for FDs passed over unix sockets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]