Re: [PATCH net-next] scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
From: Leon Romanovsky
Date: Mon Feb 27 2023 - 04:47:24 EST
On Sun, Feb 26, 2023 at 09:17:30PM +0100, Alexander Mikhalitsyn wrote:
> Currently, we set MSG_CTRUNC flag is we have no
> msg_control buffer provided and SO_PASSCRED is set
> or if we have pending SCM_RIGHTS.
>
> For some reason we have no corresponding check for
> SO_PASSSEC.
>
> Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
> Cc: Eric Dumazet <edumazet@xxxxxxxxxx>
> Cc: Jakub Kicinski <kuba@xxxxxxxxxx>
> Cc: Paolo Abeni <pabeni@xxxxxxxxxx>
> Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@xxxxxxxxxxxxx>
> ---
> include/net/scm.h | 13 ++++++++++++-
> 1 file changed, 12 insertions(+), 1 deletion(-)
Is it a bugfix? If yes, it needs Fixes line.
>
> diff --git a/include/net/scm.h b/include/net/scm.h
> index 1ce365f4c256..585adc1346bd 100644
> --- a/include/net/scm.h
> +++ b/include/net/scm.h
> @@ -105,16 +105,27 @@ static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct sc
> }
> }
> }
> +
> +static inline bool scm_has_secdata(struct socket *sock)
> +{
> + return test_bit(SOCK_PASSSEC, &sock->flags);
> +}
> #else
> static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
> { }
> +
> +static inline bool scm_has_secdata(struct socket *sock)
> +{
> + return false;
> +}
> #endif /* CONFIG_SECURITY_NETWORK */
There is no need in this ifdef, just test bit directly.
>
> static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
> struct scm_cookie *scm, int flags)
> {
> if (!msg->msg_control) {
> - if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp)
> + if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp ||
> + scm_has_secdata(sock))
> msg->msg_flags |= MSG_CTRUNC;
> scm_destroy(scm);
> return;
> --
> 2.34.1
>