superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/net/unix
History
Hannes Frederic Sowa 415e3d3e90 unix: correctly track in-flight fds in sending process user_struct 
The commit referenced in the Fixes tag incorrectly accounted the number
of in-flight fds over a unix domain socket to the original opener
of the file-descriptor. This allows another process to arbitrary
deplete the original file-openers resource limit for the maximum of
open files. Instead the sending processes and its struct cred should
be credited.

To do so, we add a reference counted struct user_struct pointer to the
scm_fp_list and use it to account for the number of inflight unix fds.

Fixes: 712f4aad40 ("unix: properly account for FDs passed over unix sockets")
Reported-by: David Herrmann <dh.herrmann@gmail.com>
Cc: David Herrmann <dh.herrmann@gmail.com>
Cc: Willy Tarreau <w@1wt.eu>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2016-02-08 10:30:42 -05:00
..
Kconfig net: Default UDP and UNIX diag to 'n'. 2012-01-07 12:13:06 -08:00
Makefile unix_diag: Write it into kbuild 2011-12-16 13:48:29 -05:00
af_unix.c unix: correctly track in-flight fds in sending process user_struct 2016-02-08 10:30:42 -05:00
diag.c VFS: net/unix: d_backing_inode() annotations 2015-04-15 15:06:56 -04:00
garbage.c unix: correctly track in-flight fds in sending process user_struct 2016-02-08 10:30:42 -05:00
sysctl_net_unix.c net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00