Thread (9 messages) 9 messages, 4 authors, 2020-06-10

Re: [PATCH 0/2] Use __scm_install_fd() more widely

From: Christian Brauner <hidden>
Date: 2020-06-10 09:47:45
Also in: lkml

On Tue, Jun 09, 2020 at 09:52:12PM -0700, Kees Cook wrote:
Hi,

This extends the recent work hch did for scm_detach_fds(), and updates
the compat path as well, fixing bugs in the process. Additionally,
an effectively incomplete and open-coded __scm_install_fd() is fixed
in pidfd_getfd().
Since __scm_detach_fds() becomes something that is available outside of
net/* should we provide a static inline wrapper under a different name? The
"socket-level control message" prefix seems a bit odd in pidfd_getfd()
and - once we make use of it there - seccomp.

I'd suggest we do:

static inline int fd_install_received(struct file *file, unsigned int flags)
{
	return __scm_install_fd(file, NULL, flags);
}

which can be called in pidfd_getfd() and once we have other callers that
want the additional put_user() (e.g. seccomp_ in there we simply add:

static inline fd_install_user(struct file *file, unsigned int flags, int __user *ufd)
{
	return __scm_install_fd(file, ufd, flags);
}

and seems the wrappers both could happily live in the fs part of the world?

Christian
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help