o There are two methods to get a process credentials over the unix

sockets: 1) A sender sends SCM_CREDS message to a reciever, struct cmsgcred; 2) A reciever sets LOCAL_CREDS socket option and gets sender credentials in control message, struct sockcred. Both methods use the same control message type SCM_CREDS with the same control message level SOL_SOCKET, so they are indistinguishable for the receiver. A difference in struct cmsgcred and struct sockcred layouts may lead to unwanted effects. Now for sockets with LOCAL_CREDS option remove all previous linked SCM_CREDS control messages and then add a control message with struct sockcred so the process specifically asked for the peer credentials by LOCAL_CREDS option always gets struct sockcred. PR: kern/90800 Submitted by: Andrey Simonenko Regres. tests: tools/regression/sockets/unix_cmsg/ MFC after: 1 month
svn path=/head/; revision=159575
2006-06-13 14:33:35 +00:00 · 2006-06-13 14:33:35 +00:00 · 70df31f4de · 2020-12-20 02:59:44 +00:00
commit 70df31f4de
parent c3a252361a
1 changed files with 24 additions and 10 deletions
--- a/sys/kern/uipc_usrreq.c
+++ b/sys/kern/uipc_usrreq.c
@ -1498,8 +1498,9 @@ unp_internalize(struct mbuf **controlp, struct thread *td)
 struct mbuf *
 unp_addsockcred(struct thread *td, struct mbuf *control)
 {
-	struct mbuf *m, *n;
+	struct mbuf *m, *n, *n_prev;
 	struct sockcred *sc;
+	const struct cmsghdr *cm;
 	int ngroups;
 	int i;

@ -1508,7 +1509,6 @@ unp_addsockcred(struct thread *td, struct mbuf *control)
 	m = sbcreatecontrol(NULL, SOCKCREDSIZE(ngroups), SCM_CREDS, SOL_SOCKET);
 	if (m == NULL)
 		return (control);
-	m->m_next = NULL;

 	sc = (struct sockcred *) CMSG_DATA(mtod(m, struct cmsghdr *));
 	sc->sc_uid = td->td_ucred->cr_ruid;
@ -1520,16 +1520,30 @@ unp_addsockcred(struct thread *td, struct mbuf *control)
 		sc->sc_groups[i] = td->td_ucred->cr_groups[i];

 	/*
-	 * If a control message already exists, append us to the end.
+	 * Unlink SCM_CREDS control messages (struct cmsgcred), since
+	 * just created SCM_CREDS control message (struct sockcred) has
+	 * another format.
 	 */
-	if (control != NULL) {
-		for (n = control; n->m_next != NULL; n = n->m_next)
-			;
-		n->m_next = m;
-	} else
-		control = m;
+	if (control != NULL)
+		for (n = control, n_prev = NULL; n != NULL;) {
+			cm = mtod(n, struct cmsghdr *);
+    			if (cm->cmsg_level == SOL_SOCKET &&
+			    cm->cmsg_type == SCM_CREDS) {
+    				if (n_prev == NULL)
+					control = n->m_next;
+				else
+					n_prev->m_next = n->m_next;
+				n = m_free(n);
+			} else {
+				n_prev = n;
+				n = n->m_next;
+			}
+		}

-	return (control);
+	/* Prepend it to the head. */
+	m->m_next = control;
+
+	return (m);
 }

 /*