iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Kuniyuki Iwashima 51bae889fe af_unix: Put pathname sockets in the global hash table. 
Commit cf2f225e2653 ("af_unix: Put a socket into a per-netns hash table.")
accidentally broke user API for pathname sockets.  A socket was able to
connect() to a pathname socket whose file was visible even if they were in
different network namespaces.

The commit puts all sockets into a per-netns hash table.  As a result,
connect() to a pathname socket in a different netns fails to find it in the
caller's per-netns hash table and returns -ECONNREFUSED even when the task
can view the peer socket file.

We can reproduce this issue by:

  Console A:

    # python3
    >>> from socket import *
    >>> s = socket(AF_UNIX, SOCK_STREAM, 0)
    >>> s.bind('test')
    >>> s.listen(32)

  Console B:

    # ip netns add test
    # ip netns exec test sh
    # python3
    >>> from socket import *
    >>> s = socket(AF_UNIX, SOCK_STREAM, 0)
    >>> s.connect('test')

Note when dumping sockets by sock_diag, procfs, and bpf_iter, they are
filtered only by netns.  In other words, even if they are visible and
connect()able, all sockets in different netns are skipped while iterating
sockets.  Thus, we need a fix only for finding a peer pathname socket.

This patch adds a global hash table for pathname sockets, links them with
sk_bind_node, and uses it in unix_find_socket_byinode().  By doing so, we
can keep sockets in per-netns hash tables and dump them easily.

Thanks to Sachin Sant and Leonard Crestez for reports, logs and a reproducer.

Fixes: cf2f225e2653 ("af_unix: Put a socket into a per-netns hash table.")
Reported-by: Sachin Sant <sachinp@linux.ibm.com>
Reported-by: Leonard Crestez <cdleonard@gmail.com>
Tested-by: Sachin Sant <sachinp@linux.ibm.com>
Tested-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Tested-by: Leonard Crestez <cdleonard@gmail.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2022-07-05 11:34:58 +02:00
..
6lowpan
net: 6lowpan: constify lowpan_nhc structures
2022-06-09 21:53:28 +02:00
9p
xen: switch gnttab_end_foreign_access() to take a struct page pointer
2022-05-27 11:05:29 +02:00
802
8021q
vlan: adopt u64_stats_t
2022-06-09 21:53:09 -07:00
appletalk
net: remove noblock parameter from skb_recv_datagram()
2022-04-06 13:45:26 +01:00
atm
net: SO_RCVMARK socket option for SO_MARK with recvmsg()
2022-04-28 13:08:15 -07:00
ax25
ax25: use GFP_KERNEL in ax25_dev_device_up()
2022-06-17 20:34:13 -07:00
batman-adv
net: wrap the wireless pointers in struct net_device in an ifdef
2022-05-22 21:51:54 +01:00
bluetooth
bluetooth: don't use bitmaps for random flag accesses
2022-06-05 16:28:41 -07:00
bpf
bpf, test_run: Remove unnecessary prog type checks
2022-06-03 14:53:33 -07:00
bpfilter
uaccess: remove CONFIG_SET_FS
2022-02-25 09:36:06 +01:00
bridge
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-06-30 16:31:00 -07:00
caif
net: remove noblock parameter from skb_recv_datagram()
2022-04-06 13:45:26 +01:00
can
net: Kconfig: move the CAN device menu to the "Device Drivers" section
2022-06-11 17:11:02 +02:00
ceph
libceph: use swap() macro instead of taking tmp variable
2022-05-25 20:45:13 +02:00
core
net, neigh: introduce interval_probe_time_ms for periodic probe
2022-06-30 13:14:35 +02:00
dcb
net: dcb: disable softirqs in dcbnl_flush_dev()
2022-03-03 08:01:55 -08:00
dccp
Revert "net: Add a second bind table hashed by port and address"
2022-06-16 11:07:59 -07:00
decnet
net, neigh: introduce interval_probe_time_ms for periodic probe
2022-06-30 13:14:35 +02:00
dns_resolver
dsa
net: dsa: tag_ksz: add tag handling for Microchip LAN937x
2022-07-02 16:34:05 +01:00
ethernet
net: ethernet: set default assignment identifier to NET_NAME_ENUM
2022-04-07 21:04:03 -07:00
ethtool
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-06-23 12:33:24 -07:00
hsr
net: add per-cpu storage and net->core_stats
2022-03-11 23:17:24 -08:00
ieee802154
net: SO_RCVMARK socket option for SO_MARK with recvmsg()
2022-04-28 13:08:15 -07:00
ife
ipv4
net: ipconfig: use strscpy to replace strlcpy
2022-07-04 10:28:00 +01:00
ipv6
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-06-30 16:31:00 -07:00
iucv
net: keep sk->sk_forward_alloc as small as possible
2022-06-10 16:21:27 -07:00
kcm
net: Don't include filter.h from net/sock.h
2021-12-29 08:48:14 -08:00
key
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec
2022-06-01 17:44:04 -07:00
l2tp
ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
2022-06-08 10:56:43 -07:00
l3mdev
l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu
2022-04-15 14:27:24 -07:00
lapb
llc
net: rename reference+tracking helpers
2022-06-09 21:52:55 -07:00
mac80211
wireless-next patches for v5.20
2022-06-10 08:57:35 -07:00
mac802154
net: mac802154: Fix symbol durations
2022-04-30 20:29:47 +02:00
mctp
Networking changes for 5.19.
2022-05-25 12:22:58 -07:00
mpls
net: mpls: fix memdup.cocci warning
2022-04-07 21:06:41 -07:00
mptcp
mptcp: refine memory scheduling
2022-07-01 13:24:59 +01:00
ncsi
net/ncsi: use proper "mellanox" DT vendor prefix
2022-06-23 20:51:06 -07:00
netfilter
netfilter: nf_tables: avoid skb access on nf_stolen
2022-06-27 19:22:54 +02:00
netlabel
netlabel: fix out-of-bounds memory accesses
2022-03-21 10:59:11 +00:00
netlink
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-05-12 16:15:30 -07:00
netrom
net: remove noblock parameter from skb_recv_datagram()
2022-04-06 13:45:26 +01:00
nfc
net: nfc: Directly use ida_alloc()/free()
2022-05-28 15:28:47 +01:00
nsh
openvswitch
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-06-23 12:33:24 -07:00
packet
net: rename reference+tracking helpers
2022-06-09 21:52:55 -07:00
phonet
net: remove noblock parameter from recvmsg() entities
2022-04-12 15:00:25 +02:00
psample
qrtr
net: remove noblock parameter from skb_recv_datagram()
2022-04-06 13:45:26 +01:00
rds
Linux 5.18
2022-05-24 12:40:28 -03:00
rfkill
rfkill: make new event layout opt-in
2022-03-18 13:09:17 +02:00
rose
net: rose: fix UAF bugs caused by timer handler
2022-06-30 11:07:30 +02:00
rxrpc
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-05-23 21:19:17 -07:00
sched
time64.h: consolidate uses of PSEC_PER_NSEC
2022-06-30 21:18:16 -07:00
sctp
net: keep sk->sk_forward_alloc as small as possible
2022-06-10 16:21:27 -07:00
smc
net: rename reference+tracking helpers
2022-06-09 21:52:55 -07:00
strparser
sunrpc
NFS Client Fixes for Linux 5.19-rc
2022-06-17 15:17:57 -05:00
switchdev
net: rename reference+tracking helpers
2022-06-09 21:52:55 -07:00
tipc
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-06-30 16:31:00 -07:00
tls
net: add skb_[inner_]tcp_all_headers helpers
2022-07-02 16:22:25 +01:00
unix
af_unix: Put pathname sockets in the global hash table.
2022-07-05 11:34:58 +02:00
vmw_vsock
hyperv-next for 5.19
2022-05-28 11:39:01 -07:00
wireless
wireless-next patches for v5.19
2022-05-19 13:01:08 -07:00
x25
x25: remove redundant pointer dev
2022-05-10 11:59:22 +02:00
xdp
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-06-23 12:33:24 -07:00
xfrm
net: rename reference+tracking helpers
2022-06-09 21:52:55 -07:00
compat.c
devres.c
Kconfig
page_pool: Add allocation stats
2022-03-03 09:55:28 +00:00
Kconfig.debug
net: CONFIG_DEBUG_NET depends on CONFIG_NET
2022-06-02 10:15:05 -07:00
Makefile
socket.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-06-30 16:31:00 -07:00
sysctl_net.c