From: Kuniyuki Iwashima <kuniyu@amazon•com>
To: "David S. Miller" <davem@davemloft•net>,
Eric Dumazet <edumazet@google•com>,
Jakub Kicinski <kuba@kernel•org>, Paolo Abeni <pabeni@redhat•com>
Cc: Kuniyuki Iwashima <kuniyu@amazon•com>,
Kuniyuki Iwashima <kuni1840@gmail•com>, <netdev@vger•kernel.org>
Subject: [PATCH v1 net] net: Allow larger buffer than peer address for SO_PEERNAME.
Date: Fri, 18 Aug 2023 17:55:52 -0700 [thread overview]
Message-ID: <20230819005552.39751-1-kuniyu@amazon.com> (raw)
When we call getsockopt(SO_PEERNAME), the buffer size must be smaller
than or equal to the length of the peer name.
It works with protocols whose address size is fixed. However, the
restriction does not make sense for socket families with an arbitrary
length address.
For example, we usually do not know the peer name if we get an AF_UNIX
socket by accept(), FD passing, or pidfd_getfd(). Then we get -EINVAL
if we pass sizeof(struct sockaddr_un) to getsockopt(SO_PEERNAME). So,
we need to do binary search to get the exact peer name.
addrlen = sizeof(struct sockaddr_un);
getsockopt(fd, SOL_SOCKET, SO_PEERNAME,
(struct sockaddr *)&addr, &addrlen); <-- -EINVAL
The error handling is to avoid copying garbage after the copied peer
address in the temporal buffer.
Let's update copy size by the peer name size if it is larger.
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon•com>
---
net/core/sock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/core/sock.c b/net/core/sock.c
index c9cffb7acbea..f6ee2998a109 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1829,7 +1829,7 @@ int sk_getsockopt(struct sock *sk, int level, int optname,
if (lv < 0)
return -ENOTCONN;
if (lv < len)
- return -EINVAL;
+ len = lv;
if (copy_to_sockptr(optval, address, len))
return -EFAULT;
goto lenout;
--
2.30.2
next reply other threads:[~2023-08-19 0:56 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-19 0:55 Kuniyuki Iwashima [this message]
2023-08-22 2:11 ` [PATCH v1 net] net: Allow larger buffer than peer address for SO_PEERNAME Jakub Kicinski
2023-08-22 2:40 ` Kuniyuki Iwashima
2023-08-22 8:43 ` Paolo Abeni
2023-08-22 16:24 ` Kuniyuki Iwashima
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230819005552.39751-1-kuniyu@amazon.com \
--to=kuniyu@amazon$(echo .)com \
--cc=davem@davemloft$(echo .)net \
--cc=edumazet@google$(echo .)com \
--cc=kuba@kernel$(echo .)org \
--cc=kuni1840@gmail$(echo .)com \
--cc=netdev@vger$(echo .)kernel.org \
--cc=pabeni@redhat$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox