The goal of this patch is to reproduce on kdbus the same behavior that is expressed by Unix Domain Sockets when it comes to restricting ability to pass opened file descriptors.
Signed-off-by: Paul Osmialowski <[email protected]> --- ipc/kdbus/message.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/ipc/kdbus/message.c b/ipc/kdbus/message.c index ae565cd..b083431 100644 --- a/ipc/kdbus/message.c +++ b/ipc/kdbus/message.c @@ -24,6 +24,7 @@ #include <linux/sizes.h> #include <linux/slab.h> #include <linux/uaccess.h> +#include <linux/security.h> #include <net/sock.h> #include "bus.h" @@ -150,13 +151,19 @@ int kdbus_gaps_install(struct kdbus_gaps *gaps, struct kdbus_pool_slice *slice, for (i = 0; i < gaps->n_fds; ++i) { int fd; - fd = get_unused_fd_flags(O_CLOEXEC); - if (fd < 0) + if (gaps->fd_files[i] && + security_file_receive(gaps->fd_files[i])) { incomplete_fds = true; + fds[n_fds++] = -1; + } else { + fd = get_unused_fd_flags(O_CLOEXEC); + if (fd < 0) + incomplete_fds = true; - WARN_ON(!gaps->fd_files[i]); + WARN_ON(!gaps->fd_files[i]); - fds[n_fds++] = fd < 0 ? -1 : fd; + fds[n_fds++] = fd < 0 ? -1 : fd; + } } /* @@ -178,6 +185,13 @@ int kdbus_gaps_install(struct kdbus_gaps *gaps, struct kdbus_pool_slice *slice, for (i = 0; i < gaps->n_memfds; ++i) { int memfd; + if (gaps->memfd_files[i] && + security_file_receive(gaps->memfd_files[i])) { + incomplete_fds = true; + fds[n_fds++] = -1; + continue; + } + memfd = get_unused_fd_flags(O_CLOEXEC); if (memfd < 0) { incomplete_fds = true; -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
