scm: fix MSG_CTRUNC setting condition for SO_PASSSEC

[ Upstream commit a02d83f9947d8f71904eda4de046630c3eb6802c ]

Currently, kernel would set MSG_CTRUNC flag if msg_control buffer
wasn't provided and SO_PASSCRED was set or if there was pending SCM_RIGHTS.

For some reason we have no corresponding check for SO_PASSSEC.

In the recvmsg(2) doc we have:
       MSG_CTRUNC
              indicates that some control data was discarded due to lack
              of space in the buffer for ancillary data.

So, we need to set MSG_CTRUNC flag for all types of SCM.

This change can break applications those don't check MSG_CTRUNC flag.

Cc: "David S. Miller" <davem@davemloft.net>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: Leon Romanovsky <leon@kernel.org>
Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>

v2:
- commit message was rewritten according to Eric's suggestion
Acked-by: Paul Moore <paul@paul-moore.com>

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Alexander Mikhalitsyn 2023-03-13 12:32:11 +01:00 committed by Greg Kroah-Hartman
parent 7160c6940a
commit 8f851a75bb

View File

@ -105,16 +105,27 @@ static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct sc
} }
} }
} }
static inline bool scm_has_secdata(struct socket *sock)
{
return test_bit(SOCK_PASSSEC, &sock->flags);
}
#else #else
static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm) static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
{ } { }
static inline bool scm_has_secdata(struct socket *sock)
{
return false;
}
#endif /* CONFIG_SECURITY_NETWORK */ #endif /* CONFIG_SECURITY_NETWORK */
static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg, static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
struct scm_cookie *scm, int flags) struct scm_cookie *scm, int flags)
{ {
if (!msg->msg_control) { if (!msg->msg_control) {
if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp) if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp ||
scm_has_secdata(sock))
msg->msg_flags |= MSG_CTRUNC; msg->msg_flags |= MSG_CTRUNC;
scm_destroy(scm); scm_destroy(scm);
return; return;