Date: Thu, 22 Apr 2021 01:56:28 -0700 From: Mark Millard <marklmi@yahoo.com> To: Gleb Popov <arrowd@freebsd.org> Cc: freebsd-hackers <freebsd-hackers@freebsd.org> Subject: Re: A bug with getsockopt(SOL_LOCAL, LOCAL_PEERCRED) ? Message-ID: <270C028E-322E-4DAB-A240-B6E4341E6163@yahoo.com> In-Reply-To: <CALH631nrhyY%2BK3tPSwt1wuYHoZkz371UtjK%2BdG844RybtA2yKw@mail.gmail.com> References: <CALH631kLCApctk4iQJj6br0Pzeb6qsh9g3jz_SA8hH91ftQGDQ@mail.gmail.com> <YHiQ6qEjS2w8uYpS@kib.kiev.ua> <CALH631=3hqvfraume467OM%2BqGqp854sGJFfhO8b61mF%2BkbsJ2Q@mail.gmail.com> <E6626DFC-2014-412C-AEA2-ECE57835B058@yahoo.com> <CALH631mi0xOQGjd6F3Beu_BQdqAx8RYCrbkUi524F8S4rwo1aA@mail.gmail.com> <40116716-D8D9-438D-A168-B26A112D199E@yahoo.com> <CALH631nrhyY%2BK3tPSwt1wuYHoZkz371UtjK%2BdG844RybtA2yKw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2021-Apr-21, at 21:54, Gleb Popov <arrowd at freebsd.org> wrote: >=20 >=20 >=20 >> On Thu, Apr 22, 2021 at 1:00 AM Mark Millard <marklmi@yahoo.com> = wrote: >>=20 >> On 2021-Apr-21, at 11:27, Gleb Popov <arrowd at freebsd.org> wrote: >> >=20 >> > This makes sense, thanks. >> >=20 >> > However, this code works on Linux and seems to return credentials = of the user that started the process. I actually stumbled upon this when = porting this code: = https://github.com/CollaboraOnline/online/blob/master/net/Socket.cpp#L805 >> >=20 >> > Would it make sense if FreeBSD followed Linux semantics in this = case? If not, what are my options for porting the software? >>=20 >> =46rom what I can tell . . . >>=20 >> FreeBSD defines LOCAL_PEERCRED and what goes with its use, not linux. >> Linux defines SO_PEERCRED and what goes with its use, not FreeBSD. >>=20 >> If I understand right, your code is incompatible with the referenced >> CollaboraOnline code from just after the #else (so __FreeBSD__ case, >> not the linux case): >>=20 >> getsockopt(getFD(), 0, LOCAL_PEERCRED, &creds, &credSize) >> vs. your: >> getsockopt(s, SOL_LOCAL, LOCAL_PEERCRED, &creds, &credSize) >>=20 >> Note the 0 vs. the SOL_LOCAL. Your code is a mix of Linux >> and FreeBSD code when it should not be. >=20 > SOL_LOCAL is defined to 0, so this is fine. >=20 >>=20 >> See also the following that involved replacing a SOL_LOCAL >> with a 0 for getsockopt used with LOCAL_PEERCRED: >>=20 >> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D234722 >>=20 >=20 > Yes, I'm aware that Linux SO_PEERCRED operates on socket level, while = ours operates on level 0. This is taken in account > in the code I posted. >=20 > As I said, the error stems from the fact that Linux allows getting = creds from the listening socket. (Is there any Linux documentation indicating that Linux is required to allow that? POSIX? Etc,? Or is such code depending on such properties operating outside the range of the guarantees?) Is the context linux compat code? Direct FreeBSD code? It would be FreeBSD's compat handling that needs to match Linux handling if FreeBSD is to span compatibility in the subject area. Does the compat code work as Linux (implicitly?) specifies? (If not it might be more likely that FreeBSD would change things sufficiently for it to work in at least that kind of context.) But if the compat code already matches the Linux behavior for which socket(s) allow the accessbut direct FreeBSD does not . . . FreeBSD appears to have its own programming model for direct use, not exposing the temporary copy of the peercred that is associated with the listening socket. If the compat code works for Linux, it is not so obvious that FreeBSD would change anything since it appears to have a working, usable API: direct FreeBSD code needs to use FreeBSD's API. I'm not sure how much FreeBSD tries to make direct FreeBSD code allow code designed for Linux to work, except to help with the Linux compat code doing the right thing in a simpler way than otherwise. =3D=3D=3D Mark Millard marklmi at yahoo.com ( dsl-only.net went away in early 2018-Mar)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?270C028E-322E-4DAB-A240-B6E4341E6163>