From owner-freebsd-hackers@freebsd.org Thu Apr 22 16:11:30 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 355F65F8380 for ; Thu, 22 Apr 2021 16:11:30 +0000 (UTC) (envelope-from marklmi@yahoo.com) Received: from sonic304-24.consmr.mail.gq1.yahoo.com (sonic304-24.consmr.mail.gq1.yahoo.com [98.137.68.205]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FR2V921k7z4YL9 for ; Thu, 22 Apr 2021 16:11:28 +0000 (UTC) (envelope-from marklmi@yahoo.com) X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1619107887; bh=P6av+5p8aNpYxozMFnM0vKTHWJNpc+FcQRGAMgFC/T/=; h=X-Sonic-MF:Subject:From:Date:To:From:Subject; b=HdnzDIiCfBLpPEkHDY9AFrWA/BYYORva7+yCqwey1bR/Hi7Bltq6teVfhuHstnRwxxKgUlH3nbHOV8hYg8X509tMnRwNozbbLOtKBwXVPX4D/rUYTFI0rvHgHp1Wk/+kvXah6bl4BX+/xQ+VXUL6lHCc6sHIyWnuo/dG6cPpgbq5lREvKHQTWLUBScF4GgCgQR+eUhXFgj5XzC2Ayb6wVrLn/Lq9xlEj8Tobojl1uchJtADimvplc/9250i/zxNtgdzGb5FdeODfdwRH7fdZjFzR0muelXhaBODI6phR8WMTxvUyC/WiJQY7N7H4QFWBgikyZtg/cLFn1YyOsJc0aw== X-YMail-OSG: eL0UHJgVM1nX6ON42fkJ0kUjPXKAHf5yjoD4YzddzKy79TdNDgQ_0QE3r377Acj XnhHprmWDGcVubAhq9xWQbXPS1Vms56iZz6F7.Kd9K3eVbDfqyAt7HtwHrB0lI.szxNW8Y2AKy1t C6BqQzuAssrU896USZR_thXBbxgr6tiT9d7yo2I1pdpXue_TmM17tEpN7we_oKwxgeM2rYJc_7jm 9wl0iODBRWyVc4UaBDFgpp1zspEgA1KHSJYNWa67vfb8Ja4qdaZi05V.jzQuID4eyPryzNYjV_Ty 5uDWwhdVORwqW59Cdxm8jY.8BQJ9aSmCrjxempLj8GE6lD.5DTIwQe0NFc9NTqvUGlHnS49Sso1J tdupYXffvC5ds8pNF9FcztyGhHfjuzgXvJHexoe6dWroTnBwiPsC3_QjoF6Y9plpsYOxCA1qb7Mw QmDik2b28srzEViVVJnksEH2pDypacOlqhwrBHl2IJxSfU1QYu8qFNOW9YN2BTXqNIqEtBQeCz8a oMt0QAuukaFXKOAsGgoxS5zQCx0JnBFR0ZwhYo6HFnOdOxQPlmvvXBLuD9lzSZGio23RS3DRnFr1 aHow9CnFumg1YzjfYeL.dyR1UXRvY0Mv7g9SbtKc6K6.K2wEixyi5A3BbPd2FFmQC2fpw5HhUyq6 3IiPoMA4C.oek0etu1LJ9gLInbj7gby1kKWTHkRGPbgAL.HffMHEv3pqTKx2pH3OSBl1JoavCpVx AokSZNSaHXR227excHDer908tdez9cR6xM97Vz3WFOel.xCLJltmcN8t3pYlg1gLPKCVd0xMZu5u yenCg.MowQVICkj09XFzpHENi.PgFMwfZatRVuTWdr_49kcyi95mk0FKvnKGhkrqkjwY5xLXgjOB uPMePiK8cfzTeJqDfZPZDs7P86X9RyTkfPtm7Tq1UvWsU7H.LUYe8B0_RyCFyTrgwOAJ9jHGXd_v Hw4ht_dMVtZgEtP6AT4G07gbP1IfveMO9rsZ9kuA5ttbKzXMazauIPQay4c7yybDx.AtV.ajraL7 BBT4xV8zJ0G2co3iTKbiLFiPoLnlYgoPJtM9Tv04UJxFqJ8yTtYGPXkOiuvxHC0BLQfBeoqIB9h0 _iAsI4yTTG7lUIKbxK0LdwpPQ9i8t.iYecB5LQ9Ofz6khkWJaPkQAJCjytDcZf5XDFFbZTMfwAyo qJscyF7A9dfogfEpqjaV89ngyhmWWKmviwxx_gf77QSs9_zThLPtjs30EOTZBtEDbhX3K.MnlSJe IbuLJHVAgj1gryR4dgJkNNbifyfSd9iPBT4cwNfFn3YmDAj9EFRNNr7isy56_KwUTH7nZs_o8_Sy VNfPm9uyIVC7hnbGfj1mYJiQtrNKRS4POvaMsCr2HwBDZTMaXlWNVHiZlN3qDDkkzYFWFlJbzLGm 9tJ.aPAYKT7ZZ_Ni.SIyysDqDLaUqHmoZ4phGNgrc1hAfAhC9LTgsB.fTE4yTt33a7M3sKJvBBQn evWFtiqTgQbzHPhE_PVopPIiKiNarXBrn7BETBvHiyFEllC0RRvDrtp8pTg46YdjrAOvGS6VdaSi 3CbSq6HbXL3TqC.XfoTsPeJ8PPKauiLmwj0ICj6f0ZiL_UhFJ36D_XO3Cv9Gn_A_N1wV63Qghefp Ax5u_PBREbKRueYVp1Eyzi34lR2zjzB4KyEcGbNcVXI1djR4w1wNuo2cJpHjzy95FcwWc3Wla4ZH o.GOy2ihGRFibhLGGmLjBkaJba4qqWUREEIEAZVyeC2pMPD78844FIbxPXNVVKzBpzBMk.b1sTJD _h.nMYdlWKzVnCsgnovumVe2suU0ixb9D8QjtzAkLtzlfE5CBJKYEJPCZZ1ux2MIzNkrlFtOzAl4 mX_5QyGzbGaLGH1kCJA1F7Lzo6o0Hwhnk9SyZWYQcabxNWQhBYQMjsQ_bKw55onBcUwx5sZE70AO vIY7os54Ep_WdgcA0BQSpqB4iHUhZPkhW1PNrv0Ie1RUf4u4b3.U2Y9lf.BjV980jwIUpgnp.tKB hvX5flSlg6D_1YQty5ANGqsRFuXI7xWNKyXMU.7Ruk8e05Eqq9NUtYjnGdpvPNsVUbFaoSdINOzP TWVSxkG6vJ3JvHfQKkUKMrFbBsQ_aJl4hghsGlTbGHghfJKd8YGLdLE9ZSw1NwPbIUOcdq0xoRVe kENloBMQ6vuqcizDRBwR4.oPxHaVDxONBmJ8hzcQMepW5yCeIOi.c49ng71QZUcLBgvDnPzFTthI XT.x6bdGuAYi48nCP_Da0Gh4DJ57TFNtHwCfw_4G_qiwbi7nSvQX2jbkCdHsGqMLP5GZ5334omoz Mwgdy_hZP9xN_XnjhLVx4._lzAFRPZ5P5C6JJYl_lg8seoFqadxpLccg3N_jIgvZatzXqWBtufW5 cNrQUV85ibWmFKq5luZ0RReJTr72MF7Zz_hUwiIPL2IIHS6VPhv_sFsCT7fGmI2AfBdkDP7k4cYH AfmseAT98Kf5Aof_sea4PTlw1Cyy7HpQXoEqmJKKWQchcpdPAFZCUc8d1LRN40Mgih8aGISENP_k cyryrWem7WTE0iJtKDb3dANcDRuXHvfow8Qf2fl8JWKe_92icLKnfBT25FbrwW1k7hm3TcxWchnU jG93_yHcKuOpa X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic304.consmr.mail.gq1.yahoo.com with HTTP; Thu, 22 Apr 2021 16:11:27 +0000 Received: by kubenode512.mail-prod1.omega.ne1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 187ad196b54bb9c3cd75108577bc3513; Thu, 22 Apr 2021 16:11:24 +0000 (UTC) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\)) Subject: Re: A bug with getsockopt(SOL_LOCAL, LOCAL_PEERCRED) ? From: Mark Millard In-Reply-To: Date: Thu, 22 Apr 2021 09:11:23 -0700 Cc: Gleb Popov , freebsd-hackers Content-Transfer-Encoding: 7bit Message-Id: <71F2CA02-7FEB-42EE-B5F6-D0A864ADA651@yahoo.com> References: <40116716-D8D9-438D-A168-B26A112D199E@yahoo.com> To: Konstantin Belousov X-Mailer: Apple Mail (2.3654.60.0.2.21) X-Rspamd-Queue-Id: 4FR2V921k7z4YL9 X-Spamd-Bar: / X-Spamd-Result: default: False [-0.51 / 15.00]; MV_CASE(0.50)[]; FREEMAIL_FROM(0.00)[yahoo.com]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[yahoo.com:+]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36647, ipnet:98.137.64.0/20, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; SUBJECT_ENDS_QUESTION(1.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_SPAM_SHORT(0.99)[0.990]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; RBL_DBL_DONT_QUERY_IPS(0.00)[98.137.68.205:from]; SPAMHAUS_ZRD(0.00)[98.137.68.205:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[98.137.68.205:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[98.137.68.205:from]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Apr 2021 16:11:30 -0000 On 2021-Apr-22, at 03:33, Konstantin Belousov wrote: > > On Thu, Apr 22, 2021 at 07:54:26AM +0300, Gleb Popov wrote: >> On Thu, Apr 22, 2021 at 1:00 AM Mark Millard wrote: >> >>> >>> On 2021-Apr-21, at 11:27, Gleb Popov wrote: >>>> >>>> This makes sense, thanks. >>>> >>>> However, this code works on Linux and seems to return credentials of the >>> user that started the process. I actually stumbled upon this when porting >>> this code: >>> https://github.com/CollaboraOnline/online/blob/master/net/Socket.cpp#L805 >>>> >>>> Would it make sense if FreeBSD followed Linux semantics in this case? If >>> not, what are my options for porting the software? >>> >>> From what I can tell . . . >>> >>> FreeBSD defines LOCAL_PEERCRED and what goes with its use, not linux. >>> Linux defines SO_PEERCRED and what goes with its use, not FreeBSD. >>> >>> If I understand right, your code is incompatible with the referenced >>> CollaboraOnline code from just after the #else (so __FreeBSD__ case, >>> not the linux case): >>> >>> getsockopt(getFD(), 0, LOCAL_PEERCRED, &creds, &credSize) >>> vs. your: >>> getsockopt(s, SOL_LOCAL, LOCAL_PEERCRED, &creds, &credSize) >>> >>> Note the 0 vs. the SOL_LOCAL. Your code is a mix of Linux >>> and FreeBSD code when it should not be. >>> >> >> SOL_LOCAL is defined to 0, so this is fine. >> >> >>> See also the following that involved replacing a SOL_LOCAL >>> with a 0 for getsockopt used with LOCAL_PEERCRED: >>> >>> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234722 >>> >>> >> Yes, I'm aware that Linux SO_PEERCRED operates on socket level, while ours >> operates on level 0. This is taken in account >> in the code I posted. >> >> As I said, the error stems from the fact that Linux allows getting creds >> from the listening socket. > > There is no peer for listening socket. Well, I ran into the below while looking around as far as what getsockopt gets access to for peercred on a listening socket: net/unix/af_unix.c has unix_listen that it uses and that code does "set credentials so connect can copy them" but the getsockopt code has access to the copy that listen established for making the copy. I initially show the init_peercred(sk) side of things below. static int unix_listen(struct socket *sock, int backlog) { int err; struct sock *sk = sock->sk; struct unix_sock *u = unix_sk(sk); err = -EOPNOTSUPP; if (sock->type != SOCK_STREAM && sock->type != SOCK_SEQPACKET) goto out; /* Only stream/seqpacket sockets accept */ err = -EINVAL; if (!u->addr) goto out; /* No listens on an unbound socket */ unix_state_lock(sk); if (sk->sk_state != TCP_CLOSE && sk->sk_state != TCP_LISTEN) goto out_unlock; if (backlog > sk->sk_max_ack_backlog) wake_up_interruptible_all(&u->peer_wait); sk->sk_max_ack_backlog = backlog; sk->sk_state = TCP_LISTEN; /* set credentials so connect can copy them */ init_peercred(sk); err = 0; out_unlock: unix_state_unlock(sk); out: return err; } where: static void init_peercred(struct sock *sk) { put_pid(sk->sk_peer_pid); if (sk->sk_peer_cred) put_cred(sk->sk_peer_cred); sk->sk_peer_pid = get_pid(task_tgid(current)); sk->sk_peer_cred = get_current_cred(); } and unix_listen is used via: static const struct proto_ops unix_stream_ops = { .family = PF_UNIX, . . . .listen = unix_listen, . . . static const struct proto_ops unix_seqpacket_ops = { .family = PF_UNIX, . . . .listen = unix_listen, . . . On the other side is the only use of SO_PEERCRED: int sock_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen) { struct sock *sk = sock->sk; . . . case SO_PEERCRED: { struct ucred peercred; if (len > sizeof(peercred)) len = sizeof(peercred); cred_to_ucred(sk->sk_peer_pid, sk->sk_peer_cred, &peercred); if (copy_to_user(optval, &peercred, len)) return -EFAULT; goto lenout; } . . . used via (only place): if (level == SOL_SOCKET) err = sock_getsockopt(sock, level, optname, optval, optlen); else if (unlikely(!sock->ops->getsockopt)) err = -EOPNOTSUPP; else err = sock->ops->getsockopt(sock, level, optname, optval, optlen); This code appears to return the copied peercred information for SOL_SOCKET and SO_PEERCRED used together. I did not find any documentation that sk->sk_peer_cred recorded by listen should be externally accessible via getsockopt on the listen socket but it is from what I can tell. I'm only noting that having such a request seems to be valid in the Linux implementation and is not rejected, I'm not claiming details of which "peer" is involved in the returned information or the like. > Show minimal code that works for you on Linux. > === Mark Millard marklmi at yahoo.com ( dsl-only.net went away in early 2018-Mar)