From owner-freebsd-hackers@freebsd.org Thu Apr 22 20:47:59 2021 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 246245FE4B0 for ; Thu, 22 Apr 2021 20:47:59 +0000 (UTC) (envelope-from marklmi@yahoo.com) Received: from sonic317-20.consmr.mail.gq1.yahoo.com (sonic317-20.consmr.mail.gq1.yahoo.com [98.137.66.146]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FR8dB27JVz4mkG for ; Thu, 22 Apr 2021 20:47:58 +0000 (UTC) (envelope-from marklmi@yahoo.com) X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1619124475; bh=KrA1uBlMj5lfY3t2+72FlmxrV9Nwov6y9QmjFRisO/o=; h=X-Sonic-MF:Subject:From:Date:To:From:Subject; b=KZuCq9l0VHkurlj/Gg+e9iDFrN+Lf8jy1EOhccq9FpmJvxIzMTbbL1uMamyx+1BF6CbqiAKLvz3YuokQKKPB/3oPticHFDkMh/6iFN7z3wHor4ICqSe76movJAO6K/1BWsr0wTPwtxeKZhpEot/8YtaTPUtHbkav2NGcjdVRxDa25qMa9ht35KAk9kGhB0OQKk/zaTZt4yW/rItrhnWzba1ey/R4DrvZ6Z0dgaomjWz5edytDXtDvaZBs5Dh+KsEZWFJI7aNpBP8Mcjd/wcXRKmqI8XMbNcb7EVg1WQmT5lvV1gsDJR8MgheOKJLlAa8tliH0LAnjSZTE/8dBH4Ovw== X-YMail-OSG: 0OHqzH0VM1nz7wPt6VMznA_u1l0R4py443xzcmLyxiwqzy0svQC5fDyVp_D3Xxg gbP4Kzqt_HIy4EfBgnPjJa8QC7517jos6UJkZm57iwHIQ1DIQ5A4qo7P0kp6btFuduShOQmWL2Fd kBHVbU5ZTkr8Q2TQRrD1jKKKXYWQR_6uskAfMQvDrDYAd9LQ.RwBgU_qyYtNW0i.TLP5oDuOzuu2 iIy9YXTVrSJm3llBiqEWmI4UIoTeCuMW1Le9YpR8zAJokh_PG5GtteBrc5RYNobhLrBEY7GvzK.w j1B0ql7Q73wsW8.6QxbHzV2yWDwG3FTkxAJMBJouiJcocgGo3yYzTxDgOaSNKGNryC793mhgGybz I.0z2NAEtoGdKs.2ECoUBuY1x.Hw7JOO772AfLT9qHPqogIFyti16uf_vVmOkiuJJIRpaLNs.SQG U_cBh3AxrR9tF_4c1g6RPJ2nzroBDD5WOnGYvWygri4a8Wcety9YrhncTjbib84CZBBFk5y.bCRr 8LT6A5DJTiAoV_myF_WIE.gIsLao.AQx8spRe3Yjs1MMWRcwoOC.y.vYMzM0mcA4I6Wf3SupU6Gw qxn2bNlWoB_okkKKvnKzrpYSjogAn80hz85oOjzwx2vMeyGHM.tXRXiVk1iH5GKBNHDdXbkaqLXG uTTkd6m10q8.5W_F3Km8mfz2ity0UikP5jhdMp.hnSpyC2VixqoV6IORZ0AtTMG1U4ZPp72JtfXH AmZrded02VmcWtYX0BVUH.WvybpFuowsXn_T1l3oxgdtqwpeNbM2p1uvuOgV.nSmvKMaIlMTGcHb O8NacF8yNVC_cY8HFOFlO.KoFKV0j751Y.40udVlFP0MM9FLHjdBRnaMinAzbb3XcRot.oRA6h0g OKateGPXrfzsYGpr6N6LVSnUuesyDljDAAcp9Rz493nbmafM1ZFmv2HW3xyI0QiO8uiFl5La_yM3 aQPpI0H078Kn7bIYVCgl_MVmSPzMhlPiWFwlTusui88XJmN_VsKunuiCDrm5GEZTxDeaZfTumAJ. fMdcziroAtjgRUxWG.uVMXJkRzUQUA.zRsJ14unO6fMCjrmYyvLfqxnxHQLmDp23zLWHRSaUyNiq fo8dqQFXTp5en4R3EBzJfkrg9oAeRCBlrs6a2auSAF8.ndTaIaMbG0nrVq1YScSKQHCMyhpXsVnH PYOe0fL8.bCgqyc8ciu0vFq.T0owv.P_7Gp2uiI_2_ARTsj6dklhFV4LnoB.NH_DzNPY_vm1tA7t UOEiplwO6fi8SmO3duJ3AnE.Pnd.9VQ75MruKg7AIDEcAqUjtpOn5ytEsYj6iWvts562qmmGpDc2 kx6jAhpW2Tkk9oVqTb0H8_Fc3F_Jt4H_oFOIiyuzpbnl.Ydxloo64RHsU2OLhq1yJTawoq9rahWt WtkJkjRgi0_T95vVYr8rimi6VUuhRA4JRmwjZwFgJbNXe.2XsYtuwd38SnDCYEWerAOZAt2U8dr7 TUznZcCQcgLSqqQx.skK3WOuEFFQ5HHyyOXkGZUMplTejvhGezfbeYGyLWWDioFLBdKwhGwEp.Z. VAOvZpZ_CjPDXf2Q_LWLk8NEAMtH500tESUM1k7zg1Gqw7.1ZkYzH9_XFm9.AeUXwsbL_WRnBs2f KOAYvK.cZ5gE5i_IsyAh5scyL78sW.OjVBfKdt53.qBavSGZvQWb11Q132jC9rWanqRaaQg_vyx_ nLmmdrWBQVmormPrmy_YrdNql6DRqAq7tvyGkHtaOpWPfXu.qIX5xxwVOYjR5ICJ675z8fKWtQDV 8fjIDFggRoOC4iPMci0OyshTMBkzBSamB8wVGR6ZtAx08ldwpEPkeIzQdM2Ra3.UXTEpE2MldJVS 81PenB6_fuQsxNGZUQxfUlp9OF4U8Uv8jtTlUSt7rgNCW9SOAYLSx2oyxIm04KRYYbw.jiqX6WK6 HoxPZFAhktyUT.tFG7K5YElnhY5DQMgGzetX62qF0Y1Dg7S1cMbc.k98EFMQDtokIJPnksEn79Ra xfOMd_C7vTJfcnM_Zz0dV7ZazJKfcTcPrzDHjQrsbw_oZGQx7y0pmTlaN1VfH1gTZAh7iwgymJRO S2IyTaxYNVhXh40fBuDOcQYBzLXHqgHnfpwbrfsbr5.HdJ7JOEpEFLeUGri9lx3XIOnecdQw8nAu jC5j9m38Fyt7yMitFM_vUn_dH.H_U40CekJLo2jTd3z2oPC4HFji.psCVwUPtlpj3U7XZopNoIiq q.R1RSDm2QCMdwvCYY3JRnTQKwO.UjxQvIlx6eG8DjppAETX2lQX5B7N6kVNOBk7xAt84tuuizhS ys07GClHdTwrQ1LgeoVm5KBnKhtRP8J6d.rOQspSAyzWwWAre0juy8QCfL6vr1KAov4k8Mw78fy_ wj3YU7NUftv_ooyT.1wlFwG9CZMZ9jAomqMQJBgFbMYF1a7tMHjCVOBTR3cMm5Tvl3A1kM3pbYPf i5Ms.4yUDTH0EpGpULcGRB9F_MGnW2p9JzQzLYRFXeTTzfU9kPfHLdwEuR_RXiefbim2Izh1rD4v 5yK2SjEd.6rKZcofyGuzVyNYuizjjXsesbhfNXHBekXuVTwGQ5qFsfXF1VX8fokIv4BoDuGUE7K9 4gilAhuftDGewbVgddXemnqIqxTWRzJvAPEwgqGCYAVc5SZOeAuDtQZhx.E6OEaRbww-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.gq1.yahoo.com with HTTP; Thu, 22 Apr 2021 20:47:55 +0000 Received: by kubenode522.mail-prod1.omega.ne1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID bdcfd2a12fdecbdc528b5dcb7da8f4fb; Thu, 22 Apr 2021 20:47:52 +0000 (UTC) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\)) Subject: Re: A bug with getsockopt(SOL_LOCAL, LOCAL_PEERCRED) ? From: Mark Millard In-Reply-To: <445774BD-D68B-48A1-856D-F8DC9A480C68@yahoo.com> Date: Thu, 22 Apr 2021 13:47:51 -0700 Cc: Gleb Popov , freebsd-hackers Content-Transfer-Encoding: quoted-printable Message-Id: <0C66B2A2-C9C6-4783-8A26-F736F3B9CCD8@yahoo.com> References: <40116716-D8D9-438D-A168-B26A112D199E@yahoo.com> <445774BD-D68B-48A1-856D-F8DC9A480C68@yahoo.com> To: Konstantin Belousov X-Mailer: Apple Mail (2.3654.60.0.2.21) X-Rspamd-Queue-Id: 4FR8dB27JVz4mkG X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.50 / 15.00]; MV_CASE(0.50)[]; FREEMAIL_FROM(0.00)[yahoo.com]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[yahoo.com:+]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36647, ipnet:98.137.64.0/20, country:US]; RBL_DBL_DONT_QUERY_IPS(0.00)[98.137.66.146:from]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; SUBJECT_ENDS_QUESTION(1.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; SPAMHAUS_ZRD(0.00)[98.137.66.146:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[98.137.66.146:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[98.137.66.146:from]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Technical discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Apr 2021 20:47:59 -0000 On 2021-Apr-22, at 13:33, Mark Millard wrote: > On 2021-Apr-22, at 12:34, Konstantin Belousov = wrote: >=20 >> On Thu, Apr 22, 2021 at 09:49:15PM +0300, Gleb Popov wrote: >>> On Thu, Apr 22, 2021 at 1:33 PM Konstantin Belousov = >>> wrote: >>>=20 >>>> There is no peer for listening socket. >>>>=20 >>>> Show minimal code that works for you on Linux. >>>>=20 >>>=20 >>> Here you go: http://arrowd.name/un_linux.cpp >>> It is almost identical to FreeBSD one, but works for me on = ArchLinux. >>=20 >> Of course it works because it uses s2, that is, connected and not = listening >> socket, for getsockopt(), same as the working FreeBSD version. >=20 > I made a variant that tries s2 and then s, printing the > peercred uid, group id, and pid fields, and built it on > Fedora 34. The result was: >=20 > # ./a.out & ncat -U foobar > [1] 18646 > s2 data is uid field: 0 groups[0] field: 0 pid field: 18647 > s data is uid field: 0 groups[0] field: 0 pid field: 18646 > [1]+ Done ./a.out As a cross check, I also tried building and running on ubuntu 2021.04 (so debian basead, vs. red hat based before): # ./a.out & nc -U foobar [1] 39348 s2 data is uid field: 0 groups[0] field: 0 pid field: 39349 s data is uid field: 0 groups[0] field: 0 pid field: 39348 [1]+ Done ./a.out So two major branches of Linux based systems seem to agree for the issue. I do not have any other variants around to quickly check. The tests were all on aarch64, by the way. > On FreeBSD: >=20 > # ./a.out & nc -U foobar > s2 data is uid field: 0 groups[0] field: 0 pid field: 6984 > getsockopt for s > failed with > Socket is not connected > [1] Done ./a.out >=20 > The code is: >=20 > #ifndef __FreeBSD__ > #define _GNU_SOURCE > #endif >=20 > #include > #include > #include > #include > #include >=20 > #include >=20 > #ifdef __FreeBSD__ > #define FOR_PEERCRED 0 > #define CR_GROUP_ID cr_groups[0] > #else // Linux > #define xucred ucred > #define FOR_PEERCRED SOL_SOCKET > #define LOCAL_PEERCRED SO_PEERCRED > #define cr_uid uid > #define CR_GROUP_ID gid > #define cr_pid pid > #endif >=20 > #include > #include > #ifdef __FreeBSD__ > #include > #endif > #include > #include >=20 >=20 > void failure(char const * err) > { > puts(err); > puts("failed with"); > puts(strerror(errno)); > } >=20 > void die(char const * err) > { > failure(err); > unlink("foobar"); > exit(1); > } >=20 > int main() > { > int s =3D socket(PF_LOCAL, SOCK_STREAM, 0); > if(s < 0) die("socket"); >=20 > struct sockaddr_un addrunix; > memset(&addrunix, 0, sizeof(addrunix)); > addrunix.sun_family =3D AF_UNIX; > memcpy(addrunix.sun_path, "foobar", 6); >=20 > int r =3D bind(s, (const struct sockaddr *)&addrunix, sizeof(struct = sockaddr_un)); > if(r < 0) die("bind"); >=20 > listen(s, 64); >=20 > int s2; > do > { > s2 =3D accept4(s, 0, 0, 0); > } while (s2 < 0 && errno =3D=3D EAGAIN); > if(s2 < 0) die("accept4"); >=20 > struct xucred s2_creds; > socklen_t s2_credSize =3D sizeof(struct xucred); > r =3D getsockopt(s2, FOR_PEERCRED, LOCAL_PEERCRED, &s2_creds, = &s2_credSize); > if(r < 0) failure("getsockopt for s2"); > else > printf("s2 data is uid field: %jd groups[0] field: %jd pid = field: %jd\n", > (uintmax_t) s2_creds.cr_uid, (uintmax_t) = s2_creds.CR_GROUP_ID, (uintmax_t) s2_creds.cr_pid); >=20 > struct xucred s_creds; > socklen_t s_credSize =3D sizeof(struct xucred); > r =3D getsockopt(s, FOR_PEERCRED, LOCAL_PEERCRED, &s_creds, = &s_credSize); > if(r < 0) failure("getsockopt for s"); > else > printf("s data is uid field: %jd groups[0] field: %jd pid = field: %jd\n", > (uintmax_t) s_creds.cr_uid, (uintmax_t) s_creds.CR_GROUP_ID, = (uintmax_t) s_creds.cr_pid); >=20 > unlink("foobar"); > return 0; > } >=20 >=20 =3D=3D=3D Mark Millard marklmi at yahoo.com ( dsl-only.net went away in early 2018-Mar)