From patchwork Sat Apr 18 09:04:24 2009 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tetsuo Handa X-Patchwork-Id: 26157 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@bilbo.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from ozlabs.org (ozlabs.org [203.10.76.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mx.ozlabs.org", Issuer "CA Cert Signing Authority" (verified OK)) by bilbo.ozlabs.org (Postfix) with ESMTPS id 8B01DB7079 for ; Sat, 18 Apr 2009 19:04:35 +1000 (EST) Received: by ozlabs.org (Postfix) id 791D4DE151; Sat, 18 Apr 2009 19:04:35 +1000 (EST) Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by ozlabs.org (Postfix) with ESMTP id 175A4DE14C for ; Sat, 18 Apr 2009 19:04:35 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753986AbZDRJEa (ORCPT ); Sat, 18 Apr 2009 05:04:30 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753830AbZDRJE3 (ORCPT ); Sat, 18 Apr 2009 05:04:29 -0400 Received: from wine.ocn.ne.jp ([122.1.235.145]:57362 "EHLO smtp.wine.ocn.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753701AbZDRJE2 (ORCPT ); Sat, 18 Apr 2009 05:04:28 -0400 Received: from CLAMP (p1194-ipbf6009marunouchi.tokyo.ocn.ne.jp [114.145.72.194]) by smtp.wine.ocn.ne.jp (Postfix) with ESMTP id 6474D3B3B; Sat, 18 Apr 2009 18:04:27 +0900 (JST) To: davem@davemloft.net Cc: netdev@vger.kernel.org, linux-security-module@vger.kernel.org Subject: Re: What is lock_sock() before skb_free_datagram() for? From: Tetsuo Handa References: <200904181704.FDC21361.FQLOFHOOSVFtMJ@I-love.SAKURA.ne.jp> <20090418.013538.126788034.davem@davemloft.net> In-Reply-To: <20090418.013538.126788034.davem@davemloft.net> Message-Id: <200904181804.AHC13042.VHFFOOJOFLSQMt@I-love.SAKURA.ne.jp> X-Mailer: Winbiff [Version 2.51 PL2] X-Accept-Language: ja,en,zh Date: Sat, 18 Apr 2009 18:04:24 +0900 Mime-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Hello. David Miller wrote: > RAW does not support those things, so doesn't need the locking. I see. Thanks. It is harmless to call lock_sock() for protocols which don't support global socket memory accounting, isn't it? I want to introduce a new LSM hook which is called after picking up a datagram. Below is a patch. error = -EAGAIN; @@ -191,6 +197,19 @@ struct sk_buff *__skb_recv_datagram(stru return NULL; +force_dequeue: + if (flags & MSG_PEEK) { + unsigned long cpu_flags; + spin_lock_irqsave(&sk->sk_receive_queue.lock, cpu_flags); + if (skb == skb_peek(&sk->sk_receive_queue)) { + __skb_unlink(skb, &sk->sk_receive_queue); + atomic_dec(&skb->users); + } + spin_unlock_irqrestore(&sk->sk_receive_queue. lock, cpu_flags); + } + lock_sock(sk); + skb_free_datagram(sk, skb); + release_sock(sk); no_packet: *err = error; return NULL; If it is harmful to call lock_sock() for protocols which don't support global socket memory accounting, I need to make lock_sock(sk);/release_ sock(sk); calls conditional. Regards. --- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html --- security-testing-2.6.git.orig/net/core/datagram.c +++ security-testing-2.6.git/net/core/datagram.c @@ -55,6 +55,7 @@ #include #include #include +#include /* * Is a socket 'connection oriented' ? @@ -179,8 +180,13 @@ struct sk_buff *__skb_recv_datagram(stru } spin_unlock_irqrestore(&sk->sk_receive_queue. lock, cpu_flags); - if (skb) + if (skb) { + error = security_socket_post_recv_datagram(sk, skb, + flags); + if (error) + goto force_dequeue; return skb; + } /* User doesn't want to wait */