MFC r337222:

Fix LOCAL_PEERCRED with socketpair(2) Enable the LOCAL_PEERCRED socket option for unix domain stream sockets created with socketpair(2). Previously, it only worked with unix domain stream sockets created with socket(2)/listen(2)/connect(2)/accept(2). PR: 176419 Reported by: Nicholas Wilson <nicholas@nicholaswilson.me.uk> Differential Revision: https://reviews.freebsd.org/D16350
svn path=/stable/10/; revision=339068
2024-12-02 21:32:58 +00:00 · 2018-10-01 18:00:52 +00:00 · 2018-10-01 18:00:52 +00:00 · c074fc92d2 · 2020-12-20 02:59:44 +00:00
commit c074fc92d2
parent f01a3952cc
5 changed files with 121 additions and 19 deletions
--- a/sys/kern/uipc_syscalls.c
+++ b/sys/kern/uipc_syscalls.c
@ -70,6 +70,8 @@ __FBSDID("$FreeBSD$");
 #include <sys/syscallsubr.h>
 #include <sys/sysctl.h>
 #include <sys/uio.h>
+#include <sys/un.h>
+#include <sys/unpcb.h>
 #include <sys/vnode.h>
 #ifdef KTRACE
 #include <sys/ktrace.h>
@ -758,6 +760,15 @@ kern_socketpair(struct thread *td, int domain, int type, int protocol,
 		 error = soconnect2(so2, so1);
 		 if (error != 0)
 			goto free4;
+	} else if (so1->so_proto->pr_flags & PR_CONNREQUIRED) {
+		struct unpcb *unp, *unp2;
+		unp = sotounpcb(so1);
+		unp2 = sotounpcb(so2);
+		/* 
+		 * No need to lock the unps, because the sockets are brand-new.
+		 * No other threads can be using them yet
+		 */
+		unp_copy_peercred(td, unp, unp2, unp);
 	}
 	finit(fp1, FREAD | FWRITE | fflag, DTYPE_SOCKET, fp1->f_data,
 	    &socketops);
--- a/sys/kern/uipc_usrreq.c
+++ b/sys/kern/uipc_usrreq.c
@ -1383,26 +1383,10 @@ unp_connectat(int fd, struct socket *so, struct sockaddr *nam,
 			sa = NULL;
 		}

-		/*
-		 * The connector's (client's) credentials are copied from its
-		 * process structure at the time of connect() (which is now).
-		 */
-		cru2x(td->td_ucred, &unp3->unp_peercred);
-		unp3->unp_flags |= UNP_HAVEPC;
-
-		/*
-		 * The receiver's (server's) credentials are copied from the
-		 * unp_peercred member of socket on which the former called
-		 * listen(); uipc_listen() cached that process's credentials
-		 * at that time so we can use them now.
-		 */
 		KASSERT(unp2->unp_flags & UNP_HAVEPCCACHED,
 		    ("unp_connect: listener without cached peercred"));
-		memcpy(&unp->unp_peercred, &unp2->unp_peercred,
-		    sizeof(unp->unp_peercred));
-		unp->unp_flags |= UNP_HAVEPC;
-		if (unp2->unp_flags & UNP_WANTCRED)
-			unp3->unp_flags |= UNP_WANTCRED;
+		unp_copy_peercred(td, unp3, unp, unp2);
+
 		UNP_PCB_UNLOCK(unp3);
 		UNP_PCB_UNLOCK(unp2);
 		UNP_PCB_UNLOCK(unp);
@ -1435,6 +1419,27 @@ bad:
 	return (error);
 }

+/*
+ * Set socket peer credentials at connection time.
+ *
+ * The client's PCB credentials are copied from its process structure.  The
+ * server's PCB credentials are copied from the socket on which it called
+ * listen(2).  uipc_listen cached that process's credentials at the time.
+ */
+void
+unp_copy_peercred(struct thread *td, struct unpcb *client_unp,
+    struct unpcb *server_unp, struct unpcb *listen_unp)
+{
+	cru2x(td->td_ucred, &client_unp->unp_peercred);
+	client_unp->unp_flags |= UNP_HAVEPC;
+
+	memcpy(&server_unp->unp_peercred, &listen_unp->unp_peercred,
+	    sizeof(server_unp->unp_peercred));
+	server_unp->unp_flags |= UNP_HAVEPC;
+	if (listen_unp->unp_flags & UNP_WANTCRED)
+		client_unp->unp_flags |= UNP_WANTCRED;
+}
+
 static int
 unp_connect2(struct socket *so, struct socket *so2, int req)
 {
--- a/sys/sys/unpcb.h
+++ b/sys/sys/unpcb.h
@ -150,4 +150,13 @@ struct xunpgen {
 };
 #endif /* _SYS_SOCKETVAR_H_ */

+#if defined(_KERNEL)
+struct thread;
+
+/* In uipc_userreq.c */
+void
+unp_copy_peercred(struct thread *td, struct unpcb *client_unp,
+    struct unpcb *server_unp, struct unpcb *listen_unp);
+#endif
+
 #endif /* _SYS_UNPCB_H_ */
--- a/tests/sys/kern/Makefile
+++ b/tests/sys/kern/Makefile
@ -10,9 +10,10 @@ ATF_TESTS_C+=	kern_descrip_test
 ATF_TESTS_C+=	ptrace_test
 TEST_METADATA.ptrace_test+=		timeout="15"
 ATF_TESTS_C+=	reaper
-ATF_TESTS_C+=	unix_seqpacket_test
 ATF_TESTS_C+=	unix_passfd_test
+ATF_TESTS_C+=	unix_seqpacket_test
 TEST_METADATA.unix_seqpacket_test+=	timeout="15"
+ATF_TESTS_C+=	unix_socketpair_test
 ATF_TESTS_C+=	waitpid_nohang

 LDADD.ptrace_test+=			-lpthread
--- a/tests/sys/kern/unix_socketpair_test.c
+++ b/tests/sys/kern/unix_socketpair_test.c
@ -0,0 +1,76 @@
+/*-
+ * Copyright (c) 2018 Alan Somers
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <errno.h>
+#include <fcntl.h>
+#include <pthread.h>
+#include <signal.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <stdio.h>
+
+#include <atf-c.h>
+
+/* getpeereid(3) should work with stream sockets created via socketpair(2) */
+ATF_TC_WITHOUT_HEAD(getpeereid);
+ATF_TC_BODY(getpeereid, tc)
+{
+	int sv[2];
+	int s;
+	uid_t real_euid, euid;
+	gid_t real_egid, egid;
+
+	real_euid = geteuid();
+	real_egid = getegid();
+
+	s = socketpair(PF_LOCAL, SOCK_STREAM, 0, sv);
+	ATF_CHECK_EQ(0, s);
+	ATF_CHECK(sv[0] >= 0);
+	ATF_CHECK(sv[1] >= 0);
+	ATF_CHECK(sv[0] != sv[1]);
+
+	ATF_REQUIRE_EQ(0, getpeereid(sv[0], &euid, &egid));
+	ATF_CHECK_EQ(real_euid, euid);
+	ATF_CHECK_EQ(real_egid, egid);
+
+	ATF_REQUIRE_EQ(0, getpeereid(sv[1], &euid, &egid));
+	ATF_CHECK_EQ(real_euid, euid);
+	ATF_CHECK_EQ(real_egid, egid);
+
+	close(sv[0]);
+	close(sv[1]);
+}
+
+
+ATF_TP_ADD_TCS(tp)
+{
+	ATF_TP_ADD_TC(tp, getpeereid);
+
+	return atf_no_error();
+}