lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 18 Sep 2015 12:04:36 -0400
From:	Aaron Conole <aconole@...heb.org>
To:	netdev@...r.kernel.org
Subject: [PATCH net] af_unix: return data from multiple SKBs on recv() with MSG_PEEK flag

AF_UNIX sockets now return multiple skbs from recv() when MSG_PEEK flag
is set.

This is referenced in kernel bugzilla #12323 @
https://bugzilla.kernel.org/show_bug.cgi?id=12323

As described both in the BZ and lkml thread @
http://lkml.org/lkml/2008/1/8/444 calling recv() with MSG_PEEK on an
AF_UNIX socket only reads a single skb, where the desired effect is
to return as much skb data has been queued, until hitting the recv
buffer size (whichever comes first).

The modified MSG_PEEK path will now move to the next skb in the tree
and jump to the again: label, rather than following the natural loop
structure. This requires duplicating some of the loop head actions.

This was tested using the python socketpair() code attached to the
bugzilla issue.

Signed-off-by: Aaron Conole <aconole@...heb.org>
---
 net/unix/af_unix.c | 17+-
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 03ee4d3..d2fd342 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -2179,9 +2181,22 @@ unlock:
 			if (UNIXCB(skb).fp)
 				scm.fp = scm_fp_dup(UNIXCB(skb).fp);
 
-			sk_peek_offset_fwd(sk, chunk);
+			if (skip)
+			{
+				sk_peek_offset_fwd(sk, chunk);
+				skip -= chunk;
+			}
 
-			break;
+			if (UNIXCB(skb).fp)
+				break;
+
+			/* XXX - this is ugly; better would be rewrite the function  */
+			last = skb;
+			last_len = skb->len;
+			unix_state_lock(&sk);
+			skb = skb_peek_next(skb, &sk->sk_receive_queue);
+			if (skb) goto again;
+			goto unlock;
 		}
 	} while (size);
 
--
1.9.1
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ