lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <063D6719AE5E284EB5DD2968C1650D6D4111FC91@AcuExch.aculab.com>
Date:	Tue, 15 Mar 2016 13:46:11 +0000
From:	David Laight <David.Laight@...LAB.COM>
To:	'Alexander Potapenko' <glider@...gle.com>,
	"edumazet@...gle.com" <edumazet@...gle.com>,
	"rweikusat@...ileactivedefense.com" 
	<rweikusat@...ileactivedefense.com>,
	"davem@...emloft.net" <davem@...emloft.net>
CC:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: RE: [PATCH] af_unix: closed SOCK_SEQPACKET socketpair must get
 SIGPIPE

From: Alexander Potapenko
> Sent: 15 March 2016 09:04
> According to IEEE Std 1003.1, 2013, sending data to a SOCK_SEQPACKET
> socketpair with MSG_NOSIGNAL flag set must result in a SIGPIPE if the
> socket is no longer connected.
...
> Without the below patch the behavior is as follows:
> 
> $ ./sock seqpacket
> sendmsg: Broken pipe
...
> The behavior of the patched kernel complies with POSIX:
> 
> $  ./sock seqpacket
> Killed by SIGPIPE
...

While POSIX might specify this behaviour, changing the behaviour
could easily break applications.
Basically this change (more or less) require every application that
uses SOCK_SEQPACKED to be audited to ensure that MSG_NOSIGNAL is set
on ever send/write to the socket.

Personally I think the whole SIGPIPE on sockets should never have been
allowed to get into the standard.
I don't remember MSG_NOSIGNAL being present in SYSV.

The only time you want a write into a pipe to generate SIGPIPE is
for pipes generates by the shell that feed stdout to stdin of the
next process in the pipeline.
If pipes are implemented as unix-domain socketpairs (no one does that
any more) then it would require the SIGPIPE for write().

	David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ