lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <68dec064-17bb-0994-8dcf-e06d54d80ada@gmail.com>
Date:   Fri, 16 Dec 2016 12:08:33 +0100
From:   "Michael Kerrisk (man-pages)" <mtk.manpages@...il.com>
To:     Willy Tarreau <w@....eu>
Cc:     mtk.manpages@...il.com, linux-man <linux-man@...r.kernel.org>,
        lkml <linux-kernel@...r.kernel.org>, socketpair@...il.com,
        Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
        linux-fsdevel@...r.kernel.org
Subject: Document accounting of FDs passed over UNIX domain sockets

Hello Willy,

Your commit 712f4aad406bb1 ("unix: properly account for FDs passed over 
unix sockets" added accounting to ensure that the RLIMIT_NOFILE limit
could not be bypassed when passing file descriptors across UNIX
domain sockets.

Such patches should be CCed to linux-api@...r.kernel.org ;-)

A documentation [atch would be great as well, but I had a shot 
at cobbling some text together. Does the text below (for the unix(7)
man page) look okay?

Cheers,

Michael

       ETOOMANYREFS
              This  error  can  occur  for sendmsg(2) when sending a file
              descriptor as ancilary data over a UNIX domain socket  (see
              the  description  of  SCM_RIGHTS, above).  It occurs if the
              number  of  "in-flight"  file   descriptors   exceeds   the
              RLIMIT_NOFILE  resource  limit and the caller does not have
              the  CAP_SYS_RESOURCE  capability.    An   in-flight   file
              descriptor  is  one that has been sent using sendmsg(2) but
              has not yet been accepted in the  recipient  process  using
              recvmsg(2).

              This error is diagnosed since Linux 4.5.  In earlier kernel
              versions, it was possible to place an unlimited  number  of
              file descriptors in flight, by sending each file descriptor
              with sendmsg(2) and then closing  the  file  descriptor  so
              that   it  was  not  accounted  against  the  RLIMIT_NOFILE
              resource limit.


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ