| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1348841564.32187.7.camel@pro6455b.example.com>
Date: Fri, 28 Sep 2012 10:12:44 -0400
From: Dilip Daya <dilip.daya@...com>
To: ebiederm@...ssion.com
Cc: Linux Netdev List <netdev@...r.kernel.org>
Subject: network-namespace and unix-domain-sockets
Hi Eric,
=> kernel 3.6.0-rc6 + network-namespace + unix-domain-sockets
srv/cli sample programs at:
<http://tkhanson.net/cgit.cgi/misc.git/plain/unixdomain/Unix_domain_sockets.html>
Executing UNIX domain sockets between two network-namespaces fails but
successful if both srv and cli are executed within a network-namespace.
Test results:
(1) Executing both srv and cli within default/host network-namespace:
On host/default netns:
# ./cli
testing...
^C
On host/default netns:
# ./srv
read 11 bytes: testing...
EOF
(2) Executing srv in default/host netns and cli within netns named
netns0:
On host/default netns:
# ip netns
netns1
netns0
On host/default netns:
# ./srv
Within netns name netns0:
# ip netns exec netns0 ./cli
connect error: Connection refused
=> I find difference between __unix_find_socket_byname() and
*unix_find_socket_byinode()
---
if (!net_eq(sock_net(s), net))
continue;
---
=> Is there an explanation for why __unix_find_socket_byname() was left
netns aware and *unix_find_socket_byinode() is not netns aware ?
=> Please see attached patch. Is this valid? or will it break something?
I've tested network namespaces with this patch applied and I did not
find any issues.
-DilipD.
View attachment "unix_sockets_netns.patch" of type "text/x-patch" (2249 bytes)
Powered by blists - more mailing lists