Piteball/android_kernel_samsung_msm8976
1
1
Fork 0
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git synced 2024-09-21 11:53:01 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/net/core
History
Hannes Frederic Sowa 341f09c01a unix: correctly track in-flight fds in sending process user_struct 
commit 415e3d3e90ce9e18727e8843ae343eda5a58fad6 upstream.

The commit referenced in the Fixes tag incorrectly accounted the number
of in-flight fds over a unix domain socket to the original opener
of the file-descriptor. This allows another process to arbitrary
deplete the original file-openers resource limit for the maximum of
open files. Instead the sending processes and its struct cred should
be credited.

To do so, we add a reference counted struct user_struct pointer to the
scm_fp_list and use it to account for the number of inflight unix fds.

Fixes: 712f4aad406bb1 ("unix: properly account for FDs passed over unix sockets")
Reported-by: David Herrmann <dh.herrmann@gmail.com>
Cc: David Herrmann <dh.herrmann@gmail.com>
Cc: Willy Tarreau <w@1wt.eu>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2016-03-03 15:06:20 -08:00
..
datagram.c net: Fix skb_set_peeked use-after-free bug 2015-10-01 12:07:36 +02:00
dev.c net: call rcu_read_lock early in process_backlog 2015-10-01 12:07:35 +02:00
dev_addr_lists.c net/core: dev_mc_sync_multiple calls wrong helper 2013-05-31 16:56:56 -07:00
dev_ioctl.c net: fix kernel deadlock with interface rename and netdev name retrieval. 2013-06-26 13:42:54 -07:00
drop_monitor.c net: drop_monitor: fix the value of maxattr 2014-01-15 15:28:47 -08:00
dst.c net: possible use after free in dst_release 2016-01-28 21:49:34 -08:00
ethtool.c ethtool: Use kcalloc instead of kmalloc for ethtool_get_strings 2015-10-27 09:44:49 +09:00
fib_rules.c fib_rules: Fix dump_rules() not to exit early 2015-10-22 14:37:53 -07:00
filter.c filter: prevent nla extensions to peek beyond the end of the message 2014-05-30 21:52:15 -07:00
flow.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-04-01 13:36:50 -04:00
flow_dissector.c net: flow_dissector: fail on evil iph->ihl 2013-11-20 12:27:46 -08:00
gen_estimator.c
gen_stats.c gen_stats.c: Duplicate xstats buffer for later use 2015-03-18 13:22:26 +01:00
iovec.c iovec: make sure the caller actually wants anything in memcpy_fromiovecend 2014-08-14 09:24:15 +08:00
link_watch.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
Makefile net: move procfs code to net/core/net-procfs.c 2013-02-19 00:51:10 -05:00
neighbour.c neigh: recompute reachabletime before returning from neigh_periodic_work() 2014-03-23 21:38:10 -07:00
net-procfs.c net: Print functions in /proc/net/ptype without the offset. 2013-03-25 14:12:55 -04:00
net-sysfs.c rps_dev_flow_table_release(): no need to delay vfree() 2013-05-06 11:06:51 -04:00
net-sysfs.h
net-traces.c
net_namespace.c proc: Split the namespace stuff out into linux/proc_ns.h 2013-05-01 17:29:39 -04:00
netevent.c
netpoll.c netpoll: fix the skb check in pkt_is_ns 2014-04-14 06:42:17 -07:00
netprio_cgroup.c Revert "netprio_cgroup: make local table static" 2013-04-12 03:06:44 -04:00
pktgen.c net: pktgen: fix race between pktgen_thread_worker() and kthread_stop() 2015-10-01 12:07:35 +02:00
request_sock.c tcp: fix a panic on UP machines in reqsk_fastopen_remove 2013-01-14 18:10:05 -05:00
rtnetlink.c rtnetlink: call ->dellink on failure when ->newlink exists 2015-03-18 13:22:26 +01:00
scm.c unix: correctly track in-flight fds in sending process user_struct 2016-03-03 15:06:20 -08:00
secure_seq.c inetpeer: get rid of ip_id_count 2014-08-14 09:24:15 +08:00
skbuff.c skbuff: Fix skb checksum partial check. 2015-10-27 09:44:48 +09:00
sock.c sctp: update the netstamp_needed counter when copying sockets 2016-01-22 19:47:54 -08:00
sock_diag.c net: Move the permission check in sock_diag_put_filterinfo to packet_diag_dump 2014-06-26 15:12:37 -04:00
stream.c
sysctl_net_core.c net: sysctl_net_core: check SNDBUF and RCVBUF for min length 2015-03-26 15:00:55 +01:00
timestamping.c
user_dma.c
utils.c net: core: let's use native isxdigit instead of custom 2013-03-27 12:48:32 -04:00