1. 05 Aug, 2011 3 commits
    • Tetsuo Handa's avatar
      net: Fix security_socket_sendmsg() bypass problem. · c71d8ebe
      Tetsuo Handa authored
      The sendmmsg() introduced by commit 228e548e "net: Add sendmmsg socket system
      call" is capable of sending to multiple different destination addresses.
      
      SMACK is using destination's address for checking sendmsg() permission.
      However, security_socket_sendmsg() is called for only once even if multiple
      different destination addresses are passed to sendmmsg().
      
      Therefore, we need to call security_socket_sendmsg() for each destination
      address rather than only the first destination address.
      
      Since calling security_socket_sendmsg() every time when only single destination
      address was passed to sendmmsg() is a waste of time, omit calling
      security_socket_sendmsg() unless destination address of previous datagram and
      that of current datagram differs.
      Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
      Acked-by: default avatarAnton Blanchard <anton@samba.org>
      Cc: stable <stable@kernel.org> [3.0+]
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c71d8ebe
    • Anton Blanchard's avatar
      net: Cap number of elements for sendmmsg · 98382f41
      Anton Blanchard authored
      To limit the amount of time we can spend in sendmmsg, cap the
      number of elements to UIO_MAXIOV (currently 1024).
      
      For error handling an application using sendmmsg needs to retry at
      the first unsent message, so capping is simpler and requires less
      application logic than returning EINVAL.
      Signed-off-by: default avatarAnton Blanchard <anton@samba.org>
      Cc: stable <stable@kernel.org> [3.0+]
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      98382f41
    • Anton Blanchard's avatar
      net: sendmmsg should only return an error if no messages were sent · 728ffb86
      Anton Blanchard authored
      sendmmsg uses a similar error return strategy as recvmmsg but it
      turns out to be a confusing way to communicate errors.
      
      The current code stores the error code away and returns it on the next
      sendmmsg call. This means a call with completely valid arguments could
      get an error from a previous call.
      
      Change things so we only return an error if no datagrams could be sent.
      If less than the requested number of messages were sent, the application
      must retry starting at the first failed one and if the problem is
      persistent the error will be returned.
      
      This matches the behaviour of other syscalls like read/write - it
      is not an error if less than the requested number of elements are sent.
      Signed-off-by: default avatarAnton Blanchard <anton@samba.org>
      Cc: stable <stable@kernel.org> [3.0+]
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      728ffb86
  2. 04 Aug, 2011 3 commits
  3. 03 Aug, 2011 15 commits
  4. 02 Aug, 2011 10 commits
  5. 01 Aug, 2011 9 commits