Re: [PATCH] scm: fold __scm_send() into scm_send()

From: Ingo Oeser
Date: Mon Mar 20 2006 - 06:42:29 EST


Hi Chris,

Andrew Morton wrote:
> Ingo Oeser <ioe-lkml@xxxxxxxxxx> wrote:
> >
> > -int scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
> > -{
> > - struct task_struct *p = current;
> > - scm->creds = (struct ucred) {
> > - .uid = p->uid,
> > - .gid = p->gid,
> > - .pid = p->tgid
> > - };
> > - scm->fp = NULL;
> > - scm->sid = security_sk_sid(sock->sk, NULL, 0);
> > - scm->seq = 0;
> > - if (msg->msg_controllen <= 0)
> > - return 0;
> > - return __scm_send(sock, msg, scm);
> > -}
>
> It's worth noting that scm_send() will call security_sk_sid() even if
> (msg->msg_controllen <= 0).

Chris, do you know if this is needed in this case?

> If that test is likely to be true with any frequency then perhaps we can
> optimise things...

That test seems to be the original intention for the splitup.

The security modules just put their hooks here. Maybe we can
fold these hooks into __scm_send() and have the old
splitup again to get the old code paths back.

It seems that the credential copy in af_unix.c

memcpy(UNIXCREDS(skb), &siocb->scm->creds, sizeof(struct ucred));
if (siocb->scm->fp)
unix_attach_fds(siocb->scm, skb);

doesn't depend on the "msg_controllen <= 0" test. If we can introduce this
dependency there, we can put credential setup into __scm_send().

I would suggest we fold these two lines into a function and decide this later.

Chris, would this suffice?

Regards

Ingo Oeser

BTW: ioe-lkml@xxxxxxxxxx is simply netdev@xxxxxxxx at work :-)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/