Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier

From: Tycho Andersen
Date: Sun May 24 2020 - 19:58:37 EST


On Sun, May 24, 2020 at 05:57:32PM -0600, Tycho Andersen wrote:
> On Sun, May 24, 2020 at 04:39:39PM -0700, Sargun Dhillon wrote:
> > +static void seccomp_handle_addfd(struct seccomp_kaddfd *addfd)
> > +{
> > + int ret;
> > +
> > + /*
> > + * Remove the notification, and reset the list pointers, indicating
> > + * that it has been handled.
> > + */
> > + list_del_init(&addfd->list);
> > +
> > + ret = security_file_receive(addfd->file);
> > + if (ret)
> > + goto out;
> > +
> > + if (addfd->fd >= 0) {
> > + ret = replace_fd(addfd->fd, addfd->file, addfd->flags);
> > + if (ret >= 0)
> > + fput(addfd->file);
> > + } else {
> > + ret = get_unused_fd_flags(addfd->flags);
> > + if (ret >= 0)
> > + fd_install(ret, addfd->file);
> > + }
> > +
> > +out:
> > + addfd->ret = ret;
> > + complete(&addfd->completion);
> > +}
>
> My previous comment about SCM_RIGHTS still applies, right? That is, we
> should do,
>
> sock = sock_from_file(fp[i], &err);
> if (sock) {
> sock_update_netprioidx(&sock->sk->sk_cgrp_data);
> sock_update_classid(&sock->sk->sk_cgrp_data);
> }
>
> and perhaps lift that into a helper.

Oh, and now I see the later patch. But is there a reason to separate
these? I can't think of one.

Tycho