tech-kern: Re: socreate()

Subject: Re: socreate()
To: Jason Thorpe <thorpej@shagadelic.org>
From: Elad Efrat <elad@NetBSD.org>
List: tech-kern
Date: 10/26/2006 00:01:53
This is a multi-part message in MIME format.

--Boundary_(ID_bqD+/Uf8UOfi3SnnCNc7ow)
Content-type: text/plain; charset=ISO-8859-1
Content-transfer-encoding: 7BIT

is the attached diff okay?

-e.

Jason Thorpe wrote:
> 
> On Oct 25, 2006, at 2:54 PM, Elad Efrat wrote:
> 
>> Jason Thorpe wrote:
>>>
>>> On Oct 25, 2006, at 2:41 PM, Elad Efrat wrote:
>>>
>>>> hi,
>>>>
>>>> can socreate() sleep? (I want to add a kauth(9) call in there to
>>>> implement socket policies in one place)
>>>
>>>         s = splsoftnet();
>>>         so = pool_get(&socket_pool, PR_WAITOK);
>>>
>>>
>>>>
>>>> I *think* someone mentioned something about that in some thread in the
>>>> past; looking at the code it seems that if_gre.c:gre_kick(), called at
>>>> IPL_NET, can call socreate().
>>>
>>> socreate() must never be called from interrupt context.
>>
>> okay then I perhaps don't understand the code.
>>
>> if_gre.c:gre_kick() says it "Must be called at IPL_NET" (and it is, from
>> gre_ioctl(), right after splnet() was called). gre_kick() in turn calls
>> kthread_create1() with 'func' being gre_thread(). in turn, that calls
>> gre_thread1(), which can call gre_socreate1(), which can call
>> socreate().
> 
> Perhaps it needs to be called at IPL_NET for other reasons, but so long
> as it is never called from INTERRUPT context, it should be fine (if
> suboptimal -- sigh, all of this spl baggage to wade through on the way
> to a real MP kernel...)
> 
>> granted, I'm not familiar with neither the gre(4) code nor kernel
>> threads, but is there any guarantee that the above won't result in at
>> least some cases where socreate() is called at IPL_NET?
> 
> Being called at IPL_NET via an spl call is not the same as being called
> from an IPL_NET interrupt handler.
> 
> 
>>
>> -e.
>>
>> --Elad Efrat
> 
> -- thorpej
> 


-- 
Elad Efrat

--Boundary_(ID_bqD+/Uf8UOfi3SnnCNc7ow)
Content-type: text/plain; name=uipc_socket.c.diff
Content-transfer-encoding: 7BIT
Content-disposition: inline; filename=uipc_socket.c.diff

Index: uipc_socket.c
===================================================================
RCS file: /cvsroot/src/sys/kern/uipc_socket.c,v
retrieving revision 1.126
diff -u -p -r1.126 uipc_socket.c
--- uipc_socket.c	12 Oct 2006 01:32:19 -0000	1.126
+++ uipc_socket.c	25 Oct 2006 22:01:27 -0000
@@ -474,6 +474,10 @@ socreate(int dom, struct socket **aso, i
 	uid_t		uid;
 	int		error, s;
 
+	if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_SOCKET,
+	    KAUTH_REQ_NETWORK_SOCKET_OPEN, &dom, &type, &proto) != 0)
+		return (EPERM);
+
 	if (proto)
 		prp = pffindproto(dom, proto, type);
 	else

--Boundary_(ID_bqD+/Uf8UOfi3SnnCNc7ow)--