diff options
| author | Miklos Szeredi <mszeredi@redhat.com> | 2016-05-20 22:13:45 +0200 |
|---|---|---|
| committer | Miklos Szeredi <mszeredi@redhat.com> | 2016-05-20 22:13:45 +0200 |
| commit | eb0a4a47ae89aaa0674ab3180de6a162f3be2ddf (patch) | |
| tree | d4df3559a0bcc30659c12d82d2762854ac9e4f82 /security/smack/smack_netfilter.c | |
| parent | a118084432d642eeccb961c7c8cc61525a941fcb (diff) | |
af_unix: fix hard linked sockets on overlay
Overlayfs uses separate inodes even in the case of hard links on the
underlying filesystems. This is a problem for AF_UNIX socket
implementation which indexes sockets based on the inode. This resulted in
hard linked sockets not working.
The fix is to use the real, underlying inode.
Test case follows:
-- ovl-sock-test.c --
#include <unistd.h>
#include <err.h>
#include <sys/socket.h>
#include <sys/un.h>
#define SOCK "test-sock"
#define SOCK2 "test-sock2"
int main(void)
{
int fd, fd2;
struct sockaddr_un addr = {
.sun_family = AF_UNIX,
.sun_path = SOCK,
};
struct sockaddr_un addr2 = {
.sun_family = AF_UNIX,
.sun_path = SOCK2,
};
unlink(SOCK);
unlink(SOCK2);
if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1)
err(1, "socket");
if (bind(fd, (struct sockaddr *) &addr, sizeof(addr)) == -1)
err(1, "bind");
if (listen(fd, 0) == -1)
err(1, "listen");
if (link(SOCK, SOCK2) == -1)
err(1, "link");
if ((fd2 = socket(AF_UNIX, SOCK_STREAM, 0)) == -1)
err(1, "socket");
if (connect(fd2, (struct sockaddr *) &addr2, sizeof(addr2)) == -1)
err (1, "connect");
return 0;
}
----
Reported-by: Alexander Morozov <alexandr.morozov@docker.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Cc: <stable@vger.kernel.org>
Diffstat (limited to 'security/smack/smack_netfilter.c')
0 files changed, 0 insertions, 0 deletions