summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2010-02-28 01:20:36 +0000
committerDavid S. Miller <davem@davemloft.net>2010-02-28 18:22:02 -0800
commit76dadd76c265a0cdb5a76aa4eef03fcc9639b388 (patch)
tree78ed0e6da0aa99d4c04c02d9003aadbc44f091d8
parent39286fa41a8b2c6a9c1f656a7b3c3efca95bc1b9 (diff)
downloadkernel-crypto-76dadd76c265a0cdb5a76aa4eef03fcc9639b388.tar.gz
kernel-crypto-76dadd76c265a0cdb5a76aa4eef03fcc9639b388.tar.xz
kernel-crypto-76dadd76c265a0cdb5a76aa4eef03fcc9639b388.zip
scm: Only support SCM_RIGHTS on unix domain sockets.
We use scm_send and scm_recv on both unix domain and netlink sockets, but only unix domain sockets support everything required for file descriptor passing, so error if someone attempts to pass file descriptors over netlink sockets. Cc: stable@kernel.org Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/core/scm.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/net/core/scm.c b/net/core/scm.c
index b7ba91b074b..9b264634acf 100644
--- a/net/core/scm.c
+++ b/net/core/scm.c
@@ -156,6 +156,8 @@ int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *p)
switch (cmsg->cmsg_type)
{
case SCM_RIGHTS:
+ if (!sock->ops || sock->ops->family != PF_UNIX)
+ goto error;
err=scm_fp_copy(cmsg, &p->fp);
if (err<0)
goto error;