• Eric W. Biederman's avatar
    scm: Don't use struct ucred in NETLINK_CB and struct scm_cookie. · dbe9a417
    Eric W. Biederman authored
    Passing uids and gids on NETLINK_CB from a process in one user
    namespace to a process in another user namespace can result in the
    wrong uid or gid being presented to userspace.  Avoid that problem by
    passing kuids and kgids instead.
    
    - define struct scm_creds for use in scm_cookie and netlink_skb_parms
      that holds uid and gid information in kuid_t and kgid_t.
    
    - Modify scm_set_cred to fill out scm_creds by heand instead of using
      cred_to_ucred to fill out struct ucred.  This conversion ensures
      userspace does not get incorrect uid or gid values to look at.
    
    - Modify scm_recv to convert from struct scm_creds to struct ucred
      before copying credential values to userspace.
    
    - Modify __scm_send to populate struct scm_creds on in the scm_cookie,
      instead of just copying struct ucred from userspace.
    
    - Modify netlink_sendmsg to copy scm_creds instead of struct ucred
      into the NETLINK_CB.
    Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    dbe9a417
scm.h 3.57 KB