Message ID | 8309aff7e55f0c7fe973bb2d1e6b6b3a80ac5a99.1703126594.git.nabijaczleweli@nabijaczleweli.xyz (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | Avoid unprivileged splice(file->)/(->socket) pipe exclusion | expand |
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index ac1f2bc18fc9..bae84552bf58 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -2921,15 +2921,12 @@ static ssize_t unix_stream_splice_read(struct socket *sock, loff_t *ppos, .pipe = pipe, .size = size, .splice_flags = flags, + .flags = MSG_DONTWAIT, }; if (unlikely(*ppos)) return -ESPIPE; - if (sock->file->f_flags & O_NONBLOCK || - flags & SPLICE_F_NONBLOCK) - state.flags = MSG_DONTWAIT; - return unix_stream_read_generic(&state, false); }
Otherwise we risk sleeping with the pipe locked for indeterminate lengths of time ‒ given: cat > unix.c <<^D #define _GNU_SOURCE #include <fcntl.h> #include <sys/socket.h> #include <sys/un.h> int main() { int sp[2]; socketpair(AF_UNIX, SOCK_STREAM, 0, sp); for (;;) splice(sp[0], 0, 1, 0, 128 * 1024 * 1024, 0); } ^D cc unix.c -o unix mkfifo fifo ./unix > fifo & read -r _ < fifo & sleep 0.1 echo zupa > fifo unix used to sleep in splice and the shell used to enter an uninterruptible sleep in open("fifo"); now the splice returns -EAGAIN and the whole program completes. Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz> --- net/unix/af_unix.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-)