kernel_optimize_test/include/net
Eric Dumazet 25888e3031 af_unix: limit recursion level
Its easy to eat all kernel memory and trigger NMI watchdog, using an
exploit program that queues unix sockets on top of others.

lkml ref : http://lkml.org/lkml/2010/11/25/8

This mechanism is used in applications, one choice we have is to have a
recursion limit.

Other limits might be needed as well (if we queue other types of files),
since the passfd mechanism is currently limited by socket receive queue
sizes only.

Add a recursion_level to unix socket, allowing up to 4 levels.

Each time we send an unix socket through sendfd mechanism, we copy its
recursion level (plus one) to receiver. This recursion level is cleared
when socket receive queue is emptied.

Reported-by: Марк Коренберг <socketpair@gmail.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-11-29 09:45:15 -08:00
..
9p 9p: Add datasync to client side TFSYNC/RFSYNC for dotl 2010-10-28 09:08:49 -05:00
bluetooth Bluetooth: clean up rfcomm code 2010-10-12 12:44:53 -03:00
caif caif: SPI-driver bugfix - incorrect padding. 2010-11-03 18:50:03 -07:00
irda net: return operator cleanup 2010-09-23 14:33:39 -07:00
iucv
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-10-23 11:47:02 -07:00
netns netns: reorder fields in struct net 2010-10-17 13:49:14 -07:00
phonet Phonet: 'connect' socket implementation for Pipe controller 2010-10-13 14:40:34 -07:00
sctp net: return operator cleanup 2010-09-23 14:33:39 -07:00
tc_act net/sched: add ACT_CSUM action to update packets checksums 2010-08-20 01:42:59 -07:00
tipc tipc: cleanup function namespace 2010-10-16 11:13:24 -07:00
act_api.h pkt_sched: gen_kill_estimator() rcu fixes 2010-06-11 18:37:08 -07:00
addrconf.h ipv6: make __ipv6_isatap_ifid static 2010-10-05 00:47:39 -07:00
af_ieee802154.h
af_rxrpc.h
af_unix.h af_unix: limit recursion level 2010-11-29 09:45:15 -08:00
ah.h
arp.h arp: remove unnecessary export of arp_broken_ops 2010-09-29 19:45:35 -07:00
atmclip.h
ax25.h
ax88796.h
cfg80211.h cfg80211: fix WIPHY_FLAG_IBSS_RSN bit 2010-11-15 15:00:42 -05:00
checksum.h
cipso_ipv4.h
cls_cgroup.h Merge commit 'v2.6.36-rc7' into core/rcu 2010-10-07 09:43:45 +02:00
compat.h
datalink.h
dcbnl.h
dn_dev.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
dn_fib.h
dn_neigh.h
dn_nsp.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
dn_route.h net-next: remove useless union keyword 2010-06-10 23:31:35 -07:00
dn.h net: avoid limits overflow 2010-11-10 12:12:00 -08:00
dsa.h
dsfield.h
dst_ops.h b43legacy: Fix compile on ARM architecture 2010-11-15 15:00:42 -05:00
dst.h ipv4: add __rcu annotations to routes.c 2010-10-27 11:37:31 -07:00
esp.h
ethoc.h
fib_rules.h fib_rules: __rcu annotates ctarget 2010-10-27 11:37:32 -07:00
flow.h ipv4: Allow configuring subnets as local addresses 2010-09-28 23:38:15 -07:00
garp.h net/802: add __rcu annotations 2010-10-25 13:09:44 -07:00
gen_stats.h
genetlink.h genetlink: introduce pre_doit/post_doit hooks 2010-10-05 13:35:30 -04:00
gre.h PPTP: PPP over IPv4 (Point-to-Point Tunneling Protocol) 2010-08-21 23:05:39 -07:00
icmp.h
ieee80211_radiotap.h
ieee802154_netdev.h
ieee802154.h
if_inet6.h ipv6: Replace inet6_ifaddr->dead with state 2010-05-18 15:36:06 -07:00
inet6_connection_sock.h
inet6_hashtables.h
inet_common.h inet, inet6: make tcp_sendmsg() and tcp_sendpage() through inet_sendmsg() and inet_sendpage() 2010-07-12 20:21:46 -07:00
inet_connection_sock.h tcp: Add TCP_USER_TIMEOUT socket option. 2010-08-30 13:23:33 -07:00
inet_ecn.h net: return operator cleanup 2010-09-23 14:33:39 -07:00
inet_frag.h fragment: add fast path for in-order fragments 2010-06-30 13:44:29 -07:00
inet_hashtables.h tproxy: fix hash locking issue when using port redirection in __inet_inherit_port() 2010-10-21 13:06:43 +02:00
inet_sock.h net - IP_NODEFRAG option for IPv4 socket 2010-06-23 13:16:38 -07:00
inet_timewait_sock.h
inetpeer.h inetpeer: __rcu annotations 2010-10-27 11:37:33 -07:00
ip6_checksum.h
ip6_fib.h net-next: remove useless union keyword 2010-06-10 23:31:35 -07:00
ip6_route.h
ip6_tunnel.h tunnels: add _rcu annotations 2010-10-25 13:09:45 -07:00
ip_fib.h fib: Fix fib zone and its hash leak on namespace stop 2010-10-28 10:27:03 -07:00
ip_vs.h ipvs: provide address family for debugging 2010-10-21 11:04:43 +02:00
ip.h ipv4: add __rcu annotations to ip_ra_chain 2010-10-25 14:18:28 -07:00
ipcomp.h
ipconfig.h
ipip.h tunnels: add __rcu annotations 2010-10-27 11:37:32 -07:00
ipv6.h net: return operator cleanup 2010-09-23 14:33:39 -07:00
ipx.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
iw_handler.h
lapb.h
lib80211.h lib80211: remove unused host_build_iv option 2010-07-26 15:09:04 -04:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
mac80211.h mac80211: add probe request filter flag 2010-10-13 15:45:22 -04:00
mip6.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
mld.h
ndisc.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
neighbour.h net: Fix duplicate volatile warning. 2010-11-18 09:40:04 -08:00
net_namespace.h net_ns: add __rcu annotations 2010-10-25 14:18:27 -07:00
netdma.h
netevent.h
netlabel.h
netlink.h netlink: Make nlmsg_find_attr take a const nlmsghdr*. 2010-11-04 12:26:34 -07:00
netrom.h
nexthop.h
nl802154.h
p8022.h
pkt_cls.h
pkt_sched.h net: Define accessors to manipulate QDISC_STATE_RUNNING 2010-06-02 03:23:51 -07:00
protocol.h net: add __rcu annotations to protocol 2010-10-27 11:37:31 -07:00
psnap.h
raw.h include/net/raw.h: Convert raw_seq_private macro to inline 2010-09-08 13:42:22 -07:00
rawv6.h
red.h
regulatory.h wireless: only use alpha2 regulatory information from country IE 2010-07-20 16:44:35 -04:00
request_sock.h
rose.h
route.h tproxy: check for transparent flag in ip_route_newports 2010-09-27 15:03:33 -07:00
rtnetlink.h rtnetlink: remove rtnl_kill_links 2010-10-21 03:09:45 -07:00
sch_generic.h net_sched: remove the unused parameter of qdisc_create_dflt() 2010-10-21 03:09:47 -07:00
scm.h scm: Capture the full credentials of the scm sender. 2010-06-16 14:55:56 -07:00
slhc_vj.h
snmp.h snmp: 64bit ipstats_mib for all arches 2010-06-30 13:31:19 -07:00
sock.h net: avoid limits overflow 2010-11-10 12:12:00 -08:00
stp.h
tcp_states.h
tcp.h net: avoid limits overflow 2010-11-10 12:12:00 -08:00
timewait_sock.h
transp_v6.h
udp.h net: avoid limits overflow 2010-11-10 12:12:00 -08:00
udplite.h
wext.h
wimax.h
wpan-phy.h
x25.h X25: Move accept approve flag to bitfield 2010-05-17 17:39:27 -07:00
x25device.h
xfrm.h tunnels: add __rcu annotations 2010-10-27 11:37:32 -07:00