pkg-acpitail.git - Debian package for acpitail (copy of http://git.debian.org/pkg-acpi/acpitail.git)

summary refs log tree commit diff

Branch	Commit message	Author	Age
master	Update Standards-Version and debhelper compatibility	Tobias Klauser	12 years

Tag	Download	Author	Age
0.1-3	commit 5a697e3dd2...	Tobias Klauser	14 years
0.1-2	commit 1bbc31344e...	Tobias Klauser	15 years

ect>mode:

author	Eric Dumazet <eric.dumazet@gmail.com>	2010-11-25 04:11:39 +0000
committer	David S. Miller <davem@davemloft.net>	2010-11-29 09:45:15 -0800
commit	25888e30319f8896fc656fc68643e6a078263060 (patch)
tree	ae484d38b1250da885d3939dd9a97e667fbc871d /include/net/af_unix.h
parent	50a4205333c5e545551f1f82b3004ca635407c5c (diff)

af_unix: limit recursion level

Its easy to eat all kernel memory and trigger NMI watchdog, using an exploit program that queues unix sockets on top of others. lkml ref : http://lkml.org/lkml/2010/11/25/8 This mechanism is used in applications, one choice we have is to have a recursion limit. Other limits might be needed as well (if we queue other types of files), since the passfd mechanism is currently limited by socket receive queue sizes only. Add a recursion_level to unix socket, allowing up to 4 levels. Each time we send an unix socket through sendfd mechanism, we copy its recursion level (plus one) to receiver. This recursion level is cleared when socket receive queue is emptied. Reported-by: Марк Коренберг <socketpair@gmail.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>

Diffstat (limited to 'include/net/af_unix.h')