mirror of
https://github.com/Motorhead1991/qemu.git
synced 2026-02-02 06:10:39 -07:00
6d485a55d0
"The purpose of this option is to allow an application to obtain the security credentials of a Unix stream socket peer. It is analogous to SO_PEERCRED (which provides authentication using standard Unix credentials of pid, uid and gid), and extends this concept to other security models." -- https://lwn.net/Articles/62370/ Until now it was passed to the kernel with an "int" argument and fails when it was supported by the host because the parameter is like a filename: it is always a \0-terminated string with no embedded \0 characters, but is not guaranteed to be ASCII or UTF-8. I've tested the option with the following program: /* * cc -o getpeercon getpeercon.c */ #include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <arpa/inet.h> int main(void) { int fd; struct sockaddr_in server, addr; int ret; socklen_t len; char buf[256]; fd = socket(PF_INET, SOCK_STREAM, 0); if (fd == -1) { perror("socket"); return 1; } server.sin_family = AF_INET; inet_aton("127.0.0.1", &server.sin_addr); server.sin_port = htons(40390); connect(fd, (struct sockaddr*)&server, sizeof(server)); len = sizeof(buf); ret = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, buf, &len); if (ret == -1) { perror("getsockopt"); return 1; } printf("%d %s\n", len, buf); return 0; } On host: $ ./getpeercon 33 system_u:object_r:unlabeled_t:s0 With qemu-aarch64/bionic without the patch: $ ./getpeercon getsockopt: Numerical result out of range With the patch: $ ./getpeercon 33 system_u:object_r:unlabeled_t:s0 Bug: https://bugs.launchpad.net/qemu/+bug/1823790 Reported-by: Matthias Lüscher <lueschem@gmail.com> Tested-by: Matthias Lüscher <lueschem@gmail.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200204211901.1731821-1-laurent@vivier.eu> |
||
|---|---|---|
| .. | ||
| aarch64 | ||
| alpha | ||
| arm | ||
| cris | ||
| generic | ||
| host | ||
| hppa | ||
| i386 | ||
| m68k | ||
| microblaze | ||
| mips | ||
| mips64 | ||
| nios2 | ||
| openrisc | ||
| ppc | ||
| riscv | ||
| s390x | ||
| sh4 | ||
| sparc | ||
| sparc64 | ||
| tilegx | ||
| x86_64 | ||
| xtensa | ||
| cpu_loop-common.h | ||
| elfload.c | ||
| errno_defs.h | ||
| exit.c | ||
| fd-trans.c | ||
| fd-trans.h | ||
| flat.h | ||
| flatload.c | ||
| ioctls.h | ||
| linux_loop.h | ||
| linuxload.c | ||
| main.c | ||
| Makefile.objs | ||
| mmap.c | ||
| qemu.h | ||
| safe-syscall.S | ||
| signal-common.h | ||
| signal.c | ||
| socket.h | ||
| strace.c | ||
| strace.list | ||
| syscall.c | ||
| syscall_defs.h | ||
| syscall_types.h | ||
| target_flat.h | ||
| trace-events | ||
| uaccess.c | ||
| uname.c | ||
| uname.h | ||
| vm86.c | ||