On Wed, May 13, 2020 at 12:29:18PM +0300, Ido Schimmel wrote: > On Mon, May 11, 2020 at 01:59:12PM +0200, Christoph Hellwig wrote: > > Factor out two helpes to keep the code tidy. > > > > Signed-off-by: Christoph Hellwig <h...@lst.de> > > Christoph, > > After installing net-next (fb9f2e92864f) on a Fedora 32 machine I cannot > ssh to it. Bisected it to this commit [1]. > > When trying to connect I see these error messages in journal: > > sshd[1029]: error: mm_receive_fd: no message header > sshd[1029]: fatal: mm_pty_allocate: receive fds failed > sshd[1029]: fatal: mm_request_receive_expect: buffer error: incomplete message > sshd[1018]: fatal: mm_request_receive: read: Connection reset by peer > > Please let me know if more info is required. I can easily test a patch > if you need me to try something.
To start we can try reverting just this commit, which requires a little manual work. Patch below: --- >From fe4f53219b42aeded3c1464dbe2bbc9365f6a853 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <h...@lst.de> Date: Wed, 13 May 2020 11:48:33 +0200 Subject: Revert "net/scm: cleanup scm_detach_fds" This reverts commit 2618d530dd8b7ac0fdcb83f4c95b88f7b0d37ce6. --- net/core/scm.c | 94 +++++++++++++++++++++++--------------------------- 1 file changed, 43 insertions(+), 51 deletions(-) diff --git a/net/core/scm.c b/net/core/scm.c index a75cd637a71ff..2d9aa5682bed2 100644 --- a/net/core/scm.c +++ b/net/core/scm.c @@ -280,53 +280,18 @@ void put_cmsg_scm_timestamping(struct msghdr *msg, struct scm_timestamping_inter } EXPORT_SYMBOL(put_cmsg_scm_timestamping); -static int __scm_install_fd(struct file *file, int __user *ufd, int o_flags) -{ - struct socket *sock; - int new_fd; - int error; - - error = security_file_receive(file); - if (error) - return error; - - new_fd = get_unused_fd_flags(o_flags); - if (new_fd < 0) - return new_fd; - - error = put_user(new_fd, ufd); - if (error) { - put_unused_fd(new_fd); - return error; - } - - /* Bump the usage count and install the file. */ - sock = sock_from_file(file, &error); - if (sock) { - sock_update_netprioidx(&sock->sk->sk_cgrp_data); - sock_update_classid(&sock->sk->sk_cgrp_data); - } - fd_install(new_fd, get_file(file)); - return error; -} - -static int scm_max_fds(struct msghdr *msg) -{ - if (msg->msg_controllen <= sizeof(struct cmsghdr)) - return 0; - return (msg->msg_controllen - sizeof(struct cmsghdr)) / sizeof(int); -} - void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm) { struct cmsghdr __user *cm = (__force struct cmsghdr __user*)msg->msg_control; - int o_flags = (msg->msg_flags & MSG_CMSG_CLOEXEC) ? O_CLOEXEC : 0; - int fdmax = min_t(int, scm_max_fds(msg), scm->fp->count); - int __user *cmsg_data = CMSG_USER_DATA(cm); + + int fdmax = 0; + int fdnum = scm->fp->count; + struct file **fp = scm->fp->fp; + int __user *cmfptr; int err = 0, i; - if (msg->msg_flags & MSG_CMSG_COMPAT) { + if (MSG_CMSG_COMPAT & msg->msg_flags) { scm_detach_fds_compat(msg, scm); return; } @@ -335,35 +300,62 @@ void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm) if (WARN_ON_ONCE(!msg->msg_control_is_user)) return; - for (i = 0; i < fdmax; i++) { - err = __scm_install_fd(scm->fp->fp[i], cmsg_data + i, o_flags); + if (msg->msg_controllen > sizeof(struct cmsghdr)) + fdmax = ((msg->msg_controllen - sizeof(struct cmsghdr)) + / sizeof(int)); + + if (fdnum < fdmax) + fdmax = fdnum; + + for (i=0, cmfptr =(int __user *)CMSG_USER_DATA(cm); i<fdmax; + i++, cmfptr++) + { + struct socket *sock; + int new_fd; + err = security_file_receive(fp[i]); if (err) break; + err = get_unused_fd_flags(MSG_CMSG_CLOEXEC & msg->msg_flags + ? O_CLOEXEC : 0); + if (err < 0) + break; + new_fd = err; + err = put_user(new_fd, cmfptr); + if (err) { + put_unused_fd(new_fd); + break; + } + /* Bump the usage count and install the file. */ + sock = sock_from_file(fp[i], &err); + if (sock) { + sock_update_netprioidx(&sock->sk->sk_cgrp_data); + sock_update_classid(&sock->sk->sk_cgrp_data); + } + fd_install(new_fd, get_file(fp[i])); } - if (i > 0) { - int cmlen = CMSG_LEN(i * sizeof(int)); - + if (i > 0) + { + int cmlen = CMSG_LEN(i*sizeof(int)); err = put_user(SOL_SOCKET, &cm->cmsg_level); if (!err) err = put_user(SCM_RIGHTS, &cm->cmsg_type); if (!err) err = put_user(cmlen, &cm->cmsg_len); if (!err) { - cmlen = CMSG_SPACE(i * sizeof(int)); + cmlen = CMSG_SPACE(i*sizeof(int)); if (msg->msg_controllen < cmlen) cmlen = msg->msg_controllen; msg->msg_control += cmlen; msg->msg_controllen -= cmlen; } } - - if (i < scm->fp->count || (scm->fp->count && fdmax <= 0)) + if (i < fdnum || (fdnum && fdmax <= 0)) msg->msg_flags |= MSG_CTRUNC; /* - * All of the files that fit in the message have had their usage counts - * incremented, so we just free the list. + * All of the files that fit in the message have had their + * usage counts incremented, so we just free the list. */ __scm_destroy(scm); } -- 2.26.2