Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp581496pxb; Thu, 21 Oct 2021 05:39:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzKlxjtL4EfqsTXhO7EsEvQLdvyCc2E3EF/rB84kr5q4aZ8+DIXVUEQyo4MpfnLFS2NMBxY X-Received: by 2002:a50:ec15:: with SMTP id g21mr7350840edr.136.1634819968891; Thu, 21 Oct 2021 05:39:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634819968; cv=none; d=google.com; s=arc-20160816; b=MRg1uhV0tTeVRZBlYre7kZPC8VV4nVhwxBzZPV/Ka/Ns3NJ1zdKN1xQcEmjX7u7fT4 W84qe0jdZD/lNA+I6TAUNGPW8KGQSNKaasJf5tQvx3X8nlWVgqlLlcnoNdn4uIKgczbU ymTsYBuWaZMSqhAmbduBX6Fgfhthmbj0uCiJjkWsZcrkKyKzNSJ4gZveZOamxgzsejvB wxLLFG4srl8wiydOmqxxRWxzXsB/39/ymNiN+cZwtsuf7cJv3fQ8Gnnjk+oXbfVfYV4/ o+JaiI518MOqrZN40Q0ih0vvIAEortJ+bcZrE29OBZvKhMhc2phw4WestBxd76bVWdtq BAEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=HWHcgiYDzaXrjPI7m9/Xp249PFRd3etzjepjjebnpmw=; b=y1ZCN+MqYOEdwkKm39JSTHQQn2JuOwPylDh3ekwux2kMLeTdwnijG1qu0dEG7hCc+8 HIZZThvTSj1opaiuXNbN9FY7l5FQM3mnpiPhe9j/T/g+OLRIZk+NHpZWAssVr+2ZYKVq kb57eEJ89vfgQBLqKetnoMod6zDjiUfEwCLB3eaHoZQgsSj7xYdP5rJvciHXJ39XDDH9 XoD6ZuSjtIpFt03MTf2RwiNgjg6kpk7nDrDGu8NqdbwKVnkL4jcilPmKVNQj8o51R4RJ n8PvdkEbTs+QAIzlS5Lk9LSvDXciUMb3tTk7Nmo3s/XktykOADRQ5V/jYJhaPSmb9qr5 ZRmQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=WbCBiEpO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r24si8444142ejy.432.2021.10.21.05.39.04; Thu, 21 Oct 2021 05:39:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=WbCBiEpO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231309AbhJUMjh (ORCPT + 99 others); Thu, 21 Oct 2021 08:39:37 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]:30373 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230190AbhJUMjg (ORCPT ); Thu, 21 Oct 2021 08:39:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1634819840; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HWHcgiYDzaXrjPI7m9/Xp249PFRd3etzjepjjebnpmw=; b=WbCBiEpOPwNjvgLYBt/RArRCTAGZqyAkGV5RtVo6m8w+ZnbY5fWsxL+yrg8vDqWuSlmvcD 9GTSg6OHy5qh2QJufcKFiIWEMjszzVk/IZNgzfQi7gelRwnoxyGZ2nMhlCbT+bZ7FDuIUr gmq5bIlfYjLMvmiL+t/Up3CJzCzW/00= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-11-_h6xohpQMd2xpvBYc-s13A-1; Thu, 21 Oct 2021 08:37:19 -0400 X-MC-Unique: _h6xohpQMd2xpvBYc-s13A-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 51B481018720; Thu, 21 Oct 2021 12:37:18 +0000 (UTC) Received: from localhost (unknown [10.39.208.31]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2F9F1100E12D; Thu, 21 Oct 2021 12:37:16 +0000 (UTC) From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= To: netdev@vger.kernel.org Cc: linux-kernel@vger.kernel.org, sgarzare@redhat.com, davem@davemloft.net, kuba@kernel.org, =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= Subject: [PATCH 00/10] RFC: SO_PEERCRED for AF_VSOCK Date: Thu, 21 Oct 2021 16:37:04 +0400 Message-Id: <20211021123714.1125384-1-marcandre.lureau@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, This RFC aims to implement some support for SO_PEERCRED with AF_VSOCK, so vsock servers & clients can lookup the basic peer credentials. (further support for SO_PEERSEC could also be useful) This is pretty straightforward for loopback transport, where both ends are on the same host. For vhost transport, the host will set the peer credentials associated with the process who called VHOST_SET_OWNER (ex QEMU). For virtio transport, the credentials are cleared upon connect, as providing foreign credentials wouldn't make much sense. I haven't looked at other transports. What do you think of this approach? Note: I think it would be a better to set the peer credentials when we actually can provide them, rather than at creation time, but I haven't found a way yet. Help welcome! Marc-André Lureau (10): sock: move sock_init_peercred() from af_unix sock: move sock_copy_peercred() from af_unix vsock: owner field is specific to VMCI sock: add sock_swap_peercred virtio/vsock: add copy_peercred() to virtio_transport vsock: set socket peercred vsock/loopback: implement copy_peercred() vhost/vsock: save owner pid & creds vhost/vsock: implement copy_peercred vsock/virtio: clear peer creds on connect drivers/vhost/vsock.c | 46 +++++++++++++++++ include/linux/virtio_vsock.h | 2 + include/net/af_vsock.h | 2 + include/net/sock.h | 9 ++++ net/core/sock.c | 66 +++++++++++++++++++++++++ net/unix/af_unix.c | 50 ++----------------- net/vmw_vsock/af_vsock.c | 8 +++ net/vmw_vsock/virtio_transport.c | 22 ++++++++- net/vmw_vsock/virtio_transport_common.c | 9 ++++ net/vmw_vsock/vsock_loopback.c | 7 +++ 10 files changed, 175 insertions(+), 46 deletions(-) base-commit: e0bfcf9c77d9b2c11d2767f0c747f7721ae0cc51 -- 2.33.0.721.g106298f7f9