Bug 239250 - need to define limits on unix socket control messages
Summary: need to define limits on unix socket control messages
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-16 15:58 UTC by Mark Johnston
Modified: 2019-07-16 15:58 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Johnston freebsd_committer 2019-07-16 15:58:50 UTC
There are some undocumented limits that apply to control messages over unix domain sockets, and SCM_RIGHTS messages in particular.

- Control messages must fit in an mbuf cluster, which is MCLBYTES (2KB) in size.
- Control message data must be natively aligned, so 64-bit kernels are limited to fewer rights per message than 32-bit kernels.  This can be problematic when running 32-bit applications on a 64-bit kernel.
- SCM_RIGHTS message contents must be translated to an internalized format before they can be transmitted.  Specifically, a 4-byte file descriptor is converted to a pointer, and internalized messages must fit in an mbuf cluster as well.  So even though we can pack (2048-16)/sizeof(int) FDs in a single SCM_RIGHTS message on amd64, the kernel can only handle (2048-16)/sizeof(void *) FDs.