git: d29b95ecc0d0 - main - sockets: on accept(2) don't copy all of so_options to new socket

From: Gleb Smirnoff <glebius_at_FreeBSD.org>
Date: Mon, 14 Aug 2023 19:57:12 UTC
The branch main has been updated by glebius:

URL: https://cgit.FreeBSD.org/src/commit/?id=d29b95ecc0d049406d27a6c11939d40a46658733

commit d29b95ecc0d049406d27a6c11939d40a46658733
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2023-08-14 19:56:07 +0000
Commit:     Gleb Smirnoff <glebius@FreeBSD.org>
CommitDate: 2023-08-14 19:56:08 +0000

    sockets: on accept(2) don't copy all of so_options to new socket
    
    As uncovered by e3ba0d6adde3 we are copying lots of irrelevant options
    from the listener to an accepted socket, even those that aren't relevant
    to a non-listener, e.g. SO_REUSE*, SO_ACCEPTFILTER.  Stop doing that
    and provide a fixed opt-in list for options to be inherited.  Ideally
    we shall not inherit anything at all.  For compatibility inherit a set
    of options that are meaningful for a non-listening socket of a protocol
    that can listen(2).
    
    Differential Revision:  https://reviews.freebsd.org/D41412
    Fixes:                  e3ba0d6adde3c694f46a30b3b67eba43a7099395
---
 sys/kern/uipc_socket.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c
index eaff57d50d78..f111ec9d0780 100644
--- a/sys/kern/uipc_socket.c
+++ b/sys/kern/uipc_socket.c
@@ -750,7 +750,19 @@ solisten_clone(struct socket *head)
 	}
 	so->so_listen = head;
 	so->so_type = head->so_type;
-	so->so_options = head->so_options & ~SO_ACCEPTCONN;
+	/*
+	 * POSIX is ambiguous on what options an accept(2)ed socket should
+	 * inherit from the listener.  Words "create a new socket" may be
+	 * interpreted as not inheriting anything.  Best programming practice
+	 * for application developers is to not rely on such inheritance.
+	 * FreeBSD had historically inherited all so_options excluding
+	 * SO_ACCEPTCONN, which virtually means all SOL_SOCKET level options,
+	 * including those completely irrelevant to a new born socket.  For
+	 * compatibility with older versions we will inherit a list of
+	 * meaningful options.
+	 */
+	so->so_options = head->so_options & (SO_KEEPALIVE | SO_DONTROUTE |
+	    SO_LINGER | SO_OOBINLINE | SO_NOSIGPIPE);
 	so->so_linger = head->so_linger;
 	so->so_state = head->so_state;
 	so->so_fibnum = head->so_fibnum;