| Message ID | 20230403124323.26961-1-arefev@swemel.ru |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp2284224vqo;
Mon, 3 Apr 2023 06:04:17 -0700 (PDT)
X-Google-Smtp-Source:
AKy350YBPdhwQRcEr9oVgomtuoBQ1kM9H4sfjEGkg8uSkvvUoKMwgCafM9h78pO/0XZB2ekyZHTD
X-Received: by 2002:a17:906:5fd9:b0:930:d17b:959b with SMTP id
k25-20020a1709065fd900b00930d17b959bmr38335766ejv.22.1680527057038;
Mon, 03 Apr 2023 06:04:17 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1680527057; cv=none;
d=google.com; s=arc-20160816;
b=KA4xZQ1ZfCVr/umh2gmJWtq0hRcnvKLsqrrpPNIs83JBXD3JFQQxH2cCHFPR6d05uP
k1Oq3SebUxZSxBKSOFw6xOkgvQKWuK+fNuEdXpSvn5SpQyQ+PxvxES8eNKASduqJnpnG
COE33+fB/X6QiMAzlxd84d9jLFPEXEkr+X7y70I4Iio/G/M93YZehtpIq9OJsMkyExRq
d9hlRcdVwIkK1uztVHwkZkuVgH+VWZLwZG+1b+xfZFQv2NUbsy6Wkiev+9cd/it+MEoA
qY9cT79ZoJvAlBHVmffLBUfWwnGdSyPBP0m7EO8tTrUWw1KGSNbm79gIfrHN4ZIl+Zz4
85fA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:dkim-signature:from;
bh=dUaYZLv07SypYl8nCydRTmN/Q2SJe737WVxx8vmAUU8=;
b=fACzqiGrKmk3GPK10qwzA4D5utjMZROjlzgzgDMyTrXwzr6ik5XaD+f4eIfoU8C/wJ
tMEjefJO/pAyz5DXtQADGUFkQZP/6qgzpwLFXOWQk3ZbVQHCGourQ7OneyQNtMxaO7ys
pUoSBbYLgnpHVmBYR8XnJP6Jyadony3vAAXeCSq2Bg8mYEFaSwiZ0ug1qg+zD2mPUJTR
+NLN2miz190NNi/rvnwnRbhOVYl0wYBJ/ijHOljx11TFuwSydzf/FgO+GTNtlnzwiCR/
xgYBqBvTucvSc8XA5ggb9jQFa32W4/QBh6wlRz6DMGzr2ytjVykwS9z+1KSyNXqvJ65/
2T2g==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@swemel.ru header.s=mail header.b=Kvdg1ABa;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=swemel.ru
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
e5-20020a170906504500b0093cd9fa2838si4772892ejk.1009.2023.04.03.06.03.41;
Mon, 03 Apr 2023 06:04:17 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@swemel.ru header.s=mail header.b=Kvdg1ABa;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=swemel.ru
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S232146AbjDCNCB (ORCPT <rfc822;zwp10758@gmail.com> + 99 others);
Mon, 3 Apr 2023 09:02:01 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54084 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S229509AbjDCNCA (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Mon, 3 Apr 2023 09:02:00 -0400
X-Greylist: delayed 600 seconds by postgrey-1.37 at lindbergh.monkeyblade.net;
Mon, 03 Apr 2023 06:01:57 PDT
Received: from mx.swemel.ru (mx.swemel.ru [95.143.211.150])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 79D8840F0;
Mon, 3 Apr 2023 06:01:57 -0700 (PDT)
From: Denis Arefev <arefev@swemel.ru>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=swemel.ru; s=mail;
t=1680525803;
h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
to:to:cc:cc:mime-version:mime-version:
content-transfer-encoding:content-transfer-encoding;
bh=dUaYZLv07SypYl8nCydRTmN/Q2SJe737WVxx8vmAUU8=;
b=Kvdg1ABahF4SgBPJ5kqbEGQPNryeG/ddSiKECgNd6reuMnWi1e9MiMfA62Bs1yK2zmn0VF
u0YY++ajXi5IEIpBi+aMswxlBL561UIl6zBI2FYlQ6rRUF346Ee/jh6p2ALoNOdqOg1k2O
zJIeERocmXLh1fMmpXybX1K2G8pSTGA=
To: "David S. Miller" <davem@davemloft.net>
Cc: Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>,
Paolo Abeni <pabeni@redhat.com>, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, trufanov@swemel.ru, vfh@swemel.ru
Subject: [PATCH] net: Added security socket
Date: Mon, 3 Apr 2023 15:43:23 +0300
Message-Id: <20230403124323.26961-1-arefev@swemel.ru>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS
autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1762160339662801712?=
X-GMAIL-MSGID: =?utf-8?q?1762160339662801712?=
|
| Series |
net: Added security socket
|
|
Commit Message
Denis Arefev
April 3, 2023, 12:43 p.m. UTC
Added security_socket_connect
in kernel_connect
Signed-off-by: Denis Arefev <arefev@swemel.ru>
---
net/socket.c | 6 ++++++
1 file changed, 6 insertions(+)
Comments
On Mon, 2023-04-03 at 15:43 +0300, Denis Arefev wrote: > Added security_socket_connect > in kernel_connect > > Signed-off-by: Denis Arefev <arefev@swemel.ru> > --- > net/socket.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/net/socket.c b/net/socket.c > index 9c92c0e6c4da..9afa2b44a9e5 100644 > --- a/net/socket.c > +++ b/net/socket.c > @@ -3526,6 +3526,12 @@ EXPORT_SYMBOL(kernel_accept); > int kernel_connect(struct socket *sock, struct sockaddr *addr, int addrlen, > int flags) > { > + int err; > + > + err = security_socket_connect(sock, (struct sockaddr *)addr, addrlen); > + if (err) > + return err; > + > return sock->ops->connect(sock, addr, addrlen, flags); > } > EXPORT_SYMBOL(kernel_connect); Why would we need to be adding this? If we are already operating within kernel space it seems like it would be more problematic than not to have to push items out to userspace for security. Assuming an attacker is operating at the kernel level the system is already compromised is it not? Also assuming we do need this why are we only dealing with connect when we should probably also be looking at all the other kernel socket calls then as well?
Hi Alexander. I understand your concern. That's right kernel_connect is in kernel space, but kernel_connect is used in RPC requests (/net/sunrpc/xprtsock.c), and the RPC protocol is used by the NFS server. Note kernel_sendmsg is already protected.
On Tue, Apr 4, 2023 at 1:00 AM Denis Arefev <arefev@swemel.ru> wrote: > > Hi Alexander. I understand your concern. > That's right kernel_connect is in kernel space, > but kernel_connect is used in RPC requests (/net/sunrpc/xprtsock.c), > and the RPC protocol is used by the NFS server. > Note kernel_sendmsg is already protected. Can you add a write-up about the need for this in the patch description? Your patch description described what you are doing but not the why. My main concern is that your patch may end up causing issues that could later be reverted by someone if they don't understand the motivation behind why you are making this change. Calling out things like the fact that you are trying to add security to RPC sockets would be useful and would make it easier for patch review as people more familiar with the security code could also tell you if this is the correct approach to this or not. Thanks, - Alex
diff --git a/net/socket.c b/net/socket.c index 9c92c0e6c4da..9afa2b44a9e5 100644 --- a/net/socket.c +++ b/net/socket.c @@ -3526,6 +3526,12 @@ EXPORT_SYMBOL(kernel_accept); int kernel_connect(struct socket *sock, struct sockaddr *addr, int addrlen, int flags) { + int err; + + err = security_socket_connect(sock, (struct sockaddr *)addr, addrlen); + if (err) + return err; + return sock->ops->connect(sock, addr, addrlen, flags); } EXPORT_SYMBOL(kernel_connect);