lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 21 Jul 2010 11:45:09 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	penguin-kernel@...ove.SAKURA.ne.jp
Cc:	kuznet@....inr.ac.ru, pekkas@...core.fi, jmorris@...ei.org,
	yoshfuji@...ux-ipv6.org, kaber@...sh.net, paul.moore@...com,
	netdev@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: [PATCH] LSM: Add post recvmsg() hook.

From: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
Date: Sat, 17 Jul 2010 10:17:10 +0900

> NETWORKING [IPv4/IPv6] maintainers and Paul, is below patch fine for you?

Unfortunately, after further consideration, I must reject this patch
and also the post accept() LSM hook one.

Sorry.

I looked into history of the discussions on this issue, and I have found
that the core issue with these hooks has not been addressed.

We must ensure that if:

1) Application makes poll() on UDP socket in blocking mode, and UDP
   reports that receive data is available

and

2) Application, after such a poll() call, makes a blocking recvmsg() call
   and no other activity has occurred on the socket meanwhile

Then we MUST return immediately with that available data.

This LSM hook, when it triggers, can violate this rule, even if you do
this looping thing.

The post accept() hook has the same problems.

Here is where we originally discussed this, in detail:

http://www.spinics.net/lists/netdev/msg95660.html

Therefore, I think this shows that what Tomoyo is trying to do is
fatally flawed.  We brought this fundamental issue up to you about a
year ago, and the issue is still not addressed.

So consider very seriously, that what you are trying to do cannot be
performed without breaking applications and API behavioral
expectations.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists