lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 08 Apr 2013 16:44:39 -0400 (EDT)
From:	David Miller <davem@...emloft.net>
To:	pmoore@...hat.com
Cc:	eric.dumazet@...il.com, netdev@...r.kernel.org, mvadkert@...hat.com
Subject: Re: [PATCH] tcp: assign the sock correctly to an outgoing SYNACK
 packet

From: Paul Moore <pmoore@...hat.com>
Date: Mon, 08 Apr 2013 16:37:22 -0400

> On Monday, April 08, 2013 11:30:25 AM Eric Dumazet wrote:
>> On Mon, 2013-04-08 at 11:21 -0700, Eric Dumazet wrote:
>> > On Mon, 2013-04-08 at 14:12 -0400, Paul Moore wrote:
>> > > It seems a bit fragile to me, perhaps even hacky, but in some ways I
>> > > guess it isn't anymore fragile than relying on skb->sk - as this
>> > > problem demonstrates. My other concern is that adding this hook
>> > > *correctly* is likely to touch a lot of files and may be a bit much so
>> > > late in the 3.9 cycle, Dave, what say you?> 
>> > I don't get it, 90ba9b1986b5ac4b2d18 was in 3.6, why do you care of
>> > 3.9 ?
>> > 
>> > I am preparing a fix right now. Not a revert, thank you.
>> 
>> Is the following patch not good enough ?
> 
> I think it is somewhat telling that the hook you're proposing doesn't ever 
> make any calls into any of the individual LSMs, it only calls back into the 
> networking stack.  In my mind, this makes it an abuse of the LSM mechanism.

Without LSMs the socket reference is spurious and pointless overhead,
therefore the only acceptable fix one which only takes the socket
reference when there are LSMs with a need.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ