| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 16 May 2020 08:36:52 -0700
From: Matthew Wilcox <willy@...radead.org>
To: David Laight <David.Laight@...lab.com>
Cc: 'David Howells' <dhowells@...hat.com>,
Christoph Hellwig <hch@....de>,
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
"linux-nvme@...ts.infradead.org" <linux-nvme@...ts.infradead.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-sctp@...r.kernel.org" <linux-sctp@...r.kernel.org>,
"target-devel@...r.kernel.org" <target-devel@...r.kernel.org>,
"linux-afs@...ts.infradead.org" <linux-afs@...ts.infradead.org>,
"drbd-dev@...ts.linbit.com" <drbd-dev@...ts.linbit.com>,
"linux-cifs@...r.kernel.org" <linux-cifs@...r.kernel.org>,
"rds-devel@....oracle.com" <rds-devel@....oracle.com>,
"linux-rdma@...r.kernel.org" <linux-rdma@...r.kernel.org>,
"cluster-devel@...hat.com" <cluster-devel@...hat.com>,
Jakub Kicinski <kuba@...nel.org>,
"linux-block@...r.kernel.org" <linux-block@...r.kernel.org>,
Alexey Kuznetsov <kuznet@....inr.ac.ru>,
"ceph-devel@...r.kernel.org" <ceph-devel@...r.kernel.org>,
"linux-nfs@...r.kernel.org" <linux-nfs@...r.kernel.org>,
Neil Horman <nhorman@...driver.com>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
Vlad Yasevich <vyasevich@...il.com>,
Eric Dumazet <edumazet@...gle.com>,
Jon Maloy <jmaloy@...hat.com>,
Ying Xue <ying.xue@...driver.com>,
"David S. Miller" <davem@...emloft.net>,
"ocfs2-devel@....oracle.com" <ocfs2-devel@....oracle.com>
Subject: Re: [Ocfs2-devel] [PATCH 27/33] sctp: export sctp_setsockopt_bindx
On Sat, May 16, 2020 at 03:11:40PM +0000, David Laight wrote:
> From: David Howells
> > Sent: 15 May 2020 16:20
> > Christoph Hellwig <hch@....de> wrote:
> >
> > > > The advantage on using kernel_setsockopt here is that sctp module will
> > > > only be loaded if dlm actually creates a SCTP socket. With this
> > > > change, sctp will be loaded on setups that may not be actually using
> > > > it. It's a quite big module and might expose the system.
> > >
> > > True. Not that the intent is to kill kernel space callers of setsockopt,
> > > as I plan to remove the set_fs address space override used for it.
> >
> > For getsockopt, does it make sense to have the core kernel load optval/optlen
> > into a buffer before calling the protocol driver? Then the driver need not
> > see the userspace pointer at all.
> >
> > Similar could be done for setsockopt - allocate a buffer of the size requested
> > by the user inside the kernel and pass it into the driver, then copy the data
> > back afterwards.
>
> Yes, it also simplifies all the compat code.
> And there is a BPF test in setsockopt that also wants to
> pass on a kernel buffer.
>
> I'm willing to sit and write the patch.
> Quoting from a post I made later on Friday.
>
> Basically:
>
> This patch sequence (to be written) does the following:
>
> Patch 1: Change __sys_setsockopt() to allocate a kernel buffer,
> copy the data into it then call set_fs(KERNEL_DS).
> An on-stack buffer (say 64 bytes) will be used for
> small transfers.
>
> Patch 2: The same for __sys_getsockopt().
>
> Patch 3: Compat setsockopt.
>
> Patch 4: Compat getsockopt.
>
> Patch 5: Remove the user copies from the global socket options code.
>
> Patches 6 to n-1; Remove the user copies from the per-protocol code.
>
> Patch n: Remove the set_fs(KERNEL_DS) from the entry points.
>
> This should be bisectable.
I appreciate your dedication to not publishing the source code to
your kernel module, but Christoph's patch series is actually better.
It's typesafe rather than passing void pointers around.
Powered by blists - more mailing lists