| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Mar 2023 09:38:43 +0100
From: Christian Brauner <brauner@...nel.org>
To: Jakub Kicinski <kuba@...nel.org>
Cc: Anjali Kulkarni <anjali.k.kulkarni@...cle.com>,
davem@...emloft.net, edumazet@...gle.com, pabeni@...hat.com,
zbr@...emap.net, johannes@...solutions.net, ecree.xilinx@...il.com,
leon@...nel.org, keescook@...omium.org, socketcan@...tkopp.net,
petrm@...dia.com, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org
Subject: Re: [PATCH v1 2/5] connector/cn_proc: Add filtering to fix some bugs
On Mon, Mar 13, 2023 at 05:24:41PM -0700, Jakub Kicinski wrote:
> On Fri, 10 Mar 2023 14:15:44 -0800 Anjali Kulkarni wrote:
> > diff --git a/include/linux/connector.h b/include/linux/connector.h
> > index 487350bb19c3..1336a5e7dd2f 100644
> > --- a/include/linux/connector.h
> > +++ b/include/linux/connector.h
> > @@ -96,7 +96,11 @@ void cn_del_callback(const struct cb_id *id);
> > *
> > * If there are no listeners for given group %-ESRCH can be returned.
> > */
> > -int cn_netlink_send_mult(struct cn_msg *msg, u16 len, u32 portid, u32 group, gfp_t gfp_mask);
> > +int cn_netlink_send_mult(struct cn_msg *msg, u16 len, u32 portid,
> > + u32 group, gfp_t gfp_mask,
> > + int (*filter)(struct sock *dsk, struct sk_buff *skb,
> > + void *data),
> > + void *filter_data);
>
> kdoc needs to be extended
just a thought from my side. I think giving access to unprivileged users
will require a little thought as that's potentially sensitive.
If possible I would think that the patches that don't lead to a
behavioral change should go in completely independently and then we can
discuss the non-root access change.
Powered by blists - more mailing lists