Date:   Mon, 03 Apr 2023 08:50:26 -0700
From:   Alexander H Duyck <alexander.duyck@...il.com>
To:     Denis Arefev <arefev@...mel.ru>,
        "David S. Miller" <davem@...emloft.net>
Cc:     Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, trufanov@...mel.ru, vfh@...mel.ru
Subject: Re: [PATCH] net: Added security socket

On Mon, 2023-04-03 at 15:43 +0300, Denis Arefev wrote:
> 	Added security_socket_connect
> 	in kernel_connect
> 
> Signed-off-by: Denis Arefev <arefev@...mel.ru>
> ---
>  net/socket.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/net/socket.c b/net/socket.c
> index 9c92c0e6c4da..9afa2b44a9e5 100644
> --- a/net/socket.c
> +++ b/net/socket.c
> @@ -3526,6 +3526,12 @@ EXPORT_SYMBOL(kernel_accept);
>  int kernel_connect(struct socket *sock, struct sockaddr *addr, int addrlen,
>  		   int flags)
>  {
> +	int err;
> +
> +	err = security_socket_connect(sock, (struct sockaddr *)addr, addrlen);
> +	if (err)
> +		return err;
> +
>  	return sock->ops->connect(sock, addr, addrlen, flags);
>  }
>  EXPORT_SYMBOL(kernel_connect);

Why would we need to be adding this? If we are already operating within
kernel space it seems like it would be more problematic than not to
have to push items out to userspace for security. Assuming an attacker
is operating at the kernel level the system is already compromised is
it not?

Also assuming we do need this why are we only dealing with connect when
we should probably also be looking at all the other kernel socket calls
then as well?

Powered by blists - more mailing lists