lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Zw34dAaqA5tR6mHN@infradead.org>
Date: Mon, 14 Oct 2024 22:07:00 -0700
From: Christoph Hellwig <hch@...radead.org>
To: Song Liu <song@...nel.org>
Cc: bpf@...r.kernel.org, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org, kernel-team@...a.com,
	andrii@...nel.org, eddyz87@...il.com, ast@...nel.org,
	daniel@...earbox.net, martin.lau@...ux.dev, viro@...iv.linux.org.uk,
	brauner@...nel.org, jack@...e.cz, kpsingh@...nel.org,
	mattbobrowski@...gle.com
Subject: Re: [PATCH bpf-next 2/2] selftests/bpf: Extend test fs_kfuncs to
 cover security.bpf xattr names

On Wed, Oct 02, 2024 at 02:46:37PM -0700, Song Liu wrote:
> Extend test_progs fs_kfuncs to cover different xattr names. Specifically:
> xattr name "user.kfuncs", "security.bpf", and "security.bpf.xxx" can be
> read from BPF program with kfuncs bpf_get_[file|dentry]_xattr(); while
> "security.bpfxxx" and "security.selinux" cannot be read.

So you read code from untrusted user.* xattrs?  How can you carve out
that space and not known any pre-existing userspace cod uses kfuncs
for it's own purpose?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ