lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241104184139.3eb03c69@kernel.org>
Date: Mon, 4 Nov 2024 18:41:39 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Li Li <dualli@...omium.org>
Cc: dualli@...gle.com, corbet@....net, davem@...emloft.net,
 edumazet@...gle.com, pabeni@...hat.com, donald.hunter@...il.com,
 gregkh@...uxfoundation.org, arve@...roid.com, tkjos@...roid.com,
 maco@...roid.com, joel@...lfernandes.org, brauner@...nel.org,
 cmllamas@...gle.com, surenb@...gle.com, arnd@...db.de,
 masahiroy@...nel.org, bagasdotme@...il.com, horms@...nel.org,
 linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org,
 netdev@...r.kernel.org, hridya@...gle.com, smoreland@...gle.com,
 kernel-team@...roid.com
Subject: Re: [PATCH net-next v7 2/2] binder: report txn errors via generic
 netlink

On Mon, 4 Nov 2024 09:12:37 -0800 Li Li wrote:
> That's why binder genl uses unicast instead of multicast. The administration
> process of the OS (Android in this case) always runs before any other user
> applications, which registers itself to the kernel binder driver and uses it
> exclusively. With a unified family name, the same userspace admin process
> has access to all binder contexts. With separate family names, each domain
> admin process can register itself to the corresponding binder context.

Side note - it'd be useful for my understanding to know what the binder
families would be. You register them in binderfs_binder_device_create(), 
what creates the devices and how many do we expect?

Back to answering - I don't know why the same process would have to bind
to all domains. You record which portid is bound to the context, the portid
identifies the socket.

BTW portids can get reused, do you need to do something when the admin
process dies? To prevent normal user from binding to the same portid?

> So, do you think the current implementation of registering multiple families
> with different names acceptable? Or is there a better way to do it? Thank
> you very much!

I don't see what having the separate families buys you.
The genl family ID is added to the netlink message in nlmsg_type.
That's it, it doesn't do anything else.
You can add an attribute to the message to carry context->name
and you'll be able to demux the messages.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ