lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <48D37B70.2010702@openvz.org>
Date:	Fri, 19 Sep 2008 14:14:08 +0400
From:	Pavel Emelyanov <xemul@...nvz.org>
To:	Rémi Denis-Courmont 
	<remi.denis-courmont@...ia.com>
CC:	netdev@...r.kernel.org
Subject: Re: [PATCH 09/14] Phonet: allocate and initialize new sockets

Rémi Denis-Courmont wrote:
> 	Hello,
> 
> On Tuesday 16 September 2008 21:42:52 ext Pavel Emelyanov, you wrote:
>>> @@ -71,8 +73,22 @@ static int pn_socket_create(struct net *net, struct
>>> socket *sock, int protocol) goto out;
>>>  	}
>>>
>>> -	/* TODO: create and init the struct sock */
>>> -	err = -EPROTONOSUPPORT;
>>> +	sk = sk_alloc(net, PF_PHONET, GFP_KERNEL, pnp->prot);
>>> +	if (sk == NULL) {
>>> +		err = -ENOMEM;
>>> +		goto out;
>>> +	}
>> This turns to be a little bit messy wrt net namespaces.
>> Look - you allow for sockets to be created (and isolated from each
>> other) in each namespace,
> 
> I expect pn_socket_create() should forbid this, no?

Well, to be honest, I'd prefer making this ns aware from the very
beginning, but not to force you make things you (probably) don't want
to, I will answer - yes, please, ban this protocol for !init_ns :)

>     if (net != &init_net)
>             return -EAFNOSUPPORT;
>     /* ... */
>     sk = sk_alloc(net, PF_PHONET, GFP_KERNEL, pnp->prot);
> 
>> the list of devices is global,
> 
> Hmmm, good point. Should I forbid adding an address to devices outside the 
> initial namespace? what about a device with an existing address being 
> migrated?
> 
>> whilst the sysctls are visible in init_net only...
> 
> Regards,
> 

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ