| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e0929ea61003090730p23aae935q1f34030df8cc527e@mail.gmail.com> Date: Tue, 9 Mar 2010 16:30:19 +0100 From: Kenan Kalajdzic <kenan@...x.ba> To: David Miller <davem@...emloft.net> Cc: netdev@...r.kernel.org Subject: Re: [PATCH] socket: Merge getsockname and getpeername into a single function On Mon, Mar 8, 2010 at 9:24 PM, David Miller <davem@...emloft.net> wrote: > > Since you still have to conditionalize things like the security > calls, this doesn't look any cleaner to me than what we have > there already. You are absolutely right about this - the condition around security calls ruins the whole refactoring attempt. It could easily go away if we were ready to make minor changes to the security code. It is because getting the local socket info and getting the peer socket info are essentially the same type of operation. Therefore, both security_socket_getsockname() and security_socket_getpeername() eventually evaluate to a call to socket_has_perm() with SOCKET__GETATTR. The question remains whether it is worth breaking the cleanness of the security hooks code to get rid of the condition in 'our' two functions? -- Kenan -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists