[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCETrW1HFJ3QXMfV9Hv922eax0hbHJn5GmHPvtED8_JR5KOVg@mail.gmail.com>
Date: Tue, 14 Oct 2014 19:03:11 -0700
From: Andy Lutomirski <luto@...capital.net>
To: David Miller <davem@...emloft.net>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Patrick McHardy <kaber@...sh.net>,
Network Development <netdev@...r.kernel.org>,
Thomas Graf <tgraf@...g.ch>
Subject: Re: Netlink mmap tx security?
On Tue, Oct 14, 2014 at 7:01 PM, David Miller <davem@...emloft.net> wrote:
> From: Andy Lutomirski <luto@...capital.net>
> Date: Tue, 14 Oct 2014 15:16:46 -0700
>
>> It's at least remotely possible that there's something that assumes
>> that assumes that the availability of NETLINK_RX_RING implies
>> NETLINK_TX_RING, which would be unfortunate.
>
> I already found one such case, nlmon :-/
>
> It also reminds me that I'll have to update
> Documentation/networking/netlink_mmap.txt
>
> Thomas, the context is that we have to remove NETLINK_TX_RING support
> (there is absolutely no way whatsoever to reliably keep some thread of
> control from modifying the underlying pages while we parse and
> validate the netlink request).
>
> I'd like to be able to do so while retaining NETLINK_RX_RING because
> that works fine and is great for monitoring when the rate of events
> is high.
>
> But I already have found userland pieces of code, like nlmon, which
> assume that if one is present then both must be present.
>
> I really think this means I'll have to remove all of the netlink
> mmap() support in order to prevent from breaking applications. :(
>
> The other option is to keep NETLINK_TX_RING, but copy the data into
> a kernel side buffer before acting upon it.
Option 3, which sucks but maybe not that badly: change the value of
NETLINK_RX_RING. (Practically: add NETLINK_RX_RING2 or something like
that.)
--Andy
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists