lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 18 Apr 2019 10:05:09 +0200
From:   Miroslav Lichvar <mlichvar@...hat.com>
To:     Richard Cochran <richardcochran@...il.com>
Cc:     Jiri Benc <jbenc@...hat.com>, Hangbin Liu <liuhangbin@...il.com>,
        netdev@...r.kernel.org, David Miller <davem@...emloft.net>,
        Patrick McHardy <kaber@...sh.net>,
        stefan.sorensen@...ctralink.com
Subject: Re: [PATCH net-next] macvlan: pass get_ts_info and SIOC[SG]HWTSTAMP
 ioctl to real device

On Wed, Apr 17, 2019 at 08:31:57PM -0700, Richard Cochran wrote:
> On Wed, Apr 17, 2019 at 08:59:58PM +0200, Jiri Benc wrote:
> > The problem here is this patch gives access to physical interface
> > settings through a virtual interface layered on top of it. Whenever
> > such thing is done, the virtual interface needs to provide a suitable
> > way of moderating access to the shared resources, so the individual
> > virtual interfaces do not affect each other. That's not what's being
> > done here.
> 
> So I guess the macvlan should reject SIOCSHWTSTAMP but allow
> SIOCGHWTSTAMP.

FWIW, my suggestion was to limit what the SIOCSHWTSTAMP ioctl can do
on the virtual interface. It could only enable HW timestamping or
select a more general filter. A container could run a PTP clock if it
had also access to the PHC device, or it could have the NET_ADMIN
capability for other reasons, but it couldn't disable HW timestamping
enabled by the host or other container.

If I understand it correctly, even without this ioctl a container can
prevent the host or other containers from getting some of the HW
timestamps by requesting TX timestamps at a high rate. I suspect the
timestamping would need to be restricted to the real interface to
fully protect it from applications having access to the virtual
interfaces.

-- 
Miroslav Lichvar

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ