lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 15 May 2020 16:20:02 +0100
From:   David Howells <>
To:     Christoph Hellwig <>
        Marcelo Ricardo Leitner <>,
        Eric Dumazet <>,,,,,,,,,, Alexey Kuznetsov <>,, Jakub Kicinski <>,,,
        Neil Horman <>,
        Hideaki YOSHIFUJI <>,, Vlad Yasevich <>,, Jon Maloy <>,
        Ying Xue <>,
        "David S. Miller" <>,
Subject: Re: [PATCH 27/33] sctp: export sctp_setsockopt_bindx

Christoph Hellwig <> wrote:

> > The advantage on using kernel_setsockopt here is that sctp module will
> > only be loaded if dlm actually creates a SCTP socket.  With this
> > change, sctp will be loaded on setups that may not be actually using
> > it. It's a quite big module and might expose the system.
> True.  Not that the intent is to kill kernel space callers of setsockopt,
> as I plan to remove the set_fs address space override used for it.

For getsockopt, does it make sense to have the core kernel load optval/optlen
into a buffer before calling the protocol driver?  Then the driver need not
see the userspace pointer at all.

Similar could be done for setsockopt - allocate a buffer of the size requested
by the user inside the kernel and pass it into the driver, then copy the data
back afterwards.


Powered by blists - more mailing lists