lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <b1ef1422-ec84-0e36-8c85-d7d24642d9f2@gmail.com>
Date:   Tue, 23 Aug 2022 17:45:15 +0300
From:   Leonard Crestez <cdleonard@...il.com>
To:     Dmitry Safonov <dima@...sta.com>
Cc:     Andy Lutomirski <luto@...capital.net>,
        Ard Biesheuvel <ardb@...nel.org>,
        Bob Gilligan <gilligan@...sta.com>,
        David Ahern <dsahern@...nel.org>,
        Dmitry Safonov <0x7f454c46@...il.com>,
        Eric Biggers <ebiggers@...nel.org>,
        Francesco Ruggeri <fruggeri@...sta.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        Ivan Delalande <colona@...sta.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        Salam Noureddine <noureddine@...sta.com>,
        Shuah Khan <shuah@...nel.org>, netdev@...r.kernel.org,
        linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
        Eric Dumazet <edumazet@...gle.com>,
        "David S. Miller" <davem@...emloft.net>
Subject: Re: [PATCH 23/31] net/tcp: Add getsockopt(TCP_AO_GET)

On 8/18/22 19:59, Dmitry Safonov wrote:
> Introduce getsockopt() that let user get TCP-AO keys and their
> properties from a socket. A user can provide a filter to match
> a specific key to be dumped or TCP_AO_GET_ALL flag may be used to dump
> all keys in one syscall.

No equivalent for this exists for TCP_MD5SIG or my TCP_AUTHOPT series. I 
do however have a proc file to dump all keys in the system.

The list of keys is normally fully controlled by a single application so 
it shouldn't need to read back the keys that it wrote itself. The real 
reason this exists is because on the server side keys are copied on 
"synack" rather than "accept" and userspace can't know if a newly 
accepted socket has all the latest keychain updates.

This effectively dumps responsibility for a kernel implementation race 
onto userspace. At least you should mention how it's meant to be used in 
the commit message, and that it's not really optional.

I think making keys global is easier for userspace to use, despite the 
difference versus TCP_MD5.

--
Regards,
Leonard

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ