lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <30549453e8a40bb4f80f84e1a1427149b6b8b9e8.camel@gmail.com>
Date:   Mon, 03 Apr 2023 08:50:26 -0700
From:   Alexander H Duyck <alexander.duyck@...il.com>
To:     Denis Arefev <arefev@...mel.ru>,
        "David S. Miller" <davem@...emloft.net>
Cc:     Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, trufanov@...mel.ru, vfh@...mel.ru
Subject: Re: [PATCH] net: Added security socket

On Mon, 2023-04-03 at 15:43 +0300, Denis Arefev wrote:
> 	Added security_socket_connect
> 	in kernel_connect
> 
> Signed-off-by: Denis Arefev <arefev@...mel.ru>
> ---
>  net/socket.c | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/net/socket.c b/net/socket.c
> index 9c92c0e6c4da..9afa2b44a9e5 100644
> --- a/net/socket.c
> +++ b/net/socket.c
> @@ -3526,6 +3526,12 @@ EXPORT_SYMBOL(kernel_accept);
>  int kernel_connect(struct socket *sock, struct sockaddr *addr, int addrlen,
>  		   int flags)
>  {
> +	int err;
> +
> +	err = security_socket_connect(sock, (struct sockaddr *)addr, addrlen);
> +	if (err)
> +		return err;
> +
>  	return sock->ops->connect(sock, addr, addrlen, flags);
>  }
>  EXPORT_SYMBOL(kernel_connect);

Why would we need to be adding this? If we are already operating within
kernel space it seems like it would be more problematic than not to
have to push items out to userspace for security. Assuming an attacker
is operating at the kernel level the system is already compromised is
it not?

Also assuming we do need this why are we only dealing with connect when
we should probably also be looking at all the other kernel socket calls
then as well?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ