lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240801.eeBaiB4Ijion@digikod.net>
Date: Thu, 1 Aug 2024 18:01:25 +0200
From: Mickaël Salaün <mic@...ikod.net>
To: Mikhail Ivanov <ivanov.mikhail1@...wei-partners.com>
Cc: willemdebruijn.kernel@...il.com, gnoack3000@...il.com, 
	linux-security-module@...r.kernel.org, netdev@...r.kernel.org, netfilter-devel@...r.kernel.org, 
	yusongping@...wei.com, artem.kuzin@...wei.com, konstantin.meskhidze@...wei.com
Subject: Re: [RFC PATCH v1 2/9] landlock: Support TCP listen access-control

On Thu, Aug 01, 2024 at 06:34:41PM +0300, Mikhail Ivanov wrote:
> 8/1/2024 5:45 PM, Mickaël Salaün wrote:
> > On Thu, Aug 01, 2024 at 10:52:25AM +0300, Mikhail Ivanov wrote:
> > > 7/31/2024 9:30 PM, Mickaël Salaün wrote:
> > > > On Sun, Jul 28, 2024 at 08:25:55AM +0800, Mikhail Ivanov wrote:
> > > > > LANDLOCK_ACCESS_NET_BIND_TCP is useful to limit the scope of "bindable"
> > > > > ports to forbid a malicious sandboxed process to impersonate a legitimate
> > > > > server process. However, bind(2) might be used by (TCP) clients to set the
> > > > > source port to a (legitimate) value. Controlling the ports that can be
> > > > > used for listening would allow (TCP) clients to explicitly bind to ports
> > > > > that are forbidden for listening.
> > > > > 
> > > > > Such control is implemented with a new LANDLOCK_ACCESS_NET_LISTEN_TCP
> > > > > access right that restricts listening on undesired ports with listen(2).
> > > > > 
> > > > > It's worth noticing that this access right doesn't affect changing
> > > > > backlog value using listen(2) on already listening socket.
> > > > > 
> > > > > * Create new LANDLOCK_ACCESS_NET_LISTEN_TCP flag.
> > > > > * Add hook to socket_listen(), which checks whether the socket is allowed
> > > > >     to listen on a binded local port.
> > > > > * Add check_tcp_socket_can_listen() helper, which validates socket
> > > > >     attributes before the actual access right check.
> > > > > * Update `struct landlock_net_port_attr` documentation with control of
> > > > >     binding to ephemeral port with listen(2) description.
> > > > > * Change ABI version to 6.
> > > > > 
> > > > > Closes: https://github.com/landlock-lsm/linux/issues/15
> > > > > Signed-off-by: Mikhail Ivanov <ivanov.mikhail1@...wei-partners.com>
> > > > 
> > > > Thanks for this series!
> > > > 
> > > > I cannot apply this patch series though, could you please provide the
> > > > base commit?  BTW, this can be automatically put in the cover letter
> > > > with the git format-patch's --base argument.
> > > 
> > > base-commit: 591561c2b47b7e7225e229e844f5de75ce0c09ec
> > 
> > Thanks, the following commit makes this series to not apply.
> 
> Sorry, you mean that the series are succesfully applied, right?

Yes, it works with the commit you provided.  I was talking about a next
(logical) commit f4b89d8ce5a8 ("landlock: Various documentation
improvements") which makes your series not apply, but that's OK now.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ