| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHC9VhSRiHwLEWfFkQdPEwgB4AXKbXzw_+3u=9hPpvUTnu02Bg@mail.gmail.com>
Date: Tue, 13 Jan 2026 17:51:54 -0500
From: Paul Moore <paul@...l-moore.com>
To: Justin Suess <utilityemal77@...il.com>
Cc: Günther Noack <gnoack3000@...il.com>,
Mickaël Salaün <mic@...ikod.net>,
James Morris <jmorris@...ei.org>, "Serge E . Hallyn" <serge@...lyn.com>,
linux-security-module@...r.kernel.org, Tingmao Wang <m@...wtm.org>,
Samasth Norway Ananda <samasth.norway.ananda@...cle.com>, Matthieu Buffet <matthieu@...fet.re>,
Mikhail Ivanov <ivanov.mikhail1@...wei-partners.com>, konstantin.meskhidze@...wei.com,
Demi Marie Obenour <demiobenour@...il.com>, Alyssa Ross <hi@...ssa.is>, Jann Horn <jannh@...gle.com>,
Tahera Fahimi <fahimitahera@...il.com>, Simon Horman <horms@...nel.org>, netdev@...r.kernel.org,
Alexander Viro <viro@...iv.linux.org.uk>, Christian Brauner <brauner@...nel.org>
Subject: Re: [PATCH v2 1/5] lsm: Add hook unix_path_connect
On Sat, Jan 10, 2026 at 11:45 AM Justin Suess <utilityemal77@...il.com> wrote:
> On 1/10/26 09:32, Günther Noack wrote:
> > From: Justin Suess <utilityemal77@...il.com>
> >
> > Adds an LSM hook unix_path_connect.
> >
> > This hook is called to check the path of a named unix socket before a
> > connection is initiated.
> >
> > Cc: Günther Noack <gnoack3000@...il.com>
> > Signed-off-by: Justin Suess <utilityemal77@...il.com>
> > ---
> > include/linux/lsm_hook_defs.h | 4 ++++
> > include/linux/security.h | 11 +++++++++++
> > net/unix/af_unix.c | 9 +++++++++
> > security/security.c | 20 ++++++++++++++++++++
> > 4 files changed, 44 insertions(+)
...
> > +#if defined(CONFIG_SECURITY_NETWORK) && defined(CONFIG_SECURITY_PATH)
> > +/*
> > + * security_unix_path_connect() - Check if a named AF_UNIX socket can connect
> > + * @path: path of the socket being connected to
> > + * @type: type of the socket
> > + * @flags: flags associated with the socket
> > + *
> > + * This hook is called to check permissions before connecting to a named
> > + * AF_UNIX socket.
> > + *
> > + * Return: Returns 0 if permission is granted.
> > + */
> > +int security_unix_path_connect(const struct path *path, int type, int flags)
> > +{
> > + return call_int_hook(unix_path_connect, path, type, flags);
> > +}
> > +EXPORT_SYMBOL(security_unix_path_connect);
...
> I'm considering renaming this hook to unix_socket_path_lookup, since as Günther
> pointed out this hook is not just hit on connect, but also on sendmsg.
I'm not bothered too much by this, either _path_connect() or
_path_lookup() is okay; please don't use
security_unix_socket_path_lookup(), that's longer than it needs to be,
if you've got "_unix_" in there we know you're talking about a socket
:)
While I don't want us to do it often, we can always change established
hook names if the names end up being really awful or misleading.
We've done it in the past.
It would be nice if somehow the hook name reflected the fact that it
is called on the "client" side of the connection, and not the "server"
side, but I wouldn't use either of those terms (client or server), and
to be honest I can't think of anything better than _path_lookup() at
the moment.
--
paul-moore.com
Powered by blists - more mailing lists