Message ID | 20180423133015.5455-3-dh.herrmann@gmail.com |
---|---|
State | Not Applicable, archived |
Delegated to: | David Miller |
Headers | show |
Series | Introduce LSM-hook for socketpair(2) | expand |
On Mon, Apr 23, 2018 at 9:30 AM, David Herrmann <dh.herrmann@gmail.com> wrote: > Use the newly created LSM-hook for unix_socketpair(). The default hook > return-value is 0, so behavior stays the same unless LSMs start using > this hook. > > Signed-off-by: David Herrmann <dh.herrmann@gmail.com> > --- > net/unix/af_unix.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c > index 68bb70a62afe..bc9705ace9b1 100644 > --- a/net/unix/af_unix.c > +++ b/net/unix/af_unix.c > @@ -1371,6 +1371,11 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr, > static int unix_socketpair(struct socket *socka, struct socket *sockb) > { > struct sock *ska = socka->sk, *skb = sockb->sk; > + int err; > + > + err = security_unix_stream_socketpair(ska, skb); > + if (err) > + return err; I recognize that AF_UNIX is really the only protocol that supports socketpair(2) at the moment, but I like to avoid protocol specific LSM hooks whenever possible. Unless someone can think of a good objection, I would prefer to see the hook placed in __sys_socketpair() instead (and obviously drop the "unix_stream" portion from the hook name). > /* Join our sockets back to back */ > sock_hold(ska); > -- > 2.17.0
From: Paul Moore <paul@paul-moore.com> Date: Tue, 24 Apr 2018 13:55:31 -0400 > On Mon, Apr 23, 2018 at 9:30 AM, David Herrmann <dh.herrmann@gmail.com> wrote: >> Use the newly created LSM-hook for unix_socketpair(). The default hook >> return-value is 0, so behavior stays the same unless LSMs start using >> this hook. >> >> Signed-off-by: David Herrmann <dh.herrmann@gmail.com> >> --- >> net/unix/af_unix.c | 5 +++++ >> 1 file changed, 5 insertions(+) >> >> diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c >> index 68bb70a62afe..bc9705ace9b1 100644 >> --- a/net/unix/af_unix.c >> +++ b/net/unix/af_unix.c >> @@ -1371,6 +1371,11 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr, >> static int unix_socketpair(struct socket *socka, struct socket *sockb) >> { >> struct sock *ska = socka->sk, *skb = sockb->sk; >> + int err; >> + >> + err = security_unix_stream_socketpair(ska, skb); >> + if (err) >> + return err; > > I recognize that AF_UNIX is really the only protocol that supports > socketpair(2) at the moment, but I like to avoid protocol specific LSM > hooks whenever possible. Unless someone can think of a good > objection, I would prefer to see the hook placed in __sys_socketpair() > instead (and obviously drop the "unix_stream" portion from the hook > name). The counterargument is that after 30 years no other protocol has grown usage of this operation. :-)
On Tue, Apr 24, 2018 at 1:56 PM, David Miller <davem@davemloft.net> wrote: > From: Paul Moore <paul@paul-moore.com> > Date: Tue, 24 Apr 2018 13:55:31 -0400 > >> On Mon, Apr 23, 2018 at 9:30 AM, David Herrmann <dh.herrmann@gmail.com> wrote: >>> Use the newly created LSM-hook for unix_socketpair(). The default hook >>> return-value is 0, so behavior stays the same unless LSMs start using >>> this hook. >>> >>> Signed-off-by: David Herrmann <dh.herrmann@gmail.com> >>> --- >>> net/unix/af_unix.c | 5 +++++ >>> 1 file changed, 5 insertions(+) >>> >>> diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c >>> index 68bb70a62afe..bc9705ace9b1 100644 >>> --- a/net/unix/af_unix.c >>> +++ b/net/unix/af_unix.c >>> @@ -1371,6 +1371,11 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr, >>> static int unix_socketpair(struct socket *socka, struct socket *sockb) >>> { >>> struct sock *ska = socka->sk, *skb = sockb->sk; >>> + int err; >>> + >>> + err = security_unix_stream_socketpair(ska, skb); >>> + if (err) >>> + return err; >> >> I recognize that AF_UNIX is really the only protocol that supports >> socketpair(2) at the moment, but I like to avoid protocol specific LSM >> hooks whenever possible. Unless someone can think of a good >> objection, I would prefer to see the hook placed in __sys_socketpair() >> instead (and obviously drop the "unix_stream" portion from the hook >> name). > > The counterargument is that after 30 years no other protocol has grown > usage of this operation. :-) Call me a an optimist ;)
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 68bb70a62afe..bc9705ace9b1 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -1371,6 +1371,11 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr, static int unix_socketpair(struct socket *socka, struct socket *sockb) { struct sock *ska = socka->sk, *skb = sockb->sk; + int err; + + err = security_unix_stream_socketpair(ska, skb); + if (err) + return err; /* Join our sockets back to back */ sock_hold(ska);
Use the newly created LSM-hook for unix_socketpair(). The default hook return-value is 0, so behavior stays the same unless LSMs start using this hook. Signed-off-by: David Herrmann <dh.herrmann@gmail.com> --- net/unix/af_unix.c | 5 +++++ 1 file changed, 5 insertions(+)