Re: [PATCH] net device hooks

• Previous message: Valdis.Kletnieksat_private: "Re: Patch Acceptance Procedure"
• In reply to: Wayne Salamon: "Re: [PATCH] net device hooks"
• Next in thread: Wayne Salamon: "Re: [PATCH] net device hooks"
• Reply: Wayne Salamon: "Re: [PATCH] net device hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 24 Jul 2001, Wayne Salamon wrote:

>    fs/ioctl.c:sys_ioctl() calls the file_ops->ioct() hook, and every
> ioctl therefore gets intercepted. So, you can control ioctl access
> to all objects via this single call, I believe. However, you do
> set up potential race conditions where the user-space parameter
> is copied in the file_ops->ioctl() to check access, but then
> is later copied and checked again at the lower level. A multithreaded
> process could modify the ioctl()'s arg parameter between those two
> checks.
>

Indeed!

So, this means that we can't have ioctl() hooks that need to validate user
data anywhere other than the point where the user data is normally copied
from userspace.


- James
-- 
James Morris
<jmorrisat_private>



_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: David Wheeler: "File descriptors: LSM should support them in phase 1."
• Previous message: Valdis.Kletnieksat_private: "Re: Patch Acceptance Procedure"
• In reply to: Wayne Salamon: "Re: [PATCH] net device hooks"
• Next in thread: Wayne Salamon: "Re: [PATCH] net device hooks"
• Reply: Wayne Salamon: "Re: [PATCH] net device hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 08:37:26 PDT