Re: New hooks for sock structure

From: James Morris (jmorrisat_private)
Date: Wed Jul 10 2002 - 07:46:23 PDT

  • Next message: Stephen Smalley: "Re: New hooks for sock structure"

    On Wed, 10 Jul 2002, Wayne Salamon wrote:
    
    > newsk->security is set before this code in the sk_alloc() call, and we
    > need to prevent this pointer from being overwritten with the listening
    > sock's security pointer.
    
    I'm still a little concerned about adding the pointer saving into the core 
    networking code.
    
    What about utilizing the zero_it argument to sk_alloc(), so that 
    sk_alloc_security() is not called if its value is zero.  The only time 
    this is zero is during the allocation of the new sk in 
    tcp_create_openreq_child(), and in this case, an sk security field can 
    then be allocated explicitly during the new hook call.  For SELinux, this 
    would be caught by extsocket_sock_precondition() in any case, right?
    
    The affected code would look something like:
    
    struct sock *sk_alloc(int family, int priority, int zero_it)
    {
    	struct sock *sk = kmem_cache_alloc(sk_cachep, priority);
    	
    	if(sk && zero_it) {
    		memset(sk, 0, sizeof(struct sock));
    		sk->family = family;
    		if (security_ops->socket_sock_alloc_security(sk)) {
    			kfree(sk);
    			return NULL;
    		}
    		sock_lock_init(sk);
    	}
    	
    	return sk;
    }
    
    struct sock *tcp_create_openreq_child(...)
    {
    	struct sock *newsk = sk_alloc(PF_INET, GFP_ATOMIC, 0);
    
            if(newsk != NULL) {
            	...
            	TCP_ECN_openreq_child(newtp, req);
            	security_ops->tcp_create_openreq_child(newsk, skb);
            	...
            }	
            ...
    }
    
    
    So, all that's added to the openreq function is one hook call, which will 
    be much easier to deal with in case the networking (or all hooks) need to 
    be made into macros, and we're not leaving any LSM housekeeping droppings 
    in the core code.
    
    
    - James
    -- 
    James Morris
    <jmorrisat_private>
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Wed Jul 10 2002 - 07:47:35 PDT