Re: New hooks for sock structure

From: James Morris (jmorrisat_private)
Date: Thu Jul 11 2002 - 05:03:59 PDT

  • Next message: Stephen Smalley: "Re: Submitting LSM (Was: Re: OLS Bof info)"

    On Thu, 11 Jul 2002, Wayne Salamon wrote:
    
    > On Thu, 11 Jul 2002, James Morris wrote:
    > 
    > >
    > > What about utilizing the zero_it argument to sk_alloc(), so that
    > > sk_alloc_security() is not called if its value is zero.  The only time
    > > this is zero is during the allocation of the new sk in
    > > tcp_create_openreq_child(), and in this case, an sk security field can
    > > then be allocated explicitly during the new hook call.  For SELinux, this
    > > would be caught by extsocket_sock_precondition() in any case, right?
    > >
    > 
    > I have a concern with this approach. If we have the
    > tcp_create_openreq_child() hook assume that there is no security structure
    > on the sock, if the kernel logic ever changes to use zero_it from the
    > tcp_create_openreq_child() function, we will leak memory.
    
    Yep, agreed that this approach is flawed, as Stephen also pointed out.
    
    >
    > Also, what about
    > IPV6? It looks like the sock is zero'd by sk_alloc then the fields are
    > set. Are we going to support IPV6 in LSM?
    > 
    
    We could, but it may be better to wait until somebody needs it.  
    
    
    - James
    -- 
    James Morris
    <jmorrisat_private>
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Jul 11 2002 - 05:05:43 PDT