Re: [PATCH] net: Fix security_socket_sendmsg() bypass problem.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Casey Schaufler <casey@schaufler-ca.com>
To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: anton@samba.org, mjt@tls.msk.ru, davem@davemloft.net,
	netdev@vger.kernel.org, linux-security-module@vger.kernel.org,
	Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: [PATCH] net: Fix security_socket_sendmsg() bypass problem.
Date: Mon, 25 Jul 2011 10:00:29 -0700	[thread overview]
Message-ID: <4E2DA12D.70003@schaufler-ca.com> (raw)
In-Reply-To: <201107260143.CGH18263.FOOSVMOQFJFLHt@I-love.SAKURA.ne.jp>

On 7/25/2011 9:43 AM, Tetsuo Handa wrote:
> Casey Schaufler wrote:
>>> OK. Then, the question is how to reduce performance loss by redundant
>>> security_socket_sendmsg() calls.
>> Not to be splitting hairs, but if the packets are headed to
>> different destinations the calls to security_socket_sendmsg()
>> are not redundant, they are necessary and appropriate. What
>> you have with sendmmsg() is an optimization that sacrifices
>> correctness for performance.
> Excuse me, but this thread is not trying to remove necessary and appropriate
> security_socket_sendmsg() calls. Linux 3.0 was released without necessary and
> appropriate security_socket_sendmsg() calls, and I'm trying to correct it (via
> msg11504.html or msg11510.html) for Linux 3.0.x stable release.

I understand. Sorry if I did a poor job of jumping into
the thread.

>> I fear that you are going to find that the work you have
>> to do to reduce the number of calls is going to outweigh
>> the benefits of your optimization, as has been pointed out
>> earlier.
> I fear it too. Unless many dozens (maybe some hundreds) of packets are sent by
> sendmmsg(), msg11504.html might show better performance than msg11510.html .
> But I don't have a machine to benchmark.

Is there some chance that the original authors could step up
to help with the benchmarking effort on this repair? Having been
on the end where I introduced problems more than once, I have a
good understanding of the principle "you broke it, you bought it".

next prev parent reply	other threads:[~2011-07-25 17:00 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <201107110304.p6B34422036886@www262.sakura.ne.jp>
     [not found] ` <201107191754.22391.paul.moore@hp.com>
     [not found]   ` <201107200142.p6K1gKYg077046@www262.sakura.ne.jp>
     [not found]     ` <201107211721.14511.paul.moore@hp.com>
2011-07-22 11:41       ` Question regarding sendmmsg() Tetsuo Handa
2011-07-22 12:27         ` Tetsuo Handa
2011-07-22 15:12           ` [PATCH] net: Fix security_socket_sendmsg() bypass problem Tetsuo Handa
2011-07-22 15:22             ` David Miller
2011-07-22 17:42               ` Tetsuo Handa
2011-07-22 18:31                 ` Tetsuo Handa
2011-07-23  5:20                   ` Tetsuo Handa
2011-07-23  7:04               ` Michael Tokarev
2011-07-23 10:39                 ` Tetsuo Handa
2011-07-25 12:20                   ` Anton Blanchard
2011-07-25 13:15                     ` Tetsuo Handa
2011-07-25 15:44                       ` Casey Schaufler
2011-07-25 16:43                         ` Tetsuo Handa
2011-07-25 17:00                           ` Casey Schaufler [this message]
2011-07-26  9:55                           ` Anton Blanchard
2011-07-26 11:21                             ` Tetsuo Handa
2011-07-26 13:58                               ` Eric Paris
2011-07-28  3:36                                 ` Tetsuo Handa
2011-08-02  6:07                                   ` David Miller
2011-08-02  9:28                                     ` Tetsuo Handa
2011-08-02 11:18                                       ` David Miller
2011-08-02 11:26                                         ` David Miller
2011-08-02 11:52                                           ` Tetsuo Handa
2011-08-02 12:01                                             ` David Miller
2011-08-02 13:11                                               ` Tetsuo Handa
2011-08-03  3:25                                                 ` Tetsuo Handa
2011-08-03  3:38                                                   ` David Miller
2011-08-03  3:47                                                     ` Anton Blanchard
2011-08-03 12:20                                                       ` Tetsuo Handa
2011-08-03 13:29                                                         ` Anton Blanchard
2011-08-03 13:37                                                           ` Eduard Sinelnikov
2011-08-03 21:50                                                           ` Tetsuo Handa
2011-08-04 12:56                                                             ` Anton Blanchard
2011-08-03 13:54                                                   ` Anton Blanchard
2011-07-26 20:30         ` Question regarding sendmmsg() Paul Moore

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E2DA12D.70003@schaufler-ca.com \
    --to=casey@schaufler-ca.com \
    --cc=anton@samba.org \
    --cc=davem@davemloft.net \
    --cc=linux-security-module@vger.kernel.org \
    --cc=mjt@tls.msk.ru \
    --cc=netdev@vger.kernel.org \
    --cc=penguin-kernel@I-love.SAKURA.ne.jp \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.