From: Eric Biggers <ebiggers@kernel.org>
To: Daniil Lunev <dlunev@chromium.org>
Cc: Brian Geffon <bgeffon@google.com>,
Mike Snitzer <snitzer@kernel.org>,
linux-kernel@vger.kernel.org,
Zdenek Kabelac <zdenek.kabelac@gmail.com>,
dm-devel@redhat.com, Mikulas Patocka <mpatocka@redhat.com>,
Alasdair Kergon <agk@redhat.com>
Subject: Re: [dm-devel] [PATCH 1/1] dm: add message command to disallow device open
Date: Wed, 3 Aug 2022 21:49:50 +0000 [thread overview]
Message-ID: <YurtfvdeYh0kLd+8@gmail.com> (raw)
In-Reply-To: <CAONX=-dCrJabyvt2S24kEJi38Pbuzj_4kvugoF_75PWV69bNJw@mail.gmail.com>
On Thu, Aug 04, 2022 at 06:44:53AM +1000, Daniil Lunev wrote:
> > Have you also considered unlinking the device node (/dev/dm-$idx) from the
> > filesystem after it has been set up for swap?
> Yes, the node can be re-linked with mknod, thus is not a suitable solution.
I thought you were trying to defend against path traversal attacks, not
arbitrary code execution? If your threat model includes arbitrary code
execution by root, you really need to be using SELinux.
- Eric
--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Daniil Lunev <dlunev@chromium.org>
Cc: Zdenek Kabelac <zdenek.kabelac@gmail.com>,
Brian Geffon <bgeffon@google.com>,
Mike Snitzer <snitzer@kernel.org>,
linux-kernel@vger.kernel.org, dm-devel@redhat.com,
Mikulas Patocka <mpatocka@redhat.com>,
Alasdair Kergon <agk@redhat.com>
Subject: Re: [dm-devel] [PATCH 1/1] dm: add message command to disallow device open
Date: Wed, 3 Aug 2022 21:49:50 +0000 [thread overview]
Message-ID: <YurtfvdeYh0kLd+8@gmail.com> (raw)
In-Reply-To: <CAONX=-dCrJabyvt2S24kEJi38Pbuzj_4kvugoF_75PWV69bNJw@mail.gmail.com>
On Thu, Aug 04, 2022 at 06:44:53AM +1000, Daniil Lunev wrote:
> > Have you also considered unlinking the device node (/dev/dm-$idx) from the
> > filesystem after it has been set up for swap?
> Yes, the node can be re-linked with mknod, thus is not a suitable solution.
I thought you were trying to defend against path traversal attacks, not
arbitrary code execution? If your threat model includes arbitrary code
execution by root, you really need to be using SELinux.
- Eric
next prev parent reply other threads:[~2022-08-03 21:50 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-04 0:02 [dm-devel] [PATCH 0/1] Signal to disallow open of a dm device Daniil Lunev
2022-07-04 0:02 ` Daniil Lunev
2022-07-04 0:02 ` [dm-devel] [PATCH 1/1] dm: add message command to disallow device open Daniil Lunev
2022-07-04 0:02 ` Daniil Lunev
2022-07-14 20:13 ` [dm-devel] " Mike Snitzer
2022-07-14 20:13 ` Mike Snitzer
2022-07-14 23:42 ` [dm-devel] " Daniil Lunev
2022-07-14 23:42 ` Daniil Lunev
2022-07-15 9:36 ` [dm-devel] " Mikulas Patocka
2022-07-15 9:36 ` Mikulas Patocka
2022-07-15 19:38 ` Zdenek Kabelac
2022-07-15 19:38 ` Zdenek Kabelac
2022-07-18 23:42 ` Daniil Lunev
2022-07-18 23:42 ` Daniil Lunev
2022-08-03 4:12 ` Daniil Lunev
2022-08-03 4:12 ` Daniil Lunev
2022-08-03 4:23 ` Eric Biggers
2022-08-03 4:23 ` Eric Biggers
2022-08-03 4:29 ` Daniil Lunev
2022-08-03 4:29 ` Daniil Lunev
2022-08-03 16:30 ` Mike Snitzer
2022-08-03 16:30 ` Mike Snitzer
2022-08-03 20:49 ` [dm-devel] " Daniil Lunev
2022-08-03 20:49 ` Daniil Lunev
2022-08-03 18:25 ` [dm-devel] " Eric Biggers
2022-08-03 18:25 ` Eric Biggers
2022-08-03 20:44 ` Daniil Lunev
2022-08-03 20:44 ` Daniil Lunev
2022-08-03 21:49 ` Eric Biggers [this message]
2022-08-03 21:49 ` Eric Biggers
2022-08-03 23:38 ` Daniil Lunev
2022-08-03 23:38 ` Daniil Lunev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YurtfvdeYh0kLd+8@gmail.com \
--to=ebiggers@kernel.org \
--cc=agk@redhat.com \
--cc=bgeffon@google.com \
--cc=dlunev@chromium.org \
--cc=dm-devel@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mpatocka@redhat.com \
--cc=snitzer@kernel.org \
--cc=zdenek.kabelac@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.