* Why does CRYPTO_USER require CAP_NET_ADMIN? @ 2014-04-05 14:43 Matthias-Christian Ott 2014-04-24 22:51 ` [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN Matthias-Christian Ott 0 siblings, 1 reply; 7+ messages in thread From: Matthias-Christian Ott @ 2014-04-05 14:43 UTC (permalink / raw) To: linux-crypto If I'm not mistaken, CRYPTO_USER requires CAP_NET_ADMIN for all requests. Is there any reason for this requirement for read-only requests? I think read-only requests should not require CAP_NET_ADMIN. An example where this is important is important is AF_ALG. I'm working on AF_ALG support for GnuTLS, encryption and decryption via AF_ALG does not require special capabilities. However, retrieving the cipher priority to determine whether the cipher is hardware accelerated does require CAP_NET_ADMIN. Regards, Matthias-Christian ^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN 2014-04-05 14:43 Why does CRYPTO_USER require CAP_NET_ADMIN? Matthias-Christian Ott @ 2014-04-24 22:51 ` Matthias-Christian Ott 2014-04-28 21:37 ` Marek Vasut 2014-05-08 14:01 ` Herbert Xu 0 siblings, 2 replies; 7+ messages in thread From: Matthias-Christian Ott @ 2014-04-24 22:51 UTC (permalink / raw) To: linux-crypto [-- Attachment #1: Type: text/plain, Size: 485 bytes --] CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher details, such as cipher priorities, for AF_ALG. Signed-off-by: Matthias-Christian Ott <ott@mirix.org> --- crypto/crypto_user.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) [-- Attachment #2: 0001-crypto-user-Allow-CRYPTO_MSG_GETALG-without-CAP_NET_.patch --] [-- Type: text/x-patch, Size: 1456 bytes --] diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c index 1512e41..aa906b8 100644 --- a/crypto/crypto_user.c +++ b/crypto/crypto_user.c @@ -265,6 +265,9 @@ static int crypto_update_alg(struct sk_buff *skb, struct nlmsghdr *nlh, struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL]; LIST_HEAD(list); + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name)) return -EINVAL; @@ -295,6 +298,9 @@ static int crypto_del_alg(struct sk_buff *skb, struct nlmsghdr *nlh, struct crypto_alg *alg; struct crypto_user_alg *p = nlmsg_data(nlh); + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name)) return -EINVAL; @@ -379,6 +385,9 @@ static int crypto_add_alg(struct sk_buff *skb, struct nlmsghdr *nlh, struct crypto_user_alg *p = nlmsg_data(nlh); struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL]; + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name)) return -EINVAL; @@ -466,9 +475,6 @@ static int crypto_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) type -= CRYPTO_MSG_BASE; link = &crypto_dispatch[type]; - if (!capable(CAP_NET_ADMIN)) - return -EPERM; - if ((type == (CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE) && (nlh->nlmsg_flags & NLM_F_DUMP))) { struct crypto_alg *alg; ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN 2014-04-24 22:51 ` [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN Matthias-Christian Ott @ 2014-04-28 21:37 ` Marek Vasut 2014-04-30 19:23 ` Matthias-Christian Ott 2014-05-08 14:01 ` Herbert Xu 1 sibling, 1 reply; 7+ messages in thread From: Marek Vasut @ 2014-04-28 21:37 UTC (permalink / raw) To: Matthias-Christian Ott; +Cc: linux-crypto On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote: > CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information > provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules > and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that > processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher > details, such as cipher priorities, for AF_ALG. > > Signed-off-by: Matthias-Christian Ott <ott@mirix.org> > --- > crypto/crypto_user.c | 12 +++++++++--- > 1 file changed, 9 insertions(+), 3 deletions(-) Can you please submit the patch using git send-email so we can properly review it? Thank you ! Best regards, Marek Vasut ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN 2014-04-28 21:37 ` Marek Vasut @ 2014-04-30 19:23 ` Matthias-Christian Ott 2014-05-01 10:53 ` Marek Vasut 0 siblings, 1 reply; 7+ messages in thread From: Matthias-Christian Ott @ 2014-04-30 19:23 UTC (permalink / raw) To: Marek Vasut; +Cc: linux-crypto On 04/28/14 23:37, Marek Vasut wrote: > On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote: >> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information >> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules >> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that >> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher >> details, such as cipher priorities, for AF_ALG. >> >> Signed-off-by: Matthias-Christian Ott <ott@mirix.org> >> --- >> crypto/crypto_user.c | 12 +++++++++--- >> 1 file changed, 9 insertions(+), 3 deletions(-) > > Can you please submit the patch using git send-email so we can properly review > it? git-send-email or more specifically Net::SMTP only works with IPv4. The SMTP server I use for submission only listens IPv6 addresses. Moreover, TLS seems broken. I patched Net::SMTP to use IO::Socket::INET6 but gave up because of the TLS issues and used git format-patch and git imap-send. Regards, Matthias-Christian ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN 2014-04-30 19:23 ` Matthias-Christian Ott @ 2014-05-01 10:53 ` Marek Vasut 2014-05-03 23:45 ` Matthias-Christian Ott 0 siblings, 1 reply; 7+ messages in thread From: Marek Vasut @ 2014-05-01 10:53 UTC (permalink / raw) To: Matthias-Christian Ott; +Cc: linux-crypto On Wednesday, April 30, 2014 at 09:23:40 PM, Matthias-Christian Ott wrote: > On 04/28/14 23:37, Marek Vasut wrote: > > On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote: > >> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information > >> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules > >> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that > >> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher > >> details, such as cipher priorities, for AF_ALG. > >> > >> Signed-off-by: Matthias-Christian Ott <ott@mirix.org> > >> --- > >> > >> crypto/crypto_user.c | 12 +++++++++--- > >> 1 file changed, 9 insertions(+), 3 deletions(-) > > > > Can you please submit the patch using git send-email so we can properly > > review it? > > git-send-email or more specifically Net::SMTP only works with IPv4. The > SMTP server I use for submission only listens IPv6 addresses. Moreover, > TLS seems broken. I patched Net::SMTP to use IO::Socket::INET6 but gave > up because of the TLS issues and used git format-patch and git imap-send. You can always set up a separate mailserver or use one of the many free-to-use mailservers to follow the agreed-upon submission process, right? Of course, patches for Net::SMTP are welcome. Best regards, Marek Vasut ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN 2014-05-01 10:53 ` Marek Vasut @ 2014-05-03 23:45 ` Matthias-Christian Ott 0 siblings, 0 replies; 7+ messages in thread From: Matthias-Christian Ott @ 2014-05-03 23:45 UTC (permalink / raw) To: Marek Vasut; +Cc: linux-crypto On 05/01/14 12:53, Marek Vasut wrote: > On Wednesday, April 30, 2014 at 09:23:40 PM, Matthias-Christian Ott wrote: >> On 04/28/14 23:37, Marek Vasut wrote: >>> On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote: >>>> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information >>>> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules >>>> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that >>>> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher >>>> details, such as cipher priorities, for AF_ALG. >>>> >>>> Signed-off-by: Matthias-Christian Ott <ott@mirix.org> >>>> --- >>>> >>>> crypto/crypto_user.c | 12 +++++++++--- >>>> 1 file changed, 9 insertions(+), 3 deletions(-) >>> >>> Can you please submit the patch using git send-email so we can properly >>> review it? >> >> git-send-email or more specifically Net::SMTP only works with IPv4. The >> SMTP server I use for submission only listens IPv6 addresses. Moreover, >> TLS seems broken. I patched Net::SMTP to use IO::Socket::INET6 but gave >> up because of the TLS issues and used git format-patch and git imap-send. > > You can always set up a separate mailserver or use one of the many free-to-use > mailservers to follow the agreed-upon submission process, right? I don't comment on this statement to keep this discussion focused (send me a private email if you want to discuss it). I did try to submit the email directly (with SPF disabled) from git send-email to vger.kernel.org but vger.kernel.org uses greylisting, so I can't help you with that. Can you simply copy the file that was attached on the first email I sent, save it to the filesystem and simply commit it in git? You would have to do this anyway if I filed a bug in the Kernel Bug Tracker. So there is an “agreed-upon submission process” to commit a file. > Of course, patches for Net::SMTP are welcome. I reported the bug and someone who actually knows Perl is working on it. ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN 2014-04-24 22:51 ` [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN Matthias-Christian Ott 2014-04-28 21:37 ` Marek Vasut @ 2014-05-08 14:01 ` Herbert Xu 1 sibling, 0 replies; 7+ messages in thread From: Herbert Xu @ 2014-05-08 14:01 UTC (permalink / raw) To: Matthias-Christian Ott; +Cc: linux-crypto On Thu, Apr 24, 2014 at 10:51:06PM +0000, Matthias-Christian Ott wrote: > > CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information > provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules > and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that > processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher > details, such as cipher priorities, for AF_ALG. > > Signed-off-by: Matthias-Christian Ott <ott@mirix.org> Patch applied. -- Email: Herbert Xu <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2014-05-08 14:01 UTC | newest] Thread overview: 7+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2014-04-05 14:43 Why does CRYPTO_USER require CAP_NET_ADMIN? Matthias-Christian Ott 2014-04-24 22:51 ` [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN Matthias-Christian Ott 2014-04-28 21:37 ` Marek Vasut 2014-04-30 19:23 ` Matthias-Christian Ott 2014-05-01 10:53 ` Marek Vasut 2014-05-03 23:45 ` Matthias-Christian Ott 2014-05-08 14:01 ` Herbert Xu
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).