Received: by 10.192.165.148 with SMTP id m20csp4946054imm;
        Tue, 24 Apr 2018 10:59:51 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZoLwpXC4i1aSFq1jmEyyN56KXlOg28OuBGJR1QuJ2SFEjRROwwWSkREUgEcTjpL5g2dyr4e
X-Received: by 10.101.96.35 with SMTP id p3mr3708828pgu.175.1524592791855;
        Tue, 24 Apr 2018 10:59:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524592791; cv=none;
        d=google.com; s=arc-20160816;
        b=JCmX78zlw3ynTwjEkyUgF8FZHonWrbgwar1F4WoAIUpwUB9z5Cux0IqPwpnAhZ9LNl
         fzcJ0xKcAbI8EMaO/pU4yO/rWWVh1A7OLmNaHGz+Zk9dXiB4C2I7cvRSqfCSQKeC1ORr
         uQG3FVkR/BFZ+kOLMXTLEqo/qOrEfvpWCaoRDRvQ7CqzwJVh1FXco76gPovVCsW+KUGt
         mUzyPJfJIckvG6CCWQwUTp/nY8GXdDA8JyuHg7wdd1gjgE0Ms0p+TQVKzcwCmUMoNkaS
         J6JpjKvyUx3apoDAMz0rXTXSJ4O4LsWabUGdFEVjXu8WVIlcO0GDqZjWiW0AnOj8AP80
         X3sg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=C6rllR48C/7xMX2Xgx6U8M0K9o2xlmeAcrOsECTStfo=;
        b=qjTDx5w6Uj1rmB0bbywOXnPZA6f0H+4JerZjh4wMLE090/1+NROn5io6YqPVpjsU5H
         ju6u9UQdXFwJ8jnnLpip5+JE/p1UHgLm34MANKvbVG/YO5Zw0HLTXapDS9Fu7+u6mVZh
         odB8KTN6a8y0cxWqEvvAyChTgUmGVMUEwnWO3Q3y6a/wJPtnXHZeqtdJVA+nIvGWom5D
         YR8+LlfWNICcY7ekNTFr1dkD18s5rHnQaWL9JCWmww00guWimUFJNn67nsPzwQaEB/Ir
         oB/5Hve97ANAqo6k+MOOlzQBnNoe+w8hW6gEE6y9ky2fEx3iNMfzmqDYr7MJC9dO4UG2
         YMrg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=shbERqoa;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h33-v6si14461955plh.483.2018.04.24.10.59.37;
        Tue, 24 Apr 2018 10:59:51 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=shbERqoa;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752049AbeDXR6H (ORCPT <rfc822;testajctc@gmail.com> + 99 others);
        Tue, 24 Apr 2018 13:58:07 -0400
Received: from mail-lf0-f66.google.com ([209.85.215.66]:40324 "EHLO
        mail-lf0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750757AbeDXR6F (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 24 Apr 2018 13:58:05 -0400
Received: by mail-lf0-f66.google.com with SMTP id j16-v6so4382353lfb.7
        for <linux-kernel@vger.kernel.org>; Tue, 24 Apr 2018 10:58:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paul-moore-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=C6rllR48C/7xMX2Xgx6U8M0K9o2xlmeAcrOsECTStfo=;
        b=shbERqoa9WOE5LHrX3LVFdUg6k81kScmoez6HR+oD0QeN4HUtrWRV6W2jmpC0Nk4aK
         kJCn6rbqhcS3hyMrjb8VlVd+3J/sdd+QrR1+u5CfOXny1q0GFpE2ptDjH2izx/iz4qGA
         OGJNxXKv0AT4kry5MtsrHB/XJOlLQL2fQhFcYFi7V/NBgBNfwn5a02pBZDF2wtBC6Drq
         o5it6yQO1Ua/cE65/Htdb8nXVds51CF9qNIBucAljTog0BXmuwat5eL6P9xRXOoCiNef
         1dHAk/bwpbG5TG521iQIyHjVhRVJUV06PLDUUm+Q3nUqFlprAOGde4qMoHba9JDrPtjh
         dmgQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=C6rllR48C/7xMX2Xgx6U8M0K9o2xlmeAcrOsECTStfo=;
        b=kqJAstZR3V7SuLNo6Y9A5HQJqvQkv1NNBwlBCFfLnuosuueuUjHhMEKp1aPEcTQo3V
         yQ3FLg1vQQDIP+jn1twJ9Y1SKbfwFQABjum7vxanpo31MCm8acsNGmnC+HXjo8+ZEtSe
         xasJu2BHNNwLif/HKXHLPKQR1CHUEpiTV5Wxdsq4lUPppk+xXdag6bIa03pjxRHh5BT3
         n70P0u0T5dZ99EQ9oo/HurqEs0PIw1cQd/uFHzLIr5LjnOyUOIQuukUduk2KMuMZ1Ovj
         +q6G+FWtlaNuSnzxNGUE9iwoH1uc76iYtg2b1pzDEQSbDXWvxWuxGLVZv8zdyGO2UuuW
         8tIg==
X-Gm-Message-State: ALQs6tD5ipoM2cZ1KdD8/e9YBmh/G8R/vcSyjD3vh5edP54Q9ahl1/DI
        5uQxrZ6l5qg+Khde1s3KxHjKLRbYMSkZm84rbWAG
X-Received: by 2002:a19:1f4a:: with SMTP id f71-v6mr11808915lff.12.1524592683840;
 Tue, 24 Apr 2018 10:58:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a19:a5c3:0:0:0:0:0 with HTTP; Tue, 24 Apr 2018 10:58:02
 -0700 (PDT)
X-Originating-IP: [108.20.156.165]
In-Reply-To: <20180424.135651.492329246141701047.davem@davemloft.net>
References: <20180423133015.5455-1-dh.herrmann@gmail.com> <20180423133015.5455-3-dh.herrmann@gmail.com>
 <CAHC9VhSv6tacFb+nEs1cCUOj52Vu+wXD6ZPZ1r1W4pYXo0VJMQ@mail.gmail.com> <20180424.135651.492329246141701047.davem@davemloft.net>
From:   Paul Moore <paul@paul-moore.com>
Date:   Tue, 24 Apr 2018 13:58:02 -0400
Message-ID: <CAHC9VhQ1-QxRiS=wutRH4TCu-ZizxLEYF9HOqMsYWKuKXwNs+w@mail.gmail.com>
Subject: Re: [PATCH 2/3] net/unix: hook unix_socketpair() into LSM
To:     David Miller <davem@davemloft.net>
Cc:     dh.herrmann@gmail.com, linux-kernel@vger.kernel.org,
        James Morris <jmorris@namei.org>, teg@jklm.no,
        Stephen Smalley <sds@tycho.nsa.gov>, selinux@tycho.nsa.gov,
        linux-security-module@vger.kernel.org,
        Eric Paris <eparis@parisplace.org>, serge@hallyn.com,
        netdev@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Apr 24, 2018 at 1:56 PM, David Miller <davem@davemloft.net> wrote:
> From: Paul Moore <paul@paul-moore.com>
> Date: Tue, 24 Apr 2018 13:55:31 -0400
>
>> On Mon, Apr 23, 2018 at 9:30 AM, David Herrmann <dh.herrmann@gmail.com> wrote:
>>> Use the newly created LSM-hook for unix_socketpair(). The default hook
>>> return-value is 0, so behavior stays the same unless LSMs start using
>>> this hook.
>>>
>>> Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
>>> ---
>>>  net/unix/af_unix.c | 5 +++++
>>>  1 file changed, 5 insertions(+)
>>>
>>> diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
>>> index 68bb70a62afe..bc9705ace9b1 100644
>>> --- a/net/unix/af_unix.c
>>> +++ b/net/unix/af_unix.c
>>> @@ -1371,6 +1371,11 @@ static int unix_stream_connect(struct socket *sock, struct sockaddr *uaddr,
>>>  static int unix_socketpair(struct socket *socka, struct socket *sockb)
>>>  {
>>>         struct sock *ska = socka->sk, *skb = sockb->sk;
>>> +       int err;
>>> +
>>> +       err = security_unix_stream_socketpair(ska, skb);
>>> +       if (err)
>>> +               return err;
>>
>> I recognize that AF_UNIX is really the only protocol that supports
>> socketpair(2) at the moment, but I like to avoid protocol specific LSM
>> hooks whenever possible.  Unless someone can think of a good
>> objection, I would prefer to see the hook placed in __sys_socketpair()
>> instead (and obviously drop the "unix_stream" portion from the hook
>> name).
>
> The counterargument is that after 30 years no other protocol has grown
> usage of this operation. :-)

Call me a an optimist ;)

-- 
paul moore
www.paul-moore.com