Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp601677imm;
        Fri, 3 Aug 2018 08:29:14 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpeAS/Fq6moWzPEGOBRKaaYx6SptWEy6RcHFutzzwvbJ8UtAJ2M2Lkbv08EZl/tE/0H0ioN3
X-Received: by 2002:a62:3001:: with SMTP id w1-v6mr5081104pfw.19.1533310154650;
        Fri, 03 Aug 2018 08:29:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1533310154; cv=none;
        d=google.com; s=arc-20160816;
        b=h00cZUeYZr6fpw1WwMax3C5mRdHUJQEgGqbK2D0wnAPCEKGrs7Wuxi9PBru+TQaQIO
         w70lBVPvRSJZMEIi5lTLfDfiyRc/QlvXOlDb9HYmf3xFEWv4hXrfQ04llPcOUt1hIBNs
         iu3GFiXxmM/61EoD6XPWopqU+FtIT4DnqwTKE6t58Bs2u88poQA15SJnAyC91FMrieIG
         kbfnA2Z0QAYGaJoj4TsNPwqhqiWiDF66PFaBwWuOJSo8ZhAg5d6JIxfrs8Gub8RhlG0Z
         piOiylrzxL/446Zl0IgWBSUHPe+2GEMyQp2cEwzvUBFBMDpX2GuZJYeamhACGLmcb+f8
         Mszg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-language
         :content-transfer-encoding:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature
         :arc-authentication-results;
        bh=LAZp9llg41VUD4EPFjwjUZ8lYVF3GobMYt8Gl3zhcXA=;
        b=cLqhktrYPQ1PLUyrhHmdZaxYvTKFM1LaY2BKv4wCq16I+SG7VDLwCuDqjMsPTGcrYG
         Vdvy+XCCrSEuc5rOMsew3g6xvmF9pUxY97N0K4IySx55HUNkwnhKvwZY0rs8holv8kh6
         Iqk79gtoZpLH1ZxjIofxx/8a7rXQQjYQeAh7DzHlrxrTT8hHkJkGrHdHncewIWXcawe/
         yD75KvXUWVPBQ9Pecmbz2tfidjHbN6G4OQdgUYK6Nm5Ffak66v1PuDHyk7MoTCnoKd7H
         pVQOi6+/BoOrXWIGC9CjmaLZq0E96pj4uAQjBwA5a9iDYFg7zLyQuvTxRJLDZbc5iscp
         +s9A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@yahoo.com header.s=s2048 header.b=CswNtDEE;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g80-v6si5642330pfk.53.2018.08.03.08.28.59;
        Fri, 03 Aug 2018 08:29:14 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@yahoo.com header.s=s2048 header.b=CswNtDEE;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727561AbeHCRYn (ORCPT <rfc822;plaguedbypenguins@gmail.com>
        + 99 others); Fri, 3 Aug 2018 13:24:43 -0400
Received: from sonic315-19.consmr.mail.bf2.yahoo.com ([74.6.134.193]:35701
        "EHLO sonic315-19.consmr.mail.bf2.yahoo.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1727374AbeHCRYm (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 3 Aug 2018 13:24:42 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1533310073; bh=LAZp9llg41VUD4EPFjwjUZ8lYVF3GobMYt8Gl3zhcXA=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=CswNtDEEA5Jw+meR8V1SQ5OU8tRDQF1m1SUafFeCpYWP5ncIjVmtjWmV1W8L2Ebj2ao9HnQW3YEqD7gGEJ4z/kqJOq2RQHccpBlvFPKJlcmlQY/QqyxWcZrCMdSfzSFOGqaI2UhjuaG8zTkBYa9XzOPzFN9sqDNwqceovDGtCeF/73AfdX+fDfAoDDWAiFHjeMcPVP4U05bNyS2bj21+Lh8AdT7Nj1U/nYoP/Ee3H045sScJsNnCP73yczG/FYZFaHO1pZ616OXtwmKmmxIP7GjSapupzJZ+4zaio55vkUKMTAl0nArHHltlAiMgIITLzjkx6a7y6Qij62FvqjMEYQ==
X-YMail-OSG: GhRziRgVM1kh0WzA2siQAdxzKWpuXOdKracaz71jxFS8Y6KXYi835nU08ctudpQ
 FXA2WgdrSnGK6AUfFulbeHdAXwtSgqGMorFsLjLr5ZHTHis7s80yvxdT8Vzn3VHO_Hf_iNdn1pLz
 PrfZW0HTRII7vOqyKKTQC.aXargrVd56jNtWmSxs4HsoOIcxjjq.kmmw9PZJqfTvs0M61SOjsui_
 NYGpjZO8vyRktkdDjUgilLKf67HE0i10CoHlqwXJJeX4NL3pIuW3viHdTBpLZJlJkNngVNs0EcXU
 TIJ9c_2dJ8GNOAy4cPwv8_H__H4Pl1.y6FJU7ccR.7qNIQ3RE2FfL8AaJ51bWzudu0GbHWxI9sGu
 LHoZpcb5g76tySt8WUEVIhkTuqJlS6EAr8k27RWt_J8F9my0PkcjCEZH_ApC8HDhARHzy.E1NAEr
 NhDf0gGanYMDouDUHgN.5D4T4W082zuv8vWyxXfJWI_mDrsZ6jG9RCN8PbB0QI3k.V5WylA39cUe
 9aB.CGSmUzDlMt3OAz3EdlpoYjbOUE7rJDzRV.AU0jGRp34YraklWZsRRsJwZ6UyU7.rBdnFw2ZZ
 OpPzwdsmLUfmfV.UyG1uZ9_e4WXTTIjouwVlT3OQNmSO5CtnAYKIwPmKFp2djyKLGNVEA5sya8gJ
 L97V_Sg_B56NC0_xubAeuZyc5OnL.IoiJHrmH_2mz.ciSO5PND74CQJNnMnM0OOqG8D72csRjLWr
 ODzE9Nqcpv83DHo8GpD5UDEqiFB9MHPs0QVci3mxZldHeV1.cR54gp2qyXk7JJ1Jef3F75TjxO0L
 FvRL1lHToiNDS7EGWRmxEzOtDvZiua_57FGano7BvC6mDctoZ8uJ3SFlPLbqEFDhd7vp18NdrJLU
 F3kl175web4yx8PHLkHecQptrUYPOG4lUAa80XpjJqopiymY2jgKLfsTGrAIHpU4ddsYsA0vjlJM
 zg57i2yYyMWUSZFk23MaxUTxggs4sUNQPPQd19WbwUF6it9SynFIU3VQ19Un9iO30IwuCr.0_7s1
 iR7rS.D.pAVVOZLJPaneeZDhqkHvP2E_B.ITMpSnzmyBxsw9l2xO8TeE.58guDahxM2i2GbbTlDF
 _wStkZg--
Received: from sonic.gate.mail.ne1.yahoo.com by sonic315.consmr.mail.bf2.yahoo.com with HTTP; Fri, 3 Aug 2018 15:27:53 +0000
Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO [192.168.0.104]) ([67.169.65.224])
          by smtp403.mail.bf1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID a2fa08dd94d843db7329e67a62acc2be;
          Fri, 03 Aug 2018 15:27:51 +0000 (UTC)
Subject: Re: [PATCH v1 20/22] Move common usercopy into
 security_getpeersec_stream
To:     Piotr Sawicki <p.sawicki2@partner.samsung.com>,
        LSM <linux-security-module@vger.kernel.org>,
        LKLM <linux-kernel@vger.kernel.org>,
        Paul Moore <paul@paul-moore.com>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        SE Linux <selinux@tycho.nsa.gov>,
        "SMACK-discuss@lists.01.org" <SMACK-discuss@lists.01.org>,
        John Johansen <john.johansen@canonical.com>,
        Kees Cook <keescook@chromium.org>,
        Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
        James Morris <jmorris@namei.org>
Cc:     "Schaufler, Casey" <casey.schaufler@intel.com>,
        Casey Schaufler <casey@schaufler-ca.com>
References: <8a325db8-e7eb-9581-2b77-fc987a165df7@schaufler-ca.com>
 <ac4a4408-5c69-4b87-b57d-537dba588b18@schaufler-ca.com>
 <CGME20180803091011eucas1p29e46a12d1986f11e63547ea1ec8e8663@eucas1p2.samsung.com>
 <20180803091011eucas1p29e46a12d1986f11e63547ea1ec8e8663~HVMbjcXDZ2739127391eucas1p2M@eucas1p2.samsung.com>
From:   Casey Schaufler <casey@schaufler-ca.com>
Message-ID: <0c4b4f28-e51f-8b5d-9259-c6ab97c5c506@schaufler-ca.com>
Date:   Fri, 3 Aug 2018 08:27:47 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <20180803091011eucas1p29e46a12d1986f11e63547ea1ec8e8663~HVMbjcXDZ2739127391eucas1p2M@eucas1p2.samsung.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 8/3/2018 2:10 AM, Piotr Sawicki wrote:
> On 07/16/2018 08:24 PM, Casey Schaufler wrote:
>> [PATCH 20/22] Move common usercopy into security_getpeersec_stream
>>
>> The modules implementing hook for getpeersec_stream
>> don't need to be duplicating the copy-to-user checks.
>> Moving the user copy part into the infrastructure makes
>> the security module code simpler and reduces the places
>> where user copy code may go awry.
> Hi,
>
> This change will break the API. Some clients may call getsockopt(..,SO_PEERSEC,..) twice. Firstly, to fetch the length. In that case xxx_socket_getpeersec_stream should return -ERANGE and set *optlen. Secondly, to retrieve a proper security label.

Nuts. You're correct. I will fix this in the next round.

>
> Please take a look at the implementation of the getClientSmackLabel() function in Cynara: https://review.tizen.org/gerrit/#/c/26888/6/src/helpers/creds-socket/creds-socket-inner.cpp
> Also there is an email thread about this socket option which tells us why it is made this way: "[RFC] SO_PEERSEC - security credentials for Unix stream sockets"
>
> http://lists.jammed.com/linux-security-module/2003/12/0029.html
>
> Regards,
> Piotr
>