Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp5594638pxu; Tue, 22 Dec 2020 23:54:47 -0800 (PST) X-Google-Smtp-Source: ABdhPJwvzLiIJ0jQQYqAmTciD/en1IVtIoT0x0lHbTOHBWmJK3s19SZxZ0+YyDDRf42/TBAMZ31A X-Received: by 2002:aa7:c813:: with SMTP id a19mr20854170edt.192.1608710086971; Tue, 22 Dec 2020 23:54:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1608710086; cv=none; d=google.com; s=arc-20160816; b=u03sLnPxydAtIULH0H6XIW6sdI4E7eAa0y0Ab4MOmnZODpBVHU243CLKkKmzRtR7+j mcvw8lMsaDe2nSi022Q904mVqqi7Xa/ZRqnymY095BLU+Q+lnDumoDzjJIOqMjNgkDWv 1Ba7O4rHoUOJsj99l6BU7kOm9tuxqy6D2wvNMXgtHP847lPfhAU8Iesp+1XUsXIBUQFN uDyDRYQi3oTQ3aE8+6YkjaUQlgDvHJa/XGqHnVVdQKqSkQtwCDHYPKQpYQY7ytU6NgL1 +r47XOB+jkFeGtfx3NS007Nhvdq8cFeq94j88g4zUC3XNJyDPOWp1qQdrgR1topBvOCB eioQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=dZWJ4WTK7xyfkbsd/TgkBnvQJE8fa6NrJbOv8usajgE=; b=AFcpZS8VEnYdsgfOXVhlwRcMS+a3bc9w+GG6PJoRFJC6VPFUEhhBFWcP/R4GsHYNjJ yItcAT7lqEpINPJP15gahhKRVnpXQPJTOorKT+3V/kHvGKeSTckQl2mRcpKGtOx9QCw8 IDXmJUtfkH8NsIBR1MXrHWXj+9CGWzujA9z7BCz5Jjf0otYpUcH8wFfhVedK+W7NGgsa gyvyMlIZs145wAm+ZXRKyauqIaRjR8EHPcLHh21D+YYF5zcrRd3d/wGijRhhyZuxt+sK ITSG8i+KuvypYmGphS+GVciMbhtf8o/As8+Wo96B4qqa7yUyaAdxA7LCmK+UaYe1Xq9H dp0g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dn20si13044952ejc.748.2020.12.22.23.54.23; Tue, 22 Dec 2020 23:54:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727468AbgLWHxu (ORCPT + 99 others); Wed, 23 Dec 2020 02:53:50 -0500 Received: from verein.lst.de ([213.95.11.211]:33666 "EHLO verein.lst.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727050AbgLWHxu (ORCPT ); Wed, 23 Dec 2020 02:53:50 -0500 Received: by verein.lst.de (Postfix, from userid 2407) id A473667373; Wed, 23 Dec 2020 08:53:07 +0100 (CET) Date: Wed, 23 Dec 2020 08:53:07 +0100 From: Christoph Hellwig To: Tetsuo Handa Cc: Al Viro , "Eric W. Biederman" , Jens Axboe , Christoph Hellwig , Kees Cook , LKML Subject: Re: Does uaccess_kernel() work for detecting kernel thread? Message-ID: <20201223075307.GA4185@lst.de> References: <0bcc0c63-31a3-26fd-bccb-b28af0375c34@i-love.sakura.ne.jp> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <0bcc0c63-31a3-26fd-bccb-b28af0375c34@i-love.sakura.ne.jp> User-Agent: Mutt/1.5.17 (2007-11-01) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Dec 22, 2020 at 11:39:08PM +0900, Tetsuo Handa wrote: > For example, if uaccess_kernel() is "false" due to CONFIG_SET_FS=n, > isn't sg_check_file_access() failing to detect kernel context? sg_check_file_access does exactly the right thing - fail for all kernel threads as those can't support the magic it does. > For another example, if uaccess_kernel() is "false" due to CONFIG_SET_FS=n, > isn't TOMOYO unexpectedly checking permissions for socket operations? Can someone explain WTF TOMOYO is even doing there? A security module has absolutely no business checking what context it is called from, but must check the process credentials instead.