Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp3906183imw; Mon, 18 Jul 2022 17:11:14 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sAIhWHx/2sS279HWrBpoZlygbzeJanjKRj59g5DASKbJGTz9tclOtlY2FA80kTij4xxlO6 X-Received: by 2002:a17:907:2bde:b0:72b:4da0:6f3c with SMTP id gv30-20020a1709072bde00b0072b4da06f3cmr27898673ejc.623.1658189474254; Mon, 18 Jul 2022 17:11:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658189474; cv=none; d=google.com; s=arc-20160816; b=SJtdgpmNO3IO/M1swqkYqf0F1ABQUNginIXR6oIcGYs5ozjyFU8M49fIQccm7ramTx gkv1JnbEQOskQzob4agCNjRzZPGXzkrchaoqya41+dcghqmhvaw22ohI85E7cpzjhZC4 AyBvR7S2WLjmZWCJT5QnBaIuFa6g3L5CVYyzx3sXlDm2OlEI5GwntbTokRVLWbVKkFwE 5G+hpkfpPiBbDepmnE4lGnIjn3iVdJkPfWpfoFiFSFu8iv2MrrHUbfdQaSK0VTze0YLn Vien80/+WHJ5yojEJMpdq8qwHec+WHMySz3Jqu+dmhVRY54pZV4EzwAxM2scNQcHDK7B NYIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=Fdwo892EWIW1Y32bf4ujqomqp34wsbvkXOhTjTQ9ay0=; b=C58MSXhYm3GaJPDeapc8j1pIrVWIETc8rCbZ5Z4kPuusDQpbM8rmP85e3HO0cIiL0v nxjuI9w7Isj2xLQZMo2cMfZLjaNaMymeEGmcc5YmNO+mnn1dJ9ApTP777tAKndHBLb2n FeWgC/JDLjdSKbaMuqJpeIU45YipwFqRfWVsDE3NKNcRiVU+d4w/2eFMPGmDIDt6mFjM MYtSYyfw68+lNWruY2Hqi5OIqss88dDEmiv7eYzgLvMhkkBH34QGG6yi6+N4Y2TcdnPg Wf2PoY5QjbvxtLOwqRXGAWuVhSnObos52QUTPiyecyecRbpLuElCZjYzLI6YZAqZ7fT5 GlPA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=aXS8JPtW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k5-20020a50cb85000000b0043aa16f01fesi16318656edi.534.2022.07.18.17.10.50; Mon, 18 Jul 2022 17:11:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=aXS8JPtW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234765AbiGRXmk (ORCPT + 99 others); Mon, 18 Jul 2022 19:42:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52624 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229602AbiGRXmi (ORCPT ); Mon, 18 Jul 2022 19:42:38 -0400 Received: from mail-yw1-x1132.google.com (mail-yw1-x1132.google.com [IPv6:2607:f8b0:4864:20::1132]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 89FD626572 for ; Mon, 18 Jul 2022 16:42:37 -0700 (PDT) Received: by mail-yw1-x1132.google.com with SMTP id 00721157ae682-31d85f82f0bso123895987b3.7 for ; Mon, 18 Jul 2022 16:42:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Fdwo892EWIW1Y32bf4ujqomqp34wsbvkXOhTjTQ9ay0=; b=aXS8JPtW3rwTtIwwOgR/zbY6v6FY2W4CVb3aBvpsR5ecjHG0u0GKG4gs4gFtvTNe5e BTWCWs1k0Z3RUxwmU32J/keaD7EyrOkqcRZQGHKtNGtNRIguH0RxDkY4c5DmLXTG7tjl ShzIhCJ7m0Sxqh3yCv0kaZUWeyzG8bUZNqR+0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Fdwo892EWIW1Y32bf4ujqomqp34wsbvkXOhTjTQ9ay0=; b=4ZQV8k8pShIj8Vgl2a1SFt3Syn+BcGZI7BadaJvJio9Gx/fhV0SPXYOfQ4zPo9E9wi JDxUODLaxOqzi698eAO+chER11zuYilz7N+WngmipGbmKpXHNSQH0DYByQP3f61uZ4m4 zaMPX7CEEnaXUixZmJXQmtXJKM8S5pNIlP1fh5KPoh2nbtmUO8zyVyB5KTKTA2q5ySel xWXW5Ai2tK9VL10ietVxfFp8qtj85OYHR12bYmJX5oKviXDfq1jy1vTfcijp4iq5iD68 LSYdYZAbHufg17SgZe8Swv6uKyt8gUOS/Qeh3erAzCIdJp7u1Gf2ztPLllUECMSGyIEC PQEQ== X-Gm-Message-State: AJIora8/mS/b4xqzspDHllmIDdtSZ7FexGr6ie5nxGptqTJu3h3WznHR lm8ITf9Q8/DhLg6lu/rLrHR7S+XH8lzwfVz+69YXgA== X-Received: by 2002:a0d:d8d6:0:b0:31d:44f:e04b with SMTP id a205-20020a0dd8d6000000b0031d044fe04bmr34100749ywe.296.1658187756826; Mon, 18 Jul 2022 16:42:36 -0700 (PDT) MIME-Version: 1.0 References: <20220704000225.345536-1-dlunev@chromium.org> <20220704100221.1.I15b3f7a84ba5a97fde9276648e391b54957103ff@changeid> In-Reply-To: From: Daniil Lunev Date: Tue, 19 Jul 2022 09:42:26 +1000 Message-ID: Subject: Re: [dm-devel] [PATCH 1/1] dm: add message command to disallow device open To: Zdenek Kabelac Cc: Mikulas Patocka , dm-devel@redhat.com, Mike Snitzer , Brian Geffon , Alasdair Kergon , linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org We understand that if someone acquires root it is a game over. The intent of this mechanism is to reduce the attack surface. The exposure might be a certain system daemon that is exploited into accessing a wrong node in the filesystem. And exposing modifiable system memory is a pathway for further escalation and leaks of secrets. This is a defense in depth mechanism, that is intended to make attackers' lives harder even if they find an exploitable vulnerability. We understand that in regular situations people may not want the behaviour, that is why the mechanism is controlled via a side channel - if a message is never sent - the behaviour is not altered. --Daniil