Received: by 2002:ac0:e350:0:0:0:0:0 with SMTP id g16csp548621imn; Wed, 3 Aug 2022 15:10:49 -0700 (PDT) X-Google-Smtp-Source: AA6agR7d3LDk8NqNWbgFBs4ORP6u4jTygVvO1PEJEX9FU3sQrISX2K/KKKXj7vEsYmuFfHROSj23 X-Received: by 2002:a17:90b:30d4:b0:1f3:bfa:4c88 with SMTP id hi20-20020a17090b30d400b001f30bfa4c88mr7023975pjb.53.1659564649338; Wed, 03 Aug 2022 15:10:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1659564649; cv=none; d=google.com; s=arc-20160816; b=kxVToz0TT9VkTgMoYLA5bJyjuNAkQ8H57m+k9rYI9wbuhCqbtEAGd1vY82p/r3pofA hFKX83lX/tyFmIXSn1momMXQLjv5/w5Dj5OsGlI/kc/yVAfA39KWdYMK6TRogwFxwZfP 0vqqJxPEEMe707MpCkYA9nZYFJIgeUBtBqAVtsy2wRP5aj7zjQghu+ccCqik9sdh4RLS c36WBe+LS4pBmJKjxua6Sfw9ag9Zbh0C4f5Jf8Py9c2TNq78DEiNDaeCjlQkoZGvGqFS iIjmEEhsAqMq6fzGE9PtnDvLlikysEpNbPz/rC7g8lX4QKmpWAGc5FJ8eUUEng8TK5zE 9QiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=rnRr/xjqARQfemnOyekqmB9j/GQAW8CPw1yOQmJz+Jg=; b=OnRfmvzsZVe0a2eyZT2gGpivuBUMydrqPTK5Yg9V6n5ykyhfv/R2s55OKmUkwARKIL XKn5QG3jHNa9JDBiehI8CyT3ck4O64Tzr/OzwsB1fBQRqzGHcxpHKO+ddyiyacivy8nL yLaynfLC+GFHEdoKTx/yTjsnf1FxATPCwL1MSitbapVPyCBkczriJp+t0Hdisjc2k13d LpwLn40081zzQvu3mFu1PjnzkPVzzsrhBDTkSl2XuOCuFwsAxlvL09b5TMdXuJS+9BnX l8P7X/qpzXRdxwNbUGWgBZoNE1LyvQksOOD6vxRzrEjLmL4ZbK1EnhNmaHhInFj9ZcYt M7DA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="OQUSJ5C/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x16-20020a631710000000b0041b42d079dbsi19640933pgl.792.2022.08.03.15.10.35; Wed, 03 Aug 2022 15:10:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="OQUSJ5C/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236673AbiHCVuO (ORCPT + 99 others); Wed, 3 Aug 2022 17:50:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58508 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231407AbiHCVuL (ORCPT ); Wed, 3 Aug 2022 17:50:11 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B5F852EA for ; Wed, 3 Aug 2022 14:50:10 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 3DE78615C6 for ; Wed, 3 Aug 2022 21:50:10 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 34D1AC433C1; Wed, 3 Aug 2022 21:50:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1659563409; bh=BrvBHvTeL+xYbCEHOv5XtcAfbghOoBwnDllC6Zku4ac=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=OQUSJ5C/ZXkaqfUWtXHS8klUkGgUuyJSQXw6/UVA9VnVtj5BABuC27VkpbafcVLwA Rwq3+KpfYcjTGPxVW72XC6bm+Hs0cBlpSsR0GYzBVf76CeApznq0mIC7wH71/gyoJq b9IDbUonfZaKYQO9GLyvTWa2suud4t7iS2163CW760MUaL4u121NiBbFYLpw84vUyf qwyc8KKmcAD0I27z34GaExmsCRZtNodcQq8+3H3+1vn7BTqhGvVMURuJsxMVgmbfS3 H5K+y6AdVuT7staCL4MC5dm+M9QG3SzcmZzTKibT89grQxIfnj1ZwBvBx0XINmehq7 JOZNhL2DePcFQ== Date: Wed, 3 Aug 2022 21:49:50 +0000 From: Eric Biggers To: Daniil Lunev Cc: Zdenek Kabelac , Brian Geffon , Mike Snitzer , linux-kernel@vger.kernel.org, dm-devel@redhat.com, Mikulas Patocka , Alasdair Kergon Subject: Re: [dm-devel] [PATCH 1/1] dm: add message command to disallow device open Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-7.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Aug 04, 2022 at 06:44:53AM +1000, Daniil Lunev wrote: > > Have you also considered unlinking the device node (/dev/dm-$idx) from the > > filesystem after it has been set up for swap? > Yes, the node can be re-linked with mknod, thus is not a suitable solution. I thought you were trying to defend against path traversal attacks, not arbitrary code execution? If your threat model includes arbitrary code execution by root, you really need to be using SELinux. - Eric