Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp5640035rwl; Tue, 4 Apr 2023 01:09:37 -0700 (PDT) X-Google-Smtp-Source: AKy350bbg10eh94b04OdggEzzQsZtTJSjuYZAGHSYPxOFuFqyMkknQnY2Xv4urVjg/knyYpxkqEW X-Received: by 2002:a05:6402:8c8:b0:502:1cae:8b11 with SMTP id d8-20020a05640208c800b005021cae8b11mr1873311edz.23.1680595777676; Tue, 04 Apr 2023 01:09:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680595777; cv=none; d=google.com; s=arc-20160816; b=LIJ9o3CdFgJTdscVIxKv3aC5i8bwCb4bikLgF/YHbX53J6n7AiW8SkAuYwFrw8MQEH 1y3AYGC1XvnzH47+YHrH4AyJcJmKGVOPMxanVde09ZyNWTU/Nhg3abl8QjFB/ROrYDvF j4qXqvE5Zy37HQtn5Muld8oPO3Oq1WQMfY6wpPv/FGNllT0qkE4SdmOibeNXIoRXVWBs keex1+djF1XJtzBhToWVrHn81sDJaIVZbGn8jYsmsy8iBq7kNzR64hjFgUPLgsSKY4RS E3i9oD+5SKiMNgf5IPe49pYStvWTTaopf/WJ9dWYp4NnmpoBeAiS3a0mFnmQYbJiTSlg rf3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:dkim-signature :from; bh=h5YSD0b6n1ur7Uw863f+KmXNdWrxPKy0G+svtitsFNQ=; b=04SRC0EJZuNR1wqP9Z0ef29tTXV2nuLhdMZFEgiaOR0cMyQlNmn/h7nCAC/ThzUT71 RaMh/FyeYnpSdCxyVdId2HEkGc1TvZFLvfhBHGtrGDCJP+vmonJ/d4BWNlqE6AVvBQ13 hxSM3yHGPWXLIbVEJw8ynUEtSyWGuD85u5Zt0kju863iJMTTXroWV2v9DHMV5eeDDcGd d8jtgKsXQfPFoIowVwZqqOTJ1DiWFn+lii3xgTbmL3h63FY/Jf2G88S/0XQG+wbEx2bS G17b5IIm49rDDGaIQ/fRoZE2cYoLdXyTg19zSqwpvMmhHrbR6l35jhMLkkRP22cCmy1N ORiA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@swemel.ru header.s=mail header.b=doxk0rpP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=swemel.ru Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j8-20020aa7ca48000000b004ad7c7c307bsi1339271edt.567.2023.04.04.01.09.12; Tue, 04 Apr 2023 01:09:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@swemel.ru header.s=mail header.b=doxk0rpP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=swemel.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233952AbjDDIAb (ORCPT + 99 others); Tue, 4 Apr 2023 04:00:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34694 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229629AbjDDIAa (ORCPT ); Tue, 4 Apr 2023 04:00:30 -0400 Received: from mx.swemel.ru (mx.swemel.ru [95.143.211.150]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E7FE41984; Tue, 4 Apr 2023 01:00:27 -0700 (PDT) From: Denis Arefev DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=swemel.ru; s=mail; t=1680595224; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=h5YSD0b6n1ur7Uw863f+KmXNdWrxPKy0G+svtitsFNQ=; b=doxk0rpPrOZfR2wNi0dfIIaGSuCKlD6shtLHnqIyjuntp7ml8T7Xg5wro39jqjtwsQTJsf +3MmjyPrZHPET9tYTKxZEVcTiRwGDPG6UDvB/ogi8RbvX70qTb5Ne4dGt+jg7yHuAqSqtp CjrMyaAfaRx/VutMFyinCEbg4Szow38= To: alexander.duyck@gmail.com Cc: arefev@swemel.ru, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, pabeni@redhat.com, trufanov@swemel.ru, vfh@swemel.ru Subject: [PATCH] net: Added security socket Date: Tue, 4 Apr 2023 11:00:24 +0300 Message-Id: <20230404080024.31121-1-arefev@swemel.ru> In-Reply-To: <30549453e8a40bb4f80f84e1a1427149b6b8b9e8.camel@gmail.com> References: <30549453e8a40bb4f80f84e1a1427149b6b8b9e8.camel@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=2.3 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SORTED_RECIPS,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Alexander. I understand your concern. That's right kernel_connect is in kernel space, but kernel_connect is used in RPC requests (/net/sunrpc/xprtsock.c), and the RPC protocol is used by the NFS server. Note kernel_sendmsg is already protected.