Re: [PATCH v8 2/4] IB/core: Add rdma netlink helper functions

Tue, 04 Aug 2015 17:48:57 -0700 

On Mon, Aug 03, 2015 at 09:15:34PM -0600, Jason Gunthorpe wrote:
> On Thu, Jul 09, 2015 at 01:34:26PM -0400, kaike....@intel.com wrote:
> > From: Kaike Wan <kaike....@intel.com>
> > 
> > This patch adds a function to check if listeners for a netlink multicast
> > group are present. It also adds a function to receive netlink response
> > messages.
> > 
> > Signed-off-by: Kaike Wan <kaike....@intel.com>
> > Signed-off-by: John Fleck <john.fl...@intel.com>
> > Signed-off-by: Ira Weiny <ira.we...@intel.com>
> >  drivers/infiniband/core/netlink.c |   55 
> > +++++++++++++++++++++++++++++++++++++
> >  include/rdma/rdma_netlink.h       |    7 +++++
> >  2 files changed, 62 insertions(+), 0 deletions(-)
> > 
> > diff --git a/drivers/infiniband/core/netlink.c 
> > b/drivers/infiniband/core/netlink.c
> > index 23dd5a5..d47df93 100644
> > +++ b/drivers/infiniband/core/netlink.c
> > @@ -49,6 +49,14 @@ static DEFINE_MUTEX(ibnl_mutex);
> >  static struct sock *nls;
> >  static LIST_HEAD(client_list);
> >  
> > +int ibnl_chk_listeners(unsigned int group)
> > +{
> > +   if (netlink_has_listeners(nls, group) == 0)
> > +           return -1;
> > +   return 0;
> > +}
> > +EXPORT_SYMBOL(ibnl_chk_listeners);
> 
> I was thinking about this today, and, where is the security?
> 
> What prevents a non-root user from making the above true and/or worse?

We are using Netlink multicast.  I believe that netlink_bind only allows root
to bind to multicast.

static int netlink_bind(struct socket *sock, struct sockaddr *addr,
                        int addr_len)
{

...
        /* Only superuser is allowed to listen multicasts */
        if (groups) {
                if (!netlink_allowed(sock, NL_CFG_F_NONROOT_RECV))
                        return -EPERM;
                err = netlink_realloc_groups(sk);
                if (err)
                        return err;
        }
...


That said I have not tested the ability to change the timeout settings if one
were to bind without multicast and send a message.

I'll see if I can get some time to test this as Kaike is out on vacation.

Ira

--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to