public inbox for netdev@vger.kernel.org 
 help / color / mirror / Atom feed

From: Michael Tokarev <mjt@tls•msk.ru>
To: David Miller <davem@davemloft•net>
Cc: penguin-kernel@I-love•SAKURA.ne.jp, casey@schaufler-ca•com,
	anton@samba•org, netdev@vger•kernel.org,
	linux-security-module@vger•kernel.org
Subject: Re: [PATCH] net: Fix security_socket_sendmsg() bypass problem.
Date: Sat, 23 Jul 2011 11:04:19 +0400	[thread overview]
Message-ID: <4E2A7273.7030504@msgid.tls.msk.ru> (raw)
In-Reply-To: <20110722.082224.688620059032914637.davem@davemloft.net>

22.07.2011 19:22, David Miller wrote:
> From: Tetsuo Handa <penguin-kernel@I-love•SAKURA.ne.jp>
> Date: Sat, 23 Jul 2011 00:12:53 +0900
> 
>> I think the regression for SMACK can be fixed with below patch.
>>
>> Should I pass nosec flags down to "struct security_operations"->sendmsg()
>> so that SELinux checks sock_has_perm() for only once when multiple different
>> destination's addresses are passed to sendmmsg()?
>>
>> static int selinux_socket_sendmsg(struct socket *sock, struct msghdr *msg,
>> 				  int size, int nosec)
>> {
>> 	return nosec ? 0 : sock_has_perm(current, sock->sk, SOCKET__WRITE);
>> }
> 
> Ugh, this takes away a non-trivial part of the performance gain of
> sendmmsg().
> 
> I would instead rather that you check ahead of time whether this
> actually is a send to different addresses.  If they are all the
> same, keep the nosec code path.

Why to optimize for this case when destination addresses are the
same?  How common this usage case is, or even where it _can_
happen alot (I noticed samba.org address in the Cc list).

When I saw recvmmsg()/sendmmsg() here, my first thought was an
authoritative DNS server which can read several requests at a
time and answer them all at once too - this way it all will go
to different addresses.

I understand the initial change takes away good portion of
performance improvement, but I think the optimisation should
be performed in a different place than for a not-so-common
cenario.

Thanks,

/mjt

next prev parent reply	other threads:[~2011-07-23  7:04 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <201107110304.p6B34422036886@www262.sakura.ne.jp>
     [not found] ` <201107191754.22391.paul.moore@hp.com>
     [not found]   ` <201107200142.p6K1gKYg077046@www262.sakura.ne.jp>
     [not found]     ` <201107211721.14511.paul.moore@hp.com>
2011-07-22 11:41       ` Question regarding sendmmsg() Tetsuo Handa
2011-07-22 12:27         ` Tetsuo Handa
2011-07-22 15:12           ` [PATCH] net: Fix security_socket_sendmsg() bypass problem Tetsuo Handa
2011-07-22 15:22             ` David Miller
2011-07-22 17:42               ` Tetsuo Handa
2011-07-22 18:31                 ` Tetsuo Handa
2011-07-23  5:20                   ` Tetsuo Handa
2011-07-23  7:04               ` Michael Tokarev [this message]
2011-07-23 10:39                 ` Tetsuo Handa
2011-07-25 12:20                   ` Anton Blanchard
2011-07-25 13:15                     ` Tetsuo Handa
2011-07-25 15:44                       ` Casey Schaufler
2011-07-25 16:43                         ` Tetsuo Handa
2011-07-25 17:00                           ` Casey Schaufler
2011-07-26  9:55                           ` Anton Blanchard
2011-07-26 11:21                             ` Tetsuo Handa
2011-07-26 13:58                               ` Eric Paris
2011-07-28  3:36                                 ` Tetsuo Handa
2011-08-02  6:07                                   ` David Miller
2011-08-02  9:28                                     ` Tetsuo Handa
2011-08-02 11:18                                       ` David Miller
2011-08-02 11:26                                         ` David Miller
2011-08-02 11:52                                           ` Tetsuo Handa
2011-08-02 12:01                                             ` David Miller
2011-08-02 13:11                                               ` Tetsuo Handa
2011-08-03  3:25                                                 ` Tetsuo Handa
2011-08-03  3:38                                                   ` David Miller
2011-08-03  3:47                                                     ` Anton Blanchard
2011-08-03 12:20                                                       ` Tetsuo Handa
2011-08-03 13:29                                                         ` Anton Blanchard
2011-08-03 13:37                                                           ` Eduard Sinelnikov
2011-08-03 21:50                                                           ` Tetsuo Handa
2011-08-04 12:56                                                             ` Anton Blanchard
2011-08-03 13:54                                                   ` Anton Blanchard
2011-07-26 20:30         ` Question regarding sendmmsg() Paul Moore

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E2A7273.7030504@msgid.tls.msk.ru \
    --to=mjt@tls$(echo .)msk.ru \
    --cc=anton@samba$(echo .)org \
    --cc=casey@schaufler-ca$(echo .)com \
    --cc=davem@davemloft$(echo .)net \
    --cc=linux-security-module@vger$(echo .)kernel.org \
    --cc=netdev@vger$(echo .)kernel.org \
    --cc=penguin-kernel@I-love$(echo .)SAKURA.ne.jp \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox