* Why does CRYPTO_USER require CAP_NET_ADMIN?
@ 2014-04-05 14:43 Matthias-Christian Ott
2014-04-24 22:51 ` [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN Matthias-Christian Ott
0 siblings, 1 reply; 7+ messages in thread
From: Matthias-Christian Ott @ 2014-04-05 14:43 UTC (permalink / raw)
To: linux-crypto
If I'm not mistaken, CRYPTO_USER requires CAP_NET_ADMIN for all
requests. Is there any reason for this requirement for read-only requests?
I think read-only requests should not require CAP_NET_ADMIN. An example
where this is important is important is AF_ALG. I'm working on AF_ALG
support for GnuTLS, encryption and decryption via AF_ALG does not
require special capabilities. However, retrieving the cipher priority to
determine whether the cipher is hardware accelerated does require
CAP_NET_ADMIN.
Regards,
Matthias-Christian
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN
2014-04-05 14:43 Why does CRYPTO_USER require CAP_NET_ADMIN? Matthias-Christian Ott
@ 2014-04-24 22:51 ` Matthias-Christian Ott
2014-04-28 21:37 ` Marek Vasut
2014-05-08 14:01 ` Herbert Xu
0 siblings, 2 replies; 7+ messages in thread
From: Matthias-Christian Ott @ 2014-04-24 22:51 UTC (permalink / raw)
To: linux-crypto
[-- Attachment #1: Type: text/plain, Size: 485 bytes --]
CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information
provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules
and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that
processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher
details, such as cipher priorities, for AF_ALG.
Signed-off-by: Matthias-Christian Ott <ott@mirix.org>
---
crypto/crypto_user.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
[-- Attachment #2: 0001-crypto-user-Allow-CRYPTO_MSG_GETALG-without-CAP_NET_.patch --]
[-- Type: text/x-patch, Size: 1456 bytes --]
diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c
index 1512e41..aa906b8 100644
--- a/crypto/crypto_user.c
+++ b/crypto/crypto_user.c
@@ -265,6 +265,9 @@ static int crypto_update_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
LIST_HEAD(list);
+ if (!capable(CAP_NET_ADMIN))
+ return -EPERM;
+
if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
return -EINVAL;
@@ -295,6 +298,9 @@ static int crypto_del_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
struct crypto_alg *alg;
struct crypto_user_alg *p = nlmsg_data(nlh);
+ if (!capable(CAP_NET_ADMIN))
+ return -EPERM;
+
if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
return -EINVAL;
@@ -379,6 +385,9 @@ static int crypto_add_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
struct crypto_user_alg *p = nlmsg_data(nlh);
struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
+ if (!capable(CAP_NET_ADMIN))
+ return -EPERM;
+
if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
return -EINVAL;
@@ -466,9 +475,6 @@ static int crypto_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
type -= CRYPTO_MSG_BASE;
link = &crypto_dispatch[type];
- if (!capable(CAP_NET_ADMIN))
- return -EPERM;
-
if ((type == (CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE) &&
(nlh->nlmsg_flags & NLM_F_DUMP))) {
struct crypto_alg *alg;
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN
2014-04-24 22:51 ` [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN Matthias-Christian Ott
@ 2014-04-28 21:37 ` Marek Vasut
2014-04-30 19:23 ` Matthias-Christian Ott
2014-05-08 14:01 ` Herbert Xu
1 sibling, 1 reply; 7+ messages in thread
From: Marek Vasut @ 2014-04-28 21:37 UTC (permalink / raw)
To: Matthias-Christian Ott; +Cc: linux-crypto
On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote:
> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information
> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules
> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that
> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher
> details, such as cipher priorities, for AF_ALG.
>
> Signed-off-by: Matthias-Christian Ott <ott@mirix.org>
> ---
> crypto/crypto_user.c | 12 +++++++++---
> 1 file changed, 9 insertions(+), 3 deletions(-)
Can you please submit the patch using git send-email so we can properly review
it?
Thank you !
Best regards,
Marek Vasut
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN
2014-04-28 21:37 ` Marek Vasut
@ 2014-04-30 19:23 ` Matthias-Christian Ott
2014-05-01 10:53 ` Marek Vasut
0 siblings, 1 reply; 7+ messages in thread
From: Matthias-Christian Ott @ 2014-04-30 19:23 UTC (permalink / raw)
To: Marek Vasut; +Cc: linux-crypto
On 04/28/14 23:37, Marek Vasut wrote:
> On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote:
>> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information
>> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules
>> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that
>> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher
>> details, such as cipher priorities, for AF_ALG.
>>
>> Signed-off-by: Matthias-Christian Ott <ott@mirix.org>
>> ---
>> crypto/crypto_user.c | 12 +++++++++---
>> 1 file changed, 9 insertions(+), 3 deletions(-)
>
> Can you please submit the patch using git send-email so we can properly review
> it?
git-send-email or more specifically Net::SMTP only works with IPv4. The
SMTP server I use for submission only listens IPv6 addresses. Moreover,
TLS seems broken. I patched Net::SMTP to use IO::Socket::INET6 but gave
up because of the TLS issues and used git format-patch and git imap-send.
Regards,
Matthias-Christian
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN
2014-04-30 19:23 ` Matthias-Christian Ott
@ 2014-05-01 10:53 ` Marek Vasut
2014-05-03 23:45 ` Matthias-Christian Ott
0 siblings, 1 reply; 7+ messages in thread
From: Marek Vasut @ 2014-05-01 10:53 UTC (permalink / raw)
To: Matthias-Christian Ott; +Cc: linux-crypto
On Wednesday, April 30, 2014 at 09:23:40 PM, Matthias-Christian Ott wrote:
> On 04/28/14 23:37, Marek Vasut wrote:
> > On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote:
> >> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information
> >> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules
> >> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that
> >> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher
> >> details, such as cipher priorities, for AF_ALG.
> >>
> >> Signed-off-by: Matthias-Christian Ott <ott@mirix.org>
> >> ---
> >>
> >> crypto/crypto_user.c | 12 +++++++++---
> >> 1 file changed, 9 insertions(+), 3 deletions(-)
> >
> > Can you please submit the patch using git send-email so we can properly
> > review it?
>
> git-send-email or more specifically Net::SMTP only works with IPv4. The
> SMTP server I use for submission only listens IPv6 addresses. Moreover,
> TLS seems broken. I patched Net::SMTP to use IO::Socket::INET6 but gave
> up because of the TLS issues and used git format-patch and git imap-send.
You can always set up a separate mailserver or use one of the many free-to-use
mailservers to follow the agreed-upon submission process, right?
Of course, patches for Net::SMTP are welcome.
Best regards,
Marek Vasut
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN
2014-05-01 10:53 ` Marek Vasut
@ 2014-05-03 23:45 ` Matthias-Christian Ott
0 siblings, 0 replies; 7+ messages in thread
From: Matthias-Christian Ott @ 2014-05-03 23:45 UTC (permalink / raw)
To: Marek Vasut; +Cc: linux-crypto
On 05/01/14 12:53, Marek Vasut wrote:
> On Wednesday, April 30, 2014 at 09:23:40 PM, Matthias-Christian Ott wrote:
>> On 04/28/14 23:37, Marek Vasut wrote:
>>> On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote:
>>>> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information
>>>> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules
>>>> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that
>>>> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher
>>>> details, such as cipher priorities, for AF_ALG.
>>>>
>>>> Signed-off-by: Matthias-Christian Ott <ott@mirix.org>
>>>> ---
>>>>
>>>> crypto/crypto_user.c | 12 +++++++++---
>>>> 1 file changed, 9 insertions(+), 3 deletions(-)
>>>
>>> Can you please submit the patch using git send-email so we can properly
>>> review it?
>>
>> git-send-email or more specifically Net::SMTP only works with IPv4. The
>> SMTP server I use for submission only listens IPv6 addresses. Moreover,
>> TLS seems broken. I patched Net::SMTP to use IO::Socket::INET6 but gave
>> up because of the TLS issues and used git format-patch and git imap-send.
>
> You can always set up a separate mailserver or use one of the many free-to-use
> mailservers to follow the agreed-upon submission process, right?
I don't comment on this statement to keep this discussion focused (send
me a private email if you want to discuss it).
I did try to submit the email directly (with SPF disabled) from git
send-email to vger.kernel.org but vger.kernel.org uses greylisting, so I
can't help you with that.
Can you simply copy the file that was attached on the first email I
sent, save it to the filesystem and simply commit it in git? You would
have to do this anyway if I filed a bug in the Kernel Bug Tracker. So
there is an “agreed-upon submission process” to commit a file.
> Of course, patches for Net::SMTP are welcome.
I reported the bug and someone who actually knows Perl is working on it.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN
2014-04-24 22:51 ` [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN Matthias-Christian Ott
2014-04-28 21:37 ` Marek Vasut
@ 2014-05-08 14:01 ` Herbert Xu
1 sibling, 0 replies; 7+ messages in thread
From: Herbert Xu @ 2014-05-08 14:01 UTC (permalink / raw)
To: Matthias-Christian Ott; +Cc: linux-crypto
On Thu, Apr 24, 2014 at 10:51:06PM +0000, Matthias-Christian Ott wrote:
>
> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information
> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules
> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that
> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher
> details, such as cipher priorities, for AF_ALG.
>
> Signed-off-by: Matthias-Christian Ott <ott@mirix.org>
Patch applied.
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2014-05-08 14:01 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-04-05 14:43 Why does CRYPTO_USER require CAP_NET_ADMIN? Matthias-Christian Ott
2014-04-24 22:51 ` [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN Matthias-Christian Ott
2014-04-28 21:37 ` Marek Vasut
2014-04-30 19:23 ` Matthias-Christian Ott
2014-05-01 10:53 ` Marek Vasut
2014-05-03 23:45 ` Matthias-Christian Ott
2014-05-08 14:01 ` Herbert Xu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.