From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751558AbbIKAnO (ORCPT ); Thu, 10 Sep 2015 20:43:14 -0400 Received: from out03.mta.xmission.com ([166.70.13.233]:36739 "EHLO out03.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751196AbbIKAnM (ORCPT ); Thu, 10 Sep 2015 20:43:12 -0400 From: ebiederm@xmission.com (Eric W. Biederman) To: "Michael J. Coss" Cc: gregkh@linuxfoundation.org, davem@davemloft.net, linux-kernel@vger.kernel.org, containers@lists.linuxcontainers.org, serge.hallyn@ubuntu.com, stgraber@ubuntu.com References: <51c185b6fa89f0b8e9e7dcaffb3c21c975c84302.1441762578.git.michael.coss@alcatel-lucent.com> Date: Thu, 10 Sep 2015 19:36:04 -0500 In-Reply-To: <51c185b6fa89f0b8e9e7dcaffb3c21c975c84302.1441762578.git.michael.coss@alcatel-lucent.com> (Michael J. Coss's message of "Tue, 8 Sep 2015 22:10:28 -0400") Message-ID: <87zj0tyeq3.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-AID: U2FsdGVkX19y8Hh0MZFqm4eQ4MCE/9bg2JHDw1lhoq8= X-SA-Exim-Connect-IP: 67.3.201.231 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.7 XMSubLong Long Subject * 1.5 XMNoVowels Alpha-numberic number with no vowels * 0.0 TVD_RCVD_IP Message was received from an IP address * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * -0.0 BAYES_40 BODY: Bayes spam probability is 20 to 40% * [score: 0.2061] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa07 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject * 0.0 T_TooManySym_02 5+ unique symbols in subject X-Spam-DCC: XMission; sa07 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: *;"Michael J. Coss" X-Spam-Relay-Country: X-Spam-Timing: total 330 ms - load_scoreonly_sql: 0.03 (0.0%), signal_user_changed: 4.4 (1.3%), b_tie_ro: 3.1 (0.9%), parse: 2.2 (0.7%), extract_message_metadata: 18 (5.5%), get_uri_detail_list: 2.0 (0.6%), tests_pri_-1000: 7 (2.0%), tests_pri_-950: 1.59 (0.5%), tests_pri_-900: 1.31 (0.4%), tests_pri_-400: 20 (6.2%), check_bayes: 19 (5.8%), b_tokenize: 5 (1.5%), b_tok_get_all: 6 (1.9%), b_comp_prob: 1.81 (0.5%), b_tok_touch_all: 3.0 (0.9%), b_finish: 0.90 (0.3%), tests_pri_0: 260 (78.8%), tests_pri_500: 9 (2.7%), rewrite_mail: 0.00 (0.0%) Subject: Re: [PATCH 1/3] lib/kobject_uevent.c: disable broadcast of uevents to other namespaces X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Wed, 24 Sep 2014 11:00:52 -0600) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org "Michael J. Coss" writes: > Restrict sending uevents to only those listeners operating in the same > network namespace as the system init process. This is the first step > toward allowing policy control of the forwarding of events to other > namespaces in userspace. This limitation whould be better if we only skipped network namespaces where you are sending spoofed uevents. As it sits this has the possibility to break userspace. Eric > Signed-off-by: Michael J. Coss > --- > lib/kobject_uevent.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/lib/kobject_uevent.c b/lib/kobject_uevent.c > index f6c2c1e..d791e33 100644 > --- a/lib/kobject_uevent.c > +++ b/lib/kobject_uevent.c > @@ -295,6 +295,10 @@ int kobject_uevent_env(struct kobject *kobj, enum kobject_action action, > if (!netlink_has_listeners(uevent_sock, 1)) > continue; > > + /* forward event only to the host systems network namespaces */ > + if (!net_eq(sock_net(uevent_sock), &init_net)) > + continue; > + > /* allocate message with the maximum possible size */ > len = strlen(action_string) + strlen(devpath) + 2; > skb = alloc_skb(len + env->buflen, GFP_KERNEL);