Re: [PATCH] Add audit uid to netlink credentials

netdev

Re: [PATCH] Add audit uid to netlink credentials

To:	Stephen Smalley <sds@xxxxxxxxxxxxxx>
Subject:	Re: [PATCH] Add audit uid to netlink credentials
From:	Patrick McHardy <kaber@xxxxxxxxx>
Date:	Wed, 09 Feb 2005 15:10:08 +0100
Cc:	Linux Audit Discussion <linux-audit@xxxxxxxxxx>, "Serge E. Hallyn" <serue@xxxxxxxxxx>, netdev@xxxxxxxxxxx, davem@xxxxxxxxxxxxx, kuznet@xxxxxxxxxxxxx
In-reply-to:	<1107956079.17568.42.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
References:	<20050204165840.GA2320@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.62.0502080658310.32526@xxxxxxxxxxxxxxxxxx> <1107956079.17568.42.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.5) Gecko/20050106 Debian/1.7.5-1

Stephen Smalley wrote:

On Tue, 2005-02-08 at 01:04, Patrick McHardy wrote:

Reception of netlink messages in the kernel happens in the context
of the sending process, so you can simply call
audit_get_loginuid(current->audit_context) in audit_receive_msg().


Then why does netlink_sendmsg() need to save the effective capability
set of the sender in the control buffer (via security_netlink_send) for
later checking by other receive functions in the kernel (via
security_netlink_recv)?

It looks like it doesn't need to, I guess it was copied fromnetlink_sendmsg.

netlink transmission to userspace is asynchronous, some values need to be
saved, but userspace->kernel transmission is synchronous.

What prevents audit_receive() or other similar
receive functions in the kernel from processing messages sent by
multiple senders?

Multiple messages from multiple senders are handled by multiple calls to
the input function. Check netlink_kernel_create() and netlink_data_ready().

Regards
Patrick

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH] Add audit uid to netlink credentials, Serge E. Hallyn Re: [PATCH] Add audit uid to netlink credentials, Patrick McHardy Re: [PATCH] Add audit uid to netlink credentials, Stephen Smalley Re: [PATCH] Add audit uid to netlink credentials, Patrick McHardy <= Re: [PATCH] Add audit uid to netlink credentials, Alexey Kuznetsov Re: [PATCH] Add audit uid to netlink credentials, Alexey Kuznetsov Re: [PATCH] Add audit uid to netlink credentials, Patrick McHardy Re: [PATCH] Add audit uid to netlink credentials, Stephen Smalley Re: [PATCH] Add audit uid to netlink credentials, David Woodhouse Re: [PATCH] Add audit uid to netlink credentials, Serge Hallyn Re: [PATCH] Add audit uid to netlink credentials, Stephen Smalley Re: [PATCH] Add audit uid to netlink credentials, Chris Wright Re: [PATCH] Add audit uid to netlink credentials, Stephen Smalley Re: [PATCH] Add audit uid to netlink credentials, Chris Wright

Previous by Date:	Re: [PATCH] Add audit uid to netlink credentials, Stephen Smalley
Next by Date:	Re: [PATCH] Add audit uid to netlink credentials, David Woodhouse
Previous by Thread:	Re: [PATCH] Add audit uid to netlink credentials, Stephen Smalley
Next by Thread:	Re: [PATCH] Add audit uid to netlink credentials, Alexey Kuznetsov
Indexes:	[Date] [Thread] [Top] [All Lists]