'Re: RFC: raw1394 security sandbox patch'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux1394-devel
Subject:    Re: RFC: raw1394 security sandbox patch
From:       Stefan Richter <stefanr () s5r6 ! in-berlin ! de>
Date:       2006-09-27 17:05:30
Message-ID: 451AAF5A.50303 () s5r6 ! in-berlin ! de
[Download RAW message or body]

Dan Dennedy wrote:
> On Tuesday 26 September 2006 01:36, Stefan Richter wrote:
>> What if we deny async read/write/lock access by default but enable it
>> (for address ranges or totally) if a device was bound to the raw1394
>> driver?
...
> However, I do not see a way 
> to directly use raw1394_id_table without iterating over devices to find the 
> one matching by nodeid. I am still invoking driver_find_device()
...

I had a brief look if there could be a useful lookup function exported
from nodemgr but wasn't satisfied with what I found on first take.
Still, this will involve iterations over lists anyway.

>> Of course this would make unprivileged access impossible until nodemgr
>> finished rescanning the node after each bus reset, or with
>> ieee1394.disable_nodemgr=1.
> 
> The only problem I forsee is the timing between nodemgr and protocol libs on 
> bus reset. The libs are not doing anything on reset, but the apps using the 
> libs could be using the libs immediately. As long as raw1394 returns EAGAIN 
> during reset pending nodemgr completion, libavc1394, librom1394, libice61883, 
> and libdc1394 will act appropriately. I know raw1394 does not check 
> in_bus_reset, but lower levels do. So, I am not yet sure if EAGAIN will be 
> issued in that situation.

We actually have to check for hpsb_node_entry_valid(). Only this tells
us if a node's identity was confirmed by nodemgr after a bus reset.

So it all comes with costs. Therefore a security-wise weaker but simpler
to code static check shouldn't be ruled out yet. I will probably need a
few days until I can check the SBP-2 target agents' address spaces
around here.
-- 
Stefan Richter
-=====-=-==- =--= ==-==
http://arcgraph.de/sr/

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
mailing list linux1394-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux1394-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic